secure Docker image build project using Calico and Terraform
This project demonstrates how to implement Kubernetes network policies using Calico and Terraform. It includes:
- A Kubernetes cluster provisioned via Terraform
- Calico as the CNI plugin
- Network policies for:
- Denying all traffic by default
- Allowing frontend-to-backend communication
- Isolating namespaces
- Terraform
- kubectl
- AWS CLI (for EKS)
- An AWS account
- Provision the Kubernetes Cluster
terraform init terraform apply
- Set Up Calico
./scripts/setup-calico.sh
- Deploy Applications
kubectl apply -f k8s/deployments/frontend.yaml kubectl apply -f k8s/deployments/backend.yaml
- Apply Network Policies
kubectl apply -f k8s/network-policies/
Features
Deny all traffic by default. Enable frontend-to-backend communication. Isolate namespaces for enhanced security.
Cleanup
To destroy resources:
terraform destroy