mirror of
https://github.com/cozystack/cozystack.git
synced 2026-03-16 11:58:56 +00:00
Compare commits
14 Commits
feat/envoy
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
37050922f2 | ||
|
|
7e0a059d34 | ||
|
|
ee8533647b | ||
|
|
b3f356a5ed | ||
|
|
ffd6e628e2 | ||
|
|
22f2e4f82a | ||
|
|
39df52542b | ||
|
|
2b60c010dd | ||
|
|
f906a0d8ad | ||
|
|
ee83aaa82e | ||
|
|
f647cfd7b9 | ||
|
|
941fb02cd1 | ||
|
|
f82f13bf32 | ||
|
|
1dd27f6b23 |
29
docs/changelogs/v1.0.5.md
Normal file
29
docs/changelogs/v1.0.5.md
Normal file
@@ -0,0 +1,29 @@
|
||||
<!--
|
||||
https://github.com/cozystack/cozystack/releases/tag/v1.0.5
|
||||
-->
|
||||
|
||||
## Fixes
|
||||
|
||||
* **[api] Fix spurious OpenAPI post-processing errors for non-apps group versions**: The API server no longer logs false errors while generating OpenAPI specs for core and other non-`apps.cozystack.io` group versions. The post-processor now exits early when the base `Application` schemas are absent, reducing noisy startup logs without affecting application schema generation ([**@kvaps**](https://github.com/kvaps) in #2212, #2216).
|
||||
|
||||
## Documentation
|
||||
|
||||
* **[website] Add `DependenciesNotReady` troubleshooting and correct packages management build target**: Added a troubleshooting guide for packages stuck in `DependenciesNotReady`, including how to inspect operator logs and identify missing dependencies, and fixed the outdated `make image-cozystack` command to `make image-packages` in the packages management guide ([**@kvaps**](https://github.com/kvaps) in cozystack/website#450).
|
||||
|
||||
* **[website] Clarify operator-first installation order**: Reordered the platform installation guide and tutorial so users install the Cozystack operator before preparing and applying the Platform Package, matching the rest of the installation docs and reducing setup confusion during fresh installs ([**@sircthulhu**](https://github.com/sircthulhu) in cozystack/website#449).
|
||||
|
||||
* **[website] Add automated installation guide for Ansible**: Added end-to-end documentation for deploying Cozystack with the `cozystack.installer` Ansible collection, including inventory examples, distro-specific playbooks, configuration reference, verification steps, and explicit version pinning guidance to help operators automate installs safely ([**@lexfrei**](https://github.com/lexfrei) in cozystack/website#442).
|
||||
|
||||
* **[website] Expand CA rotation operations guide**: Completed the CA rotation documentation with separate Talos and Kubernetes certificate rotation procedures, dry-run preview steps, and post-rotation guidance for fetching updated `talosconfig` and `kubeconfig` files after certificate changes ([**@kvaps**](https://github.com/kvaps) in cozystack/website#406).
|
||||
|
||||
* **[website] Improve backup operations documentation**: Enhanced the operator backup and recovery guide with clearer Velero enablement steps, concrete provider and bucket examples, and more useful commands for inspecting backups, schedules, restores, CRD status, and logs ([**@androndo**](https://github.com/androndo) in cozystack/website#440).
|
||||
|
||||
* **[website] Add custom metrics collection guide**: Added a monitoring guide showing how tenants can expose their own Prometheus exporters through `VMServiceScrape` and `VMPodScrape`, including namespace labeling requirements, example manifests, verification steps, and troubleshooting advice ([**@IvanHunters**](https://github.com/IvanHunters) in cozystack/website#444).
|
||||
|
||||
* **[website] Document PackageSource and Package architecture**: Added a Key Concepts reference covering `PackageSource` and `Package` reconciliation flow, dependency handling, update propagation, rollback behavior, FluxPlunger recovery, and the `cozypkg` CLI for package management ([**@IvanHunters**](https://github.com/IvanHunters) in cozystack/website#445).
|
||||
|
||||
* **[website] Refresh v1 application and platform documentation**: Fixed the documentation auto-update flow and published a broad v1 documentation refresh covering newly documented applications, updated naming and navigation, virtualization and platform content updates, and reorganized versioned docs pages ([**@myasnikovdaniil**](https://github.com/myasnikovdaniil) in cozystack/website#439).
|
||||
|
||||
---
|
||||
|
||||
**Full Changelog**: https://github.com/cozystack/cozystack/compare/v1.0.4...v1.0.5
|
||||
25
docs/changelogs/v1.1.2.md
Normal file
25
docs/changelogs/v1.1.2.md
Normal file
@@ -0,0 +1,25 @@
|
||||
<!--
|
||||
https://github.com/cozystack/cozystack/releases/tag/v1.1.2
|
||||
-->
|
||||
|
||||
## Fixes
|
||||
|
||||
* **[bucket] Fix S3 Manager endpoint mismatch with COSI credentials**: The S3 Manager UI previously constructed an `s3.<tenant>.<cluster-domain>` endpoint even though COSI-issued bucket credentials point to the root-level S3 endpoint. This caused login failures with "invalid credentials" despite valid secrets. The deployment now uses the actual endpoint from `BucketInfo`, with the old namespace-based endpoint kept only as a fallback before `BucketAccess` secrets exist ([**@IvanHunters**](https://github.com/IvanHunters) in #2211, #2215).
|
||||
|
||||
* **[platform] Fix spurious OpenAPI post-processing errors on cozystack-api startup**: The OpenAPI post-processor was being invoked for non-`apps.cozystack.io` group versions where the base `Application*` schemas do not exist, producing noisy startup errors on every API server launch. It now skips those non-apps group versions gracefully instead of returning an error ([**@kvaps**](https://github.com/kvaps) in #2212, #2217).
|
||||
|
||||
## Documentation
|
||||
|
||||
* **[website] Add troubleshooting for packages stuck in `DependenciesNotReady`**: Added an operations guide that explains how to diagnose missing package dependencies in operator logs and corrected the packages management development docs to use the current `make image-packages` target ([**@kvaps**](https://github.com/kvaps) in cozystack/website#450).
|
||||
|
||||
* **[website] Reorder installation docs to install the operator before the platform package**: Updated the platform installation guide and tutorial so the setup sequence consistently installs the Cozystack operator first, then prepares and applies the Platform Package, matching the rest of the documentation set ([**@sircthulhu**](https://github.com/sircthulhu) in cozystack/website#449).
|
||||
|
||||
* **[website] Add automated installation guide for the Ansible collection**: Added a full guide for deploying Cozystack with the `cozystack.installer` collection, including inventory examples, distro-specific playbooks, configuration reference, and explicit version pinning guidance ([**@lexfrei**](https://github.com/lexfrei) in cozystack/website#442).
|
||||
|
||||
* **[website] Expand monitoring and platform architecture reference docs**: Added a tenant custom metrics collection guide for `VMServiceScrape` and `VMPodScrape`, and documented `PackageSource`/`Package` architecture, reconciliation flow, rollback behavior, and the `cozypkg` workflow in Key Concepts ([**@IvanHunters**](https://github.com/IvanHunters) in cozystack/website#444, cozystack/website#445).
|
||||
|
||||
* **[website] Improve operations guides for CA rotation and Velero backups**: Completed the CA rotation documentation with dry-run and post-rotation credential retrieval steps, and expanded the backup configuration guide with concrete examples, verification commands, and clearer operator procedures ([**@kvaps**](https://github.com/kvaps) in cozystack/website#406; [**@androndo**](https://github.com/androndo) in cozystack/website#440).
|
||||
|
||||
---
|
||||
|
||||
**Full Changelog**: https://github.com/cozystack/cozystack/compare/v1.1.1...v1.1.2
|
||||
@@ -1,4 +1,4 @@
|
||||
KUBERNETES_VERSION = v1.35
|
||||
KUBERNETES_VERSIONS = $(shell awk -F'"' '{print $$2}' files/versions.yaml)
|
||||
KUBERNETES_PKG_TAG = $(shell awk '$$1 == "version:" {print $$2}' Chart.yaml)
|
||||
|
||||
include ../../../hack/common-envs.mk
|
||||
@@ -15,17 +15,19 @@ update:
|
||||
image: image-ubuntu-container-disk image-kubevirt-cloud-provider image-kubevirt-csi-driver image-cluster-autoscaler
|
||||
|
||||
image-ubuntu-container-disk:
|
||||
docker buildx build images/ubuntu-container-disk \
|
||||
--build-arg KUBERNETES_VERSION=${KUBERNETES_VERSION} \
|
||||
--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(KUBERNETES_VERSION)) \
|
||||
--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(KUBERNETES_VERSION)-$(TAG)) \
|
||||
--cache-from type=registry,ref=$(REGISTRY)/ubuntu-container-disk:latest \
|
||||
--cache-to type=inline \
|
||||
--metadata-file images/ubuntu-container-disk.json \
|
||||
$(BUILDX_ARGS)
|
||||
echo "$(REGISTRY)/ubuntu-container-disk:$(call settag,$(KUBERNETES_VERSION))@$$(yq e '."containerimage.digest"' images/ubuntu-container-disk.json -o json -r)" \
|
||||
> images/ubuntu-container-disk.tag
|
||||
rm -f images/ubuntu-container-disk.json
|
||||
$(foreach ver,$(KUBERNETES_VERSIONS), \
|
||||
docker buildx build images/ubuntu-container-disk \
|
||||
--build-arg KUBERNETES_VERSION=$(ver) \
|
||||
--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(ver)) \
|
||||
--tag $(REGISTRY)/ubuntu-container-disk:$(call settag,$(ver)-$(TAG)) \
|
||||
--cache-from type=registry,ref=$(REGISTRY)/ubuntu-container-disk:$(call settag,$(ver)) \
|
||||
--cache-to type=inline \
|
||||
--metadata-file images/ubuntu-container-disk-$(ver).json \
|
||||
$(BUILDX_ARGS) && \
|
||||
echo "$(REGISTRY)/ubuntu-container-disk:$(call settag,$(ver))@$$(yq e '."containerimage.digest"' images/ubuntu-container-disk-$(ver).json -o json -r)" \
|
||||
> images/ubuntu-container-disk-$(ver).tag && \
|
||||
rm -f images/ubuntu-container-disk-$(ver).json; \
|
||||
)
|
||||
|
||||
image-kubevirt-cloud-provider:
|
||||
docker buildx build images/kubevirt-cloud-provider \
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.30@sha256:8c2276f68beb67edf5bf76d6c97b271dd9303b336e1d5850ae2b91a590c9bb57
|
||||
@@ -0,0 +1 @@
|
||||
ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.31@sha256:2b631cd227bc9b1bae16de033830e756cd6590b512dc0d2b13367ee626f3e4ca
|
||||
@@ -0,0 +1 @@
|
||||
ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.32@sha256:600d6ce7df4eaa8cc79c7d6d1b01ecac43e7696beb84eafce752d9210a16455f
|
||||
@@ -0,0 +1 @@
|
||||
ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.33@sha256:243e55d6f2887a4f6ce8526de52fd083b7b88194d5c7f3eaa51b87efb557ac88
|
||||
@@ -0,0 +1 @@
|
||||
ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.34@sha256:ad8377d5644ba51729dc69dff4c9f6b4a48957075d054a58c61a45d0bb41f6af
|
||||
@@ -0,0 +1 @@
|
||||
ttl.sh/rjfkdsjflsk/ubuntu-container-disk:v1.35@sha256:1c2f2430383a9b9882358c60c194465c1b6092b4aa77536a0343cf74155c0067
|
||||
@@ -1 +0,0 @@
|
||||
ghcr.io/cozystack/cozystack/ubuntu-container-disk:v1.35@sha256:39f626c802dd84f95720ffb54fcd80dfb8a58ac280498870d0a1aa30d4252f94
|
||||
@@ -74,7 +74,7 @@ spec:
|
||||
volumes:
|
||||
- name: system
|
||||
containerDisk:
|
||||
image: "{{ $.Files.Get "images/ubuntu-container-disk.tag" | trim }}"
|
||||
image: "{{ $.Files.Get (printf "images/ubuntu-container-disk-%s.tag" $.Values.version) | trim }}"
|
||||
- name: ephemeral
|
||||
emptyDisk:
|
||||
capacity: {{ .group.ephemeralStorage | default "20Gi" }}
|
||||
@@ -249,6 +249,9 @@ spec:
|
||||
joinConfiguration:
|
||||
nodeRegistration:
|
||||
kubeletExtraArgs: {}
|
||||
# Ignore this for 1.31
|
||||
ignorePreflightErrors:
|
||||
- FileExisting-conntrack
|
||||
discovery:
|
||||
bootstrapToken:
|
||||
apiServerEndpoint: {{ $.Release.Name }}.{{ $.Release.Namespace }}.svc:6443
|
||||
|
||||
19
packages/core/platform/sources/cozystack-scheduler.yaml
Normal file
19
packages/core/platform/sources/cozystack-scheduler.yaml
Normal file
@@ -0,0 +1,19 @@
|
||||
---
|
||||
apiVersion: cozystack.io/v1alpha1
|
||||
kind: PackageSource
|
||||
metadata:
|
||||
name: cozystack.cozystack-scheduler
|
||||
spec:
|
||||
sourceRef:
|
||||
kind: OCIRepository
|
||||
name: cozystack-packages
|
||||
namespace: cozy-system
|
||||
path: /
|
||||
variants:
|
||||
- name: default
|
||||
components:
|
||||
- name: cozystack-scheduler
|
||||
path: system/cozystack-scheduler
|
||||
install:
|
||||
namespace: kube-system
|
||||
releaseName: cozystack-scheduler
|
||||
@@ -15,12 +15,6 @@ spec:
|
||||
- name: cilium
|
||||
dependsOn: []
|
||||
components:
|
||||
- name: gateway-api-crds
|
||||
path: system/gateway-api-crds
|
||||
install:
|
||||
namespace: cozy-gateway-api-crds
|
||||
releaseName: gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: cilium
|
||||
path: system/cilium
|
||||
valuesFiles:
|
||||
@@ -30,8 +24,7 @@ spec:
|
||||
privileged: true
|
||||
namespace: cozy-cilium
|
||||
releaseName: cilium
|
||||
dependsOn:
|
||||
- gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: cilium-networkpolicy
|
||||
path: system/cilium-networkpolicy
|
||||
install:
|
||||
@@ -43,12 +36,6 @@ spec:
|
||||
- name: cilium-kilo
|
||||
dependsOn: []
|
||||
components:
|
||||
- name: gateway-api-crds
|
||||
path: system/gateway-api-crds
|
||||
install:
|
||||
namespace: cozy-gateway-api-crds
|
||||
releaseName: gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: cilium
|
||||
path: system/cilium
|
||||
valuesFiles:
|
||||
@@ -59,8 +46,7 @@ spec:
|
||||
privileged: true
|
||||
namespace: cozy-cilium
|
||||
releaseName: cilium
|
||||
dependsOn:
|
||||
- gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: kilo
|
||||
path: system/kilo
|
||||
valuesFiles:
|
||||
@@ -76,12 +62,6 @@ spec:
|
||||
- name: cilium-generic
|
||||
dependsOn: []
|
||||
components:
|
||||
- name: gateway-api-crds
|
||||
path: system/gateway-api-crds
|
||||
install:
|
||||
namespace: cozy-gateway-api-crds
|
||||
releaseName: gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: cilium
|
||||
path: system/cilium
|
||||
valuesFiles:
|
||||
@@ -90,8 +70,7 @@ spec:
|
||||
privileged: true
|
||||
namespace: cozy-cilium
|
||||
releaseName: cilium
|
||||
dependsOn:
|
||||
- gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: cilium-networkpolicy
|
||||
path: system/cilium-networkpolicy
|
||||
install:
|
||||
@@ -103,12 +82,6 @@ spec:
|
||||
- name: kubeovn-cilium
|
||||
dependsOn: []
|
||||
components:
|
||||
- name: gateway-api-crds
|
||||
path: system/gateway-api-crds
|
||||
install:
|
||||
namespace: cozy-gateway-api-crds
|
||||
releaseName: gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: cilium
|
||||
path: system/cilium
|
||||
valuesFiles:
|
||||
@@ -119,8 +92,7 @@ spec:
|
||||
privileged: true
|
||||
namespace: cozy-cilium
|
||||
releaseName: cilium
|
||||
dependsOn:
|
||||
- gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: cilium-networkpolicy
|
||||
path: system/cilium-networkpolicy
|
||||
install:
|
||||
@@ -141,12 +113,6 @@ spec:
|
||||
- name: kubeovn-cilium-generic
|
||||
dependsOn: []
|
||||
components:
|
||||
- name: gateway-api-crds
|
||||
path: system/gateway-api-crds
|
||||
install:
|
||||
namespace: cozy-gateway-api-crds
|
||||
releaseName: gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: cilium
|
||||
path: system/cilium
|
||||
valuesFiles:
|
||||
@@ -156,8 +122,7 @@ spec:
|
||||
privileged: true
|
||||
namespace: cozy-cilium
|
||||
releaseName: cilium
|
||||
dependsOn:
|
||||
- gateway-api-crds
|
||||
dependsOn: []
|
||||
- name: cilium-networkpolicy
|
||||
path: system/cilium-networkpolicy
|
||||
install:
|
||||
|
||||
@@ -16,14 +16,10 @@
|
||||
{{- $kubeovnValues := dict "kube-ovn" $kubeovnDict -}}
|
||||
{{- $_ := set $networkingComponents "kubeovn" (dict "values" $kubeovnValues) -}}
|
||||
{{- /* For Talos (isp-full): use KubePrism endpoint and disable cgroup autoMount */ -}}
|
||||
{{- $ciliumDict := dict
|
||||
{{- $ciliumValues := dict "cilium" (dict
|
||||
"k8sServiceHost" "localhost"
|
||||
"k8sServicePort" "7445"
|
||||
"cgroup" (dict "autoMount" (dict "enabled" false)) -}}
|
||||
{{- if .Values.gateway.gatewayAPI -}}
|
||||
{{- $_ := set $ciliumDict "gatewayAPI" (dict "enabled" true) -}}
|
||||
{{- end -}}
|
||||
{{- $ciliumValues := dict "cilium" $ciliumDict -}}
|
||||
"cgroup" (dict "autoMount" (dict "enabled" false))) -}}
|
||||
{{- $_ := set $networkingComponents "cilium" (dict "values" $ciliumValues) -}}
|
||||
{{- end -}}
|
||||
{{include "cozystack.platform.package" (list "cozystack.networking" "kubeovn-cilium" $ $networkingComponents) }}
|
||||
@@ -87,14 +83,10 @@
|
||||
{{- $kubeovnValues := dict "kube-ovn" $kubeovnDict -}}
|
||||
{{- $_ := set $networkingComponents "kubeovn" (dict "values" $kubeovnValues) -}}
|
||||
{{- /* Cilium configuration - for generic k8s, always enable cgroup autoMount */ -}}
|
||||
{{- $ciliumDict := dict
|
||||
{{- $ciliumValues := dict "cilium" (dict
|
||||
"k8sServiceHost" $apiHost
|
||||
"k8sServicePort" $apiPort
|
||||
"cgroup" (dict "autoMount" (dict "enabled" true)) -}}
|
||||
{{- if .Values.gateway.gatewayAPI -}}
|
||||
{{- $_ := set $ciliumDict "gatewayAPI" (dict "enabled" true) -}}
|
||||
{{- end -}}
|
||||
{{- $ciliumValues := dict "cilium" $ciliumDict -}}
|
||||
"cgroup" (dict "autoMount" (dict "enabled" true))) -}}
|
||||
{{- $_ := set $networkingComponents "cilium" (dict "values" $ciliumValues) -}}
|
||||
{{- end -}}
|
||||
{{- /* Use kubeovn-cilium-generic variant (no values-talos.yaml) */ -}}
|
||||
@@ -126,12 +118,7 @@
|
||||
{{- end }}
|
||||
|
||||
# Common Packages
|
||||
{{- $certManagerComponents := dict -}}
|
||||
{{- if .Values.gateway.gatewayAPI -}}
|
||||
{{- $certManagerValues := dict "cert-manager" (dict "config" (dict "enableGatewayAPI" true)) -}}
|
||||
{{- $_ := set $certManagerComponents "cert-manager" (dict "values" $certManagerValues) -}}
|
||||
{{- end -}}
|
||||
{{include "cozystack.platform.package" (list "cozystack.cert-manager" "default" $ $certManagerComponents) }}
|
||||
{{include "cozystack.platform.package.default" (list "cozystack.cert-manager" $) }}
|
||||
{{include "cozystack.platform.package.default" (list "cozystack.flux-plunger" $) }}
|
||||
{{include "cozystack.platform.package.default" (list "cozystack.victoria-metrics-operator" $) }}
|
||||
{{- $tenantComponents := dict -}}
|
||||
@@ -161,16 +148,7 @@
|
||||
# Optional System Packages (controlled via bundles.enabledPackages)
|
||||
{{include "cozystack.platform.package.optional.default" (list "cozystack.nfs-driver" $) }}
|
||||
