You can use a TrafficPolicy to control network access for agent applications in and ACS clusters. A TrafficPolicy provides multi-level network policies based on priority and supports various match conditions, such as CIDR, Service, and FQDN, to precisely manage the ingress and egress traffic of Pods.
How it works
TrafficPolicy and GlobalTrafficPolicy
and ACS clusters provide two types of network policy resources:
Type | Scope | Use case |
TrafficPolicy | Namespace-scoped. It applies to Pods with specific labels in a specified namespace. | Configure fine-grained network rules for a specific application. |
GlobalTrafficPolicy | Cluster-scoped. It applies to Pods with specified labels across the entire cluster. | Enforce a cluster-wide security baseline, such as denying access to the metadata service. |
Policy evaluation rules
TrafficPolicy rules are evaluated based on the following principles:
Sorted by priority: The priority ranges from 1 to 1000. A smaller value indicates a higher priority. Policies with higher priority are evaluated first.
Sequential matching: Rules within the same policy are evaluated sequentially from top to bottom as they are defined.
First match wins: The first rule that matches is applied, and the evaluation stops.
Deny by default: If a policy selects a Pod, traffic to and from that Pod is denied by default unless explicitly allowed.
The order of rules directly affects the matching result. You must place specific allow or deny rules before any fallback rule.
Supported match conditions
Direction | Match condition | Description |
Ingress |
| Matches traffic based on the source IP address range. |
| Matches traffic based on the source Service. | |
Egress |
| Matches traffic based on the destination IP address range. |
| Matches traffic based on the destination Service. | |
| Matches traffic based on the destination domain name. |
Ingress rules do not support FQDN matching.
Comparison with Kubernetes NetworkPolicy
TrafficPolicy and GlobalTrafficPolicy offer several advantages over the native Kubernetes NetworkPolicy:
Capability | Kubernetes NetworkPolicy | TrafficPolicy and GlobalTrafficPolicy |
Priority control | Not supported | Supports priority levels from 1 to 1000. |
Explicit deny | Not supported | Supported |
FQDN matching | Not supported | Supported |
Supported cluster scale | Up to 20,000 Pods per cluster | Up to 50,000 Pods per cluster |
Rapid agent scaling | High management complexity | Optimized for rapid scaling |
Prerequisites
The cluster version is 1.20 or later.
The Poseidon component (v0.7.0 or later) is installed, and the TrafficPolicy feature is enabled.
Poseidon v0.7.0 is currently in phased release.
Configuration examples
Quick start
The following example shows how to configure a basic network policy for an agent application to allow access to the DNS Service and the public network.
Step 1: Enable TrafficPolicy for agent Pod
Save the following example as agent-pod.yaml and run the kubectl apply -f agent-pod.yaml command to deploy the sample Pod.
The Pod requires the spec.tolerations configuration to be scheduled to an ACS virtual node.network.alibabacloud.com/enable-network-policy-agent: "true": Enables the network policy agent.network.alibabacloud.com/network-policy-mode: "traffic-policy": Specifies that the TrafficPolicy mode is used.
apiVersion: v1
kind: Pod
metadata:
name: agent-pod
annotations:
network.alibabacloud.com/enable-network-policy-agent: "true"
network.alibabacloud.com/network-policy-mode: "traffic-policy"
labels:
app: agent
alibabacloud.com/acs: "true"
spec:
tolerations:
- key: "virtual-kubelet.io/provider"
operator: "Equal"
value: "alibabacloud"
effect: "NoSchedule"
containers:
- name: agent
image: registry.aliyuncs.com/acs/ubuntu:latest
command: ["sleep", "infinity"]Step 2: Create a TrafficPolicy
Create a YAML file named agent-basic-policy.yaml with the following content to allow the agent to access the DNS Service and the public network.
apiVersion: network.alibabacloud.com/v1alpha1
kind: TrafficPolicy
metadata:
name: agent-basic-policy
namespace: default
spec:
priority: 100
selector:
matchLabels:
app: agent
egress:
rules:
# Allow access to the DNS service.
- action: allow
to:
- service:
namespace: kube-system
name: kube-dns
# Allow access to the public network.
- action: allow
to:
- cidr: 0.0.0.0/0Step 3: Apply and verify policy
Apply the policy.
kubectl apply -f agent-basic-policy.yamlCheck the policy status.
kubectl get trafficpolicy -n defaultExpected output:
NAME PRIORITY AGE agent-basic-policy 100 10sVerify network connectivity.
