Complete the code to specify the kind of Kubernetes resource for a network policy.
apiVersion: networking.k8s.io/v1
kind: [1]
metadata:
name: allow-nginx
spec:
podSelector:
matchLabels:
app: nginxThe kind field must be NetworkPolicy to define a network policy resource in Kubernetes.
Complete the code to allow ingress traffic only from pods with label 'role: frontend'.
spec:
podSelector:
matchLabels:
app: backend
ingress:
- from:
- podSelector:
matchLabels:
[1]: frontendThe podSelector matches pods with label role: frontend to allow ingress from those pods.
Fix the error in the port specification to allow TCP traffic on port 80.
spec:
podSelector:
matchLabels:
app: web
ingress:
- ports:
- protocol: TCP
port: [1]The port must be a number like 80, not a string or protocol name.
Fill both blanks to create a network policy that denies all ingress traffic to pods labeled 'app: db'.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: deny-all-ingress
spec:
podSelector:
matchLabels:
app: [1]
policyTypes:
- [2]The policy selects pods with label app: db and sets policyTypes to Ingress to deny all incoming traffic.
Fill all three blanks to allow ingress traffic on TCP port 443 from namespace 'frontend-ns' to pods labeled 'app: secure'.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-https-frontend
spec:
podSelector:
matchLabels:
app: [1]
ingress:
- from:
- namespaceSelector:
matchLabels:
name: [2]
ports:
- protocol: TCP
port: [3]The policy selects pods with label app: secure, allows ingress from namespace labeled name: frontend-ns, and permits TCP traffic on port 443.