Skip to content

Instantly share code, notes, and snippets.

@adleong

adleong/scrape-policy.yml

Created August 12, 2022 22:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save adleong/e431c75414fb46c5f065fb50f11c8b24 to your computer and use it in GitHub Desktop.
Save adleong/e431c75414fb46c5f065fb50f11c8b24 to your computer and use it in GitHub Desktop.
Download ZIP
A policy which grants linkerd-viz permission to scrape metrics from the proxies in this namespace
Raw
scrape-policy.yml
---
apiVersion: policy.linkerd.io/v1beta1
kind: Server
metadata:
name: proxy-admin
labels:
linkerd.io/extension: viz
spec:
podSelector:
matchExpressions:
- key: linkerd.io/proxy-deployment
operator: Exists
port: linkerd-admin
proxyProtocol: HTTP/1
---
apiVersion: policy.linkerd.io/v1alpha1
kind: HTTPRoute
metadata:
name: proxy-metrics
labels:
linkerd.io/extension: viz
spec:
parentRefs:
- name: proxy-admin
kind: Server
group: policy.linkerd.io
rules:
- matches:
- path:
value: "/metrics"
---
apiVersion: policy.linkerd.io/v1alpha1
kind: HTTPRoute
metadata:
name: proxy-probes
labels:
linkerd.io/extension: viz
spec:
parentRefs:
- name: proxy-admin
kind: Server
group: policy.linkerd.io
rules:
- matches:
- path:
value: "/live"
- path:
value: "/ready"
---
apiVersion: policy.linkerd.io/v1alpha1
kind: AuthorizationPolicy
metadata:
name: prometheus-scrape
labels:
linkerd.io/extension: viz
spec:
targetRef:
group: policy.linkerd.io
kind: HTTPRoute
name: proxy-metrics
requiredAuthenticationRefs:
- kind: ServiceAccount
name: prometheus
namespace: linkerd-viz
---
apiVersion: policy.linkerd.io/v1alpha1
kind: AuthorizationPolicy
metadata:
name: proxy-probes
labels:
linkerd.io/extension: viz
spec:
targetRef:
group: policy.linkerd.io
kind: HTTPRoute
name: proxy-probes
requiredAuthenticationRefs:
- kind: NetworkAuthentication
group: policy.linkerd.io
name: kubelet
namespace: linkerd-viz
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment