network traffic plugin changes and getting started with network isolation

SuyogShinde942 · SuyogShinde942 · commit c2da180bc5fc · 2025-03-01T10:21:26.000-06:00
diff --git a/examples/getting-started.md b/examples/getting-started.md
@@ -179,12 +179,31 @@ In some scenarios, you might want to enable controlled communication between ins
 kubectl allow network traffic hs1 hs2 -k provider.conf
 ```
 
+```sh 
+# Test connectivity from hs1 to hs2 using the IP
+kubectl exec -it $HELLOWORLD_POD_HS1 -n hs1 --kubeconfig=provider.conf -- curl $HS2_POD_IP:5000
+
+# Test connectivity from hs2 to hs1 using the IP 
+kubectl exec -it $HELLOWORLD_POD_HS2 -n hs2 --kubeconfig=provider.conf -- curl $HS1_POD_IP:5000
+```
+
+The connection should be allowed
+
+
 To deny the traffic between namespace 
 
 ```sh
 kubectl deny network traffic hs1 hs2 -k provider.conf
 ```
 
+```sh 
+# Test connectivity from hs1 to hs2 using the IP
+kubectl exec -it $HELLOWORLD_POD_HS1 -n hs1 --kubeconfig=provider.conf -- curl $HS2_POD_IP:5000
+
+# Test connectivity from hs2 to hs1 using the IP 
+kubectl exec -it $HELLOWORLD_POD_HS2 -n hs2 --kubeconfig=provider.conf -- curl $HS1_POD_IP:5000
+```
+
 You should see that each policy’s ingress section now includes a rule that uses a namespaceSelector matching the other namespace (using the label `kubernetes.io/metadata.name`).
 
 ## Clean Up
diff --git a/plugins/kubectl-kubeplus-commands b/plugins/kubectl-kubeplus-commands
@@ -20,11 +20,11 @@ print_help () {
     echo "        kubectl license create"
     echo "        kubectl license get"
     echo "        kubectl license delete"
-    echo "        kubectl allow network <ns1> <ns2> [-k <kubeconfig>]"
+    echo "        kubectl allow network traffic <ns1> <ns2> [-k <kubeconfig>]"
     echo "              Allows bidirectional network traffic between the two namespaces"
     echo "              by adding ingress rules for the 'restrict-cross-ns-traffic' NetworkPolicy"
     echo "              in both namespaces."
-    echo "        kubectl deny network <ns1> <ns2> [-k <kubeconfig>]"
+    echo "        kubectl deny network traffic <ns1> <ns2> [-k <kubeconfig>]"
     echo "              Denies bidirectional network traffic between the two namespaces"
     echo "              by removing the specific ingress rules that allow cross-namespace traffic"
     echo "              from the 'restrict-cross-ns-traffic' NetworkPolicy."
diff --git a/plugins/network_traffic.py b/plugins/network_traffic.py
@@ -157,14 +157,6 @@ def do_deny(ns1, ns2, kubeconfig):
         sys.exit(1)
 
 def main():
-    # If the first argument is not 'allow' or 'deny', infer it from the executable name.
-    valid_commands = {"allow", "deny"}
-    if len(sys.argv) > 1 and sys.argv[1] not in valid_commands:
-        prog = os.path.basename(sys.argv[0]).lower()
-        if "deny" in prog:
-            sys.argv.insert(1, "deny")
-        elif "allow" in prog:
-            sys.argv.insert(1, "allow")
 
     parser = argparse.ArgumentParser(
         description="Manage bidirectional NetworkPolicy rules for cross-namespace traffic."
