(dev-v2.6-archive) Remove release name, refactor image values, update web_root

(partially cherry picked from commit 5da19fc4a4)

packages/rancher-istio/charts/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v1
-appVersion: 1.7.0
+appVersion: 1.6.8
 description: Helm chart for installing istio components with the istioctl
 name: rancher-istio
-version: 1.7.000
+version: 1.6.800
 icon: https://charts.rancher.io/assets/logos/istio.svg
 annotations:
   catalog.cattle.io/certified: rancher

packages/rancher-istio/charts/README.md

@@ -16,5 +16,5 @@ http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc
 
 ### Installation
 ```
-helm install rancher-istio ./ --create-namespace -n istio-system
+helm install rancher-istio ./ --create-namespace -n cattle-istio-system
 ```

packages/rancher-istio/charts/configs/istio-base.yaml

@@ -4,6 +4,14 @@ spec:
   addonComponents:
     istiocoredns:
       enabled: {{ .Values.istiocoredns.enabled }}
+    prometheus:
+      enabled: false
+    grafana:
+      enabled: false
+    kiali:
+      enabled: false
+    tracing:
+      enabled: false
   components:
     base:
       enabled: {{ .Values.base.enabled }}
@@ -64,10 +72,6 @@ spec:
         image: {{ template "system_default_registry" . }}{{ .Values.global.proxy.repository }}:{{ .Values.global.proxy.tag }}
       proxy_init:
         image: {{ template "system_default_registry" . }}{{ .Values.global.proxy_init.repository}}:{{ .Values.global.proxy_init.tag }}
-      {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
-      defaultPodDisruptionBudget:
-        enabled: {{ .Values.global.defaultPodDisruptionBudget.enabled }}
-      {{- end }}
     istiocoredns:
       coreDNSImage: {{ template "system_default_registry" . }}{{ .Values.istiocoredns.image.repository }}
       coreDNSPluginImage: {{ template "system_default_registry" . }}{{ .Values.istiocoredns.pluginImage.repository }}:{{ .Values.istiocoredns.pluginImage.tag }}

packages/rancher-istio/charts/values.yaml

@@ -1,6 +1,6 @@
 overlayFile: ""
-tag: 1.7.0
-installerVersion: 1.7.0-rancher1
+tag: 1.6.7
+installerVersion: 1.6.7-rancher1
 forceInstall: false
 
 istiocoredns:
@@ -18,7 +18,7 @@ base:
 cni:
     enabled: false
     repository: rancher/istio-install-cni
-    tag: 1.7.0
+    tag: 1.6.7
 
 egressGateways:
     enabled: false
@@ -34,17 +34,17 @@ istiodRemote:
 pilot:
     enabled: true
     repository: rancher/istio-pilot
-    tag: 1.7.0
+    tag: 1.6.7
 
 policy:
     enabled: true
     repository: rancher/istio-mixer
-    tag: 1.7.0
+    tag: 1.6.7
 
 telemetry:
     enabled: true
     repository: rancher/istio-mixer
-    tag: 1.7.0
+    tag: 1.6.7
 
 sidecarInjectorWebhook:
   enableNamespacesByDefault: false
@@ -57,12 +57,10 @@ global:
   systemDefaultRegistry: ""
   proxy:
     repository: rancher/istio-proxyv2
-    tag: 1.7.0
+    tag: 1.6.7
   proxy_init:
     repository: rancher/istio-proxyv2
-    tag: 1.7.0
-  defaultPodDisruptionBudget:
-    enabled: true
+    tag: 1.6.7
 
 # this can be removed in 1.7 as it is default
 meshConfig:
@@ -74,10 +72,9 @@ kiali:
   auth:
     strategy: anonymous
   deployment:
-    ##TODO: update kiali to allow for repository and image
     ingress_enabled: false
-    image_name: docker.io/rancher/kiali-kiali
-    image_version: v1.22.1
+    repository: rancher/kiali-kiali
+    tag: v1.22.1
   external_services:
     prometheus:
       custom_metrics_url: "http://rancher-monitoring-prometheus.cattle-monitoring-system.svc:9090"

packages/rancher-kiali-server/rancher-kiali-server.patch

@@ -37,9 +37,45 @@ diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-kiali-server/charts-original/C
 +  catalog.cattle.io/requires-gvr: prometheuses.monitoring.coreos.com/v1
 +  catalog.rancher.io/namespace: cattle-istio-system
 +  catalog.rancher.io/release-name: rancher-kiali-server
+diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-kiali-server/charts-original/templates/_helpers.tpl packages/rancher-kiali-server/charts/templates/_helpers.tpl
+--- packages/rancher-kiali-server/charts-original/templates/_helpers.tpl
++++ packages/rancher-kiali-server/charts/templates/_helpers.tpl
+@@ -17,10 +17,7 @@
+   {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+ {{- else }}
+   {{- $name := default .Chart.Name .Values.nameOverride }}
+-  {{- if contains $name .Release.Name }}
+-    {{- .Release.Name | trunc 63 | trimSuffix "-" }}
+-  {{- else }}
+-    {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
++    {{- printf "%s" $name | trunc 63 | trimSuffix "-" }}
+   {{- end }}
+ {{- end }}
+ {{- end }}
+@@ -170,3 +167,11 @@
+   {{- end }}
+ {{- end }}
+ {{- end }}
++
++{{- define "system_default_registry" -}}
++{{- if .Values.global.systemDefaultRegistry -}}
++{{- printf "%s/" .Values.global.systemDefaultRegistry -}}
++{{- else -}}
++{{- "" -}}
++{{- end -}}
++{{- end -}}
 diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-kiali-server/charts-original/templates/deployment.yaml packages/rancher-kiali-server/charts/templates/deployment.yaml
 --- packages/rancher-kiali-server/charts-original/templates/deployment.yaml
 +++ packages/rancher-kiali-server/charts/templates/deployment.yaml
+@@ -45,7 +45,7 @@
+       {{- end }}
+       {{- end }}
+       containers:
+-      - image: "{{ .Values.deployment.image_name }}:{{ .Values.deployment.image_version }}"
++      - image: "{{ template "system_default_registry" . }}{{ .Values.deployment.repository }}:{{ .Values.deployment.tag }}"
+         imagePullPolicy: {{ .Values.deployment.image_pull_policy | default "Always" }}
+         name: {{ include "kiali-server.fullname" . }}
+         command:
 @@ -89,6 +89,11 @@
              fieldRef:
                fieldPath: metadata.namespace
@@ -81,7 +117,7 @@ diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-kiali-server/charts-original/t
 +    {{- include "kiali-server.labels" . | nindent 4 }}
 +data:
 +  env.js: |
-+    window.WEB_ROOT='/api/v1/namespaces/{{ .Release.Namespace }}/services/http:rancher-istio-kiali:20001/proxy';
++    window.WEB_ROOT='/k8s/clusters/{{ .Values.global.rancher.clusterId }}/api/v1/namespaces/{{ .Release.Namespace }}/services/http:rancher-istio-kiali:20001/proxy';
 +{{- end }}
 diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-kiali-server/charts-original/values.yaml packages/rancher-kiali-server/charts/values.yaml
 --- packages/rancher-kiali-server/charts-original/values.yaml
@@ -96,3 +132,30 @@ diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-kiali-server/charts-original/v
  #
  # Settings that mimic the Kiali CR which are placed in the ConfigMap
  #
+@@ -57,10 +60,10 @@
+   custom_dashboards:
+     excludes: ['']
+     includes: ['*']
+-  image_name: quay.io/kiali/kiali
++  repository: kiali/kiali
+   image_pull_policy: "Always"
+   image_pull_secrets: []
+-  image_version: v1.22.0
++  tag: v1.22.0
+   ingress_enabled: true
+   node_selector: {}
+   override_ingress_yaml:
+@@ -182,3 +185,13 @@
+   web_fqdn: ""
+   web_root: ""
+   web_schema: ""
++
++# Common settings used among istio subcharts.
++global:
++
++  # Specify rancher clusterId of external tracing config
++  # https://github.com/istio/istio.io/issues/4146#issuecomment-493543032
++  rancher:
++    clusterId:
++
++  systemDefaultRegistry: ""

packages/rancher-monitoring/overlay/CHANGELOG.md

@@ -8,7 +8,6 @@ All notable changes from the upstream Prometheus Operator chart will be added to
 - Added support for `rkeControllerManager`, `rkeScheduler`, `rkeProxy`, and `rkeEtcd` PushProx exporters for monitoring k8s components within RKE clusters
 - Added support for `k3sControllerManager`, `k3sScheduler`, and `k3sProxy` PushProx exporters for monitoring k8s components within k3s clusters
 - Added support for `kubeAdmControllerManager`, `kubeAdmScheduler`, `kubeAdmProxy`, and `kubeAdmEtcd` PushProx exporters for monitoring k8s components within kubeAdm clusters
-- Added support for `rke2ControllerManager`, `rke2Scheduler`, `rke2Proxy`, and `rke2Etcd` PushProx exporters for monitoring k8s components within rke2 clusters
 - Exposed `prometheus.prometheusSpec.ignoreNamespaceSelectors` on values.yaml and set it to `true` by default. This value instructs the default Prometheus server deployed with this chart to ignore the `namespaceSelector` field within any created ServiceMonitor or PodMonitor CRs that it selects. This prevents ServiceMonitors and PodMonitors from configuring the Prometheus scrape configuration to monitor resources outside the namespace that they are deployed in; if a user needs to have one ServiceMonitor / PodMonitor monitor resources within several namespaces, they will need to either disable this default option or create one ServiceMonitor / PodMonitor CR per namespace that they would like to monitor. Relevant fields were also updated in the default README.md
 - Added `grafana.sidecar.dashboards.searchNamespace` to values.yaml with a default value of `grafana-dashboards`. The namespace provided should contain all ConfigMaps with the label `grafana_dashboard` and will be searched by the Grafana Dashboards sidecar for updates. The namespace specified is also created along with this deployment. All default dashboard ConfigMaps have been relocated from the deployment namespace to the namespace specified
 - Added `grafana.sidecar.datasources.searchNamespace` to values.yaml with a default value of `grafana-datasources`. The namespace provided should contain all ConfigMaps with the label `grafana_datasource` and will be searched by the Grafana Datasources sidecar for updates. The namespace specified is also created along with this deployment. All default datasource ConfigMaps have been relocated from the deployment namespace to the namespace specified
@@ -17,8 +16,6 @@ All notable changes from the upstream Prometheus Operator chart will be added to
     - User who needs to be able to persist custom Grafana dashboards from the Grafana UI but does not need to be able to interact with Prometheus CRs: `grafana-config-edit` within the `.Values.grafana.sidecar.dashboards.searchNamespace` (default `grafana-dashboards`) namespace
     - User who needs to be able to persist new Grafana datasources but does not need to be able to interact with Prometheus CRs: `.Values.grafana.sidecar.datasources.searchNamespace` (default `grafana-datasources`) namespace
 - Added default resource limits for `Prometheus Operator`, `Prometheus`, `AlertManager`, `Grafana`, `kube-state-metrics`, `node-exporter`
-- Added a default template `rancher_defaults.tmpl` to AlertManager that Rancher will offer to users in order to help configure the way alerts are rendered on a notifier. Also updated the default template deployed with this chart to reference that template and added an example of a Slack config using this template as a comment in the `values.yaml`.
-- Added support for private registries via introducing a new field for `global.systemDefaultRegistry` that, if supplied, will automatically be prepended onto every image used by the chart.
 ### Modified
 - Updated the chart name from `prometheus-operator` to `rancher-monitoring` and added the `io.rancher.certified: rancher` annotation to `Chart.yaml`
 - Modified the default `node-exporter` port from `9100` to `9796`
@@ -37,5 +34,4 @@ All notable changes from the upstream Prometheus Operator chart will be added to
     - `kube-scheduler` metrics exporter
     - `kube-proxy` metrics exporter
 - Updated default Grafana `deploymentStrategy` to `Recreate` to prevent deployments from being stuck on upgrade if a PV is attached to Grafana
-- Modified the default `<serviceMonitor|podMonitor|rule>SelectorNilUsesHelmValues` to default to `false`. As a result, we look for all CRs with any labels in all namespaces by default rather than just the ones tagged with the label `release: rancher-monitoring`.
-- Modified the default images used by the `rancher-monitoring` chart to point to Rancher mirrors of the original images from upstream.
+- Modified the default `<serviceMonitor|podMonitor|rule>SelectorNilUsesHelmValues` to default to `false`. As a result, we look for all CRs with any labels in all namespaces by default rather than just the ones tagged with the label `release: rancher-monitoring`.

packages/rancher-pushprox/charts/templates/_helpers.tpl

@@ -1,11 +1,3 @@
-# Rancher
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.systemDefaultRegistry -}}
-{{- end -}}
-{{- end -}}
-
 # General
 
 {{- define "pushprox.namespace" -}}

packages/rancher-pushprox/charts/templates/pushprox-clients.yaml

@@ -26,7 +26,7 @@ spec:
       {{- end }}
       containers:
       - name: pushprox-client
-        image: {{ template "system_default_registry" . }}{{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
+        image: {{ .Values.clients.image.repository }}:{{ .Values.clients.image.tag }}
         command:
         {{- range .Values.clients.command }}
           - {{ . | quote }}
@@ -72,7 +72,7 @@ spec:
       {{- if and .Values.clients.https.enabled .Values.clients.https.certDir }}
       initContainers:
       - name: copy-certs
-        image: {{ template "system_default_registry" . }}{{ .Values.clients.copyCertsImage.repository }}:{{ .Values.clients.copyCertsImage.tag }}
+        image: alpine:latest
         command:
         - sh
         - -c

packages/rancher-pushprox/charts/templates/pushprox-proxy.yaml

@@ -21,7 +21,7 @@ spec:
 {{- end }}
       containers:
       - name: pushprox-proxy
-        image: {{ template "system_default_registry" . }}{{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
+        image: {{ .Values.proxy.image.repository }}:{{ .Values.proxy.image.tag }}
         command:
         {{- range .Values.proxy.command }}
           - {{ . | quote }}

packages/rancher-pushprox/charts/values.yaml

@@ -12,9 +12,6 @@
 
 # Configuration
 
-global:
-  systemDefaultRegistry: ""
-
 # The component that is being monitored (i.e. etcd)
 component: "component"
 
@@ -63,10 +60,6 @@ clients:
     tag: v0.1.0-rancher1-client
   command: ["pushprox-client"]
 
-  copyCertsImage:
-    repository: rancher/kubectl
-    tag: v1.18.6
-
 proxy:
   enabled: true
   # The port through which PushProx clients will communicate to the proxy