- Pods get their own IP address.
- All containers within a POD can communicate with one another via localhost.
- A pod is scheduled onto a node in the cluster. Any node can reach the pod by using its pod IP address. Other pods in the cluster can also reach the pod using the pod's IP address. This is thanks to whatever Kubernetes networking plugin you choose.
- non-isolated: A pod that allows traffic from any source. This is the default behavior.
- Isolated: Once a pod is selected by a network policy it becomes isolated.
- The pods are selected using labels, which are the core grouping primitive in Kubernetes.