January 2020
Intermediate to advanced
640 pages
16h 56m
English
Content preview from Hands-On Software Engineering with Golang
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Locking down access to our Kubernetes cluster using network policies
As the number of microservices begins to increase, it is probably a good time to start thinking more actively about security. Do we really want each and every pod in our cluster to be able to access every other pod across all namespaces? Truth be told, for our current deployment, it is not that important. However, for larger projects, that's definitely a question that you need to answer.
Kubernetes offers a special type of resource called NetworkPolicy to assist us with the creation of fine-grained rules for governing access to namespaces and pods. A prerequisite to creating and enforcing network policies is for your cluster to run with the cni network plugin enabled and ...