You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The side effect of applying the DNS policy goes beyond just the kubernetes.io accessibility. The frontend pods are still able to access the backend pods, since there is an existing policy. However, if the backends needed to access other pods then it would be denied, and on and on.
Given that the recommendation is to apply a DNS policy, is there a recommendation on how to best manage the number of policies that potentially could be required to allow/deny the ingress and egress. With only 2 services it's not difficult, but if there are hundreds of services this could be a NWP management nightmare?
Does Cilium / Tetragon provide a product that would allow me to run traffic through my application (testing) and based upon the flows it could capture the traffic flows and thus begin to create the network policies for me?
The text was updated successfully, but these errors were encountered:
The side effect of applying the DNS policy goes beyond just the kubernetes.io accessibility. The frontend pods are still able to access the backend pods, since there is an existing policy. However, if the backends needed to access other pods then it would be denied, and on and on.
Given that the recommendation is to apply a DNS policy, is there a recommendation on how to best manage the number of policies that potentially could be required to allow/deny the ingress and egress. With only 2 services it's not difficult, but if there are hundreds of services this could be a NWP management nightmare?
Does Cilium / Tetragon provide a product that would allow me to run traffic through my application (testing) and based upon the flows it could capture the traffic flows and thus begin to create the network policies for me?
The text was updated successfully, but these errors were encountered: