From 3ad08674b38a31ee75a564dda03fa659fc80c110 Mon Sep 17 00:00:00 2001
From: paulfantom <pawel@krupa.net.pl>
Date: Mon, 1 Nov 2021 10:45:47 +0100
Subject: [PATCH] manifests: regenerate
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: paulfantom <pawel@krupa.net.pl>
Signed-off-by: Paweł Krupa (paulfantom) <pawel@krupa.net.pl>
(cherry picked from commit d3ea3147a8fa643413fbcba368c0de88aec8f7eb)
(cherry picked from commit d24c347b2742d9474c8f441f2831262c63b8c79b)
---
.../components/blackbox-exporter.libsonnet | 2 ++
.../components/kube-state-metrics.libsonnet | 2 ++
.../components/node-exporter.libsonnet | 2 ++
kustomization.yaml | 4 +++
manifests/blackboxExporter-networkPolicy.yaml | 31 +++++++++++++++++++
manifests/grafana-networkPolicy.yaml | 2 +-
manifests/kubeStateMetrics-networkPolicy.yaml | 2 +-
manifests/prometheus-networkPolicy.yaml | 2 +-
.../prometheusOperator-networkPolicy.yaml | 2 +-
9 files changed, 45 insertions(+), 4 deletions(-)
create mode 100644 manifests/blackboxExporter-networkPolicy.yaml
diff --git a/jsonnet/kube-prometheus/components/blackbox-exporter.libsonnet b/jsonnet/kube-prometheus/components/blackbox-exporter.libsonnet
index 1b3c7653..24deb175 100644
--- a/jsonnet/kube-prometheus/components/blackbox-exporter.libsonnet
+++ b/jsonnet/kube-prometheus/components/blackbox-exporter.libsonnet
@@ -258,6 +258,8 @@ function(params) {
podSelector: {
matchLabels: bb._config.selectorLabels,
},
+ policyTypes: ['Egress', 'Ingress'],
+ egress: [{}],
ingress: [{
from: [{
podSelector: {
diff --git a/jsonnet/kube-prometheus/components/kube-state-metrics.libsonnet b/jsonnet/kube-prometheus/components/kube-state-metrics.libsonnet
index 4d7fe2d3..5893588f 100644
--- a/jsonnet/kube-prometheus/components/kube-state-metrics.libsonnet
+++ b/jsonnet/kube-prometheus/components/kube-state-metrics.libsonnet
@@ -132,6 +132,8 @@ function(params) (import 'github.com/kubernetes/kube-state-metrics/jsonnet/kube-
podSelector: {
matchLabels: ksm._config.selectorLabels,
},
+ policyTypes: ['Egress', 'Ingress'],
+ egress: [{}],
ingress: [{
from: [{
podSelector: {
diff --git a/jsonnet/kube-prometheus/components/node-exporter.libsonnet b/jsonnet/kube-prometheus/components/node-exporter.libsonnet
index c4276b0b..8de79f18 100644
--- a/jsonnet/kube-prometheus/components/node-exporter.libsonnet
+++ b/jsonnet/kube-prometheus/components/node-exporter.libsonnet
@@ -168,6 +168,8 @@ function(params) {
podSelector: {
matchLabels: ne._config.selectorLabels,
},
+ policyTypes: ['Egress', 'Ingress'],
+ egress: [{}],
ingress: [{
from: [{
podSelector: {
diff --git a/kustomization.yaml b/kustomization.yaml
index c79bca6b..ffdf7b68 100644
--- a/kustomization.yaml
+++ b/kustomization.yaml
@@ -13,6 +13,7 @@ resources:
- ./manifests/blackboxExporter-clusterRoleBinding.yaml
- ./manifests/blackboxExporter-configuration.yaml
- ./manifests/blackboxExporter-deployment.yaml
+- ./manifests/blackboxExporter-networkPolicy.yaml
- ./manifests/blackboxExporter-service.yaml
- ./manifests/blackboxExporter-serviceAccount.yaml
- ./manifests/blackboxExporter-serviceMonitor.yaml
@@ -30,6 +31,7 @@ resources:
- ./manifests/kubeStateMetrics-clusterRole.yaml
- ./manifests/kubeStateMetrics-clusterRoleBinding.yaml
- ./manifests/kubeStateMetrics-deployment.yaml
+- ./manifests/kubeStateMetrics-networkPolicy.yaml
- ./manifests/kubeStateMetrics-prometheusRule.yaml
- ./manifests/kubeStateMetrics-service.yaml
- ./manifests/kubeStateMetrics-serviceAccount.yaml
@@ -43,6 +45,7 @@ resources:
- ./manifests/nodeExporter-clusterRole.yaml
