Cleanup

Only keep networkpolicy for otel-collector
GoogleContainerTools · Dec 17, 2024 · c5d60ee · c5d60ee
1 parent 83186b5
commit c5d60ee
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 32 deletions.
diff --git a/manifests/templates/otel-collector.yaml b/manifests/templates/otel-collector.yaml
@@ -68,6 +68,8 @@ spec:
     port: 8888
   - name: metrics # Prometheus exporter metrics.
     port: 8675
+  - name: health-check
+    port: 13133
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
@@ -83,8 +85,6 @@ spec:
   - from:
     - namespaceSelector: {}
     ports:
-    - protocol: TCP
-      port: 13133
     - protocol: TCP
       port: 55678
 ---
@@ -133,6 +133,7 @@ spec:
         - containerPort: 55678 # Default endpoint for OpenCensus receiver.
         - containerPort: 8888  # Default endpoint for querying metrics.
         - containerPort: 8675  # Prometheus exporter metrics.
+        - containerPort: 13133 # Health check
         securityContext:
           allowPrivilegeEscalation: false
           readOnlyRootFilesystem: true

diff --git a/manifests/templates/reconciler-manager-configmap.yaml b/manifests/templates/reconciler-manager-configmap.yaml
@@ -190,6 +190,8 @@ data:
              protocol: TCP
            - containerPort: 8888  # Metrics.
              protocol: TCP
+           - containerPort: 13133 # Health check
+             protocol: TCP
            volumeMounts:
            - name: otel-agent-config-reconciler-vol
              mountPath: /conf

diff --git a/manifests/templates/reconciler-manager.yaml b/manifests/templates/reconciler-manager.yaml
@@ -81,6 +81,7 @@ spec:
         ports:
         - containerPort: 55678 # Default OpenCensus receiver port.
         - containerPort: 8888  # Metrics.
+        - containerPort: 13133 # Health check
         securityContext:
           allowPrivilegeEscalation: false
           readOnlyRootFilesystem: true
@@ -150,18 +151,3 @@ spec:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: allow-port-ingress
-  namespace: config-management-system
-spec:
-  podSelector:
-    matchLabels: {}
-  ingress:
-  - from:
-    - namespaceSelector: {}
-    ports:
-    - protocol: TCP
-      port: 13133
diff --git a/manifests/templates/resourcegroup-manifest.yaml b/manifests/templates/resourcegroup-manifest.yaml
@@ -274,6 +274,7 @@ spec:
         ports:
         - containerPort: 55678
         - containerPort: 8888
+        - containerPort: 13133
         readinessProbe:
           httpGet:
             path: /
@@ -303,19 +304,4 @@ spec:
         runAsNonRoot: true
         seccompProfile:
           type: RuntimeDefault
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: allow-port-ingress
-  namespace: resource-group-system
-spec:
-  podSelector:
-    matchLabels: {}
-  ingress:
-  - from:
-    - namespaceSelector: {}
-    ports:
-    - protocol: TCP
-      port: 13133