Bird
0
0

You have a multi-tenant Kubernetes cluster with namespaces team-a and team-b. How can you ensure that services in team-a namespace are only accessible by pods in team-a namespace and not from team-b?

hard📝 Workflow Q9 of 15
Kubernetes - Namespaces
You have a multi-tenant Kubernetes cluster with namespaces team-a and team-b. How can you ensure that services in team-a namespace are only accessible by pods in team-a namespace and not from team-b?
ALabel all pods in team-b namespace as backend
BUse Role-Based Access Control (RBAC) to restrict service access
CUse a ConfigMap to block traffic from team-b
DApply a NetworkPolicy in team-a namespace allowing ingress only from pods in team-a namespace
Step-by-Step Solution
Solution:

  1. Step 1: Understand NetworkPolicy for traffic control

    NetworkPolicy can restrict ingress traffic to pods from specific namespaces.

  2. Step 2: Apply NetworkPolicy in team-a namespace

    Allow ingress only from pods in team-a namespace to block team-b pods.

  3. Final Answer:

    Apply a NetworkPolicy in team-a namespace allowing ingress only from pods in team-a namespace -> Option D

  4. Quick Check:

    NetworkPolicy controls pod network access, RBAC does not block network traffic [OK]
Quick Trick: Use NetworkPolicy to isolate namespaces by restricting ingress [OK]
Common Mistakes:
  • Confusing RBAC with network access control
  • Using labels incorrectly to block traffic
  • Trying to use ConfigMap for network restrictions

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Kubernetes Quizzes
Kubernetes Fundamentals - What is Kubernetes - Quiz 12easy Labels and Selectors - Organizing with recommended labels - Quiz 11easy Namespaces - Creating custom namespaces - Quiz 1easy Pods - Pod lifecycle states - Quiz 12easy ReplicaSets and Deployments - Recreate update strategy - Quiz 15hard Services - Service discovery via DNS - Quiz 15hard Services - NodePort service type - Quiz 8hard Services - Service selectors and labels - Quiz 7medium Services - Endpoints and endpoint slices - Quiz 1easy kubectl Essential Commands - kubectl exec for container access - Quiz 10hard