File: docker-for-mac/networking.md
If NetworkPolicy works in Docker Desktop for Mac, please document it.
If not, please add it to the "Known limitations, use cases, and workarounds" section.
I'm running Docker for Mac
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"15", GitVersion:"v1.15.1", GitCommit:"4485c6f18cee9a5d3c3b4e523bd27972b1b53892", GitTreeState:"clean", BuildDate:"2019-07-18T14:25:20Z", GoVersion:"go1.12.7", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.6", GitCommit:"96fac5cd13a5dc064f7d9f4f23030a6aeface6cc", GitTreeState:"clean", BuildDate:"2019-08-19T11:05:16Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}
Kubernetes v1.14 has NetworkPolicy
However, when I kubectl apply -f the following file
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: default-deny-all-egress
namespace: default
spec:
policyTypes:
- Egress
podSelector: {}
egress: []
I'm still able to send egress network traffic
$ kubectl run --generator=run-pod/v1 -i --tty netshoot --image=nicolaka/netshoot -- bash
If you don't see a command prompt, try pressing enter.
bash-5.0# curl https://example.com
<!doctype html>
<html>
<head>
<title>Example Domain</title>
...
FYI this is the same for Windows & WSL2.
I have weave-net installed as my CNI, and yet my policies are ignored.
easy to reproduce following :
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy/
Does someone manage to make NetworkPolicy work or have an answer on the question ?
I've created an issue on the use of Calico in Docker-Desktop for mac in case :)
@etoews @ChrisScottThomas Did you manage to make it work ?
Most helpful comment
FYI this is the same for Windows & WSL2.
I have weave-net installed as my CNI, and yet my policies are ignored.
easy to reproduce following :
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy/