5 exercises on Kubernetes NetworkPolicy vocabulary.
0 / 5 completed
1 / 5
What does a Kubernetes NetworkPolicy control?
NetworkPolicy: defines rules for which pods can communicate, based on pod/namespace selectors and ports, implementing micro-segmentation within the cluster.
2 / 5
What is the default pod connectivity in Kubernetes without any NetworkPolicy?
Default allow: by default the cluster is fully open; pods can reach any other pod. Applying a policy that selects a pod switches it to default-deny for the specified direction.
3 / 5
Once a pod is selected by an ingress NetworkPolicy, what happens to unmatched ingress traffic?
Selection effect: selecting a pod for ingress flips it to deny-by-default for ingress; only flows matching an allow rule get through.
4 / 5
What is required for NetworkPolicies to actually take effect?
CNI enforcement: NetworkPolicy is just an API object; the cluster's network plugin must support and enforce it, or policies are silently ignored.
5 / 5
How can you express an egress restriction in a NetworkPolicy?
Egress rules: NetworkPolicy supports an egress section to limit outbound destinations, useful for restricting which external services a workload may reach.