Add latest changes from gitlab-org/gitlab@master

1 files changed, 6 insertions, 3 deletions

diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index b078eb25b6a..77e35eee76d 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -744,9 +744,9 @@ workers:
 
 By default, all Kubernetes pods are
 [non-isolated](https://kubernetes.io/docs/concepts/services-networking/network-policies/#isolated-and-non-isolated-pods),
-and accept traffic from any source. You can use
+meaning that they will accept traffic to and from any source. You can use
 [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/)
-to restrict connections to selected pods or namespaces.
+to restrict connections to and from selected pods, namespaces, and the Internet.
 
 NOTE: **Note:**
 You must use a Kubernetes network plugin that implements support for
@@ -767,7 +767,7 @@ networkPolicy:
 The default policy deployed by the auto deploy pipeline will allow
 traffic within a local namespace and from the `gitlab-managed-apps`
 namespace. All other inbound connection will be blocked. Outbound
-traffic is not affected by the default policy.
+traffic (for example, to the Internet) is not affected by the default policy.
 
 You can also provide a custom [policy specification](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.16/#networkpolicyspec-v1-networking-k8s-io)
 via the `.gitlab/auto-deploy-values.yaml` file, for example:
@@ -788,6 +788,9 @@ networkPolicy:
             app.gitlab.com/managed_by: gitlab
 ```
 
+For more information on how to install Network Policies, see
+[Install Cilium using GitLab CI](../../user/clusters/applications.md#install-cilium-using-gitlab-ci).
+
 #### Web Application Firewall (ModSecurity) customization
 
 > [Introduced](https://gitlab.com/gitlab-org/charts/auto-deploy-app/-/merge_requests/44) in GitLab 12.8.