0
# Networking
1
2
Network management capabilities including ingress controllers, network policies, and service networking. Provides control over network traffic flow, ingress routing, and network security policies within Kubernetes clusters.
3
4
## Capabilities
5
6
### Ingress Management
7
8
Manage HTTP/HTTPS ingress routing and load balancing for services, including ingress controllers and routing rules.
9
10
```python { .api }
11
class NetworkingV1Api:
12
def create_namespaced_ingress(
13
self,
14
namespace: str,
15
body: V1Ingress,
16
dry_run: str = None,
17
field_manager: str = None,
18
pretty: str = None
19
) -> V1Ingress:
20
"""Create an ingress resource for HTTP/HTTPS routing."""
21
22
def list_namespaced_ingress(
23
self,
24
namespace: str,
25
pretty: str = None,
26
field_selector: str = None,
27
label_selector: str = None,
28
limit: int = None,
29
timeout_seconds: int = None,
30
watch: bool = None
31
) -> V1IngressList:
32
"""List ingress resources in specified namespace."""
33
34
def read_namespaced_ingress(
35
self,
36
name: str,
37
namespace: str,
38
pretty: str = None
39
) -> V1Ingress:
40
"""Read specified ingress resource."""
41
42
def patch_namespaced_ingress(
43
self,
44
name: str,
45
namespace: str,
46
body: object,
47
dry_run: str = None,
48
field_manager: str = None,
49
pretty: str = None
50
) -> V1Ingress:
51
"""Update specified ingress resource."""
52
53
def delete_namespaced_ingress(
54
self,
55
name: str,
56
namespace: str,
57
dry_run: str = None,
58
grace_period_seconds: int = None,
59
orphan_dependents: bool = None,
60
propagation_policy: str = None,
61
pretty: str = None
62
) -> V1Status:
63
"""Delete specified ingress resource."""
64
```
65
66
### Ingress Classes
67
68
Manage ingress controller configurations and ingress class definitions.
69
70
```python { .api }
71
class NetworkingV1Api:
72
def create_ingress_class(
73
self,
74
body: V1IngressClass,
75
dry_run: str = None,
76
field_manager: str = None,
77
pretty: str = None
78
) -> V1IngressClass:
79
"""Create an ingress class."""
80
81
def list_ingress_class(
82
self,
83
pretty: str = None,
84
field_selector: str = None,
85
label_selector: str = None,
86
limit: int = None,
87
timeout_seconds: int = None,
88
watch: bool = None
89
) -> V1IngressClassList:
90
"""List ingress classes."""
91
92
def read_ingress_class(
93
self,
94
name: str,
95
pretty: str = None
96
) -> V1IngressClass:
97
"""Read specified ingress class."""
98
99
def delete_ingress_class(
100
self,
101
name: str,
102
dry_run: str = None,
103
grace_period_seconds: int = None,
104
pretty: str = None
105
) -> V1Status:
106
"""Delete specified ingress class."""
107
```
108
109
### Network Policies
110
111
Define network security policies controlling traffic flow between pods and external networks.
112
113
```python { .api }
114
class NetworkingV1Api:
115
def create_namespaced_network_policy(
116
self,
117
namespace: str,
118
body: V1NetworkPolicy,
119
dry_run: str = None,
120
field_manager: str = None,
121
pretty: str = None
122
) -> V1NetworkPolicy:
123
"""Create a network policy for traffic control."""
124
125
def list_namespaced_network_policy(
126
self,
127
namespace: str,
128
pretty: str = None,
129
field_selector: str = None,
130
label_selector: str = None,
131
limit: int = None,
132
timeout_seconds: int = None,
133
watch: bool = None
134
) -> V1NetworkPolicyList:
135
"""List network policies in specified namespace."""
136
137
def read_namespaced_network_policy(
138
self,
139
name: str,
140
namespace: str,
141
pretty: str = None
142
) -> V1NetworkPolicy:
143
"""Read specified network policy."""
144
145
def patch_namespaced_network_policy(
146
self,
147
name: str,
148
namespace: str,
149
body: object,
150
dry_run: str = None,
151
field_manager: str = None,
152
pretty: str = None
153
) -> V1NetworkPolicy:
154
"""Update specified network policy."""
155
156
def delete_namespaced_network_policy(
157
self,
158
name: str,
159
namespace: str,
160
dry_run: str = None,
161
grace_period_seconds: int = None,
162
pretty: str = None
163
) -> V1Status:
164
"""Delete specified network policy."""
165
```
166
167
### Service CIDR Management
168
169
Manage IP address ranges for cluster services and networking configuration.
170
171
```python { .api }
172
class NetworkingV1Api:
173
def create_service_cidr(
174
self,
175
body: V1ServiceCIDR,
176
dry_run: str = None,
177
field_manager: str = None,
178
pretty: str = None
179
) -> V1ServiceCIDR:
180
"""Create a service CIDR range."""
181
182
def list_service_cidr(
183
self,
184
pretty: str = None,
185
field_selector: str = None,
186
label_selector: str = None,
187
limit: int = None,
188
timeout_seconds: int = None,
189
watch: bool = None
190
) -> V1ServiceCIDRList:
191
"""List service CIDR ranges."""
192
193
def create_ip_address(
194
self,
195
body: V1IPAddress,
196
dry_run: str = None,
197
field_manager: str = None,
198
pretty: str = None
199
) -> V1IPAddress:
200
"""Create an IP address resource."""
