Is the network policy below a valid policy to allow multiple namespaces to have access to each other. Is there a better way of doing this or will this work?
apiVersion: projectcalico.org/v3
kind: NetworkPolicy
metadata:
name: allow-namespace-only
namespace: stage
spec:
ingress:
action: Allow
source:
namespaceSelector: “test1”, “test2”, “test3”, “test3”
egress:
action: Allow
erik
May 28, 2021, 1:20pm
2
I think you’ll need to change your namespaceSelector to something like
namespaceSelector: projectcalico.org/name in { "test1”, “test2”, “test3”, “test3” }
Also to be clear this is only allowing traffic from your “test[1234]” namespaces to the “stage” namespace.
Checkout the selector reference and the namespaceSelector row in the Entity Rule reference for more information.