diff --git a/120_kubernetes/dns/headless.demo b/120_kubernetes/dns/headless.demo index 745f042..b47faff 100644 --- a/120_kubernetes/dns/headless.demo +++ b/120_kubernetes/dns/headless.demo @@ -28,8 +28,24 @@ apiVersion: v1 kind: Service metadata: name: web +spec: + type: ClusterIP + selector: + app: web + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 +--- +apiVersion: v1 +kind: Service +metadata: + name: web-headless spec: clusterIP: None + selector: + app: web ports: - name: http port: 80 diff --git a/120_kubernetes/network_policy/network_policy.demo b/120_kubernetes/network_policy/network_policy.demo index 2eabf2e..27c2a2f 100644 --- a/120_kubernetes/network_policy/network_policy.demo +++ b/120_kubernetes/network_policy/network_policy.demo @@ -22,6 +22,18 @@ spec: image: nginx:stable --- apiVersion: v1 +kind: Pod +metadata: + name: web2 + namespace: test1 + labels: + app: web2 +spec: + containers: + - name: nginx + image: nginx:stable +--- +apiVersion: v1 kind: Service metadata: name: web @@ -49,6 +61,18 @@ spec: image: nginx:stable --- apiVersion: v1 +kind: Pod +metadata: + name: web2 + namespace: test1 + labels: + app: web2 +spec: + containers: + - name: nginx + image: nginx:stable +--- +apiVersion: v1 kind: Service metadata: name: web diff --git a/2023-05-03_heise-Webinar-KubernetesNetworkPolicies.md b/2023-05-03_heise-Webinar-KubernetesNetworkPolicies.md new file mode 100644 index 0000000..a45ae35 --- /dev/null +++ b/2023-05-03_heise-Webinar-KubernetesNetworkPolicies.md @@ -0,0 +1,13 @@ +- Verschlüsselte DNS-Anfragen im Cluster +- Pod IP klarer machen +- https://www.knowledgehut.com/blog/devops/kubernetes-load-balancing +- Headless service: StatefulSet +- dig! +- Gegenüberstellung hinzufügen/korrigieren +- Namespaced NetworkPolicy +- Pods in demselben Namespace +- Namespace ohne Policy -> keine Beschränkung +- Priority +- Portability vs. Functionality +- Separate ingress and egress +- Hubble slide overflow \ No newline at end of file