{{include "cozystack.platform.package.optional.default" (list "cozystack.telepresence" $) }}
|
||||
{{- $externalDnsComponents := dict -}}
|
||||
{{- if .Values.gateway.gatewayAPI -}}
|
||||
{{- $externalDnsValues := dict "external-dns" (dict "sources" (list "service" "ingress" "gateway-httproute")) -}}
|
||||
{{- $_ := set $externalDnsComponents "external-dns" (dict "values" $externalDnsValues) -}}
|
||||
{{- end -}}
|
||||
{{- $disabled := default (list) .Values.bundles.disabledPackages -}}
|
||||
{{- $enabled := default (list) .Values.bundles.enabledPackages -}}
|
||||
{{- if and (has "cozystack.external-dns" $enabled) (not (has "cozystack.external-dns" $disabled)) -}}
|
||||
{{include "cozystack.platform.package" (list "cozystack.external-dns" "default" $ $externalDnsComponents) }}
|
||||
{{- end }}
|
||||
{{include "cozystack.platform.package.optional.default" (list "cozystack.external-dns" $) }}
|
||||
{{include "cozystack.platform.package.optional.default" (list "cozystack.external-dns-application" $) }}
|
||||
{{include "cozystack.platform.package.optional.default" (list "cozystack.external-secrets-operator" $) }}
|
||||
{{- if has "cozystack.bootbox" (default (list) .Values.bundles.enabledPackages) }}
|
||||
@@ -178,5 +156,6 @@
|
||||
{{include "cozystack.platform.package.default" (list "cozystack.bootbox" $) }}
|
||||
{{- end }}
|
||||
{{include "cozystack.platform.package.optional.default" (list "cozystack.hetzner-robotlb" $) }}
|
||||
{{include "cozystack.platform.package.optional.default" (list "cozystack.cozystack-scheduler" $) }}
|
||||
|
||||
{{- end }}
|
||||
|
||||
@@ -34,12 +34,6 @@ networking:
|
||||
# Set this to comma-separated list of master node IPs to override.
|
||||
kubeovn:
|
||||
MASTER_NODES: ""
|
||||
# Gateway configuration
|
||||
# ingress and gatewayAPI can be enabled independently;
|
||||
# future work will wire gateway.ingress into ingress controller selection
|
||||
gateway:
|
||||
ingress: true
|
||||
gatewayAPI: false
|
||||
# Service publishing and ingress configuration
|
||||
publishing:
|
||||
host: "example.org"
|
||||
|
||||
@@ -1,3 +1,12 @@
|
||||
{{- $endpoint := printf "s3.%s" .Values._namespace.host }}
|
||||
{{- range $name, $user := .Values.users }}
|
||||
{{- $secretName := printf "%s-%s" $.Values.bucketName $name }}
|
||||
{{- $existingSecret := lookup "v1" "Secret" $.Release.Namespace $secretName }}
|
||||
{{- if $existingSecret }}
|
||||
{{- $bucketInfo := fromJson (b64dec (index $existingSecret.data "BucketInfo")) }}
|
||||
{{- $endpoint = trimPrefix "https://" (index $bucketInfo.spec.secretS3 "endpoint") }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
@@ -17,6 +26,6 @@ spec:
|
||||
image: "{{ $.Files.Get "images/s3manager.tag" | trim }}"
|
||||
env:
|
||||
- name: ENDPOINT
|
||||
value: "s3.{{ .Values._namespace.host }}"
|
||||
value: {{ $endpoint | quote }}
|
||||
- name: SKIP_SSL_VERIFICATION
|
||||
value: "true"
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
cert-manager: {}
|
||||
|
||||
3
packages/system/cozystack-scheduler/Chart.yaml
Normal file
3
packages/system/cozystack-scheduler/Chart.yaml
Normal file
@@ -0,0 +1,3 @@
|
||||
apiVersion: v2
|
||||
name: cozy-cozystack-scheduler
|
||||
version: 0.1.0
|
||||
10
packages/system/cozystack-scheduler/Makefile
Normal file
10
packages/system/cozystack-scheduler/Makefile
Normal file
@@ -0,0 +1,10 @@
|
||||
export NAME=cozystack-scheduler
|
||||
export NAMESPACE=kube-system
|
||||
|
||||
include ../../../hack/package.mk
|
||||
|
||||
update:
|
||||
rm -rf crds templates values.yaml Chart.yaml
|
||||
tag=$$(git ls-remote --tags --sort="v:refname" https://github.com/cozystack/cozystack-scheduler | awk -F'[/^]' 'END{print $$3}') && \
|
||||
curl -sSL https://github.com/cozystack/cozystack-scheduler/archive/refs/tags/$${tag}.tar.gz | \
|
||||
tar xzvf - --strip 2 cozystack-scheduler-$${tag#*v}/chart
|
||||
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,9 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: cozystack-scheduler
|
||||
rules:
|
||||
- apiGroups: ["cozystack.io"]
|
||||
resources:
|
||||
- schedulingclasses
|
||||
verbs: ["get", "list", "watch"]
|
||||
@@ -0,0 +1,38 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: cozystack-scheduler:kube-scheduler
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: system:kube-scheduler
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: cozystack-scheduler
|
||||
namespace: {{ .Release.Namespace }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: cozystack-scheduler:volume-scheduler
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: system:volume-scheduler
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: cozystack-scheduler
|
||||
namespace: {{ .Release.Namespace }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: cozystack-scheduler
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: cozystack-scheduler
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: cozystack-scheduler
|
||||
namespace: {{ .Release.Namespace }}
|
||||
54
packages/system/cozystack-scheduler/templates/configmap.yaml
Normal file
54
packages/system/cozystack-scheduler/templates/configmap.yaml
Normal file
@@ -0,0 +1,54 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: cozystack-scheduler-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
data:
|
||||
scheduler-config.yaml: |
|
||||
apiVersion: kubescheduler.config.k8s.io/v1
|
||||
kind: KubeSchedulerConfiguration
|
||||
leaderElection:
|
||||
leaderElect: true
|
||||
resourceNamespace: {{ .Release.Namespace }}
|
||||
resourceName: cozystack-scheduler
|
||||
profiles:
|
||||
- schedulerName: cozystack-scheduler
|
||||
plugins:
|
||||
preFilter:
|
||||
disabled:
|
||||
- name: InterPodAffinity
|
||||
- name: NodeAffinity
|
||||
- name: PodTopologySpread
|
||||
enabled:
|
||||
- name: CozystackInterPodAffinity
|
||||
- name: CozystackNodeAffinity
|
||||
- name: CozystackPodTopologySpread
|
||||
- name: CozystackSchedulingClass
|
||||
filter:
|
||||
disabled:
|
||||
- name: InterPodAffinity
|
||||
- name: NodeAffinity
|
||||
- name: PodTopologySpread
|
||||
enabled:
|
||||
- name: CozystackInterPodAffinity
|
||||
- name: CozystackNodeAffinity
|
||||
- name: CozystackPodTopologySpread
|
||||
- name: CozystackSchedulingClass
|
||||
preScore:
|
||||
disabled:
|
||||
- name: InterPodAffinity
|
||||
- name: NodeAffinity
|
||||
- name: PodTopologySpread
|
||||
enabled:
|
||||
- name: CozystackInterPodAffinity
|
||||
- name: CozystackNodeAffinity
|
||||
- name: CozystackPodTopologySpread
|
||||
score:
|
||||
disabled:
|
||||
- name: InterPodAffinity
|
||||
- name: NodeAffinity
|
||||
- name: PodTopologySpread
|
||||
enabled:
|
||||
- name: CozystackInterPodAffinity
|
||||
- name: CozystackNodeAffinity
|
||||
- name: CozystackPodTopologySpread
|
||||
@@ -0,0 +1,37 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: cozystack-scheduler
|
||||
namespace: {{ .Release.Namespace }}
|
||||
spec:
|
||||
replicas: {{ .Values.replicas }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: cozystack-scheduler
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: cozystack-scheduler
|
||||
spec:
|
||||
serviceAccountName: cozystack-scheduler
|
||||
containers:
|
||||
- name: cozystack-scheduler
|
||||
image: {{ .Values.image }}
|
||||
command:
|
||||
- /cozystack-scheduler
|
||||
- --config=/etc/kubernetes/scheduler-config.yaml
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: 10259
|
||||
scheme: HTTPS
|
||||
initialDelaySeconds: 15
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /etc/kubernetes/scheduler-config.yaml
|
||||
subPath: scheduler-config.yaml
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: config
|
||||
configMap:
|
||||
name: cozystack-scheduler-config
|
||||
@@ -0,0 +1,40 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: cozystack-scheduler:extension-apiserver-authentication-reader
|
||||
namespace: kube-system
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: extension-apiserver-authentication-reader
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: cozystack-scheduler
|
||||
namespace: {{ .Release.Namespace }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: cozystack-scheduler:leader-election
|
||||
namespace: {{ .Release.Namespace }}
|
||||
rules:
|
||||
- apiGroups: ["coordination.k8s.io"]
|
||||
resources: ["leases"]
|
||||
verbs: ["create", "get", "list", "update", "watch"]
|
||||
- apiGroups: ["coordination.k8s.io"]
|
||||
resources: ["leasecandidates"]
|
||||
verbs: ["create", "get", "list", "update", "watch"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: cozystack-scheduler:leader-election
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: cozystack-scheduler:leader-election
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: cozystack-scheduler
|
||||
namespace: {{ .Release.Namespace }}
|
||||
@@ -0,0 +1,5 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: cozystack-scheduler
|
||||
namespace: {{ .Release.Namespace }}
|
||||
2
packages/system/cozystack-scheduler/values.yaml
Normal file
2
packages/system/cozystack-scheduler/values.yaml
Normal file
@@ -0,0 +1,2 @@
|
||||
image: ghcr.io/cozystack/cozystack/cozystack-scheduler:v0.1.0@sha256:5f7150c82177478467ff80628acb5a400291aff503364aa9e26fc346d79a73cf
|
||||
replicas: 1
|
||||
@@ -6,4 +6,4 @@ include ../../../hack/package.mk
|
||||
update:
|
||||
rm -rf templates
|
||||
mkdir templates
|
||||
kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=v1.5.0" > templates/crds-experimental.yaml
|
||||
kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=v1.2.0" > templates/crds-experimental.yaml
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -224,8 +224,8 @@ func buildPostProcessV3(kindSchemas map[string]string) func(*spec3.OpenAPI) (*sp
|
||||
base, ok1 := doc.Components.Schemas[baseRef]
|
||||
list, ok2 := doc.Components.Schemas[baseListRef]
|
||||
stat, ok3 := doc.Components.Schemas[baseStatusRef]
|
||||
if !(ok1 && ok2 && ok3) && len(kindSchemas) > 0 {
|
||||
return doc, fmt.Errorf("base Application* schemas not found")
|
||||
if !(ok1 && ok2 && ok3) {
|
||||
return doc, nil // not the apps GV — nothing to patch
|
||||
}
|
||||
|
||||
// Clone base schemas for each kind
|
||||
@@ -339,8 +339,8 @@ func buildPostProcessV2(kindSchemas map[string]string) func(*spec.Swagger) (*spe
|
||||
base, ok1 := defs[baseRef]
|
||||
list, ok2 := defs[baseListRef]
|
||||
stat, ok3 := defs[baseStatusRef]
|
||||
if !(ok1 && ok2 && ok3) && len(kindSchemas) > 0 {
|
||||
return sw, fmt.Errorf("base Application* schemas not found")
|
||||
if !(ok1 && ok2 && ok3) {
|
||||
return sw, nil // not the apps GV — nothing to patch
|
||||
}
|
||||
|
||||
for kind, raw := range kindSchemas {
|
||||
|
||||
Reference in New Issue
Block a user