201
202
def list_ip_address(
203
self,
204
pretty: str = None,
205
field_selector: str = None,
206
label_selector: str = None,
207
limit: int = None,
208
timeout_seconds: int = None,
209
watch: bool = None
210
) -> V1IPAddressList:
211
"""List IP address resources."""
212
```
213
214
## Resource Types
215
216
### V1Ingress
217
```python { .api }
218
class V1Ingress:
219
api_version: str
220
kind: str
221
metadata: V1ObjectMeta
222
spec: V1IngressSpec
223
status: V1IngressStatus
224
225
class V1IngressSpec:
226
default_backend: V1IngressBackend
227
ingress_class_name: str
228
rules: list[V1IngressRule]
229
tls: list[V1IngressTLS]
230
```
231
232
### V1NetworkPolicy
233
```python { .api }
234
class V1NetworkPolicy:
235
api_version: str
236
kind: str
237
metadata: V1ObjectMeta
238
spec: V1NetworkPolicySpec
239
240
class V1NetworkPolicySpec:
241
egress: list[V1NetworkPolicyEgressRule]
242
ingress: list[V1NetworkPolicyIngressRule]
243
pod_selector: V1LabelSelector
244
policy_types: list[str]
245
```
246
247
### V1IngressClass
248
```python { .api }
249
class V1IngressClass:
250
api_version: str
251
kind: str
252
metadata: V1ObjectMeta
253
spec: V1IngressClassSpec
254
255
class V1IngressClassSpec:
256
controller: str
257
parameters: V1IngressClassParametersReference
258
```
259
260
## Usage Examples
261
262
### Creating an Ingress Resource
263
264
```python
265
from kubernetes import client, config
266
267
# Load configuration
268
config.load_kube_config()
269
270
# Create networking API client
271
networking_v1 = client.NetworkingV1Api()
272
273
# Define ingress specification
274
ingress_spec = client.V1IngressSpec(
275
rules=[
276
client.V1IngressRule(
277
host="example.com",
278
http=client.V1HTTPIngressRuleValue(
279
paths=[
280
client.V1HTTPIngressPath(
281
path="/",
282
path_type="Prefix",
283
backend=client.V1IngressBackend(
284
service=client.V1IngressServiceBackend(
285
name="web-service",
286
port=client.V1ServiceBackendPort(number=80)
287
)
288
)
289
)
290
]
291
)
292
)
293
]
294
)
295
296
# Create ingress resource
297
ingress = client.V1Ingress(
298
api_version="networking.k8s.io/v1",
299
kind="Ingress",
300
metadata=client.V1ObjectMeta(name="web-ingress"),
301
spec=ingress_spec
302
)
303
304
# Apply to cluster
305
result = networking_v1.create_namespaced_ingress(
306
namespace="default",
307
body=ingress
308
)
309
print(f"Ingress created: {result.metadata.name}")
310
```
311
312
### Creating a Network Policy
313
314
```python
315
# Define network policy to allow traffic only from specific pods
316
network_policy_spec = client.V1NetworkPolicySpec(
317
pod_selector=client.V1LabelSelector(
318
match_labels={"app": "web"}
319
),
320
policy_types=["Ingress"],
321
ingress=[
322
client.V1NetworkPolicyIngressRule(
323
_from=[
324
client.V1NetworkPolicyPeer(
325
pod_selector=client.V1LabelSelector(
326
match_labels={"app": "frontend"}
327
)
328
)
329
],
330
ports=[
331
client.V1NetworkPolicyPort(
332
port=80,
333
protocol="TCP"
334
)
335
]
336
)
337
]
338
)
339
340
# Create network policy
341
network_policy = client.V1NetworkPolicy(
342
api_version="networking.k8s.io/v1",
343
kind="NetworkPolicy",
344
metadata=client.V1ObjectMeta(name="web-netpol"),
345
spec=network_policy_spec
346
)
347
348
# Apply to cluster
349
result = networking_v1.create_namespaced_network_policy(
350
namespace="default",
351
body=network_policy
352
)
353
print(f"Network policy created: {result.metadata.name}")
354
```
355
356
### Managing Ingress Classes
357
358
```python
359
# Create an ingress class for nginx controller
360
ingress_class_spec = client.V1IngressClassSpec(
361
controller="k8s.io/ingress-nginx"
362
)
363
364
ingress_class = client.V1IngressClass(
365
api_version="networking.k8s.io/v1",
366
kind="IngressClass",
367
metadata=client.V1ObjectMeta(
368
name="nginx",
369
annotations={
370
"ingressclass.kubernetes.io/is-default-class": "true"
371
}
372
),
373
spec=ingress_class_spec
374
)
375
376
# Create ingress class
377
result = networking_v1.create_ingress_class(body=ingress_class)
378
print(f"Ingress class created: {result.metadata.name}")
379
380
# List all ingress classes
381
ingress_classes = networking_v1.list_ingress_class()
382
for ic in ingress_classes.items:
383
print(f"Ingress class: {ic.metadata.name}, controller: {ic.spec.controller}")
384
```
385
386
## Import Statements
387
388
```python
389
from kubernetes import client
390
from kubernetes.client import NetworkingV1Api
391
from kubernetes.client import V1Ingress, V1IngressSpec, V1IngressRule
392
from kubernetes.client import V1NetworkPolicy, V1NetworkPolicySpec
393
from kubernetes.client import V1IngressClass, V1IngressClassSpec
394
```