File tree Expand file tree Collapse file tree 3 files changed +34
-9
lines changed Expand file tree Collapse file tree 3 files changed +34
-9
lines changed Original file line number Diff line number Diff line change 39
39
- Resources : api-overview.md
40
40
- Versioning : versioning.md
41
41
- Implementations : implementations.md
42
+ - Guides :
43
+ - Getting started : getting-started.md
42
44
- Reference :
43
45
- Examples : reference/examples.md
44
46
- API Reference : reference/spec.md
Original file line number Diff line number Diff line change
1
+ # Getting started with Network Policy API
2
+
3
+ ** 1. Install a Network Policy API compatible CNI**
4
+
5
+ There are numerous Container Network Plugin projects that support or are actively working on
6
+ supporting the Network Policy API. Please refer to the [ implementations] ( implementations.md )
7
+ doc for details on the supportability matrix.
8
+
9
+ ** 2. Install the Network Policy API CRDs**
10
+
11
+ The following commands will install the latest release version of the ` AdminNetworkPolicy ` and
12
+ ` BaselineAdminNetworkPolicy ` CRDs in your K8s cluster:
13
+
14
+ ``` bash
15
+ kubectl apply -f https://github.com/kubernetes-sigs/network-policy-api/releases/download/v0.1.0/install.yaml
16
+ ```
17
+
18
+ ** 3. Try out one of the sample yamls for specific user stories**
19
+
20
+ - [ Deny traffic at a cluster level] ( reference/examples.md#sample-spec-for-story-1-deny-traffic-at-a-cluster-level )
21
+ - [ Allow traffic at a cluster level] ( reference/examples.md#sample-spec-for-story-2-allow-traffic-at-a-cluster-level )
22
+ - [ Explicitly Delegate traffic to existing K8s Network Policy] ( reference/examples.md#sample-spec-for-story-3-explicitly-delegate-traffic-to-existing-k8s-network-policy )
23
+ - [ Create and Isolate multiple tenants in a cluster] ( reference/examples.md#sample-spec-for-story-4-create-and-isolate-multiple-tenants-in-a-cluster )
24
+ - [ Cluster Wide Default Guardrails] ( reference/examples.md#sample-spec-for-story-5-cluster-wide-default-guardrails )
Original file line number Diff line number Diff line change 65
65
app : kube-dns
66
66
` ` `
67
67
68
- ### Story 3: Explicitly Delegate traffic to existing K8s Network Policy
68
+ ### Sample Spec for Story 3: Explicitly Delegate traffic to existing K8s Network Policy
69
69
70
70

71
71
@@ -81,21 +81,20 @@ spec:
81
81
egress :
82
82
- action : Pass
83
83
to :
84
- - namespaces :
84
+ - pods :
85
85
namespaceSelector :
86
86
matchLabels :
87
87
kubernetes.io/metadata.name : bar-ns-1
88
- pods :
89
88
podSelector :
90
89
matchLabels :
91
90
app : svc-pub
92
91
ports :
93
- - portNumber :
94
- protocol : TCP
95
- port : 8080
92
+ - portNumber :
93
+ protocol : TCP
94
+ port : 8080
96
95
` ` `
97
96
98
- ### Story 4: Create and Isolate multiple tenants in a cluster
97
+ ### Sample Spec for Story 4: Create and Isolate multiple tenants in a cluster
99
98
100
99

101
100
@@ -117,7 +116,7 @@ spec:
117
116
- tenant
118
117
` ` `
119
118
120
- This can also be expressed in the following way:
119
+ This can also be expressed in the following way:
121
120
122
121
` ` ` yaml
123
122
apiVersion : policy.networking.k8s.io/v1alpha1
@@ -141,7 +140,7 @@ spec:
141
140
namespaceSelector : {}
142
141
` ` `
143
142
144
- ### Story 5: Cluster Wide Default Guardrails
143
+ ### Sample Spec for Story 5: Cluster Wide Default Guardrails
145
144
146
145

147
146
You can’t perform that action at this time.
0 commit comments