Fix ciliums hubble relay configuration (#9876)

* Fix ciliums hubble relay configuration * Fixed the tls from code review * Updated to dna_domain instead of hardcoding
2026-03-09 11:47:47 +03:00 · 2023-03-21 12:50:12 -07:00
parent 8cf5fefe84
commit a9f52060c9
3 changed files with 47 additions and 9 deletions
--- a/roles/network_plugin/cilium/templates/hubble/config.yml.j2
+++ b/roles/network_plugin/cilium/templates/hubble/config.yml.j2
@@ -1,5 +1,5 @@
 ---
-# Source: cilium/templates/hubble-relay-configmap.yaml
+# Source: cilium helm chart: cilium/templates/hubble-relay/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
@@ -7,12 +7,13 @@ metadata:
  namespace: kube-system
 data:
  config.yaml: |
-    peer-service: unix:///var/run/cilium/hubble.sock
+    peer-service: "hubble-peer.kube-system.svc.{{ dns_domain }}:443"
    listen-address: :4245
-    dial-timeout:
-    retry-timeout:
-    sort-buffer-len-max:
-    sort-buffer-drain-timeout:
+    metrics-listen-address: ":9966"
+    dial-timeout: 
+    retry-timeout: 
+    sort-buffer-len-max: 
+    sort-buffer-drain-timeout: 
    tls-client-cert-file: /var/lib/hubble-relay/tls/client.crt
    tls-client-key-file: /var/lib/hubble-relay/tls/client.key
    tls-hubble-server-ca-files: /var/lib/hubble-relay/tls/hubble-server-ca.crt