# Enter the Pod. kubectl exec -it agent-pod -n default -- /bin/bash # Install network tools. apt-get update && apt-get install -y curl dnsutils # Test access to the public network (should succeed). curl -I https://www.aliyun.com # Test DNS resolution (should succeed). nslookup www.aliyun.com
Allow access to specified services and domains
The following policy allows an agent to access the DNS Service, a specified domain, and a specified CIDR block, while denying access to the cloud metadata service and all other destinations.
Replace rds-xxx.aliyuncs.com with the actual domain name of your RDS instance.apiVersion: network.alibabacloud.com/v1alpha1
kind: TrafficPolicy
metadata:
name: agent-egress-policy
namespace: default
spec:
priority: 100
selector:
matchLabels:
app: agent
egress:
rules:
# Deny access to the cloud metadata service.
- action: deny
to:
- cidr: 100.100.100.200/32
# Allow access to a specified CIDR block.
- action: allow
to:
- cidr: 100.96.0.0/10
# Allow access to a specified domain name.
- action: allow
to:
- fqdn: rds-xxx.aliyuncs.com
# Allow access to the DNS service.
- action: allow
to:
- service:
namespace: kube-system
name: kube-dns
# Fallback rule: Deny access to all other destinations.
- action: deny
to:
- cidr: 0.0.0.0/0Deny access to private networks
This policy explicitly denies access to private network CIDR blocks while allowing access to the public network.
apiVersion: network.alibabacloud.com/v1alpha1
kind: TrafficPolicy
metadata:
name: agent-internet-only-policy
namespace: default
spec:
priority: 100
selector:
matchLabels:
app: agent
egress:
rules:
# Allow DNS access.
- action: allow
to:
- service:
namespace: kube-system
name: kube-dns
# Deny access to private networks.
- action: deny
to:
- cidr: 10.0.0.0/8
- action: deny
to:
- cidr: 172.16.0.0/12
- action: deny
to:
- cidr: 192.168.0.0/16
# Allow access to the public network.
- action: allow
to:
- cidr: 0.0.0.0/0Allow access from a specified service
This policy allows only the Gateway Service to access an agent Pod.
apiVersion: network.alibabacloud.com/v1alpha1
kind: TrafficPolicy
metadata:
name: agent-ingress-policy
namespace: default
spec:
priority: 100
selector:
matchLabels:
app: agent
ingress:
rules:
# Allow access from the Gateway service.
- action: allow
from:
- service:
name: sandbox-gateway
namespace: sandbox-system
# Fallback rule: Deny all other sources.
- action: deny
from:
- cidr: 0.0.0.0/0Cluster-wide access control
The following global policy denies a specific CIDR block from accessing Pods in the cluster, while allowing all other traffic.
apiVersion: network.alibabacloud.com/v1alpha1
kind: GlobalTrafficPolicy
metadata:
name: global-security-baseline
spec:
priority: 1000 # Low priority, used as a fallback policy.
selector: {} # Applies to all matching Pods in the cluster.
ingress:
rules:
# Deny access from the Sandbox CIDR block.
- action: deny
from:
- cidr: 10.8.0.0/16
# Allow all other sources.
- action: allow
from:
- cidr: 0.0.0.0/0
egress:
rules:
- action: allow
to:
- cidr: 0.0.0.0/0Setting theselectorin a GlobalTrafficPolicy to an empty{}applies it to all matching Pods across the entire cluster.
Combine multi-level security policies
You can combine multiple TrafficPolicy objects to implement layered control using different priority levels. The following table provides a recommended priority scheme and configuration examples.
