From a98ad02e8463201919e7d703fffcf4271c941fd6 Mon Sep 17 00:00:00 2001 From: omohammed95 Date: Tue, 20 Aug 2024 16:59:33 +0200 Subject: [PATCH] feat: allow traefik to bucketweb and queryFrontend --- aks/main.tf | 2 +- eks/main.tf | 2 +- kind/main.tf | 2 +- locals.tf | 36 +++++++++++++++++++++++++++++------- sks/main.tf | 2 +- variables.tf | 2 +- 6 files changed, 34 insertions(+), 12 deletions(-) diff --git a/aks/main.tf b/aks/main.tf index 72e9bfd1..678fa04a 100644 --- a/aks/main.tf +++ b/aks/main.tf @@ -71,7 +71,7 @@ module "thanos" { enable_service_monitor = var.enable_service_monitor app_autosync = var.app_autosync dependency_ids = var.dependency_ids - network_policy_thanos = var.network_policy_thanos + enable_network_policies = var.enable_network_policies resources = var.resources diff --git a/eks/main.tf b/eks/main.tf index ea383685..fc58b44c 100644 --- a/eks/main.tf +++ b/eks/main.tf @@ -62,7 +62,7 @@ module "thanos" { enable_service_monitor = var.enable_service_monitor app_autosync = var.app_autosync dependency_ids = var.dependency_ids - network_policy_thanos = var.network_policy_thanos + enable_network_policies = var.enable_network_policies resources = var.resources diff --git a/kind/main.tf b/kind/main.tf index c504f875..11972a6a 100644 --- a/kind/main.tf +++ b/kind/main.tf @@ -13,7 +13,7 @@ module "thanos" { enable_service_monitor = var.enable_service_monitor app_autosync = var.app_autosync dependency_ids = var.dependency_ids - network_policy_thanos = var.network_policy_thanos + enable_network_policies = var.enable_network_policies resources = var.resources diff --git a/locals.tf b/locals.tf index fbde6782..c557545e 100644 --- a/locals.tf +++ b/locals.tf @@ -44,7 +44,7 @@ locals { limits = { for k, v in var.resources.storegateway.limits : k => v if v != null } } networkPolicy = { - enabled = var.network_policy_thanos + enabled = var.enable_network_policies } extraFlags = [ # Store Gateway index cache config -> https://thanos.io/tip/components/store.md/#index-cache @@ -84,7 +84,7 @@ locals { limits = { for k, v in var.resources.query.limits : k => v if v != null } } networkPolicy = { - enabled = var.network_policy_thanos + enabled = var.enable_network_policies } } @@ -108,7 +108,7 @@ locals { size = local.thanos.compactor_persistence_size } networkPolicy = { - enabled = var.network_policy_thanos + enabled = var.enable_network_policies } } @@ -200,7 +200,18 @@ locals { }] } networkPolicy = { - enabled = var.network_policy_thanos + enabled = var.enable_network_policies + extraIngress = var.enable_network_policies ? [ + { + from = { + namespaceSelector = { + matchLabels = { + "app.kubernetes.io/metadata.name" = "traefik" + } + } + } + } + ] : [] } } @@ -334,17 +345,28 @@ locals { }] } networkPolicy = { - enabled = var.network_policy_thanos + enabled = var.enable_network_policies + extraIngress = var.enable_network_policies ? [ + { + from = { + namespaceSelector = { + matchLabels = { + "app.kubernetes.io/metadata.name" = "traefik" + } + } + } + } + ] : [] } } receive = { networkPolicy = { - enabled = var.network_policy_thanos + enabled = var.enable_network_policies } } ruler = { networkPolicy = { - enabled = var.network_policy_thanos + enabled = var.enable_network_policies } } } diff --git a/sks/main.tf b/sks/main.tf index c504f875..11972a6a 100644 --- a/sks/main.tf +++ b/sks/main.tf @@ -13,7 +13,7 @@ module "thanos" { enable_service_monitor = var.enable_service_monitor app_autosync = var.app_autosync dependency_ids = var.dependency_ids - network_policy_thanos = var.network_policy_thanos + enable_network_policies = var.enable_network_policies resources = var.resources diff --git a/variables.tf b/variables.tf index 458b0301..b12a58da 100644 --- a/variables.tf +++ b/variables.tf @@ -175,7 +175,7 @@ variable "enable_service_monitor" { default = false } -variable "network_policy_thanos" { +variable "enable_network_policies" { description = "Enable or disable network policy for Thanos components." type = bool default = false