Uploaded image for project: 'Distributed Tracing'
  1. Distributed Tracing
  2. TRACING-5686

[RHOSDT 3.7] Network policies mis-match with various extensions

XMLWordPrintable

    • Tracing Sprint # 278

      Configuring various extensions in OTEL 3.7 not all extensions are covered by NetworkPolicy settings accordingly.

      • jaegerremotesampling
      • pprof
      • zpages

      all of those extensions do provide a service listening which can be configured (default localhost) to    listen on `0.0.0.0` which does not get considered in the generated NetworkPolicies and therefor are not able to be utilized accordingly.

       

      Examples

            health_check/response-body:
        endpoint: '0.0.0.0:13133'
        path: /
      pprof:
        endpoint: '0.0.0.0:1777'
      zpages:
        endpoint: '0.0.0.0:55679'

      verifying the generated NetworkPolicy

      $ oc get networkpolicy  otel-collector-networkpolicy -o yaml | yq -ry '.spec'
ingress:
  - ports:
      - port: 8888
        protocol: TCP
      - port: 4317
        protocol: TCP
      - port: 4318
        protocol: TCP
podSelector:
  matchLabels:
    app.kubernetes.io/component: opentelemetry-collector
    app.kubernetes.io/instance: ns1.otel
    app.kubernetes.io/managed-by: opentelemetry-operator
    app.kubernetes.io/part-of: opentelemetry
policyTypes:
  - Ingress

              ploffay@redhat.com Pavol Loffay
              rhn-support-milang Michaela Lang
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: