Hacker Neue

Preferences
never_inline parent
Can someone enlighten me on this: if Authorization policies (which pods can communicate with which services) was built in kube-proxy, wouldn't it solve the use case for a large percent of service mesh deployments?
gotbeans
Kube proxy works configuring ip tables (oversimplified) and its scope is limitted to l4. It doesn't operate at L7.
adhamsalama
Isn't that what k8s network policies do?
never_inline OP
The support varies by CNI so I wouldn't call it "built-in".

But yeah I forgot this existed.

adhamsalama
Isn't that what k8s network policies do

This item has no comments currently.

Keyboard Shortcuts

Story Lists

j
Next story
k
Previous story
Shift+j
Last story
Shift+k
First story
o Enter
Go to story URL
c
Go to comments
u
Go to author

Navigation

Shift+t
Go to top stories
Shift+n
Go to new stories
Shift+b
Go to best stories
Shift+a
Go to Ask HN
Shift+s
Go to Show HN

Miscellaneous

?
Show this modal