typhoon/addons/prometheus/network-policy.yaml
Dalton Hubble 41a9d86bc3 Add NetworkPolicy to limit traffic into Prometheus
* Allow traffic from Grafana to Prometheus in monitoring
* Allow traffic from Prometheus to Prometheus in monitoring
* NetworkPolicy denies non-whitelisted traffic. Define policy
to allow other access
2019-03-23 21:38:34 -07:00

29 lines
632 B
YAML

# Allow Grafana access and in-cluster Prometheus scraping
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: prometheus
namespace: monitoring
spec:
podSelector:
matchLabels:
name: prometheus
ingress:
- ports:
- protocol: TCP
port: 9090
from:
- namespaceSelector:
matchLabels:
name: monitoring
podSelector:
matchLabels:
name: grafana
- namespaceSelector:
matchLabels:
name: monitoring
podSelector:
matchLabels:
name: prometheus