Update kube-ovn v1.13.0-ge1310e17 and enable image building

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
change hardcode for talos registry (#148 )
2026-01-28 18:18:41 +00:00 · 2024-05-24 17:41:38 +02:00 · 2024-05-24 12:44:56 +02:00 · 2024-05-22 08:32:06 +02:00 · 2024-05-21 11:23:10 +02:00 · 2024-05-21 11:22:54 +02:00
168 changed files with 28263 additions and 33561 deletions
--- a/3
+++ b/3
@@ -3,6 +3,7 @@
 build:
 	make -C packages/apps/http-cache image
 	make -C packages/apps/kubernetes image
+	make -C packages/system/kubeovn image
 	make -C packages/system/dashboard image
 	make -C packages/core/installer image
 	make manifests
@@ -20,4 +21,4 @@ repos:
 	make -C packages/extra repo

 assets:
-	make -C packages/core/talos/ assets
+	make -C packages/core/installer/ assets
--- a/manifests/cozystack-installer.yaml
+++ b/manifests/cozystack-installer.yaml
@@ -54,6 +54,11 @@ spec:
  selector:
    matchLabels:
      app: cozystack
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 0
+      maxUnavailable: 1
  template:
    metadata:
      labels:
@@ -63,7 +68,7 @@ spec:
      serviceAccountName: cozystack
      containers:
      - name: cozystack
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.4.0"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.6.0"
        env:
        - name: KUBERNETES_SERVICE_HOST
          value: localhost
@@ -82,7 +87,7 @@ spec:
            fieldRef:
              fieldPath: metadata.name
      - name: darkhttpd
-        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.4.0"
+        image: "ghcr.io/aenix-io/cozystack/cozystack:v0.6.0"
        command:
        - /usr/bin/darkhttpd
        - /cozystack/assets
--- a/packages/apps/Makefile
+++ b/packages/apps/Makefile
@@ -11,7 +11,7 @@ repo:
 	rm -rf "$(TMP)"

 fix-chartnames:
-	find . -name Chart.yaml -maxdepth 2 | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: $$i/" "$$i/Chart.yaml"; done
+	find . -maxdepth 2 -name Chart.yaml  | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: $$i/" "$$i/Chart.yaml"; done

 gen-versions-map: fix-chartnames
 	../../hack/gen_versions_map.sh
--- a/packages/apps/clickhouse/Makefile
+++ b/packages/apps/clickhouse/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/apps/clickhouse/README.md
+++ b/packages/apps/clickhouse/README.md
@@ -0,0 +1,17 @@
+# Managed Clickhouse Service
+
+## Parameters
+
+### Common parameters
+
+| Name       | Description                   | Value  |
+| ---------- | ----------------------------- | ------ |
+| `size`     | Persistent Volume size        | `10Gi` |
+| `shards`   | Number of Clickhouse replicas | `1`    |
+| `replicas` | Number of Clickhouse shards   | `2`    |
+
+### Configuration parameters
+
+| Name    | Description         | Value |
+| ------- | ------------------- | ----- |
+| `users` | Users configuration | `{}`  |
--- a/packages/apps/clickhouse/values.schema.json
+++ b/packages/apps/clickhouse/values.schema.json
@@ -0,0 +1,21 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "size": {
+            "type": "string",
+            "description": "Persistent Volume size",
+            "default": "10Gi"
+        },
+        "shards": {
+            "type": "number",
+            "description": "Number of Clickhouse replicas",
+            "default": 1
+        },
+        "replicas": {
+            "type": "number",
+            "description": "Number of Clickhouse shards",
+            "default": 2
+        }
+    }
+}
--- a/packages/apps/clickhouse/values.yaml
+++ b/packages/apps/clickhouse/values.yaml
@@ -1,10 +1,22 @@
+## @section Common parameters
+
+## @param size Persistent Volume size
+## @param shards Number of Clickhouse replicas
+## @param replicas Number of Clickhouse shards
+##
 size: 10Gi
 shards: 1
 replicas: 2

-users:
-  user1:
-    password: strongpassword
-  user2:
-    readonly: true
-    password: hackme
+## @section Configuration parameters
+
+## @param users [object] Users configuration
+## Example:
+## users:
+##   user1:
+##     password: strongpassword
+##   user2:
+##     readonly: true
+##     password: hackme
+##
+users: {}
--- a/packages/apps/http-cache/Makefile
+++ b/packages/apps/http-cache/Makefile
@@ -16,6 +16,9 @@ image-nginx:
 		--load=$(LOAD)
 	echo "$(REGISTRY)/nginx-cache:$(call settag,$(NGINX_CACHE_TAG))" > images/nginx-cache.tag

+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
+
 update:
 	tag=$$(git ls-remote --tags --sort="v:refname" https://github.com/chrislim2888/IP2Location-C-Library | awk -F'[/^]' 'END{print $$3}') && \
 	sed -i "/^ARG IP2LOCATION_C_VERSION=/ s/=.*/=$$tag/" images/nginx/Dockerfile
--- a/packages/apps/http-cache/README.md
+++ b/packages/apps/http-cache/README.md
@@ -55,3 +55,20 @@ The deployment architecture is illustrated in the diagram below:

 VTS module shows wrong upstream resonse time
 - https://github.com/vozlt/nginx-module-vts/issues/198
+
+## Parameters
+
+### Common parameters
+
+| Name               | Description                                     | Value   |
+| ------------------ | ----------------------------------------------- | ------- |
+| `external`         | Enable external access from outside the cluster | `false` |
+| `size`             | Persistent Volume size                          | `10Gi`  |
+| `haproxy.replicas` | Number of HAProxy replicas                      | `2`     |
+| `nginx.replicas`   | Number of Nginx replicas                        | `2`     |
+
+### Configuration parameters
+
+| Name        | Description             | Value |
+| ----------- | ----------------------- | ----- |
+| `endpoints` | Endpoints configuration | `[]`  |
--- a/packages/apps/http-cache/images/nginx-cache.json
+++ b/packages/apps/http-cache/images/nginx-cache.json
@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:9eb68d2d503d7e22afc6fde2635f566fd3456bbdb3caad5dc9f887be1dc2b8ab",
-  "containerimage.digest": "sha256:1f44274dbc2c3be2a98e6cef83d68a041ae9ef31abb8ab069a525a2a92702bdd"
+  "containerimage.config.digest": "sha256:aa7a9874c35d7fac8668a623744acbf376b48aed2ef1dc4b3a19054fdcff99cf",
+  "containerimage.digest": "sha256:d825427d433dda95db40264c6559b44c7bbb726e69279e90fe73fe8fc9265abb"
 }
--- a/packages/apps/http-cache/values.schema.json
+++ b/packages/apps/http-cache/values.schema.json
@@ -0,0 +1,42 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "external": {
+            "type": "boolean",
+            "description": "Enable external access from outside the cluster",
+            "default": false
+        },
+        "size": {
+            "type": "string",
+            "description": "Persistent Volume size",
+            "default": "10Gi"
+        },
+        "haproxy": {
+            "type": "object",
+            "properties": {
+                "replicas": {
+                    "type": "number",
+                    "description": "Number of HAProxy replicas",
+                    "default": 2
+                }
+            }
+        },
+        "nginx": {
+            "type": "object",
+            "properties": {
+                "replicas": {
+                    "type": "number",
+                    "description": "Number of Nginx replicas",
+                    "default": 2
+                }
+            }
+        },
+        "endpoints": {
+            "type": "array",
+            "description": "Endpoints configuration",
+            "default": [],
+            "items": {}
+        }
+    }
+}
--- a/packages/apps/http-cache/values.yaml
+++ b/packages/apps/http-cache/values.yaml
@@ -1,15 +1,28 @@
-external: false

+## @section Common parameters
+
+## @param external Enable external access from outside the cluster
+## @param size Persistent Volume size
+## @param haproxy.replicas Number of HAProxy replicas
+## @param nginx.replicas Number of Nginx replicas
+##
+external: false
+size: 10Gi
 haproxy:
  replicas: 2
 nginx:
  replicas: 2

-size: 10Gi
-endpoints:
-  - 10.100.3.1:80
-  - 10.100.3.11:80
-  - 10.100.3.2:80
-  - 10.100.3.12:80
-  - 10.100.3.3:80
-  - 10.100.3.13:80
+## @section Configuration parameters
+
+## @param endpoints Endpoints configuration
+## Example:
+## endpoints:
+##   - 10.100.3.1:80
+##   - 10.100.3.11:80
+##   - 10.100.3.2:80
+##   - 10.100.3.12:80
+##   - 10.100.3.3:80
+##   - 10.100.3.13:80
+##
+endpoints: []
--- a/packages/apps/kafka/Chart.yaml
+++ b/packages/apps/kafka/Chart.yaml
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
+version: 0.2.0

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/packages/apps/kafka/Makefile
+++ b/packages/apps/kafka/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/apps/kafka/README.md
+++ b/packages/apps/kafka/README.md
@@ -0,0 +1,19 @@
+# Managed Kafka Service
+
+## Parameters
+
+### Common parameters
+
+| Name                 | Description                                     | Value   |
+| -------------------- | ----------------------------------------------- | ------- |
+| `external`           | Enable external access from outside the cluster | `false` |
+| `kafka.size`         | Persistent Volume size for Kafka                | `10Gi`  |
+| `kafka.replicas`     | Number of Kafka replicas                        | `3`     |
+| `zookeeper.size`     | Persistent Volume size for ZooKeeper            | `5Gi`   |
+| `zookeeper.replicas` | Number of ZooKeeper replicas                    | `3`     |
+
+### Configuration parameters
+
+| Name     | Description          | Value |
+| -------- | -------------------- | ----- |
+| `topics` | Topics configuration | `[]`  |
--- a/packages/apps/kafka/templates/kafka.yaml
+++ b/packages/apps/kafka/templates/kafka.yaml
@@ -7,7 +7,7 @@ metadata:
    app.kubernetes.io/managed-by: {{ .Release.Service }}
 spec:
  kafka:
-    replicas: {{ .Values.replicas }}
+    replicas: {{ .Values.kafka.replicas }}
    listeners:
      - name: plain
        port: 9092
@@ -41,7 +41,7 @@ spec:
        {{- end }}
        deleteClaim: true
  zookeeper:
-    replicas: {{ .Values.replicas }}
+    replicas: {{ .Values.zookeeper.replicas }}
    storage:
      type: persistent-claim
      {{- with .Values.zookeeper.size }}
--- a/packages/apps/kafka/values.schema.json
+++ b/packages/apps/kafka/values.schema.json
@@ -0,0 +1,47 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "external": {
+            "type": "boolean",
+            "description": "Enable external access from outside the cluster",
+            "default": false
+        },
+        "kafka": {
+            "type": "object",
+            "properties": {
+                "size": {
+                    "type": "string",
+                    "description": "Persistent Volume size for Kafka",
+                    "default": "10Gi"
+                },
+                "replicas": {
+                    "type": "number",
+                    "description": "Number of Kafka replicas",
+                    "default": 3
+                }
+            }
+        },
+        "zookeeper": {
+            "type": "object",
+            "properties": {
+                "size": {
+                    "type": "string",
+                    "description": "Persistent Volume size for ZooKeeper",
+                    "default": "5Gi"
+                },
+                "replicas": {
+                    "type": "number",
+                    "description": "Number of ZooKeeper replicas",
+                    "default": 3
+                }
+            }
+        },
+        "topics": {
+            "type": "array",
+            "description": "Topics configuration",
+            "default": [],
+            "items": {}
+        }
+    }
+}
--- a/packages/apps/kafka/values.yaml
+++ b/packages/apps/kafka/values.yaml
@@ -1,3 +1,12 @@
+
+## @section Common parameters
+
+## @param external Enable external access from outside the cluster
+## @param kafka.size Persistent Volume size for Kafka
+## @param kafka.replicas Number of Kafka replicas
+## @param zookeeper.size Persistent Volume size for ZooKeeper
+## @param zookeeper.replicas Number of ZooKeeper replicas
+##
 external: false
 kafka:
  size: 10Gi
@@ -6,17 +15,23 @@ zookeeper:
  size: 5Gi
  replicas: 3

-topics:
-  - name: Results
-    partitions: 1
-    replicas: 3
-    config:
-      min.insync.replicas: 2
-  - name: Orders
-    config:
-      cleanup.policy: compact
-      segment.ms: 3600000
-      max.compaction.lag.ms: 5400000
-      min.insync.replicas: 2
-    partitions: 1
-    replicationFactor: 3
+## @section Configuration parameters
+
+## @param topics Topics configuration
+## Example:
+## topics:
+##   - name: Results
+##     partitions: 1
+##     replicas: 3
+##     config:
+##       min.insync.replicas: 2
+##   - name: Orders
+##     config:
+##       cleanup.policy: compact
+##       segment.ms: 3600000
+##       max.compaction.lag.ms: 5400000
+##       min.insync.replicas: 2
+##     partitions: 1
+##     replicationFactor: 3
+##
+topics: []
--- a/packages/apps/kubernetes/Chart.yaml
+++ b/packages/apps/kubernetes/Chart.yaml
@@ -16,10 +16,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.4.0

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.19.0"
+appVersion: "1.19.4"
--- a/packages/apps/kubernetes/Makefile
+++ b/packages/apps/kubernetes/Makefile
@@ -2,6 +2,9 @@ UBUNTU_CONTAINER_DISK_TAG = v1.29.1

 include ../../../scripts/common-envs.mk

+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
+
 image: image-ubuntu-container-disk

 image-ubuntu-container-disk:
--- a/packages/apps/kubernetes/README.md
+++ b/packages/apps/kubernetes/README.md
@@ -26,3 +26,13 @@ How to access to deployed cluster:
 ```
 kubectl get secret -n <namespace> kubernetes-<clusterName>-admin-kubeconfig -o go-template='{{ printf "%s\n" (index .data "super-admin.conf" | base64decode) }}' > test
 ```
+
+## Parameters
+
+### Common parameters
+
+| Name                    | Description                                                                                                                            | Value |
+| ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | ----- |
+| `host`                  | The hostname used to access the Kubernetes cluster externally (defaults to using the cluster name as a subdomain for the tenant host). | `""`  |
+| `controlPlane.replicas` | Number of replicas for Kubernetes contorl-plane components                                                                             | `2`   |
+| `nodeGroups`            | nodeGroups configuration                                                                                                               | `{}`  |
--- a/packages/apps/kubernetes/images/ubuntu-container-disk.json
+++ b/packages/apps/kubernetes/images/ubuntu-container-disk.json
@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:a7e8e6e35ac07bcf6253c9cfcf21fd3c315bd0653ad0427dd5f0cae95ffd3722",
-  "containerimage.digest": "sha256:c03bffeeb70fe7dd680d2eca3021d2405fbcd9961dd38437f5673560c31c72cc"
+  "containerimage.config.digest": "sha256:24cee18d0bc9ed40e741412da86820dd99bdb9ffa4c794c81856725a4a10d86e",
+  "containerimage.digest": "sha256:6a43369905e0630bb401e1cf73084bbef3060e960756f261676cd3bea4195e9a"
 }
--- a/packages/apps/kubernetes/templates/cluster.yaml
+++ b/packages/apps/kubernetes/templates/cluster.yaml
@@ -39,7 +39,9 @@ metadata:
 spec:
  dataStoreName: "{{ $etcd }}"
  addons:
-    coreDNS: {}
+    coreDNS:
+      dnsServiceIPs:
+      - 10.95.0.10
    konnectivity: {}
  kubelet:
    cgroupfs: systemd
@@ -55,7 +57,7 @@ spec:
      className: "{{ $ingress }}"
  deployment:
  replicas: 2
-  version: 1.29.0
+  version: 1.29.4
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
 kind: KubevirtCluster
@@ -74,6 +76,21 @@ metadata:
 spec:
  template:
    spec:
+      diskSetup:
+        filesystems:
+        - device: /dev/vdb
+          filesystem: xfs
+          label: containerd
+          partition: "none"
+        - device: /dev/vdc
+          filesystem: xfs
+          label: kubelet
+          partition: "none"
+      mounts:
+      - ["LABEL=containerd", "/var/lib/containerd"]
+      - ["LABEL=kubelet", "/var/lib/kubelet"]
+      preKubeadmCommands:
+      - sed -i 's|root:x:|root::|' /etc/passwd
      joinConfiguration:
        nodeRegistration:
          kubeletExtraArgs: {}
@@ -108,17 +125,32 @@ spec:
                  sockets: 1
                devices:
                  disks:
-                  - disk:
+                  - name: system
+                    disk:
                      bus: virtio
-                    name: containervolume
+                      pciAddress: 0000:07:00.0
+                  - name: containerd
+                    disk:
+                      bus: virtio
+                      pciAddress: 0000:08:00.0
+                  - name: kubelet
+                    disk:
+                      bus: virtio
+                      pciAddress: 0000:09:00.0
                  networkInterfaceMultiqueue: true
                memory:
                  guest: {{ $group.resources.memory }}
              evictionStrategy: External
              volumes:
-              - containerDisk:
+              - name: system
+                containerDisk:
                  image: "{{ $.Files.Get "images/ubuntu-container-disk.tag" | trim }}@{{ index ($.Files.Get "images/ubuntu-container-disk.json" | fromJson) "containerimage.digest" }}"
-                name: containervolume
+              - name: containerd
+                emptyDisk:
+                  capacity: 20Gi
+              - name: kubelet
+                emptyDisk:
+                  capacity: 20Gi
 ---
 apiVersion: cluster.x-k8s.io/v1beta1
 kind: MachineDeployment
@@ -146,5 +178,5 @@ spec:
        kind: KubevirtMachineTemplate
        name: {{ $.Release.Name }}-{{ $groupName }}
        namespace: default
-      version: v1.29.0
+      version: v1.29.4
 {{- end }}
--- a/packages/apps/kubernetes/templates/helmreleases/cilium.yaml
+++ b/packages/apps/kubernetes/templates/helmreleases/cilium.yaml
@@ -26,7 +26,9 @@ spec:
  values:
    cilium:
      tunnel: disabled
-      autoDirectNodeRoutes: true
+      autoDirectNodeRoutes: false
+      bpf:
+        masquerade: true
      cgroup:
        autoMount:
          enabled: true
@@ -38,9 +40,9 @@ spec:
        chainingMode: ~
        customConf: false
        configMap: ""
-      routingMode: native
+      routingMode: tunnel
      enableIPv4Masquerade: true
-      ipv4NativeRoutingCIDR: "10.244.0.0/16"
+      ipv4NativeRoutingCIDR: ""
  dependsOn:
  - name: {{ .Release.Name }}
    namespace: {{ .Release.Namespace }}
--- a/packages/apps/kubernetes/templates/kccm/manager.yaml
+++ b/packages/apps/kubernetes/templates/kccm/manager.yaml
@@ -50,6 +50,4 @@ spec:
      - secret:
          secretName: {{ .Release.Name }}-admin-kubeconfig
        name: kubeconfig
-      tolerations:
-      - operator: Exists
      serviceAccountName: {{ .Release.Name }}-kccm
--- a/packages/apps/kubernetes/values.schema.json
+++ b/packages/apps/kubernetes/values.schema.json
@@ -0,0 +1,21 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "host": {
+            "type": "string",
+            "description": "The hostname used to access the Kubernetes cluster externally (defaults to using the cluster name as a subdomain for the tenant host).",
+            "default": ""
+        },
+        "controlPlane": {
+            "type": "object",
+            "properties": {
+                "replicas": {
+                    "type": "number",
+                    "description": "Number of replicas for Kubernetes contorl-plane components",
+                    "default": 2
+                }
+            }
+        }
+    }
+}
--- a/packages/apps/kubernetes/values.yaml
+++ b/packages/apps/kubernetes/values.yaml
@@ -1,6 +1,14 @@
+## @section Common parameters
+
+## @param host The hostname used to access the Kubernetes cluster externally (defaults to using the cluster name as a subdomain for the tenant host).
+## @param controlPlane.replicas Number of replicas for Kubernetes contorl-plane components
+##
 host: ""
 controlPlane:
  replicas: 2
+
+## @param nodeGroups [object] nodeGroups configuration
+##
 nodeGroups:
  md0:
    minReplicas: 0
--- a/packages/apps/mysql/Makefile
+++ b/packages/apps/mysql/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/apps/mysql/README.md
+++ b/packages/apps/mysql/README.md
@@ -62,3 +62,34 @@ more details:
  mysqldump -h <slave> -P 3306 -u<user> -p<password> --column-statistics=0 <database> <table> ~/tmp/fix-table.sql
  mysql -h <master> -P 3306 -u<user> -p<password> <database> < ~/tmp/fix-table.sql
  ```
+
+## Parameters
+
+### Common parameters
+
+| Name       | Description                                     | Value   |
+| ---------- | ----------------------------------------------- | ------- |
+| `external` | Enable external access from outside the cluster | `false` |
+| `size`     | Persistent Volume size                          | `10Gi`  |
+| `replicas` | Number of MariaDB replicas                      | `2`     |
+
+### Configuration parameters
+
+| Name        | Description             | Value |
+| ----------- | ----------------------- | ----- |
+| `users`     | Users configuration     | `{}`  |
+| `databases` | Databases configuration | `[]`  |
+
+### Backup parameters
+
+| Name                     | Description                                    | Value                                                  |
+| ------------------------ | ---------------------------------------------- | ------------------------------------------------------ |
+| `backup.enabled`         | Enable pereiodic backups                       | `false`                                                |
+| `backup.s3Region`        | The AWS S3 region where backups are stored     | `us-east-1`                                            |
+| `backup.s3Bucket`        | The S3 bucket used for storing backups         | `s3.example.org/postgres-backups`                      |
+| `backup.schedule`        | Cron schedule for automated backups            | `0 2 * * *`                                            |
+| `backup.cleanupStrategy` | The strategy for cleaning up old backups       | `--keep-last=3 --keep-daily=3 --keep-within-weekly=1m` |
+| `backup.s3AccessKey`     | The access key for S3, used for authentication | `oobaiRus9pah8PhohL1ThaeTa4UVa7gu`                     |
+| `backup.s3SecretKey`     | The secret key for S3, used for authentication | `ju3eum4dekeich9ahM1te8waeGai0oog`                     |
+| `backup.resticPassword`  | The password for Restic backup encryption      | `ChaXoveekoh6eigh4siesheeda2quai0`                     |
+
--- a/packages/apps/mysql/templates/mariadb.yaml
+++ b/packages/apps/mysql/templates/mariadb.yaml
@@ -4,9 +4,11 @@ kind: MariaDB
 metadata:
  name: {{ .Release.Name }}
 spec:
+  {{- if (and .Values.users.root .Values.users.root.password) }}
  rootPasswordSecretKeyRef:
    name: {{ .Release.Name }}
    key: root-password
+  {{- end }}

  image: "mariadb:11.0.2"

--- a/packages/apps/mysql/values.schema.json
+++ b/packages/apps/mysql/values.schema.json
@@ -0,0 +1,72 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "external": {
+            "type": "boolean",
+            "description": "Enable external access from outside the cluster",
+            "default": false
+        },
+        "size": {
+            "type": "string",
+            "description": "Persistent Volume size",
+            "default": "10Gi"
+        },
+        "replicas": {
+            "type": "number",
+            "description": "Number of MariaDB replicas",
+            "default": 2
+        },
+        "databases": {
+            "type": "array",
+            "description": "Databases configuration",
+            "default": [],
+            "items": {}
+        },
+        "backup": {
+            "type": "object",
+            "properties": {
+                "enabled": {
+                    "type": "boolean",
+                    "description": "Enable pereiodic backups",
+                    "default": false
+                },
+                "s3Region": {
+                    "type": "string",
+                    "description": "The AWS S3 region where backups are stored",
+                    "default": "us-east-1"
+                },
+                "s3Bucket": {
+                    "type": "string",
+                    "description": "The S3 bucket used for storing backups",
+                    "default": "s3.example.org/postgres-backups"
+                },
+                "schedule": {
+                    "type": "string",
+                    "description": "Cron schedule for automated backups",
+                    "default": "0 2 * * *"
+                },
+                "cleanupStrategy": {
+                    "type": "string",
+                    "description": "The strategy for cleaning up old backups",
+                    "default": "--keep-last=3 --keep-daily=3 --keep-within-weekly=1m"
+                },
+                "s3AccessKey": {
+                    "type": "string",
+                    "description": "The access key for S3, used for authentication",
+                    "default": "oobaiRus9pah8PhohL1ThaeTa4UVa7gu"
+                },
+                "s3SecretKey": {
+                    "type": "string",
+                    "description": "The secret key for S3, used for authentication",
+                    "default": "ju3eum4dekeich9ahM1te8waeGai0oog"
+                },
+                "resticPassword": {
+                    "type": "string",
+                    "description": "The password for Restic backup encryption",
+                    "default": "ChaXoveekoh6eigh4siesheeda2quai0"
+                }
+            }
+        }
+    }
+}
--- a/packages/apps/mysql/values.yaml
+++ b/packages/apps/mysql/values.yaml
@@ -1,26 +1,50 @@
+## @section Common parameters
+
+## @param external Enable external access from outside the cluster
+## @param size Persistent Volume size
+## @param replicas Number of MariaDB replicas
+##
 external: false
 size: 10Gi
-
 replicas: 2

-users:
-  root:
-    password: strongpassword
-  user1:
-    privileges: ['ALL']
-    maxUserConnections: 1000
-    password: hackme
-  user2:
-    privileges: ['SELECT']
-    maxUserConnections: 1000
-    password: hackme
+## @section Configuration parameters

-databases:
- wordpress1
- wordpress2
- wordpress3
- wordpress4
+## @param users [object] Users configuration
+## Example:
+## users:
+##   root:
+##     password: strongpassword
+##   user1:
+##     privileges: ['ALL']
+##     maxUserConnections: 1000
+##     password: hackme
+##   user2:
+##     privileges: ['SELECT']
+##     maxUserConnections: 1000
+##     password: hackme
+##
+users: {}

+## @param databases Databases configuration
+## Example:
+## databases:
+## - wordpress1
+## - wordpress2
+## - wordpress3
+## - wordpress4
+databases: []
+
+## @section Backup parameters
+
+## @param backup.enabled Enable pereiodic backups
+## @param backup.s3Region The AWS S3 region where backups are stored
+## @param backup.s3Bucket The S3 bucket used for storing backups
+## @param backup.schedule Cron schedule for automated backups
+## @param backup.cleanupStrategy The strategy for cleaning up old backups
+## @param backup.s3AccessKey The access key for S3, used for authentication
+## @param backup.s3SecretKey The secret key for S3, used for authentication
+## @param backup.resticPassword The password for Restic backup encryption
 backup:
  enabled: false
  s3Region: us-east-1
--- a/packages/apps/postgres/Chart.yaml
+++ b/packages/apps/postgres/Chart.yaml
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.2.0
+version: 0.2.1

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/packages/apps/postgres/Makefile
+++ b/packages/apps/postgres/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/apps/postgres/README.md
+++ b/packages/apps/postgres/README.md
@@ -30,3 +30,35 @@ restic -r s3:s3.example.org/postgres-backups/database_name restore latest --targ

 more details:
 - https://itnext.io/restic-effective-backup-from-stdin-4bc1e8f083c1
+
+## Parameters
+
+### Common parameters
+
+| Name       | Description                                     | Value   |
+| ---------- | ----------------------------------------------- | ------- |
+| `external` | Enable external access from outside the cluster | `false` |
+| `size`     | Persistent Volume size                          | `10Gi`  |
+| `replicas` | Number of MariaDB replicas                      | `2`     |
+
+### Configuration parameters
+
+| Name        | Description             | Value |
+| ----------- | ----------------------- | ----- |
+| `users`     | Users configuration     | `{}`  |
+| `databases` | Databases configuration | `{}`  |
+
+### Backup parameters
+
+| Name                     | Description                                    | Value                                                  |
+| ------------------------ | ---------------------------------------------- | ------------------------------------------------------ |
+| `backup.enabled`         | Enable pereiodic backups                       | `false`                                                |
+| `backup.s3Region`        | The AWS S3 region where backups are stored     | `us-east-1`                                            |
+| `backup.s3Bucket`        | The S3 bucket used for storing backups         | `s3.example.org/postgres-backups`                      |
+| `backup.schedule`        | Cron schedule for automated backups            | `0 2 * * *`                                            |
+| `backup.cleanupStrategy` | The strategy for cleaning up old backups       | `--keep-last=3 --keep-daily=3 --keep-within-weekly=1m` |
+| `backup.s3AccessKey`     | The access key for S3, used for authentication | `oobaiRus9pah8PhohL1ThaeTa4UVa7gu`                     |
+| `backup.s3SecretKey`     | The secret key for S3, used for authentication | `ju3eum4dekeich9ahM1te8waeGai0oog`                     |
+| `backup.resticPassword`  | The password for Restic backup encryption      | `ChaXoveekoh6eigh4siesheeda2quai0`                     |
+
+
--- a/packages/apps/postgres/templates/init-script.yaml
+++ b/packages/apps/postgres/templates/init-script.yaml
@@ -100,13 +100,13 @@ stringData:
    echo "== assign roles to users"
    psql -v ON_ERROR_STOP=1 --echo-all <<\EOT
    {{- range $database, $d := .Values.databases }}
-    {{- range $user, $u := $.Values.roles }}
-    {{- if has $user $d.users.admin }}
+    {{- range $user, $u := $.Values.users }}
+    {{- if has $user $d.roles.admin }}
    GRANT {{ $database }}_admin TO {{ $user }};
    {{- else }}
    REVOKE {{ $database }}_admin FROM {{ $user }};
    {{- end }}
-    {{- if has $user $d.users.readonly }}
+    {{- if has $user $d.roles.readonly }}
    GRANT {{ $database }}_readonly TO {{ $user }};
    {{- else }}
    REVOKE {{ $database }}_readonly FROM {{ $user }};
--- a/packages/apps/postgres/values.schema.json
+++ b/packages/apps/postgres/values.schema.json
@@ -0,0 +1,71 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "external": {
+            "type": "boolean",
+            "description": "Enable external access from outside the cluster",
+            "default": false
+        },
+        "size": {
+            "type": "string",
+            "description": "Persistent Volume size",
+            "default": "10Gi"
+        },
+        "replicas": {
+            "type": "number",
+            "description": "Number of MariaDB replicas",
+            "default": 2
+        },
+        "databases": {
+            "type": "object",
+            "description": "Databases configuration",
+            "default": {}
+        },
+        "backup": {
+            "type": "object",
+            "properties": {
+                "enabled": {
+                    "type": "boolean",
+                    "description": "Enable pereiodic backups",
+                    "default": false
+                },
+                "s3Region": {
+                    "type": "string",
+                    "description": "The AWS S3 region where backups are stored",
+                    "default": "us-east-1"
+                },
+                "s3Bucket": {
+                    "type": "string",
+                    "description": "The S3 bucket used for storing backups",
+                    "default": "s3.example.org/postgres-backups"
+                },
+                "schedule": {
+                    "type": "string",
+                    "description": "Cron schedule for automated backups",
+                    "default": "0 2 * * *"
+                },
+                "cleanupStrategy": {
+                    "type": "string",
+                    "description": "The strategy for cleaning up old backups",
+                    "default": "--keep-last=3 --keep-daily=3 --keep-within-weekly=1m"
+                },
+                "s3AccessKey": {
+                    "type": "string",
+                    "description": "The access key for S3, used for authentication",
+                    "default": "oobaiRus9pah8PhohL1ThaeTa4UVa7gu"
+                },
+                "s3SecretKey": {
+                    "type": "string",
+                    "description": "The secret key for S3, used for authentication",
+                    "default": "ju3eum4dekeich9ahM1te8waeGai0oog"
+                },
+                "resticPassword": {
+                    "type": "string",
+                    "description": "The password for Restic backup encryption",
+                    "default": "ChaXoveekoh6eigh4siesheeda2quai0"
+                }
+            }
+        }
+    }
+}
--- a/packages/apps/postgres/values.yaml
+++ b/packages/apps/postgres/values.yaml
@@ -1,34 +1,57 @@
+## @section Common parameters
+
+## @param external Enable external access from outside the cluster
+## @param size Persistent Volume size
+## @param replicas Number of MariaDB replicas
+##
 external: false
 size: 10Gi
 replicas: 2

-users:
-  user1:
-    password: strongpassword
-  user2:
-    password: hackme
-  airflow:
-    password: qwerty123
-  debezium:
-    replication: true
+## @section Configuration parameters

-databases:
+## @param users [object] Users configuration
+## Example:
+## users:
+##   user1:
+##     password: strongpassword
+##   user2:
+##     password: hackme
+##   airflow:
+##     password: qwerty123
+##   debezium:
+##     replication: true
+##
+users: {}

-  myapp:
-    roles:
-      admin:
-      - user1
-      - debezium
-      readonly:
-      - user2
+## @param databases Databases configuration
+## Example:
+## databases:
+##   myapp:
+##     roles:
+##       admin:
+##       - user1
+##       - debezium
+##       readonly:
+##       - user2
+##   airflow:
+##     roles:
+##       admin:
+##       - airflow
+##     extensions:
+##     - hstore
+databases: {}

-  airflow:
-    roles:
-      admin:
-      - airflow
-    extensions:
-    - hstore
+## @section Backup parameters

+## @param backup.enabled Enable pereiodic backups
+## @param backup.s3Region The AWS S3 region where backups are stored
+## @param backup.s3Bucket The S3 bucket used for storing backups
+## @param backup.schedule Cron schedule for automated backups
+## @param backup.cleanupStrategy The strategy for cleaning up old backups
+## @param backup.s3AccessKey The access key for S3, used for authentication
+## @param backup.s3SecretKey The secret key for S3, used for authentication
+## @param backup.resticPassword The password for Restic backup encryption
 backup:
  enabled: false
  s3Region: us-east-1
--- a/packages/apps/rabbitmq/Makefile
+++ b/packages/apps/rabbitmq/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/apps/rabbitmq/README.md
+++ b/packages/apps/rabbitmq/README.md
@@ -8,3 +8,12 @@ The service utilizes official RabbitMQ operator. This ensures the reliability an

 - Github: https://github.com/rabbitmq/cluster-operator/
 - Docs: https://www.rabbitmq.com/kubernetes/operator/operator-overview.html
+
+## Parameters
+
+### Common parameters
+
+| Name       | Description                                     | Value   |
+| ---------- | ----------------------------------------------- | ------- |
+| `external` | Enable external access from outside the cluster | `false` |
+| `replicas` | Number of RabbitMQ replicas                     | `3`     |
--- a/packages/apps/rabbitmq/values.schema.json
+++ b/packages/apps/rabbitmq/values.schema.json
@@ -1,14 +1,16 @@
 {
-  "$schema": "http://json-schema.org/schema#",
-  "type": "object",
-  "properties": {
-    "external": {
-      "type": "boolean",
-      "title": "Enable external Access"
-    },
-    "replicas": {
-      "type": "integer",
-      "title": "Replicas"
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "external": {
+            "type": "boolean",
+            "description": "Enable external access from outside the cluster",
+            "default": false
+        },
+        "replicas": {
+            "type": "number",
+            "description": "Number of RabbitMQ replicas",
+            "default": 3
+        }
    }
-  }
-}
+}
--- a/packages/apps/rabbitmq/values.yaml
+++ b/packages/apps/rabbitmq/values.yaml
@@ -1,2 +1,7 @@
-replicas: 3
+## @section Common parameters
+
+## @param external Enable external access from outside the cluster
+## @param replicas Number of RabbitMQ replicas
+##
 external: false
+replicas: 3
--- a/packages/apps/redis/Makefile
+++ b/packages/apps/redis/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/apps/redis/README.md
+++ b/packages/apps/redis/README.md
@@ -8,3 +8,15 @@ Service utilizes the Spotahome Redis Operator for efficient management and orche

 - Docs: https://redis.io/docs/
 - GitHub: https://github.com/spotahome/redis-operator
+
+## Parameters
+
+### Common parameters
+
+| Name       | Description                                     | Value   |
+| ---------- | ----------------------------------------------- | ------- |
+| `external` | Enable external access from outside the cluster | `false` |
+| `size`     | Persistent Volume size                          | `1Gi`   |
+| `replicas` | Number of Redis replicas                        | `2`     |
+
+
--- a/packages/apps/redis/values.schema.json
+++ b/packages/apps/redis/values.schema.json
@@ -1,18 +1,21 @@
 {
-  "$schema": "http://json-schema.org/schema#",
-  "type": "object",
-  "properties": {
-    "external": {
-      "type": "boolean",
-      "title": "Enable external Access"
-    },
-    "size": {
-      "type": "string",
-      "title": "Disk Size"
-    },
-    "replicas": {
-      "type": "integer",
-      "title": "Replicas"
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "external": {
+            "type": "boolean",
+            "description": "Enable external access from outside the cluster",
+            "default": false
+        },
+        "size": {
+            "type": "string",
+            "description": "Persistent Volume size",
+            "default": "1Gi"
+        },
+        "replicas": {
+            "type": "number",
+            "description": "Number of Redis replicas",
+            "default": 2
+        }
    }
-  }
-}
+}
--- a/packages/apps/redis/values.yaml
+++ b/packages/apps/redis/values.yaml
@@ -1,3 +1,9 @@
-replicas: 2
+## @section Common parameters
+
+## @param external Enable external access from outside the cluster
+## @param size Persistent Volume size
+## @param replicas Number of Redis replicas
+##
 external: false
-size: 5Gi
+size: 1Gi
+replicas: 2
--- a/packages/apps/tcp-balancer/Makefile
+++ b/packages/apps/tcp-balancer/Makefile
@@ -0,0 +1,4 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json.tmp -r README.md
+	cat values.schema.json.tmp | jq '.properties.httpAndHttps.properties.mode.enum = ["tcp","tcp-with-proxy"]' > values.schema.json
+	rm -f values.schema.json.tmp
--- a/packages/apps/tcp-balancer/README.md
+++ b/packages/apps/tcp-balancer/README.md
@@ -7,3 +7,23 @@ The Managed TCP Load Balancer Service simplifies the deployment and management o
 Managed TCP Load Balancer Service efficiently utilizes HAProxy for load balancing purposes. HAProxy is a well-established and reliable solution for distributing incoming TCP traffic across multiple backend servers, ensuring high availability and efficient resource utilization. This deployment choice guarantees the seamless and dependable operation of your load balancing infrastructure.

 - Docs: https://www.haproxy.com/documentation/
+
+## Parameters
+
+### Common parameters
+
+| Name       | Description                                     | Value   |
+| ---------- | ----------------------------------------------- | ------- |
+| `external` | Enable external access from outside the cluster | `false` |
+| `replicas` | Number of HAProxy replicas                      | `2`     |
+
+### Configuration parameters
+
+| Name                             | Description                                                   | Value   |
+| -------------------------------- | ------------------------------------------------------------- | ------- |
+| `httpAndHttps.mode`              | Mode for balancer. Allowed values: `tcp` and `tcp-with-proxy` | `tcp`   |
+| `httpAndHttps.targetPorts.http`  | HTTP port number.                                             | `80`    |
+| `httpAndHttps.targetPorts.https` | HTTPS port number.                                            | `443`   |
+| `httpAndHttps.endpoints`         | Endpoint addresses list                                       | `[]`    |
+| `whitelistHTTP`                  | Secure HTTP by enabling  client networks whitelisting         | `false` |
+| `whitelist`                      | List of client networks                                       | `[]`    |
--- a/packages/apps/tcp-balancer/values.schema.json
+++ b/packages/apps/tcp-balancer/values.schema.json
@@ -0,0 +1,62 @@
+{
+  "title": "Chart Values",
+  "type": "object",
+  "properties": {
+    "external": {
+      "type": "boolean",
+      "description": "Enable external access from outside the cluster",
+      "default": false
+    },
+    "replicas": {
+      "type": "number",
+      "description": "Number of HAProxy replicas",
+      "default": 2
+    },
+    "httpAndHttps": {
+      "type": "object",
+      "properties": {
+        "mode": {
+          "type": "string",
+          "description": "Mode for balancer. Allowed values: `tcp` and `tcp-with-proxy`",
+          "default": "tcp",
+          "enum": [
+            "tcp",
+            "tcp-with-proxy"
+          ]
+        },
+        "targetPorts": {
+          "type": "object",
+          "properties": {
+            "http": {
+              "type": "number",
+              "description": "HTTP port number.",
+              "default": 80
+            },
+            "https": {
+              "type": "number",
+              "description": "HTTPS port number.",
+              "default": 443
+            }
+          }
+        },
+        "endpoints": {
+          "type": "array",
+          "description": "Endpoint addresses list",
+          "default": [],
+          "items": {}
+        }
+      }
+    },
+    "whitelistHTTP": {
+      "type": "boolean",
+      "description": "Secure HTTP by enabling  client networks whitelisting",
+      "default": false
+    },
+    "whitelist": {
+      "type": "array",
+      "description": "List of client networks",
+      "default": [],
+      "items": {}
+    }
+  }
+}
--- a/packages/apps/tcp-balancer/values.yaml
+++ b/packages/apps/tcp-balancer/values.yaml
@@ -1,19 +1,45 @@
+## @section Common parameters
+
+## @param external Enable external access from outside the cluster
+## @param replicas Number of HAProxy replicas
+##
 external: false
 replicas: 2
+
+## @section Configuration parameters
+
+## @param httpAndHttps.mode Mode for balancer. Allowed values: `tcp` and `tcp-with-proxy`
+## @param httpAndHttps.targetPorts.http HTTP port number.
+## @param httpAndHttps.targetPorts.https HTTPS port number.
+## @param httpAndHttps.endpoints Endpoint addresses list
+## Example:
+## httpAndHttps:
+##   mode: tcp
+##   targetPorts:
+##     http: 80
+##     https: 443
+##   endpoints:
+##    - 10.100.3.1
+##    - 10.100.3.11
+##    - 10.100.3.2
+##    - 10.100.3.12
+##    - 10.100.3.3
+##    - 10.100.3.13
+
 httpAndHttps:
  mode: tcp
  targetPorts:
    http: 80
    https: 443
-  endpoints:
-   - 10.100.3.1
-   - 10.100.3.11
-   - 10.100.3.2
-   - 10.100.3.12
-   - 10.100.3.3
-   - 10.100.3.13
+  endpoints: []

+## @param whitelistHTTP Secure HTTP by enabling  client networks whitelisting
+## @param whitelist List of client networks
+## Example:
+## whitelistHTTP: true
+## whitelist:
+## - "1.2.3.4"
+## - "10.100.0.0/16"
+##
 whitelistHTTP: false
-whitelist:
- "1.2.3.4"
- "10.100.0.0/16"
+whitelist: []
--- a/packages/apps/tenant/Chart.yaml
+++ b/packages/apps/tenant/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: tenant
-description: Additional tenant namespace
+description: Separated tenant namespace
 icon: https://upload.wikimedia.org/wikipedia/commons/0/04/User_icon_1.svg

 type: application
-version: 1.0.0
+version: 1.1.0
--- a/packages/apps/tenant/Makefile
+++ b/packages/apps/tenant/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/apps/tenant/README.md
+++ b/packages/apps/tenant/README.md
@@ -45,3 +45,14 @@ tenant-u1
    ├── kubernetes-cluster1
    └── postgres-db1
 ```
+
+## Parameters
+
+### Common parameters
+
+| Name         | Description                                                                                                                 | Value   |
+| ------------ | --------------------------------------------------------------------------------------------------------------------------- | ------- |
+| `host`       | The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host). | `""`    |
+| `etcd`       | Deploy own Etcd cluster                                                                                                     | `false` |
+| `monitoring` | Deploy own Monitoring Stack                                                                                                 | `false` |
+| `ingress`    | Deploy own Ingress Controller                                                                                               | `false` |
--- a/packages/apps/tenant/values.schema.json
+++ b/packages/apps/tenant/values.schema.json
@@ -1,27 +1,26 @@
 {
-  "$schema": "http://json-schema.org/schema#",
-  "type": "object",
-  "properties": {
-    "host": {
-      "type": "string",
-      "form": true,
-      "title": "Domain name for this tenant",
-      "description": "This host will be used for all apps deployed in this tenant"
-    },
-    "etcd": {
-      "type": "boolean",
-      "title": "Deploy own Etcd cluster",
-      "form": true
-    },
-    "monitoring": {
-      "type": "boolean",
-      "title": "Deploy own Monitoring Stack",
-      "form": true
-    },
-    "ingress": {
-      "type": "boolean",
-      "title": "Deploy own Ingress Controller",
-      "form": true
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "host": {
+            "type": "string",
+            "description": "The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host).",
+            "default": ""
+        },
+        "etcd": {
+            "type": "boolean",
+            "description": "Deploy own Etcd cluster",
+            "default": false
+        },
+        "monitoring": {
+            "type": "boolean",
+            "description": "Deploy own Monitoring Stack",
+            "default": false
+        },
+        "ingress": {
+            "type": "boolean",
+            "description": "Deploy own Ingress Controller",
+            "default": false
+        }
    }
-  }
-}
+}
--- a/packages/apps/tenant/values.yaml
+++ b/packages/apps/tenant/values.yaml
@@ -1,3 +1,9 @@
+## @section Common parameters
+
+## @param host The hostname used to access tenant services (defaults to using the tenant name as a subdomain for it's parent tenant host).
+## @param etcd Deploy own Etcd cluster
+## @param monitoring Deploy own Monitoring Stack
+## @param ingress Deploy own Ingress Controller
 host: ""
 etcd: false
 monitoring: false
--- a/packages/apps/versions_map
+++ b/packages/apps/versions_map
@@ -2,14 +2,18 @@ clickhouse 0.1.0 ca79f72
 clickhouse 0.2.0 HEAD
 http-cache 0.1.0 a956713
 http-cache 0.2.0 HEAD
-kafka 0.1.0 HEAD
+kafka 0.1.0 760f86d2
+kafka 0.2.0 HEAD
 kubernetes 0.1.0 f642698
-kubernetes 0.2.0 HEAD
+kubernetes 0.2.0 7cd7de73
+kubernetes 0.3.0 7caccec1
+kubernetes 0.4.0 HEAD
 mysql 0.1.0 f642698
 mysql 0.2.0 8b975ff0
 mysql 0.3.0 HEAD
 postgres 0.1.0 f642698
-postgres 0.2.0 HEAD
+postgres 0.2.0 7cd7de73
+postgres 0.2.1 HEAD
 rabbitmq 0.1.0 f642698
 rabbitmq 0.2.0 HEAD
 redis 0.1.1 f642698
@@ -19,8 +23,10 @@ tcp-balancer 0.2.0 HEAD
 tenant 0.1.3 3d1b86c
 tenant 0.1.4 d200480
 tenant 0.1.5 e3ab858
-tenant 1.0.0 HEAD
+tenant 1.0.0 7cd7de7
+tenant 1.1.0 HEAD
 virtual-machine 0.1.4 f2015d6
-virtual-machine 0.1.5 HEAD
+virtual-machine 0.1.5 7cd7de7
+virtual-machine 0.2.0 HEAD
 vpn 0.1.0 f642698
 vpn 0.2.0 HEAD
--- a/packages/apps/virtual-machine/Chart.yaml
+++ b/packages/apps/virtual-machine/Chart.yaml
@@ -17,7 +17,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.5
+version: 0.2.0

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/packages/apps/virtual-machine/Makefile
+++ b/packages/apps/virtual-machine/Makefile
@@ -0,0 +1,7 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json.tmp -r README.md
+	cat values.schema.json.tmp | \
+		jq '.properties.image.enum = ["ubuntu", "cirros", "alpine", "fedora"]' | \
+		jq '.properties.resources.properties.memory["x-display"] = "slider"' \
+		> values.schema.json
+	rm -f values.schema.json.tmp
--- a/packages/apps/virtual-machine/README.md
+++ b/packages/apps/virtual-machine/README.md
@@ -8,3 +8,17 @@ The virtual machine is managed and hosted through KubeVirt, allowing you to harn

 - Docs: https://kubevirt.io/user-guide/
 - GitHub: https://github.com/kubevirt/kubevirt
+
+## Parameters
+
+### Common parameters
+
+| Name               | Description                                                                                       | Value    |
+| ------------------ | ------------------------------------------------------------------------------------------------- | -------- |
+| `external`         | Enable external access from outside the cluster                                                   | `false`  |
+| `running`          | Determines if the virtual machine should be running                                               | `true`   |
+| `password`         | The default password for the virtual machine                                                      | `hackme` |
+| `image`            | The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine` and `fedora` | `ubuntu` |
+| `disk`             | The size of the disk allocated for the virtual machine                                            | `5Gi`    |
+| `resources.cpu`    | The number of CPU cores allocated to the virtual machine                                          | `1`      |
+| `resources.memory` | The amount of memory allocated to the virtual machine                                             | `1024M`  |
--- a/packages/apps/virtual-machine/values.schema.json
+++ b/packages/apps/virtual-machine/values.schema.json
@@ -1,44 +1,51 @@
 {
-  "$schema": "http://json-schema.org/schema#",
+  "title": "Chart Values",
  "type": "object",
  "properties": {
-    "running": {
-      "type": "boolean",
-      "title": "Running"
-    },
    "external": {
      "type": "boolean",
-      "title": "Enable external Access"
+      "description": "Enable external access from outside the cluster",
+      "default": false
    },
-    "image": {
-      "type": "string",
-      "form": true,
-      "enum": ["ubuntu", "cirros", "alpine", "fedora"],
-      "title": "Choose image"
+    "running": {
+      "type": "boolean",
+      "description": "Determines if the virtual machine should be running",
+      "default": true
    },
    "password": {
      "type": "string",
-      "title": "Password"
+      "description": "The default password for the virtual machine",
+      "default": "hackme"
+    },
+    "image": {
+      "type": "string",
+      "description": "The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine` and `fedora`",
+      "default": "ubuntu",
+      "enum": [
+        "ubuntu",
+        "cirros",
+        "alpine",
+        "fedora"
+      ]
    },
    "disk": {
      "type": "string",
-      "title": "Disk Size"
+      "description": "The size of the disk allocated for the virtual machine",
+      "default": "5Gi"
    },
    "resources": {
      "type": "object",
      "properties": {
+        "cpu": {
+          "type": "number",
+          "description": "The number of CPU cores allocated to the virtual machine",
+          "default": 1
+        },
        "memory": {
          "type": "string",
-          "x-display": "slider",
-          "title": "Memory",
-          "minimum": 10,
-          "maximum": 2048
-        },
-        "cpu": {
-          "type": "integer",
-          "title": "CPU",
-          "minimum": 1,
-          "maximum": 4
+          "description": "The amount of memory allocated to the virtual machine",
+          "default": "1024M",
+          "x-display": "slider"
        }
      }
    }
--- a/packages/apps/virtual-machine/values.yaml
+++ b/packages/apps/virtual-machine/values.yaml
@@ -1,3 +1,13 @@
+## @section Common parameters
+
+## @param external Enable external access from outside the cluster
+## @param running Determines if the virtual machine should be running
+## @param password The default password for the virtual machine
+## @param image The base image for the virtual machine. Allowed values: `ubuntu`, `cirros`, `alpine` and `fedora`
+## @param disk The size of the disk allocated for the virtual machine
+## @param resources.cpu The number of CPU cores allocated to the virtual machine
+## @param resources.memory The amount of memory allocated to the virtual machine
+
 external: false
 running: true
 password: hackme
--- a/packages/apps/vpn/Makefile
+++ b/packages/apps/vpn/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/apps/vpn/README.md
+++ b/packages/apps/vpn/README.md
@@ -10,3 +10,18 @@ The VPN Service is powered by the Outline Server, an advanced and user-friendly

 - Docs: https://shadowsocks.org/
 - Docs: https://github.com/Jigsaw-Code/outline-server/tree/master/src/shadowbox
+
+## Parameters
+
+### Common parameters
+
+| Name       | Description                                     | Value   |
+| ---------- | ----------------------------------------------- | ------- |
+| `external` | Enable external access from outside the cluster | `false` |
+| `replicas` | Number of VPN-server replicas                   | `2`     |
+
+### Configuration parameters
+
+| Name    | Description         | Value |
+| ------- | ------------------- | ----- |
+| `users` | Users configuration | `{}`  |
--- a/packages/apps/vpn/values.schema.json
+++ b/packages/apps/vpn/values.schema.json
@@ -0,0 +1,16 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "external": {
+            "type": "boolean",
+            "description": "Enable external access from outside the cluster",
+            "default": false
+        },
+        "replicas": {
+            "type": "number",
+            "description": "Number of VPN-server replicas",
+            "default": 2
+        }
+    }
+}
--- a/packages/apps/vpn/values.yaml
+++ b/packages/apps/vpn/values.yaml
@@ -1,8 +1,18 @@
+## @section Common parameters
+
+## @param external Enable external access from outside the cluster
+## @param replicas Number of VPN-server replicas
+##
 external: false
 replicas: 2

-users:
-  user1:
-    password: hackme
-  user2:
-    password: tttt
+## @section Configuration parameters
+
+## @param users [object] Users configuration
+## Example:
+## users:
+##   user1:
+##     password: hackme
+##   user2:
+##     password: tttt
+users: {}
--- a/packages/core/fluxcd/Makefile
+++ b/packages/core/fluxcd/Makefile
@@ -11,3 +11,10 @@ apply:

 diff:
 	helm template -n $(NAMESPACE) $(NAME) . --no-hooks --dry-run=server $(API_VERSIONS_FLAGS) | kubectl diff -n $(NAMESPACE) -f-
+
+update:
+	rm -rf charts
+	helm repo add fluxcd-community https://fluxcd-community.github.io/helm-charts
+	helm repo update fluxcd-community
+	helm pull fluxcd-community/flux2 --untar --untardir charts
+	sed -i 's/\.{{ \.Values\.clusterDomain | default "cluster\.local" }}\.//g' `grep -rl '.{{ .Values.clusterDomain | default "cluster.local" }}.' charts`
--- a/packages/core/fluxcd/charts/flux2/templates/helm-controller.yaml
+++ b/packages/core/fluxcd/charts/flux2/templates/helm-controller.yaml
@@ -44,7 +44,7 @@ spec:
        - --default-service-account={{ .Values.multitenancy.defaultServiceAccount | default "default"  }}
        {{- end}}
        {{- if .Values.notificationController.create }}
-        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc.{{ .Values.clusterDomain | default "cluster.local" }}.
+        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc
        {{- end}}
        - --watch-all-namespaces={{ .Values.watchAllNamespaces }}
        - --log-level={{ .Values.logLevel | default "info" }}
--- a/packages/core/fluxcd/charts/flux2/templates/image-automation-controller.yaml
+++ b/packages/core/fluxcd/charts/flux2/templates/image-automation-controller.yaml
@@ -43,7 +43,7 @@ spec:
        - --no-cross-namespace-refs=true
        {{- end}}
        {{- if .Values.notificationController.create }}
-        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc.{{ .Values.clusterDomain | default "cluster.local" }}.
+        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc
        {{- end}}
        - --watch-all-namespaces={{ .Values.watchAllNamespaces }}
        - --log-level={{ .Values.logLevel | default "info" }}
--- a/packages/core/fluxcd/charts/flux2/templates/image-reflector-controller.yaml
+++ b/packages/core/fluxcd/charts/flux2/templates/image-reflector-controller.yaml
@@ -43,7 +43,7 @@ spec:
        - --no-cross-namespace-refs=true
        {{- end}}
        {{- if .Values.notificationController.create }}
-        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc.{{ .Values.clusterDomain | default "cluster.local" }}.
+        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc
        {{- end}}
        - --watch-all-namespaces={{ .Values.watchAllNamespaces }}
        - --log-level={{ .Values.logLevel | default "info" }}
--- a/packages/core/fluxcd/charts/flux2/templates/kustomize-controller.yaml
+++ b/packages/core/fluxcd/charts/flux2/templates/kustomize-controller.yaml
@@ -44,7 +44,7 @@ spec:
        - --default-service-account={{ .Values.multitenancy.defaultServiceAccount | default "default"  }}
        {{- end}}
        {{- if .Values.notificationController.create }}
-        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc.{{ .Values.clusterDomain | default "cluster.local" }}.
+        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc
        {{- end}}
        - --watch-all-namespaces={{ .Values.watchAllNamespaces }}
        - --log-level={{ .Values.logLevel | default "info" }}
--- a/packages/core/fluxcd/charts/flux2/templates/source-controller.yaml
+++ b/packages/core/fluxcd/charts/flux2/templates/source-controller.yaml
@@ -38,14 +38,14 @@ spec:
      containers:
      - args:
        {{- if .Values.notificationController.create }}
-        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc.{{ .Values.clusterDomain | default "cluster.local" }}.
+        - --events-addr=http://notification-controller.$(RUNTIME_NAMESPACE).svc
        {{- end}}
        - --watch-all-namespaces={{ .Values.watchAllNamespaces }}
        - --log-level={{ .Values.logLevel | default "info" }}
        - --log-encoding=json
        - --enable-leader-election
        - --storage-path=/data
-        - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.{{ .Values.clusterDomain | default "cluster.local" }}.
+        - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc
        {{- range .Values.sourceController.container.additionalArgs }}
        - {{ . }}
        {{- end}}
--- a/packages/core/installer/Makefile
+++ b/packages/core/installer/Makefile
@@ -34,8 +34,8 @@ image-cozystack:
 image-talos:
 	test -f ../../../_out/assets/installer-amd64.tar || make talos-installer
 	docker load -i ../../../_out/assets/installer-amd64.tar
-	docker tag ghcr.io/siderolabs/installer:$(TALOS_VERSION) ghcr.io/aenix-io/cozystack/talos:$(call settag,$(TALOS_VERSION))
-	docker push ghcr.io/aenix-io/cozystack/talos:$(call settag,$(TALOS_VERSION))
+	docker tag ghcr.io/siderolabs/installer:$(TALOS_VERSION) $(REGISTRY)/talos:$(call settag,$(TALOS_VERSION))
+	docker push $(REGISTRY)/talos:$(call settag,$(TALOS_VERSION))

 image-matchbox:
 	test -f ../../../_out/assets/kernel-amd64 || make talos-kernel
--- a/packages/core/installer/hack/gen-profiles.sh
+++ b/packages/core/installer/hack/gen-profiles.sh
@@ -35,16 +35,20 @@ for profile in $PROFILES; do
  if [ "$profile" = "nocloud" ]; then
    image_options="{ diskSize: 1306525696, diskFormat: raw }"
    out_format=".xz"
+    platform="nocloud"
+    kind="image"
  else
    image_options="{}"
    out_format="raw"
+    platform="metal"
+    kind="$profile"
  fi

  cat > images/talos/profiles/$profile.yaml <<EOT
 # this file generated by hack/gen-profiles.sh
 # do not edit it
 arch: amd64
-platform: metal
+platform: ${platform}
 secureboot: false
 version: ${TALOS_VERSION}
 input:
@@ -65,7 +69,7 @@ input:
    - imageRef: ghcr.io/siderolabs/drbd:${DRBD_VERSION}
    - imageRef: ghcr.io/siderolabs/zfs:${ZFS_VERSION}
 output:
-  kind: ${profile}
+  kind: ${kind}
  imageOptions: ${image_options}
  outFormat: ${out_format}
 EOT
--- a/packages/core/installer/images/cozystack.json
+++ b/packages/core/installer/images/cozystack.json
@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:2474ace34da2ef40ac45fe0b953ffd0932e30680cdf574f353ce3bd6c39dbe9b",
-  "containerimage.digest": "sha256:4dd7fb090e817cd75dcde39e801670f779ec15077be704f1188e8fb986955983"
+  "containerimage.config.digest": "sha256:8726af130b534d259ae28a92d84fb866df045765739a59146974d85554e5f188",
+  "containerimage.digest": "sha256:bc9109b0ed072ecbb143ea74edb9bf8a801b4903e0b849aeaa79488c4a9fb7f2"
 }
--- a/packages/core/installer/images/cozystack.tag
+++ b/packages/core/installer/images/cozystack.tag
@@ -1 +1 @@
-ghcr.io/aenix-io/cozystack/cozystack:v0.4.0
+ghcr.io/aenix-io/cozystack/cozystack:v0.6.0
--- a/packages/core/installer/images/matchbox.json
+++ b/packages/core/installer/images/matchbox.json
@@ -1,4 +1,4 @@
 {
-  "containerimage.config.digest": "sha256:f0739211f7a0614aeb981a1d810a2e6d44f8f4d1c927712db1b3c75168ab8d2a",
-  "containerimage.digest": "sha256:ff20cd22d7bead74ad40110b174905ddea837341ffa8919d4f3df49390a1460e"
+  "containerimage.config.digest": "sha256:05f6f9ed2e662dde64ace18dbbd69001b39778841bda812d7b6b86e064270e64",
+  "containerimage.digest": "sha256:56ef77367394c4b073c862974726d882036c9b95d27a56a774987fe3244c35f6"
 }
--- a/packages/core/installer/images/talos/profiles/nocloud.yaml
+++ b/packages/core/installer/images/talos/profiles/nocloud.yaml
@@ -1,7 +1,7 @@
 # this file generated by hack/gen-profiles.sh
 # do not edit it
 arch: amd64
-platform: metal
+platform: nocloud
 secureboot: false
 version: v1.7.1
 input:
@@ -22,6 +22,6 @@ input:
    - imageRef: ghcr.io/siderolabs/drbd:9.2.8-v1.7.1
    - imageRef: ghcr.io/siderolabs/zfs:2.2.3-v1.7.1
 output:
-  kind: nocloud
+  kind: image
  imageOptions: { diskSize: 1306525696, diskFormat: raw }
  outFormat: .xz
--- a/packages/core/installer/templates/cozystack.yaml
+++ b/packages/core/installer/templates/cozystack.yaml
@@ -35,6 +35,11 @@ spec:
  selector:
    matchLabels:
      app: cozystack
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 0
+      maxUnavailable: 1
  template:
    metadata:
      labels:
--- a/packages/extra/Makefile
+++ b/packages/extra/Makefile
@@ -11,7 +11,7 @@ repo:
 	rm -rf "$(TMP)"

 fix-chartnames:
-	find . -name Chart.yaml -maxdepth 2 | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: $$i/" "$$i/Chart.yaml"; done
+	find . -maxdepth 2 -name Chart.yaml | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: $$i/" "$$i/Chart.yaml"; done

 gen-versions-map: fix-chartnames
 	../../hack/gen_versions_map.sh
--- a/packages/extra/etcd/Chart.yaml
+++ b/packages/extra/etcd/Chart.yaml
@@ -3,4 +3,4 @@ name: etcd
 description: Storage for Kubernetes clusters
 icon: https://www.svgrepo.com/show/353714/etcd.svg
 type: application
-version: 2.0.0
+version: 2.1.0
--- a/packages/extra/etcd/Makefile
+++ b/packages/extra/etcd/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/extra/etcd/README.md
+++ b/packages/extra/etcd/README.md
@@ -0,0 +1,10 @@
+# Etcd-cluster
+
+## Parameters
+
+### Common parameters
+
+| Name       | Description             | Value |
+| ---------- | ----------------------- | ----- |
+| `size`     | Persistent Volume size  | `4Gi` |
+| `replicas` | Number of etcd replicas | `3`   |
--- a/packages/extra/etcd/templates/datastore.yaml
+++ b/packages/extra/etcd/templates/datastore.yaml
@@ -3,14 +3,12 @@ apiVersion: kamaji.clastix.io/v1alpha1
 kind: DataStore
 metadata:
  name: {{ .Release.Namespace }}
-  annotations:
-    helm.sh/hook: post-install,post-upgrade
 spec:
  driver: etcd
  endpoints:
-  - etcd-0.etcd-headless.{{ .Release.Namespace }}.svc:2379
-  - etcd-1.etcd-headless.{{ .Release.Namespace }}.svc:2379
-  - etcd-2.etcd-headless.{{ .Release.Namespace }}.svc:2379
+  {{- range $i := until (int $.Values.replicas) }}
+  - etcd-{{ $i }}.etcd-headless.{{ $.Release.Namespace }}.svc:2379
+  {{- end }}
  tlsConfig:
    certificateAuthority:
      certificate:
@@ -34,3 +32,19 @@ spec:
          keyPath: tls.key
          name: etcd-client-tls
          namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: etcd-ca-tls
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/resource-policy: keep
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: etcd-client-tls
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/resource-policy: keep
--- a/packages/extra/etcd/templates/etcd-cluster.yaml
+++ b/packages/extra/etcd/templates/etcd-cluster.yaml
@@ -1,10 +1,30 @@
+{{- define "calculateQuotaBackendBytes" -}}
+{{- $units := dict "Ki" 1024 "Mi" 1048576 "Gi" 1073741824 -}}
+{{- $value := regexFind "[0-9.]+" . -}}
+{{- $unit := regexFind "[a-zA-Z]+" . -}}
+{{- $numericValue := float64 $value -}}
+{{- $bytes := mulf $numericValue (index $units $unit) -}}
+{{- $result := mulf $bytes 0.95 -}}
+{{- printf "%.0f" $result -}}
+{{- end -}}
 ---
 apiVersion: etcd.aenix.io/v1alpha1
 kind: EtcdCluster
 metadata:
  name: etcd
 spec:
-  storage: {}
+  options:
+    quota-backend-bytes: {{ include "calculateQuotaBackendBytes" .Values.size | quote }}
+    auto-compaction-mode: "periodic"
+    auto-compaction-retention: "5m"
+    snapshot-count: "10000"
+  replicas: {{ .Values.replicas }}
+  storage:
+    volumeClaimTemplate:
+      spec:
+        resources:
+          requests:
+            storage: {{ .Values.size }}
  security:
    tls:
      peerTrustedCASecret: etcd-peer-ca-tls
@@ -12,6 +32,15 @@ spec:
      serverSecret: etcd-server-tls
      clientTrustedCASecret: etcd-ca-tls
      clientSecret: etcd-client-tls
+  podTemplate:
+    spec:
+      topologySpreadConstraints:
+      - maxSkew: 1
+        topologyKey: "kubernetes.io/hostname"
+        whenUnsatisfiable: ScheduleAnyway
+        labelSelector:
+          matchLabels:
+            app.kubernetes.io/instance: etcd
 ---
 apiVersion: cert-manager.io/v1
 kind: Issuer
@@ -98,15 +127,11 @@ spec:
    - "signing"
    - "key encipherment"
  dnsNames:
-  - etcd-0
-  - etcd-0.etcd-headless
-  - etcd-0.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-1
-  - etcd-1.etcd-headless
-  - etcd-1.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-2
-  - etcd-2.etcd-headless
-  - etcd-2.etcd-headless.{{ .Release.Namespace }}.svc
+  {{- range $i := until (int $.Values.replicas) }}
+  - etcd-{{ $i }}
+  - etcd-{{ $i }}.etcd-headless
+  - etcd-{{ $i }}.etcd-headless.{{ $.Release.Namespace }}.svc
+  {{- end }}
  - localhost
  - "127.0.0.1"
  privateKey:
@@ -129,15 +154,11 @@ spec:
    - "signing"
    - "key encipherment"
  dnsNames:
-  - etcd-0
-  - etcd-0.etcd-headless
-  - etcd-0.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-1
-  - etcd-1.etcd-headless
-  - etcd-1.etcd-headless.{{ .Release.Namespace }}.svc
-  - etcd-2
-  - etcd-2.etcd-headless
-  - etcd-2.etcd-headless.{{ .Release.Namespace }}.svc
+  {{- range $i := until (int $.Values.replicas) }}
+  - etcd-{{ $i }}
+  - etcd-{{ $i }}.etcd-headless
+  - etcd-{{ $i }}.etcd-headless.{{ $.Release.Namespace }}.svc
+  {{- end }}
  - localhost
  - "127.0.0.1"
  privateKey:
--- a/packages/extra/etcd/templates/etcd-defrag.yaml
+++ b/packages/extra/etcd/templates/etcd-defrag.yaml
@@ -0,0 +1,31 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ .Release.Name }}-defrag
+spec:
+  schedule: "0 * * * *"
+  successfulJobsHistoryLimit: 3
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+          - name: etcd-defrag
+            image: ghcr.io/ahrtr/etcd-defrag:v0.13.0
+            args:
+            - --endpoints={{ range $i, $e := until (int .Values.replicas) }}{{ if $i }},{{ end }}https://{{ $.Release.Name }}-{{ $i }}.{{ $.Release.Name }}-headless.{{ $.Release.Namespace }}.svc:2379{{ end }}
+            - --cacert=/etc/etcd/pki/client/cert/ca.crt
+            - --cert=/etc/etcd/pki/client/cert/tls.crt
+            - --key=/etc/etcd/pki/client/cert/tls.key
+            - --cluster
+            - --defrag-rule
+            - "dbQuotaUsage > 0.8 || dbSize - dbSizeInUse > 200*1024*1024"
+            volumeMounts:
+            - mountPath: /etc/etcd/pki/client/cert
+              name: client-certificate
+              readOnly: true
+          volumes:
+          - name: client-certificate
+            secret:
+              secretName: {{ .Release.Name }}-client-tls
+          restartPolicy: OnFailure
--- a/packages/extra/etcd/values.schema.json
+++ b/packages/extra/etcd/values.schema.json
@@ -0,0 +1,16 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "size": {
+            "type": "string",
+            "description": "Persistent Volume size",
+            "default": "4Gi"
+        },
+        "replicas": {
+            "type": "number",
+            "description": "Number of etcd replicas",
+            "default": 3
+        }
+    }
+}
--- a/packages/extra/etcd/values.yaml
+++ b/packages/extra/etcd/values.yaml
@@ -0,0 +1,7 @@
+## @section Common parameters
+
+## @param size Persistent Volume size
+## @param replicas Number of etcd replicas
+##
+size: 4Gi
+replicas: 3
--- a/packages/extra/ingress/Makefile
+++ b/packages/extra/ingress/Makefile
@@ -0,0 +1,2 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json -r README.md
--- a/packages/extra/ingress/README.md
+++ b/packages/extra/ingress/README.md
@@ -0,0 +1,9 @@
+# Ingress-NGINX Controller
+
+## Parameters
+
+### Common parameters
+
+| Name       | Description                      | Value |
+| ---------- | -------------------------------- | ----- |
+| `replicas` | Number of ingress-nginx replicas | `2`   |
--- a/packages/extra/ingress/templates/nginx-ingress.yaml
+++ b/packages/extra/ingress/templates/nginx-ingress.yaml
@@ -18,6 +18,7 @@ spec:
    ingress-nginx:
      fullnameOverride: {{ trimPrefix "tenant-" .Release.Namespace }}-ingress
      controller:
+        replicaCount: {{ .Values.replicas }}
        ingressClass: {{ .Release.Namespace }}
        ingressClassResource:
          name: {{ .Release.Namespace }}
--- a/packages/extra/ingress/values.schema.json
+++ b/packages/extra/ingress/values.schema.json
@@ -0,0 +1,11 @@
+{
+    "title": "Chart Values",
+    "type": "object",
+    "properties": {
+        "replicas": {
+            "type": "number",
+            "description": "Number of ingress-nginx replicas",
+            "default": 2
+        }
+    }
+}
--- a/packages/extra/ingress/values.yaml
+++ b/packages/extra/ingress/values.yaml
@@ -0,0 +1,5 @@
+## @section Common parameters
+
+## @param replicas Number of ingress-nginx replicas
+##
+replicas: 2
--- a/packages/extra/monitoring/Makefile
+++ b/packages/extra/monitoring/Makefile
@@ -0,0 +1,6 @@
+generate:
+	readme-generator -v values.yaml -s values.schema.json.tmp -r README.md
+	cat values.schema.json.tmp | \
+		jq '.properties.metricsStorages.items.type = "object"' \
+		> values.schema.json
+	rm -f values.schema.json.tmp
--- a/packages/extra/monitoring/README.md
+++ b/packages/extra/monitoring/README.md
@@ -0,0 +1,11 @@
+# Monitoring Hub
+
+## Parameters
+
+### Common parameters
+
+| Name              | Description                                                                                               | Value   |
+| ----------------- | --------------------------------------------------------------------------------------------------------- | ------- |
+| `host`            | The hostname used to access the grafana externally (defaults to 'grafana' subdomain for the tenant host). | `""`    |
+| `metricsStorages` | Configuration of metrics storage instances                                                                | `[]`    |
+| `oncall.enabled`  | Enable Grafana OnCall                                                                                     | `false` |
--- a/packages/extra/monitoring/values.schema.json
+++ b/packages/extra/monitoring/values.schema.json
@@ -0,0 +1,29 @@
+{
+  "title": "Chart Values",
+  "type": "object",
+  "properties": {
+    "host": {
+      "type": "string",
+      "description": "The hostname used to access the grafana externally (defaults to 'grafana' subdomain for the tenant host).",
+      "default": ""
+    },
+    "metricsStorages": {
+      "type": "array",
+      "description": "Configuration of metrics storage instances",
+      "default": "[]",
+      "items": {
+        "type": "object"
+      }
+    },
+    "oncall": {
+      "type": "object",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Enable Grafana OnCall",
+          "default": false
+        }
+      }
+    }
+  }
+}
--- a/packages/extra/monitoring/values.yaml
+++ b/packages/extra/monitoring/values.yaml
@@ -1,5 +1,10 @@
+## @section Common parameters
+
+## @param host The hostname used to access the grafana externally (defaults to 'grafana' subdomain for the tenant host).
 host: ""

