Exam CKS Topic 3 Question 47 Discussion
Actual exam question for Linux Foundation's CKS exam
Question #: 47
Topic #: 3
Question #: 47
Topic #: 3
You have a Kubernetes cluster With multiple nodes. You want to configure a Network Policy to allow communication between pods in the "appl" namespace and pods in the "app2" namespace, but only allow access to the port 80 on the pods in the "app2" namespace. Describe the steps you would take to implement this network policy.
Suggested Answer:
Solution (Step by Step) :
1. Create a Network Policy YAML file:
- Create a YAML file that defines the Network Policy rules:
2. Apply the Network Policy: - Apply the YAML file using 'kubectl apply -f app1 -to-app2-yaml' 3. Verify the Network Policy: - After applying the policy, check the status of the network policy using 'kubectl get networkpolicies appl-to-app2 -n app1 4. Test the Policy: - Start a pod in the "app1" namespace and a pod in the "app2" namespace. - Test the communication using tools like 'curl' or 'telnet' to ensure that the policy restricts access to only pod 80 on pods in "app2". 5. Add More Restrictions (Optional): - You can further refine the Network Policy by specifying more restrictive rules, such as allowing access only from specific pods in "app1" or restricting access to specific IP addresses in "app2".
1. Create a Network Policy YAML file:
- Create a YAML file that defines the Network Policy rules:
2. Apply the Network Policy: - Apply the YAML file using 'kubectl apply -f app1 -to-app2-yaml' 3. Verify the Network Policy: - After applying the policy, check the status of the network policy using 'kubectl get networkpolicies appl-to-app2 -n app1 4. Test the Policy: - Start a pod in the "app1" namespace and a pod in the "app2" namespace. - Test the communication using tools like 'curl' or 'telnet' to ensure that the policy restricts access to only pod 80 on pods in "app2". 5. Add More Restrictions (Optional): - You can further refine the Network Policy by specifying more restrictive rules, such as allowing access only from specific pods in "app1" or restricting access to specific IP addresses in "app2".
by Harley at Jan 13, 2026, 06:49 PM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).