CKA-Certified-Kubernetes-Administrator-2022
I have recently taken the CKA exam and I am interested in preparing you for the exam by sharing sample questions that you may face in the exam.
5. Create a new NetworkPolicy name allow-port-from-namespace that allows Pods in the existing namespace echo to connect to port 9000 of other Pods in the same namespace, Ensure that the new NetworkPolicy:
* does not allow access to Pods not listening on port 9000
* does not allow access from Pods not in namespace internal
Answer
- First, you should search “NetworkPolicy” in the kubernetes.io document and then copy the first NetworkPolicy YAML file and then delete unused lines, finally, the below YAML file will remain:
# vim networkpol.yaml
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: all-port-from-namespace #This line is changed
namespace: echo #This line should be changed
spec:
podSelector:
matchLabels: {}
ingress:
- from:
- namespaceSelector:
matchLabels:
name: internal #This line is changed
- podSelector: {}
ports:
- port: 9000 #This line is changed
- Then you should create network policy with
# kubectl create -f networkpol.yaml