Complete the code to specify the kind of Kubernetes resource for network policies.
apiVersion: networking.k8s.io/v1
kind: [1]
metadata:
name: allow-nginx
spec:
podSelector:
matchLabels:
app: nginxThe kind field must be NetworkPolicy to define network policies in Kubernetes.
Complete the code to allow ingress traffic only from pods with label 'role: frontend'.
spec:
podSelector:
matchLabels:
app: backend
ingress:
- from:
- podSelector:
matchLabels:
[1]: frontendThe role label is used to select pods with role 'frontend' for ingress traffic.
Fix the error in the policy to allow TCP traffic on port 80 only.
spec:
podSelector:
matchLabels:
app: web
ingress:
- ports:
- protocol: TCP
port: [1]The port must be specified as the number 80 to allow HTTP traffic on TCP port 80.
Fill both blanks to create a policy that denies all egress traffic from pods labeled 'app: db'.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: deny-db-egress
spec:
podSelector:
matchLabels:
app: [1]
policyTypes:
- [2]The podSelector must select pods with label app: db and the policy type must be Egress to deny outgoing traffic.
Fill all three blanks to create a network policy that allows ingress TCP traffic on port 443 from pods with label 'role: frontend' to pods labeled 'app: secure'.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-secure-ingress
spec:
podSelector:
matchLabels:
app: [1]
ingress:
- from:
- podSelector:
matchLabels:
role: [2]
ports:
- protocol: [3]
port: 443The policy selects pods with app: secure, allows ingress from pods with role: frontend, and permits TCP traffic on port 443.