andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[dev-v2.9] Forward ports rancher-vsphere-cpi 103.1.0+up1.7.0 (#3728)

pull/3734/head
Lucas Machado 2024-04-04 11:58:32 -03:00 committed by GitHub
parent 975cdad00d
commit 9b19a5fa4c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
16 changed files with 656 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/rancher-vsphere-cpi/rancher-vsphere-cpi-103.1.0+up1.7.0.tgz Normal file
View File

Binary file not shown.

24
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/Chart.yaml Normal file
View File

@ -0,0 +1,24 @@
annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: vSphere CPI
catalog.cattle.io/kube-version: '>= 1.18.0-0 < 1.29.0-0'
catalog.cattle.io/namespace: kube-system
catalog.cattle.io/os: linux
catalog.cattle.io/permits-os: linux,windows
catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
catalog.cattle.io/release-name: vsphere-cpi
apiVersion: v1
appVersion: 1.7.0
description: vSphere Cloud Provider Interface (CPI)
icon: https://charts.rancher.io/assets/logos/vsphere-cpi.svg
keywords:
- infrastructure
maintainers:
- email: jiaqi.luo@suse.com
name: Jiaqi Luo
- email: brad.davidson@suse.com
name: Brad Davidson
name: rancher-vsphere-cpi
sources:
- https://github.com/kubernetes/cloud-provider-vsphere
version: 103.1.0+up1.7.0

59
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/README.md Normal file
View File

@ -0,0 +1,59 @@
# vSphere Cloud Provider Interface (CPI)
[vSphere Cloud Provider Interface (CPI)](https://github.com/kubernetes/cloud-provider-vsphere) is responsible for running all the platform specific control loops that were previously run in core Kubernetes components like the KCM and the kubelet, but have been moved out-of-tree to allow cloud and infrastructure providers to implement integrations that can be developed, built and released independent of Kubernetes core. The official documentation and tutorials can be found [here](https://vsphere-csi-driver.sigs.k8s.io/driver-deployment/prerequisites.html).
**This chart requires being deployed into the `kube-system` namespace.**
## Prerequisites
- vSphere 6.7 U3+
- Kubernetes v1.14+
- A Secret on your Kubernetes cluster that contains vSphere credentials (Refer to `README` or `Detailed Descriptions`)
## Installation
This chart requires a Secret in your Kubernetes cluster that contains the server URL and credentials to connect to the vCenter. You can have the chart generate it for you, or create it yourself and provide the name of the Secret during installation.
<span style="color:orange">Warning</span>: When the option to generate the Secret is enabled, the credentials are visible in the API to authorized users. If you create the Secret yourself they will not be visible.
You can create a Secret in one of the following ways:
### <B>Option 1</b>: Create a Secret using the Rancher UI
Go to your cluster's project (Same project you will be installing the chart) > Resources > Secrets > Add Secret.
```yaml
# Example of data required in the Secret
<host-1>.username: <username>
<host-1>.password: <password>
```
### <B>Option 2</b>: Create a Secret using kubectl
Replace placeholders with actual values, and execute the following:
```bash
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: <secret-name>
namespace: <charts-namespace>
data:
<host-1>.username: <base64encoded-username>
<host-1>.password: <base64encoded-password>
EOF
```
More information on managing Secrets using kubectl [here](https://kubernetes.io/docs/tasks/configmap-secret/managing-secret-using-kubectl/).
## Migration
If using this chart to migrate volumes provisioned by the in-tree provider to the out-of-tree CPI + CSI, you need to taint all nodes with the following:
```
node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
```
To perform this operation on all nodes in your cluster, the following script has been provided for your convenience:
```bash
# Note: Since this script uses kubectl, ensure that you run `export KUBECONFIG=<path-to-kubeconfig-for-cluster>` before running this script
for node in $(kubectl get nodes | awk '{print $1}' | tail -n +2); do
kubectl taint node $node node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
done
```

11
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/app-readme.md Normal file
View File

@ -0,0 +1,11 @@
# vSphere Cloud Provider Interface (CPI)
[vSphere Cloud Provider Interface (CPI)](https://github.com/kubernetes/cloud-provider-vsphere) is responsible for running all the platform specific control loops that were previously run in core Kubernetes components like the KCM and the kubelet, but have been moved out-of-tree to allow cloud and infrastructure providers to implement integrations that can be developed, built and released independent of Kubernetes core. The official documentation and tutorials can be found [here](https://vsphere-csi-driver.sigs.k8s.io/driver-deployment/prerequisites.html).
**This chart requires being deployed into the `kube-system` namespace.**
## Prerequisites
- vSphere 6.7 U3+ or vSphere 7.0+
- Kubernetes v1.19+
- A Secret on your Kubernetes cluster that contains vSphere credentials (Refer to `README` or `Detailed Descriptions`)

62
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/questions.yaml Normal file
View File

@ -0,0 +1,62 @@
questions:
- variable: vCenter.host
label: vCenter Host
description: IP address or FQDN of the vCenter
type: string
required: true
group: Configuration
- variable: vCenter.datacenters
description: Comma-separated list of paths to data centers. E.g "<dc1-path>, <dc2-path>, ..."
label: Data Centers
type: string
required: true
group: Configuration
- variable: vCenter.credentialsSecret.generate
label: Generate Credential's Secret
description: Generates a secret with the vSphere credentials (If the option to generate it is enabled, credentials will be visible in the API to authorized users)
type: boolean
default: true
required: true
group: Configuration
show_subquestion_if: true
subquestions:
- variable: vCenter.username
label: Username
description: Username for vCenter
type: string
group: Configuration
- variable: vCenter.password
label: Password
description: Password for vCenter
type: password
group: Configuration
- variable: vCenter.credentialsSecret.name
label: Credential's Secret Name
description: Name of the secret with the vSphere credentials (Will not be visible in the API. More info in the README)
default: "vsphere-cpi-creds"
type: string
group: Configuration
show_if: "vCenter.credentialsSecret.generate=false"
- variable: vCenter.labels.generate
label: Define vSphere Tags
description: "vSphere Tags used to determine the zone and region of a Kubernetes node. This labels will be propagated to NodeLabels"
type: boolean
default: false
required: true
group: Configuration
show_subquestion_if: true
subquestions:
- variable: vCenter.labels.region
label: Region
description: vSphere tag which will used to define regions. e.g. eu-central
type: string
group: Configuration
- variable: vCenter.labels.zone
label: Zone
description: vSphere tag which will used to define availability zones
type: string
group: Configuration

50
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,50 @@
{{- define "system_default_registry" -}}
{{- if .Values.global.cattle.systemDefaultRegistry -}}
{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
{{- else -}}
{{- "" -}}
{{- end -}}
{{- end -}}
{{- define "applyVersionOverrides" -}}
{{- $overrides := dict -}}
{{- range $override := .Values.versionOverrides -}}
{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
{{- $_ := mergeOverwrite $overrides $override.values -}}
{{- end -}}
{{- end -}}
{{- $_ := mergeOverwrite .Values $overrides -}}
{{- end -}}
{{/*
Windows cluster will add default taint for linux nodes,
add below linux tolerations to workloads could be scheduled to those linux nodes
*/}}
{{- define "linux-node-tolerations" -}}
- key: "cattle.io/os"
value: "linux"
effect: "NoSchedule"
operator: "Equal"
{{- end -}}
{{- define "linux-node-selector" -}}
kubernetes.io/os: linux
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "chartName" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Labels that should be added on each resource
*/}}
{{- define "labels" -}}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
helm.sh/chart: {{ include "chartName" . }}
{{- end -}}

33
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/templates/configmap.yaml Normal file
View File

@ -0,0 +1,33 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: vsphere-cloud-config
labels:
vsphere-cpi-infra: config
component: {{ .Chart.Name }}-cloud-controller-manager
{{- include "labels" . | nindent 4 }}
namespace: {{ .Release.Namespace }}
data:
vsphere.yaml: |
# Global properties in this section will be used for all specified vCenters unless overriden in VirtualCenter section.
{{ with .Values.vCenter }}
global:
secretName: {{ .credentialsSecret.name | quote }}
secretNamespace: {{ $.Release.Namespace | quote }}
port: {{ .port }}
insecureFlag: {{ .insecureFlag }}
# vcenter section
vcenter:
{{ .host | quote }}:
server: {{ .host | quote }}
datacenters:
- {{ .datacenters | quote }}
{{- if .labels.generate }}
# labels for regions and zones
labels:
region: {{ .labels.region | quote }}
zone: {{ .labels.zone | quote }}
{{- end }}
{{- end }}

109
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/templates/daemonset.yaml Normal file
View File

