To solve the network policy question in this lab, more policy rules were required for me to allow connectivity due to the default deny policy than in the solution file. The below policy got things working for me on minikube with the calico cni.
Thanks for putting the labs together. They were very helpful.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: web-app
spec:
podSelector:
matchLabels:
app: web-app
policyTypes:
- Egress
- Ingress
ingress:
- ports:
- port: 3000
egress:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
ports:
- protocol: UDP
port: 53
- to:
- podSelector:
matchLabels:
app: mysql-db
ports:
- protocol: TCP
port: 3306
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: mysql
spec:
podSelector:
matchLabels:
app: mysql-db
policyTypes:
- Ingress
ingress:
- from:
- podSelector:
matchLabels:
app: web-app
ports:
- protocol: TCP
port: 3306