[dx] fix version_map generator to exclude duplicates

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-02-05 00:15:51 +00:00 · 2025-05-28 13:11:24 +02:00
18 changed files with 175 additions and 271 deletions
--- a/hack/e2e-apps.bats
+++ b/hack/e2e-apps.bats
@@ -23,7 +23,7 @@ EOF
  kubectl wait namespace tenant-test --timeout=20s --for=jsonpath='{.status.phase}'=Active
 }
-@test "Create a tenant Kubernetes cluster" {
+@test "Create a tenant Kubernetes control plane" {
  kubectl create -f - <<EOF
 apiVersion: apps.cozystack.io/v1alpha1
 kind: Kubernetes
@@ -90,5 +90,5 @@ EOF
  kubectl wait tcp -n tenant-test kubernetes-test --timeout=2m --for=jsonpath='{.status.kubernetesResources.version.status}'=Ready
  kubectl wait deploy --timeout=4m --for=condition=available -n tenant-test kubernetes-test kubernetes-test-cluster-autoscaler kubernetes-test-kccm kubernetes-test-kcsi-controller
  kubectl wait machinedeployment kubernetes-test-md0 -n tenant-test --timeout=1m --for=jsonpath='{.status.replicas}'=2
-  kubectl wait machinedeployment kubernetes-test-md0 -n tenant-test --timeout=8m --for=jsonpath='{.status.v1beta2.readyReplicas}'=2
+  kubectl wait machinedeployment kubernetes-test-md0 -n tenant-test --timeout=5m --for=jsonpath='{.status.v1beta2.readyReplicas}'=2
 }
--- a/hack/gen_versions_map.sh
+++ b/hack/gen_versions_map.sh
@@ -61,4 +61,4 @@ resolved_miss_map=$(
  done < $miss_map
 )
-printf "%s\n" "$new_map" "$resolved_miss_map" | sort -k1,1 -k2,2 -V | awk '$1' > "$file"
+printf "%s\n" "$new_map" "$resolved_miss_map" | sort -k1,1 -k2,2 -V | awk '!seen[$1, $2]++' > "$file"
--- a/packages/apps/ferretdb/templates/postgres.yaml
+++ b/packages/apps/ferretdb/templates/postgres.yaml
@@ -11,9 +11,6 @@ spec:
  {{- $rawConstraints := get $configMap.data "globalAppTopologySpreadConstraints" }}
  {{- if $rawConstraints }}
  {{- $rawConstraints | fromYaml | toYaml | nindent 2 }}
    labelSelector:
      matchLabels:
        cnpg.io/cluster: {{ .Release.Name }}-postgres
  {{- end }}
  {{- end }}
  minSyncReplicas: {{ .Values.quorum.minSyncReplicas }}
--- a/packages/apps/kubernetes/Chart.yaml
+++ b/packages/apps/kubernetes/Chart.yaml
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.21.0
+version: 0.20.1
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/packages/apps/kubernetes/README.md
+++ b/packages/apps/kubernetes/README.md
@@ -1,199 +1,77 @@
 # Managed Kubernetes Service
-## Managed Kubernetes in Cozystack
+## Overview
-Whenever you want to deploy a custom containerized application in Cozystack, it's best to deploy it to a managed Kubernetes cluster.
+The Managed Kubernetes Service offers a streamlined solution for efficiently managing server workloads. Kubernetes has emerged as the industry standard, providing a unified and accessible API, primarily utilizing YAML for configuration. This means that teams can easily understand and work with Kubernetes, streamlining infrastructure management.
-Cozystack deploys and manages Kubernetes-as-a-service as standalone applications within each tenant’s isolated environment.
+The Kubernetes leverages robust software design patterns, enabling continuous recovery in any scenario through the reconciliation method. Additionally, it ensures seamless scaling across a multitude of servers, addressing the challenges posed by complex and outdated APIs found in traditional virtualization platforms. This managed service eliminates the need for developing custom solutions or modifying source code, saving valuable time and effort.
 In Cozystack, such clusters are named tenant Kubernetes clusters, while the base Cozystack cluster is called a management or root cluster.
 Tenant clusters are fully separated from the management cluster and are intended for deploying tenant-specific or customer-developed applications.
-Within a tenant cluster, users can take advantage of LoadBalancer services and easily provision physical volumes as needed.                               
+## Deployment Details
 The control-plane operates within containers, while the worker nodes are deployed as virtual machines, all seamlessly managed by the application.
-## Why Use a Managed Kubernetes Cluster?
+The managed Kubernetes service deploys a standard Kubernetes cluster utilizing the Cluster API, Kamaji as control-plane provicer and the KubeVirt infrastructure provider. This ensures a consistent and reliable setup for workloads.
-Kubernetes has emerged as the industry standard, providing a unified and accessible API, primarily utilizing YAML for configuration.
+Within this cluster, users can take advantage of LoadBalancer services and easily provision physical volumes as needed. The control-plane operates within containers, while the worker nodes are deployed as virtual machines, all seamlessly managed by the application.
 This means that teams can easily understand and work with Kubernetes, streamlining infrastructure management.
-Kubernetes leverages robust software design patterns, enabling continuous recovery in any scenario through the reconciliation method.
+- Docs: https://github.com/clastix/kamaji
-Additionally, it ensures seamless scaling across a multitude of servers,
+- Docs: https://cluster-api.sigs.k8s.io/
-addressing the challenges posed by complex and outdated APIs found in traditional virtualization platforms.
+- GitHub: https://github.com/clastix/kamaji
-This managed service eliminates the need for developing custom solutions or modifying source code, saving valuable time and effort.
+- GitHub: https://github.com/kubernetes-sigs/cluster-api-provider-kubevirt
 - GitHub: https://github.com/kubevirt/csi-driver
 The Managed Kubernetes Service in Cozystack offers a streamlined solution for efficiently managing server workloads.
-## Starting Work
+## How-Tos
-Once the tenant Kubernetes cluster is ready, you can get a kubeconfig file to work with it.
+How to access to deployed cluster:
 It can be done via UI or a `kubectl` request:
-   Open the Cozystack dashboard, switch to your tenant, find and open the application page. Copy one of the config files from the **Secrets** section.
+```
-   Run the following command (using the management cluster kubeconfig):
+kubectl get secret -n <namespace> kubernetes-<clusterName>-admin-kubeconfig -o go-template='{{ printf "%s\n" (index .data "super-admin.conf" | base64decode) }}' > test
-
+```
    ```bash
    kubectl get secret -n tenant-<name> kubernetes-<clusterName>-admin-kubeconfig -o go-template='{{ printf "%s\n" (index .data "admin.conf" | base64decode) }}' > admin.conf
    ```
 There are several kubeconfig options available:
 -   `admin.conf` — The standard kubeconfig for accessing your new cluster.
    You can create additional Kubernetes users using this configuration.
 -   `admin.svc` — Same token as `admin.conf`, but with the API server address set to the internal service name.
    Use it for applications running inside the cluster that need API access.
 -   `super-admin.conf` — Similar to `admin.conf`, but with extended administrative permissions.
    Intended for troubleshooting and cluster maintenance tasks.
 -   `super-admin.svc` — Same as `super-admin.conf`, but pointing to the internal API server address.
 ## Implementation Details
 A tenant Kubernetes cluster in Cozystack is essentially Kubernetes-in-Kubernetes.
 Deploying it involves the following components:
 -   **Kamaji Control Plane**: [Kamaji](https://kamaji.clastix.io/) is an open-source project that facilitates the deployment
    of Kubernetes control planes as pods within a root cluster.
    Each control plane pod includes essential components like `kube-apiserver`, `controller-manager`, and `scheduler`,
    allowing for efficient multi-tenancy and resource utilization.
 -   **Etcd Cluster**: A dedicated etcd cluster is deployed using Ænix's [etcd-operator](https://github.com/aenix-io/etcd-operator).
    It provides reliable and scalable key-value storage for the Kubernetes control plane.
 -   **Worker Nodes**: Virtual Machines are provisioned to serve as worker nodes using KubeVirt.
    These nodes are configured to join the tenant Kubernetes cluster, enabling the deployment and management of workloads.
 -   **Cluster API**: Cozystack is using the [Kubernetes Cluster API](https://cluster-api.sigs.k8s.io/) to provision the components of a cluster.
 This architecture ensures isolated, scalable, and efficient tenant Kubernetes environments.
 See the reference for components utilized in this service:
 - [Kamaji Control Plane](https://kamaji.clastix.io)
 - [Kamaji — Cluster API](https://kamaji.clastix.io/cluster-api/)
 - [github.com/clastix/kamaji](https://github.com/clastix/kamaji)
 - [KubeVirt](https://kubevirt.io/)
 - [github.com/kubevirt/kubevirt](https://github.com/kubevirt/kubevirt)
 - [github.com/aenix-io/etcd-operator](https://github.com/aenix-io/etcd-operator)
 - [Kubernetes Cluster API](https://cluster-api.sigs.k8s.io/)
 - [github.com/kubernetes-sigs/cluster-api-provider-kubevirt](https://github.com/kubernetes-sigs/cluster-api-provider-kubevirt)
 - [github.com/kubevirt/csi-driver](https://github.com/kubevirt/csi-driver)
 ## Parameters
-### Common Parameters
+### Common parameters
-| Name                    | Description                                                                                                       | Value        |
+| Name                    | Description                                                                                                                            | Value        |
-| ----------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------ |
+| ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | ------------ |
-| `host`                  | Hostname used to access the Kubernetes cluster externally. Defaults to `<cluster-name>.<tenant-host>` when empty. | `""`         |
+| `host`                  | The hostname used to access the Kubernetes cluster externally (defaults to using the cluster name as a subdomain for the tenant host). | `""`         |
-| `controlPlane.replicas` | Number of replicas for Kubernetes control-plane components.                                                       | `2`          |
+| `controlPlane.replicas` | Number of replicas for Kubernetes control-plane components                                                                             | `2`          |
-| `storageClass`          | StorageClass used to store user data.                                                                             | `replicated` |
+| `storageClass`          | StorageClass used to store user data                                                                                                   | `replicated` |
-| `nodeGroups`            | nodeGroups configuration                                                                                          | `{}`         |
+| `nodeGroups`            | nodeGroups configuration                                                                                                               | `{}`         |
 ### Cluster Addons
-| Name                                          | Description                                                                                                                                                                       | Value   |
+| Name                                          | Description                                                                                                                                                       | Value   |
-| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
+| --------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
-| `addons.certManager.enabled`                  | Enable cert-manager, which automatically creates and manages SSL/TLS certificates.                                                                                                | `false` |
+| `addons.certManager.enabled`                  | Enables the cert-manager                                                                                                                                          | `false` |
-| `addons.certManager.valuesOverride`           | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.certManager.valuesOverride`           | Custom values to override                                                                                                                                         | `{}`    |
-| `addons.cilium.valuesOverride`                | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.cilium.valuesOverride`                | Custom values to override                                                                                                                                         | `{}`    |
-| `addons.gatewayAPI.enabled`                   | Enable the Gateway API                                                                                                                                                            | `false` |
+| `addons.gatewayAPI.enabled`                   | Enables the Gateway API                                                                                                                                           | `false` |
-| `addons.ingressNginx.enabled`                 | Enable the Ingress-NGINX controller (requires nodes labeled with the 'ingress-nginx' role).                                                                                       | `false` |
+| `addons.ingressNginx.enabled`                 | Enable Ingress-NGINX controller (expect nodes with 'ingress-nginx' role)                                                                                          | `false` |
-| `addons.ingressNginx.valuesOverride`          | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.ingressNginx.valuesOverride`          | Custom values to override                                                                                                                                         | `{}`    |
-| `addons.ingressNginx.hosts`                   | List of domain names that the parent cluster should route to this tenant cluster.                                                                                                 | `[]`    |
+| `addons.ingressNginx.hosts`                   | List of domain names that should be passed through to the cluster by upper cluster                                                                                | `[]`    |
-| `addons.gpuOperator.enabled`                  | Enable the GPU-operator                                                                                                                                                           | `false` |
+| `addons.gpuOperator.enabled`                  | Enables the gpu-operator                                                                                                                                          | `false` |
-| `addons.gpuOperator.valuesOverride`           | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.gpuOperator.valuesOverride`           | Custom values to override                                                                                                                                         | `{}`    |
-| `addons.fluxcd.enabled`                       | Enable FluxCD                                                                                                                                                                     | `false` |
+| `addons.fluxcd.enabled`                       | Enables Flux CD                                                                                                                                                   | `false` |
-| `addons.fluxcd.valuesOverride`                | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.fluxcd.valuesOverride`                | Custom values to override                                                                                                                                         | `{}`    |
-| `addons.monitoringAgents.enabled`             | Enable monitoring agents (Fluent Bit and VMAgents) to send logs and metrics. If tenant monitoring is enabled, data is sent to tenant storage; otherwise, it goes to root storage. | `false` |
+| `addons.monitoringAgents.enabled`             | Enables MonitoringAgents (fluentbit, vmagents for sending logs and metrics to storage) if tenant monitoring enabled, send to tenant storage, else to root storage | `false` |
-| `addons.monitoringAgents.valuesOverride`      | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.monitoringAgents.valuesOverride`      | Custom values to override                                                                                                                                         | `{}`    |
-| `addons.verticalPodAutoscaler.valuesOverride` | Custom values to override                                                                                                                                                         | `{}`    |
+| `addons.verticalPodAutoscaler.valuesOverride` | Custom values to override                                                                                                                                         | `{}`    |
-### Kubernetes Control Plane Configuration
+### Kubernetes control plane configuration
-| Name                                               | Description                                                                  | Value   |
+| Name                                               | Description                                                                                                                                                                                                       | Value   |
-| -------------------------------------------------- | ---------------------------------------------------------------------------- | ------- |
+| -------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
-| `controlPlane.apiServer.resources`                 | Explicit CPU/memory resource requests and limits for the API server.         | `{}`    |
+| `controlPlane.apiServer.resourcesPreset`           | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `small` |
-| `controlPlane.apiServer.resourcesPreset`           | Use a common resources preset when `resources` is not set explicitly.        | `small` |
+| `controlPlane.apiServer.resources`                 | Resources                                                                                                                                                                                                         | `{}`    |
-| `controlPlane.controllerManager.resources`         | Explicit CPU/memory resource requests and limits for the controller manager. | `{}`    |
+| `controlPlane.controllerManager.resources`         | Resources                                                                                                                                                                                                         | `{}`    |
-| `controlPlane.controllerManager.resourcesPreset`   | Use a common resources preset when `resources` is not set explicitly.        | `micro` |
+| `controlPlane.controllerManager.resourcesPreset`   | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `micro` |
-| `controlPlane.scheduler.resources`                 | Explicit CPU/memory resource requests and limits for the scheduler.          | `{}`    |
+| `controlPlane.scheduler.resourcesPreset`           | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `micro` |
-| `controlPlane.scheduler.resourcesPreset`           | Use a common resources preset when `resources` is not set explicitly.        | `micro` |
+| `controlPlane.scheduler.resources`                 | Resources                                                                                                                                                                                                         | `{}`    |
-| `controlPlane.konnectivity.server.resources`       | Explicit CPU/memory resource requests and limits for the Konnectivity.       | `{}`    |
+| `controlPlane.konnectivity.server.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `micro` |
-| `controlPlane.konnectivity.server.resourcesPreset` | Use a common resources preset when `resources` is not set explicitly.        | `micro` |
+| `controlPlane.konnectivity.server.resources`       | Resources                                                                                                                                                                                                         | `{}`    |
 In production environments, it's recommended to set `resources` explicitly.
 Example of `controlPlane.*.resources`:
-```yaml
+## U Series
 resources:
  limits:
    cpu: 4000m
    memory: 4Gi
  requests:
    cpu: 100m
    memory: 512Mi
 ```
 Allowed values for `controlPlane.*.resourcesPreset` are `none`, `nano`, `micro`, `small`, `medium`, `large`, `xlarge`, `2xlarge`.
 This value is ignored if the corresponding `resources` value is set. 
 ## Resources Reference
 ### instanceType Resources
 The following instanceType resources are provided by Cozystack:
 | Name          | vCPUs | Memory |
 |---------------|-------|--------|
 | `cx1.2xlarge` | 8     | 16Gi   |
 | `cx1.4xlarge` | 16    | 32Gi   |
 | `cx1.8xlarge` | 32    | 64Gi   |
 | `cx1.large`   | 2     | 4Gi    |
 | `cx1.medium`  | 1     | 2Gi    |
 | `cx1.xlarge`  | 4     | 8Gi    |
 | `gn1.2xlarge` | 8     | 32Gi   |
 | `gn1.4xlarge` | 16    | 64Gi   |
 | `gn1.8xlarge` | 32    | 128Gi  |
 | `gn1.xlarge`  | 4     | 16Gi   |
 | `m1.2xlarge`  | 8     | 64Gi   |
 | `m1.4xlarge`  | 16    | 128Gi  |
 | `m1.8xlarge`  | 32    | 256Gi  |
 | `m1.large`    | 2     | 16Gi   |
 | `m1.xlarge`   | 4     | 32Gi   |
 | `n1.2xlarge`  | 16    | 32Gi   |
 | `n1.4xlarge`  | 32    | 64Gi   |
 | `n1.8xlarge`  | 64    | 128Gi  |
 | `n1.large`    | 4     | 8Gi    |
 | `n1.medium`   | 4     | 4Gi    |
 | `n1.xlarge`   | 8     | 16Gi   |
 | `o1.2xlarge`  | 8     | 32Gi   |
 | `o1.4xlarge`  | 16    | 64Gi   |
 | `o1.8xlarge`  | 32    | 128Gi  |
 | `o1.large`    | 2     | 8Gi    |
 | `o1.medium`   | 1     | 4Gi    |
 | `o1.micro`    | 1     | 1Gi    |
 | `o1.nano`     | 1     | 512Mi  |
 | `o1.small`    | 1     | 2Gi    |
 | `o1.xlarge`   | 4     | 16Gi   |
 | `rt1.2xlarge` | 8     | 32Gi   |
 | `rt1.4xlarge` | 16    | 64Gi   |
 | `rt1.8xlarge` | 32    | 128Gi  |
 | `rt1.large`   | 2     | 8Gi    |
 | `rt1.medium`  | 1     | 4Gi    |
 | `rt1.micro`   | 1     | 1Gi    |
 | `rt1.small`   | 1     | 2Gi    |
 | `rt1.xlarge`  | 4     | 16Gi   |
 | `u1.2xlarge`  | 8     | 32Gi   |
 | `u1.2xmedium` | 2     | 4Gi    |
 | `u1.4xlarge`  | 16    | 64Gi   |
 | `u1.8xlarge`  | 32    | 128Gi  |
 | `u1.large`    | 2     | 8Gi    |
 | `u1.medium`   | 1     | 4Gi    |
 | `u1.micro`    | 1     | 1Gi    |
 | `u1.nano`     | 1     | 512Mi  |
 | `u1.small`    | 1     | 2Gi    |
 | `u1.xlarge`   | 4     | 16Gi   |
 ### U Series: Universal
 The U Series is quite neutral and provides resources for
 general purpose applications.
@@ -204,7 +82,7 @@ attitude towards workloads.
 VMs of instance types will share physical CPU cores on a
 time-slice basis with other VMs.
-#### U Series Characteristics
+### U Series Characteristics
 Specific characteristics of this series are:
 - *Burstable CPU performance* - The workload has a baseline compute
@@ -213,14 +91,14 @@ Specific characteristics of this series are:
 - *vCPU-To-Memory Ratio (1:4)* - A vCPU-to-Memory ratio of 1:4, for less
  noise per node.
-### O Series: Overcommitted
+## O Series
 The O Series is based on the U Series, with the only difference
 being that memory is overcommitted.
 *O* is the abbreviation for "Overcommitted".
-#### O Series Characteristics
+### UO Series Characteristics
 Specific characteristics of this series are:
 - *Burstable CPU performance* - The workload has a baseline compute
@@ -231,7 +109,7 @@ Specific characteristics of this series are:
 - *vCPU-To-Memory Ratio (1:4)* - A vCPU-to-Memory ratio of 1:4, for less
  noise per node.
-### CX Series: Compute Exclusive
+## CX Series
 The CX Series provides exclusive compute resources for compute
 intensive applications.
@@ -245,7 +123,7 @@ the IO threading from cores dedicated to the workload.
 In addition, in this series, the NUMA topology of the used
 cores is provided to the VM.
-#### CX Series Characteristics
+### CX Series Characteristics
 Specific characteristics of this series are:
 - *Hugepages* - Hugepages are used in order to improve memory
@@ -260,14 +138,14 @@ Specific characteristics of this series are:
  optimize guest sided cache utilization.
 - *vCPU-To-Memory Ratio (1:2)* - A vCPU-to-Memory ratio of 1:2.
-### M Series: Memory
+## M Series
 The M Series provides resources for memory intensive
 applications.
 *M* is the abbreviation of "Memory".
-#### M Series Characteristics
+### M Series Characteristics
 Specific characteristics of this series are:
 - *Hugepages* - Hugepages are used in order to improve memory
@@ -278,7 +156,7 @@ Specific characteristics of this series are:
 - *vCPU-To-Memory Ratio (1:8)* - A vCPU-to-Memory ratio of 1:8, for much
  less noise per node.
-### RT Series: RealTime
+## RT Series
 The RT Series provides resources for realtime applications, like Oslat.
@@ -287,7 +165,7 @@ The RT Series provides resources for realtime applications, like Oslat.
 This series of instance types requires nodes capable of running
 realtime applications.
-#### RT Series Characteristics
+### RT Series Characteristics
 Specific characteristics of this series are:
 - *Hugepages* - Hugepages are used in order to improve memory
@@ -301,3 +179,57 @@ Specific characteristics of this series are:
 - *vCPU-To-Memory Ratio (1:4)* - A vCPU-to-Memory ratio of 1:4 starting from
  the medium size.
 ## Resources
 The following instancetype resources are provided by Cozystack:
 Name | vCPUs | Memory
 -----|-------|-------
 cx1.2xlarge  |  8  |  16Gi
 cx1.4xlarge  |  16  |  32Gi
 cx1.8xlarge  |  32  |  64Gi
 cx1.large  |  2  |  4Gi
 cx1.medium  |  1  |  2Gi
 cx1.xlarge  |  4  |  8Gi
 gn1.2xlarge  |  8  |  32Gi
 gn1.4xlarge  |  16  |  64Gi
 gn1.8xlarge  |  32  |  128Gi
 gn1.xlarge  |  4  |  16Gi
 m1.2xlarge  |  8  |  64Gi
 m1.4xlarge  |  16  |  128Gi
 m1.8xlarge  |  32  |  256Gi
 m1.large  |  2  |  16Gi
 m1.xlarge  |  4  |  32Gi
 n1.2xlarge  |  16  |  32Gi
 n1.4xlarge  |  32  |  64Gi
 n1.8xlarge  |  64  |  128Gi
 n1.large  |  4  |  8Gi
 n1.medium  |  4  |  4Gi
 n1.xlarge  |  8  |  16Gi
 o1.2xlarge  |  8  |  32Gi
 o1.4xlarge  |  16  |  64Gi
 o1.8xlarge  |  32  |  128Gi
 o1.large  |  2  |  8Gi
 o1.medium  |  1  |  4Gi
 o1.micro  |  1  |  1Gi
 o1.nano  |  1  |  512Mi
 o1.small  |  1  |  2Gi
 o1.xlarge  |  4  |  16Gi
 rt1.2xlarge  |  8  |  32Gi
 rt1.4xlarge  |  16  |  64Gi
 rt1.8xlarge  |  32  |  128Gi
 rt1.large  |  2  |  8Gi
 rt1.medium  |  1  |  4Gi
 rt1.micro  |  1  |  1Gi
 rt1.small  |  1  |  2Gi
 rt1.xlarge  |  4  |  16Gi
 u1.2xlarge  |  8  |  32Gi
 u1.2xmedium  |  2  |  4Gi
 u1.4xlarge  |  16  |  64Gi
 u1.8xlarge  |  32  |  128Gi
 u1.large  |  2  |  8Gi
 u1.medium  |  1  |  4Gi
 u1.micro  |  1  |  1Gi
 u1.nano  |  1  |  512Mi
 u1.small  |  1  |  2Gi
 u1.xlarge  |  4  |  16Gi
--- a/packages/apps/kubernetes/templates/cluster.yaml
+++ b/packages/apps/kubernetes/templates/cluster.yaml
@@ -31,16 +31,6 @@ spec:
            {{- end }}
            cluster.x-k8s.io/deployment-name: {{ $.Release.Name }}-{{ .groupName }}
        spec:
          {{- $configMap := lookup "v1" "ConfigMap" "cozy-system" "cozystack-scheduling" }}
          {{- if $configMap }}
          {{- $rawConstraints := get $configMap.data "globalAppTopologySpreadConstraints" }}
          {{- if $rawConstraints }}
          {{- $rawConstraints | fromYaml | toYaml | nindent 10 }}
            labelSelector:
              matchLabels:
                cluster.x-k8s.io/cluster-name: {{ $.Release.Name }}
          {{- end }}
          {{- end }}
          domain:
            {{- if and .group.resources .group.resources.cpu }}
            cpu:
--- a/packages/apps/kubernetes/values.schema.json
+++ b/packages/apps/kubernetes/values.schema.json
@@ -4,7 +4,7 @@
  "properties": {
    "host": {
      "type": "string",
-      "description": "Hostname used to access the Kubernetes cluster externally. Defaults to `<cluster-name>.<tenant-host>` when empty.",
+      "description": "The hostname used to access the Kubernetes cluster externally (defaults to using the cluster name as a subdomain for the tenant host).",
      "default": ""
    },
    "controlPlane": {
@@ -12,20 +12,15 @@
      "properties": {
        "replicas": {
          "type": "number",
-          "description": "Number of replicas for Kubernetes control-plane components.",
+          "description": "Number of replicas for Kubernetes control-plane components",
          "default": 2
        },
        "apiServer": {
          "type": "object",
          "properties": {
            "resources": {
              "type": "object",
              "description": "Explicit CPU/memory resource requests and limits for the API server.",
              "default": {}
            },
            "resourcesPreset": {
              "type": "string",
-              "description": "Use a common resources preset when `resources` is not set explicitly.",
+              "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).",
              "default": "small",
              "enum": [
                "none",
@@ -37,6 +32,11 @@
                "xlarge",
                "2xlarge"
              ]
            },
            "resources": {
              "type": "object",
              "description": "Resources",
              "default": {}
            }
          }
        },
@@ -45,12 +45,12 @@
          "properties": {
            "resources": {
              "type": "object",
-              "description": "Explicit CPU/memory resource requests and limits for the controller manager.",
+              "description": "Resources",
              "default": {}
            },
            "resourcesPreset": {
              "type": "string",
-              "description": "Use a common resources preset when `resources` is not set explicitly.",
+              "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).",
              "default": "micro",
              "enum": [
                "none",
@@ -68,14 +68,9 @@
        "scheduler": {
          "type": "object",
          "properties": {
            "resources": {
              "type": "object",
              "description": "Explicit CPU/memory resource requests and limits for the scheduler.",
              "default": {}
            },
            "resourcesPreset": {
              "type": "string",
-              "description": "Use a common resources preset when `resources` is not set explicitly.",
+              "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).",
              "default": "micro",
              "enum": [
                "none",
@@ -87,6 +82,11 @@
                "xlarge",
                "2xlarge"
              ]
            },
            "resources": {
              "type": "object",
              "description": "Resources",
              "default": {}
            }
          }
        },
@@ -96,14 +96,9 @@
            "server": {
              "type": "object",
              "properties": {
                "resources": {
                  "type": "object",
                  "description": "Explicit CPU/memory resource requests and limits for the Konnectivity.",
                  "default": {}
                },
                "resourcesPreset": {
                  "type": "string",
-                  "description": "Use a common resources preset when `resources` is not set explicitly.",
+                  "description": "Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).",
                  "default": "micro",
                  "enum": [
                    "none",
@@ -115,6 +110,11 @@
                    "xlarge",
                    "2xlarge"
                  ]
                },
                "resources": {
                  "type": "object",
                  "description": "Resources",
                  "default": {}
                }
              }
            }
@@ -124,7 +124,7 @@
    },
    "storageClass": {
      "type": "string",
-      "description": "StorageClass used to store user data.",
+      "description": "StorageClass used to store user data",
      "default": "replicated"
    },
    "addons": {
@@ -135,7 +135,7 @@
          "properties": {
            "enabled": {
              "type": "boolean",
-              "description": "Enable cert-manager, which automatically creates and manages SSL/TLS certificates.",
+              "description": "Enables the cert-manager",
              "default": false
            },
            "valuesOverride": {
@@ -160,7 +160,7 @@
          "properties": {
            "enabled": {
              "type": "boolean",
-              "description": "Enable the Gateway API",
+              "description": "Enables the Gateway API",
              "default": false
            }
          }
@@ -170,7 +170,7 @@
          "properties": {
            "enabled": {
              "type": "boolean",
-              "description": "Enable the Ingress-NGINX controller (requires nodes labeled with the 'ingress-nginx' role).",
+              "description": "Enable Ingress-NGINX controller (expect nodes with 'ingress-nginx' role)",
              "default": false
            },
            "valuesOverride": {
@@ -180,7 +180,7 @@
            },
            "hosts": {
              "type": "array",
-              "description": "List of domain names that the parent cluster should route to this tenant cluster.",
+              "description": "List of domain names that should be passed through to the cluster by upper cluster",
              "default": [],
              "items": {}
            }
@@ -191,7 +191,7 @@
          "properties": {
            "enabled": {
              "type": "boolean",
-              "description": "Enable the GPU-operator",
+              "description": "Enables the gpu-operator",
              "default": false
            },
            "valuesOverride": {
@@ -206,7 +206,7 @@
          "properties": {
            "enabled": {
              "type": "boolean",
-              "description": "Enable FluxCD",
+              "description": "Enables Flux CD",
              "default": false
            },
            "valuesOverride": {
@@ -221,7 +221,7 @@
          "properties": {
            "enabled": {
              "type": "boolean",
-              "description": "Enable monitoring agents (Fluent Bit and VMAgents) to send logs and metrics. If tenant monitoring is enabled, data is sent to tenant storage; otherwise, it goes to root storage.",
+              "description": "Enables MonitoringAgents (fluentbit, vmagents for sending logs and metrics to storage) if tenant monitoring enabled, send to tenant storage, else to root storage",
              "default": false
            },
            "valuesOverride": {
--- a/packages/apps/kubernetes/values.yaml
+++ b/packages/apps/kubernetes/values.yaml
@@ -1,8 +1,8 @@
-## @section Common Parameters
+## @section Common parameters
-## @param host Hostname used to access the Kubernetes cluster externally. Defaults to `<cluster-name>.<tenant-host>` when empty.
+## @param host The hostname used to access the Kubernetes cluster externally (defaults to using the cluster name as a subdomain for the tenant host).
-## @param controlPlane.replicas Number of replicas for Kubernetes control-plane components.
+## @param controlPlane.replicas Number of replicas for Kubernetes control-plane components
-## @param storageClass StorageClass used to store user data.
+## @param storageClass StorageClass used to store user data
 ##
 host: ""
 storageClass: replicated
@@ -37,7 +37,7 @@ addons:
  ## Cert-manager: automatically creates and manages SSL/TLS certificate
  ##
  certManager:
-    ## @param addons.certManager.enabled Enable cert-manager, which automatically creates and manages SSL/TLS certificates.
+    ## @param addons.certManager.enabled Enables the cert-manager
    ## @param addons.certManager.valuesOverride Custom values to override
    enabled: false
    valuesOverride: {}
@@ -51,17 +51,17 @@ addons:
  ## Gateway API
  ##
  gatewayAPI:
-    ## @param addons.gatewayAPI.enabled Enable the Gateway API
+    ## @param addons.gatewayAPI.enabled Enables the Gateway API
    enabled: false
  ## Ingress-NGINX Controller
  ##
  ingressNginx:
-    ## @param addons.ingressNginx.enabled Enable the Ingress-NGINX controller (requires nodes labeled with the 'ingress-nginx' role).
+    ## @param addons.ingressNginx.enabled Enable Ingress-NGINX controller (expect nodes with 'ingress-nginx' role)
    ## @param addons.ingressNginx.valuesOverride Custom values to override
    ##
    enabled: false
-    ## @param addons.ingressNginx.hosts List of domain names that the parent cluster should route to this tenant cluster.
+    ## @param addons.ingressNginx.hosts List of domain names that should be passed through to the cluster by upper cluster
    ## e.g:
    ## hosts:
    ## - example.org
@@ -73,7 +73,7 @@ addons:
  ## GPU-operator: NVIDIA GPU Operator
  ##
  gpuOperator:
-    ## @param addons.gpuOperator.enabled Enable the GPU-operator
+    ## @param addons.gpuOperator.enabled Enables the gpu-operator
    ## @param addons.gpuOperator.valuesOverride Custom values to override
    enabled: false
    valuesOverride: {}
@@ -81,7 +81,7 @@ addons:
  ## Flux CD
  ##
  fluxcd:
-    ## @param addons.fluxcd.enabled Enable FluxCD
+    ## @param addons.fluxcd.enabled Enables Flux CD
    ## @param addons.fluxcd.valuesOverride Custom values to override
    ##
    enabled: false
@@ -90,7 +90,7 @@ addons:
  ## MonitoringAgents
  ##
  monitoringAgents:
-    ## @param addons.monitoringAgents.enabled Enable monitoring agents (Fluent Bit and VMAgents) to send logs and metrics. If tenant monitoring is enabled, data is sent to tenant storage; otherwise, it goes to root storage.
+    ## @param addons.monitoringAgents.enabled Enables MonitoringAgents (fluentbit, vmagents for sending logs and metrics to storage) if tenant monitoring enabled, send to tenant storage, else to root storage
    ## @param addons.monitoringAgents.valuesOverride Custom values to override
    ##
    enabled: false
@@ -103,15 +103,15 @@ addons:
    ##
    valuesOverride: {}
-## @section Kubernetes Control Plane Configuration
+## @section Kubernetes control plane configuration
 ##
 controlPlane:
  replicas: 2
  apiServer:
-    ## @param controlPlane.apiServer.resources Explicit CPU/memory resource requests and limits for the API server.
+    ## @param controlPlane.apiServer.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
-    ## @param controlPlane.apiServer.resourcesPreset Use a common resources preset when `resources` is not set explicitly.
+    ## @param controlPlane.apiServer.resources Resources
    ## e.g:
    ## resources:
    ##   limits:
@@ -125,20 +125,20 @@ controlPlane:
    resources: {}
  controllerManager:
-    ## @param controlPlane.controllerManager.resources Explicit CPU/memory resource requests and limits for the controller manager.
+    ## @param controlPlane.controllerManager.resources Resources
-    ## @param controlPlane.controllerManager.resourcesPreset Use a common resources preset when `resources` is not set explicitly.
+    ## @param controlPlane.controllerManager.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
    resourcesPreset: "micro"
    resources: {}
  scheduler:
-    ## @param controlPlane.scheduler.resources Explicit CPU/memory resource requests and limits for the scheduler.
+    ## @param controlPlane.scheduler.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
-    ## @param controlPlane.scheduler.resourcesPreset Use a common resources preset when `resources` is not set explicitly.
+    ## @param controlPlane.scheduler.resources Resources
    resourcesPreset: "micro"
    resources: {}
  konnectivity:
    server:
-      ## @param controlPlane.konnectivity.server.resources Explicit CPU/memory resource requests and limits for the Konnectivity.
+      ## @param controlPlane.konnectivity.server.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
-      ## @param controlPlane.konnectivity.server.resourcesPreset Use a common resources preset when `resources` is not set explicitly.
+      ## @param controlPlane.konnectivity.server.resources Resources
      resourcesPreset: "micro"
      resources: {}
--- a/packages/apps/postgres/Chart.yaml
+++ b/packages/apps/postgres/Chart.yaml
@@ -16,7 +16,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.12.0
+version: 0.11.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
--- a/packages/apps/postgres/templates/db.yaml
+++ b/packages/apps/postgres/templates/db.yaml
@@ -17,9 +17,6 @@ spec:
  {{- $rawConstraints := get $configMap.data "globalAppTopologySpreadConstraints" }}
  {{- if $rawConstraints }}
  {{- $rawConstraints | fromYaml | toYaml | nindent 2 }}
    labelSelector:
      matchLabels:
        cnpg.io/cluster: {{ .Release.Name }}
  {{- end }}
  {{- end }}
  postgresql:
--- a/packages/apps/versions_map
+++ b/packages/apps/versions_map
@@ -65,8 +65,7 @@ kubernetes 0.17.1 fd240701
 kubernetes 0.18.0 721c12a7
 kubernetes 0.19.0 93bdf411
 kubernetes 0.20.0 609e7ede
-kubernetes 0.20.1 f9f8bb2f
+kubernetes 0.20.1 HEAD
 kubernetes 0.21.0 HEAD
 mysql 0.1.0 263e47be
 mysql 0.2.0 c24a103f
 mysql 0.3.0 53f2365e
@@ -100,8 +99,7 @@ postgres 0.8.0 4e68e65c
 postgres 0.9.0 8267072d
 postgres 0.10.0 721c12a7
 postgres 0.10.1 93bdf411
-postgres 0.11.0 f9f8bb2f
+postgres 0.11.0 HEAD
 postgres 0.12.0 HEAD
 rabbitmq 0.1.0 263e47be
 rabbitmq 0.2.0 53f2365e
 rabbitmq 0.3.0 6c5cf5bf
--- a/packages/apps/virtual-machine/templates/service.yaml
+++ b/packages/apps/virtual-machine/templates/service.yaml
@@ -17,7 +17,7 @@ spec:
  selector:
    {{- include "virtual-machine.selectorLabels" . | nindent 4 }}
  ports:
-    {{- if and (eq .Values.externalMethod "WholeIP") (not .Values.externalPorts) }}
+    {{- if eq .Values.externalMethod "WholeIP" }}
    - port: 65535
    {{- else }}
    {{- range .Values.externalPorts }}
--- a/packages/apps/vm-instance/templates/service.yaml
+++ b/packages/apps/vm-instance/templates/service.yaml
@@ -17,7 +17,7 @@ spec:
  selector:
    {{- include "virtual-machine.selectorLabels" . | nindent 4 }}
  ports:
-    {{- if and (eq .Values.externalMethod "WholeIP") (not .Values.externalPorts) }}
+    {{- if eq .Values.externalMethod "WholeIP" }}
    - port: 65535
    {{- else }}
    {{- range .Values.externalPorts }}
--- a/packages/extra/monitoring/Chart.yaml
+++ b/packages/extra/monitoring/Chart.yaml
@@ -3,4 +3,4 @@ name: monitoring
 description: Monitoring and observability stack
 icon: /logos/monitoring.svg
 type: application
-version: 1.10.0
+version: 1.9.2
--- a/packages/extra/monitoring/templates/alerta/alerta-db.yaml
+++ b/packages/extra/monitoring/templates/alerta/alerta-db.yaml
@@ -10,9 +10,6 @@ spec:
  {{- $rawConstraints := get $configMap.data "globalAppTopologySpreadConstraints" }}
  {{- if $rawConstraints }}
  {{- $rawConstraints | fromYaml | toYaml | nindent 2 }}
    labelSelector:
      matchLabels:
        cnpg.io/cluster: alerta-db
  {{- end }}
  {{- end }}
  storage:
--- a/packages/extra/monitoring/templates/grafana/db.yaml
+++ b/packages/extra/monitoring/templates/grafana/db.yaml
@@ -11,9 +11,6 @@ spec:
  {{- $rawConstraints := get $configMap.data "globalAppTopologySpreadConstraints" }}
  {{- if $rawConstraints }}
  {{- $rawConstraints | fromYaml | toYaml | nindent 2 }}
    labelSelector:
      matchLabels:
        cnpg.io/cluster: grafana-db
  {{- end }}
  {{- end }}
  monitoring:
--- a/packages/extra/versions_map
+++ b/packages/extra/versions_map
@@ -38,8 +38,7 @@ monitoring 1.8.0 8c460528
 monitoring 1.8.1 8267072d
 monitoring 1.9.0 45a7416c
 monitoring 1.9.1 fd240701
-monitoring 1.9.2 f9f8bb2f
+monitoring 1.9.2 HEAD
 monitoring 1.10.0 HEAD
 seaweedfs 0.1.0 71514249
 seaweedfs 0.2.0 5fb9cfe3
 seaweedfs 0.2.1 fde4bcfa
--- a/packages/system/keycloak/templates/db.yaml
+++ b/packages/system/keycloak/templates/db.yaml
@@ -11,9 +11,6 @@ spec:
  {{- $rawConstraints := get $configMap.data "globalAppTopologySpreadConstraints" }}
  {{- if $rawConstraints }}
  {{- $rawConstraints | fromYaml | toYaml | nindent 2 }}
    labelSelector:
      matchLabels:
        cnpg.io/cluster: keycloak-db
  {{- end }}
  {{- end }}
  monitoring: