Workspace Network Isolation
- You have already enabled Network Policy. Please refer to network-policy it is not ready yet.
- Use an account of the
workspace-adminrole. For example, use the account
ws-admincreated in Create Workspace, Project, Account and Role.
NoteFor the implementation of the network policy, you can refer to kubesphere-network-policy
Enable/Disable Workspace Network Isolation
Workspace network isolation is disabled by default. You can turn on network isolation in Basic Info under Workspace Settings.
You can also disable network isolation via this path.
To ensure that all pods in the workspace are secure, a best practice is to enable workspace network isolation.
When network isolation is on, the workspace cannot be accessed by other workspaces. If workspace’s default network isolation doesn’t meet your needs, turn on project network isolation and customize your project’s network policy.