Priority range | Purpose | Example scenario |
1–49 (High Priority) | Infrastructure services | DNS, monitoring, log collection |
50–499 (Medium Priority) | Business services | Databases, caches, message queues |
500–1000 (Low Priority) | Fallback policies | Global security baselines, public network access control |
Infrastructure services
apiVersion: network.alibabacloud.com/v1alpha1
kind: TrafficPolicy
metadata:
name: infra-policy
namespace: default
spec:
priority: 10
selector:
matchLabels:
app: agent
egress:
rules:
- action: allow
to:
- service:
namespace: kube-system
name: kube-dns
- action: allow
to:
- service:
namespace: monitoring
name: prometheusBusiness services
apiVersion: network.alibabacloud.com/v1alpha1
kind: TrafficPolicy
metadata:
name: business-policy
namespace: default
spec:
priority: 100
selector:
matchLabels:
app: agent
egress:
rules:
- action: allow
to:
- service:
namespace: default
name: redis
- action: allow
to:
- service:
namespace: default
name: mysqlPublic network access
apiVersion: network.alibabacloud.com/v1alpha1
kind: TrafficPolicy
metadata:
name: internet-policy
namespace: default
spec:
priority: 500
selector:
matchLabels:
app: agent
egress:
rules:
- action: allow
to:
- cidr: 0.0.0.0/0Complete network policy for OpenClaw
The following example shows a complete network isolation policy for the OpenClaw application, which includes both ingress and egress rules.
apiVersion: network.alibabacloud.com/v1alpha1
kind: TrafficPolicy
metadata:
name: openclaw-policy
namespace: default
spec:
priority: 100
selector:
matchLabels:
app: openclaw
ingress:
rules:
# Allow access from Sandbox Gateway and Sandbox Manager.
- action: allow
from:
- service:
name: sandbox-gateway
namespace: sandbox-system
- service:
name: sandbox-manager
namespace: sandbox-system
# Deny all other sources.
- action: deny
from:
- cidr: 0.0.0.0/0
egress:
rules:
# Deny access to the cloud metadata service.
- action: deny
to:
- cidr: 100.100.100.200/32
# Allow access to the DNS service.
- action: allow
to:
- service:
namespace: kube-system
name: kube-dns
# Allow access to the LLM proxy service.
- action: allow
to:
- service:
namespace: llm-proxy
name: llm-proxy
# Deny access to private networks.
- action: deny
to:
- cidr: 10.0.0.0/8
- action: deny
to:
- cidr: 172.16.0.0/12
- action: deny
to:
- cidr: 192.168.0.0/16
# Allow access to the public network.
- action: allow
to:
- cidr: 0.0.0.0/0Best practices
Principle of least privilege
Grant only the necessary network permissions to Pods. Explicitly list the services and addresses that are allowed, and deny all other traffic by default.
egress:
rules:
# Explicitly allow required services.
- action: allow
to:
- service:
namespace: kube-system
name: kube-dns
- action: allow
to:
- fqdn: api.aliyun.com
# Deny access to private networks.
- action: deny
to:
- cidr: 10.0.0.0/8
# Allow public network access as needed.
- action: allow
to:
- cidr: 0.0.0.0/0Design precise label selectors
Use multi-dimensional labels to precisely target Pods and prevent policies from unintentionally affecting other workloads.
# Recommended: Multi-dimensional labels
selector:
matchLabels:
app: agent
environment: production
team: ai-platform
# Avoid: Overly broad labels
selector:
matchLabels:
app: agentLabel design recommendations:
app: Identifies the application type.environment: Distinguishes between environments (for example, production, staging, and development).team: Identifies the owner team.
Combine TrafficPolicy with GlobalTrafficPolicy
Use a GlobalTrafficPolicy as a cluster-wide security baseline and use a TrafficPolicy for fine-grained, application-level control.
Policy layer | Type | Priority | Responsibility |
Application layer | TrafficPolicy | 50–200 | Fine-grained network rules for specific applications |
Global layer | GlobalTrafficPolicy | 1000 | Cluster security baseline (for example, denying the Sandbox CIDR block) |
Regularly audit policies
Regularly audit your policies:
Check whether TrafficPolicy objects meet the latest security requirements.
Review logs of denied connections to identify potential issues.
Clean up policies that are no longer in use.
Adjust policies based on business changes.
Verify that priority settings are reasonable.
Example audit script:
#!/bin/bash
echo "=== All TrafficPolicies ==="
kubectl get trafficpolicy --all-namespaces -o wide
echo -e "\n=== All GlobalTrafficPolicies ==="
kubectl get globaltrafficpolicy -o wide
echo -e "\n=== Agent Pod List ==="
kubectl get pods -l app=agent --all-namespacesManage policies with version control
Store your TrafficPolicy configurations in a Git repository and organize them into directories by purpose.
traffic-policies/
├── base/ # Base policies
│ ├── global-security-baseline.yaml
│ └── dns-access.yaml
├── applications/ # Application policies
│ ├── openclaw-policy.yaml
│ └── agent-policy.yaml
└── environments/ # Environment-specific differences
├── production/
│ └── overrides.yaml
└── staging/
└── overrides.yamlFAQ
Policy does not take effect
Symptom: A TrafficPolicy is created, but network access is not restricted as expected.
Troubleshooting steps:
Check the Poseidon component status. Confirm that it is installed, the version is v0.7.0 or later, and the TrafficPolicy feature is enabled.
Check the Pod annotations. Confirm that the Pod is configured with the required annotations.
Check the Pod labels. Confirm that the Pod labels exactly match the
selector.matchLabelsof the policy.kubectl get pod <pod-name> --show-labelsCheck the rule order. Confirm that specific rules are placed before any fallback rule.
kubectl get trafficpolicy <policy-name> -o yaml
Policy conflicts
Symptom: Multiple policies apply to the same Pod, and the network behavior is not as expected.
Troubleshooting steps:
List all policies and their priorities:
kubectl get trafficpolicy,globaltrafficpolicy -A -o wideCheck whether policies with the same priority apply to the same Pod.
Adjust the priority value. Use a smaller value for a higher priority.
A strategy to merge conflicts and avoid duplicate definitions.
Network connection timeout
Symptom: A Pod cannot access an expected address or service.
Troubleshooting steps:
Check if the policy is missing necessary allow rules, such as for the DNS service.
Check if the fallback rule is too strict and blocks necessary network access.
Add the necessary allow rule to the policy:
egress: rules: - action: allow to: - service: namespace: <namespace> name: <service-name>Ensure that the allow rule has a higher priority than the deny rule, or place the allow rule before the deny rule within the same policy.
Pod is inaccessible
Symptom: Other services cannot access the target Pod.
Troubleshooting steps:
Check that the Ingress rules allow the required source services.
Add an allow rule for the source service:
ingress: rules: - action: allow from: - service: name: <source-service> namespace: <source-namespace>
CRD reference
TrafficPolicy field descriptions
apiVersion: network.alibabacloud.com/v1alpha1
kind: TrafficPolicy
metadata:
name: <policy-name> # Policy name. Must be unique within the namespace.
namespace: <namespace> # Namespace where the policy is located.
spec:
priority: <1-1000> # Priority. A smaller value indicates a higher priority.
selector: # Pod selector.
matchLabels:
<label-key>: <label-value>
ingress: # Ingress rules (optional).
rules:
- action: allow|deny
from:
- cidr: <cidr>
- service:
name: <name>
namespace: <namespace>
egress: # Egress rules (optional).
rules:
- action: allow|deny
to:
- cidr: <cidr>
- service:
name: <name>
namespace: <namespace>
- fqdn: <domain>GlobalTrafficPolicy field descriptions
apiVersion: network.alibabacloud.com/v1alpha1
kind: GlobalTrafficPolicy
metadata:
name: <policy-name> # Policy name. Must be unique within the cluster.
spec:
priority: <1-1000> # Priority. A smaller value indicates a higher priority.
selector: # Pod selector. An empty {} selects all Pods in the cluster.
matchLabels: {}
ingress: # Ingress rules (optional).
rules:
- action: allow|deny
from:
- cidr: <cidr>
- service:
name: <name>
namespace: <namespace>
egress: # Egress rules (optional).
rules:
- action: allow|deny
to:
- cidr: <cidr>
- service:
name: <name>
namespace: <namespace>
- fqdn: <domain>Matching condition reference
Ingress rules
Field | Type | Description | Example |
| string | Source IP address range. |
|
| object | Source Service, including |
|
| string | Source namespace. |
|
Egress rules
Field | Type | Description | Example |
| string | Destination IP address range. |
|
| object | Destination Service, including |
|
| string | Destination domain name. |
|