networking.k8s.io/v1
·NetworkPolicy
NetworkPolicy describes what network traffic is allowed for a set of Pods
Click on Property Name to show the description, and Pink Types to expand schema.
Required properties are marked with *
Change History
Kubernetes v1.34
1 property has changed the description
- .spec.podSelector
Kubernetes v1.33
Kubernetes v1.32
Kubernetes v1.31
Kubernetes v1.30
Kubernetes v1.29
Kubernetes v1.28
1 property has been removed on this version
- .status
Kubernetes v1.27
9 properties have changed the description
- .metadata.annotations
- .metadata.labels
- .metadata.name
- .metadata.namespace
- .metadata.ownerReferences.name
- .metadata.ownerReferences.uid
- .metadata.uid
- .spec
- .status
Kubernetes v1.26
4 properties have changed the description
- .spec.egress.to.ipBlock.cidr
- .spec.egress.to.ipBlock.except
- .spec.ingress.from.ipBlock.cidr
- .spec.ingress.from.ipBlock.except
Kubernetes v1.25
1 property has been removed on this version
- .metadata.clusterName
2 properties have changed the description
- .spec.egress.ports.endPort
- .spec.ingress.ports.endPort
Kubernetes v1.24
1 property has been added on this version
- .status
5 properties have changed the description
- .metadata.clusterName
- .metadata.generateName
- .metadata.managedFields.time
- .metadata.ownerReferences.blockOwnerDeletion
- .metadata.selfLink
Kubernetes v1.23
Kubernetes v1.22
1 property has been added on this version
- .metadata.managedFields.subresource
2 properties have changed the description
- .spec.egress.ports.endPort
- .spec.ingress.ports.endPort
Kubernetes v1.21
2 properties have been added on this version
- .spec.egress.ports.endPort
- .spec.ingress.ports.endPort
3 properties have changed the description
- .spec.egress.ports.port
- .spec.ingress.ports.port
- .spec.policyTypes
Kubernetes v1.20
Kubernetes v1.19
1 property has changed the description
- .metadata.namespace
Kubernetes v1.18
4 properties have changed the description
- .spec.egress.to.ipBlock.cidr
- .spec.egress.to.ipBlock.except
- .spec.ingress.from.ipBlock.cidr
- .spec.ingress.from.ipBlock.except
Kubernetes v1.17
1 property has changed the description
- .metadata.finalizers
Kubernetes v1.16
2 properties have been added on this version
- .metadata.managedFields.fieldsType
- .metadata.managedFields.fieldsV1
2 properties have been removed on this version
- .metadata.initializers
- .metadata.managedFields.fields
10 properties have changed the description
- .apiVersion
- .kind
- .metadata.creationTimestamp
- .metadata.deletionTimestamp
- .metadata.generateName
- .metadata.managedFields
- .metadata.ownerReferences.kind
- .metadata.resourceVersion
- .metadata.selfLink
- .spec.ingress.from
Kubernetes v1.15
1 property has been added on this version
- .metadata.initializers.result.metadata.remainingItemCount
Kubernetes v1.14
1 property has been added on this version
- .metadata.managedFields
2 properties have changed the description
- .metadata
- .spec.policyTypes
Kubernetes v1.13
Kubernetes v1.12
3 properties have changed the description
- .metadata.initializers.result.metadata.continue
- .spec.egress.ports.protocol
- .spec.ingress.ports.protocol
Kubernetes v1.11
6 properties have changed the description
- .spec.egress.to.ipBlock
- .spec.egress.to.namespaceSelector
- .spec.egress.to.podSelector
- .spec.ingress.from.ipBlock
- .spec.ingress.from.namespaceSelector
- .spec.ingress.from.podSelector
Examples
There are 6 examples of NetworkPolicy that you can use as a starting point to create your own.
- apiVersion: networking.k8s.io/v1kind: NetworkPolicymetadata:name: default-deny-ingressnamespace: public-api # NetworkPolicy is a namespaced resourcespec:podSelector: {}policyTypes:- Ingress
apiVersion: networking.k8s.io/v1kind: NetworkPolicymetadata: name: allow-all-ingress namespace: public-api # NetworkPolicy is a namespaced resourcespec: podSelector: {} ingress: - {} policyTypes: - IngressapiVersion: networking.k8s.io/v1kind: NetworkPolicymetadata: name: default-deny-egress namespace: public-api # NetworkPolicy is a namespaced resourcespec: podSelector: {} policyTypes: - EgressapiVersion: networking.k8s.io/v1kind: NetworkPolicymetadata: name: allow-all-egress namespace: public-api # NetworkPolicy is a namespaced resourcespec: podSelector: {} egress: - {} policyTypes: - EgressapiVersion: networking.k8s.io/v1kind: NetworkPolicymetadata: name: default-deny-all namespace: public-api # NetworkPolicy is a namespaced resourcespec: podSelector: {} policyTypes: - Ingress - EgressapiVersion: networking.k8s.io/v1kind: NetworkPolicymetadata: name: test-network-policy namespace: public-api # NetworkPolicy is a namespaced resourcespec: podSelector: matchLabels: role: db policyTypes: - Ingress - Egress ingress: - from: - ipBlock: cidr: 172.17.0.0/16 except: - 172.17.1.0/24 - namespaceSelector: matchLabels: project: myproject - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379 egress: - to: - ipBlock: cidr: 10.0.0.0/24 ports: - protocol: TCP port: 5978