diff --git a/jsonnet/kube-prometheus/components/alertmanager.libsonnet b/jsonnet/kube-prometheus/components/alertmanager.libsonnet
index 7dc43b3be186314204b0711397d5e15dd7507f6d..364b1a35924996dab9bd7901f68c98b3d56d0912 100644
--- a/jsonnet/kube-prometheus/components/alertmanager.libsonnet
+++ b/jsonnet/kube-prometheus/components/alertmanager.libsonnet
@@ -113,19 +113,38 @@ function(params) {
},
policyTypes: ['Egress', 'Ingress'],
egress: [{}],
- ingress: [{
- from: [{
- podSelector: {
- matchLabels: {
- 'app.kubernetes.io/name': 'prometheus',
+ ingress: [
+ {
+ from: [{
+ podSelector: {
+ matchLabels: {
+ 'app.kubernetes.io/name': 'prometheus',
+ },
},
- },
- }],
- ports: std.map(function(o) {
- port: o.port,
- protocol: 'TCP',
- }, am.service.spec.ports),
- }],
+ }],
+ ports: std.map(function(o) {
+ port: o.port,
+ protocol: 'TCP',
+ }, am.service.spec.ports),
+ },
+ // Alertmanager cluster peer-to-peer communication
+ {
+ from: [{
+ podSelector: {
+ matchLabels: {
+ 'app.kubernetes.io/name': 'alertmanager',
+ },
+ },
+ }],
+ ports: [{
+ port: 9094,
+ protocol: 'TCP',
+ }, {
+ port: 9094,
+ protocol: 'UDP',
+ }],
+ },
+ ],
},
},
diff --git a/manifests/alertmanager-networkPolicy.yaml b/manifests/alertmanager-networkPolicy.yaml
index d9f01424f2a42523216339e3e81b5d27a3b2d539..11b1a992e713570f80d06c3d1916fe1df7deb4da 100644
--- a/manifests/alertmanager-networkPolicy.yaml
+++ b/manifests/alertmanager-networkPolicy.yaml
@@ -22,6 +22,15 @@ spec:
protocol: TCP
- port: 8080
protocol: TCP
+ - from:
+ - podSelector:
+ matchLabels:
+ app.kubernetes.io/name: alertmanager
+ ports:
+ - port: 9094
+ protocol: TCP
+ - port: 9094
+ protocol: UDP
podSelector:
matchLabels:
app.kubernetes.io/component: alert-router