mirror of
https://github.com/puppetmaster/typhoon.git
synced 2024-12-29 13:39:35 +01:00
41a9d86bc3
* Allow traffic from Grafana to Prometheus in monitoring * Allow traffic from Prometheus to Prometheus in monitoring * NetworkPolicy denies non-whitelisted traffic. Define policy to allow other access
29 lines
632 B
YAML
29 lines
632 B
YAML
# Allow Grafana access and in-cluster Prometheus scraping
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: prometheus
|
|
namespace: monitoring
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
name: prometheus
|
|
ingress:
|
|
- ports:
|
|
- protocol: TCP
|
|
port: 9090
|
|
from:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
name: monitoring
|
|
podSelector:
|
|
matchLabels:
|
|
name: grafana
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
name: monitoring
|
|
podSelector:
|
|
matchLabels:
|
|
name: prometheus
|
|
|