 99, 100. Oh hey there, my name is Fernando and I'm a technical marketing manager here at GitLab and today I'm going to go over container network security and how it can work for you. GitLab provides and manages Cilium, a network plugin for Kubernetes that can be used to implement support for network policy resources. A network policy is a specification of how a group of pods are allowed to communicate with each other and other network endpoints. Network policies make sure pods are secure and aren't communicating with any pods they shouldn't be communicating with. In this example, I'm going to show you how a network policy can only allow a pod with a certain label to be able to access another pod. There are many other ways to configure network policies. For more information on this see the links in the description. Let's create a network policy. Here's a network policy which only allows pods with the label access equals true to make requests to pods with the label app equals notes. I will apply this policy to the staging namespace where my application is hosted. By default if there is no network policy created then all incoming and outgoing traffic is allowed within that namespace. Now let's go ahead and test that network policy we just created. My application is exposed on the cluster internal IP using a service. Here I'm creating a pod in the same namespace without the label access equals true. Now let's send the request to our note service. We can see that it times out. Now I'm going to create a container within the namespace with the label access equals true. Now sending a request to our note service does not time out and comes back with a response. GitLab also provides threat monitoring. Here for the container network policy you can see all the packets which have been received and dropped. You can also go ahead and view as well as edit the network policies within a cluster. This makes it easy to sort your network policies by namespace. There are a few things you must do to install Cilium onto your cluster. First you must set up GitLab managed apps. This can be done by adding Cilium to the config.yaml. In the GitLab CI.yaml file you must add the managed cluster applications GitLab template. From your Kubernetes cluster settings you must add the project you are using as a cluster management project. Thanks for watching and be sure to subscribe. For more information on container network security see the links in the description. Here at GitLab everyone can contribute.