From 7307c0f43ead18f1b87f91f40051427c04476a1a Mon Sep 17 00:00:00 2001
From: Markos Chandras <markos@chandras.me>
Date: Wed, 9 Jun 2021 10:29:23 +0300
Subject: [PATCH] helm: Use hostPort only with hostNetwork

There is no need to use the hostPort option if we are not directly
connected to the hostNetwork. Using the hostPort option makes that port
unavailable for binding to any other service on the node which is
not really desirable if the pod itself is not on the host network.
---
 .../templates/daemonset.linux.yaml                            | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/config/helm/aws-node-termination-handler/templates/daemonset.linux.yaml b/config/helm/aws-node-termination-handler/templates/daemonset.linux.yaml
index 41dda316..e85bf0de 100644
--- a/config/helm/aws-node-termination-handler/templates/daemonset.linux.yaml
+++ b/config/helm/aws-node-termination-handler/templates/daemonset.linux.yaml
@@ -183,14 +183,18 @@ spec:
           {{- if .Values.enablePrometheusServer }}
           ports:
           - containerPort: {{ .Values.prometheusServerPort }}
+            {{- if .Values.useHostNetwork }}
             hostPort: {{ .Values.prometheusServerPort }}
+            {{- end }}
             name: http-metrics
             protocol: TCP
           {{- end }}
           {{- if .Values.enableProbesServer }}
           ports:
           - containerPort: {{ .Values.probesServerPort }}
+            {{- if .Values.useHostNetwork }}
             hostPort: {{ .Values.probesServerPort }}
+            {{- end }}
             name: liveness-probe
             protocol: TCP
           {{- end }}