search

DataDog / helm-charts

Helm charts for Datadog products
Apache License 2.0
343 stars 1.01k forks source link

Missing network policy for Alibaba Cloud metadata endpoint #1364

Open krokofant opened 6 months ago

krokofant commented 6 months ago

The datadog agent tries to ping 100.100.100.200:80 to figure some things out, this should be added to the CiliumNetworkPolicy in the same way as the metadata endpoint for Azure, EC2, GCE 169.254.169.254.

References for usage: https://github.com/DataDog/datadog-agent/blob/f0ad97ac7814b8d8dbe89a69860f2b3354464ce5/pkg/util/cloudproviders/alibaba/alibaba.go#L21 https://github.com/DataDog/datadog-agent/blob/f0ad97ac7814b8d8dbe89a69860f2b3354464ce5/pkg/config/setup/config.go#L1413

Should be added in these places:

  1. https://github.com/DataDog/helm-charts/blob/61736e9132b9a44a268ae266bc45c99f78a7491e/charts/datadog/templates/agent-cilium-network-policy.yaml#L53
  2. https://github.com/DataDog/helm-charts/blob/61736e9132b9a44a268ae266bc45c99f78a7491e/charts/datadog/templates/agent-cilium-network-policy.yaml#L53
  3. https://github.com/DataDog/helm-charts/blob/61736e9132b9a44a268ae266bc45c99f78a7491e/charts/datadog/templates/cluster-agent-cilium-network-policy.yaml#L19