Block egress traffic with Cilium network plugin

Introduction
I described a problem of testing software during unexpected loosing of connection or deny of external service, but in that post I told that there is no way to interrupt TCP connection by Kubernetes Network Policy. I was wrong, there is a way to do so. I just used another k8s network plugin where interruption of live TCP connection didn’t worked. But I found a solution and name for it — Cilium Network Policy
Cilium Network Policy
Cilium — is just another network policy for Kubernetes which should be installed first to be used which gives a possibility to achieve my target: block traffic to one pod and terminate exists TCP connections.
I created PoC project for test Cilium Network Policy which can be accessed at GitHub.
Network policy which blocks all traffic from a pod looks like:
1apiVersion: cilium.io/v2 2kind: CiliumNetworkPolicy 3metadata: 4 name: deny-server-egress 5 namespace: server 6spec: 7 endpointSelector: 8 matchLabels: 9 app: server 10 name: server 11 egress: 12 - {}
The same like a network policy from my previous post, but just changed "apiVersion" and "kind".
Pods logs after blocked traffic
Conclusions
As conclusion I want to say that during solving software problem I should try more to use already exists solutions rather than implement my own which I like too much. Modern search technologies, like ChatGPT or Google gives me a possibility to find another ways to achieve my target with sophisticated solution without recreated system architecture again.
Resources
đź“§ Stay Updated
Get weekly insights on backend development, architecture patterns, and startup building directly in your inbox.
Free • No spam • Unsubscribe anytime
Share this article
Related articles
Why LangGraph Overcomplicates AI Agents (And My Go Alternative)
Why LangGraph overcomplicates AI agent development and how a Go-based library provides type-safe, high-performance agent building without unnecessary graph abstractions. Learn the key differences and implementation approaches.
Pipeline of Agents Pattern: Building Maintainable AI Workflows with LangGraph
Learn how to build scalable AI agent systems using the Pipeline of Agents pattern. Discover why monolithic agents fail and how to architect modular, testable AI workflows with Python and LangGraph.
Got a Specific Challenge? 🤔
Describe your backend challenge below to get a preliminary fixed-fee package suggestion and estimated price.
Please note: The initial proposal is generated by AI. A final, detailed proposal will be provided after a discovery call.