From 0d461f9dcf5bf5d8ecf1048ebafdb4db6656f5f2 Mon Sep 17 00:00:00 2001 From: JJGadgets Date: Fri, 10 Oct 2025 23:23:17 +0800 Subject: [PATCH] feat: add vector for FortiGate syslog TLS --- kube/deploy/core/monitoring/vector/app/hr.yaml | 14 ++++++++++++++ .../core/monitoring/victoria/logs/netpol.yaml | 6 ++++++ 2 files changed, 20 insertions(+) diff --git a/kube/deploy/core/monitoring/vector/app/hr.yaml b/kube/deploy/core/monitoring/vector/app/hr.yaml index 8d7adead..990b056d 100644 --- a/kube/deploy/core/monitoring/vector/app/hr.yaml +++ b/kube/deploy/core/monitoring/vector/app/hr.yaml @@ -102,3 +102,17 @@ spec: policyTypes: [Ingress, Egress] rules: ingress: [from: [{ipBlock: {cidr: "${IP_ROUTER_VLAN_K8S}/32"}}]] + egress: + - to: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: monitoring + podSelector: + matchLabels: + app.kubernetes.io/name: victoria-logs + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: monitoring + podSelector: + matchLabels: + app.kubernetes.io/name: victoria-logs-single diff --git a/kube/deploy/core/monitoring/victoria/logs/netpol.yaml b/kube/deploy/core/monitoring/victoria/logs/netpol.yaml index 9d22e3c8..41c1cb57 100644 --- a/kube/deploy/core/monitoring/victoria/logs/netpol.yaml +++ b/kube/deploy/core/monitoring/victoria/logs/netpol.yaml @@ -17,6 +17,12 @@ spec: podSelector: matchLabels: app.kubernetes.io/name: fluentbit + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: vector + podSelector: + matchLabels: + app.kubernetes.io/name: vector - from: - ipBlock: cidr: "${IP_ROUTER_VLAN_K8S:=127.0.0.1}/32"