Skip to content

doc: walkthrough on Sandbox NodeLocal DNS with NetworkPolicy#823

Merged
k8s-ci-robot merged 1 commit into
kubernetes-sigs:mainfrom
vicentefb:networkExample
May 26, 2026
Merged

doc: walkthrough on Sandbox NodeLocal DNS with NetworkPolicy#823
k8s-ci-robot merged 1 commit into
kubernetes-sigs:mainfrom
vicentefb:networkExample

Conversation

@vicentefb

Copy link
Copy Markdown
Member

What this PR does / why we need it:

This document addition provides concrete, reproducible GKE cluster manifests and commands to demonstrate how GKE NodeLocal DNSCache (169.254.20.10) operates under GKE Sandbox (gVisor) security isolation:

  1. The gVisor eBPF Socket Bypass gotcha: On standard GKE pods (without gVisor), DNS queries targeting 169.254.20.10 are intercepted and redirected in-memory by host-level eBPF socket hooks (cgroup/connect), completely bypassing the virtual network interface (eth0) and any egress NetworkPolicy rules.
  2. Egress Policy Dependency: Because gVisor isolates all socket operations inside its virtualized user-space netstack (gonet), host-level socket hooks are bypassed. The query is forced out as a standard L3 packet over eth0, making it strictly subject to your egress rules.
  3. Reproducible Scenarios: Includes step-by-step configurations illustrating how strict default egress blocks (which include link-local 169.254.0.0/16 ranges) drop DNS cache traffic, and how explicitly unblocking the link-local range natively enables instant ~10ms DNS resolution without hostAliases or custom external servers.

Which issue(s) this PR is related to:

Release Note

@k8s-ci-robot k8s-ci-robot requested review from janetkuo and justinsb May 19, 2026 21:21
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels May 19, 2026
@netlify

netlify Bot commented May 19, 2026

Copy link
Copy Markdown

Deploy Preview for agent-sandbox failed. Why did it fail? →

Name Link
🔨 Latest commit 421cf09
🔍 Latest deploy log https://app.netlify.com/projects/agent-sandbox/deploys/6a0cd476003f2e0008142c57
@netlify

netlify Bot commented May 19, 2026

Copy link
Copy Markdown

Deploy Preview for agent-sandbox canceled.

Name Link
🔨 Latest commit 7fd2aa1
🔍 Latest deploy log https://app.netlify.com/projects/agent-sandbox/deploys/6a0f61a8e0feca00087ae63f

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new example walkthrough documenting how GKE NodeLocal DNSCache (169.254.20.10) behaves for gVisor (runtimeClassName: gvisor) sandboxes under Agent Sandbox “Secure by Default” NetworkPolicy management, including reproducible manifests and verification commands.

Changes:

  • Introduces a step-by-step PoC with three scenarios (default blocked, kube-dns VIP blocked, link-local unblocked success).
  • Documents the underlying reason (gVisor netstack bypassing host-level eBPF socket redirection) and why egress rules matter for link-local DNS.
Comment thread examples/policy/network-policy-management/dns_poc_walkthrough.md
Comment thread examples/policy/network-policy-management/dns_poc_walkthrough.md Outdated
Comment thread examples/policy/network-policy-management/dns_poc_walkthrough.md Outdated

@aditya-shantanu aditya-shantanu left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 26, 2026
@k8s-ci-robot

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aditya-shantanu, vicentefb

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot merged commit c10a06b into kubernetes-sigs:main May 26, 2026
6 checks passed
@github-project-automation github-project-automation Bot moved this from Backlog to Done in Agent Sandbox May 26, 2026
khirotaka pushed a commit to khirotaka/agent-sandbox that referenced this pull request Jun 12, 2026
alexatakvelon pushed a commit to volatilemolotov/agent-sandbox that referenced this pull request Jun 24, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. ready-for-review size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

5 participants