From 6ad30915eb456d0dec58607780b459a17641a05c Mon Sep 17 00:00:00 2001 From: nbykov0 <166552198+nbykov0@users.noreply.github.com> Date: Wed, 30 Apr 2025 23:44:06 +0300 Subject: [PATCH 01/25] Add PLATFORM make variable; calculate it if undefined Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- scripts/common-envs.mk | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/scripts/common-envs.mk b/scripts/common-envs.mk index 99bc29eb..ff2ece4a 100644 --- a/scripts/common-envs.mk +++ b/scripts/common-envs.mk @@ -14,3 +14,16 @@ ifeq ($(COZYSTACK_VERSION),) $(shell git fetch upstream --tags) COZYSTACK_VERSION = $(patsubst v%,%,$(shell git describe --tags)) endif + +# Calculate PLATFORM based on current docker daemon arch +ifndef PLATFORM + DOCKER_DAEMON_ARCH := $(shell docker info --format='{{.Architecture}}') + ifeq ($(DOCKER_DAEMON_ARCH),x86_64) + PLATFORM := linux/amd64 + else ifeq ($(DOCKER_DAEMON_ARCH),aarch64) + PLATFORM := linux/arm64 + else + $(error Unsupported architecture: "$(DOCKER_DAEMON_ARCH)") + endif + undefine DOCKER_DAEMON_ARCH +endif From 1e63b5e8ce150fbcdf5d16999d73203bbd78e4bc Mon Sep 17 00:00:00 2001 From: nbykov0 <166552198+nbykov0@users.noreply.github.com> Date: Wed, 30 Apr 2025 23:46:12 +0300 Subject: [PATCH 02/25] system/cozystack-controller: add PLATFORM variable to Makefile Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- packages/system/cozystack-controller/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/system/cozystack-controller/Makefile b/packages/system/cozystack-controller/Makefile index a1db9b0a..aafaf036 100644 --- a/packages/system/cozystack-controller/Makefile +++ b/packages/system/cozystack-controller/Makefile @@ -9,6 +9,7 @@ image: image-cozystack-controller update-version image-cozystack-controller: docker buildx build -f images/cozystack-controller/Dockerfile ../../.. \ --provenance false \ + --platform=$(PLATFORM) --tag $(REGISTRY)/cozystack-controller:$(call settag,$(TAG)) \ --cache-from type=registry,ref=$(REGISTRY)/cozystack-controller:latest \ --cache-to type=inline \ From b4a04df6f3d9174efea1fb455b4e09cd66ff0dfc Mon Sep 17 00:00:00 2001 From: nbykov0 <166552198+nbykov0@users.noreply.github.com> Date: Wed, 30 Apr 2025 23:54:45 +0300 Subject: [PATCH 03/25] system/cozystack-controller: add PLATFORM variable to Makefile: syntax Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- packages/system/cozystack-controller/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/system/cozystack-controller/Makefile b/packages/system/cozystack-controller/Makefile index aafaf036..17aa2f9b 100644 --- a/packages/system/cozystack-controller/Makefile +++ b/packages/system/cozystack-controller/Makefile @@ -9,7 +9,7 @@ image: image-cozystack-controller update-version image-cozystack-controller: docker buildx build -f images/cozystack-controller/Dockerfile ../../.. \ --provenance false \ - --platform=$(PLATFORM) + --platform=$(PLATFORM) \ --tag $(REGISTRY)/cozystack-controller:$(call settag,$(TAG)) \ --cache-from type=registry,ref=$(REGISTRY)/cozystack-controller:latest \ --cache-to type=inline \ From 57fefde732c21b3c5e6aea8c9e8f3fb307e2473a Mon Sep 17 00:00:00 2001 From: nbykov0 <166552198+nbykov0@users.noreply.github.com> Date: Fri, 2 May 2025 21:43:17 +0300 Subject: [PATCH 04/25] scrips/common-envs.mk: add BUILDER and PLATFORM calculation Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- scripts/common-envs.mk | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/scripts/common-envs.mk b/scripts/common-envs.mk index ff2ece4a..b1f7e77e 100644 --- a/scripts/common-envs.mk +++ b/scripts/common-envs.mk @@ -15,15 +15,7 @@ ifeq ($(COZYSTACK_VERSION),) COZYSTACK_VERSION = $(patsubst v%,%,$(shell git describe --tags)) endif -# Calculate PLATFORM based on current docker daemon arch -ifndef PLATFORM - DOCKER_DAEMON_ARCH := $(shell docker info --format='{{.Architecture}}') - ifeq ($(DOCKER_DAEMON_ARCH),x86_64) - PLATFORM := linux/amd64 - else ifeq ($(DOCKER_DAEMON_ARCH),aarch64) - PLATFORM := linux/arm64 - else - $(error Unsupported architecture: "$(DOCKER_DAEMON_ARCH)") - endif - undefine DOCKER_DAEMON_ARCH -endif +# Get the name of the default docker buildx builder +BUILDER ?= $(shell docker buildx inspect | head -n2 | awk '/^Name:/{print $$NF}') +# Get platforms supported by the builder +PLATFORM ?= $(shell docker buildx inspect $(BUILDER) | egrep '^Platforms:' | egrep -o 'linux/amd64|linux/arm64' | sort -u | xargs | sed 's/ /,/g') From 15c9c4a0689021f0626e40528bb5004ba5fc8cda Mon Sep 17 00:00:00 2001 From: nbykov0 <166552198+nbykov0@users.noreply.github.com> Date: Fri, 2 May 2025 21:43:55 +0300 Subject: [PATCH 05/25] system/cozystack-controller: add PLATFORM and BUILDER variables to Makefile Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- packages/system/cozystack-controller/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/system/cozystack-controller/Makefile b/packages/system/cozystack-controller/Makefile index 17aa2f9b..a75faea9 100644 --- a/packages/system/cozystack-controller/Makefile +++ b/packages/system/cozystack-controller/Makefile @@ -9,6 +9,7 @@ image: image-cozystack-controller update-version image-cozystack-controller: docker buildx build -f images/cozystack-controller/Dockerfile ../../.. \ --provenance false \ + --builder=$(BUILDER) \ --platform=$(PLATFORM) \ --tag $(REGISTRY)/cozystack-controller:$(call settag,$(TAG)) \ --cache-from type=registry,ref=$(REGISTRY)/cozystack-controller:latest \ From 951ba75d938e5df5b65ca20b34b97bdc4d15ba4f Mon Sep 17 00:00:00 2001 From: nbykov0 <166552198+nbykov0@users.noreply.github.com> Date: Fri, 2 May 2025 23:51:37 +0300 Subject: [PATCH 06/25] scripts/common-envs.mk: add --bootsrap flag to inspects Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- scripts/common-envs.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/common-envs.mk b/scripts/common-envs.mk index b1f7e77e..79b08799 100644 --- a/scripts/common-envs.mk +++ b/scripts/common-envs.mk @@ -16,6 +16,6 @@ ifeq ($(COZYSTACK_VERSION),) endif # Get the name of the default docker buildx builder -BUILDER ?= $(shell docker buildx inspect | head -n2 | awk '/^Name:/{print $$NF}') +BUILDER ?= $(shell docker buildx inspect --bootstrap | head -n2 | awk '/^Name:/{print $$NF}') # Get platforms supported by the builder -PLATFORM ?= $(shell docker buildx inspect $(BUILDER) | egrep '^Platforms:' | egrep -o 'linux/amd64|linux/arm64' | sort -u | xargs | sed 's/ /,/g') +PLATFORM ?= $(shell docker buildx inspect --bootstrap $(BUILDER) | egrep '^Platforms:' | egrep -o 'linux/amd64|linux/arm64' | sort -u | xargs | sed 's/ /,/g') From bbb93c647d8cd23a3af3571aadc4aada7ea18ed8 Mon Sep 17 00:00:00 2001 From: nbykov0 <166552198+nbykov0@users.noreply.github.com> Date: Tue, 6 May 2025 16:24:26 +0300 Subject: [PATCH 07/25] scripts/common-envs.mk: commit suggestions after a review Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- scripts/common-envs.mk | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/common-envs.mk b/scripts/common-envs.mk index 79b08799..a2a4c103 100644 --- a/scripts/common-envs.mk +++ b/scripts/common-envs.mk @@ -16,6 +16,9 @@ ifeq ($(COZYSTACK_VERSION),) endif # Get the name of the default docker buildx builder -BUILDER ?= $(shell docker buildx inspect --bootstrap | head -n2 | awk '/^Name:/{print $$NF}') +BUILDER ?= $(shell jq -r '.Name' ~/.docker/buildx/current) # Get platforms supported by the builder +# TODO: figure out how to get runners status dynamically, in json +# PLATFORM ?= $(shell jq -r '.Nodes[] | .Platforms | map(.os + "/" + .architecture) | join(",")' ~/.docker/buildx/instances/$(BUILDER)) PLATFORM ?= $(shell docker buildx inspect --bootstrap $(BUILDER) | egrep '^Platforms:' | egrep -o 'linux/amd64|linux/arm64' | sort -u | xargs | sed 's/ /,/g') + From 57ac6148655ec7648f02f8c414a3985afdcb47b0 Mon Sep 17 00:00:00 2001 From: nbykov0 <166552198+nbykov0@users.noreply.github.com> Date: Tue, 6 May 2025 19:31:22 +0300 Subject: [PATCH 08/25] Makefile: add buildx version requirement Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 99309f4e..66efb02c 100644 --- a/Makefile +++ b/Makefile @@ -6,6 +6,7 @@ build-deps: @tar --version | grep -q GNU || (echo "GNU tar is required" && exit 1) @sed --version | grep -q GNU || (echo "GNU sed is required" && exit 1) @awk --version | grep -q GNU || (echo "GNU awk is required" && exit 1) + @docker info --format=json | jq -r '"v0.13.0\n\(.ClientInfo.Plugins[] | select(.Name == "buildx") | .Version)"' | sort -CV || (echo "docker buildx plugin version >=0.13.0 is required" && exit 1) build: build-deps make -C packages/apps/http-cache image From 13139dd71d4202c41c439d505d07f4e74c6dbf94 Mon Sep 17 00:00:00 2001 From: Ubuntu <166552198+nbykov0@users.noreply.github.com> Date: Wed, 7 May 2025 22:56:07 +0300 Subject: [PATCH 09/25] Revert "Makefile: add buildx version requirement" This reverts commit 8d367533550236fc587bd5f236046c15f6b7609a. The check it introduced is not needed. Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- Makefile | 1 - 1 file changed, 1 deletion(-) diff --git a/Makefile b/Makefile index 66efb02c..99309f4e 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,6 @@ build-deps: @tar --version | grep -q GNU || (echo "GNU tar is required" && exit 1) @sed --version | grep -q GNU || (echo "GNU sed is required" && exit 1) @awk --version | grep -q GNU || (echo "GNU awk is required" && exit 1) - @docker info --format=json | jq -r '"v0.13.0\n\(.ClientInfo.Plugins[] | select(.Name == "buildx") | .Version)"' | sort -CV || (echo "docker buildx plugin version >=0.13.0 is required" && exit 1) build: build-deps make -C packages/apps/http-cache image From 2349ff61c12ae9d04ce611c990fdfec5aee371e5 Mon Sep 17 00:00:00 2001 From: Ubuntu <166552198+nbykov0@users.noreply.github.com> Date: Wed, 7 May 2025 23:25:51 +0300 Subject: [PATCH 10/25] scripts/common-envs.mk: add PLATFORM calculation with json parsing Signed-off-by: nbykov0 <166552198+nbykov0@users.noreply.github.com> --- scripts/common-envs.mk | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/scripts/common-envs.mk b/scripts/common-envs.mk index a2a4c103..98f4652a 100644 --- a/scripts/common-envs.mk +++ b/scripts/common-envs.mk @@ -15,10 +15,8 @@ ifeq ($(COZYSTACK_VERSION),) COZYSTACK_VERSION = $(patsubst v%,%,$(shell git describe --tags)) endif -# Get the name of the default docker buildx builder -BUILDER ?= $(shell jq -r '.Name' ~/.docker/buildx/current) +# Get the name of the selected docker buildx builder +BUILDER ?= $(shell docker buildx inspect --bootstrap | head -n2 | awk '/^Name:/{print $$NF}') # Get platforms supported by the builder -# TODO: figure out how to get runners status dynamically, in json -# PLATFORM ?= $(shell jq -r '.Nodes[] | .Platforms | map(.os + "/" + .architecture) | join(",")' ~/.docker/buildx/instances/$(BUILDER)) -PLATFORM ?= $(shell docker buildx inspect --bootstrap $(BUILDER) | egrep '^Platforms:' | egrep -o 'linux/amd64|linux/arm64' | sort -u | xargs | sed 's/ /,/g') +PLATFORM ?= $(shell docker buildx ls --format=json | jq -r 'select(.Name == "$(BUILDER)") | [.Nodes[].Platforms // []] | flatten | unique | map(select(test("^linux/amd64$$|^linux/arm64$$"))) | join(",")') From 1ad1b15a5befb82025179c1cc25678072f94c424 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Fri, 9 May 2025 14:55:54 +0200 Subject: [PATCH 11/25] [talos] Update Talos Linux v1.10.1 Signed-off-by: Andrei Kvapil --- .../images/talos/profiles/initramfs.yaml | 16 ++++++++-------- .../images/talos/profiles/installer.yaml | 16 ++++++++-------- .../installer/images/talos/profiles/iso.yaml | 16 ++++++++-------- .../installer/images/talos/profiles/kernel.yaml | 16 ++++++++-------- .../installer/images/talos/profiles/metal.yaml | 16 ++++++++-------- .../installer/images/talos/profiles/nocloud.yaml | 16 ++++++++-------- 6 files changed, 48 insertions(+), 48 deletions(-) diff --git a/packages/core/installer/images/talos/profiles/initramfs.yaml b/packages/core/installer/images/talos/profiles/initramfs.yaml index af5f34cc..2898ed61 100644 --- a/packages/core/installer/images/talos/profiles/initramfs.yaml +++ b/packages/core/installer/images/talos/profiles/initramfs.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: initramfs imageOptions: {} diff --git a/packages/core/installer/images/talos/profiles/installer.yaml b/packages/core/installer/images/talos/profiles/installer.yaml index b717ba3e..594c1e09 100644 --- a/packages/core/installer/images/talos/profiles/installer.yaml +++ b/packages/core/installer/images/talos/profiles/installer.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: installer imageOptions: {} diff --git a/packages/core/installer/images/talos/profiles/iso.yaml b/packages/core/installer/images/talos/profiles/iso.yaml index c10d43c6..5a416e99 100644 --- a/packages/core/installer/images/talos/profiles/iso.yaml +++ b/packages/core/installer/images/talos/profiles/iso.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: iso imageOptions: {} diff --git a/packages/core/installer/images/talos/profiles/kernel.yaml b/packages/core/installer/images/talos/profiles/kernel.yaml index 462aaaac..14f00f8b 100644 --- a/packages/core/installer/images/talos/profiles/kernel.yaml +++ b/packages/core/installer/images/talos/profiles/kernel.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: kernel imageOptions: {} diff --git a/packages/core/installer/images/talos/profiles/metal.yaml b/packages/core/installer/images/talos/profiles/metal.yaml index e3f5a8e9..e559318a 100644 --- a/packages/core/installer/images/talos/profiles/metal.yaml +++ b/packages/core/installer/images/talos/profiles/metal.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: metal secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: image imageOptions: { diskSize: 1306525696, diskFormat: raw } diff --git a/packages/core/installer/images/talos/profiles/nocloud.yaml b/packages/core/installer/images/talos/profiles/nocloud.yaml index e781edc1..dab8ea38 100644 --- a/packages/core/installer/images/talos/profiles/nocloud.yaml +++ b/packages/core/installer/images/talos/profiles/nocloud.yaml @@ -3,24 +3,24 @@ arch: amd64 platform: nocloud secureboot: false -version: v1.9.5 +version: v1.10.1 input: kernel: path: /usr/install/amd64/vmlinuz initramfs: path: /usr/install/amd64/initramfs.xz baseInstaller: - imageRef: ghcr.io/siderolabs/installer:v1.9.5 + imageRef: ghcr.io/siderolabs/installer:v1.10.1 systemExtensions: - - imageRef: ghcr.io/siderolabs/amd-ucode:20250311 + - imageRef: ghcr.io/siderolabs/amd-ucode:20250410 - imageRef: ghcr.io/siderolabs/amdgpu-firmware:20241110 - - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250311 + - imageRef: ghcr.io/siderolabs/bnx2-bnx2x:20250410 - imageRef: ghcr.io/siderolabs/i915-ucode:20241110 - - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250311 + - imageRef: ghcr.io/siderolabs/intel-ice-firmware:20250410 - imageRef: ghcr.io/siderolabs/intel-ucode:20250211 - - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250311 - - imageRef: ghcr.io/siderolabs/drbd:9.2.12-v1.9.5 - - imageRef: ghcr.io/siderolabs/zfs:2.2.7-v1.9.5 + - imageRef: ghcr.io/siderolabs/qlogic-firmware:20250410 + - imageRef: ghcr.io/siderolabs/drbd:9.2.13-v1.10.1 + - imageRef: ghcr.io/siderolabs/zfs:2.3.1-v1.10.1 output: kind: image imageOptions: { diskSize: 1306525696, diskFormat: raw } From db34f31175812b79282fc9bada3185194ec70837 Mon Sep 17 00:00:00 2001 From: Timofei Larkin Date: Mon, 12 May 2025 14:29:11 +0300 Subject: [PATCH 12/25] Don't overcommit memory or throttle CPU This patch recreates the resource presets with a non-burstable memory allocation (request==limit) and without CPU limits. With the new presets the difference between the larger presets became meaningless, so their values were adjusted. Signed-off-by: Timofei Larkin --- .pre-commit-config.yaml | 1 + packages/apps/clickhouse/Chart.yaml | 2 +- .../apps/clickhouse/templates/_resources.tpl | 23 +++++++------ packages/apps/ferretdb/Chart.yaml | 2 +- .../apps/ferretdb/templates/_resources.tpl | 23 +++++++------ packages/apps/http-cache/Chart.yaml | 2 +- .../apps/http-cache/templates/_resources.tpl | 23 +++++++------ packages/apps/kafka/Chart.yaml | 2 +- packages/apps/kafka/templates/_resources.tpl | 23 +++++++------ .../apps/kubernetes/templates/_resources.tpl | 23 +++++++------ packages/apps/mysql/Chart.yaml | 2 +- packages/apps/mysql/templates/_resources.tpl | 23 +++++++------ packages/apps/nats/Chart.yaml | 2 +- packages/apps/nats/templates/_resources.tpl | 23 +++++++------ packages/apps/postgres/Chart.yaml | 2 +- .../apps/postgres/templates/_resources.tpl | 23 +++++++------ packages/apps/rabbitmq/Chart.yaml | 2 +- .../apps/rabbitmq/templates/_resources.tpl | 23 +++++++------ packages/apps/redis/Chart.yaml | 2 +- packages/apps/redis/templates/_resources.tpl | 23 +++++++------ packages/apps/tcp-balancer/Chart.yaml | 2 +- .../tcp-balancer/templates/_resources.tpl | 23 +++++++------ packages/apps/versions_map | 33 ++++++++++++------- packages/apps/vpn/Chart.yaml | 2 +- packages/apps/vpn/templates/_resources.tpl | 23 +++++++------ packages/system/dashboard/values.yaml | 9 +++++ 26 files changed, 175 insertions(+), 166 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6d05ad6f..9f94db8e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -18,6 +18,7 @@ repos: (cd "$dir" && make generate) fi done + git diff --color=always | cat ' language: script files: ^.*$ diff --git a/packages/apps/clickhouse/Chart.yaml b/packages/apps/clickhouse/Chart.yaml index 0466800b..935cf6af 100644 --- a/packages/apps/clickhouse/Chart.yaml +++ b/packages/apps/clickhouse/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.7.0 +version: 0.8.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/clickhouse/templates/_resources.tpl b/packages/apps/clickhouse/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/clickhouse/templates/_resources.tpl +++ b/packages/apps/clickhouse/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/ferretdb/Chart.yaml b/packages/apps/ferretdb/Chart.yaml index fa41dcbd..273d9d97 100644 --- a/packages/apps/ferretdb/Chart.yaml +++ b/packages/apps/ferretdb/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.0 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/ferretdb/templates/_resources.tpl b/packages/apps/ferretdb/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/ferretdb/templates/_resources.tpl +++ b/packages/apps/ferretdb/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/http-cache/Chart.yaml b/packages/apps/http-cache/Chart.yaml index 2224053c..151b3b42 100644 --- a/packages/apps/http-cache/Chart.yaml +++ b/packages/apps/http-cache/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.4.0 +version: 0.5.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/http-cache/templates/_resources.tpl b/packages/apps/http-cache/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/http-cache/templates/_resources.tpl +++ b/packages/apps/http-cache/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/kafka/Chart.yaml b/packages/apps/kafka/Chart.yaml index d4e910d4..00213f83 100644 --- a/packages/apps/kafka/Chart.yaml +++ b/packages/apps/kafka/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.0 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/kafka/templates/_resources.tpl b/packages/apps/kafka/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/kafka/templates/_resources.tpl +++ b/packages/apps/kafka/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/kubernetes/templates/_resources.tpl b/packages/apps/kubernetes/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/kubernetes/templates/_resources.tpl +++ b/packages/apps/kubernetes/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/mysql/Chart.yaml b/packages/apps/mysql/Chart.yaml index d8d04d0c..f9dcb7c6 100644 --- a/packages/apps/mysql/Chart.yaml +++ b/packages/apps/mysql/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.6.0 +version: 0.7.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/mysql/templates/_resources.tpl b/packages/apps/mysql/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/mysql/templates/_resources.tpl +++ b/packages/apps/mysql/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/nats/Chart.yaml b/packages/apps/nats/Chart.yaml index 2bae5c73..38f429fb 100644 --- a/packages/apps/nats/Chart.yaml +++ b/packages/apps/nats/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.0 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/nats/templates/_resources.tpl b/packages/apps/nats/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/nats/templates/_resources.tpl +++ b/packages/apps/nats/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/postgres/Chart.yaml b/packages/apps/postgres/Chart.yaml index 36842881..7c262043 100644 --- a/packages/apps/postgres/Chart.yaml +++ b/packages/apps/postgres/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.10.1 +version: 0.11.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/postgres/templates/_resources.tpl b/packages/apps/postgres/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/postgres/templates/_resources.tpl +++ b/packages/apps/postgres/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/rabbitmq/Chart.yaml b/packages/apps/rabbitmq/Chart.yaml index 2218642f..3aa54260 100644 --- a/packages/apps/rabbitmq/Chart.yaml +++ b/packages/apps/rabbitmq/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.5.0 +version: 0.6.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/rabbitmq/templates/_resources.tpl b/packages/apps/rabbitmq/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/rabbitmq/templates/_resources.tpl +++ b/packages/apps/rabbitmq/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/redis/Chart.yaml b/packages/apps/redis/Chart.yaml index 07556e67..2a07e2c0 100644 --- a/packages/apps/redis/Chart.yaml +++ b/packages/apps/redis/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.6.0 +version: 0.7.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/redis/templates/_resources.tpl b/packages/apps/redis/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/redis/templates/_resources.tpl +++ b/packages/apps/redis/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/tcp-balancer/Chart.yaml b/packages/apps/tcp-balancer/Chart.yaml index 9d701dcd..5955c5be 100644 --- a/packages/apps/tcp-balancer/Chart.yaml +++ b/packages/apps/tcp-balancer/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.0 +version: 0.4.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/tcp-balancer/templates/_resources.tpl b/packages/apps/tcp-balancer/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/tcp-balancer/templates/_resources.tpl +++ b/packages/apps/tcp-balancer/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/apps/versions_map b/packages/apps/versions_map index b7c09ab7..89d9990d 100644 --- a/packages/apps/versions_map +++ b/packages/apps/versions_map @@ -8,7 +8,8 @@ clickhouse 0.5.0 0f312d5c clickhouse 0.6.0 1ec10165 clickhouse 0.6.1 c62a83a7 clickhouse 0.6.2 8267072d -clickhouse 0.7.0 HEAD +clickhouse 0.7.0 93bdf411 +clickhouse 0.8.0 HEAD ferretdb 0.1.0 e9716091 ferretdb 0.1.1 91b0499a ferretdb 0.2.0 6c5cf5bf @@ -16,12 +17,14 @@ ferretdb 0.3.0 b8e33d19 ferretdb 0.4.0 b40e1b09 ferretdb 0.4.1 1ec10165 ferretdb 0.4.2 8267072d -ferretdb 0.5.0 HEAD +ferretdb 0.5.0 93bdf411 +ferretdb 0.6.0 HEAD http-cache 0.1.0 263e47be http-cache 0.2.0 53f2365e http-cache 0.3.0 6c5cf5bf http-cache 0.3.1 0f312d5c -http-cache 0.4.0 HEAD +http-cache 0.4.0 93bdf411 +http-cache 0.5.0 HEAD kafka 0.1.0 f7eaab0a kafka 0.2.0 c0685f43 kafka 0.2.1 dfbc210b @@ -32,7 +35,8 @@ kafka 0.3.1 c62a83a7 kafka 0.3.2 93c46161 kafka 0.3.3 8267072d kafka 0.4.0 85ec09b8 -kafka 0.5.0 HEAD +kafka 0.5.0 93bdf411 +kafka 0.6.0 HEAD kubernetes 0.1.0 263e47be kubernetes 0.2.0 53f2365e kubernetes 0.3.0 007d414f @@ -69,14 +73,16 @@ mysql 0.5.0 b40e1b09 mysql 0.5.1 0f312d5c mysql 0.5.2 1ec10165 mysql 0.5.3 8267072d -mysql 0.6.0 HEAD +mysql 0.6.0 93bdf411 +mysql 0.7.0 HEAD nats 0.1.0 e9716091 nats 0.2.0 6c5cf5bf nats 0.3.0 78366f19 nats 0.3.1 c62a83a7 nats 0.4.0 898374b5 nats 0.4.1 8267072d -nats 0.5.0 HEAD +nats 0.5.0 93bdf411 +nats 0.6.0 HEAD postgres 0.1.0 263e47be postgres 0.2.0 53f2365e postgres 0.2.1 d7cfa53c @@ -91,7 +97,8 @@ postgres 0.7.1 1ec10165 postgres 0.8.0 4e68e65c postgres 0.9.0 8267072d postgres 0.10.0 721c12a7 -postgres 0.10.1 HEAD +postgres 0.10.1 93bdf411 +postgres 0.11.0 HEAD rabbitmq 0.1.0 263e47be rabbitmq 0.2.0 53f2365e rabbitmq 0.3.0 6c5cf5bf @@ -100,17 +107,20 @@ rabbitmq 0.4.1 1128d0cb rabbitmq 0.4.2 4b90bf5a rabbitmq 0.4.3 1ec10165 rabbitmq 0.4.4 8267072d -rabbitmq 0.5.0 HEAD +rabbitmq 0.5.0 93bdf411 +rabbitmq 0.6.0 HEAD redis 0.1.1 263e47be redis 0.2.0 53f2365e redis 0.3.0 6c5cf5bf redis 0.3.1 c62a83a7 redis 0.4.0 84f3ccc0 redis 0.5.0 4e68e65c -redis 0.6.0 HEAD +redis 0.6.0 93bdf411 +redis 0.7.0 HEAD tcp-balancer 0.1.0 263e47be tcp-balancer 0.2.0 53f2365e -tcp-balancer 0.3.0 HEAD +tcp-balancer 0.3.0 93bdf411 +tcp-balancer 0.4.0 HEAD tenant 0.1.4 afc997ef tenant 0.1.5 e3ab858a tenant 1.0.0 263e47be @@ -163,4 +173,5 @@ vpn 0.1.0 263e47be vpn 0.2.0 53f2365e vpn 0.3.0 6c5cf5bf vpn 0.3.1 1ec10165 -vpn 0.4.0 HEAD +vpn 0.4.0 93bdf411 +vpn 0.5.0 HEAD diff --git a/packages/apps/vpn/Chart.yaml b/packages/apps/vpn/Chart.yaml index c82e77dd..4382233a 100644 --- a/packages/apps/vpn/Chart.yaml +++ b/packages/apps/vpn/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.4.0 +version: 0.5.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/vpn/templates/_resources.tpl b/packages/apps/vpn/templates/_resources.tpl index 7ada56d4..6539c99a 100644 --- a/packages/apps/vpn/templates/_resources.tpl +++ b/packages/apps/vpn/templates/_resources.tpl @@ -11,35 +11,34 @@ These presets are for basic testing and not meant to be used in production {{ include "resources.preset" (dict "type" "nano") -}} */}} {{- define "resources.preset" -}} -{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}} {{- $presets := dict "nano" (dict "requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "128Mi" "ephemeral-storage" "2Gi") ) "micro" (dict "requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "256Mi" "ephemeral-storage" "2Gi") ) "small" (dict "requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi") + "limits" (dict "memory" "512Mi" "ephemeral-storage" "2Gi") ) "medium" (dict - "requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "500m" "memory" "1Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "1Gi" "ephemeral-storage" "2Gi") ) "large" (dict - "requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "1" "memory" "2Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "2Gi" "ephemeral-storage" "2Gi") ) "xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "2" "memory" "4Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "4Gi" "ephemeral-storage" "2Gi") ) "2xlarge" (dict - "requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi") - "limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi") + "requests" (dict "cpu" "4" "memory" "8Gi" "ephemeral-storage" "50Mi") + "limits" (dict "memory" "8Gi" "ephemeral-storage" "2Gi") ) }} {{- if hasKey $presets .type -}} diff --git a/packages/system/dashboard/values.yaml b/packages/system/dashboard/values.yaml index 3038124f..a7103fc4 100644 --- a/packages/system/dashboard/values.yaml +++ b/packages/system/dashboard/values.yaml @@ -21,6 +21,15 @@ kubeapps: repository: dashboard tag: v0.31.0-rc.1 digest: "sha256:a83fe4654f547469cfa469a02bda1273c54bca103a41eb007fdb2e18a7a91e93" + redis: + master: + resourcesPreset: "none" + resources: + requests: + cpu: 200m + memory: 256Mi + limits: + memory: 256Mi kubeappsapis: resourcesPreset: "none" image: From fd72d7c4862315737a6187490884d5d9c9a96aa4 Mon Sep 17 00:00:00 2001 From: Kingdon B Date: Mon, 12 May 2025 10:15:58 -0400 Subject: [PATCH 13/25] Flux Operator 0.20.0 Signed-off-by: Kingdon B --- .../system/fluxcd-operator/charts/flux-operator/Chart.yaml | 4 ++-- .../system/fluxcd-operator/charts/flux-operator/README.md | 2 +- packages/system/fluxcd/charts/flux-instance/Chart.yaml | 4 ++-- packages/system/fluxcd/charts/flux-instance/README.md | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml b/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml index 95ce6ee5..43caa7d9 100644 --- a/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml +++ b/packages/system/fluxcd-operator/charts/flux-operator/Chart.yaml @@ -8,7 +8,7 @@ annotations: - name: Upstream Project url: https://github.com/controlplaneio-fluxcd/flux-operator apiVersion: v2 -appVersion: v0.19.0 +appVersion: v0.20.0 description: 'A Helm chart for deploying the Flux Operator. ' home: https://github.com/controlplaneio-fluxcd icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/flux/icon/color/flux-icon-color.png @@ -25,4 +25,4 @@ sources: - https://github.com/controlplaneio-fluxcd/flux-operator - https://github.com/controlplaneio-fluxcd/charts type: application -version: 0.19.0 +version: 0.20.0 diff --git a/packages/system/fluxcd-operator/charts/flux-operator/README.md b/packages/system/fluxcd-operator/charts/flux-operator/README.md index 627a81ab..7cbbd492 100644 --- a/packages/system/fluxcd-operator/charts/flux-operator/README.md +++ b/packages/system/fluxcd-operator/charts/flux-operator/README.md @@ -1,6 +1,6 @@ # flux-operator -![Version: 0.19.0](https://img.shields.io/badge/Version-0.19.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.19.0](https://img.shields.io/badge/AppVersion-v0.19.0-informational?style=flat-square) +![Version: 0.20.0](https://img.shields.io/badge/Version-0.20.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.20.0](https://img.shields.io/badge/AppVersion-v0.20.0-informational?style=flat-square) The [Flux Operator](https://github.com/controlplaneio-fluxcd/flux-operator) provides a declarative API for the installation and upgrade of CNCF [Flux](https://fluxcd.io) and the diff --git a/packages/system/fluxcd/charts/flux-instance/Chart.yaml b/packages/system/fluxcd/charts/flux-instance/Chart.yaml index be942dd5..12d1d3b4 100644 --- a/packages/system/fluxcd/charts/flux-instance/Chart.yaml +++ b/packages/system/fluxcd/charts/flux-instance/Chart.yaml @@ -8,7 +8,7 @@ annotations: - name: Upstream Project url: https://github.com/controlplaneio-fluxcd/flux-operator apiVersion: v2 -appVersion: v0.19.0 +appVersion: v0.20.0 description: 'A Helm chart for deploying a Flux instance managed by Flux Operator. ' home: https://github.com/controlplaneio-fluxcd icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/flux/icon/color/flux-icon-color.png @@ -25,4 +25,4 @@ sources: - https://github.com/controlplaneio-fluxcd/flux-operator - https://github.com/controlplaneio-fluxcd/charts type: application -version: 0.19.0 +version: 0.20.0 diff --git a/packages/system/fluxcd/charts/flux-instance/README.md b/packages/system/fluxcd/charts/flux-instance/README.md index ccd29096..b39c70fc 100644 --- a/packages/system/fluxcd/charts/flux-instance/README.md +++ b/packages/system/fluxcd/charts/flux-instance/README.md @@ -1,6 +1,6 @@ # flux-instance -![Version: 0.19.0](https://img.shields.io/badge/Version-0.19.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.19.0](https://img.shields.io/badge/AppVersion-v0.19.0-informational?style=flat-square) +![Version: 0.20.0](https://img.shields.io/badge/Version-0.20.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.20.0](https://img.shields.io/badge/AppVersion-v0.20.0-informational?style=flat-square) This chart is a thin wrapper around the `FluxInstance` custom resource, which is used by the [Flux Operator](https://github.com/controlplaneio-fluxcd/flux-operator) From d002879b0b0bf57cfbfe0b9ca773a8bed6e80859 Mon Sep 17 00:00:00 2001 From: Timofei Larkin Date: Wed, 14 May 2025 15:16:14 +0300 Subject: [PATCH 14/25] Downgrade CAPI operator Signed-off-by: Timofei Larkin --- packages/system/capi-operator/Makefile | 12 +- .../charts/cluster-api-operator/Chart.yaml | 4 +- .../cluster-api-operator/templates/addon.yaml | 45 ++-- .../templates/bootstrap.yaml | 45 ++-- .../templates/control-plane.yaml | 45 ++-- .../cluster-api-operator/templates/core.yaml | 45 ++-- .../cluster-api-operator/templates/infra.yaml | 47 ++-- .../cluster-api-operator/templates/ipam.yaml | 45 ++-- .../templates/operator-components.yaml | 241 +++--------------- .../cluster-api-operator/values.schema.json | 47 ---- .../charts/cluster-api-operator/values.yaml | 32 +-- scripts/package.mk | 8 + 12 files changed, 188 insertions(+), 428 deletions(-) delete mode 100644 packages/system/capi-operator/charts/cluster-api-operator/values.schema.json diff --git a/packages/system/capi-operator/Makefile b/packages/system/capi-operator/Makefile index baa4a5fc..20c083aa 100644 --- a/packages/system/capi-operator/Makefile +++ b/packages/system/capi-operator/Makefile @@ -1,11 +1,11 @@ export NAME=capi-operator export NAMESPACE=cozy-cluster-api +export REPO_NAME=capi-operator +export REPO_URL=https://kubernetes-sigs.github.io/cluster-api-operator +export CHART_NAME=cluster-api-operator +export CHART_VERSION=^0.18 include ../../../scripts/package.mk -update: - rm -rf charts - helm repo add capi-operator https://kubernetes-sigs.github.io/cluster-api-operator - helm repo update capi-operator - helm pull capi-operator/cluster-api-operator --untar --untardir charts - rm -rf charts/cluster-api-operator/charts +update: clean capi-operator-update + rm -rf charts/cluster-api-operator/charts/ diff --git a/packages/system/capi-operator/charts/cluster-api-operator/Chart.yaml b/packages/system/capi-operator/charts/cluster-api-operator/Chart.yaml index 323a3594..5108c7dc 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/Chart.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -appVersion: 0.19.0 +appVersion: 0.18.1 description: Cluster API Operator name: cluster-api-operator type: application -version: 0.19.0 +version: 0.18.1 diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/addon.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/addon.yaml index 6a341496..a2eb8fb9 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/addon.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/addon.yaml @@ -1,8 +1,26 @@ # Addon provider -{{- range $name, $addon := $.Values.addon }} - {{- $addonNamespace := default ( printf "%s-%s" $name "addon-system" ) (get $addon "namespace") }} - {{- $addonName := $name }} - {{- $addonVersion := get $addon "version" }} +{{- if .Values.addon }} +{{- $addons := split ";" .Values.addon }} +{{- $addonNamespace := "" }} +{{- $addonName := "" }} +{{- $addonVersion := "" }} +{{- range $addon := $addons }} +{{- $addonArgs := split ":" $addon }} +{{- $addonArgsLen := len $addonArgs }} +{{- if eq $addonArgsLen 3 }} + {{- $addonNamespace = $addonArgs._0 }} + {{- $addonName = $addonArgs._1 }} + {{- $addonVersion = $addonArgs._2 }} +{{- else if eq $addonArgsLen 2 }} + {{- $addonNamespace = print $addonArgs._0 "-addon-system" }} + {{- $addonName = $addonArgs._0 }} + {{- $addonVersion = $addonArgs._1 }} +{{- else if eq $addonArgsLen 1 }} + {{- $addonNamespace = print $addonArgs._0 "-addon-system" }} + {{- $addonName = $addonArgs._0 }} +{{- else }} + {{- fail "addon provider argument should have the following format helm:v1.0.0 or mynamespace:helm:v1.0.0" }} +{{- end }} --- apiVersion: v1 kind: Namespace @@ -38,24 +56,5 @@ spec: {{- if $.Values.secretNamespace }} secretNamespace: {{ $.Values.secretNamespace }} {{- end }} -{{- if $addon.manifestPatches }} - manifestPatches: {{ toYaml $addon.manifestPatches | nindent 4 }} {{- end }} -{{- if $addon.additionalManifests }} - additionalManifests: - name: {{ $addon.additionalManifests.name }} - {{- if $addon.additionalManifests.namespace }} - namespace: {{ $addon.additionalManifests.namespace }} - {{- end }} {{/* if $addon.additionalManifests.namespace */}} {{- end }} -{{- if $addon.additionalManifests }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $addon.additionalManifests.name }} - namespace: {{ default $addonNamespace $addon.additionalManifests.namespace }} -data: - manifests: {{- toYaml $addon.additionalManifests.manifests | nindent 4 }} -{{- end }} -{{- end }} {{/* range $name, $addon := .Values.addon */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/bootstrap.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/bootstrap.yaml index 78dad47e..ed5d7924 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/bootstrap.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/bootstrap.yaml @@ -1,8 +1,26 @@ # Bootstrap provider -{{- range $name, $bootstrap := $.Values.bootstrap }} - {{- $bootstrapNamespace := default ( printf "%s-%s" $name "bootstrap-system" ) (get $bootstrap "namespace") }} - {{- $bootstrapName := $name }} - {{- $bootstrapVersion := get $bootstrap "version" }} +{{- if .Values.bootstrap }} +{{- $bootstraps := split ";" .Values.bootstrap }} +{{- $bootstrapNamespace := "" }} +{{- $bootstrapName := "" }} +{{- $bootstrapVersion := "" }} +{{- range $bootstrap := $bootstraps }} +{{- $bootstrapArgs := split ":" $bootstrap }} +{{- $bootstrapArgsLen := len $bootstrapArgs }} +{{- if eq $bootstrapArgsLen 3 }} + {{- $bootstrapNamespace = $bootstrapArgs._0 }} + {{- $bootstrapName = $bootstrapArgs._1 }} + {{- $bootstrapVersion = $bootstrapArgs._2 }} +{{- else if eq $bootstrapArgsLen 2 }} + {{- $bootstrapNamespace = print $bootstrapArgs._0 "-bootstrap-system" }} + {{- $bootstrapName = $bootstrapArgs._0 }} + {{- $bootstrapVersion = $bootstrapArgs._1 }} +{{- else if eq $bootstrapArgsLen 1 }} + {{- $bootstrapNamespace = print $bootstrapArgs._0 "-bootstrap-system" }} + {{- $bootstrapName = $bootstrapArgs._0 }} +{{- else }} + {{- fail "bootstrap provider argument should have the following format kubeadm:v1.0.0 or mynamespace:kubeadm:v1.0.0" }} +{{- end }} --- apiVersion: v1 kind: Namespace @@ -39,24 +57,5 @@ spec: namespace: {{ $.Values.configSecret.namespace }} {{- end }} {{- end }} -{{- if $bootstrap.manifestPatches }} - manifestPatches: {{ toYaml $bootstrap.manifestPatches | nindent 4 }} {{- end }} -{{- if $bootstrap.additionalManifests }} - additionalManifests: - name: {{ $bootstrap.additionalManifests.name }} - {{- if $bootstrap.additionalManifests.namespace }} - namespace: {{ $bootstrap.additionalManifests.namespace }} - {{- end }} {{/* if $bootstrap.additionalManifests.namespace */}} {{- end }} -{{- if $bootstrap.additionalManifests }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $bootstrap.additionalManifests.name }} - namespace: {{ default $bootstrapNamespace $bootstrap.additionalManifests.namespace }} -data: - manifests: {{- toYaml $bootstrap.additionalManifests.manifests | nindent 4 }} -{{- end }} -{{- end }} {{/* range $name, $bootstrap := .Values.bootstrap */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/control-plane.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/control-plane.yaml index 8a020afd..d72249d1 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/control-plane.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/control-plane.yaml @@ -1,8 +1,26 @@ # Control plane provider -{{- range $name, $controlPlane := $.Values.controlPlane }} - {{- $controlPlaneNamespace := default ( printf "%s-%s" $name "control-plane-system" ) (get $controlPlane "namespace") }} - {{- $controlPlaneName := $name }} - {{- $controlPlaneVersion := get $controlPlane "version" }} +{{- if .Values.controlPlane }} +{{- $controlPlanes := split ";" .Values.controlPlane }} +{{- $controlPlaneNamespace := "" }} +{{- $controlPlaneName := "" }} +{{- $controlPlaneVersion := "" }} +{{- range $controlPlane := $controlPlanes }} +{{- $controlPlaneArgs := split ":" $controlPlane }} +{{- $controlPlaneArgsLen := len $controlPlaneArgs }} +{{- if eq $controlPlaneArgsLen 3 }} + {{- $controlPlaneNamespace = $controlPlaneArgs._0 }} + {{- $controlPlaneName = $controlPlaneArgs._1 }} + {{- $controlPlaneVersion = $controlPlaneArgs._2 }} +{{- else if eq $controlPlaneArgsLen 2 }} + {{- $controlPlaneNamespace = print $controlPlaneArgs._0 "-control-plane-system" }} + {{- $controlPlaneName = $controlPlaneArgs._0 }} + {{- $controlPlaneVersion = $controlPlaneArgs._1 }} +{{- else if eq $controlPlaneArgsLen 1 }} + {{- $controlPlaneNamespace = print $controlPlaneArgs._0 "-control-plane-system" }} + {{- $controlPlaneName = $controlPlaneArgs._0 }} +{{- else }} + {{- fail "controlplane provider argument should have the following format kubeadm:v1.0.0 or mynamespace:kubeadm:v1.0.0" }} +{{- end }} --- apiVersion: v1 kind: Namespace @@ -52,24 +70,5 @@ spec: namespace: {{ $.Values.configSecret.namespace }} {{- end }} {{- end }} -{{- if $controlPlane.manifestPatches }} - manifestPatches: {{ toYaml $controlPlane.manifestPatches | nindent 4 }} {{- end }} -{{- if $controlPlane.additionalManifests }} - additionalManifests: - name: {{ $controlPlane.additionalManifests.name }} - {{- if $controlPlane.additionalManifests.namespace }} - namespace: {{ $controlPlane.additionalManifests.namespace }} - {{- end }} {{/* if $controlPlane.additionalManifests.namespace */}} {{- end }} -{{- if $controlPlane.additionalManifests }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $controlPlane.additionalManifests.name }} - namespace: {{ default $controlPlaneNamespace $controlPlane.additionalManifests.namespace }} -data: - manifests: {{- toYaml $controlPlane.additionalManifests.manifests | nindent 4 }} -{{- end }} -{{- end }} {{/* range $name, $controlPlane := .Values.controlPlane */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/core.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/core.yaml index 648e1b60..828d2269 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/core.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/core.yaml @@ -1,8 +1,25 @@ # Core provider -{{- range $name, $core := $.Values.core }} - {{- $coreNamespace := default "capi-system" (get $core "namespace") }} - {{- $coreName := $name }} - {{- $coreVersion := get $core "version" }} +{{- if .Values.core }} +{{- $coreArgs := split ":" .Values.core }} +{{- $coreArgsLen := len $coreArgs }} +{{- $coreVersion := "" }} +{{- $coreNamespace := "" }} +{{- $coreName := "" }} +{{- $coreVersion := "" }} +{{- if eq $coreArgsLen 3 }} + {{- $coreNamespace = $coreArgs._0 }} + {{- $coreName = $coreArgs._1 }} + {{- $coreVersion = $coreArgs._2 }} +{{- else if eq $coreArgsLen 2 }} + {{- $coreNamespace = "capi-system" }} + {{- $coreName = $coreArgs._0 }} + {{- $coreVersion = $coreArgs._1 }} +{{- else if eq $coreArgsLen 1 }} + {{- $coreNamespace = "capi-system" }} + {{- $coreName = $coreArgs._0 }} +{{- else }} + {{- fail "core provider argument should have the following format cluster-api:v1.0.0 or mynamespace:cluster-api:v1.0.0" }} +{{- end }} --- apiVersion: v1 kind: Namespace @@ -48,24 +65,4 @@ spec: namespace: {{ $.Values.configSecret.namespace }} {{- end }} {{- end }} -{{- if $core.manifestPatches }} - manifestPatches: {{ toYaml $core.manifestPatches | nindent 4 }} {{- end }} -{{- if $core.additionalManifests }} - additionalManifests: - name: {{ $core.additionalManifests.name }} - {{- if $core.additionalManifests.namespace }} - namespace: {{ $core.additionalManifests.namespace }} - {{- end }} -{{- end }} -{{- if $core.additionalManifests }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $core.additionalManifests.name }} - namespace: {{ default $coreNamespace $core.additionalManifests.namespace }} -data: - manifests: {{- toYaml $core.additionalManifests.manifests | nindent 4 }} -{{- end }} -{{- end }} {{/* range $name, $core := .Values.core */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/infra.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/infra.yaml index 835607d4..5841336c 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/infra.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/infra.yaml @@ -1,8 +1,26 @@ # Infrastructure providers -{{- range $name, $infra := $.Values.infrastructure }} - {{- $infrastructureNamespace := default ( printf "%s-%s" $name "infrastructure-system" ) (get $infra "namespace") }} - {{- $infrastructureName := $name }} - {{- $infrastructureVersion := get $infra "version" }} +{{- if .Values.infrastructure }} +{{- $infrastructures := split ";" .Values.infrastructure }} +{{- $infrastructureNamespace := "" }} +{{- $infrastructureName := "" }} +{{- $infrastructureVersion := "" }} +{{- range $infrastructure := $infrastructures }} +{{- $infrastructureArgs := split ":" $infrastructure }} +{{- $infrastructureArgsLen := len $infrastructureArgs }} +{{- if eq $infrastructureArgsLen 3 }} + {{- $infrastructureNamespace = $infrastructureArgs._0 }} + {{- $infrastructureName = $infrastructureArgs._1 }} + {{- $infrastructureVersion = $infrastructureArgs._2 }} +{{- else if eq $infrastructureArgsLen 2 }} + {{- $infrastructureNamespace = print $infrastructureArgs._0 "-infrastructure-system" }} + {{- $infrastructureName = $infrastructureArgs._0 }} + {{- $infrastructureVersion = $infrastructureArgs._1 }} +{{- else if eq $infrastructureArgsLen 1 }} + {{- $infrastructureNamespace = print $infrastructureArgs._0 "-infrastructure-system" }} + {{- $infrastructureName = $infrastructureArgs._0 }} +{{- else }} + {{- fail "infrastructure provider argument should have the following format aws:v1.0.0 or mynamespace:aws:v1.0.0" }} +{{- end }} --- apiVersion: v1 kind: Namespace @@ -65,24 +83,5 @@ spec: {{- if $.Values.additionalDeployments }} additionalDeployments: {{ toYaml $.Values.additionalDeployments | nindent 4 }} {{- end }} -{{- if $infra.manifestPatches }} - manifestPatches: {{- toYaml $infra.manifestPatches | nindent 4 }} -{{- end }} {{/* if $infra.manifestPatches */}} -{{- if $infra.additionalManifests }} - additionalManifests: - name: {{ $infra.additionalManifests.name }} - {{- if $infra.additionalManifests.namespace }} - namespace: {{ $infra.additionalManifests.namespace }} - {{- end }} {{/* if $infra.additionalManifests.namespace */}} -{{- end }} {{/* if $infra.additionalManifests */}} -{{- if $infra.additionalManifests }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $infra.additionalManifests.name }} - namespace: {{ default $infrastructureNamespace $infra.additionalManifests.namespace }} -data: - manifests: {{- toYaml $infra.additionalManifests.manifests | nindent 4 }} {{- end }} -{{- end }} {{/* range $name, $infra := .Values.infrastructure */}} +{{- end }} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/ipam.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/ipam.yaml index 4a33c42f..06960afb 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/ipam.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/ipam.yaml @@ -1,8 +1,26 @@ # IPAM providers -{{- range $name, $ipam := $.Values.ipam }} - {{- $ipamNamespace := default ( printf "%s-%s" $name "ipam-system" ) (get $ipam "namespace") }} - {{- $ipamName := $name }} - {{- $ipamVersion := get $ipam "version" }} +{{- if .Values.ipam }} +{{- $ipams := split ";" .Values.ipam }} +{{- $ipamNamespace := "" }} +{{- $ipamName := "" }} +{{- $ipamVersion := "" }} +{{- range $ipam := $ipams }} +{{- $ipamArgs := split ":" $ipam }} +{{- $ipamArgsLen := len $ipamArgs }} +{{- if eq $ipamArgsLen 3 }} + {{- $ipamNamespace = $ipamArgs._0 }} + {{- $ipamName = $ipamArgs._1 }} + {{- $ipamVersion = $ipamArgs._2 }} +{{- else if eq $ipamArgsLen 2 }} + {{- $ipamNamespace = print $ipamArgs._0 "-ipam-system" }} + {{- $ipamName = $ipamArgs._0 }} + {{- $ipamVersion = $ipamArgs._1 }} +{{- else if eq $ipamArgsLen 1 }} + {{- $ipamNamespace = print $ipamArgs._0 "-ipam-system" }} + {{- $ipamName = $ipamArgs._0 }} +{{- else }} + {{- fail "ipam provider argument should have the following format in-cluster:v1.0.0 or mynamespace:in-cluster:v1.0.0" }} +{{- end }} --- apiVersion: v1 kind: Namespace @@ -52,27 +70,8 @@ spec: namespace: {{ $.Values.configSecret.namespace }} {{- end }} {{- end }} -{{- if $ipam.manifestPatches }} - manifestPatches: {{ toYaml $ipam.manifestPatches | nindent 4 }} -{{- end }} {{- if $.Values.additionalDeployments }} additionalDeployments: {{ toYaml $.Values.additionalDeployments | nindent 4 }} {{- end }} -{{- if $ipam.additionalManifests }} - additionalManifests: - name: {{ $ipam.additionalManifests.name }} - {{- if $ipam.additionalManifests.namespace }} - namespace: {{ $ipam.additionalManifests.namespace }} - {{- end }} {{/* if $ipam.additionalManifests.namespace */}} {{- end }} -{{- if $ipam.additionalManifests }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $ipam.additionalManifests.name }} - namespace: {{ default $ipamNamespace $ipam.additionalManifests.namespace }} -data: - manifests: {{- toYaml $ipam.additionalManifests.manifests | nindent 4 }} {{- end }} -{{- end }} {{/* range $name, $ipam := .Values.ipam */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/operator-components.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/operator-components.yaml index 0ee82bfc..27b8bf80 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/operator-components.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/operator-components.yaml @@ -1305,13 +1305,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -2843,13 +2836,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -3062,32 +3048,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -3097,8 +3078,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -4732,32 +4711,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -4767,8 +4741,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -6071,13 +6043,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -7609,13 +7574,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -7828,32 +7786,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -7863,8 +7816,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -9499,32 +9450,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -9534,8 +9480,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -10839,13 +10783,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -12377,13 +12314,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -12597,32 +12527,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -12632,8 +12557,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -14267,32 +14190,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -14302,8 +14220,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -15606,13 +15522,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -17144,13 +17053,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -17363,32 +17265,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -17398,8 +17295,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -19034,32 +18929,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -19069,8 +18959,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -20374,13 +20262,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -21912,13 +21793,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -22132,32 +22006,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -22167,8 +22036,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -23504,13 +23371,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -25042,13 +24902,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -25261,32 +25114,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -25296,8 +25144,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime @@ -26635,13 +26481,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -28173,13 +28012,6 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: - additionalArgs: - additionalProperties: - type: string - description: |- - AdditionalArgs is a map of additional options that will be passed - in as container args to the provider's controller manager. - type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -28393,32 +28225,27 @@ spec: properties: lastTransitionTime: description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. + Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - message is a human readable message indicating details about the transition. + A human readable message indicating details about the transition. This field may be empty. - maxLength: 10240 - minLength: 1 type: string reason: description: |- - reason is the reason for the condition's last transition in CamelCase. + The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. - maxLength: 256 - minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. - maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -28428,8 +28255,6 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. - maxLength: 256 - minLength: 1 type: string required: - lastTransitionTime diff --git a/packages/system/capi-operator/charts/cluster-api-operator/values.schema.json b/packages/system/capi-operator/charts/cluster-api-operator/values.schema.json deleted file mode 100644 index d22038fc..00000000 --- a/packages/system/capi-operator/charts/cluster-api-operator/values.schema.json +++ /dev/null @@ -1,47 +0,0 @@ -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "type": "object", - "properties": { - "core": { - "oneOf": [ - { "type": "object" }, - { "type": "null" } - ] - }, - "bootstrap": { - "type": "object", - "oneOf": [ - { "type": "object" }, - { "type": "null" } - ] - }, - "controlPlane": { - "type": "object", - "oneOf": [ - { "type": "object" }, - { "type": "null" } - ] - }, - "infrastructure": { - "type": "object", - "oneOf": [ - { "type": "object" }, - { "type": "null" } - ] - }, - "addon": { - "type": "object", - "oneOf": [ - { "type": "object" }, - { "type": "null" } - ] - }, - "ipam": { - "type": "object", - "oneOf": [ - { "type": "object" }, - { "type": "null" } - ] - } - } -} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/values.yaml b/packages/system/capi-operator/charts/cluster-api-operator/values.yaml index 545bae39..12507a3c 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/values.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/values.yaml @@ -1,30 +1,12 @@ --- # --- # Cluster API provider options -core: {} -# cluster-api: {} # Name, required -# namespace: "" # Optional -# version: "" # Optional -bootstrap: {} -# kubeadm: {} # Name, required -# namespace: "" # Optional -# version: "" # Optional -controlPlane: {} -# kubeadm: {} # Name, required -# namespace: "" # Optional -# version: "" # Optional -infrastructure: {} -# docker: {} # Name, required -# namespace: "" # Optional -# version: "" # Optional -addon: {} -# helm: {} # Name, required -# namespace: "" # Optional -# version: "" # Optional -ipam: {} -# in-cluster: {} # Name, required -# namespace: "" # Optional -# version: "" # Optional +core: "" +bootstrap: "" +controlPlane: "" +infrastructure: "" +ipam: "" +addon: "" manager.featureGates: {} fetchConfig: {} # --- @@ -39,7 +21,7 @@ leaderElection: image: manager: repository: registry.k8s.io/capi-operator/cluster-api-operator - tag: v0.19.0 + tag: v0.18.1 pullPolicy: IfNotPresent env: manager: [] diff --git a/scripts/package.mk b/scripts/package.mk index ca537213..62702321 100644 --- a/scripts/package.mk +++ b/scripts/package.mk @@ -29,3 +29,11 @@ delete: check suspend ## Delete Helm release from a Kubernetes cluster check: @if [ -z "$(NAME)" ]; then echo "env NAME is not set!" >&2; exit 1; fi @if [ -z "$(NAMESPACE)" ]; then echo "env NAMESPACE is not set!" >&2; exit 1; fi + +clean: + rm -rf charts/ + +%-update: + helm repo add $(REPO_NAME) $(REPO_URL) + helm repo update $(REPO_NAME) + helm pull $(REPO_NAME)/$(CHART_NAME) --untar --untardir charts --version "$(CHART_VERSION)" From 3780925a680798e1ddbfe364bb5f4669ba53cb65 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Thu, 8 May 2025 14:34:07 +0200 Subject: [PATCH 15/25] [platform] Introduce expose-services and expose-ingress options Signed-off-by: Andrei Kvapil --- hack/e2e.sh | 4 +- packages/extra/ingress/Chart.yaml | 2 +- packages/extra/ingress/README.md | 15 +++----- .../ingress/templates/cdi-uploadproxy.yaml | 37 ------------------- packages/extra/ingress/values.schema.json | 15 -------- packages/extra/ingress/values.yaml | 9 ----- packages/extra/ingress/vm-exportproxy.yaml | 37 ------------------- packages/extra/versions_map | 2 +- .../cozystack-api/templates/api-ingress.yaml | 28 ++++++++++++++ .../templates/dashboard-ingress.yaml} | 27 +++++--------- .../templates/configure-kk.yaml | 9 ----- .../system/keycloak/templates/ingress.yaml | 17 ++------- packages/system/keycloak/templates/sts.yaml | 9 ----- .../templates/cdi-uploadproxy-ingress.yaml | 29 +++++++++++++++ .../templates/vm-exportproxy-ingress.yaml | 28 ++++++++++++++ 15 files changed, 107 insertions(+), 161 deletions(-) delete mode 100644 packages/extra/ingress/templates/cdi-uploadproxy.yaml delete mode 100644 packages/extra/ingress/vm-exportproxy.yaml create mode 100644 packages/system/cozystack-api/templates/api-ingress.yaml rename packages/{extra/ingress/templates/dashboard.yaml => system/dashboard/templates/dashboard-ingress.yaml} (54%) create mode 100644 packages/system/kubevirt-cdi/templates/cdi-uploadproxy-ingress.yaml create mode 100644 packages/system/kubevirt/templates/vm-exportproxy-ingress.yaml diff --git a/hack/e2e.sh b/hack/e2e.sh index e7c66534..46c9ba5b 100755 --- a/hack/e2e.sh +++ b/hack/e2e.sh @@ -334,8 +334,8 @@ if ! kubectl wait --timeout=2m --for=condition=ready -n tenant-root hr monitorin kubectl wait --timeout=2m --for=condition=ready -n tenant-root hr monitoring fi -kubectl patch -n tenant-root ingresses.apps.cozystack.io ingress --type=merge -p '{"spec":{ - "dashboard": true +kubectl patch -n cozy-system cm cozystack --type=merge -p '{"data":{ + "expose-services": "api,dashboard,cdi-uploadproxy,vm-exportproxy,keycloak" }}' # Wait for nginx-ingress-controller diff --git a/packages/extra/ingress/Chart.yaml b/packages/extra/ingress/Chart.yaml index e6001cc8..93807c89 100644 --- a/packages/extra/ingress/Chart.yaml +++ b/packages/extra/ingress/Chart.yaml @@ -3,4 +3,4 @@ name: ingress description: NGINX Ingress Controller icon: /logos/ingress-nginx.svg type: application -version: 1.5.1 +version: 1.6.0 diff --git a/packages/extra/ingress/README.md b/packages/extra/ingress/README.md index af395dfe..ab4ed3d9 100644 --- a/packages/extra/ingress/README.md +++ b/packages/extra/ingress/README.md @@ -4,13 +4,10 @@ ### Common parameters -| Name | Description | Value | -| ----------------- | ----------------------------------------------------------------- | ------- | -| `replicas` | Number of ingress-nginx replicas | `2` | -| `externalIPs` | List of externalIPs for service. | `[]` | -| `whitelist` | List of client networks | `[]` | -| `clouflareProxy` | Restoring original visitor IPs when Cloudflare proxied is enabled | `false` | -| `dashboard` | Should ingress serve Cozystack service dashboard | `false` | -| `cdiUploadProxy` | Should ingress serve CDI upload proxy | `false` | -| `virtExportProxy` | Should ingress serve KubeVirt export proxy | `false` | +| Name | Description | Value | +| ---------------- | ----------------------------------------------------------------- | ------- | +| `replicas` | Number of ingress-nginx replicas | `2` | +| `externalIPs` | List of externalIPs for service. | `[]` | +| `whitelist` | List of client networks | `[]` | +| `clouflareProxy` | Restoring original visitor IPs when Cloudflare proxied is enabled | `false` | diff --git a/packages/extra/ingress/templates/cdi-uploadproxy.yaml b/packages/extra/ingress/templates/cdi-uploadproxy.yaml deleted file mode 100644 index e82e0d26..00000000 --- a/packages/extra/ingress/templates/cdi-uploadproxy.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} -{{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }} - -{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }} -{{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }} - -{{- if .Values.cdiUploadProxy }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/backend-protocol: HTTPS - cert-manager.io/cluster-issuer: letsencrypt-prod - {{- if eq $issuerType "cloudflare" }} - {{- else }} - acme.cert-manager.io/http01-ingress-class: {{ .Release.Namespace }} - {{- end }} - name: cdi-uploadproxy-{{ .Release.Namespace }} - namespace: cozy-kubevirt-cdi -spec: - ingressClassName: {{ .Release.Namespace }} - rules: - - host: cdi-uploadproxy.{{ $host }} - http: - paths: - - backend: - service: - name: cdi-uploadproxy - port: - number: 443 - path: / - pathType: Prefix - tls: - - hosts: - - cdi-uploadproxy.{{ $host }} - secretName: cdi-uploadproxy-{{ .Release.Namespace }}-tls -{{- end }} diff --git a/packages/extra/ingress/values.schema.json b/packages/extra/ingress/values.schema.json index 8005ac24..c956bac3 100644 --- a/packages/extra/ingress/values.schema.json +++ b/packages/extra/ingress/values.schema.json @@ -25,21 +25,6 @@ "type": "boolean", "description": "Restoring original visitor IPs when Cloudflare proxied is enabled", "default": false - }, - "dashboard": { - "type": "boolean", - "description": "Should ingress serve Cozystack service dashboard", - "default": false - }, - "cdiUploadProxy": { - "type": "boolean", - "description": "Should ingress serve CDI upload proxy", - "default": false - }, - "virtExportProxy": { - "type": "boolean", - "description": "Should ingress serve KubeVirt export proxy", - "default": false } } } \ No newline at end of file diff --git a/packages/extra/ingress/values.yaml b/packages/extra/ingress/values.yaml index 41571db9..669698f1 100644 --- a/packages/extra/ingress/values.yaml +++ b/packages/extra/ingress/values.yaml @@ -24,12 +24,3 @@ whitelist: [] ## @param clouflareProxy Restoring original visitor IPs when Cloudflare proxied is enabled clouflareProxy: false - -## @param dashboard Should ingress serve Cozystack service dashboard -dashboard: false - -## @param cdiUploadProxy Should ingress serve CDI upload proxy -cdiUploadProxy: false - -## @param virtExportProxy Should ingress serve KubeVirt export proxy -virtExportProxy: false diff --git a/packages/extra/ingress/vm-exportproxy.yaml b/packages/extra/ingress/vm-exportproxy.yaml deleted file mode 100644 index 0984bf6c..00000000 --- a/packages/extra/ingress/vm-exportproxy.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} -{{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }} - -{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }} -{{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }} - -{{- if .Values.virtExportProxy }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/backend-protocol: HTTPS - cert-manager.io/cluster-issuer: letsencrypt-prod - {{- if eq $issuerType "cloudflare" }} - {{- else }} - acme.cert-manager.io/http01-ingress-class: {{ .Release.Namespace }} - {{- end }} - name: virt-exportproxy-{{ .Release.Namespace }} - namespace: cozy-kubevirt -spec: - ingressClassName: {{ .Release.Namespace }} - rules: - - host: virt-exportproxy.{{ $host }} - http: - paths: - - backend: - service: - name: virt-exportproxy - port: - number: 443 - path: / - pathType: ImplementationSpecific - tls: - - hosts: - virt-exportproxy.{{ $host }} - secretName: virt-exportproxy-{{ .Release.Namespace }}-tls -{{- end }} diff --git a/packages/extra/versions_map b/packages/extra/versions_map index a76418a5..a7accda5 100644 --- a/packages/extra/versions_map +++ b/packages/extra/versions_map @@ -19,7 +19,7 @@ ingress 1.2.0 28fca4ef ingress 1.3.0 fde4bcfa ingress 1.4.0 fd240701 ingress 1.5.0 93bdf411 -ingress 1.5.1 HEAD +ingress 1.6.0 HEAD monitoring 1.0.0 d7cfa53c monitoring 1.1.0 25221fdc monitoring 1.2.0 f81be075 diff --git a/packages/system/cozystack-api/templates/api-ingress.yaml b/packages/system/cozystack-api/templates/api-ingress.yaml new file mode 100644 index 00000000..d7670e71 --- /dev/null +++ b/packages/system/cozystack-api/templates/api-ingress.yaml @@ -0,0 +1,28 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} +{{- $host := index $cozyConfig.data "root-host" }} +{{- $exposeServices := splitList "," ((index $cozyConfig.data "expose-services") | default "") }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} + +{{- if and (has "api" $exposeServices) }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + name: kubernetes + namespace: default +spec: + ingressClassName: {{ $exposeIngress }} + rules: + - host: api.{{ $host }} + http: + paths: + - backend: + service: + name: kubernetes + port: + number: 443 + path: / + pathType: Prefix +{{- end }} diff --git a/packages/extra/ingress/templates/dashboard.yaml b/packages/system/dashboard/templates/dashboard-ingress.yaml similarity index 54% rename from packages/extra/ingress/templates/dashboard.yaml rename to packages/system/dashboard/templates/dashboard-ingress.yaml index 28b6722c..1fd7f85d 100644 --- a/packages/extra/ingress/templates/dashboard.yaml +++ b/packages/system/dashboard/templates/dashboard-ingress.yaml @@ -1,19 +1,10 @@ {{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} {{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }} +{{- $host := index $cozyConfig.data "root-host" }} +{{- $exposeServices := splitList "," ((index $cozyConfig.data "expose-services") | default "") }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} -{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }} -{{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }} - -{{- $tenantRoot := dict }} -{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }} -{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }} -{{- end }} -{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }} -{{- $host = $tenantRoot.spec.values.host }} -{{- else }} -{{- end }} - -{{- if .Values.dashboard }} +{{- if and (has "dashboard" $exposeServices) }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -21,16 +12,16 @@ metadata: cert-manager.io/cluster-issuer: letsencrypt-prod {{- if eq $issuerType "cloudflare" }} {{- else }} - acme.cert-manager.io/http01-ingress-class: {{ .Release.Namespace }} + acme.cert-manager.io/http01-ingress-class: {{ $exposeIngress }} + {{- end }} nginx.ingress.kubernetes.io/proxy-body-size: 100m nginx.ingress.kubernetes.io/proxy-buffer-size: 100m nginx.ingress.kubernetes.io/proxy-buffers-number: "4" nginx.ingress.kubernetes.io/client-max-body-size: 100m - {{- end }} - name: dashboard-{{ .Release.Namespace }} + name: dashboard namespace: cozy-dashboard spec: - ingressClassName: {{ .Release.Namespace }} + ingressClassName: {{ $exposeIngress }} rules: - host: dashboard.{{ $host }} http: @@ -45,5 +36,5 @@ spec: tls: - hosts: - dashboard.{{ $host }} - secretName: dashboard-{{ .Release.Namespace }}-tls + secretName: dashboard-tls {{- end }} diff --git a/packages/system/keycloak-configure/templates/configure-kk.yaml b/packages/system/keycloak-configure/templates/configure-kk.yaml index b2d8db5b..adee11b6 100644 --- a/packages/system/keycloak-configure/templates/configure-kk.yaml +++ b/packages/system/keycloak-configure/templates/configure-kk.yaml @@ -4,15 +4,6 @@ {{- $rootSaConfigMap := lookup "v1" "ConfigMap" "kube-system" "kube-root-ca.crt" }} {{- $k8sCa := index $rootSaConfigMap.data "ca.crt" | b64enc }} -{{- $tenantRoot := dict }} -{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }} -{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }} -{{- end }} -{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }} -{{- $host = $tenantRoot.spec.values.host }} -{{- else }} -{{- end }} - {{- $existingK8sSecret := lookup "v1" "Secret" .Release.Namespace "k8s-client" }} {{- $existingKubeappsSecret := lookup "v1" "Secret" .Release.Namespace "kubeapps-client" }} {{- $existingAuthConfig := lookup "v1" "Secret" "cozy-dashboard" "kubeapps-auth-config" }} diff --git a/packages/system/keycloak/templates/ingress.yaml b/packages/system/keycloak/templates/ingress.yaml index 6ae1384a..30120619 100644 --- a/packages/system/keycloak/templates/ingress.yaml +++ b/packages/system/keycloak/templates/ingress.yaml @@ -1,18 +1,7 @@ {{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} {{- $host := index $cozyConfig.data "root-host" }} {{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }} - -{{- $rootns := lookup "v1" "Namespace" "" "tenant-root" }} -{{- $ingress := index $rootns.metadata.annotations "namespace.cozystack.io/ingress" }} - -{{- $tenantRoot := dict }} -{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }} -{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }} -{{- end }} -{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }} -{{- $host = $tenantRoot.spec.values.host }} -{{- else }} -{{- end }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} apiVersion: networking.k8s.io/v1 kind: Ingress @@ -21,13 +10,13 @@ metadata: {{- with .Values.ingress.annotations }} annotations: {{- if ne $issuerType "cloudflare" }} - acme.cert-manager.io/http01-ingress-class: {{ $ingress }} + acme.cert-manager.io/http01-ingress-class: {{ $exposeIngress }} {{- end }} cert-manager.io/cluster-issuer: letsencrypt-prod {{- toYaml . | nindent 4 }} {{- end }} spec: - ingressClassName: {{ $ingress }} + ingressClassName: {{ $exposeIngress }} tls: - hosts: - keycloak.{{ $host }} diff --git a/packages/system/keycloak/templates/sts.yaml b/packages/system/keycloak/templates/sts.yaml index cecb17a1..e625859b 100644 --- a/packages/system/keycloak/templates/sts.yaml +++ b/packages/system/keycloak/templates/sts.yaml @@ -7,15 +7,6 @@ {{- $password = index $existingPassword.data "password" | b64dec }} {{- end }} -{{- $tenantRoot := dict }} -{{- if .Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }} -{{- $tenantRoot = lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" "tenant-root" "tenant-root" }} -{{- end }} -{{- if and $tenantRoot $tenantRoot.spec $tenantRoot.spec.values $tenantRoot.spec.values.host }} -{{- $host = $tenantRoot.spec.values.host }} -{{- else }} -{{- end }} - apiVersion: v1 kind: Secret metadata: diff --git a/packages/system/kubevirt-cdi/templates/cdi-uploadproxy-ingress.yaml b/packages/system/kubevirt-cdi/templates/cdi-uploadproxy-ingress.yaml new file mode 100644 index 00000000..58eef4fa --- /dev/null +++ b/packages/system/kubevirt-cdi/templates/cdi-uploadproxy-ingress.yaml @@ -0,0 +1,29 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} +{{- $host := index $cozyConfig.data "root-host" }} +{{- $exposeServices := splitList "," ((index $cozyConfig.data "expose-services") | default "") }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} + + +{{- if and (has "cdi-uploadproxy" $exposeServices) }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + name: cdi-uploadproxy + namespace: cozy-kubevirt-cdi +spec: + ingressClassName: {{ $exposeIngress }} + rules: + - host: cdi-uploadproxy.{{ $host }} + http: + paths: + - backend: + service: + name: cdi-uploadproxy + port: + number: 443 + path: / + pathType: Prefix +{{- end }} diff --git a/packages/system/kubevirt/templates/vm-exportproxy-ingress.yaml b/packages/system/kubevirt/templates/vm-exportproxy-ingress.yaml new file mode 100644 index 00000000..b77743d0 --- /dev/null +++ b/packages/system/kubevirt/templates/vm-exportproxy-ingress.yaml @@ -0,0 +1,28 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} +{{- $host := index $cozyConfig.data "root-host" }} +{{- $exposeServices := splitList "," ((index $cozyConfig.data "expose-services") | default "") }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} + +{{- if and (has "vm-exportproxy" $exposeServices) }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + name: vm-exportproxy + namespace: cozy-kubevirt +spec: + ingressClassName: {{ $exposeIngress }} + rules: + - host: vm-exportproxy.{{ $host }} + http: + paths: + - backend: + service: + name: vm-exportproxy + port: + number: 443 + path: / + pathType: ImplementationSpecific +{{- end }} From 798ca12e43c9af0f6ee022b20550fb5912c7cf99 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Thu, 8 May 2025 15:27:36 +0200 Subject: [PATCH 16/25] [platform] Introduce expose-external-ips option Signed-off-by: Andrei Kvapil --- packages/extra/ingress/templates/nginx-ingress.yaml | 7 +++++-- packages/extra/ingress/values.yaml | 11 ----------- 2 files changed, 5 insertions(+), 13 deletions(-) diff --git a/packages/extra/ingress/templates/nginx-ingress.yaml b/packages/extra/ingress/templates/nginx-ingress.yaml index cfc29d1f..307095ff 100644 --- a/packages/extra/ingress/templates/nginx-ingress.yaml +++ b/packages/extra/ingress/templates/nginx-ingress.yaml @@ -1,3 +1,6 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} +{{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} +{{- $exposeExternalIPs := splitList "," ((index $cozyConfig.data "expose-external-ips") | default "") }} apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: @@ -31,9 +34,9 @@ spec: enabled: false {{- end }} service: - {{- if .Values.externalIPs }} + {{- if and (eq $exposeIngress .Release.Namespace) $exposeExternalIPs }} externalIPs: - {{- toYaml .Values.externalIPs | nindent 12 }} + {{- toYaml $exposeExternalIPs | nindent 12 }} type: ClusterIP externalTrafficPolicy: Cluster {{- else }} diff --git a/packages/extra/ingress/values.yaml b/packages/extra/ingress/values.yaml index 669698f1..a5cee834 100644 --- a/packages/extra/ingress/values.yaml +++ b/packages/extra/ingress/values.yaml @@ -4,17 +4,6 @@ ## replicas: 2 -## @param externalIPs [array] List of externalIPs for service. -## Optional. If not specified will use LoadBalancer service by default. -## -## e.g: -## externalIPs: -## - "11.22.33.44" -## - "11.22.33.45" -## - "11.22.33.46" -## -externalIPs: [] - ## @param whitelist List of client networks ## Example: ## whitelist: From e9c463c86785b86f0a7fe75545e6f74ec8caf8d0 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Thu, 8 May 2025 15:28:10 +0200 Subject: [PATCH 17/25] [platform] Add migration for expose-* options Signed-off-by: Andrei Kvapil --- scripts/migrations/11 | 0 scripts/migrations/12 | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) mode change 100644 => 100755 scripts/migrations/11 create mode 100755 scripts/migrations/12 diff --git a/scripts/migrations/11 b/scripts/migrations/11 old mode 100644 new mode 100755 diff --git a/scripts/migrations/12 b/scripts/migrations/12 new file mode 100755 index 00000000..fcb951bc --- /dev/null +++ b/scripts/migrations/12 @@ -0,0 +1,35 @@ +#!/bin/sh +# Migration 12 --> 13 + +# Copy configuration from ingress to cozystack configmap +if kubectl get hr -n tenant-root tenant-root > /dev/null; then + expose_services=$( + kubectl get hr -n tenant-root ingress -o go-template='{{ with .spec }}{{ with .values }}{{ if .dashboard }}dashboard,{{ end }}{{ if .cdiUploadProxy }}cdi-uploadproxy,{{ end }}{{ if .virtExportProxy }}vm-exportproxy,{{ end }}{{ end }}{{ end }}' + ) + expose_services=$(echo "$expose_services" | awk '{sub(/,$/,""); print}') + + expose_external_ips=$( + kubectl get hr -n tenant-root ingress -o go-template='{{ with .spec }}{{ with .values }}{{ if .externalIPs }}{{ range .externalIPs }}{{ . }},{{ end }}{{ end }}{{ end }}{{ end }}' + ) + expose_external_ips=$(echo "$expose_external_ips" | awk '{sub(/,$/,""); print}') + + existing_expose_external_ips=$(kubectl get cm -n cozy-system cozystack -o go-template='{{ index .data "expose-external-ips" }}') + existing_expose_services=$(kubectl get cm -n cozy-system cozystack -o go-template='{{ index .data "expose-services" }}') + + if [ "$existing_expose_external_ips" == "" ]; then + kubectl patch cm -n cozy-system cozystack --type merge -p="{\"data\":{\"expose-external-ips\":\"$expose_external_ips\"}}" + fi + + if [ "$existing_expose_services" == "" ]; then + kubectl patch cm -n cozy-system cozystack --type merge -p="{\"data\":{\"expose-services\":\"$expose_services\"}}" + fi + + kubectl patch hr -n tenant-root ingress --type json -p='[{"op": "remove", "path": "/spec/values/dashboard"}]' || true + kubectl patch hr -n tenant-root ingress --type json -p='[{"op": "remove", "path": "/spec/values/cdiUploadProxy"}]' || true + kubectl patch hr -n tenant-root ingress --type json -p='[{"op": "remove", "path": "/spec/values/virtExportProxy"}]' || true + kubectl patch hr -n tenant-root ingress --type json -p='[{"op": "remove", "path": "/spec/values/externalIPs"}]' || true + kubectl patch hr -n tenant-root ingress --type merge -p='{"spec":{"chart":{"spec":{"version":"1.6.0"}}}}' +fi + +# Write version to cozystack-version config +kubectl create configmap -n cozy-system cozystack-version --from-literal=version=13 --dry-run=client -o yaml | kubectl apply -f- From 545e256695434c00587602403a18112823f7674a Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Wed, 7 May 2025 16:21:40 +0200 Subject: [PATCH 18/25] [platform] refactor dashboard values Signed-off-by: Andrei Kvapil --- packages/core/platform/bundles/paas-full.yaml | 71 ++----------------- .../core/platform/bundles/paas-hosted.yaml | 63 +--------------- packages/core/platform/templates/_helpers.tpl | 54 ++++++++++++++ .../core/platform/templates/helmreleases.yaml | 11 --- 4 files changed, 64 insertions(+), 135 deletions(-) diff --git a/packages/core/platform/bundles/paas-full.yaml b/packages/core/platform/bundles/paas-full.yaml index da5a0e8a..8686bb68 100644 --- a/packages/core/platform/bundles/paas-full.yaml +++ b/packages/core/platform/bundles/paas-full.yaml @@ -260,72 +260,15 @@ releases: releaseName: dashboard chart: cozy-dashboard namespace: cozy-dashboard - dependsOn: [cilium,kubeovn,keycloak-configure] values: - kubeapps: - {{- if .Capabilities.APIVersions.Has "source.toolkit.fluxcd.io/v1" }} - {{- with (lookup "source.toolkit.fluxcd.io/v1" "HelmRepository" "cozy-public" "").items }} - redis: - master: - podAnnotations: - {{- range $index, $repo := . }} - {{- with (($repo.status).artifact).revision }} - repository.cozystack.io/{{ $repo.metadata.name }}: {{ quote . }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - frontend: - resourcesPreset: "none" - dashboard: - resourcesPreset: "none" - {{- $cozystackBranding:= lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" }} - {{- $branding := dig "data" "branding" "" $cozystackBranding }} - {{- if $branding }} - customLocale: - "Kubeapps": {{ $branding }} - {{- end }} - customStyle: | - {{- $logoImage := dig "data" "logo" "" $cozystackBranding }} - {{- if $logoImage }} - .kubeapps-logo { - background-image: {{ $logoImage }} - } - {{- end }} - #serviceaccount-selector { - display: none; - } - .login-moreinfo { - display: none; - } - a[href="#/docs"] { - display: none; - } - .login-group .clr-form-control .clr-control-label { - display: none; - } - .appview-separator div.appview-first-row div.center { - display: none; - } - .appview-separator div.appview-first-row section[aria-labelledby="app-secrets"] { - display: none; - } - .appview-first-row section[aria-labelledby="access-urls-title"] { - width: 100%; - } - {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} - {{- $dashboardKCValues := dig "data" "values.yaml" "" $dashboardKCconfig }} - {{- if $dashboardKCValues }} - valuesFrom: - - kind: ConfigMap - name: kubeapps-auth-config - valuesKey: values.yaml - {{- end }} - + {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} + {{- $dashboardKCValues := dig "data" "values.yaml" (dict) $dashboardKCconfig | fromYaml }} + {{- toYaml (deepCopy $dashboardKCValues | mergeOverwrite (fromYaml (include "cozystack.defaultDashboardValues" .))) | nindent 4 }} + dependsOn: + - cilium + - kubeovn {{- if eq $oidcEnabled "true" }} - dependsOn: [keycloak-configure] - {{- else }} - dependsOn: [] + - keycloak-configure {{- end }} - name: kamaji diff --git a/packages/core/platform/bundles/paas-hosted.yaml b/packages/core/platform/bundles/paas-hosted.yaml index f082b3bb..12addedb 100644 --- a/packages/core/platform/bundles/paas-hosted.yaml +++ b/packages/core/platform/bundles/paas-hosted.yaml @@ -155,66 +155,9 @@ releases: chart: cozy-dashboard namespace: cozy-dashboard values: - kubeapps: - {{- if .Capabilities.APIVersions.Has "source.toolkit.fluxcd.io/v1" }} - {{- with (lookup "source.toolkit.fluxcd.io/v1" "HelmRepository" "cozy-public" "").items }} - redis: - master: - podAnnotations: - {{- range $index, $repo := . }} - {{- with (($repo.status).artifact).revision }} - repository.cozystack.io/{{ $repo.metadata.name }}: {{ quote . }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - frontend: - resourcesPreset: "none" - dashboard: - resourcesPreset: "none" - {{- $cozystackBranding:= lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" }} - {{- $branding := dig "data" "branding" "" $cozystackBranding }} - {{- if $branding }} - customLocale: - "Kubeapps": {{ $branding }} - {{- end }} - customStyle: | - {{- $logoImage := dig "data" "logo" "" $cozystackBranding }} - {{- if $logoImage }} - .kubeapps-logo { - background-image: {{ $logoImage }} - } - {{- end }} - #serviceaccount-selector { - display: none; - } - .login-moreinfo { - display: none; - } - a[href="#/docs"] { - display: none; - } - .login-group .clr-form-control .clr-control-label { - display: none; - } - .appview-separator div.appview-first-row div.center { - display: none; - } - .appview-separator div.appview-first-row section[aria-labelledby="app-secrets"] { - display: none; - } - .appview-first-row section[aria-labelledby="access-urls-title"] { - width: 100%; - } - {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} - {{- $dashboardKCValues := dig "data" "values.yaml" "" $dashboardKCconfig }} - {{- if $dashboardKCValues }} - valuesFrom: - - kind: ConfigMap - name: kubeapps-auth-config - valuesKey: values.yaml - {{- end }} - + {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} + {{- $dashboardKCValues := dig "data" "values.yaml" (dict) $dashboardKCconfig }} + {{- toYaml (deepCopy $dashboardKCValues | mergeOverwrite (fromYaml (include "cozystack.defaultDashboardValues" .))) | nindent 4 }} {{- if eq $oidcEnabled "true" }} dependsOn: [keycloak-configure] {{- else }} diff --git a/packages/core/platform/templates/_helpers.tpl b/packages/core/platform/templates/_helpers.tpl index b3ab6a86..94edb35b 100644 --- a/packages/core/platform/templates/_helpers.tpl +++ b/packages/core/platform/templates/_helpers.tpl @@ -16,3 +16,57 @@ Get IP-addresses of master nodes {{- end -}} {{ join "," $ips }} {{- end -}} + +{{- define "cozystack.defaultDashboardValues" -}} +kubeapps: +{{- if .Capabilities.APIVersions.Has "source.toolkit.fluxcd.io/v1" }} +{{- with (lookup "source.toolkit.fluxcd.io/v1" "HelmRepository" "cozy-public" "").items }} + redis: + master: + podAnnotations: + {{- range $index, $repo := . }} + {{- with (($repo.status).artifact).revision }} + repository.cozystack.io/{{ $repo.metadata.name }}: {{ quote . }} + {{- end }} + {{- end }} +{{- end }} +{{- end }} + frontend: + resourcesPreset: "none" + dashboard: + resourcesPreset: "none" + {{- $cozystackBranding:= lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" }} + {{- $branding := dig "data" "branding" "" $cozystackBranding }} + {{- if $branding }} + customLocale: + "Kubeapps": {{ $branding }} + {{- end }} + customStyle: | + {{- $logoImage := dig "data" "logo" "" $cozystackBranding }} + {{- if $logoImage }} + .kubeapps-logo { + background-image: {{ $logoImage }} + } + {{- end }} + #serviceaccount-selector { + display: none; + } + .login-moreinfo { + display: none; + } + a[href="#/docs"] { + display: none; + } + .login-group .clr-form-control .clr-control-label { + display: none; + } + .appview-separator div.appview-first-row div.center { + display: none; + } + .appview-separator div.appview-first-row section[aria-labelledby="app-secrets"] { + display: none; + } + .appview-first-row section[aria-labelledby="access-urls-title"] { + width: 100%; + } +{{- end }} diff --git a/packages/core/platform/templates/helmreleases.yaml b/packages/core/platform/templates/helmreleases.yaml index 1298d74b..17b373be 100644 --- a/packages/core/platform/templates/helmreleases.yaml +++ b/packages/core/platform/templates/helmreleases.yaml @@ -72,17 +72,6 @@ spec: {{- toYaml . | nindent 4}} {{- end }} - {{- if $x.valuesFrom }} - valuesFrom: - {{- range $source := $x.valuesFrom }} - - kind: {{ $source.kind }} - name: {{ $source.name }} - {{- if $source.valuesKey }} - valuesKey: {{ $source.valuesKey }} - {{- end }} - {{- end }} - {{- end }} - {{- with $x.dependsOn }} dependsOn: {{- range $dep := . }} From 8ad010d3319883770798f33147f564c0b19d3ee9 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Thu, 15 May 2025 14:36:19 +0200 Subject: [PATCH 19/25] Revert "Downgrade CAPI operator" Signed-off-by: Andrei Kvapil --- packages/system/capi-operator/Makefile | 2 +- .../charts/cluster-api-operator/Chart.yaml | 4 +- .../cluster-api-operator/templates/addon.yaml | 45 ++-- .../templates/bootstrap.yaml | 45 ++-- .../templates/control-plane.yaml | 45 ++-- .../cluster-api-operator/templates/core.yaml | 45 ++-- .../cluster-api-operator/templates/infra.yaml | 47 ++-- .../cluster-api-operator/templates/ipam.yaml | 45 ++-- .../templates/operator-components.yaml | 241 +++++++++++++++--- .../cluster-api-operator/values.schema.json | 47 ++++ .../charts/cluster-api-operator/values.yaml | 32 ++- 11 files changed, 423 insertions(+), 175 deletions(-) create mode 100644 packages/system/capi-operator/charts/cluster-api-operator/values.schema.json diff --git a/packages/system/capi-operator/Makefile b/packages/system/capi-operator/Makefile index 20c083aa..dc421cee 100644 --- a/packages/system/capi-operator/Makefile +++ b/packages/system/capi-operator/Makefile @@ -3,7 +3,7 @@ export NAMESPACE=cozy-cluster-api export REPO_NAME=capi-operator export REPO_URL=https://kubernetes-sigs.github.io/cluster-api-operator export CHART_NAME=cluster-api-operator -export CHART_VERSION=^0.18 +export CHART_VERSION=^0.19 include ../../../scripts/package.mk diff --git a/packages/system/capi-operator/charts/cluster-api-operator/Chart.yaml b/packages/system/capi-operator/charts/cluster-api-operator/Chart.yaml index 5108c7dc..323a3594 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/Chart.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -appVersion: 0.18.1 +appVersion: 0.19.0 description: Cluster API Operator name: cluster-api-operator type: application -version: 0.18.1 +version: 0.19.0 diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/addon.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/addon.yaml index a2eb8fb9..6a341496 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/addon.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/addon.yaml @@ -1,26 +1,8 @@ # Addon provider -{{- if .Values.addon }} -{{- $addons := split ";" .Values.addon }} -{{- $addonNamespace := "" }} -{{- $addonName := "" }} -{{- $addonVersion := "" }} -{{- range $addon := $addons }} -{{- $addonArgs := split ":" $addon }} -{{- $addonArgsLen := len $addonArgs }} -{{- if eq $addonArgsLen 3 }} - {{- $addonNamespace = $addonArgs._0 }} - {{- $addonName = $addonArgs._1 }} - {{- $addonVersion = $addonArgs._2 }} -{{- else if eq $addonArgsLen 2 }} - {{- $addonNamespace = print $addonArgs._0 "-addon-system" }} - {{- $addonName = $addonArgs._0 }} - {{- $addonVersion = $addonArgs._1 }} -{{- else if eq $addonArgsLen 1 }} - {{- $addonNamespace = print $addonArgs._0 "-addon-system" }} - {{- $addonName = $addonArgs._0 }} -{{- else }} - {{- fail "addon provider argument should have the following format helm:v1.0.0 or mynamespace:helm:v1.0.0" }} -{{- end }} +{{- range $name, $addon := $.Values.addon }} + {{- $addonNamespace := default ( printf "%s-%s" $name "addon-system" ) (get $addon "namespace") }} + {{- $addonName := $name }} + {{- $addonVersion := get $addon "version" }} --- apiVersion: v1 kind: Namespace @@ -56,5 +38,24 @@ spec: {{- if $.Values.secretNamespace }} secretNamespace: {{ $.Values.secretNamespace }} {{- end }} +{{- if $addon.manifestPatches }} + manifestPatches: {{ toYaml $addon.manifestPatches | nindent 4 }} {{- end }} +{{- if $addon.additionalManifests }} + additionalManifests: + name: {{ $addon.additionalManifests.name }} + {{- if $addon.additionalManifests.namespace }} + namespace: {{ $addon.additionalManifests.namespace }} + {{- end }} {{/* if $addon.additionalManifests.namespace */}} {{- end }} +{{- if $addon.additionalManifests }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $addon.additionalManifests.name }} + namespace: {{ default $addonNamespace $addon.additionalManifests.namespace }} +data: + manifests: {{- toYaml $addon.additionalManifests.manifests | nindent 4 }} +{{- end }} +{{- end }} {{/* range $name, $addon := .Values.addon */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/bootstrap.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/bootstrap.yaml index ed5d7924..78dad47e 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/bootstrap.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/bootstrap.yaml @@ -1,26 +1,8 @@ # Bootstrap provider -{{- if .Values.bootstrap }} -{{- $bootstraps := split ";" .Values.bootstrap }} -{{- $bootstrapNamespace := "" }} -{{- $bootstrapName := "" }} -{{- $bootstrapVersion := "" }} -{{- range $bootstrap := $bootstraps }} -{{- $bootstrapArgs := split ":" $bootstrap }} -{{- $bootstrapArgsLen := len $bootstrapArgs }} -{{- if eq $bootstrapArgsLen 3 }} - {{- $bootstrapNamespace = $bootstrapArgs._0 }} - {{- $bootstrapName = $bootstrapArgs._1 }} - {{- $bootstrapVersion = $bootstrapArgs._2 }} -{{- else if eq $bootstrapArgsLen 2 }} - {{- $bootstrapNamespace = print $bootstrapArgs._0 "-bootstrap-system" }} - {{- $bootstrapName = $bootstrapArgs._0 }} - {{- $bootstrapVersion = $bootstrapArgs._1 }} -{{- else if eq $bootstrapArgsLen 1 }} - {{- $bootstrapNamespace = print $bootstrapArgs._0 "-bootstrap-system" }} - {{- $bootstrapName = $bootstrapArgs._0 }} -{{- else }} - {{- fail "bootstrap provider argument should have the following format kubeadm:v1.0.0 or mynamespace:kubeadm:v1.0.0" }} -{{- end }} +{{- range $name, $bootstrap := $.Values.bootstrap }} + {{- $bootstrapNamespace := default ( printf "%s-%s" $name "bootstrap-system" ) (get $bootstrap "namespace") }} + {{- $bootstrapName := $name }} + {{- $bootstrapVersion := get $bootstrap "version" }} --- apiVersion: v1 kind: Namespace @@ -57,5 +39,24 @@ spec: namespace: {{ $.Values.configSecret.namespace }} {{- end }} {{- end }} +{{- if $bootstrap.manifestPatches }} + manifestPatches: {{ toYaml $bootstrap.manifestPatches | nindent 4 }} {{- end }} +{{- if $bootstrap.additionalManifests }} + additionalManifests: + name: {{ $bootstrap.additionalManifests.name }} + {{- if $bootstrap.additionalManifests.namespace }} + namespace: {{ $bootstrap.additionalManifests.namespace }} + {{- end }} {{/* if $bootstrap.additionalManifests.namespace */}} {{- end }} +{{- if $bootstrap.additionalManifests }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $bootstrap.additionalManifests.name }} + namespace: {{ default $bootstrapNamespace $bootstrap.additionalManifests.namespace }} +data: + manifests: {{- toYaml $bootstrap.additionalManifests.manifests | nindent 4 }} +{{- end }} +{{- end }} {{/* range $name, $bootstrap := .Values.bootstrap */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/control-plane.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/control-plane.yaml index d72249d1..8a020afd 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/control-plane.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/control-plane.yaml @@ -1,26 +1,8 @@ # Control plane provider -{{- if .Values.controlPlane }} -{{- $controlPlanes := split ";" .Values.controlPlane }} -{{- $controlPlaneNamespace := "" }} -{{- $controlPlaneName := "" }} -{{- $controlPlaneVersion := "" }} -{{- range $controlPlane := $controlPlanes }} -{{- $controlPlaneArgs := split ":" $controlPlane }} -{{- $controlPlaneArgsLen := len $controlPlaneArgs }} -{{- if eq $controlPlaneArgsLen 3 }} - {{- $controlPlaneNamespace = $controlPlaneArgs._0 }} - {{- $controlPlaneName = $controlPlaneArgs._1 }} - {{- $controlPlaneVersion = $controlPlaneArgs._2 }} -{{- else if eq $controlPlaneArgsLen 2 }} - {{- $controlPlaneNamespace = print $controlPlaneArgs._0 "-control-plane-system" }} - {{- $controlPlaneName = $controlPlaneArgs._0 }} - {{- $controlPlaneVersion = $controlPlaneArgs._1 }} -{{- else if eq $controlPlaneArgsLen 1 }} - {{- $controlPlaneNamespace = print $controlPlaneArgs._0 "-control-plane-system" }} - {{- $controlPlaneName = $controlPlaneArgs._0 }} -{{- else }} - {{- fail "controlplane provider argument should have the following format kubeadm:v1.0.0 or mynamespace:kubeadm:v1.0.0" }} -{{- end }} +{{- range $name, $controlPlane := $.Values.controlPlane }} + {{- $controlPlaneNamespace := default ( printf "%s-%s" $name "control-plane-system" ) (get $controlPlane "namespace") }} + {{- $controlPlaneName := $name }} + {{- $controlPlaneVersion := get $controlPlane "version" }} --- apiVersion: v1 kind: Namespace @@ -70,5 +52,24 @@ spec: namespace: {{ $.Values.configSecret.namespace }} {{- end }} {{- end }} +{{- if $controlPlane.manifestPatches }} + manifestPatches: {{ toYaml $controlPlane.manifestPatches | nindent 4 }} {{- end }} +{{- if $controlPlane.additionalManifests }} + additionalManifests: + name: {{ $controlPlane.additionalManifests.name }} + {{- if $controlPlane.additionalManifests.namespace }} + namespace: {{ $controlPlane.additionalManifests.namespace }} + {{- end }} {{/* if $controlPlane.additionalManifests.namespace */}} {{- end }} +{{- if $controlPlane.additionalManifests }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $controlPlane.additionalManifests.name }} + namespace: {{ default $controlPlaneNamespace $controlPlane.additionalManifests.namespace }} +data: + manifests: {{- toYaml $controlPlane.additionalManifests.manifests | nindent 4 }} +{{- end }} +{{- end }} {{/* range $name, $controlPlane := .Values.controlPlane */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/core.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/core.yaml index 828d2269..648e1b60 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/core.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/core.yaml @@ -1,25 +1,8 @@ # Core provider -{{- if .Values.core }} -{{- $coreArgs := split ":" .Values.core }} -{{- $coreArgsLen := len $coreArgs }} -{{- $coreVersion := "" }} -{{- $coreNamespace := "" }} -{{- $coreName := "" }} -{{- $coreVersion := "" }} -{{- if eq $coreArgsLen 3 }} - {{- $coreNamespace = $coreArgs._0 }} - {{- $coreName = $coreArgs._1 }} - {{- $coreVersion = $coreArgs._2 }} -{{- else if eq $coreArgsLen 2 }} - {{- $coreNamespace = "capi-system" }} - {{- $coreName = $coreArgs._0 }} - {{- $coreVersion = $coreArgs._1 }} -{{- else if eq $coreArgsLen 1 }} - {{- $coreNamespace = "capi-system" }} - {{- $coreName = $coreArgs._0 }} -{{- else }} - {{- fail "core provider argument should have the following format cluster-api:v1.0.0 or mynamespace:cluster-api:v1.0.0" }} -{{- end }} +{{- range $name, $core := $.Values.core }} + {{- $coreNamespace := default "capi-system" (get $core "namespace") }} + {{- $coreName := $name }} + {{- $coreVersion := get $core "version" }} --- apiVersion: v1 kind: Namespace @@ -65,4 +48,24 @@ spec: namespace: {{ $.Values.configSecret.namespace }} {{- end }} {{- end }} +{{- if $core.manifestPatches }} + manifestPatches: {{ toYaml $core.manifestPatches | nindent 4 }} {{- end }} +{{- if $core.additionalManifests }} + additionalManifests: + name: {{ $core.additionalManifests.name }} + {{- if $core.additionalManifests.namespace }} + namespace: {{ $core.additionalManifests.namespace }} + {{- end }} +{{- end }} +{{- if $core.additionalManifests }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $core.additionalManifests.name }} + namespace: {{ default $coreNamespace $core.additionalManifests.namespace }} +data: + manifests: {{- toYaml $core.additionalManifests.manifests | nindent 4 }} +{{- end }} +{{- end }} {{/* range $name, $core := .Values.core */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/infra.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/infra.yaml index 5841336c..835607d4 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/infra.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/infra.yaml @@ -1,26 +1,8 @@ # Infrastructure providers -{{- if .Values.infrastructure }} -{{- $infrastructures := split ";" .Values.infrastructure }} -{{- $infrastructureNamespace := "" }} -{{- $infrastructureName := "" }} -{{- $infrastructureVersion := "" }} -{{- range $infrastructure := $infrastructures }} -{{- $infrastructureArgs := split ":" $infrastructure }} -{{- $infrastructureArgsLen := len $infrastructureArgs }} -{{- if eq $infrastructureArgsLen 3 }} - {{- $infrastructureNamespace = $infrastructureArgs._0 }} - {{- $infrastructureName = $infrastructureArgs._1 }} - {{- $infrastructureVersion = $infrastructureArgs._2 }} -{{- else if eq $infrastructureArgsLen 2 }} - {{- $infrastructureNamespace = print $infrastructureArgs._0 "-infrastructure-system" }} - {{- $infrastructureName = $infrastructureArgs._0 }} - {{- $infrastructureVersion = $infrastructureArgs._1 }} -{{- else if eq $infrastructureArgsLen 1 }} - {{- $infrastructureNamespace = print $infrastructureArgs._0 "-infrastructure-system" }} - {{- $infrastructureName = $infrastructureArgs._0 }} -{{- else }} - {{- fail "infrastructure provider argument should have the following format aws:v1.0.0 or mynamespace:aws:v1.0.0" }} -{{- end }} +{{- range $name, $infra := $.Values.infrastructure }} + {{- $infrastructureNamespace := default ( printf "%s-%s" $name "infrastructure-system" ) (get $infra "namespace") }} + {{- $infrastructureName := $name }} + {{- $infrastructureVersion := get $infra "version" }} --- apiVersion: v1 kind: Namespace @@ -83,5 +65,24 @@ spec: {{- if $.Values.additionalDeployments }} additionalDeployments: {{ toYaml $.Values.additionalDeployments | nindent 4 }} {{- end }} +{{- if $infra.manifestPatches }} + manifestPatches: {{- toYaml $infra.manifestPatches | nindent 4 }} +{{- end }} {{/* if $infra.manifestPatches */}} +{{- if $infra.additionalManifests }} + additionalManifests: + name: {{ $infra.additionalManifests.name }} + {{- if $infra.additionalManifests.namespace }} + namespace: {{ $infra.additionalManifests.namespace }} + {{- end }} {{/* if $infra.additionalManifests.namespace */}} +{{- end }} {{/* if $infra.additionalManifests */}} +{{- if $infra.additionalManifests }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $infra.additionalManifests.name }} + namespace: {{ default $infrastructureNamespace $infra.additionalManifests.namespace }} +data: + manifests: {{- toYaml $infra.additionalManifests.manifests | nindent 4 }} {{- end }} -{{- end }} +{{- end }} {{/* range $name, $infra := .Values.infrastructure */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/ipam.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/ipam.yaml index 06960afb..4a33c42f 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/ipam.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/ipam.yaml @@ -1,26 +1,8 @@ # IPAM providers -{{- if .Values.ipam }} -{{- $ipams := split ";" .Values.ipam }} -{{- $ipamNamespace := "" }} -{{- $ipamName := "" }} -{{- $ipamVersion := "" }} -{{- range $ipam := $ipams }} -{{- $ipamArgs := split ":" $ipam }} -{{- $ipamArgsLen := len $ipamArgs }} -{{- if eq $ipamArgsLen 3 }} - {{- $ipamNamespace = $ipamArgs._0 }} - {{- $ipamName = $ipamArgs._1 }} - {{- $ipamVersion = $ipamArgs._2 }} -{{- else if eq $ipamArgsLen 2 }} - {{- $ipamNamespace = print $ipamArgs._0 "-ipam-system" }} - {{- $ipamName = $ipamArgs._0 }} - {{- $ipamVersion = $ipamArgs._1 }} -{{- else if eq $ipamArgsLen 1 }} - {{- $ipamNamespace = print $ipamArgs._0 "-ipam-system" }} - {{- $ipamName = $ipamArgs._0 }} -{{- else }} - {{- fail "ipam provider argument should have the following format in-cluster:v1.0.0 or mynamespace:in-cluster:v1.0.0" }} -{{- end }} +{{- range $name, $ipam := $.Values.ipam }} + {{- $ipamNamespace := default ( printf "%s-%s" $name "ipam-system" ) (get $ipam "namespace") }} + {{- $ipamName := $name }} + {{- $ipamVersion := get $ipam "version" }} --- apiVersion: v1 kind: Namespace @@ -70,8 +52,27 @@ spec: namespace: {{ $.Values.configSecret.namespace }} {{- end }} {{- end }} +{{- if $ipam.manifestPatches }} + manifestPatches: {{ toYaml $ipam.manifestPatches | nindent 4 }} +{{- end }} {{- if $.Values.additionalDeployments }} additionalDeployments: {{ toYaml $.Values.additionalDeployments | nindent 4 }} {{- end }} +{{- if $ipam.additionalManifests }} + additionalManifests: + name: {{ $ipam.additionalManifests.name }} + {{- if $ipam.additionalManifests.namespace }} + namespace: {{ $ipam.additionalManifests.namespace }} + {{- end }} {{/* if $ipam.additionalManifests.namespace */}} {{- end }} +{{- if $ipam.additionalManifests }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $ipam.additionalManifests.name }} + namespace: {{ default $ipamNamespace $ipam.additionalManifests.namespace }} +data: + manifests: {{- toYaml $ipam.additionalManifests.manifests | nindent 4 }} {{- end }} +{{- end }} {{/* range $name, $ipam := .Values.ipam */}} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/templates/operator-components.yaml b/packages/system/capi-operator/charts/cluster-api-operator/templates/operator-components.yaml index 27b8bf80..0ee82bfc 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/templates/operator-components.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/templates/operator-components.yaml @@ -1305,6 +1305,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -2836,6 +2843,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -3048,27 +3062,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -3078,6 +3097,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -4711,27 +4732,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -4741,6 +4767,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -6043,6 +6071,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -7574,6 +7609,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -7786,27 +7828,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -7816,6 +7863,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -9450,27 +9499,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -9480,6 +9534,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -10783,6 +10839,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -12314,6 +12377,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -12527,27 +12597,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -12557,6 +12632,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -14190,27 +14267,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -14220,6 +14302,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -15522,6 +15606,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -17053,6 +17144,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -17265,27 +17363,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -17295,6 +17398,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -18929,27 +19034,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -18959,6 +19069,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -20262,6 +20374,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -21793,6 +21912,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -22006,27 +22132,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -22036,6 +22167,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -23371,6 +23504,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -24902,6 +25042,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -25114,27 +25261,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -25144,6 +25296,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime @@ -26481,6 +26635,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the additional provider deployment. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -28012,6 +28173,13 @@ spec: description: Manager defines the properties that can be enabled on the controller manager for the provider. properties: + additionalArgs: + additionalProperties: + type: string + description: |- + AdditionalArgs is a map of additional options that will be passed + in as container args to the provider's controller manager. + type: object cacheNamespace: description: |- CacheNamespace if specified restricts the manager's cache to watch objects in @@ -28225,27 +28393,32 @@ spec: properties: lastTransitionTime: description: |- - Last time the condition transitioned from one status to another. + lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- - A human readable message indicating details about the transition. + message is a human readable message indicating details about the transition. This field may be empty. + maxLength: 10240 + minLength: 1 type: string reason: description: |- - The reason for the condition's last transition in CamelCase. + reason is the reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may be empty. + maxLength: 256 + minLength: 1 type: string severity: description: |- severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + maxLength: 32 type: string status: description: status of the condition, one of True, False, Unknown. @@ -28255,6 +28428,8 @@ spec: type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + maxLength: 256 + minLength: 1 type: string required: - lastTransitionTime diff --git a/packages/system/capi-operator/charts/cluster-api-operator/values.schema.json b/packages/system/capi-operator/charts/cluster-api-operator/values.schema.json new file mode 100644 index 00000000..d22038fc --- /dev/null +++ b/packages/system/capi-operator/charts/cluster-api-operator/values.schema.json @@ -0,0 +1,47 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "type": "object", + "properties": { + "core": { + "oneOf": [ + { "type": "object" }, + { "type": "null" } + ] + }, + "bootstrap": { + "type": "object", + "oneOf": [ + { "type": "object" }, + { "type": "null" } + ] + }, + "controlPlane": { + "type": "object", + "oneOf": [ + { "type": "object" }, + { "type": "null" } + ] + }, + "infrastructure": { + "type": "object", + "oneOf": [ + { "type": "object" }, + { "type": "null" } + ] + }, + "addon": { + "type": "object", + "oneOf": [ + { "type": "object" }, + { "type": "null" } + ] + }, + "ipam": { + "type": "object", + "oneOf": [ + { "type": "object" }, + { "type": "null" } + ] + } + } +} diff --git a/packages/system/capi-operator/charts/cluster-api-operator/values.yaml b/packages/system/capi-operator/charts/cluster-api-operator/values.yaml index 12507a3c..545bae39 100644 --- a/packages/system/capi-operator/charts/cluster-api-operator/values.yaml +++ b/packages/system/capi-operator/charts/cluster-api-operator/values.yaml @@ -1,12 +1,30 @@ --- # --- # Cluster API provider options -core: "" -bootstrap: "" -controlPlane: "" -infrastructure: "" -ipam: "" -addon: "" +core: {} +# cluster-api: {} # Name, required +# namespace: "" # Optional +# version: "" # Optional +bootstrap: {} +# kubeadm: {} # Name, required +# namespace: "" # Optional +# version: "" # Optional +controlPlane: {} +# kubeadm: {} # Name, required +# namespace: "" # Optional +# version: "" # Optional +infrastructure: {} +# docker: {} # Name, required +# namespace: "" # Optional +# version: "" # Optional +addon: {} +# helm: {} # Name, required +# namespace: "" # Optional +# version: "" # Optional +ipam: {} +# in-cluster: {} # Name, required +# namespace: "" # Optional +# version: "" # Optional manager.featureGates: {} fetchConfig: {} # --- @@ -21,7 +39,7 @@ leaderElection: image: manager: repository: registry.k8s.io/capi-operator/cluster-api-operator - tag: v0.18.1 + tag: v0.19.0 pullPolicy: IfNotPresent env: manager: [] From 93b8dbb9ab3f756782ddab31c05b9eab5f2d0b24 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Thu, 15 May 2025 14:37:59 +0200 Subject: [PATCH 20/25] [cluster-api] Update capi-providers Signed-off-by: Andrei Kvapil --- packages/system/capi-providers/templates/providers.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/system/capi-providers/templates/providers.yaml b/packages/system/capi-providers/templates/providers.yaml index 7cb59f3b..b2accf40 100644 --- a/packages/system/capi-providers/templates/providers.yaml +++ b/packages/system/capi-providers/templates/providers.yaml @@ -5,7 +5,7 @@ metadata: name: cluster-api spec: # https://github.com/kubernetes-sigs/cluster-api - version: v1.10.0 + version: v1.10.1 --- apiVersion: operator.cluster.x-k8s.io/v1alpha2 kind: ControlPlaneProvider @@ -13,7 +13,7 @@ metadata: name: kamaji spec: # https://github.com/clastix/cluster-api-control-plane-provider-kamaji - version: v0.14.2 + version: v0.15.1 deployment: containers: - name: manager @@ -31,7 +31,7 @@ metadata: name: kubeadm spec: # https://github.com/kubernetes-sigs/cluster-api - version: v1.10.0 + version: v1.10.1 --- apiVersion: operator.cluster.x-k8s.io/v1alpha2 kind: InfrastructureProvider From 9d551cc69b0f103eb2c4622aa525df30a9117283 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Thu, 15 May 2025 16:49:07 +0200 Subject: [PATCH 21/25] [kubernetes] Update Kubernetes v1.32.4 Signed-off-by: Andrei Kvapil --- packages/apps/kubernetes/Chart.yaml | 2 +- packages/apps/kubernetes/templates/cluster.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/apps/kubernetes/Chart.yaml b/packages/apps/kubernetes/Chart.yaml index a74f0945..47494b96 100644 --- a/packages/apps/kubernetes/Chart.yaml +++ b/packages/apps/kubernetes/Chart.yaml @@ -22,4 +22,4 @@ version: 0.20.0 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 1.31.0 +appVersion: 1.32.4 diff --git a/packages/apps/kubernetes/templates/cluster.yaml b/packages/apps/kubernetes/templates/cluster.yaml index 1b2f395c..8b5e9bcd 100644 --- a/packages/apps/kubernetes/templates/cluster.yaml +++ b/packages/apps/kubernetes/templates/cluster.yaml @@ -157,7 +157,7 @@ spec: labels: policy.cozystack.io/allow-to-etcd: "true" replicas: 2 - version: 1.30.1 + version: {{ $.Chart.AppVersion }} --- apiVersion: cozystack.io/v1alpha1 kind: WorkloadMonitor @@ -283,7 +283,7 @@ spec: kind: KubevirtMachineTemplate name: {{ $.Release.Name }}-{{ $groupName }}-{{ $kubevirtmachinetemplateHash }} namespace: {{ $.Release.Namespace }} - version: v1.32.3 + version: v{{ $.Chart.AppVersion }} --- apiVersion: cluster.x-k8s.io/v1beta1 kind: MachineHealthCheck From 6f55a66328be3b01919e2cbccbb894d56ba48117 Mon Sep 17 00:00:00 2001 From: Timofei Larkin Date: Fri, 16 May 2025 12:55:52 +0300 Subject: [PATCH 22/25] Hotfix: error in template Signed-off-by: Timofei Larkin --- packages/core/platform/bundles/paas-full.yaml | 2 +- packages/extra/ingress/templates/nginx-ingress.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/core/platform/bundles/paas-full.yaml b/packages/core/platform/bundles/paas-full.yaml index 8686bb68..71191025 100644 --- a/packages/core/platform/bundles/paas-full.yaml +++ b/packages/core/platform/bundles/paas-full.yaml @@ -262,7 +262,7 @@ releases: namespace: cozy-dashboard values: {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} - {{- $dashboardKCValues := dig "data" "values.yaml" (dict) $dashboardKCconfig | fromYaml }} + {{- $dashboardKCValues := dig "data" "values.yaml" "" $dashboardKCconfig | fromYaml }} {{- toYaml (deepCopy $dashboardKCValues | mergeOverwrite (fromYaml (include "cozystack.defaultDashboardValues" .))) | nindent 4 }} dependsOn: - cilium diff --git a/packages/extra/ingress/templates/nginx-ingress.yaml b/packages/extra/ingress/templates/nginx-ingress.yaml index 307095ff..88d98b74 100644 --- a/packages/extra/ingress/templates/nginx-ingress.yaml +++ b/packages/extra/ingress/templates/nginx-ingress.yaml @@ -1,6 +1,6 @@ {{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} {{- $exposeIngress := index $cozyConfig.data "expose-ingress" | default "tenant-root" }} -{{- $exposeExternalIPs := splitList "," ((index $cozyConfig.data "expose-external-ips") | default "") }} +{{- $exposeExternalIPs := (index $cozyConfig.data "expose-external-ips") | default "" }} apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: @@ -36,7 +36,7 @@ spec: service: {{- if and (eq $exposeIngress .Release.Namespace) $exposeExternalIPs }} externalIPs: - {{- toYaml $exposeExternalIPs | nindent 12 }} + {{- toYaml (splitList "," $exposeExternalIPs) | nindent 12 }} type: ClusterIP externalTrafficPolicy: Cluster {{- else }} From 4ecf492cd4fa8f74e63b24f69842e3df9e73f59b Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Fri, 16 May 2025 13:46:26 +0200 Subject: [PATCH 23/25] Update Kamaji to edge-25.4.1 Signed-off-by: Andrei Kvapil --- .../crds/kamaji.clastix.io_datastores.yaml | 18 +++++++ ...kamaji.clastix.io_tenantcontrolplanes.yaml | 49 ++++++++++++------- .../charts/kamaji/templates/controller.yaml | 4 -- .../kamaji/charts/kamaji/templates/rbac.yaml | 4 ++ .../system/kamaji/images/kamaji/Dockerfile | 4 +- packages/system/kamaji/values.yaml | 2 +- 6 files changed, 55 insertions(+), 26 deletions(-) diff --git a/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_datastores.yaml b/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_datastores.yaml index f3071767..aeb221e2 100644 --- a/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_datastores.yaml +++ b/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_datastores.yaml @@ -120,6 +120,9 @@ spec: - PostgreSQL - NATS type: string + x-kubernetes-validations: + - message: Datastore driver is immutable + rule: self == oldSelf endpoints: description: |- List of the endpoints to connect to the shared datastore. @@ -263,6 +266,21 @@ spec: - driver - endpoints type: object + x-kubernetes-validations: + - message: certificateAuthority privateKey must have secretReference or content when driver is etcd + rule: '(self.driver == "etcd") ? (self.tlsConfig != null && (has(self.tlsConfig.certificateAuthority.privateKey.secretReference) || has(self.tlsConfig.certificateAuthority.privateKey.content))) : true' + - message: clientCertificate must have secretReference or content when driver is etcd + rule: '(self.driver == "etcd") ? (self.tlsConfig != null && (has(self.tlsConfig.clientCertificate.certificate.secretReference) || has(self.tlsConfig.clientCertificate.certificate.content))) : true' + - message: clientCertificate privateKey must have secretReference or content when driver is etcd + rule: '(self.driver == "etcd") ? (self.tlsConfig != null && (has(self.tlsConfig.clientCertificate.privateKey.secretReference) || has(self.tlsConfig.clientCertificate.privateKey.content))) : true' + - message: When driver is not etcd and tlsConfig exists, clientCertificate must be null or contain valid content + rule: '(self.driver != "etcd" && has(self.tlsConfig) && has(self.tlsConfig.clientCertificate)) ? (((has(self.tlsConfig.clientCertificate.certificate.secretReference) || has(self.tlsConfig.clientCertificate.certificate.content)))) : true' + - message: When driver is not etcd and basicAuth exists, username must have secretReference or content + rule: '(self.driver != "etcd" && has(self.basicAuth)) ? ((has(self.basicAuth.username.secretReference) || has(self.basicAuth.username.content))) : true' + - message: When driver is not etcd and basicAuth exists, password must have secretReference or content + rule: '(self.driver != "etcd" && has(self.basicAuth)) ? ((has(self.basicAuth.password.secretReference) || has(self.basicAuth.password.content))) : true' + - message: When driver is not etcd, either tlsConfig or basicAuth must be provided + rule: '(self.driver != "etcd") ? (has(self.tlsConfig) || has(self.basicAuth)) : true' status: description: DataStoreStatus defines the observed state of DataStore. properties: diff --git a/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml b/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml index bb26cdcc..b3d3b668 100644 --- a/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml +++ b/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml @@ -427,7 +427,7 @@ spec: Values defined by an Env with a duplicate key will take precedence. Cannot be updated. items: - description: EnvFromSource represents the source of a set of ConfigMaps + description: EnvFromSource represents the source of a set of ConfigMaps or Secrets properties: configMapRef: description: The ConfigMap to select from @@ -447,7 +447,7 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + description: Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER. type: string secretRef: description: The Secret to select from @@ -696,6 +696,12 @@ spec: - port type: object type: object + stopSignal: + description: |- + StopSignal defines which signal will be sent to a container when it is being stopped. + If not specified, the default is defined by the container runtime in use. + StopSignal can only be set for Pods with a non-empty .spec.os.name + type: string type: object livenessProbe: description: |- @@ -1792,7 +1798,7 @@ spec: Values defined by an Env with a duplicate key will take precedence. Cannot be updated. items: - description: EnvFromSource represents the source of a set of ConfigMaps + description: EnvFromSource represents the source of a set of ConfigMaps or Secrets properties: configMapRef: description: The ConfigMap to select from @@ -1812,7 +1818,7 @@ spec: type: object x-kubernetes-map-type: atomic prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + description: Optional text to prepend to the name of each environment variable. Must be a C_IDENTIFIER. type: string secretRef: description: The Secret to select from @@ -2061,6 +2067,12 @@ spec: - port type: object type: object + stopSignal: + description: |- + StopSignal defines which signal will be sent to a container when it is being stopped. + If not specified, the default is defined by the container runtime in use. + StopSignal can only be set for Pods with a non-empty .spec.os.name + type: string type: object livenessProbe: description: |- @@ -4087,7 +4099,7 @@ spec: The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). - Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath) before 1.33. The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. properties: pullPolicy: @@ -5173,7 +5185,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5188,7 +5199,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5349,7 +5359,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5364,7 +5373,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5518,7 +5526,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5533,7 +5540,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5694,7 +5700,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5709,7 +5714,6 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -6339,7 +6343,6 @@ spec: - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. - This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string nodeTaintsPolicy: description: |- @@ -6350,7 +6353,6 @@ spec: - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. - This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. type: string topologyKey: description: |- @@ -7071,7 +7073,7 @@ spec: description: KubernetesDeploymentStatus defines the status for the Tenant Control Plane Deployment in the management cluster. properties: availableReplicas: - description: Total number of available pods (ready for at least minReadySeconds) targeted by this deployment. + description: Total number of available non-terminating pods (ready for at least minReadySeconds) targeted by this deployment. format: int32 type: integer collisionCount: @@ -7129,16 +7131,24 @@ spec: format: int64 type: integer readyReplicas: - description: readyReplicas is the number of pods targeted by this Deployment with a Ready Condition. + description: Total number of non-terminating pods targeted by this Deployment with a Ready Condition. format: int32 type: integer replicas: - description: Total number of non-terminated pods targeted by this deployment (their labels match the selector). + description: Total number of non-terminating pods targeted by this deployment (their labels match the selector). format: int32 type: integer selector: description: Selector is the label selector used to group the Tenant Control Plane Pods used by the scale subresource. type: string + terminatingReplicas: + description: |- + Total number of terminating pods targeted by this deployment. Terminating pods have a non-null + .metadata.deletionTimestamp and have not yet reached the Failed or Succeeded .status.phase. + + This is an alpha field. Enable DeploymentReplicaSetTerminatingReplicas to be able to use this field. + format: int32 + type: integer unavailableReplicas: description: |- Total number of unavailable pods targeted by this deployment. This is the total number of @@ -7147,7 +7157,7 @@ spec: format: int32 type: integer updatedReplicas: - description: Total number of non-terminated pods targeted by this deployment that have the desired template spec. + description: Total number of non-terminating pods targeted by this deployment that have the desired template spec. format: int32 type: integer required: @@ -7379,6 +7389,7 @@ spec: - Migrating - Ready - NotReady + - Sleeping type: string version: description: Version is the running Kubernetes version of the Tenant Control Plane. diff --git a/packages/system/kamaji/charts/kamaji/templates/controller.yaml b/packages/system/kamaji/charts/kamaji/templates/controller.yaml index 38d635dd..63178382 100644 --- a/packages/system/kamaji/charts/kamaji/templates/controller.yaml +++ b/packages/system/kamaji/charts/kamaji/templates/controller.yaml @@ -19,10 +19,6 @@ spec: labels: {{- include "kamaji.selectorLabels" . | nindent 8 }} spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} serviceAccountName: {{ include "kamaji.serviceAccountName" . }} diff --git a/packages/system/kamaji/charts/kamaji/templates/rbac.yaml b/packages/system/kamaji/charts/kamaji/templates/rbac.yaml index aa4301db..43a1866f 100644 --- a/packages/system/kamaji/charts/kamaji/templates/rbac.yaml +++ b/packages/system/kamaji/charts/kamaji/templates/rbac.yaml @@ -9,6 +9,10 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} namespace: {{ .Release.Namespace }} +{{- with .Values.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role diff --git a/packages/system/kamaji/images/kamaji/Dockerfile b/packages/system/kamaji/images/kamaji/Dockerfile index 58007bd3..b607756b 100644 --- a/packages/system/kamaji/images/kamaji/Dockerfile +++ b/packages/system/kamaji/images/kamaji/Dockerfile @@ -1,7 +1,7 @@ # Build the manager binary -FROM golang:1.23 as builder +FROM golang:1.24 as builder -ARG VERSION=edge-25.3.2 +ARG VERSION=edge-25.4.1 ARG TARGETOS TARGETARCH WORKDIR /workspace diff --git a/packages/system/kamaji/values.yaml b/packages/system/kamaji/values.yaml index ee781d0e..f28c1408 100644 --- a/packages/system/kamaji/values.yaml +++ b/packages/system/kamaji/values.yaml @@ -3,7 +3,7 @@ kamaji: deploy: false image: pullPolicy: IfNotPresent - tag: v0.31.0-rc.1@sha256:3ae6f1b2e42dcb9dcfbf8213029eb731197ccdbf27fdc30539d975caf32184d4 + tag: latest@sha256:f6a33408df8d3c4223005392bcd8bae9d8c02fd73e2540bbaa911dedb7880ea8 repository: ghcr.io/cozystack/cozystack/kamaji resources: limits: From 5fe7b3bf165268a4ade5e83d4ccc6f67bec7c731 Mon Sep 17 00:00:00 2001 From: Timofei Larkin Date: Thu, 15 May 2025 14:37:14 +0300 Subject: [PATCH 24/25] Build patched MetalLB Since it's taking a while for metallb/metallb#2726 to get released, the binaries with the fix are recompiled in-tree. Workaround for #909. Signed-off-by: Timofei Larkin --- Makefile | 1 + packages/system/metallb/Makefile | 23 +++++ .../system/metallb/charts/metallb/Chart.lock | 8 +- .../system/metallb/charts/metallb/Chart.yaml | 8 +- .../system/metallb/charts/metallb/README.md | 8 +- .../charts/metallb/charts/crds/Chart.yaml | 4 +- .../metallb/charts/crds/templates/crds.yaml | 40 ++++++--- .../charts/metallb/templates/controller.yaml | 2 +- .../charts/metallb/templates/podmonitor.yaml | 2 + .../metallb/templates/prometheusrules.yaml | 20 ++--- .../charts/metallb/templates/rbac.yaml | 12 ++- .../metallb/templates/service-accounts.yaml | 2 +- .../metallb/templates/servicemonitor.yaml | 7 +- .../system/metallb/charts/metallb/values.yaml | 12 +-- .../system/metallb/images/metallb/Dockerfile | 87 +++++++++++++++++++ packages/system/metallb/values.yaml | 11 ++- 16 files changed, 195 insertions(+), 52 deletions(-) create mode 100644 packages/system/metallb/images/metallb/Dockerfile diff --git a/Makefile b/Makefile index 99309f4e..63f61458 100644 --- a/Makefile +++ b/Makefile @@ -20,6 +20,7 @@ build: build-deps make -C packages/system/kubeovn image make -C packages/system/kubeovn-webhook image make -C packages/system/dashboard image + make -C packages/system/metallb image make -C packages/system/kamaji image make -C packages/system/bucket image make -C packages/core/testing image diff --git a/packages/system/metallb/Makefile b/packages/system/metallb/Makefile index d01bf396..1cef5576 100644 --- a/packages/system/metallb/Makefile +++ b/packages/system/metallb/Makefile @@ -1,6 +1,7 @@ export NAME=metallb export NAMESPACE=cozy-$(NAME) +include ../../../scripts/common-envs.mk include ../../../scripts/package.mk update: @@ -9,3 +10,25 @@ update: helm repo update metallb helm pull metallb/metallb --untar --untardir charts rm -rf charts/metallb/charts/frr-k8s + +image-controller image-speaker: + $(eval TARGET := $(subst image-,,$@)) + $(eval VERSION := $(shell yq '.appVersion' charts/metallb/Chart.yaml)) + docker buildx build images/metallb \ + --provenance false \ + --target $(TARGET) \ + --build-arg VERSION=$(VERSION) \ + --tag $(REGISTRY)/metallb-$(TARGET):$(VERSION) \ + --cache-from type=registry,ref=$(REGISTRY)/metallb-$(TARGET):latest \ + --cache-to type=inline \ + --metadata-file images/$(TARGET).json \ + --push=$(PUSH) \ + --label "org.opencontainers.image.source=https://github.com/cozystack/cozystack" + --load=1 + REPOSITORY="$(REGISTRY)/metallb-$(TARGET)" \ + yq -i '.metallb.$(TARGET).image.repository = strenv(REPOSITORY)' values.yaml + TAG=$(VERSION)@$$(yq e '."containerimage.digest"' images/$(TARGET).json -o json -r) \ + yq -i '.metallb.$(TARGET).image.tag = strenv(TAG)' values.yaml + rm -f images/$(TARGET).json + +image: image-controller image-speaker diff --git a/packages/system/metallb/charts/metallb/Chart.lock b/packages/system/metallb/charts/metallb/Chart.lock index 81247366..79345580 100644 --- a/packages/system/metallb/charts/metallb/Chart.lock +++ b/packages/system/metallb/charts/metallb/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: crds repository: "" - version: 0.14.8 + version: 0.14.9 - name: frr-k8s repository: https://metallb.github.io/frr-k8s - version: 0.0.14 -digest: sha256:8dff488902a5b504a491bbd1a9ab0983a877ff214e163ed74106c73c939a9aa3 -generated: "2024-07-23T15:22:40.589621+03:00" + version: 0.0.16 +digest: sha256:20d9a53af12c82d35168e7524ae337341b2c7cb43e2169545185f750a718466e +generated: "2024-12-17T15:39:32.082324414+01:00" diff --git a/packages/system/metallb/charts/metallb/Chart.yaml b/packages/system/metallb/charts/metallb/Chart.yaml index a7f77b63..680ac9ba 100644 --- a/packages/system/metallb/charts/metallb/Chart.yaml +++ b/packages/system/metallb/charts/metallb/Chart.yaml @@ -1,14 +1,14 @@ apiVersion: v2 -appVersion: v0.14.8 +appVersion: v0.14.9 dependencies: - condition: crds.enabled name: crds repository: "" - version: 0.14.8 + version: 0.14.9 - condition: frrk8s.enabled name: frr-k8s repository: https://metallb.github.io/frr-k8s - version: 0.0.14 + version: 0.0.16 description: A network load-balancer implementation for Kubernetes using standard routing protocols home: https://metallb.universe.tf @@ -18,4 +18,4 @@ name: metallb sources: - https://github.com/metallb/metallb type: application -version: 0.14.8 +version: 0.14.9 diff --git a/packages/system/metallb/charts/metallb/README.md b/packages/system/metallb/charts/metallb/README.md index 202a9519..43f51ef7 100644 --- a/packages/system/metallb/charts/metallb/README.md +++ b/packages/system/metallb/charts/metallb/README.md @@ -17,7 +17,7 @@ Kubernetes: `>= 1.19.0-0` | Repository | Name | Version | |------------|------|---------| | | crds | 0.0.0 | -| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.14 | +| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.16 | ## Values @@ -79,17 +79,17 @@ Kubernetes: `>= 1.19.0-0` | prometheus.podMonitor.relabelings | list | `[]` | | | prometheus.prometheusRule.additionalLabels | object | `{}` | | | prometheus.prometheusRule.addressPoolExhausted.enabled | bool | `true` | | -| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"critical"` | | | prometheus.prometheusRule.addressPoolUsage.enabled | bool | `true` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[0].labels.severity | string | `"warning"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[0].percent | int | `75` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[1].labels.severity | string | `"warning"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[1].percent | int | `85` | | -| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"critical"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[2].percent | int | `95` | | | prometheus.prometheusRule.annotations | object | `{}` | | | prometheus.prometheusRule.bgpSessionDown.enabled | bool | `true` | | -| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"critical"` | | | prometheus.prometheusRule.configNotLoaded.enabled | bool | `true` | | | prometheus.prometheusRule.configNotLoaded.labels.severity | string | `"warning"` | | | prometheus.prometheusRule.enabled | bool | `false` | | diff --git a/packages/system/metallb/charts/metallb/charts/crds/Chart.yaml b/packages/system/metallb/charts/metallb/charts/crds/Chart.yaml index 613d3182..e9fec846 100644 --- a/packages/system/metallb/charts/metallb/charts/crds/Chart.yaml +++ b/packages/system/metallb/charts/metallb/charts/crds/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: v0.14.8 +appVersion: v0.14.9 description: MetalLB CRDs home: https://metallb.universe.tf icon: https://metallb.universe.tf/images/logo/metallb-white.png @@ -7,4 +7,4 @@ name: crds sources: - https://github.com/metallb/metallb type: application -version: 0.14.8 +version: 0.14.9 diff --git a/packages/system/metallb/charts/metallb/charts/crds/templates/crds.yaml b/packages/system/metallb/charts/metallb/charts/crds/templates/crds.yaml index 61f100ed..8f241477 100644 --- a/packages/system/metallb/charts/metallb/charts/crds/templates/crds.yaml +++ b/packages/system/metallb/charts/metallb/charts/crds/templates/crds.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bfdprofiles.metallb.io spec: group: metallb.io @@ -123,7 +123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bgpadvertisements.metallb.io spec: group: metallb.io @@ -329,7 +329,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bgppeers.metallb.io spec: conversion: @@ -365,6 +365,8 @@ spec: - jsonPath: .spec.ebgpMultiHop name: Multi Hops type: string + deprecated: true + deprecationWarning: v1beta1 is deprecated, please use v1beta2 name: v1beta1 schema: openAPIV3Schema: @@ -526,15 +528,26 @@ spec: default: false description: To set if we want to disable MP BGP that will separate IPv4 and IPv6 route exchanges into distinct BGP sessions. type: boolean + dynamicASN: + description: |- + DynamicASN detects the AS number to use for the remote end of the session + without explicitly setting it via the ASN field. Limited to: + internal - if the neighbor's ASN is different than MyASN connection is denied. + external - if the neighbor's ASN is the same as MyASN the connection is denied. + ASN and DynamicASN are mutually exclusive and one of them must be specified. + enum: + - internal + - external + type: string ebgpMultiHop: description: To set if the BGPPeer is multi-hops away. Needed for FRR mode only. type: boolean enableGracefulRestart: description: |- - EnableGracefulRestart allows BGP peer to continue to forward data packets along - known routes while the routing protocol information is being restored. - This field is immutable because it requires restart of the BGP session - Supported for FRR mode only. + EnableGracefulRestart allows BGP peer to continue to forward data packets + along known routes while the routing protocol information is being + restored. This field is immutable because it requires restart of the BGP + session. Supported for FRR mode only. type: boolean x-kubernetes-validations: - message: EnableGracefulRestart cannot be changed after creation @@ -622,7 +635,9 @@ spec: type: object x-kubernetes-map-type: atomic peerASN: - description: AS number to expect from the remote end of the session. + description: |- + AS number to expect from the remote end of the session. + ASN and DynamicASN are mutually exclusive and one of them must be specified. format: int32 maximum: 4294967295 minimum: 0 @@ -649,7 +664,6 @@ spec: type: string required: - myASN - - peerASN - peerAddress type: object status: @@ -665,7 +679,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: communities.metallb.io spec: group: metallb.io @@ -730,7 +744,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: ipaddresspools.metallb.io spec: group: metallb.io @@ -940,7 +954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: l2advertisements.metallb.io spec: group: metallb.io @@ -1120,7 +1134,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: servicel2statuses.metallb.io spec: group: metallb.io diff --git a/packages/system/metallb/charts/metallb/templates/controller.yaml b/packages/system/metallb/charts/metallb/templates/controller.yaml index 6129cd87..8fd9c477 100644 --- a/packages/system/metallb/charts/metallb/templates/controller.yaml +++ b/packages/system/metallb/charts/metallb/templates/controller.yaml @@ -84,7 +84,7 @@ spec: - name: METALLB_DEPLOYMENT value: {{ template "metallb.fullname" . }}-controller {{- end }} - {{- if .Values.speaker.frr.enabled }} + {{- if and .Values.speaker.enabled .Values.speaker.frr.enabled }} - name: METALLB_BGP_TYPE value: frr {{- end }} diff --git a/packages/system/metallb/charts/metallb/templates/podmonitor.yaml b/packages/system/metallb/charts/metallb/templates/podmonitor.yaml index 93a7fd69..42de8818 100644 --- a/packages/system/metallb/charts/metallb/templates/podmonitor.yaml +++ b/packages/system/metallb/charts/metallb/templates/podmonitor.yaml @@ -36,6 +36,7 @@ spec: relabelings: {{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }} {{- end }} +{{- if .Values.speaker.enabled }} --- apiVersion: monitoring.coreos.com/v1 kind: PodMonitor @@ -74,6 +75,7 @@ spec: relabelings: {{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }} {{- end }} +{{- end }} --- {{- if .Values.prometheus.rbacPrometheus }} apiVersion: rbac.authorization.k8s.io/v1 diff --git a/packages/system/metallb/charts/metallb/templates/prometheusrules.yaml b/packages/system/metallb/charts/metallb/templates/prometheusrules.yaml index e811ef13..64e44c60 100644 --- a/packages/system/metallb/charts/metallb/templates/prometheusrules.yaml +++ b/packages/system/metallb/charts/metallb/templates/prometheusrules.yaml @@ -19,8 +19,8 @@ spec: {{- if .Values.prometheus.prometheusRule.staleConfig.enabled }} - alert: MetalLBStaleConfig annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has a stale config for > 1 minute'`}} + summary: {{`'Stale config on {{ $labels.pod }}'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has a stale config for > 1 minute'`}} expr: metallb_k8s_client_config_stale_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 1 for: 1m {{- with .Values.prometheus.prometheusRule.staleConfig.labels }} @@ -31,8 +31,8 @@ spec: {{- if .Values.prometheus.prometheusRule.configNotLoaded.enabled }} - alert: MetalLBConfigNotLoaded annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has not loaded for > 1 minute'`}} + summary: {{`'Config on {{ $labels.pod }} has not been loaded'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has not loaded for > 1 minute'`}} expr: metallb_k8s_client_config_loaded_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 0 for: 1m {{- with .Values.prometheus.prometheusRule.configNotLoaded.labels }} @@ -43,8 +43,8 @@ spec: {{- if .Values.prometheus.prometheusRule.addressPoolExhausted.enabled }} - alert: MetalLBAddressPoolExhausted annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}} + summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}} expr: metallb_allocator_addresses_in_use_total >= on(pool) metallb_allocator_addresses_total for: 1m {{- with .Values.prometheus.prometheusRule.addressPoolExhausted.labels }} @@ -57,8 +57,8 @@ spec: {{- range .Values.prometheus.prometheusRule.addressPoolUsage.thresholds }} - alert: MetalLBAddressPoolUsage{{ .percent }}Percent annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}} + summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}} + message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}} expr: ( metallb_allocator_addresses_in_use_total / on(pool) metallb_allocator_addresses_total ) * 100 > {{ .percent }} {{- with .labels }} labels: @@ -69,8 +69,8 @@ spec: {{- if .Values.prometheus.prometheusRule.bgpSessionDown.enabled }} - alert: MetalLBBGPSessionDown annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has BGP session {{ $labels.peer }} down for > 1 minute'`}} + summary: {{`'BGP session down on {{ $labels.pod }}'`}} + message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has BGP session {{ $labels.peer }} down for > 1 minute'`}} expr: metallb_bgp_session_up{job=~"{{ template "metallb.fullname" . }}.*"} == 0 for: 1m {{- with .Values.prometheus.prometheusRule.bgpSessionDown.labels }} diff --git a/packages/system/metallb/charts/metallb/templates/rbac.yaml b/packages/system/metallb/charts/metallb/templates/rbac.yaml index e7fc5d97..10ffbd8a 100644 --- a/packages/system/metallb/charts/metallb/templates/rbac.yaml +++ b/packages/system/metallb/charts/metallb/templates/rbac.yaml @@ -19,11 +19,11 @@ rules: resources: ["events"] verbs: ["create", "patch"] - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + resources: ["validatingwebhookconfigurations"] resourceNames: ["metallb-webhook-configuration"] verbs: ["create", "delete", "get", "list", "patch", "update", "watch"] - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + resources: ["validatingwebhookconfigurations"] verbs: ["list", "watch"] - apiGroups: ["apiextensions.k8s.io"] resources: ["customresourcedefinitions"] @@ -41,6 +41,7 @@ rules: resources: ["subjectaccessreviews"] verbs: ["create"] {{- end }} +{{- if .Values.speaker.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -72,7 +73,7 @@ rules: {{- if or .Values.frrk8s.enabled .Values.frrk8s.external }} - apiGroups: ["frrk8s.metallb.io"] resources: ["frrconfigurations"] - verbs: ["get", "list", "watch","create","update"] + verbs: ["get", "list", "watch","create","update","delete"] {{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 @@ -109,6 +110,7 @@ rules: - apiGroups: ["metallb.io"] resources: ["communities"] verbs: ["get", "list", "watch"] +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -117,7 +119,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "metallb.labels" . | nindent 4 }} rules: -{{- if .Values.speaker.memberlist.enabled }} +{{- if and .Values.speaker.enabled .Values.speaker.memberlist.enabled }} - apiGroups: [""] resources: ["secrets"] verbs: ["create", "get", "list", "watch"] @@ -166,6 +168,7 @@ roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: {{ template "metallb.fullname" . }}:controller +{{- if .Values.speaker.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -195,6 +198,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "metallb.speaker.serviceAccountName" . }} +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/packages/system/metallb/charts/metallb/templates/service-accounts.yaml b/packages/system/metallb/charts/metallb/templates/service-accounts.yaml index 9615acf3..8d92a040 100644 --- a/packages/system/metallb/charts/metallb/templates/service-accounts.yaml +++ b/packages/system/metallb/charts/metallb/templates/service-accounts.yaml @@ -13,7 +13,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} {{- end }} -{{- if .Values.speaker.serviceAccount.create }} +{{- if and .Values.speaker.enabled .Values.speaker.serviceAccount.create }} --- apiVersion: v1 kind: ServiceAccount diff --git a/packages/system/metallb/charts/metallb/templates/servicemonitor.yaml b/packages/system/metallb/charts/metallb/templates/servicemonitor.yaml index 8be88dd3..2a92e48a 100644 --- a/packages/system/metallb/charts/metallb/templates/servicemonitor.yaml +++ b/packages/system/metallb/charts/metallb/templates/servicemonitor.yaml @@ -1,4 +1,9 @@ +{{- if and .Values.prometheus.serviceMonitor.enabled .Values.prometheus.podMonitor.enabled }} +{{- fail "prometheus.serviceMonitor.enabled and prometheus.podMonitor.enabled cannot both be set" }} +{{- end }} + {{- if .Values.prometheus.serviceMonitor.enabled }} +{{- if .Values.speaker.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -89,6 +94,7 @@ spec: {{- end }} sessionAffinity: None type: ClusterIP +{{- end }} --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor @@ -97,7 +103,6 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "metallb.labels" . | nindent 4 }} - app.kubernetes.io/component: speaker {{- if .Values.prometheus.serviceMonitor.controller.additionalLabels }} {{ toYaml .Values.prometheus.serviceMonitor.controller.additionalLabels | indent 4 }} {{- end }} diff --git a/packages/system/metallb/charts/metallb/values.yaml b/packages/system/metallb/charts/metallb/values.yaml index bc96d355..50d26bca 100644 --- a/packages/system/metallb/charts/metallb/values.yaml +++ b/packages/system/metallb/charts/metallb/values.yaml @@ -42,7 +42,7 @@ prometheus: # certificate to be used. controllerMetricsTLSSecret: "" - # prometheus doens't have the permission to scrape all namespaces so we give it permission to scrape metallb's one + # prometheus doesn't have the permission to scrape all namespaces so we give it permission to scrape metallb's one rbacPrometheus: true # the service account used by prometheus @@ -64,7 +64,7 @@ prometheus: # enable support for Prometheus Operator enabled: false - # optional additionnal labels for podMonitors + # optional additional labels for podMonitors additionalLabels: {} # optional annotations for podMonitors @@ -143,7 +143,7 @@ prometheus: # enable alertmanager alerts enabled: false - # optional additionnal labels for prometheusRules + # optional additional labels for prometheusRules additionalLabels: {} # optional annotations for prometheusRules @@ -165,7 +165,7 @@ prometheus: addressPoolExhausted: enabled: true labels: - severity: alert + severity: critical addressPoolUsage: enabled: true @@ -178,13 +178,13 @@ prometheus: severity: warning - percent: 95 labels: - severity: alert + severity: critical # MetalLBBGPSessionDown bgpSessionDown: enabled: true labels: - severity: alert + severity: critical extraAlerts: [] diff --git a/packages/system/metallb/images/metallb/Dockerfile b/packages/system/metallb/images/metallb/Dockerfile new file mode 100644 index 00000000..477c3fc0 --- /dev/null +++ b/packages/system/metallb/images/metallb/Dockerfile @@ -0,0 +1,87 @@ +# syntax=docker/dockerfile:1.2 + +FROM --platform=$BUILDPLATFORM docker.io/golang:1.22.7 AS builder + +ARG VERSION +ARG GIT_COMMIT=dev +ARG GIT_BRANCH=dev +ARG TARGETARCH +ARG TARGETOS +ARG TARGETPLATFORM + +WORKDIR /go/go.universe.tf/metallb + +RUN --mount=type=cache,target=/go/pkg/mod \ + curl -sSL https://github.com/metallb/metallb/archive/refs/tags/${VERSION}.tar.gz \ + | tar -xzvf- --strip=1 + +RUN curl -sSLO https://github.com/metallb/metallb/pull/2726.diff && \ + git apply 2726.diff + +RUN --mount=type=cache,target=/go/pkg/mod \ + --mount=type=cache,target=/root/.cache/go-build \ + go mod download -x + +RUN case ${TARGETPLATFORM} in \ + "linux/arm/v6") export VARIANT="6" ;; \ + "linux/arm/v7") export VARIANT="7" ;; \ + *) export VARIANT="" ;; \ + esac && \ + CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \ + go build -v -o /build/controller \ + -ldflags "-X 'go.universe.tf/metallb/internal/version.gitCommit=${GIT_COMMIT}' \ + -X 'go.universe.tf/metallb/internal/version.gitBranch=${GIT_BRANCH}'" \ + ./controller \ + && \ + CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \ + go build -v -o /build/frr-metrics \ + -ldflags "-X 'go.universe.tf/metallb/internal/version.gitCommit=${GIT_COMMIT}' \ + -X 'go.universe.tf/metallb/internal/version.gitBranch=${GIT_BRANCH}'" \ + frr-tools/metrics/exporter.go \ + && \ + CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \ + go build -v -o /build/cp-tool \ + -ldflags "-X 'go.universe.tf/metallb/internal/version.gitCommit=${GIT_COMMIT}' \ + -X 'go.universe.tf/metallb/internal/version.gitBranch=${GIT_BRANCH}'" \ + frr-tools/cp-tool/cp-tool.go \ + && \ + CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \ + go build -v -o /build/speaker \ + -ldflags "-X 'go.universe.tf/metallb/internal/version.gitCommit=${GIT_COMMIT}' \ + -X 'go.universe.tf/metallb/internal/version.gitBranch=${GIT_BRANCH}'" \ + ./speaker + +FROM gcr.io/distroless/static:latest as controller + +COPY --from=builder /build/controller /controller + +LABEL org.opencontainers.image.authors="metallb" \ + org.opencontainers.image.url="https://github.com/metallb/metallb" \ + org.opencontainers.image.documentation="https://metallb.universe.tf" \ + org.opencontainers.image.source="https://github.com/cozystack/cozystack" \ + org.opencontainers.image.vendor="metallb" \ + org.opencontainers.image.licenses="Apache-2.0" \ + org.opencontainers.image.description="Metallb Controller" \ + org.opencontainers.image.title="controller" \ + org.opencontainers.image.base.name="gcr.io/distroless/static:latest" + +ENTRYPOINT ["/controller"] + +FROM gcr.io/distroless/static:latest as speaker + +COPY --from=builder /build/cp-tool /cp-tool +COPY --from=builder /build/speaker /speaker +COPY --from=builder /build/frr-metrics /frr-metrics +COPY --from=builder /go/go.universe.tf/metallb/frr-tools/reloader/frr-reloader.sh /frr-reloader.sh + +LABEL org.opencontainers.image.authors="metallb" \ + org.opencontainers.image.url="https://github.com/metallb/metallb" \ + org.opencontainers.image.documentation="https://metallb.universe.tf" \ + org.opencontainers.image.source="https://github.com/cozystack/cozystack" \ + org.opencontainers.image.vendor="metallb" \ + org.opencontainers.image.licenses="Apache-2.0" \ + org.opencontainers.image.description="Metallb speaker" \ + org.opencontainers.image.title="speaker" \ + org.opencontainers.image.base.name="gcr.io/distroless/static:latest" + +ENTRYPOINT ["/speaker"] diff --git a/packages/system/metallb/values.yaml b/packages/system/metallb/values.yaml index 737f17cf..04c3a710 100644 --- a/packages/system/metallb/values.yaml +++ b/packages/system/metallb/values.yaml @@ -2,5 +2,12 @@ metallb: crds: enabled: true - #speaker: - # tolerateMaster: false + controller: + image: + repository: ghcr.io/cozystack/cozystack/metallb/controller + tag: v0.14.9@sha256:c86418d1072d6037341d731917d11a2f281fb17559d5bb650962512f9894fd50 + + speaker: + image: + repository: ghcr.io/cozystack/cozystack/metallb/speaker + tag: v0.14.9@sha256:60fddc8fd6c125180186db31990993b4ebea5023ad410bf08ca9537a956e8279 From 5e0b0167fcd3c0d8c68c89bc4fa13f4cef19b0b4 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Fri, 16 May 2025 16:24:45 +0200 Subject: [PATCH 25/25] [kubernetes] fix regression: return port specification Signed-off-by: Andrei Kvapil --- packages/apps/kubernetes/templates/cluster.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/apps/kubernetes/templates/cluster.yaml b/packages/apps/kubernetes/templates/cluster.yaml index 1b2f395c..9aa16816 100644 --- a/packages/apps/kubernetes/templates/cluster.yaml +++ b/packages/apps/kubernetes/templates/cluster.yaml @@ -150,7 +150,7 @@ spec: ingress: extraAnnotations: nginx.ingress.kubernetes.io/ssl-passthrough: "true" - hostname: {{ .Values.host | default (printf "%s.%s" .Release.Name $host) }} + hostname: {{ .Values.host | default (printf "%s.%s" .Release.Name $host) }}:443 className: "{{ $ingress }}" deployment: podAdditionalMetadata: