Kubernetes CKA sample exam question 72 with answer

Question
Create three pods, pod name and their image name is given below:

nginx - nginx
busybox1 - busybox, sleep 3600
busybox2 - busybox, sleep 1800

Make sure only busybox1 pod should be able to communicate with nginx pod on port 80. Pod busybox2 should not be able to connect to pod nginx.

Answer
Create the pods:

kubectl run nginx --image=nginx
kubectl run busybox1 --image=busybox -- sleep 3600
kubectl run busybox1 --image=busybox -- sleep 3600

Get pod labels, these will be needed at next step:

kubectl get po --show-labels

Create NetworkPolicy object:

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: np
  namespace: default
spec:
  podSelector:
    matchLabels:
      run: nginx
  policyTypes:
  - Ingress
  ingress:
  - from:
    - podSelector:
        matchLabels:
          run: busybox1
    ports:
    - protocol: TCP
      port: 80

Create and check netpol object:

kubectl apply -f np.yaml
kubectl describe netpol np

Test conection from busybox1:

kubectl exec busybox1 -it -- wget $(kubectl get po nginx --template '{{.status.podIP}}')

Test conection from busybox2:

kubectl exec busybox2 -it -- wget $(kubectl get po nginx --template '{{.status.podIP}}')