How do NetworkPolicies behave when multiple policies are applied to a set of pods in Kubernetes?

Prepare for the KCNA Certification Test. Study with flashcards, multiple-choice questions, and detailed explanations to enhance your understanding of Kubernetes Cloud Native concepts. Ace your exam!

Multiple Choice

How do NetworkPolicies behave when multiple policies are applied to a set of pods in Kubernetes?

Explanation:
When multiple NetworkPolicies target the same pods, their effects are combined. The allowed ingress and egress are the union of all rules from the policies that select the pod. This means traffic is permitted if it matches at least one policy’s rule, and traffic not covered by any policy is denied. So adding more policies can broaden or refine what’s allowed, but there’s no “most restrictive” override mechanism. If no policy selects a pod, traffic is allowed by default; once policies apply, only traffic that matches any policy is allowed. For example, if one policy allows ingress from a specific namespace and another allows ingress from a certain IP, traffic from either source is allowed.

When multiple NetworkPolicies target the same pods, their effects are combined. The allowed ingress and egress are the union of all rules from the policies that select the pod. This means traffic is permitted if it matches at least one policy’s rule, and traffic not covered by any policy is denied. So adding more policies can broaden or refine what’s allowed, but there’s no “most restrictive” override mechanism. If no policy selects a pod, traffic is allowed by default; once policies apply, only traffic that matches any policy is allowed. For example, if one policy allows ingress from a specific namespace and another allows ingress from a certain IP, traffic from either source is allowed.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy