update local-path-provisioner

2025-10-29 17:42:47 +00:00 · 2024-11-22 18:05:10 +02:00
parent 312425562d
commit 23c6b7b602
5 changed files with 74 additions and 67 deletions
--- a/_deployments/vars/coredns-local.yaml
+++ b/_deployments/vars/coredns-local.yaml
@@ -38,7 +38,6 @@ data:
        }

        kubernetes cluster.local in-addr.arpa ip6.arpa {
-            endpoint https://api.cluster.local:6443
            kubeconfig /etc/coredns/kubeconfig.conf coredns
            pods insecure
            ttl 60
@@ -105,47 +104,47 @@ spec:
      serviceAccountName: coredns
      enableServiceLinks: false
      tolerations:
-      - effect: NoSchedule
-        key: node-role.kubernetes.io/control-plane
-        operator: Exists
-      - effect: NoSchedule
-        key: node.cloudprovider.kubernetes.io/uninitialized
-        operator: Exists
+        - effect: NoSchedule
+          key: node-role.kubernetes.io/control-plane
+          operator: Exists
+        - effect: NoSchedule
+          key: node.cloudprovider.kubernetes.io/uninitialized
+          operator: Exists
      hostNetwork: true
      containers:
-      - name: coredns
-        image: coredns/coredns:1.11.1
-        imagePullPolicy: IfNotPresent
-        resources:
-          limits:
-            cpu: 100m
-            memory: 128Mi
-          requests:
-            cpu: 50m
-            memory: 64Mi
-        args: [ "-conf", "/etc/coredns/Corefile.local" ]
-        volumeMounts:
-        - name: config-volume
-          mountPath: /etc/coredns
-          readOnly: true
-        livenessProbe:
-          httpGet:
-            host: 127.0.0.1
-            path: /health
-            port: 8091
-            scheme: HTTP
-          initialDelaySeconds: 60
-          periodSeconds: 10
-          successThreshold: 1
-          timeoutSeconds: 5
-        securityContext:
-          allowPrivilegeEscalation: false
-          capabilities:
-            add:
-            - NET_BIND_SERVICE
-            drop:
-            - all
-          readOnlyRootFilesystem: true
+        - name: coredns
+          image: coredns/coredns:1.11.1
+          imagePullPolicy: IfNotPresent
+          resources:
+            limits:
+              cpu: 100m
+              memory: 128Mi
+            requests:
+              cpu: 50m
+              memory: 64Mi
+          args: ["-conf", "/etc/coredns/Corefile.local"]
+          volumeMounts:
+            - name: config-volume
+              mountPath: /etc/coredns
+              readOnly: true
+          livenessProbe:
+            httpGet:
+              host: 127.0.0.1
+              path: /health
+              port: 8091
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              add:
+                - NET_BIND_SERVICE
+              drop:
+                - all
+            readOnlyRootFilesystem: true
      dnsPolicy: Default
      volumes:
        - name: config-volume
--- a/_deployments/vars/local-path-storage-result.yaml
+++ b/_deployments/vars/local-path-storage-result.yaml
@@ -7,9 +7,9 @@ metadata:
  namespace: local-path-storage
  labels:
    app.kubernetes.io/name: local-path-provisioner
-    helm.sh/chart: local-path-provisioner-0.0.25
+    helm.sh/chart: local-path-provisioner-0.0.30
    app.kubernetes.io/instance: local-path-provisioner
-    app.kubernetes.io/version: "v0.0.25"
+    app.kubernetes.io/version: "v0.0.30"
    app.kubernetes.io/managed-by: Helm
 imagePullSecrets:
 ---
@@ -21,9 +21,9 @@ metadata:
  namespace: local-path-storage
  labels:
    app.kubernetes.io/name: local-path-provisioner
-    helm.sh/chart: local-path-provisioner-0.0.25
+    helm.sh/chart: local-path-provisioner-0.0.30
    app.kubernetes.io/instance: local-path-provisioner
-    app.kubernetes.io/version: "v0.0.25"
+    app.kubernetes.io/version: "v0.0.30"
    app.kubernetes.io/managed-by: Helm
 data:
  config.json: |-
@@ -50,6 +50,7 @@ data:
    kind: Pod
    metadata:
      name: helper-pod
+      namespace: local-path-storage
    spec:
      priorityClassName: system-node-critical
      tolerations:
@@ -60,6 +61,10 @@ data:
        - name: helper-pod
          image: busybox:latest
          imagePullPolicy: IfNotPresent
+          resources:
+            requests:
+              cpu: 100m
+              memory: 64Mi
 ---
 # Source: local-path-provisioner/templates/storageclass.yaml
 apiVersion: storage.k8s.io/v1
@@ -68,9 +73,9 @@ metadata:
  name: local-path
  labels:
    app.kubernetes.io/name: local-path-provisioner
-    helm.sh/chart: local-path-provisioner-0.0.25
+    helm.sh/chart: local-path-provisioner-0.0.30
    app.kubernetes.io/instance: local-path-provisioner
-    app.kubernetes.io/version: "v0.0.25"
+    app.kubernetes.io/version: "v0.0.30"
    app.kubernetes.io/managed-by: Helm
  annotations:
    storageclass.kubernetes.io/is-default-class: "true"
@@ -87,9 +92,9 @@ metadata:
  name: local-path-provisioner
  labels:
    app.kubernetes.io/name: local-path-provisioner
-    helm.sh/chart: local-path-provisioner-0.0.25
+    helm.sh/chart: local-path-provisioner-0.0.30
    app.kubernetes.io/instance: local-path-provisioner
-    app.kubernetes.io/version: "v0.0.25"
+    app.kubernetes.io/version: "v0.0.30"
    app.kubernetes.io/managed-by: Helm
 rules:
  - apiGroups: [""]
@@ -112,9 +117,9 @@ metadata:
  name: local-path-provisioner
  labels:
    app.kubernetes.io/name: local-path-provisioner
-    helm.sh/chart: local-path-provisioner-0.0.25
+    helm.sh/chart: local-path-provisioner-0.0.30
    app.kubernetes.io/instance: local-path-provisioner
-    app.kubernetes.io/version: "v0.0.25"
+    app.kubernetes.io/version: "v0.0.30"
    app.kubernetes.io/managed-by: Helm
 roleRef:
  apiGroup: rbac.authorization.k8s.io
@@ -133,9 +138,9 @@ metadata:
  namespace: local-path-storage
  labels:
    app.kubernetes.io/name: local-path-provisioner
-    helm.sh/chart: local-path-provisioner-0.0.25
+    helm.sh/chart: local-path-provisioner-0.0.30
    app.kubernetes.io/instance: local-path-provisioner
-    app.kubernetes.io/version: "v0.0.25"
+    app.kubernetes.io/version: "v0.0.30"
    app.kubernetes.io/managed-by: Helm
 rules:
  - apiGroups: [""]
@@ -150,9 +155,9 @@ metadata:
  namespace: local-path-storage
  labels:
    app.kubernetes.io/name: local-path-provisioner
-    helm.sh/chart: local-path-provisioner-0.0.25
+    helm.sh/chart: local-path-provisioner-0.0.30
    app.kubernetes.io/instance: local-path-provisioner
-    app.kubernetes.io/version: "v0.0.25"
+    app.kubernetes.io/version: "v0.0.30"
    app.kubernetes.io/managed-by: Helm
 roleRef:
  apiGroup: rbac.authorization.k8s.io
@@ -171,9 +176,9 @@ metadata:
  namespace: local-path-storage
  labels:
    app.kubernetes.io/name: local-path-provisioner
-    helm.sh/chart: local-path-provisioner-0.0.25
+    helm.sh/chart: local-path-provisioner-0.0.30
    app.kubernetes.io/instance: local-path-provisioner
-    app.kubernetes.io/version: "v0.0.25"
+    app.kubernetes.io/version: "v0.0.30"
    app.kubernetes.io/managed-by: Helm
 spec:
  replicas: 1
@@ -185,7 +190,10 @@ spec:
    metadata:
      labels:
        app.kubernetes.io/name: local-path-provisioner
+        helm.sh/chart: local-path-provisioner-0.0.30
        app.kubernetes.io/instance: local-path-provisioner
+        app.kubernetes.io/version: "v0.0.30"
+        app.kubernetes.io/managed-by: Helm
    spec:
      serviceAccountName: local-path-provisioner
      securityContext:
@@ -202,7 +210,7 @@ spec:
            runAsUser: 65534
            seccompProfile:
              type: RuntimeDefault
-          image: "rancher/local-path-provisioner:v0.0.26"
+          image: "rancher/local-path-provisioner:v0.0.30"
          imagePullPolicy: IfNotPresent
          command:
            - local-path-provisioner
@@ -224,6 +232,8 @@ spec:
          env:
            - name: POD_NAMESPACE
              value: local-path-storage
+            - name: CONFIG_MOUNT_PATH
+              value: /etc/config/
          resources:
            limits:
              cpu: 50m
--- a/_deployments/vars/local-path-storage.yaml
+++ b/_deployments/vars/local-path-storage.yaml
@@ -1,8 +1,3 @@
-
-image:
-  repository: rancher/local-path-provisioner
-  tag: v0.0.26
-
 storageClass:
  create: true
  defaultClass: true
@@ -13,9 +8,6 @@ nodePathMap:
    paths:
      - /var/data

-configmap:
-  name: local-path-config
-
 securityContext:
  allowPrivilegeEscalation: false
  seccompProfile:
@@ -34,6 +26,12 @@ resources:
    cpu: 50m
    memory: 32Mi

+helperPod:
+  resources:
+    requests:
+      cpu: 100m
+      memory: 64Mi
+
 nodeSelector:
  node-role.kubernetes.io/control-plane: ""
 tolerations:
--- a/proxmox/common.tf
+++ b/proxmox/common.tf
@@ -15,7 +15,7 @@ resource "proxmox_virtual_environment_download_file" "talos" {
  # Hash: 376567988ad370138ad8b2698212367b8edcb69b5fd68c80be1f2ec7d603b4ba customization: {}
  # Hash: 14e9b0100f05654bedf19b92313cdc224cbff52879193d24f3741f1da4a3cbb1 customization: siderolabs/binfmt-misc
  decompression_algorithm = "zst"
-  url                     = "https://factory.talos.dev/image/376567988ad370138ad8b2698212367b8edcb69b5fd68c80be1f2ec7d603b4ba/v${var.release}/nocloud-amd64.raw.xz"
+  url                     = "https://factory.talos.dev/image/14e9b0100f05654bedf19b92313cdc224cbff52879193d24f3741f1da4a3cbb1/v${var.release}/nocloud-amd64.raw.xz"
 }

 resource "proxmox_virtual_environment_vm" "template" {
--- a/proxmox/variables.tf
+++ b/proxmox/variables.tf
@@ -26,7 +26,7 @@ variable "vpc_main_cidr" {
 variable "release" {
  type        = string
  description = "The version of the Talos image"
-  default     = "1.8.2"
+  default     = "1.8.3"
 }

 data "sops_file" "tfvars" {