UNCLASSIFIED - NO CUI

Skip to content

Gitlab Redis network policy does not allow Prometheus metric scraping

The allow-redis-monitoring and ingress-monitoring-redis-client do not allow Prometheus to scrape Redis metrics, since Redis now uses the newer app.kubernetes.io/name labels, rather than the app: and release: labels.

The following patch fixes the pod label selection in the network policies:

diff --git a/chart/templates/bigbang/networkpolicies/allow-redis-monitoring.yaml b/chart/templates/bigbang/networkpolicies/allow-redis-monitoring.yaml
index c969643..eb4ec5c 100644
--- a/chart/templates/bigbang/networkpolicies/allow-redis-monitoring.yaml
+++ b/chart/templates/bigbang/networkpolicies/allow-redis-monitoring.yaml
@@ -7,8 +7,8 @@ metadata:
 spec:
   podSelector:
     matchLabels:
-      app: redis
-      release: "{{ .Release.Name }}"
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/instance: "{{ .Release.Name }}"
   policyTypes:
   - Ingress
   ingress:
diff --git a/chart/templates/bigbang/networkpolicies/ingress-monitoring-redis-client.yaml b/chart/templates/bigbang/networkpolicies/ingress-monitoring-redis-client.yaml
index 1e30b4a..23f4e5f 100644
--- a/chart/templates/bigbang/networkpolicies/ingress-monitoring-redis-client.yaml
+++ b/chart/templates/bigbang/networkpolicies/ingress-monitoring-redis-client.yaml
@@ -7,7 +7,8 @@ metadata:
 spec:
   podSelector:
     matchLabels:
-      app: redis
+      app.kubernetes.io/name: redis
+      app.kubernetes.io/instance: "{{ .Release.Name }}"
   policyTypes:
   - Ingress
   ingress:

UNCLASSIFIED - NO CUI