< img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=3131724&fmt=gif" />

Workspace Network Isolation

Prerequisites

Enable or Disable Workspace Network Isolation

Workspace network isolation is disabled by default. You can turn on network isolation in Basic Information under Workspace Settings.

workspace-isolation

Note

When network isolation is turned on, egress traffic will be allowed by default, while ingress traffic will be denied for different workspaces. If you need to customize your network policy, you need to turn on Project Network Isolation and add a network policy in Project Settings.

You can also disable network isolation on the Basic Information page.

Best Practice

To ensure that all Pods in a workspace are secure, a best practice is to enable workspace network isolation.

When network isolation is on, the workspace cannot be accessed by other workspaces. If a workspace’s default network isolation doesn’t meet your needs, turn on project network isolation and customize your project’s network policy.


Thanks for the feedback. If you have a specific question about how to use KubeSphere, ask it on Slack. Open an issue in the GitHub repo if you want to report a problem or suggest an improvement.