From 57dbcea228786996b9e93ef1146e575247810c59 Mon Sep 17 00:00:00 2001 From: outductor Date: Wed, 14 Feb 2024 18:35:04 +0900 Subject: [PATCH] remove pyroscope --- .../cloudflared-tunnel-exits/http-exits.yaml | 5 ---- .../app-of-other-apps/pyroscope-ebpf.yaml | 24 ---------------- .../app-of-other-apps/pyroscope.yaml | 28 ------------------- .../cloudflare_network_admin_services.tf | 26 ----------------- 4 files changed, 83 deletions(-) delete mode 100644 seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/pyroscope-ebpf.yaml delete mode 100644 seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/pyroscope.yaml diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/http-exits.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/http-exits.yaml index dc076b1c7..bde5bdc17 100644 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/http-exits.yaml +++ b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cloudflared-tunnel-exits/http-exits.yaml @@ -47,11 +47,6 @@ spec: external-hostname: hubble-ui.onp-k8s.admin.seichi.click internal-authority: "hubble-ui.kube-system:80" - # pyroscope - - name: pyroscope - external-hostname: pyroscope.onp-k8s.admin.seichi.click - internal-authority: "pyroscope.monitoring:4040" - # Sentry - name: sentry external-hostname: sentry.onp.admin.seichi.click diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/pyroscope-ebpf.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/pyroscope-ebpf.yaml deleted file mode 100644 index 02f73b2d9..000000000 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/pyroscope-ebpf.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: pyroscope-ebpf - namespace: argocd - finalizers: - - resources-finalizer.argocd.argoproj.io # cascade deletion on this App deletion -spec: - project: cluster-wide-apps - source: - chart: pyroscope-ebpf - repoURL: https://pyroscope-io.github.io/helm-chart - targetRevision: 0.1.31 - helm: - releaseName: pyroscope-ebpf - destination: - server: https://kubernetes.default.svc - namespace: monitoring - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - ServerSideApply=true diff --git a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/pyroscope.yaml b/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/pyroscope.yaml deleted file mode 100644 index acaa3cb80..000000000 --- a/seichi-onp-k8s/manifests/seichi-kubernetes/apps/cluster-wide-apps/app-of-other-apps/pyroscope.yaml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: pyroscope - namespace: argocd - finalizers: - - resources-finalizer.argocd.argoproj.io # cascade deletion on this App deletion -spec: - project: cluster-wide-apps - source: - chart: pyroscope - repoURL: https://pyroscope-io.github.io/helm-chart - targetRevision: 0.2.92 - helm: - releaseName: pyroscope - values: | - persistence: - enabled: true - size: 50Gi - destination: - server: https://kubernetes.default.svc - namespace: monitoring - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - ServerSideApply=true diff --git a/terraform/cloudflare_network_admin_services.tf b/terraform/cloudflare_network_admin_services.tf index 55b6105fe..60a093edd 100644 --- a/terraform/cloudflare_network_admin_services.tf +++ b/terraform/cloudflare_network_admin_services.tf @@ -197,32 +197,6 @@ resource "cloudflare_access_policy" "onp_hubble_ui" { } } -resource "cloudflare_access_application" "onp_admin_pyroscope" { - zone_id = local.cloudflare_zone_id - name = "Pyroscope" - domain = "pyroscope.onp-k8s.admin.${local.root_domain}" - type = "self_hosted" - session_duration = "24h" - - http_only_cookie_attribute = true -} - -resource "cloudflare_access_policy" "onp_admin_pyroscope" { - application_id = cloudflare_access_application.onp_admin_pyroscope.id - zone_id = local.cloudflare_zone_id - name = "Require to be in a GitHub team to access" - precedence = "1" - decision = "allow" - - include { - github { - name = local.github_org_name - teams = [github_team.onp_hubble_ui.slug] // hubble uiと同じ権限で良い - identity_provider_id = cloudflare_access_identity_provider.github_oauth.id - } - } -} - resource "cloudflare_access_application" "onp_phpmyadmin" { zone_id = local.cloudflare_zone_id name = "phpMyAdmin"