+## @param metricsStorages [array] Configuration of metrics storage instances
+##
 metricsStorages:
 - name: shortterm
  retentionPeriod: "3d"
@@ -10,5 +15,7 @@ metricsStorages:
  deduplicationInterval: "15s"
  storage: 10Gi

+## @param oncall.enabled Enable Grafana OnCall
+## 
 oncall:
  enabled: false
--- a/packages/extra/versions_map
+++ b/packages/extra/versions_map
@@ -1,4 +1,6 @@
 etcd 1.0.0 f7eaab0
-etcd 2.0.0 HEAD
+etcd 2.0.0 a6d0f7cf
+etcd 2.0.1 6fc1cc7d
+etcd 2.1.0 HEAD
 ingress 1.0.0 HEAD
 monitoring 1.0.0 HEAD
--- a/packages/system/Makefile
+++ b/packages/system/Makefile
@@ -9,4 +9,4 @@ repo:
 	cd "$(OUT)" && helm repo index .

 fix-chartnames:
-	find . -name Chart.yaml -maxdepth 2 | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: cozy-$$i/" "$$i/Chart.yaml"; done
+	find . -maxdepth 2 -name Chart.yaml | awk -F/ '{print $$2}' | while read i; do sed -i "s/^name: .*/name: cozy-$$i/" "$$i/Chart.yaml"; done
--- a/packages/system/cilium/charts/cilium/Chart.yaml
+++ b/packages/system/cilium/charts/cilium/Chart.yaml
@@ -122,7 +122,7 @@ annotations:
      description: |
        CiliumPodIPPool defines an IP pool that can be used for pooled IPAM (i.e. the multi-pool IPAM mode).
 apiVersion: v2
-appVersion: 1.14.9
+appVersion: 1.14.10
 description: eBPF-based Networking, Security, and Observability
 home: https://cilium.io/
 icon: https://cdn.jsdelivr.net/gh/cilium/cilium@v1.14/Documentation/images/logo-solo.svg
@@ -138,4 +138,4 @@ kubeVersion: '>= 1.16.0-0'
 name: cilium
 sources:
 - https://github.com/cilium/cilium
-version: 1.14.9
+version: 1.14.10
--- a/packages/system/cilium/charts/cilium/README.md
+++ b/packages/system/cilium/charts/cilium/README.md
@@ -1,6 +1,6 @@
 # cilium

-![Version: 1.14.9](https://img.shields.io/badge/Version-1.14.9-informational?style=flat-square) ![AppVersion: 1.14.9](https://img.shields.io/badge/AppVersion-1.14.9-informational?style=flat-square)
+![Version: 1.14.10](https://img.shields.io/badge/Version-1.14.10-informational?style=flat-square) ![AppVersion: 1.14.10](https://img.shields.io/badge/AppVersion-1.14.10-informational?style=flat-square)

 Cilium is open source software for providing and transparently securing
 network connectivity and loadbalancing between application workloads such as
@@ -131,7 +131,7 @@ contributors across the globe, there is almost always someone available to help.
 | bpf.tproxy | bool | `false` | Configure the eBPF-based TPROXY to reduce reliance on iptables rules for implementing Layer 7 policy. |
 | bpf.vlanBypass | list | `[]` | Configure explicitly allowed VLAN id's for bpf logic bypass. [0] will allow all VLAN id's without any filtering. |
 | bpfClockProbe | bool | `false` | Enable BPF clock source probing for more efficient tick retrieval. |
-| certgen | object | `{"annotations":{"cronJob":{},"job":{}},"extraVolumeMounts":[],"extraVolumes":[],"image":{"digest":"sha256:89a0847753686444daabde9474b48340993bd19c7bea66a46e45b2974b82041f","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/certgen","tag":"v0.1.9","useDigest":true},"podLabels":{},"tolerations":[],"ttlSecondsAfterFinished":1800}` | Configure certificate generation for Hubble integration. If hubble.tls.auto.method=cronJob, these values are used for the Kubernetes CronJob which will be scheduled regularly to (re)generate any certificates not provided manually. |
+| certgen | object | `{"annotations":{"cronJob":{},"job":{}},"extraVolumeMounts":[],"extraVolumes":[],"image":{"digest":"sha256:5586de5019abc104637a9818a626956cd9b1e827327b958186ec412ae3d5dea6","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/certgen","tag":"v0.1.11","useDigest":true},"podLabels":{},"tolerations":[],"ttlSecondsAfterFinished":1800}` | Configure certificate generation for Hubble integration. If hubble.tls.auto.method=cronJob, these values are used for the Kubernetes CronJob which will be scheduled regularly to (re)generate any certificates not provided manually. |
 | certgen.annotations | object | `{"cronJob":{},"job":{}}` | Annotations to be added to the hubble-certgen initial Job and CronJob |
 | certgen.extraVolumeMounts | list | `[]` | Additional certgen volumeMounts. |
 | certgen.extraVolumes | list | `[]` | Additional certgen volumes. |
@@ -155,12 +155,12 @@ contributors across the globe, there is almost always someone available to help.
 | clustermesh.apiserver.extraEnv | list | `[]` | Additional clustermesh-apiserver environment variables. |
 | clustermesh.apiserver.extraVolumeMounts | list | `[]` | Additional clustermesh-apiserver volumeMounts. |
 | clustermesh.apiserver.extraVolumes | list | `[]` | Additional clustermesh-apiserver volumes. |
-| clustermesh.apiserver.image | object | `{"digest":"sha256:5c16f8b8e22ce41e11998e70846fbcecea3a6b683a38253809ead8d871f6d8a3","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/clustermesh-apiserver","tag":"v1.14.9","useDigest":true}` | Clustermesh API server image. |
+| clustermesh.apiserver.image | object | `{"digest":"sha256:609fea274caa016f15646f6e0b0f1f7c56b238c551e7b261bc1e99ce64f7b798","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/clustermesh-apiserver","tag":"v1.14.10","useDigest":true}` | Clustermesh API server image. |
 | clustermesh.apiserver.kvstoremesh.enabled | bool | `false` | Enable KVStoreMesh. KVStoreMesh caches the information retrieved from the remote clusters in the local etcd instance. |
 | clustermesh.apiserver.kvstoremesh.extraArgs | list | `[]` | Additional KVStoreMesh arguments. |
 | clustermesh.apiserver.kvstoremesh.extraEnv | list | `[]` | Additional KVStoreMesh environment variables. |
 | clustermesh.apiserver.kvstoremesh.extraVolumeMounts | list | `[]` | Additional KVStoreMesh volumeMounts. |
-| clustermesh.apiserver.kvstoremesh.image | object | `{"digest":"sha256:9d9efb25806660f3663b9cd803fb8679f2b115763470002a9770e2c1eb1e5b22","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/kvstoremesh","tag":"v1.14.9","useDigest":true}` | KVStoreMesh image. |
+| clustermesh.apiserver.kvstoremesh.image | object | `{"digest":"sha256:871ec4e3b07401d90b4433c7e2b7210b9b0c5f1a536caab3d0281a5faeea5070","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/kvstoremesh","tag":"v1.14.10","useDigest":true}` | KVStoreMesh image. |
 | clustermesh.apiserver.kvstoremesh.resources | object | `{}` | Resource requests and limits for the KVStoreMesh container |
 | clustermesh.apiserver.kvstoremesh.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` | KVStoreMesh Security context |
 | clustermesh.apiserver.metrics.enabled | bool | `true` | Enables exporting apiserver metrics in OpenMetrics format. |
@@ -312,7 +312,7 @@ contributors across the globe, there is almost always someone available to help.
 | envoy.extraVolumes | list | `[]` | Additional envoy volumes. |
 | envoy.healthPort | int | `9878` | TCP port for the health API. |
 | envoy.idleTimeoutDurationSeconds | int | `60` | Set Envoy upstream HTTP idle connection timeout seconds. Does not apply to connections with pending requests. Default 60s |
-| envoy.image | object | `{"digest":"sha256:39b75548447978230dedcf25da8940e4d3540c741045ef391a8e74dbb9661a86","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium-envoy","tag":"v1.26.7-bbde4095997ea57ead209f56158790d47224a0f5","useDigest":true}` | Envoy container image. |
+| envoy.image | object | `{"digest":"sha256:d52f476c29a97c8b250fdbfbb8472191a268916f6a8503671d0da61e323b02cc","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium-envoy","tag":"v1.27.4-21905253931655328edaacf3cd16aeda73bbea2f","useDigest":true}` | Envoy container image. |
 | envoy.livenessProbe.failureThreshold | int | `10` | failure threshold of liveness probe |
 | envoy.livenessProbe.periodSeconds | int | `30` | interval between checks of the liveness probe |
 | envoy.log.format | string | `"[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v"` | The format string to use for laying out the log message metadata of Envoy. |
@@ -419,7 +419,7 @@ contributors across the globe, there is almost always someone available to help.
 | hubble.relay.extraVolumes | list | `[]` | Additional hubble-relay volumes. |
 | hubble.relay.gops.enabled | bool | `true` | Enable gops for hubble-relay |
 | hubble.relay.gops.port | int | `9893` | Configure gops listen port for hubble-relay |
-| hubble.relay.image | object | `{"digest":"sha256:f506f3c6e0a979437cde79eb781654fda4f10ddb5642cebc4dc81254cfb7eeaa","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-relay","tag":"v1.14.9","useDigest":true}` | Hubble-relay container image. |
+| hubble.relay.image | object | `{"digest":"sha256:c156c4fc2da520d2876142ea17490440b95431a1be755d2050e72115a495cfd0","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-relay","tag":"v1.14.10","useDigest":true}` | Hubble-relay container image. |
 | hubble.relay.listenHost | string | `""` | Host to listen to. Specify an empty string to bind to all the interfaces. |
 | hubble.relay.listenPort | string | `"4245"` | Port to listen to. |
 | hubble.relay.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector |
@@ -511,7 +511,7 @@ contributors across the globe, there is almost always someone available to help.
 | hubble.ui.updateStrategy | object | `{"rollingUpdate":{"maxUnavailable":1},"type":"RollingUpdate"}` | hubble-ui update strategy. |
 | identityAllocationMode | string | `"crd"` | Method to use for identity allocation (`crd` or `kvstore`). |
 | identityChangeGracePeriod | string | `"5s"` | Time to wait before using new identity on endpoint identity change. |
-| image | object | `{"digest":"sha256:4ef1eb7a3bc39d0fefe14685e6c0d4e01301c40df2a89bc93ffca9a1ab927301","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.14.9","useDigest":true}` | Agent container image. |
+| image | object | `{"digest":"sha256:0a1bcd2859c6d18d60dba6650cca8c707101716a3e47b126679040cbd621c031","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.14.10","useDigest":true}` | Agent container image. |
 | imagePullSecrets | string | `nil` | Configure image pull secrets for pulling container images |
 | ingressController.default | bool | `false` | Set cilium ingress controller to be the default ingress controller This will let cilium ingress controller route entries without ingress class set |
 | ingressController.defaultSecretName | string | `nil` | Default secret name for ingresses without .spec.tls[].secretName set. |
@@ -596,7 +596,7 @@ contributors across the globe, there is almost always someone available to help.
 | nodeinit.extraEnv | list | `[]` | Additional nodeinit environment variables. |
 | nodeinit.extraVolumeMounts | list | `[]` | Additional nodeinit volumeMounts. |
 | nodeinit.extraVolumes | list | `[]` | Additional nodeinit volumes. |
-| nodeinit.image | object | `{"override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/startup-script","tag":"62093c5c233ea914bfa26a10ba41f8780d9b737f"}` | node-init image. |
+| nodeinit.image | object | `{"digest":"sha256:e1d442546e868db1a3289166c14011e0dbd32115b338b963e56f830972bc22a2","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/startup-script","tag":"62093c5c233ea914bfa26a10ba41f8780d9b737f","useDigest":true}` | node-init image. |
 | nodeinit.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for nodeinit pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector |
 | nodeinit.podAnnotations | object | `{}` | Annotations to be added to node-init pods. |
 | nodeinit.podLabels | object | `{}` | Labels to be added to node-init pods. |
@@ -619,7 +619,7 @@ contributors across the globe, there is almost always someone available to help.
 | operator.extraVolumes | list | `[]` | Additional cilium-operator volumes. |
 | operator.identityGCInterval | string | `"15m0s"` | Interval for identity garbage collection. |
 | operator.identityHeartbeatTimeout | string | `"30m0s"` | Timeout for identity heartbeats. |
-| operator.image | object | `{"alibabacloudDigest":"sha256:765314779093b54750f83280f009229f20fe1f28466a633d9bb4143d2ad669c5","awsDigest":"sha256:041ad5b49ae63ba0f1974e1a1d9ebf9f52541cd2813088fa687f9d544125a1ec","azureDigest":"sha256:2d3b9d868eb03fa9256d34192a734a2abab283f527a9c97b7cefcd3401649d17","genericDigest":"sha256:1552d653870dd8ebbd16ee985a5497dd78a2097370978b0cfbd2da2072f30712","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/operator","suffix":"","tag":"v1.14.9","useDigest":true}` | cilium-operator image. |
+| operator.image | object | `{"alibabacloudDigest":"sha256:2fbb53c2fc9c7203db9065c4e6cedb8e98d32d5ebc64549949636b5344cd1f14","awsDigest":"sha256:72440aa4cb8a42dddb05cfc74c6fba0a18d0902b1e434f5dcde8dca0354a8be6","azureDigest":"sha256:404a46bb0a232c7d5ab7ab97a1d1a55635cdf0e334529a18d1ddb50f4aad71b4","genericDigest":"sha256:415b7f0bb0e7339c6231d4b9ee74a6a513b2865acfccec884dbc806ecc3dd909","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/operator","suffix":"","tag":"v1.14.10","useDigest":true}` | cilium-operator image. |
 | operator.nodeGCInterval | string | `"5m0s"` | Interval for cilium node garbage collection. |
 | operator.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for cilium-operator pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector |
 | operator.podAnnotations | object | `{}` | Annotations to be added to cilium-operator pods |
@@ -666,7 +666,7 @@ contributors across the globe, there is almost always someone available to help.
 | preflight.extraEnv | list | `[]` | Additional preflight environment variables. |
 | preflight.extraVolumeMounts | list | `[]` | Additional preflight volumeMounts. |
 | preflight.extraVolumes | list | `[]` | Additional preflight volumes. |
-| preflight.image | object | `{"digest":"sha256:4ef1eb7a3bc39d0fefe14685e6c0d4e01301c40df2a89bc93ffca9a1ab927301","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.14.9","useDigest":true}` | Cilium pre-flight image. |
+| preflight.image | object | `{"digest":"sha256:0a1bcd2859c6d18d60dba6650cca8c707101716a3e47b126679040cbd621c031","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.14.10","useDigest":true}` | Cilium pre-flight image. |
 | preflight.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for preflight pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector |
 | preflight.podAnnotations | object | `{}` | Annotations to be added to preflight pods |
 | preflight.podDisruptionBudget.enabled | bool | `false` | enable PodDisruptionBudget ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ |
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Andrei Kvapil	dff6066e59	Update kube-ovn v1.13.0-ge1310e17 and enable image building Signed-off-by: Andrei Kvapil <kvapss@gmail.com>	2024-05-24 17:41:38 +02:00
Marian Koreniuk	48df98230f	change hardcode for talos registry (#148 ) without this fix can't build project localy	2024-05-24 12:44:56 +02:00
Andrei Kvapil	5f01f30fe7	kubernetes: specify correct dns address (#147 )	2024-05-22 08:32:06 +02:00
Andrei Kvapil	2cf23364b4	kamaji: unhardcode cluster.local domain (#145 ) Signed-off-by: Andrei Kvapil <kvapss@gmail.com>	2024-05-21 11:23:10 +02:00
Andrei Kvapil	f30f7be6cc	Unhardcode cluster.local domain (#142 ) Allow using other domains for the cluster Signed-off-by: Andrei Kvapil <kvapss@gmail.com>	2024-05-21 11:22:54 +02:00
Andrei Kvapil	6cae6ce8ce	kubernetes: enable bpf masqurade and tunnel routing (#144 )	2024-05-21 11:22:37 +02:00
Andrei Kvapil	4a97e297d4	postgres: fix users and roles (#138 ) Signed-off-by: Andrei Kvapil <kvapss@gmail.com>	2024-05-21 02:29:49 +02:00
Marian Koreniuk	6abaf7c0fa	switched place -maxdepth im Makefiles (#140 )	2024-05-21 02:29:34 +02:00
Andrei Kvapil	2b00fcf8f9	etcd: enable autocompact and defrag (#137 ) Signed-off-by: Andrei Kvapil <kvapss@gmail.com>	2024-05-20 20:53:19 +02:00
Andrei Kvapil	007d414f0e	Prepare release v0.6.0 (#135 )	2024-05-16 16:11:37 +02:00
Andrei Kvapil	6fc1cc7d5d	etcd: Add quota-backend-bytes calculations (#133 )	2024-05-16 14:04:10 +02:00
Andrei Kvapil	7caccec11d	upd kubernetes (#134 ) * Allow root login without password * add ephemeral volumes for containerd and kubelet * update kubernetes application	2024-05-16 14:04:00 +02:00
Andrei Kvapil	c0685f4318	Prepare release v0.5.0 (#126 ) * Prepare release v0.5.0 * fix mariadb	2024-05-10 12:52:57 +02:00
Andrei Kvapil	a9c42c8ef0	Update mariadb-operator v0.28.1 (#124 )	2024-05-09 11:18:40 +02:00
Andrei Kvapil	0ea9ef3ae3	Update Cilium v1.14.10 (#125 )	2024-05-09 11:18:27 +02:00
Andrei Kvapil	4da8ac3b77	Add schema generation and remove default values (#110 ) * Add schema generation and remove default values * fix monitoring schema generation * fix default values Signed-off-by: Andrei Kvapil <kvapss@gmail.com>	2024-05-09 10:45:57 +02:00
Nikita	781a531f62	Installer rollout startegy tuned to allow downtime (#123 )	2024-05-09 10:44:43 +02:00
Andrei Kvapil	9c5318641d	Fix assets building (#121 )	2024-05-08 20:44:32 +02:00
Andrei Kvapil	53f2365e79	Fix: kubernetes and etcd-operator issues (#119 ) * Fix datastore creation depends on created secrets * Add basic topologySpreadConstraints * Fix kubernetes chart post-rendering * Update release images	2024-05-06 13:59:43 +02:00
Marian Koreniuk	9145be14c1	Merge pull request #117 from aenix-io/release-0.1.0v2 Prepare release v0.4.0	2024-05-06 09:25:39 +02:00