You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/aks/use-network-policies.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,9 +24,9 @@ Requirements:
24
24
- AKS REST API version 2023-08-02-preview or later
25
25
26
26
Notes:
27
-
- The uninstall process does _not_ remove Custom Resource Definitions (CRDs) and Custom Resources (CRs) used by Calico. These all have names ending with either "projectcalico.org" or "tigera.io".
28
-
These CRDs and associated CRs can be manually deleted _after_ Calico is successfully uninstalled (deleting the CRDs before removing Calico will break the cluster).
29
-
- The upgrade will not remove any NetworkPolicy resources in the cluster, but after the uninstall these policies will no longer be enforced.
27
+
- The uninstall process does _not_ remove Custom Resource Definitions (CRDs) and Custom Resources (CRs) used by Calico. These CRDs and CRs all have names ending with either "projectcalico.org" or "tigera.io".
28
+
These CRDs and associated CRs can be manually deleted _after_ Calico is successfully uninstalled (deleting the CRDs before removing Calico breaks the cluster).
29
+
- The upgrade will not remove any NetworkPolicy resources in the cluster, but after the uninstall these policies are no longer enforced.
30
30
31
31
> [!WARNING]
32
32
> The upgrade process triggers each node pool to be re-imaged simultaneously. Upgrading each node pool separately isn't supported. Any disruptions to cluster networking are similar to a node image upgrade or [Kubernetes version upgrade](./upgrade-cluster.md) where each node in a node pool is re-imaged.
@@ -55,7 +55,7 @@ Azure provides three Network Policy engines for enforcing network policies:
55
55
**Azure Network Policy Manager*.
56
56
**Calico*, an open-source network and network security solution founded by [Tigera][tigera].
57
57
58
-
Cilium is our recommended Network Policy engine. Cilium enforces network policy on the traffic using Linux BPF, which is generally more efficient than "IPTables". See more details in [Azure CNI Powered by Cilium documentation](./azure-cni-powered-by-cilium.md).
58
+
Cilium is our recommended Network Policy engine. Cilium enforces network policy on the traffic using Linux Berkeley Packet Filter (BPF), which is generally more efficient than "IPTables". See more details in [Azure CNI Powered by Cilium documentation](./azure-cni-powered-by-cilium.md).
59
59
To enforce the specified policies, Azure Network Policy Manager for Linux uses Linux *IPTables*. Azure Network Policy Manager for Windows uses *Host Network Service (HNS) ACLPolicies*. Policies are translated into sets of allowed and disallowed IP pairs. These pairs are then programmed as `IPTable` or `HNS ACLPolicy` filter rules.
60
60
61
61
@@ -339,7 +339,7 @@ In the client's shell, run the following command to verify connectivity with the
339
339
340
340
### Test connectivity with network policy
341
341
342
-
Create a file named `demo-policy.yaml` and paste the following YAML manifest to add network policies:
342
+
To add network policies create a file named `demo-policy.yaml` and paste the following YAML manifest:
0 commit comments