Policy for Kubernetes services

Apply policy to Kubernetes node ports, and to services that are exposed externally as cluster IPs.

Apply policy to Kubernetes node ports

Restrict access to Kubernetes node ports using Calico global network policy. Follow the steps to secure the host, the node ports, and the cluster.

Apply policy to services exposed externally as cluster IPs

Expose Kuberenetes service cluster IPs over BGP using Calico, and restrict who can access them using Calico network policy.