-
Notifications
You must be signed in to change notification settings - Fork 241
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Kubernetes Network Policies not enforced #185
Comments
@marrobi Could you please share the policy definition yaml with me? Thanks! |
@marrobi Thanks for the feedback! This issue is fixed in Azure/acs-engine#3426. |
Thanks for the fast turnaround! |
@marrobi No problem. Your feedback is very valuable to us! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is this a request for help?:
Yes
h component (CNI/IPAIs this an ISSUE or FEATURE REQUEST? (choose one):
Issue
Which release version?:
azure-npm:v0.0.3
Which component (CNI/IPAM/CNM/CNS):
Network Policy Manager
Which Operating System (Linux/Windows):
Linux - AKS
Which Orchestrator and version (e.g. Kubernetes, Docker)
Kubernetes
What happened:
Deployed https://github.com/Azure/acs-engine/blob/master/parts/k8s/addons/kubernetesmasteraddons-azure-npm-daemonset.yaml . Tried https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/04-deny-traffic-from-other-namespaces.md. Pod still accessible from other namespaces. Samples using pod selectors do seem to work.
What you expected to happen:
Traffic to be blocked from outside the namespace.
How to reproduce it (as minimally and precisely as possible):
Deploy AKs with advanced networking. Deploy https://github.com/Azure/acs-engine/blob/master/parts/k8s/addons/kubernetesmasteraddons-azure-npm-daemonset.yaml . Follow: https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/04-deny-traffic-from-other-namespaces.md.
The text was updated successfully, but these errors were encountered: