Inferensys

Glossary

NetworkPolicy

A Kubernetes resource that controls the flow of traffic between pods and network endpoints at the IP address or port level, implementing micro-segmentation for zero-trust networking.
Control room desk with laptops and a large orchestration network display.
KUBERNETES MICRO-SEGMENTATION

What is NetworkPolicy?

A NetworkPolicy is a Kubernetes API resource that defines how groups of pods are allowed to communicate with each other and other network endpoints, using selectors and rules to implement a zero-trust, allowlist-based firewall at the IP address and port level.

A NetworkPolicy is a declarative specification that controls traffic flow between pods and network endpoints at Layer 3 and 4. It acts as a pod-level firewall, using label selectors to define source and destination sets, and specifying permitted ingress and egress rules by IP block, namespace, or pod selector, along with port and protocol (TCP/UDP) constraints. Without a NetworkPolicy, all pod-to-pod traffic is allowed by default; applying a policy immediately restricts traffic to only explicitly permitted connections, enforcing the principle of least privilege.

Effective implementation requires a Container Network Interface (CNI) plugin that supports policy enforcement, such as Cilium or Calico, as the core Kubernetes controller only stores the policy object. These CNIs use technologies like eBPF to program kernel-level filtering for high-performance enforcement. NetworkPolicies are fundamental to zero-trust networking in disconnected or air-gapped clusters, isolating sensitive model serving endpoints and vector databases from unauthorized access by other workloads within the same sovereign infrastructure.

ZERO-TRUST MICRO-SEGMENTATION

Key Characteristics of NetworkPolicy

NetworkPolicy is the Kubernetes-native firewall, implementing Layer 3/4 micro-segmentation to enforce zero-trust networking. It defines how groups of pods are allowed to communicate with each other and other network endpoints.

01

Label-Based Pod Selectors

NetworkPolicy uses label selectors to define policy targets and traffic sources, decoupling security rules from ephemeral IP addresses. A policy applies to pods matching podSelector, while ingress.from and egress.to rules use podSelector and namespaceSelector to identify allowed peers. This enables dynamic membership: as pods are created or destroyed, the policy automatically applies to new pods with matching labels without manual rule updates. The selector model supports AND/OR logic—combining namespaceSelector and podSelector within a single from entry requires both to match, while multiple from entries create a logical OR.

02

Ingress and Egress Rule Isolation

NetworkPolicy provides directional traffic control through distinct ingress and egress rule sets:

  • Ingress rules specify which sources can send traffic TO the selected pods
  • Egress rules specify which destinations the selected pods can send traffic TO

A critical default behavior: pods are non-isolated until a NetworkPolicy selects them. Once any policy selects a pod, it becomes isolated for that direction. If only ingress rules are defined, all egress traffic is still allowed. If only egress rules are defined, all ingress traffic is still allowed. To fully lock down a pod, both ingress and egress policies must be applied. This allows incremental hardening—start with ingress restrictions, then add egress controls.

03

Namespace-Level Policy Enforcement

NetworkPolicy operates at the namespace boundary, enabling multi-tenant isolation within a single cluster. Using namespaceSelector, a policy can allow or deny traffic from entire namespaces based on their labels. Common patterns include:

  • Deny-all default policy: A policy selecting all pods with empty ingress/egress rules blocks all cross-pod traffic
  • Allow-from-same-namespace: Permits traffic only from pods within the same namespace
  • Allow-from-specific-namespaces: Grants access only to labeled namespaces like environment: production

This namespace-scoped model maps directly to organizational boundaries—teams, environments, and compliance zones—without requiring separate clusters for isolation.

04

Port and Protocol Granularity

NetworkPolicy enforces Layer 4 controls by specifying allowed ports and protocols on each rule. Each ingress.from or egress.to entry can include a ports array defining:

  • port: A numeric port or named port defined on the target pod
  • protocol: TCP, UDP, or SCTP (defaults to TCP if omitted)
  • endPort: Kubernetes 1.22+ supports port ranges via endPort, enabling rules like "allow ports 8000-8100"

This granularity allows precise service exposure. For example, a database pod can accept TCP 5432 from application pods while blocking all other ports, even from the same source. Named ports provide abstraction—referencing port: http instead of port: 80 decouples policy from specific port numbers.

05

CIDR-Based IP Block Rules

Beyond pod and namespace selectors, NetworkPolicy supports CIDR notation for defining IP block ranges in ipBlock fields. This enables rules for traffic to or from:

  • External services outside the cluster (e.g., 192.168.1.0/24)
  • The node's own IP for host-network services
  • Specific external APIs that pods must access

ipBlock supports an except field to carve out exceptions from a larger CIDR range. For example, allow 10.0.0.0/8 except 10.0.1.0/24 to block a specific subnet. Important caveat: ipBlock rules apply to all traffic from those IPs, regardless of pod identity—combine with pod selectors for defense-in-depth. External traffic control is essential for air-gapped environments where pods may need limited access to on-premises services.

06

CNI Plugin Dependency

NetworkPolicy is a Kubernetes API resource only—it requires a Container Network Interface (CNI) plugin that implements the NetworkPolicy specification to actually enforce the rules. Without a compatible CNI, policies are stored but not enforced. Common CNIs with NetworkPolicy support include:

  • Cilium: Full policy support plus eBPF-based Layer 7 filtering and observability
  • Calico: Mature implementation with global network policies extending beyond namespaces
  • Weave Net: Native policy enforcement with automatic mesh networking

Critical verification: Always confirm your CNI supports the specific features you're using—endPort ranges, SCTP protocol, and ipBlock.except are not universally implemented. In disconnected environments, the CNI must be pre-staged in the private registry and must not require external license validation calls.

KUBERNETES NETWORKPOLICY

Frequently Asked Questions

Clear, technical answers to the most common questions about implementing micro-segmentation and zero-trust networking in Kubernetes using NetworkPolicy resources.

A Kubernetes NetworkPolicy is an application-centric resource that controls the flow of traffic between pods and network endpoints at the IP address or port level. It functions as a stateful firewall for pod-to-pod communication, implementing micro-segmentation by defining which pods are allowed to connect to a target pod. NetworkPolicies use label selectors to identify source and destination pods, and they specify ingress (inbound) and egress (outbound) rules. Critically, by default, all traffic is allowed between pods in a cluster; a pod is only isolated when at least one NetworkPolicy selects it. Once selected, the pod rejects all connections not explicitly permitted by the combined rules of all policies targeting it. The actual enforcement is handled by the Container Network Interface (CNI) plugin, such as Cilium or Calico, which translates the policy into eBPF programs or iptables rules on the node's kernel.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.