When the WorkloadMonitor is reconciled and child Workload objects are
created, they will now get additional labels in the
`workloads.cozystack.io` namespace, containing metadata about the
workload. This particular commit checks if a pod targeted by a Workload
is owned by a VirtualMachineInstance (i.e. it launches a KubeVirt VMI)
and, if so, gets the VMI instance type and puts it in the
`kubevirt-vmi-instance-type` label.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
If ssh key provided - deploy
If cloudinit provided - deploy
If ssh key and cloudinit provided - deploy both
If none provided - init empty to avoid issues w/
network
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Refactor**
- Improved handling of SSH keys and cloud-init data in the Virtual
Machine setup, clearly distinguishing cases when SSH keys, cloud-init,
or both are provided.
- Enhanced template readability with added spacing for better clarity.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Expanded user permissions to allow port forwarding for virtual machine
instances, enabling enhanced remote access capabilities.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced granular Helm charts for Cluster API providers: bootstrap,
core, control plane, and infrastructure, each with dedicated
configuration, metadata, and compressed component packaging.
- Added a new configuration option to the Kubernetes app to enable using
a custom secret for patching containerd.
- Enhanced Kubernetes deployment to conditionally manage containerd
registry certificates and configuration using custom or copied secrets.
- **Documentation**
- Updated Kubernetes app documentation to include the new containerd
patching secret configuration option.
- **Chores**
- Updated version mappings and chart versions for Kubernetes and Cluster
API-related components.
- Decomposed the monolithic Cluster API provider release into multiple,
more manageable releases with explicit namespaces and dependencies.
- **Refactor**
- Removed the previous unified Cluster API provider template in favor of
new, separate provider resource definitions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Enhanced log monitoring by adding support for Kubernetes events and
audit logs.
- Introduced custom log parsers for improved log format handling.
- Added log source tagging for easier identification of log origins.
- **Improvements**
- Refined log filtering and output formatting for better log
organization and delivery.
- Updated log outputs to support compressed JSON lines and ISO8601 date
formatting.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced a shared library for resource configuration management
across multiple application charts.
- **Refactor**
- Updated resource configuration handling in several application charts
to use new centralized helpers for improved consistency and
sanitization.
- **Chores**
- Added references to the shared library in various application chart
directories.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced WorkloadMonitor resources for tcp-balancer, vm-disk, and
VPN applications, enabling enhanced workload monitoring capabilities.
- **Bug Fixes**
- Standardized Kubernetes resource labels across multiple applications
for improved consistency and compatibility.
- **Chores**
- Updated chart versions for several applications, including ClickHouse,
FerretDB, http-cache, MySQL, Postgres, Redis, tcp-balancer,
virtual-machine, vm-disk, vm-instance, and VPN.
- Updated Docker image reference for the installer to use the latest
version.
- Refreshed internal version mappings for multiple packages.
- Added standardized instance labels to Kubernetes resources across
multiple applications for better tracking and management.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced monitoring resources for HAProxy, NGINX, and generic HTTP
cache workloads, allowing improved workload observability.
- **Enhancements**
- Added standardized labels to MariaDB, Postgres, and Redis resources
for better integration and management within Kubernetes environments.
- Updated label selectors in Postgres resources to use standardized
Kubernetes app labels.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
In current version of Cozystack, flux's HelmRelease will refuse to
install cozy-gateway-api-crds when gatewayAPI enabled, complaining
version '*'not found and breaking install of entire kubernetes app. This
patch adds working version match.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Updated configuration to allow compatibility with all available
versions of the gateway-api-crds chart.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Updated workflow steps to use a job-specific temporary directory for
Docker configuration during build and container registry login
processes. This enhances isolation of Docker credentials in CI jobs.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
With this change a request for a virtual machine with 3 vCPUs will
reserve exactly the same amount of physical compute, as a request for a
Clickhouse instance with `{"resources": {"cpu": "3"}}` in its values,
with the scaling factor being KubeVirt's CPU allocation ratio.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Introduced configurable CPU allocation ratio for resource management,
allowing CPU requests to be scaled relative to limits.
- Added new templates for input validation and automatic loading of
configuration from Kubernetes ConfigMaps.
- **Bug Fixes**
- Improved resource sanitization and preset logic to handle CPU and
memory requests/limits more accurately.
- **Chores**
- Updated chart dependencies and versioning to reflect changes in
library usage.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
With this change a request for a virtual machine with 3 vCPUs will
reserve exactly the same amount of physical compute, as a request for a
Clickhouse instance with `{"resources": {"cpu": "3"}}` in its values,
with the scaling factor being KubeVirt's CPU allocation ratio.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
This patch introduces reusable library charts that provide
backward-compatibility for users that specify their resources as
explicit requests and limits for cpu, however this input is processed so
that limits are set equal to requests except for CPU which only gets
requests. Users can now embrace the new form by directly specifying
resources in the first level of nesting (e.g. resources.cpu=100m instead
of .resources.requests.cpu=100m). The order of precedence is top-level,
then requests, then limits, ensuring that nothing will break in terms of
scheduling, however workloads that specified limits much higher than
requests might get a performance hit, now that they cannot use all this
excess capacity. This should only affect memory-hungry workloads in
low-contention environments.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Improved workflow for pull requests by separating artifact uploads and
downloads, resulting in clearer and more organized handling of installer
and image files during build and test processes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Installer artifacts now include an additional asset, improving the
completeness of installation resources.
- **Bug Fixes**
- End-to-end tests and cluster setup now verify the presence of all
required installer asset files, reducing setup errors.
- **Chores**
- Updated installer and system extension images to newer versions for
improved stability and compatibility.
- Improved build and test workflows to handle multiple installer assets
and streamline artifact management.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Improved pull request workflow by separating build and test phases,
enhancing reliability and maintainability of automated checks.
- Updated testing process to use a pre-generated installer artifact,
streamlining test execution and environment setup.
- Enhanced release workflow to generate manifests before running tests,
ensuring up-to-date configurations during verification.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Documentation**
- Expanded and restructured the changelog for v0.31.0 to provide
detailed information on new features, improvements, bug fixes, testing
updates, CI/CD changes, and community contributions. The changelog now
offers clearer insight into the release contents and lifecycle.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added support for injecting custom topology spread constraints into
virtual machine templates, PostgreSQL clusters, and monitoring
components based on a ConfigMap in the cluster.
- **Chores**
- Updated chart versions for Kubernetes (0.21.0), Postgres (0.12.0), and
Monitoring (1.10.0).
- Updated version mappings for Kubernetes, Postgres, and Monitoring
packages.
- Increased memory allocation for QEMU virtual machine tests from 8 GB
to 14 GB.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
There is an issue with wholeIP services: internal communication from
pods doesn't work as expected.
Cilium intercepts pod-to-pod traffic, preventing cozy-proxy from
rewriting the source IP in return packets.
This PR allows Cilium to handle specified ports, enabling hairpin
traffic to work correctly at least for these cases.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Bug Fixes**
- Improved service port configuration to ensure explicit port
definitions are respected when using the "WholeIP" method. Now, custom
external ports will not be overridden, providing more accurate and
expected service exposure.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Documentation**
- Completely overhauled and expanded the Managed Kubernetes Service
guide for Cozystack.
- Added detailed explanations of service architecture, tenant isolation,
and use cases.
- Included step-by-step instructions for accessing tenant clusters and
kubeconfig files.
- Expanded configuration parameters with clear tables and
recommendations.
- Introduced a comprehensive resource reference and improved
descriptions of instance types and series.
- Enhanced configuration schema descriptions for clearer resource
specification and standardized addon settings.
- Updated configuration file comments for improved clarity and
consistency without changing functionality.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
We do not build helm charts directly for library, since in run-time they
are useless.
Let's remove version_map for them as well
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Simplified project build scripts by removing obsolete version mapping
and related checks.
- Deleted the outdated versions mapping file for the library package.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Updated default traffic passthrough method for virtual machine and VM
instance apps to use specific port forwarding instead of whole IP
forwarding.
- **Documentation**
- Updated documentation to reflect the new default passthrough method
for both virtual machine and VM instance apps.
- **Chores**
- Incremented version numbers for virtual machine and VM instance apps
to reflect recent updates.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
