Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[talos] Update Talos Linux v1.10.5
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated system firmware, microcode, and storage extension versions to
the latest releases across all installer profiles.
* Increased profile version from v1.10.3 to v1.10.5 for improved
component compatibility and reliability.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Added a new changelog template with predefined sections for consistent
release documentation.
* Published a detailed changelog for version 0.32.1, outlining major
features, fixes, dependency updates, documentation changes, testing
improvements, and CI/CD enhancements.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This PR prepares the release `v0.34.0-beta.1`.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated multiple container image versions and tags across various
components to newer releases, including several beta versions.
* Refreshed image digests to ensure the latest builds are used.
* Updated dashboard configuration to reflect the new app version.
* No changes to functionality or user interface.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Documentation**
- Added detailed changelog entries for versions 0.31.1 and 0.31.2,
highlighting recent fixes, improvements, and security updates.
- Included a summary of key changes, security fixes, and platform,
dashboard, and application enhancements.
- Provided links and references for further details on each release.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[cilium] Update Cilium v1.17.5
```
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[kube-ovn] Update Kube-OVN v1.13.14
```
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[kamaji] Update Kamaji edge-25.7.1 #
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Removed all Helm chart files, templates, configuration, documentation,
and related scripts for the Kamaji Etcd component.
* Deleted Kubernetes resource definitions, backup/defrag jobs,
monitoring, RBAC, and ServiceAccount templates associated with Kamaji
Etcd.
* Removed supporting patches and Makefiles for managing the Kamaji Etcd
Helm chart.
* All user-facing configuration and deployment options for Kamaji Etcd
via Helm are no longer available.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Depends on https://github.com/cozystack/cozystack/pull/1173
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[cozystack-api] Specify OpenAPI schema for apps
```
This PR updates Flux Operator to 0.24.0 - some changes have been
undertaken to make upgrading Flux on any version of the flux-operator
more reliable - these are related to `spec.distribution.artifact` which
I think you have already seen
https://fluxcd.control-plane.io/operator/fluxinstance/#distribution-artifact
May be relevant to air-gapped environments.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added support for specifying extra pod volumes and container volume
mounts via new configuration options in the Helm chart.
* Extended CRD schemas to support additional provider types, new
filtering options, and enhanced validation and authentication fields.
* Introduced new fields for improved authentication and workload
identity federation in CRDs.
* **Documentation**
* Updated README files to document new configuration options and reflect
the latest chart versions.
* **Chores**
* Bumped Helm chart and app versions to 0.24.0 for both operator and
instance charts.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- [kubevirt] Update KubeVirt v1.5.2
- [cdi] Update CDI v1.62.0
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[kubevirt] Update KubeVirt v1.5.2
[cdi] Update CDI v1.62.0
```
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[linstor] Update LINSTOR v1.31.2
```
This PR prepares the release `v0.33.2`.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated container image versions and digests for multiple components,
including cluster-autoscaler, kubevirt-cloud-provider,
kubevirt-csi-driver, cozystack installer, e2e service, matchbox,
s3manager, cozystackAPI, cozystack-controller, dashboard, kubeapps-apis,
Kamaji, kubeovn-webhook, kubeovn, and kubevirt-csi-node.
* Updated configuration fields to reflect new image versions where
applicable.
* No changes to user-facing features or functionality.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
This PR adds a post-processing hook that removes
application/strategic-merge-patch+json from every PATCH operation in the
generated OpenAPI v2/v3 specs.
Strategic-merge-patch (SMP) is never supported for CRDs, and our
aggregated API implementation can’t handle it either. When the spec
advertises SMP, kubectl picks that media-type by default and sends an
SMP body, which the apiserver then rejects with
unable to find api field in struct JSON for the json field ….
By dropping SMP from consumes / content:
* kubectl apply|patch … transparently falls back to
application/merge-patch+json or application/json-patch+json.
* Server-side-apply (kubectl apply --server-side …) keeps working via
application/apply-patch+yaml.
No changes are required on the handler side—only the advertised
media-types are updated.
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[cozystack-api] Disable startegic-json-patch support
```
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[cozystack-api] Fix updaing lists on cozystack objects
[cozystack-api] Refactor OpenAPI Schema
[cozystack-api] Support reading OpenAPI Schema from config
[cozystack-api] Disable startegic-json-patch support
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added support for dynamic OpenAPI schema post-processing for both
OpenAPI v2 and v3 specifications, enabling custom schema injection per
resource kind.
* Introduced a new configuration field to allow specifying a custom
OpenAPI schema.
* **Refactor**
* Streamlined OpenAPI schema handling by moving from inline logic to
modular post-processing functions.
* Implemented dynamic versioning for OpenAPI specs based on resource
configuration changes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What this PR does
Rephrase the descriptions for backup and restore variables
### Release note
```release-note
[docs] Add backup and restore instructions for PostgreSQL
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated PostgreSQL backup restore instructions to use a YAML
configuration approach for bootstrapping from a backup, replacing
previous shell command examples.
* Clarified and restructured backup and recovery documentation,
including detailed configuration examples for enabling backups with
S3-compatible storage.
* Improved descriptions and default values for backup-related
configuration parameters for better clarity and consistency.
* **Chores**
* Incremented the PostgreSQL app chart version.
* Updated version mapping for the PostgreSQL package.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
- make velero deletable
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Included the Velero Helm release in the pre-delete suspension process
to ensure proper cleanup during teardown.
* **Chores**
* Updated the Kubernetes application chart version to 0.25.2.
* Adjusted version mapping for improved tracking of releases.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Updated documentation across multiple applications to reflect a change
in the CPU allocation for the "large" resource preset from 3 CPUs to 2
CPUs. Memory allocation for this preset remains unchanged at 2Gi. No
other documentation changes were made.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
fixes https://github.com/cozystack/cozystack/issues/1148
This PR does two things:
1. **Fixes the cloud-init shebang**
(e1382f51c6)
Dashboard comments were removed unintentionally, which also stripped out
the cloud-init shebang. This fix puts it back.
2. **Improves cloudInit option handling**
The update refines how various cloudInit options are processed, whether
or not sshKeys are provided.
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[dashboard] Fix removing shebang for cloud init
[virtual-machine] Fix cloudInit and sshKeys processing
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Cloud-init configuration now supports providing SSH keys even when
explicit cloud-init data is not set, allowing for easier SSH access
setup.
* **Refactor**
* Simplified and unified the logic for handling cloud-init and SSH key
configuration in virtual machine templates, reducing complexity and
improving maintainability.
* **Chores**
* Updated the default commit reference for Kubeapps components to a
newer version in the dashboard build process.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
When you update lists in cozystack objects, you might face with the
error:
```
Warning: resource vminstances/mikrotik-demo is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used o
n resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
warning: error calculating patch from openapi v3 spec: unable to find api field "disks"
Error from server: error when applying patch:
{"metadata":{"annotations":{"kubectl.kubernetes.io/last-applied-configuration":"{\"apiVersion\":\"apps.cozystack.io/v1alpha1\",\"kind\":\"VMInstance\",\"metadata\":{\"annotations\":{},\"name
\":\"mikrotik-demo\",\"namespace\":\"tenant-vasya\"},\"spec\":{\"disks\":[{\"bus\":\"sata\",\"name\":\"mikrotik-system\"},{\"name\":\"mikrotik-iso\"}],\"instanceProfile\":\"ubuntu\",\"instan
ceType\":\"u1.medium\",\"running\":true}}\n"}},"spec":{"disks":[{"bus":"sata","name":"mikrotik-system"},{"name":"mikrotik-iso"}]}}
to:
Resource: "apps.cozystack.io/v1alpha1, Resource=vminstances", GroupVersionKind: "apps.cozystack.io/v1alpha1, Kind=VMInstance"
Name: "mikrotik-demo", Namespace: "tenant-vasya"
for: "/tmp/2": error when patching "/tmp/2": unable to find api field in struct JSON for the json field "disks"
```
This PR workarounds this.
Related to https://github.com/cozystack/cozystack/pull/1168
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[cozystack-api] Fix updaing lists on cozystack objects
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Enhancements**
* Made resource specifications more flexible by allowing any content
under the specification property for dynamically registered resource
kinds.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
This PR fixes error:
```
failed to update HelmRelease: helmreleases.helm.toolkit.fluxcd.io "xxx" is invalid: metadata.resourceVersion: Invalid value: 0x0: must be specified for an update
```
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[cozystack-api] Fix resourceVersion error
```
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[cozystack-api] Fix singular name for cozystack resources
```
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[vm-instance] Add bus option
[vm-instance] Always specify bootOrder for all disks
```
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
- vm and vmi add svc to dashboard
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Summary by CodeRabbit
* **New Features**
* Enhanced dashboard permissions to allow viewing and monitoring of
specific service resources in both the virtual-machine and vm-instance
applications.
* **Chores**
* Updated chart versions for virtual-machine (to 0.12.1) and vm-instance
(to 0.9.1).
* Refreshed version mappings for virtual-machine and vm-instance
components.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This PR prepares the release `v0.33.1`.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated container image tags and digests across multiple components to
newer patch versions, including cluster-autoscaler,
kubevirt-cloud-provider, kubevirt-csi-driver, cozystack installer, e2e
testing service, matchbox, s3manager, cozystackAPI,
cozystack-controller, dashboard, kubeapps, Kamaji, kubeovn-webhook,
kubeovn, and kubevirt-csi-node.
* Updated related configuration files to reflect the new image versions
and digests.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Restrict password change for user postgres
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated the chart version for Postgres from 0.16.0 to 0.17.0.
* Updated the versions map to reference the latest commit and added the
new version.
* **Bug Fixes**
* Enhanced initialization script to forbid creating a user named
"postgres," providing clear error messaging.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
## What this PR does
Following a [recent
update](0171916b01),
the KubeVirt CSI controller now needs new permissions to manage volumes
for tenant k8s clusters. This patch updates the role granted to the
kcsi-controller deployment of each tenant k8s cluster.
### Release note
```release-note
[kubevirt-csi] Update kcsi-controller role to align with the requirements of the version of the controller in use.
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Expanded permissions for Kubernetes infrastructure service accounts,
including enhanced access to virtual machines, volume snapshots, and
persistent volume claims.
* **Chores**
* Updated chart version to 0.25.1.
* Refreshed version mapping for the Kubernetes package.
* Made the CSI driver container image configurable via deployment
settings.
* Integrated CSI driver image reference into deployment configuration
automatically.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Following a [recent update](0171916b01),
the KubeVirt CSI controller now needs new permissions to manage volumes
for tenant k8s clusters.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
This PR prepares the release `v0.33.0`.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated container image versions and digests across multiple
components, including ClickHouse backup, nginx-cache,
cluster-autoscaler, kubevirt-cloud-provider, kubevirt-csi-driver,
mariadb-backup, Grafana, s3manager, and others.
* Upgraded image tags and digests for core and system services such as
the installer, API, controller, dashboard, Kamaji, kubeovn, and related
components.
* Updated configuration files to reflect new image versions and digests,
ensuring consistency across deployments.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Merge after https://github.com/cozystack/cozystack/pull/1117 and
https://github.com/cozystack/cozystack/pull/1155
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* Improved clarity and detail in parameter descriptions across multiple
app documentation files, especially for resource configuration options.
* Expanded explanations for `resources` and `resourcesPreset`
parameters, including explicit usage, allowed values, and fallback
behavior.
* Added new sections with YAML configuration examples and reference
tables for resource presets in several app READMEs.
* Corrected typos, improved formatting, and updated terminology for
better readability and consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- Change wording for `resources` and `resourcesPreset` variables.
- Explain and give exampls of other object-type variables,
if their child fields are not annotated.
- Fix a few typos, improve wording.
- Bump all application charts to ensure that new texts are shown
immediately after updating Cozystack.
Co-authored-by: Andrei Kvapil <kvapss@gmail.com>
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
## What this PR does
This patch passes Java heap parameters to Keycloak to prevent OOM errors
when the JVM lacks compatibility with cgroups v2 and fails to recognize
container memory requests and limits. A new function is introduced in
cozy-lib to calculate the heap parameters from requests and limits,
setting Xmx to 75% of the memory limit and Xms to the lesser of the
memory request or 25% of the memory limits.
## Release note
```release-note
[keycloak] Calculate and pass Java heap parameters explicitly to prevent OOM errors.
[cozy-lib] Introduce helper function to calculate Java heap params based on memory requests and limits.
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added automatic calculation and injection of Java heap size settings
for the Keycloak container, based on resource requests and limits.
* **Improvements**
* Enhanced resource handling to ensure all resource values are
consistently formatted and sanitized.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This patch passes Java heap parameters to Keycloak to prevent OOM errors
when the JVM lacks compatibility with cgroups v2 and fails to recognize
container memory requests and limits. A new function is introduced in
cozy-lib to calculate the heap parameters from requests and limits,
setting Xmx to 75% of the memory limit and Xms to the lesser of the
memory request or 25% of the memory limits.
Change log:
[keycloak] Calculate and pass Java heap parameters explicitly to prevent
OOM errors.
[cozy-lib] Introduce helper function to calculate Java heap params based
on memory requests and limits.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
## What this PR does
This patch removes the loophole to leave resource requests and limits
unspecified in managed apps. Any of cpu, memory, and ephemeral storage
are now filled in from the resource preset (default or user-specified)
if not explicitly specified in .Values.resources. "none" is no longer an
accepted value in resourcePresets and the primary resources now always
have some explicit value for proper billing and isolation.
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[platform] Always set resources for managed apps. "none" is no longer valid in resourcePresets, deployed apps now always have explicitly specified cpu, memory, ephemeral-storage requests and limits.
```
This patch removes the loophole to leave resource requests and limits
unspecified in managed apps. Any of cpu, memory, and ephemeral storage
are now filled in from the resource preset (default or user-specified)
if not explicitly specified in .Values.resources. "none" is no longer an
accepted value in resourcePresets and the primary resources now always
have some explicit value for proper billing and isolation.
Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added a process to list images used in the environment before deletion
during cleanup operations.
- **Chores**
- Enhanced environment cleanup workflow with improved visibility into
used images.
- Introduced a shared writable directory between host and container for
better file management during testing.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Add. missing commits from
https://github.com/cozystack/cozystack/pull/1127, which were skipped by
mistake
- [cozy-lib, bug] divf by cpu ratio, not mulf (#1125)
- [cozy-lib] remove handler for nested resources/requests map
- [cozy-lib] Introduce memory-allocation-ratio and
ephemeral-strorage-allocation-ratio options
- [system] Recuce resources for some system apps
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[cozy-lib] refactor resources
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Introduced support for memory and ephemeral storage allocation ratios,
allowing more flexible resource allocation.
* **Refactor**
* Simplified resource preset structure for easier configuration and
management.
* Updated resource preset logic to use a new sanitization process for
resource values.
* **Bug Fixes**
* Improved error handling for invalid resource preset keys.
* **Chores**
* Adjusted resource requests and limits for Redis master, FluxCD
operator, and Vertical Pod Autoscaler components to optimize resource
usage.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
* **Refactor**
* Updated the structure of resource presets for improved clarity and
processing.
* Adjusted template logic to streamline resource handling and removed
previous resource limit calculations.
* Modified template parameters to enhance flexibility in resource
processing.
* **Chores**
* Improved internal template invocation for better compatibility with
resource data.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
## What this PR does
This pr imports upstream fix for volume reattaching procedure
- https://github.com/kubevirt/csi-driver/pull/143
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[kubernetes] Fix dead-lock while reattaching a KubeVirt-CSI volume
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Improved volume management for virtual machines by adding checks to
skip unnecessary attach or detach operations when the volume is already
in the desired state.
* **Tests**
* Added new unit tests to verify optimized volume attach/detach
workflows and ensure fast-path logic is functioning correctly.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Use Golden Images to speed up VM / VMI deploy
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added support for using pre-imported "golden image" disks for virtual
machines, enabling faster provisioning by referencing existing images
instead of downloading via HTTP.
* Introduced a script to automate the import of golden images into the
system.
* **Improvements**
* Updated documentation and configuration to clarify and demonstrate how
to use golden images.
* Enhanced permission settings to support secure cloning of data
volumes.
* **Versioning**
* Updated vm-disk package to version 0.3.0.
* Updated virtual-machine app version to 0.12.0.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[]
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added Velero integration as an optional addon for Kubernetes cluster
backup and restore.
* Introduced configurable parameters to enable Velero and override its
settings.
* Included a comprehensive Helm chart, manifests, and configuration
files for deploying Velero.
* Added support for Velero-related Kubernetes resources, including
backup, restore, schedule, and data mover management.
* Enabled Prometheus monitoring and metrics for Velero components with
PodMonitor and ServiceMonitor support.
* Provided customizable backup storage and volume snapshot location
settings.
* Added automated Helm hooks for CRD upgrades and cleanup jobs.
* Included node-agent DaemonSet deployment for Velero.
* **Documentation**
* Updated documentation to describe new Velero addon parameters,
installation, upgrade, and usage instructions.
* **Chores**
* Incremented Kubernetes app chart version to reflect new features.
* Updated version mapping and bundle configurations to include Velero.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
- Allow to set socket count for VM and VMI
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added support for specifying the number of CPU sockets
(resources.sockets) in virtual machine configurations for both
virtual-machine and vm-instance applications.
* **Documentation**
* Updated documentation to describe the new resources.sockets parameter
and its role in defining vCPU topology.
* **Chores**
* Incremented chart versions for virtual-machine (to 0.12.0) and
vm-instance (to 0.9.0).
* Updated version mappings to reflect the latest releases.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated the tenant application version to 1.11.0.
* Updated version mapping for the tenant package.
* **Refactor**
* Improved the formatting and processing of resource quota
specifications in the Kubernetes manifest template.
* **Documentation**
* Simplified and clarified the example resource quota configuration in
the configuration file comments.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[]
```
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[dx] fix: exclude ps from self destructing enviroments check
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved process filtering to exclude both "qemu" and "ps" commands
when identifying external processes during testing.
* Updated error handling in installation tests to provide warnings
without failing the test immediately.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- Skip long workflows on PRs that only change files inside the `./docs`
directory.
- Not applicable to other docs in this repository, such as
`packages/apps/**/*.md`, as they're part of the build.
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[ci] Skip Cozystack tests on PRs that only change the docs
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated automated workflows to skip running on pull requests that only
modify documentation files, reducing unnecessary workflow runs.
* Refined workflow triggers to exclude events triggered by labeling pull
requests, streamlining automation processes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Added a new configuration option to choose the method for exposing the
Ingress-NGINX controller: "Proxied" or "LoadBalancer".
- **Documentation**
- Updated documentation to describe the new `exposeMethod` option and
clarified the conditions under which domain names are used.
- **Bug Fixes**
- Improved conditional logic to ensure Ingress resources are only
created when the appropriate expose method is selected.
- **Chores**
- Incremented the chart version to 0.25.0.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Improved reliability of automated testing workflows by adding retry
logic to key setup and test steps.
* Simplified resource management in end-to-end tests by switching to a
consistent apply command for creating or updating Kubernetes resources.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
ref to https://github.com/cozystack/cozystack/pull/1127,
https://github.com/clastix/kamaji/issues/856 and
https://github.com/aenix-io/etcd-operator/pull/291
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Updated etcd chart to version 2.9.0.
* **Improvements**
* Simplified etcd endpoint configuration to use a single static
endpoint.
* Expanded TLS certificate DNS names to include additional service
addresses.
* Streamlined resource configuration for etcd deployment.
* **Chores**
* Updated version mapping for etcd package.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[dx] Introduce cozyreport tool and enable collecting report in CI pipeline
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Introduced automated collection of detailed diagnostic reports from
Kubernetes clusters after test runs.
* Diagnostic reports are packaged and uploaded as artifacts for each
pull request.
* **Chores**
* Updated workflow to ensure cleanup steps wait until diagnostic report
collection is complete.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
- [cozy-lib, bug] divf by cpu ratio, not mulf
- [cozy-lib] remove handler for nested resources/requests map
- [cozy-lib] Introduce memory-allocation-ratio and
ephemeral-strorage-allocation-ratio options
- [system] Recuce resources for some system apps
- [hack] Add migration script for fixing nested resource maps
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Introduced a migration process to enhance resource configuration by
consolidating CPU and memory settings.
* System version is automatically updated to reflect the latest changes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[dx] better check for processes in self destructing enviroments
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated system image to include additional utilities for process
management.
* **Refactor**
* Simplified internal process filtering to improve reliability and
maintainability.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
<!-- Thank you for making a contribution! Here are some tips for you:
- Start the PR title with the [label] of Cozystack component:
- For system components: [platform], [system], [linstor], [cilium],
[kube-ovn], [dashboard], [cluster-api], etc.
- For managed apps: [apps], [tenant], [kubernetes], [postgres],
[virtual-machine] etc.
- For development and maintenance: [tests], [ci], [docs], [maintenance].
- If it's a work in progress, consider creating this PR as a draft.
- Don't hesistate to ask for opinion and review in the community chats,
even if it's still a draft.
- Add the label `backport` if it's a bugfix that needs to be backported
to a previous version.
-->
## What this PR does
### Release note
<!-- Write a release note:
- Explain what has changed internally and for users.
- Start with the same [label] as in the PR title
- Follow the guidelines at
https://github.com/kubernetes/community/blob/master/contributors/guide/release-notes.md.
-->
```release-note
[tests] Introduce self destructing environments
```
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Introduced a process-monitoring entrypoint script for end-to-end
testing containers, allowing for customizable timeout intervals.
* **Chores**
* Updated the Docker image used for end-to-end testing to the latest
available version.
* Modified Docker build context and container runtime options for
testing environments.
* Removed systemd timer and service management steps from workflow
automation.
* Added a new test to verify the presence of required installer assets
before running end-to-end tests.
* Removed redundant installer asset checks from cluster preparation
tests.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
I labeled my PR and CI was re-started, so now I have to wait even more.
We have no labels governing CI, so there's no reason to restart it on `labeled`.
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
- Skip long workflows on PRs that only change files inside `./docs` directory.
- Not applicable to other docs in this repository, such as `packages/apps/**/*.md`,
as they're part of the build.
Signed-off-by: Nick Volynkin <nick.volynkin@gmail.com>
* Resolve a security problem that allowed a tenant administrator to gain enhanced privileges outside the tenant. (@kvaps in https://github.com/cozystack/cozystack/pull/1062, backported in https://github.com/cozystack/cozystack/pull/1066)
## Fixes
* [platform] Fix dependencies in `distro-full` bundle. (@klinch0 in https://github.com/cozystack/cozystack/pull/1056, backported in https://github.com/cozystack/cozystack/pull/1064)
* [platform] Fix RBAC for annotating namespaces. (@kvaps in https://github.com/cozystack/cozystack/pull/1031, backported in https://github.com/cozystack/cozystack/pull/1037)
* [platform] Reduce system resource consumption by using smaller resource presets for VerticalPodAutoscaler, SeaweedFS, and KubeOVN. (@klinch0 in https://github.com/cozystack/cozystack/pull/1054, backported in https://github.com/cozystack/cozystack/pull/1058)
* [dashboard] Fix a number of issues in the Cozystack Dashboard (@kvaps in https://github.com/cozystack/cozystack/pull/1042, backported in https://github.com/cozystack/cozystack/pull/1066)
* [apps] Specify minimal working resource presets. (@kvaps in https://github.com/cozystack/cozystack/pull/1040, backported in https://github.com/cozystack/cozystack/pull/1041)
* [apps] Update built-in documentation and configuration reference for managed Clickhouse application. (@NickVolynkin in https://github.com/cozystack/cozystack/pull/1059, backported in https://github.com/cozystack/cozystack/pull/1065)
* [postgres] Introduce new functionality for backup and restore in PostgreSQL. (@klinch0 in https://github.com/cozystack/cozystack/pull/1086)
* [apps] Refactor resources in managed applications. (@kvaps in https://github.com/cozystack/cozystack/pull/1106)
* [system] Make VMAgent's `extraArgs` tunable. (@lllamnyp in https://github.com/cozystack/cozystack/pull/1091)
## Fixes
* [postgres] Escape users and database names. (@kvaps in https://github.com/cozystack/cozystack/pull/1087)
* [tenant] Fix monitoring agents HelmReleases for tenant clusters. (@klinch0 in https://github.com/cozystack/cozystack/pull/1079)
* [kubernetes] Wrap cert-manager CRDs in a conditional. (@lllamnyp in https://github.com/cozystack/cozystack/pull/1076)
* [kubernetes] Remove `useCustomSecretForPatchContainerd` option and enable it by default. (@kvaps in https://github.com/cozystack/cozystack/pull/1104)
* [apps] Increase default resource presets for Clickhouse and Kafka from `nano` to `small`. Update OpenAPI specs and readme's. (@kvaps in https://github.com/cozystack/cozystack/pull/1103 and https://github.com/cozystack/cozystack/pull/1105)
* [linstor] Add configurable DRBD network options for connection and timeout settings, replacing scripted logic for detecting devices that lost connection. (@kvaps in https://github.com/cozystack/cozystack/pull/1094)
## Dependencies
* Update cozy-proxy to v0.2.0 (@kvaps in https://github.com/cozystack/cozystack/pull/1081)
* Update Kafka Operator to 0.45.1-rc1 (@kvaps in https://github.com/cozystack/cozystack/pull/1082 and https://github.com/cozystack/cozystack/pull/1102)
* Update Flux Operator to 0.23.0 (@kingdonb in https://github.com/cozystack/cozystack/pull/1078)
## Documentation
* [docs] Release notes for v0.32.0 and two beta-versions. (@NickVolynkin in https://github.com/cozystack/cozystack/pull/1043)
## Development, Testing, and CI/CD
* [tests] Add Kafka, Redis. (@gwynbleidd2106 in https://github.com/cozystack/cozystack/pull/1077)
* [tests] Increase disk space for VMs in tests. (@kvaps in https://github.com/cozystack/cozystack/pull/1097)
* [tests] Upd Kubernetes v1.33. (@kvaps in https://github.com/cozystack/cozystack/pull/1083)
* [tests] increase postgres timeouts. (@kvaps in https://github.com/cozystack/cozystack/pull/1108)
* [tests] don't wait for postgres ro service. (@kvaps in https://github.com/cozystack/cozystack/pull/1109)
* [ci] Setup systemd timer to tear down sandbox. (@lllamnyp in https://github.com/cozystack/cozystack/pull/1092)
* [ci] Split testing job into several. (@lllamnyp in https://github.com/cozystack/cozystack/pull/1075)
* [ci] Run E2E tests as separate parallel jobs. (@lllamnyp in https://github.com/cozystack/cozystack/pull/1093)
* [ci] Refactor GitHub workflows. (@kvaps in https://github.com/cozystack/cozystack/pull/1107)
| `addons.fluxcd.valuesOverride` | Custom values to override | `{}` |
| `addons.monitoringAgents.enabled` | Enable monitoring agents (Fluent Bit and VMAgents) to send logs and metrics. If tenant monitoring is enabled, data is sent to tenant storage; otherwise, it goes to root storage. | `false` |
| `addons.monitoringAgents.valuesOverride` | Custom values to override | `{}` |
| `addons.verticalPodAutoscaler.valuesOverride` | Custom values to override | `{}` |
| `addons.certManager.enabled` | Enable cert-manager, which automatically creates and manages SSL/TLS certificates. | `false` |
| `addons.certManager.valuesOverride` | Custom values to override | `{}` |
| `addons.cilium.valuesOverride` | Custom values to override | `{}` |
| `addons.gatewayAPI.enabled` | Enable the Gateway API | `false` |
| `addons.ingressNginx.enabled` | Enable the Ingress-NGINX controller (requires nodes labeled with the 'ingress-nginx' role). | `false` |
| `addons.ingressNginx.valuesOverride` | Custom values to override | `{}` |
| `addons.ingressNginx.exposeMethod` | Method to expose the Ingress-NGINX controller. (allowed values: Proxied, LoadBalancer) | `Proxied` |
| `addons.ingressNginx.hosts` | List of domain names that the parent cluster should route to this tenant cluster. Taken into account only when `exposeMethod` is set to `Proxied`. | `[]` |
| `addons.gpuOperator.enabled` | Enable the GPU-operator | `false` |
| `addons.gpuOperator.valuesOverride` | Custom values to override | `{}` |
| `addons.fluxcd.valuesOverride` | Custom values to override | `{}` |
| `addons.monitoringAgents.enabled` | Enable monitoring agents (Fluent Bit and VMAgents) to send logs and metrics. If tenant monitoring is enabled, data is sent to tenant storage; otherwise, it goes to root storage. | `false` |
| `addons.monitoringAgents.valuesOverride` | Custom values to override | `{}` |
| `addons.verticalPodAutoscaler.valuesOverride` | Custom values to override | `{}` |
| `addons.velero.enabled` | Enable velero for backup and restore k8s cluster. | `false` |
| `addons.velero.valuesOverride` | Custom values to override | `{}` |
### Kubernetes Control Plane Configuration
@@ -134,19 +137,18 @@ resources:
memory: 4Gi
```
`resourcePreset` sets named CPU and memory configurations for each replica.
`resourcesPreset` sets named CPU and memory configurations for each replica.
This setting is ignored if the corresponding `resources` value is set.
| Preset name | CPU | memory |
|-------------|--------|---------|
| `nano` | `100m` | `128Mi` |
| `micro` | `250m` | `256Mi` |
| `small` | `500m` | `512Mi` |
| `medium` | `500m` | `1Gi` |
| `large` | `1` | `2Gi` |
| `xlarge` | `2` | `4Gi` |
| `2xlarge` | `4` | `8Gi` |
| `nano` | `250m` | `128Mi` |
| `micro` | `500m` | `256Mi` |
| `small` | `1` | `512Mi` |
| `medium` | `1` | `1Gi` |
| `large` | `2` | `2Gi` |
| `xlarge` | `4` | `4Gi` |
| `2xlarge` | `8` | `8Gi` |
### instanceType Resources
@@ -310,4 +312,3 @@ Specific characteristics of this series are:
workload.
- *vCPU-To-Memory Ratio (1:4)* - A vCPU-to-Memory ratio of 1:4 starting from
"description":"Method to expose the Ingress-NGINX controller. (allowed values: Proxied, LoadBalancer)",
"default":"Proxied",
"enum":[
"Proxied",
"LoadBalancer"
]
},
"hosts":{
"type":"array",
"description":"List of domain names that the parent cluster should route to this tenant cluster.",
"description":"List of domain names that the parent cluster should route to this tenant cluster. Taken into account only when `exposeMethod` is set to `Proxied`.",
"default":[],
"items":{}
}
@@ -240,6 +249,21 @@
"default":{}
}
}
},
"velero":{
"type":"object",
"properties":{
"enabled":{
"type":"boolean",
"description":"Enable velero for backup and restore k8s cluster.",
## @param addons.ingressNginx.valuesOverride Custom values to override
##
enabled:false
## @param addons.ingressNginx.hosts List of domain names that the parent cluster should route to this tenant cluster.
## @param addons.ingressNginx.exposeMethod Method to expose the Ingress-NGINX controller. (allowed values: Proxied, LoadBalancer)
## @param addons.ingressNginx.hosts List of domain names that the parent cluster should route to this tenant cluster. Taken into account only when `exposeMethod` is set to `Proxied`.
## e.g:
## hosts:
## - example.org
## - foo.example.net
##
exposeMethod:Proxied
hosts:[]
valuesOverride:{}
@@ -103,6 +105,15 @@ addons:
##
valuesOverride:{}
## Velero
##
velero:
## @param addons.velero.enabled Enable velero for backup and restore k8s cluster.
## @param addons.velero.valuesOverride Custom values to override
##
enabled:false
valuesOverride:{}
## @section Kubernetes Control Plane Configuration
To back up a PostgreSQL application, an external S3-compatible storage is required.
To start regular backups, update the application, setting `backup.enabled` to `true`, and fill in the path and credentials to an `backup.*`:
```yaml
## @param backup.enabled Enable regular backups
## @param backup.schedule Cron schedule for automated backups
## @param backup.retentionPolicy Retention policy
## @param backup.destinationPath Path to store the backup (i.e. s3://bucket/path/to/folder)
## @param backup.endpointURL S3 Endpoint used to upload data to the cloud
## @param backup.s3AccessKey Access key for S3, used for authentication
## @param backup.s3SecretKey Secret key for S3, used for authentication
backup:
enabled:false
retentionPolicy:30d
destinationPath:s3://bucket/path/to/folder/
endpointURL:http://minio-gateway-service:9000
schedule:"0 2 * * * *"
s3AccessKey:oobaiRus9pah8PhohL1ThaeTa4UVa7gu
s3SecretKey:ju3eum4dekeich9ahM1te8waeGai0oog
```
### How to recover a backup
CloudNativePG supports point-in-time-recovery.
Recovering a backup is done by creating a new database instance and restoring the data in it.
Create a new PostgreSQL application with a different name, but identical configuration.
Set `bootstrap.enabled` to `true` and fill in the name of the database instance to recover from and the recovery time:
```yaml
## @param bootstrap.enabled Restore database cluster from a backup
## @param bootstrap.recoveryTime Timestamp (PITR) up to which recovery will proceed, expressed in RFC 3339 format. If left empty, will restore latest
## @param bootstrap.oldName Name of database cluster before deleting
##
bootstrap:
enabled:false
recoveryTime:""# leave empty for latest or exact timestamp; example: 2020-11-26 15:22:00.00000+00
oldName:"<previous-postgres-instance>"
```
### How to switch primary/secondary replica
See the CloudNativePG docs, [Rolling Updates, section Manual Updates](https://cloudnative-pg.io/documentation/1.15/rolling_update/#manual-updates-supervised).
| `bootstrap.enabled` | Restore cluster from backup | `false` |
| `bootstrap.recoveryTime` | Timestamp up to which recovery will proceed, expressed in RFC 3339 format, if empty, will restore latest | `""` |
| `bootstrap.oldName` | Name of cluster before deleting | `""` |
| `bootstrap.enabled` | Restore database cluster from a backup | `false` |
| `bootstrap.recoveryTime` | Timestamp (PITR) up to which recovery will proceed, expressed in RFC 3339 format. If left empty, will restore latest | `""` |
| `bootstrap.oldName` | Name of database cluster before deleting | `""` |
| `resources` | Explicit CPU and memory configuration for each PostgreSQL replica. When left empty, the preset defined in `resourcesPreset` is applied. | `{}` |
| `resourcesPreset` | Default sizing preset used when `resources` is omitted. Allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge. | `micro` |
@@ -75,20 +119,18 @@ resources:
memory:4Gi
```
`resourcePreset` sets named CPU and memory configurations for each replica.
`resourcesPreset` sets named CPU and memory configurations for each replica.
This setting is ignored if the corresponding `resources` value is set.
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
