Summary
Visualize network policies showing which pods can communicate and highlighting isolated pods.
Motivation
Network policies are notoriously hard to understand. No K8s TUI shows network connectivity visually. This would be unique and valuable for security-conscious teams.
Requirements
NetworkPolicy Watching
- Add
ResourceKind::NetworkPolicy to watchers
- Display:
Name | Namespace | Pod Selector | Policy Types | Age
Visualization (preview pane)
For a selected pod, show:
Network Policy: allow-web
Ingress:
✓ From: namespace=frontend, port 80/TCP
✓ From: 10.0.0.0/8, port 443/TCP
Egress:
✓ To: namespace=backend, port 5432/TCP
✗ To: 0.0.0.0/0 (blocked by default deny)
Isolated Pod Detection
- Highlight pods with no matching network policies
- Show warning: "No network policy — all traffic allowed (default)"
- Or: "Default deny active — no ingress/egress rules match"
Implementation
- Parse NetworkPolicy spec:
podSelector, ingress[], egress[]
- Match pods via label selectors
- Show as formatted text in preview pane
Acceptance Criteria
Summary
Visualize network policies showing which pods can communicate and highlighting isolated pods.
Motivation
Network policies are notoriously hard to understand. No K8s TUI shows network connectivity visually. This would be unique and valuable for security-conscious teams.
Requirements
NetworkPolicy Watching
ResourceKind::NetworkPolicyto watchersName | Namespace | Pod Selector | Policy Types | AgeVisualization (preview pane)
For a selected pod, show:
Isolated Pod Detection
Implementation
podSelector,ingress[],egress[]Acceptance Criteria