July 2019
Intermediate to advanced
502 pages
14h
English
Content preview from Hands-On Microservices with Kubernetes
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Dividing and conquering your network
In addition to authentication as part of defense in depth, you can ensure that services talk to each other only if they're supposed to by utilizing namespaces and network policies. Namespaces are a very intuitive yet powerful concept. However, on their own, they don't prevent pods in the same cluster from communicating with each other. In Kubernetes, all the pods in a cluster share the same flat networking address space. This is one of the great simplifications of the Kubernetes networking module. Your pods can be on the same nodes or a different node – it doesn't matter.
Each pod will have its own IP address (even if multiple pods run on the same physical node or VM with a single IP address). This is ...