NetworkPolicy .spec .egress .to
NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of fields are allowed
Description | |
---|---|
ipBlock 🔗 IPBlock | IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be. |
namespaceSelector 🔗 LabelSelector | Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces. If PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector. |
podSelector 🔗 LabelSelector | This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods. If NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy's own Namespace. |