ElectricVocalist@jlai.lu to Selfhosted@lemmy.worldEnglish · edit-21 day agoHow to block unwanted outbound traffic from your containersblog.dera.pageexternal-linkmessage-square15linkfedilinkarrow-up185arrow-down12file-text
arrow-up183arrow-down1external-linkHow to block unwanted outbound traffic from your containersblog.dera.pageElectricVocalist@jlai.lu to Selfhosted@lemmy.worldEnglish · edit-21 day agomessage-square15linkfedilinkfile-text
minus-squaremoonpiedumplings@programming.devlinkfedilinkEnglisharrow-up2·8 hours agoSame here. K8s makes stuff like this so mucb easier, since you can declaratively control traffic flow via NetworkPolicies. And with cilum you ca use hubble to visualize whay traffic is currently happening, in order to figure out what is actually needed. I also use Cilium as my host based firewall instead of ufw/firewalld. https://docs.cilium.io/en/latest/security/host-firewall/
Same here. K8s makes stuff like this so mucb easier, since you can declaratively control traffic flow via NetworkPolicies.
And with cilum you ca use hubble to visualize whay traffic is currently happening, in order to figure out what is actually needed.
I also use Cilium as my host based firewall instead of ufw/firewalld.
https://docs.cilium.io/en/latest/security/host-firewall/