Uploaded image for project: 'Planet4'
  1. Planet4
  2. PLANET-4574

Implement network security policies

XMLWordPrintable

    • Icon: Infra Task Infra Task
    • Resolution: Merged
    • Icon: Should have Should have
    • 2.81.0
    • None

      Currently, pods are not constrained in any way, they can communicate to any other pod in any other namespace.

      We should limit pods where possible - eg redis pods only need to communicate with openresty and php containers of their specific deployment.

      PHP pods only need to comunicate with openresty, redis, elasticsearch etc.

      https://sysdig.com/blog/kubernetes-security-psp-network-policy/

            gmintoco Gus Minto Cowcher (Inactive)
            rawalker Ray Walker (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: