Merge branch 'aenix-io:main' into main

2026-01-28 02:18:36 +00:00 · 2025-01-30 00:27:55 +03:00
parent 719cedde02 af48519d65
commit e5e14722b8
33 changed files with 126 additions and 137 deletions
--- a/1
+++ b/1
@@ -6,6 +6,7 @@ build:
 	make -C packages/apps/mysql image
 	make -C packages/apps/clickhouse image
 	make -C packages/apps/kubernetes image
+	make -C packages/extra/monitoring image
 	make -C packages/system/cozystack-api image
 	make -C packages/system/cozystack-controller image
 	make -C packages/system/cilium image
--- a/cmd/cozystack-assets-server/main.go
+++ b/cmd/cozystack-assets-server/main.go
@@ -0,0 +1,29 @@
+package main
+
+import (
+	"flag"
+	"log"
+	"net/http"
+	"path/filepath"
+)
+
+func main() {
+	addr := flag.String("address", ":8123", "Address to listen on")
+	dir := flag.String("dir", "/cozystack/assets", "Directory to serve files from")
+	flag.Parse()
+
+	absDir, err := filepath.Abs(*dir)
+	if err != nil {
+		log.Fatalf("Error getting absolute path for %s: %v", *dir, err)
+	}
+
+	fs := http.FileServer(http.Dir(absDir))
+	http.Handle("/", fs)
+
+	log.Printf("Server starting on %s, serving directory %s", *addr, absDir)
+
+	err = http.ListenAndServe(*addr, nil)
+	if err != nil {
+		log.Fatalf("Server failed to start: %v", err)
+	}
+}
--- a/manifests/cozystack-installer.yaml
+++ b/manifests/cozystack-installer.yaml
@@ -68,7 +68,7 @@ spec:
      serviceAccountName: cozystack
      containers:
      - name: cozystack
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.23.1"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.24.1"
        env:
        - name: KUBERNETES_SERVICE_HOST
          value: localhost
@@ -86,13 +86,12 @@ spec:
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
-      - name: darkhttpd
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.23.1"
+      - name: assets
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.24.1"
        command:
-        - /usr/bin/darkhttpd
-        - /cozystack/assets
-        - --port
-        - "8123"
+        - /usr/bin/cozystack-assets-server
+        - "-dir=/cozystack/assets"
+        - "-address=:8123"
        ports:
        - name: http
          containerPort: 8123
--- a/packages/apps/http-cache/images/nginx-cache.tag
+++ b/packages/apps/http-cache/images/nginx-cache.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/nginx-cache:0.3.1@sha256:a3c25199acb8e8426e6952658ccc4acaadb50fe2cfa6359743b64e5166b3fc70
+ghcr.io/aenix-io/cozystack/nginx-cache:0.3.1@sha256:b311eb8eb0c50a2707a6aef06a34a33c3ca40f2041eb30e73dd338ea3d11f33e
--- a/packages/apps/kubernetes/images/cluster-autoscaler.tag
+++ b/packages/apps/kubernetes/images/cluster-autoscaler.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/cluster-autoscaler:0.15.0@sha256:538ee308f16c9e627ed16ee7c4aaa65919c2e6c4c2778f964a06e4797610d1cd
+ghcr.io/aenix-io/cozystack/cluster-autoscaler:0.15.0@sha256:73701e37727eedaafdf9efe4baefcf0835f064ee8731219f0c0186c0d0781a5c
--- a/packages/apps/kubernetes/images/kubevirt-cloud-provider.tag
+++ b/packages/apps/kubernetes/images/kubevirt-cloud-provider.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/kubevirt-cloud-provider:0.15.0@sha256:7716c88947d13dc90ccfcc3e60bfdd6e6fa9b201339a75e9c84bf825c76e2b1f
+ghcr.io/aenix-io/cozystack/kubevirt-cloud-provider:0.15.0@sha256:22302ca96a146617636bda107991825f6fcdb4599d360ab392aca1c00ed81a94
--- a/packages/apps/kubernetes/images/kubevirt-csi-driver.tag
+++ b/packages/apps/kubernetes/images/kubevirt-csi-driver.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/kubevirt-csi-driver:0.15.0@sha256:be5e0eef92dada3ace5cddda5c68b30c9fe4682774c5e6e938ed31efba11ebbf
+ghcr.io/aenix-io/cozystack/kubevirt-csi-driver:0.15.0@sha256:1318c7612391186b2a5d96c6fed2d13bd8fb2f6c13770e29e5d5abc517d9c138
--- a/packages/apps/kubernetes/images/ubuntu-container-disk.tag
+++ b/packages/apps/kubernetes/images/ubuntu-container-disk.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/ubuntu-container-disk:v1.30.1@sha256:8392f00a7182294ce6fd417d254f7c2aa09fb9203d829dec70344a8050369430
+ghcr.io/aenix-io/cozystack/ubuntu-container-disk:v1.30.1@sha256:e4d153f11a545276cd299e893c28bf21c64eefa64ea25dbba3a0b40df0e3dbe9
--- a/packages/core/installer/images/cozystack/Dockerfile
+++ b/packages/core/installer/images/cozystack/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:alpine3.19 as k8s-await-election-builder
+FROM golang:alpine3.21 as k8s-await-election-builder

 ARG K8S_AWAIT_ELECTION_GITREPO=https://github.com/LINBIT/k8s-await-election
 ARG K8S_AWAIT_ELECTION_VERSION=0.4.1
@@ -13,7 +13,7 @@ RUN git clone ${K8S_AWAIT_ELECTION_GITREPO} /usr/local/go/k8s-await-election/ \
 && make \
 && mv ./out/k8s-await-election-${TARGETARCH} /k8s-await-election

-FROM alpine:3.19 AS builder
+FROM golang:alpine3.21 as builder

 RUN apk add --no-cache make git
 RUN apk add helm --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community
@@ -21,12 +21,14 @@ RUN apk add helm --repository=https://dl-cdn.alpinelinux.org/alpine/edge/communi
 COPY . /src/
 WORKDIR /src

+RUN go build -o /cozystack-assets-server -ldflags '-extldflags "-static" -w -s' ./cmd/cozystack-assets-server
+
 # Check that versions_map is not changed
 RUN make repos

-FROM alpine:3.19
+FROM alpine:3.21

-RUN apk add --no-cache make darkhttpd
+RUN apk add --no-cache make
 RUN apk add helm kubectl --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community

 COPY scripts /cozystack/scripts
@@ -34,6 +36,7 @@ COPY --from=builder /src/packages/core /cozystack/packages/core
 COPY --from=builder /src/packages/system /cozystack/packages/system
 COPY --from=builder /src/_out/repos /cozystack/assets/repos
 COPY --from=builder /src/_out/logos /cozystack/assets/logos
+COPY --from=builder /cozystack-assets-server /usr/bin/cozystack-assets-server
 COPY --from=k8s-await-election-builder /k8s-await-election /usr/bin/k8s-await-election
 COPY dashboards /cozystack/assets/dashboards

--- a/packages/core/installer/templates/cozystack.yaml
+++ b/packages/core/installer/templates/cozystack.yaml
@@ -67,13 +67,12 @@ spec:
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
-      - name: darkhttpd
+      - name: assets
        image: "{{ .Values.cozystack.image }}"
        command:
-        - /usr/bin/darkhttpd
-        - /cozystack/assets
-        - --port
-        - "8123"
+        - /usr/bin/cozystack-assets-server
+        - "-dir=/cozystack/assets"
+        - "-address=:8123"
        ports:
        - name: http
          containerPort: 8123
--- a/packages/core/installer/values.yaml
+++ b/packages/core/installer/values.yaml
@@ -1,2 +1,2 @@
 cozystack:
-  image: ghcr.io/aenix-io/cozystack/cozystack:v0.23.1@sha256:dfa803a3e02ec9ea221029d361aa9d7aef0b5eb0a36d66c949b265d4ac4fc114
+  image: ghcr.io/aenix-io/cozystack/cozystack:v0.24.1@sha256:2a07ec771337e41720196311ef53b120f2925abfc389eb36bc3c785c71817abd
--- a/packages/core/testing/values.yaml
+++ b/packages/core/testing/values.yaml
@@ -1,2 +1,2 @@
 e2e:
-  image: ghcr.io/aenix-io/cozystack/e2e-sandbox:v0.23.1@sha256:0f4ffa7f23d6cdc633c0c4a0b852fde9710edbce96486fd9bd29c7d0d7710380
+  image: ghcr.io/aenix-io/cozystack/e2e-sandbox:v0.24.1@sha256:3b4db74ce6225599fcf172a575a099e0ed365c81e62eb264bb49e38387232031
--- a/packages/extra/bootbox/images/matchbox.tag
+++ b/packages/extra/bootbox/images/matchbox.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/matchbox:v0.23.1
+ghcr.io/aenix-io/cozystack/matchbox:v0.24.1@sha256:26ce2eaae90c82e49e866ae5b18e38d6e3ac1a4b0a3b494ebe2c480a4685f143
--- a/packages/extra/monitoring/Chart.yaml
+++ b/packages/extra/monitoring/Chart.yaml
@@ -3,4 +3,4 @@ name: monitoring
 description: Monitoring and observability stack
 icon: /logos/monitoring.svg
 type: application
-version: 1.7.0
+version: 1.8.0
--- a/packages/extra/monitoring/Makefile
+++ b/packages/extra/monitoring/Makefile
@@ -1,5 +1,8 @@
+GRAFANA_TAG = $(shell awk '$$1 == "version:" {print $$2}' Chart.yaml)
+
 NAME=monitoring

+include ../../../scripts/common-envs.mk
 include ../../../scripts/package.mk

 generate:
@@ -8,3 +11,16 @@ generate:
 		jq '.properties.metricsStorages.items.type = "object" | .properties.logsStorages.items.type = "object"' \
 		> values.schema.json
 	rm -f values.schema.json.tmp
+
+image:
+	docker buildx build --platform linux/amd64 images/grafana \
+		--provenance false \
+		--tag $(REGISTRY)/grafana:$(call settag,$(GRAFANA_TAG)) \
+		--cache-from type=registry,ref=$(REGISTRY)/grafana:latest \
+		--cache-to type=inline \
+		--metadata-file images/grafana.json \
+		--push=$(PUSH) \
+		--load=$(LOAD)
+	echo "$(REGISTRY)/grafana:$(call settag,$(GRAFANA_TAG))@$$(yq e '."containerimage.digest"' images/grafana.json -o json -r)" \
+		> images/grafana.tag
+	rm -f images/grafana.json
--- a/packages/extra/monitoring/images/grafana.tag
+++ b/packages/extra/monitoring/images/grafana.tag
@@ -0,0 +1 @@
+ghcr.io/aenix-io/cozystack/grafana:1.8.0@sha256:1a484f970903cc38745251f3fbc1d4737065f2d0a8a08c0adccc8972aa25aa59
--- a/packages/extra/monitoring/images/grafana/Dockerfile
+++ b/packages/extra/monitoring/images/grafana/Dockerfile
@@ -0,0 +1,15 @@
+FROM grafana/grafana:11.4.0
+
+USER root
+
+RUN mkdir -p /var/lib/grafana-plugins \
+ && chown -R grafana:0 /var/lib/grafana-plugins
+
+USER grafana
+
+ARG VLOGS_VERSION=v0.14.1
+RUN curl -L https://github.com/VictoriaMetrics/victorialogs-datasource/releases/download/${VLOGS_VERSION}/victoriametrics-logs-datasource-${VLOGS_VERSION}.tar.gz | \
+      tar -xzf - -C /var/lib/grafana-plugins
+
+RUN grafana-cli --pluginsDir /var/lib/grafana-plugins plugins install natel-discrete-panel
+RUN grafana-cli --pluginsDir /var/lib/grafana-plugins plugins install grafana-worldmap-panel
--- a/packages/extra/monitoring/templates/grafana/grafana.yaml
+++ b/packages/extra/monitoring/templates/grafana/grafana.yaml
@@ -36,38 +36,19 @@ spec:
      replicas: 2
      template:
        spec:
-          initContainers:
-            - name: "load-vm-ds-plugin"
-              image: "curlimages/curl:7.85.0"
-              command: [ "/bin/sh" ]
-              workingDir: "/var/lib/grafana"
-              securityContext:
-                runAsUser: 10001
-                runAsNonRoot: true
-                runAsGroup: 10001
-              args:
-                - "-c"
-                - |
-                  set -ex
-                  mkdir -p /var/lib/grafana/plugins/
-                  ver=$(curl -s https://api.github.com/repos/VictoriaMetrics/victorialogs-datasource/releases/latest | grep -oE 'v0\.13\.[0-9]+' | head -1)
-                  curl -L https://github.com/VictoriaMetrics/victorialogs-datasource/releases/download/$ver/victoriametrics-logs-datasource-$ver.tar.gz -o /var/lib/grafana/plugins/vl-plugin.tar.gz
-                  tar -xf /var/lib/grafana/plugins/vl-plugin.tar.gz -C /var/lib/grafana/plugins/
-                  rm /var/lib/grafana/plugins/vl-plugin.tar.gz
-              volumeMounts:
-                - name: grafana-data
-                  mountPath: /var/lib/grafana
          containers:
            - name: grafana
-              image: grafana/grafana:11.2.0
+              image: "{{ $.Files.Get "images/grafana.tag" | trim }}"
              securityContext:
                allowPrivilegeEscalation: false
                readOnlyRootFilesystem: false
              readinessProbe:
                failureThreshold: 3
              env:
-              - name: GF_INSTALL_PLUGINS
-                value: grafana-worldmap-panel,natel-discrete-panel
+              #- name: GF_INSTALL_PLUGINS
+              #  value: grafana-worldmap-panel,natel-discrete-panel
+              - name: GF_PATHS_PLUGINS
+                value: /var/lib/grafana-plugins
              - name: ONCALL_API_URL
                value: http://grafana-oncall-engine:8080
              - name: GF_DATABASE_HOST
--- a/packages/extra/versions_map
+++ b/packages/extra/versions_map
@@ -24,7 +24,8 @@ monitoring 1.5.3 c1ca19dc
 monitoring 1.5.4 d4634797
 monitoring 1.6.0 cb7b8158
 monitoring 1.6.1 3bb97596
-monitoring 1.7.0 HEAD
+monitoring 1.7.0 749110aa
+monitoring 1.8.0 HEAD
 seaweedfs 0.1.0 5ca8823
 seaweedfs 0.2.0 9e33dc0
 seaweedfs 0.2.1 249bf35
--- a/packages/system/bucket/images/s3manager.tag
+++ b/packages/system/bucket/images/s3manager.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/s3manager:v0.5.0@sha256:35e9a8ba7e1a3b0cee634f6d2bd92d2b08c47c7ed3316559c9ea25ff733eb5d5
+ghcr.io/aenix-io/cozystack/s3manager:v0.5.0@sha256:ced16c5ef3869e8ffbd0e880693b78ac47bdf310efcdb3e66ece6b22aaa5a75f
--- a/packages/system/cozystack-api/values.yaml
+++ b/packages/system/cozystack-api/values.yaml
@@ -1,2 +1,2 @@
 cozystackAPI:
-  image: ghcr.io/aenix-io/cozystack/cozystack-api:v0.23.1@sha256:b25faba99a8b98c1d3576b47986266c4f391c1998d89b599e9139f43727c5b4c
+  image: ghcr.io/aenix-io/cozystack/cozystack-api:v0.24.1@sha256:ab6f4852be7d2be5deea8ace6f8901d8cbf41e87d219fdb805047f7a2bcbd2ed
--- a/packages/system/cozystack-controller/values.yaml
+++ b/packages/system/cozystack-controller/values.yaml
@@ -1,5 +1,5 @@
 cozystackController:
-  image: ghcr.io/aenix-io/cozystack/cozystack-controller:v0.23.1@sha256:ca7801e33fbd38e01b3abe9645956bb235ba7b0f2381bd622d18d4dc5e280020
+  image: ghcr.io/aenix-io/cozystack/cozystack-controller:v0.24.1@sha256:e59a04c072c0c50c3174b34329830d05266f3c87a4235dc8fbd78d91be9ceb2c
  debug: false
  disableTelemetry: false
-  cozystackVersion: "v0.23.1"
+  cozystackVersion: "v0.24.1"
--- a/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml
+++ b/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml
@@ -76,7 +76,7 @@ data:
      "kubeappsNamespace": {{ .Release.Namespace | quote }},
      "helmGlobalNamespace": {{ include "kubeapps.helmGlobalPackagingNamespace" . | quote }},
      "carvelGlobalNamespace": {{ .Values.kubeappsapis.pluginConfig.kappController.packages.v1alpha1.globalPackagingNamespace | quote }},
-      "appVersion": "v0.23.1",
+      "appVersion": "v0.24.1",
      "authProxyEnabled": {{ .Values.authProxy.enabled }},
      "oauthLoginURI": {{ .Values.authProxy.oauthLoginURI | quote }},
      "oauthLogoutURI": {{ .Values.authProxy.oauthLogoutURI | quote }},
--- a/packages/system/dashboard/values.yaml
+++ b/packages/system/dashboard/values.yaml
@@ -40,14 +40,14 @@ kubeapps:
    image:
      registry: ghcr.io/aenix-io/cozystack
      repository: dashboard
-      tag: v0.23.1
+      tag: v0.24.1
      digest: "sha256:81e7b625c667bce5fc339eb97c8e115eafb82f66df4501550b3677ac53f6e234"
  kubeappsapis:
    image:
      registry: ghcr.io/aenix-io/cozystack
      repository: kubeapps-apis
-      tag: v0.23.1
-      digest: "sha256:d3767354cf6c785447f30e87bb2017ec45843edfc02635f526d2ecacc82f5d26"
+      tag: v0.24.1
+      digest: "sha256:72308ae00344d48e7ed58c5b1383874e84bcd82ac53b76857172b9ef510d53a6"
    pluginConfig:
      flux:
        packages:
--- a/packages/system/kamaji/charts/kamaji/Chart.lock
+++ b/packages/system/kamaji/charts/kamaji/Chart.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: kamaji-etcd
  repository: https://clastix.github.io/charts
-  version: 0.8.1
-digest: sha256:381d8ef9619c2daeea37e40c6a9772ae3e5cee80887148879db04e887d5364ad
-generated: "2024-10-25T19:28:40.880766186+02:00"
+  version: 0.8.0
+digest: sha256:525b0eb2b5bae709d62de9328312d42c54b5219c6df67061de0da79eeca04fb3
+generated: "2024-08-25T08:44:24.92211307+02:00"
--- a/packages/system/kamaji/charts/kamaji/Chart.yaml
+++ b/packages/system/kamaji/charts/kamaji/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: v0.0.0
+appVersion: v1.0.0
 description: Kamaji is the Hosted Control Plane Manager for Kubernetes.
 home: https://github.com/clastix/kamaji
 icon: https://github.com/clastix/kamaji/raw/master/assets/logo-colored.png
@@ -17,11 +17,11 @@ name: kamaji
 sources:
 - https://github.com/clastix/kamaji
 type: application
-version: 0.0.0
+version: 2.0.0
 dependencies:
 - name: kamaji-etcd
  repository: https://clastix.github.io/charts
-  version: ">=0.8.1"
+  version: ">=0.7.0"
  condition: kamaji-etcd.deploy
 annotations:
  catalog.cattle.io/certified: partner
--- a/packages/system/kamaji/charts/kamaji/README.md
+++ b/packages/system/kamaji/charts/kamaji/README.md
@@ -1,6 +1,6 @@
 # kamaji

-![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square)
+![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.0.0](https://img.shields.io/badge/AppVersion-v1.0.0-informational?style=flat-square)

 Kamaji is the Hosted Control Plane Manager for Kubernetes.

@@ -22,7 +22,7 @@ Kubernetes: `>=1.21.0-0`

 | Repository | Name | Version |
 |------------|------|---------|
-| https://clastix.github.io/charts | kamaji-etcd | >=0.8.1 |
+| https://clastix.github.io/charts | kamaji-etcd | >=0.7.0 |

 [Kamaji](https://github.com/clastix/kamaji) requires a [multi-tenant `etcd`](https://github.com/clastix/kamaji-internal/blob/master/deploy/getting-started-with-kamaji.md#setup-internal-multi-tenant-etcd) cluster.
 This Helm Chart starting from v0.1.1 provides the installation of an internal `etcd` in order to streamline the local test. If you'd like to use an externally managed etcd instance, you can specify the overrides and by setting the value `etcd.deploy=false`.
@@ -70,7 +70,7 @@ Here the values you can override:
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | affinity | object | `{}` | Kubernetes affinity rules to apply to Kamaji controller pods |
-| defaultDatastoreName | string | `"default"` | If specified, all the Kamaji instances with an unassigned DataStore will inherit this default value. |
+| defaultDatastoreName | string | `"default"` | Specify the default DataStore name for the Kamaji instance. |
 | extraArgs | list | `[]` | A list of extra arguments to add to the kamaji controller default ones |
 | fullnameOverride | string | `""` |  |
 | healthProbeBindAddress | string | `":8081"` | The address the probe endpoint binds to. (default ":8081") |
--- a/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml
+++ b/packages/system/kamaji/charts/kamaji/crds/kamaji.clastix.io_tenantcontrolplanes.yaml
@@ -66,6 +66,7 @@ spec:
            metadata:
              type: object
            spec:
+              description: TenantControlPlaneSpec defines the desired state of TenantControlPlane.
              properties:
                addons:
                  description: Addons contain which addons are enabled
@@ -6412,23 +6413,10 @@ spec:
                  type: object
                dataStore:
                  description: |-
-                    DataStore specifies the DataStore that should be used to store the Kubernetes data for the given Tenant Control Plane.
-                    When Kamaji runs with the default DataStore flag, all empty values will inherit the default value.
-                    By leaving it empty and running Kamaji with no default DataStore flag, it is possible to achieve automatic assignment to a specific DataStore object.
-
-                    Migration from one DataStore to another backed by the same Driver is possible. See: https://kamaji.clastix.io/guides/datastore-migration/
-                    Migration from one DataStore to another backed by a different Driver is not supported.
+                    DataStore allows to specify a DataStore that should be used to store the Kubernetes data for the given Tenant Control Plane.
+                    This parameter is optional and acts as an override over the default one which is used by the Kamaji Operator.
+                    Migration from a different DataStore to another one is not yet supported and the reconciliation will be blocked.
                  type: string
-                dataStoreSchema:
-                  description: |-
-                    DataStoreSchema allows to specify the name of the database (for relational DataStores) or the key prefix (for etcd). This
-                    value is optional and immutable. Note that Kamaji currently doesn't ensure that DataStoreSchema values are unique. It's up
-                    to the user to avoid clashes between different TenantControlPlanes. If not set upon creation, Kamaji will default the
-                    DataStoreSchema by concatenating the namespace and name of the TenantControlPlane.
-                  type: string
-                  x-kubernetes-validations:
-                    - message: changing the dataStoreSchema is not supported
-                      rule: self == oldSelf
                kubernetes:
                  description: Kubernetes specification for tenant control plane
                  properties:
@@ -6551,47 +6539,15 @@ spec:
                      items:
                        type: string
                      type: array
-                    clusterDomain:
-                      default: cluster.local
-                      description: The default domain name used for DNS resolution within the cluster.
-                      pattern: .*\..*
-                      type: string
-                      x-kubernetes-validations:
-                        - message: changing the cluster domain is not supported
-                          rule: self == oldSelf
                    dnsServiceIPs:
-                      description: |-
-                        The DNS Service for internal resolution, it must match the Service CIDR.
-                        In case of an empty value, it is automatically computed according to the Service CIDR, e.g.:
-                        Service CIDR 10.96.0.0/16, the resulting DNS Service IP will be 10.96.0.10 for IPv4,
-                        for IPv6 from the CIDR 2001:db8:abcd::/64 the resulting DNS Service IP will be 2001:db8:abcd::10.
-                      items:
-                        type: string
-                      type: array
-                    loadBalancerClass:
-                      description: |-
-                        Specify the LoadBalancer class in case of multiple load balancer implementations.
-                        Field supported only for Tenant Control Plane instances exposed using a LoadBalancer Service.
-                      minLength: 1
-                      type: string
-                      x-kubernetes-validations:
-                        - message: LoadBalancerClass is immutable
-                          rule: self == oldSelf
-                    loadBalancerSourceRanges:
-                      description: |-
-                        LoadBalancerSourceRanges restricts the IP ranges that can access
-                        the LoadBalancer type Service. This field defines a list of IP
-                        address ranges (in CIDR format) that are allowed to access the service.
-                        If left empty, the service will allow traffic from all IP ranges (0.0.0.0/0).
-                        This feature is useful for restricting access to API servers or services
-                        to specific networks for security purposes.
-                        Example: {"192.168.1.0/24", "10.0.0.0/8"}
+                      default:
+                        - 10.96.0.10
                      items:
                        type: string
                      type: array
                    podCidr:
                      default: 10.244.0.0/16
-                      description: 'CIDR for Kubernetes Pods: if empty, defaulted to 10.244.0.0/16.'
+                      description: CIDR for Kubernetes Pods
                      type: string
                    port:
                      default: 6443
@@ -6600,24 +6556,13 @@ spec:
                      type: integer
                    serviceCidr:
                      default: 10.96.0.0/16
-                      description: 'CIDR for Kubernetes Services: if empty, defaulted to 10.96.0.0/16.'
+                      description: Kubernetes Service
                      type: string
                  type: object
              required:
                - controlPlane
                - kubernetes
              type: object
-              x-kubernetes-validations:
-                - message: unsetting the dataStore is not supported
-                  rule: '!has(oldSelf.dataStore) || has(self.dataStore)'
-                - message: unsetting the dataStoreSchema is not supported
-                  rule: '!has(oldSelf.dataStoreSchema) || has(self.dataStoreSchema)'
-                - message: LoadBalancer source ranges are supported only with LoadBalancer service type
-                  rule: '!has(self.networkProfile.loadBalancerSourceRanges) || (size(self.networkProfile.loadBalancerSourceRanges) == 0 || self.controlPlane.service.serviceType == ''LoadBalancer'')'
-                - message: LoadBalancerClass is supported only with LoadBalancer service type
-                  rule: '!has(self.networkProfile.loadBalancerClass) || self.controlPlane.service.serviceType == ''LoadBalancer'''
-                - message: LoadBalancerClass cannot be set or unset at runtime
-                  rule: self.controlPlane.service.serviceType != 'LoadBalancer' || (oldSelf.controlPlane.service.serviceType != 'LoadBalancer' && self.controlPlane.service.serviceType == 'LoadBalancer') || has(self.networkProfile.loadBalancerClass) == has(oldSelf.networkProfile.loadBalancerClass)
            status:
              description: TenantControlPlaneStatus defines the observed state of TenantControlPlane.
              properties:
--- a/packages/system/kamaji/charts/kamaji/templates/controller.yaml
+++ b/packages/system/kamaji/charts/kamaji/templates/controller.yaml
@@ -33,9 +33,8 @@ spec:
        - --leader-elect
        - --metrics-bind-address={{ .Values.metricsBindAddress }}
        - --tmp-directory={{ .Values.temporaryDirectoryPath }}
-        {{- if not (eq .Values.defaultDatastoreName "") }}
-        - --datastore={{ .Values.defaultDatastoreName }}
-        {{- end }}
+        {{- $datastoreName := .Values.defaultDatastoreName | required ".Values.defaultDatastoreName is required!" }}
+        - --datastore={{ $datastoreName }}
        {{- if .Values.telemetry.disabled }}
        - --disable-telemetry
        {{- end }}
--- a/packages/system/kamaji/charts/kamaji/values.yaml
+++ b/packages/system/kamaji/charts/kamaji/values.yaml
@@ -95,7 +95,7 @@ loggingDevel:
  # -- Development Mode defaults(encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode defaults(encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default false)
  enable: false

-# -- If specified, all the Kamaji instances with an unassigned DataStore will inherit this default value.
+# -- Specify the default DataStore name for the Kamaji instance.
 defaultDatastoreName: default

 kamaji-etcd:
--- a/packages/system/kamaji/images/kamaji/Dockerfile
+++ b/packages/system/kamaji/images/kamaji/Dockerfile
@@ -1,7 +1,7 @@
 # Build the manager binary
 FROM golang:1.23 as builder

-ARG VERSION=edge-24.12.1
+ARG VERSION=edge-24.9.2
 ARG TARGETOS TARGETARCH

 WORKDIR /workspace
--- a/packages/system/kamaji/values.yaml
+++ b/packages/system/kamaji/values.yaml
@@ -3,7 +3,7 @@ kamaji:
    deploy: false
  image:
    pullPolicy: IfNotPresent
-    tag: v0.23.1@sha256:87166056685e4dab9de030ad9389ce58f0d96e7f6c191674fe93483fbe99490f
+    tag: v0.24.1@sha256:97a69a1ec6669d395f1d6875998903f94faf8f171d2c29f35c2f8b66fa06e676
    repository: ghcr.io/aenix-io/cozystack/kamaji
  resources:
    limits:
--- a/packages/system/kubeovn/values.yaml
+++ b/packages/system/kubeovn/values.yaml
@@ -22,4 +22,4 @@ global:
  images:
    kubeovn:
      repository: kubeovn
-      tag: v1.13.2@sha256:ee658a003cd77a1f7b9df1d108255a8b5a69e67dd59fa6a6161c869b00207d4f
+      tag: v1.13.2@sha256:f7c33e8b29dfe0fa908db994cdb8c4026ac562975e9ad70c8a4c81c0319d62a9
				`@@ -0,0 +1 @@`
				`ghcr.io/aenix-io/cozystack/grafana:1.8.0@sha256:1a484f970903cc38745251f3fbc1d4737065f2d0a8a08c0adccc8972aa25aa59`