Allow All Egress Traffic Exclusively
Like we did on the ingress part, sometimes you want to exclusively allow all egress traffic even if some other policies are denying it. The following NetworkPolicy will override all other egress rules and allow all traffic from all pods to any destination:
Steps
git clone https://github.com/collabnix/kubelabs.git
cd kubelabs/Network_Policies101/
kubectl apply -f allow-egress.yaml
Verify Access - Allowed Egress
We can see that this is the case by switching over to our “access” pod in the namespace and attempting to access the google.com .
kubectl run --generator=run-pod/v1 --namespace=network-policy-demo access --rm -ti --image busybox /bin/sh
wget -q --timeout=5 google.com -O -
/ # wget -q --timeout=5 google.com -O -
<!doctype html><html itemscope="" itemtype
Now we are able to access google.
Cleanup Namespace
kubectl delete ns network-policy-demo