- ./manifests/nodeExporter-clusterRoleBinding.yaml
- ./manifests/nodeExporter-daemonset.yaml
+- ./manifests/nodeExporter-networkPolicy.yaml
- ./manifests/nodeExporter-prometheusRule.yaml
- ./manifests/nodeExporter-service.yaml
- ./manifests/nodeExporter-serviceAccount.yaml
@@ -68,6 +71,7 @@ resources:
- ./manifests/prometheusAdapter-clusterRoleServerResources.yaml
- ./manifests/prometheusAdapter-configMap.yaml
- ./manifests/prometheusAdapter-deployment.yaml
+- ./manifests/prometheusAdapter-networkPolicy.yaml
- ./manifests/prometheusAdapter-podDisruptionBudget.yaml
- ./manifests/prometheusAdapter-roleBindingAuthReader.yaml
- ./manifests/prometheusAdapter-service.yaml
diff --git a/manifests/blackboxExporter-networkPolicy.yaml b/manifests/blackboxExporter-networkPolicy.yaml
new file mode 100644
index 00000000..8a6873aa
--- /dev/null
+++ b/manifests/blackboxExporter-networkPolicy.yaml
@@ -0,0 +1,31 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+ labels:
+ app.kubernetes.io/component: exporter
+ app.kubernetes.io/name: blackbox-exporter
+ app.kubernetes.io/part-of: kube-prometheus
+ app.kubernetes.io/version: 0.19.0
+ name: blackbox-exporter
+ namespace: monitoring
+spec:
+ egress:
+ - {}
+ ingress:
+ - from:
+ - podSelector:
+ matchLabels:
+ app.kubernetes.io/name: prometheus
+ ports:
+ - port: 9115
+ protocol: TCP
+ - port: 19115
+ protocol: TCP
+ podSelector:
+ matchLabels:
+ app.kubernetes.io/component: exporter
+ app.kubernetes.io/name: blackbox-exporter
+ app.kubernetes.io/part-of: kube-prometheus
+ policyTypes:
+ - Egress
+ - Ingress
diff --git a/manifests/grafana-networkPolicy.yaml b/manifests/grafana-networkPolicy.yaml
index d842725e..a5dd2aef 100644
--- a/manifests/grafana-networkPolicy.yaml
+++ b/manifests/grafana-networkPolicy.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: grafana
app.kubernetes.io/name: grafana
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 8.3.6
+ app.kubernetes.io/version: 8.4.3
name: grafana
namespace: monitoring
spec:
diff --git a/manifests/kubeStateMetrics-networkPolicy.yaml b/manifests/kubeStateMetrics-networkPolicy.yaml
index e295e722..711077a2 100644
--- a/manifests/kubeStateMetrics-networkPolicy.yaml
+++ b/manifests/kubeStateMetrics-networkPolicy.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: exporter
app.kubernetes.io/name: kube-state-metrics
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 2.3.0
+ app.kubernetes.io/version: 2.4.1
name: kube-state-metrics
namespace: monitoring
spec:
diff --git a/manifests/prometheus-networkPolicy.yaml b/manifests/prometheus-networkPolicy.yaml
index 189c0529..eb2a4eb7 100644
--- a/manifests/prometheus-networkPolicy.yaml
+++ b/manifests/prometheus-networkPolicy.yaml
@@ -6,7 +6,7 @@ metadata:
app.kubernetes.io/instance: k8s
app.kubernetes.io/name: prometheus
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 2.33.3
+ app.kubernetes.io/version: 2.33.4
name: prometheus-k8s
namespace: monitoring
spec:
diff --git a/manifests/prometheusOperator-networkPolicy.yaml b/manifests/prometheusOperator-networkPolicy.yaml
index d9244c6a..b7c0dba1 100644
--- a/manifests/prometheusOperator-networkPolicy.yaml
+++ b/manifests/prometheusOperator-networkPolicy.yaml
@@ -5,7 +5,7 @@ metadata:
app.kubernetes.io/component: controller
app.kubernetes.io/name: prometheus-operator
app.kubernetes.io/part-of: kube-prometheus
- app.kubernetes.io/version: 0.54.0
+ app.kubernetes.io/version: 0.54.1
name: prometheus-operator
namespace: monitoring
spec:
--
GitLab