Let's say something like this is in your pod logs.

"Post "https://www.example.com/api": context deadline exceeded (Client.Timeout exceeded while awaiting headers)"

This typically means the pod is unable to submit the request to the target URL (https://www.example.com/api in this example). Egress provides a way for an application deployed on OpenShift to access an external URL, such as http://www.example.com.

The oc get networkpolicies command can then be used to list the network policies that have been created in the project. If there is a network policy in the project, check to see if the network policy is denying egress traffic.

~]$ oc get networkpolicies
NAME                        POD-SELECTOR   AGE
allow-ingress-region-east   region=east    41s

The oc get egressnetworkpolicies command can then be used to list the egress network policies that have been created in the project.

~]$ oc get egressnetworkpolicy --namespace my_project
NAME             AGE
egress-traffic   630d

If there is an egress network policy in the project, check to see if the egress network policy is denying egress traffic. In this example, egress is allowed to https://www.example.com/api and then denied for all other traffic in the 10.0.0.0/8 network.

~]$ oc describe egressnetworkpolicy egress-traffic
Name:           egress-traffic
Namespace:      my_project
Created:        8 days ago
Labels:         <none>
Annotations:    <none>
Rule:           Allow to https://www.example.com/api
Rule:           Deny to 10.0.0.0/8