我部署了示例睡眠应用程序。
kubectl apply -f samples/sleep/sleep.yaml
kubectl get pods
NAME READY STATUS RESTARTS AGE
httpbin-c868cf575-5tx5g 2/2 Running 0 2m56s
sleep-754684654f-k5ldh 2/2 Running 0 107s
kubectl get ServiceEntry --all-namespaces
No resources found.
我已经可以执行并卷曲外部站点了。
kubectl exec -it sleep-754684654f-k5ldh sh
/ # curl jsonplaceholder.typicode.com/users
[
{
"id": 1,
"name": "Leanne Graham",
"username": "Bret",
"email": "Sincere@april.biz",
"address": {
"street": "Kulas Light",
"suite": "Apt. 556",
"city": "Gwenborough",
"zipcode": "92998-3874",
"geo": {
"lat": "-37.3159",
"lng": "81.1496"
}
},
"phone": "1-770-736-8031 x56442",
"website": "hildegard.org",
"company": {
"name": "Romaguera-Crona",
"catchPhrase": "Multi-layered client-server neural-net",
"bs": "harness real-time e-markets"
}
},
...
]/ #
我希望默认情况下无法执行此操作,并且阻止外部流量需要ServiceEntry允许,但我已经可以发出外部请求。我错过了一步吗?