Skip to content

Commit

Permalink
fix: add network policy from control-plance to metrics-server
Browse files Browse the repository at this point in the history
  • Loading branch information
@ArchiFleKs
ArchiFleKs committed Jun 14, 2019
1 parent 97c956e commit 888763c
Showing 1 changed file with 40 additions and 0 deletions.
40 changes: 40 additions & 0 deletions terraform/modules/eks-addons/metrics-server.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,3 +74,43 @@ resource "kubernetes_network_policy" "metrics_server_allow_namespace" {
policy_types = ["Ingress"]
}
}

resource "kubernetes_network_policy" "metrics_server_allow_control_plane" {
count = "${var.metrics_server["enabled"] * var.metrics_server["default_network_policy"]}"

metadata {
name = "${kubernetes_namespace.metrics_server.*.metadata.0.name[count.index]}-allow-control-plane"
namespace = "${kubernetes_namespace.metrics_server.*.metadata.0.name[count.index]}"
}

spec {
pod_selector {
match_expressions {
key = "app"
operator = "In"
values = ["metrics_server"]
}
}

ingress = [
{
ports = [
{
port = "8443"
protocol = "TCP"
},
]

from = [
{
ip_block {
cidr = "${var.metrics_server["control_plane_cidr"]}"
}
},
]
},
]

policy_types = ["Ingress"]
}
}

0 comments on commit 888763c

Please sign in to comment.