Kubernetes指南
Linux性能优化实战eBPF 核心技术与实战SDN指南个人博客
EN
EN
  • Overview
  • Introduction
    • Kubernetes Introduction
    • Kubernetes Concepts
    • Kubernetes 101
    • Kubernetes 201
    • Kubernetes Cluster
  • Concepts
    • Concepts
    • Architecture
    • Design Principles
    • Components
      • etcd
      • kube-apiserver
      • kube-scheduler
      • kube-controller-manager
      • kubelet
      • kube-proxy
      • kube-dns
      • Federation
      • kubeadm
      • hyperkube
      • kubectl
    • Objects
      • Autoscaling
      • ConfigMap
      • CronJob
      • CustomResourceDefinition
      • DaemonSet
      • Deployment
      • Ingress
      • Job
      • LocalVolume
      • Namespace
      • NetworkPolicy
      • Node
      • PersistentVolume
      • Pod
      • PodPreset
      • ReplicaSet
      • Resource Quota
      • Secret
      • SecurityContext
      • Service
      • ServiceAccount
      • StatefulSet
      • Volume
  • Setup
    • Setup Guidance
    • kubectl Install
    • Single Machine
    • Feature Gates
    • Best Practice
    • Version Support
    • Setup Cluster
      • kubeadm
      • kops
      • Kubespray
      • Azure
      • Windows
      • LinuxKit
      • kubeasz
    • Setup Addons
      • Addon-manager
      • DNS
      • Dashboard
      • Monitoring
      • Logging
      • Metrics
      • GPU
      • Cluster Autoscaler
      • ip-masq-agent
  • Extension
    • API Extension
      • Aggregation
      • CustomResourceDefinition
    • Access Control
      • Authentication
      • RBAC Authz
      • Admission
    • Scheduler Extension
    • Network Plugin
      • CNI
      • Flannel
      • Calico
      • Weave
      • Cilium
      • OVN
      • Contiv
      • SR-IOV
      • Romana
      • OpenContrail
      • Kuryr
    • Container Runtime
      • CRI-tools
      • Frakti
    • Storage Driver
      • CSI
      • FlexVolume
      • glusterfs
    • Network Policy
    • Ingress Controller
      • Ingress + Letsencrypt
      • minikube Ingress
      • Traefik Ingress
      • Keepalived-VIP
    • Cloud Provider
    • Device Plugin
  • Cloud Native Apps
    • Apps Management
      • Patterns
      • Rolling Update
      • Helm
      • Operator
      • Service Mesh
      • Linkerd
      • Linkerd2
    • Istio
      • Deploy
      • Traffic Management
      • Security
      • Policy
      • Metrics
      • Troubleshooting
      • Community
    • Devops
      • Draft
      • Jenkins X
      • Spinnaker
      • Kompose
      • Skaffold
      • Argo
      • Flux GitOps
  • Practices
    • Overview
    • Resource Management
    • Cluster HA
    • Workload HA
    • Debugging
    • Portmap
    • Portforward
    • User Management
    • GPU
    • HugePage
    • Security
    • Audit
    • Backup
    • Cert Rotation
    • Large Cluster
    • Big Data
      • Spark
      • Tensorflow
    • Serverless
  • Troubleshooting
    • Overview
    • Cluster Troubleshooting
    • Pod Troubleshooting
    • Network Troubleshooting
    • PV Troubleshooting
      • AzureDisk
      • AzureFile
    • Windows Troubleshooting
    • Cloud Platform Troubleshooting
      • Azure
    • Troubleshooting Tools
  • Community
    • Development Guide
    • Unit Test and Integration Test
    • Community Contribution
  • Appendix
    • Ecosystem
    • Learning Resources
    • Domestic Mirrors
    • How to Contribute
    • Reference Documents
由 GitBook 提供支持
在本页
  • Network Strategies
  • How to Develop Network Policy Extensions
  • Network Plugins that Support Network Policy
  • How to Use Network Policy
  • Network Strategies
  • Crafting Extensions for Network Policy
  • The Techie Dream Team Supporting Network Policy
  • Network Policy: The How-To Magic Book
  1. Extension

Network Policy

上一页glusterfs下一页Ingress Controller

最后更新于1年前

Network Strategies

Network Policy offers policy-based network control designed to isolate applications and reduce the potential attack surface. It emulates traditional segmented networking using label selectors and controls the flow of traffic between them and from external sources. Network plugins are required to monitor these policies and Pod changes, as well as to configure traffic control for Pods.

How to Develop Network Policy Extensions

To implement a network extension that supports Network Policy, you need at least two components:

  • CNI network plugin: Responsible for configuring network interfaces for Pods.

  • Policy controller: Monitors changes in Network Policy and applies the policy to the corresponding network interfaces.

Network Plugins that Support Network Policy

How to Use Network Policy


Network Strategies

Imagine creating virtual barriers within a digital ecosystem to keep your applications secure – this is what Network Policy does. It acts as a digital traffic cop, guiding data packets, ensuring only the right information flows between different segments of your network and that unwanted traffic stays out. It’s like putting up invisible walls within the cyberworld, with doors that only open for the right keyholders. Network plugins play a vital role here; they keep an eye on policy shifts and make sure pods toe the line of these virtual road rules.

Crafting Extensions for Network Policy

So you want to build an add-on that makes Network Policy even smarter? Gear up! You’ll need a duo of essential tools:

  • CNI network plugin: Think of it as the architect, setting up the network structure for each pod.

  • Policy controller: This one’s the guard, staying alert to any policy changes and making sure they're enforced where they matter.

The Techie Dream Team Supporting Network Policy

Ready to computerize your network’s immune system? Here are the guardians of the digital galaxy:

Network Policy: The How-To Magic Book

For specific methods of using Network Policy, you can refer .

- the network whisperer

- the Kubernetes knight

- the command-line conqueror

- the weave wizard

Wanna know how to wield these powers for your network? The secrets are within reach .

Calico
Cilium
Romana
Weave Net
here
Calico
Cilium
Romana
Weave Net
right here
Network Policy Controller
Network Policy Controller