PdfPrep.com

CORRECT TEXT

CORRECT TEXT

You can switch the cluster/configuration context using the following command:

[desk@cli] $ kubectl config use-context dev

A default-deny NetworkPolicy avoid to accidentally expose a Pod in a namespace that doesn’t have any other NetworkPolicy defined.

Task: Create a new default-deny NetworkPolicy named deny-network in the namespace test for all traffic of type Ingress + Egress

The new NetworkPolicy must deny all Ingress + Egress traffic in the namespace test.

Apply the newly created default-deny NetworkPolicy to all Pods running in namespace test.

You can find a skeleton manifests file at /home/cert_masters/network-policy.yaml

Answer: master1 $ k get pods -n test –show-labels

✑ uk.co.certification.simulator.questionpool.PList@e614300 $ vim netpol.yaml

✑ uk.co.certification.simulator.questionpool.PList@e6144a0 master1 $ k apply -f netpol.yaml

Explanationcontrolplane $ k get pods -n test –show-labels

NAME READY STATUS RESTARTS AGE LABELS test-pod 1/1 Running 0 34s role=test,run=test-pod testing 1/1 Running 0 17d run=testing master1 $ vim netpol1.yaml

apiVersion: networking.k8s.io/v1

kind: NetworkPolicy

metadata:

name: deny-network

namespace: test

spec:

podSelector: {}

policyTypes:

– Ingress

– Egress

Exit mobile version