-
Notifications
You must be signed in to change notification settings - Fork 334
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Formatted networkPolicy to match feature documentation template #4467
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thank you for the contribution!
78e13ae
to
6ecd30b
Compare
Resolved reviewer suggestions,changed wording to make documentation more clear |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some more nits
[Kubernetes NetworkPolicy documentation](https://kubernetes.io/docs/concepts/services-networking/network-policies) | ||
|
||
[Kubernetes NetworkPolicy API reference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#networkpolicy-v1-networking-k8s-io) | ||
|
||
By default, the network traffic from and to K8s pods is not restricted in any way. Using NetworkPolicy is a way to enforce network isolation of selected pods. When a pod is selected by a NetworkPolicy allowed traffic is specified by the `Ingress` and `Egress` sections. | ||
Network Policy is a resource, which helps enforce the network isolation of pods. By default, the network traffic from and to K8s pods are not restricted in any way: NetworkPolicy resources allow us to enable and/or disable specific dataflows at a pod level. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the current version is more accurate, can we just leave it as is?
|
||
## **Unicast default-deny** | ||
Feature is always enabled and triggered upon creation of NetworkPolicy objects. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is a config flag for this, look for EnableAdminNetworkPolicy
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From my understand AdminNetworkPolicy and NetworkPolicy were seperate objects but I may have read the documentation incorrectly
Signed-off-by: Daniel Zhou <[email protected]>
What this PR does and why is it needed
Reformatted networkPolicy to match feature documentation template. Added more examples detailing different types of networkPolicies. Reworded certain sections to make more documentation more clear and easy to read.
Which issue(s) this PR fixes
Fixes #
Special notes for reviewers
How to verify it
Details to documentation updates
Reformatted networkPolicy to match feature documentation template. Added more examples detailing different types of networkPolicies. Reworded certain sections to make more documentation more clear and easy to read.
Description for the changelog
Does this PR introduce a user-facing change?