Home Explore Blog CI



kubernetes
1st chunk of `content/en/docs/tasks/administer-cluster/declare-network-policy.md`
f367a54bd5c1ce4a33320e254c325b4ecb3a2a994b77cc0c00000001000008b1
---
reviewers:
- caseydavenport
- danwinship
title: Declare Network Policy
min-kubernetes-server-version: v1.8
content_type: task
weight: 180
---
<!-- overview -->
This document helps you get started using the Kubernetes [NetworkPolicy API](/docs/concepts/services-networking/network-policies/) to declare network policies that govern how pods communicate with each other.

{{% thirdparty-content %}}

## {{% heading "prerequisites" %}}


{{< include "task-tutorial-prereqs.md" >}} {{< version-check >}}

Make sure you've configured a network provider with network policy support. There are a number of network providers that support NetworkPolicy, including:

* [Antrea](/docs/tasks/administer-cluster/network-policy-provider/antrea-network-policy/)
* [Calico](/docs/tasks/administer-cluster/network-policy-provider/calico-network-policy/)
* [Cilium](/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/)
* [Kube-router](/docs/tasks/administer-cluster/network-policy-provider/kube-router-network-policy/)
* [Romana](/docs/tasks/administer-cluster/network-policy-provider/romana-network-policy/)
* [Weave Net](/docs/tasks/administer-cluster/network-policy-provider/weave-network-policy/)

<!-- steps -->

## Create an `nginx` deployment and expose it via a service

To see how Kubernetes network policy works, start off by creating an `nginx` Deployment.

```console
kubectl create deployment nginx --image=nginx
```
```none
deployment.apps/nginx created
```

Expose the Deployment through a Service called `nginx`.

```console
kubectl expose deployment nginx --port=80
```

```none
service/nginx exposed
```

The above commands create a Deployment with an nginx Pod and expose the Deployment through a Service named `nginx`. The `nginx` Pod and Deployment are found in the `default` namespace.

```console
kubectl get svc,pod
```

```none
NAME                        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE
service/kubernetes          10.100.0.1    <none>        443/TCP    46m
service/nginx               10.100.0.16   <none>        80/TCP     33s

NAME                        READY         STATUS        RESTARTS   AGE
pod/nginx-701339712-e0qfq   1/1           Running       0          35s
```
Title: Declare Network Policy in Kubernetes
Summary
This document guides you through using Kubernetes NetworkPolicy API to control pod-to-pod communication. It begins by outlining the prerequisites, including having a network provider with NetworkPolicy support. It then walks through creating an nginx deployment and exposing it via a service to demonstrate how network policies work.