network-policy
CommunityUnblock traffic with Cilium policy fixes
Authordavid-driscoll
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill resolves blocked or unexpected Kubernetes network traffic by helping you choose the correct Cilium network policy profile, add the required access labels, and debug drops with Hubble so you can restore connectivity safely.
Core Features & Use Cases
- Profile selection & namespace labeling: Maps application traffic patterns to the correct
network-policy.homelab/profilevalue and documents how to set it declaratively inkubernetes/platform/namespaces.yaml. - Hubble-first debugging of dropped flows: Provides a structured investigation workflow for DROPPED verdicts, including flow details, common egress/ingress checks (DNS/DB/internet/gateway/Prometheus), and policy visibility commands.
- Emergency escape hatch with safety guardrails: Guides temporary namespace enforcement disabling via labels, explains the specific alerts that will fire, verifies traffic while investigating, and restores enforcement by removing the escape-hatch label.
- Platform CNP creation guidance: Documents what platform namespace CNPs must include and where they must be added in the repository structure.
Quick Start
Ask: "In namespace my-app, traffic to database is being blocked—what Hubble command should I run and which namespace access label and profile should I set to fix it?"
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
đź’» Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: network-policy Download link: https://github.com/david-driscoll/stargate-command-cluster/archive/main.zip#network-policy Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.