From 0919b50b3e3291cd417a53ea6fb638ac2d8a4a93 Mon Sep 17 00:00:00 2001
From: Aleksandr Nogikh <nogikh@google.com>
Date: Wed, 21 May 2025 16:45:59 +0200
Subject: syz-cluster: set proper Service types

As the cluster is private, use the ClusterIP type to only request a
cluster-internal IP.

Since web dashboard will need to be exposed via Load Balancer, set the
necessary metadata annotation.
---
 syz-cluster/controller/service.yaml         | 1 +
 syz-cluster/dashboard/service.yaml          | 2 +-
 syz-cluster/overlays/gke/kustomization.yaml | 8 ++++++++
 syz-cluster/reporter-server/service.yaml    | 1 +
 4 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/syz-cluster/controller/service.yaml b/syz-cluster/controller/service.yaml
index 39aa1d9ff..a37bf034b 100644
--- a/syz-cluster/controller/service.yaml
+++ b/syz-cluster/controller/service.yaml
@@ -12,3 +12,4 @@ spec:
   - protocol: TCP
     port: 8080
     targetPort: 8080
+  type: ClusterIP
diff --git a/syz-cluster/dashboard/service.yaml b/syz-cluster/dashboard/service.yaml
index a5b2521e4..d4c138730 100644
--- a/syz-cluster/dashboard/service.yaml
+++ b/syz-cluster/dashboard/service.yaml
@@ -12,4 +12,4 @@ spec:
   - protocol: TCP
     port: 80
     targetPort: 8081
-  type: LoadBalancer
+  type: ClusterIP
diff --git a/syz-cluster/overlays/gke/kustomization.yaml b/syz-cluster/overlays/gke/kustomization.yaml
index 7c5491b10..825e15803 100644
--- a/syz-cluster/overlays/gke/kustomization.yaml
+++ b/syz-cluster/overlays/gke/kustomization.yaml
@@ -31,3 +31,11 @@ patches:
         path: /spec/templates/0/nodeSelector
         value:
           cloud.google.com/gke-nodepool: nested-vm-pool
+  - target:
+      kind: Service
+      name: web-dashboard-service
+    patch: |-
+      - op: replace
+        path: /metadata/annotations
+        value:
+          cloud.google.com/neg: '{"exposed_ports": {"80":{"name": "web-dashboard"}}}'
diff --git a/syz-cluster/reporter-server/service.yaml b/syz-cluster/reporter-server/service.yaml
index 1981a1838..e6ca8a322 100644
--- a/syz-cluster/reporter-server/service.yaml
+++ b/syz-cluster/reporter-server/service.yaml
@@ -12,3 +12,4 @@ spec:
   - protocol: TCP
     port: 8080
     targetPort: 8080
+  type: ClusterIP
-- 
cgit mrf-deployment