{"id":30583,"date":"2022-07-13T21:01:58","date_gmt":"2022-07-13T21:01:58","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=30583"},"modified":"2025-10-09T06:44:48","modified_gmt":"2025-10-09T06:44:48","slug":"kubernetes-cks-network-policy-example-code","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/kubernetes-cks-network-policy-example-code\/","title":{"rendered":"Kubernetes Tutorials: What is Network Policy & Example Code"},"content":{"rendered":"\n
\n\n\n\n

If you want to control traffic flow at the IP address or port level (OSI layer 3 or 4), then you might consider using Kubernetes NetworkPolicies for particular applications in your cluster. NetworkPolicies are an application-centric construct which allow you to specify how a pod<\/a> is allowed to communicate with various network “entities” (we use the word “entity” here to avoid overloading the more common terms such as “endpoints” and “services”, which have specific Kubernetes connotations) over the network. NetworkPolicies apply to a connection with a pod on one or both ends, and are not relevant to other connections.<\/p>\n\n\n\n

The entities that a Pod can communicate with are identified through a combination of the following 3 identifiers:<\/p>\n\n\n\n

  1. Other pods that are allowed (exception: a pod cannot block access to itself)<\/li>
  2. Namespaces that are allowed<\/li>
  3. IP blocks (exception: traffic to and from the node where a Pod is running is always allowed, regardless of the IP address of the Pod or the node)<\/li><\/ol>\n\n\n\n

    When defining a pod- or namespace- based NetworkPolicy, you use a selector<\/a> to specify what traffic is allowed to and from the Pod(s) that match the selector.<\/p>\n\n\n\n

    Meanwhile, when IP based NetworkPolicies are created, we define policies based on IP blocks (CIDR ranges).<\/p>\n\n\n\n

    \n\n\n\n

    Sample Code – https:\/\/github.com\/devopsschool-sample-programs\/kubernetes-network-policy-recipes<\/strong><\/p>\n\n\n\n

    \n\n\n\n
    \"\"<\/figure>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    \n\n\n\n

    Example Use Cases<\/h3>\n\n\n\n

    Below is a brief list of common use cases for Network Policies. You can find more use case examples with sample manifests at the kubernetes-networkpolicy-tutorial<\/a> on GitHub.<\/p>\n\n\n\n