@ -0,0 +1,109 @@
{{- template "applyVersionOverrides" . -}}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ .Chart.Name }}-cloud-controller-manager
labels:
component: {{ .Chart.Name }}-cloud-controller-manager
tier: control-plane
{{- include "labels" . | nindent 4 }}
namespace: {{ .Release.Namespace }}
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
spec:
selector:
matchLabels:
name: {{ .Chart.Name }}-cloud-controller-manager
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
name: {{ .Chart.Name }}-cloud-controller-manager
component: {{ .Chart.Name }}-cloud-controller-manager
tier: control-plane
{{- include "labels" . | nindent 8 }}
{{- with .Values.cloudControllerManager.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- if .Values.cloudControllerManager.nodeSelector }}
nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
{{- with .Values.cloudControllerManager.nodeSelector }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- else }}
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
# RKE node selector label
- key: node-role.kubernetes.io/controlplane
operator: In
values:
- "true"
- key: kubernetes.io/os
operator: NotIn
values:
- "windows"
- matchExpressions:
# RKE2 node selector label
- key: node-role.kubernetes.io/control-plane
operator: In
values:
- "true"
- key: kubernetes.io/os
operator: NotIn
values:
- "windows"
{{- end }}
{{- if .Values.cloudControllerManager.tolerations }}
tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
{{- with .Values.cloudControllerManager.tolerations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- else }}
tolerations:
- key: node.cloudprovider.kubernetes.io/uninitialized
value: "true"
effect: NoSchedule
- key: node-role.kubernetes.io/master
effect: NoSchedule
operator: Exists
- key: node.kubernetes.io/not-ready
effect: NoSchedule
operator: Exists
# Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints
- key: node-role.kubernetes.io/controlplane
effect: NoSchedule
value: "true"
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
operator: Exists
- key: node-role.kubernetes.io/etcd
effect: NoExecute
operator: Exists
{{- end }}
securityContext:
runAsUser: 1001
serviceAccountName: {{ .Chart.Name }}-cloud-controller-manager
containers:
- name: {{ .Chart.Name }}-cloud-controller-manager
image: {{ template "system_default_registry" . }}{{ .Values.cloudControllerManager.repository }}:{{ .Values.cloudControllerManager.tag }}
args:
- --cloud-provider=vsphere
- --v=2
- --cloud-config=/etc/cloud/vsphere.yaml
volumeMounts:
- mountPath: /etc/cloud
name: vsphere-config-volume
readOnly: true
resources:
requests:
cpu: 200m
hostNetwork: true
volumes:
- name: vsphere-config-volume
configMap:
name: vsphere-cloud-config

42
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/templates/role-binding.yaml Normal file
View File

@ -0,0 +1,42 @@
{{- if .Values.cloudControllerManager.rbac.enabled -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: servicecatalog.k8s.io:apiserver-authentication-reader
labels:
vsphere-cpi-infra: role-binding
component: {{ .Chart.Name }}-cloud-controller-manager
{{- include "labels" . | nindent 4 }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: extension-apiserver-authentication-reader
subjects:
- apiGroup: ""
kind: ServiceAccount
name: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
- apiGroup: ""
kind: User
name: {{ .Chart.Name }}-cloud-controller-manager
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: system:{{ .Chart.Name }}-cloud-controller-manager
labels:
vsphere-cpi-infra: cluster-role-binding
component: {{ .Chart.Name }}-cloud-controller-manager
{{- include "labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:{{ .Chart.Name }}-cloud-controller-manager
subjects:
- kind: ServiceAccount
name: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
- kind: User
name: {{ .Chart.Name }}-cloud-controller-manager
{{- end -}}

93
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/templates/role.yaml Normal file
View File

@ -0,0 +1,93 @@
{{- if .Values.cloudControllerManager.rbac.enabled -}}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: system:{{ .Chart.Name }}-cloud-controller-manager
labels:
vsphere-cpi-infra: role
component: {{ .Chart.Name }}-cloud-controller-manager
{{- include "labels" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- update
- apiGroups:
- ""
resources:
- nodes
verbs:
- "*"
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- patch
- apiGroups:
- ""
resources:
- services
verbs:
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- services/status
verbs:
- patch
- apiGroups:
- ""
resources:
- serviceaccounts
verbs:
- create
- get
- list
- watch
- update
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- update
- watch
- apiGroups:
- ""
resources:
- endpoints
verbs:
- create
- get
- list
- watch
- update
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- "coordination.k8s.io"
resources:
- leases
verbs:
- create
- get
- list
- watch
- update
{{- end -}}

14
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/templates/secret.yaml Normal file
View File

@ -0,0 +1,14 @@
{{- if .Values.vCenter.credentialsSecret.generate -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.vCenter.credentialsSecret.name }}
labels:
vsphere-cpi-infra: secret
component: {{ .Chart.Name }}-cloud-controller-manager
{{- include "labels" . | nindent 4 }}
namespace: {{ .Release.Namespace }}
data:
{{ .Values.vCenter.host }}.username: {{ .Values.vCenter.username | b64enc | quote }}
{{ .Values.vCenter.host }}.password: {{ .Values.vCenter.password | b64enc | quote }}
{{- end -}}

11
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/templates/service-account.yaml Normal file
View File

@ -0,0 +1,11 @@
{{- if .Values.cloudControllerManager.rbac.enabled -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Chart.Name }}-cloud-controller-manager
labels:
vsphere-cpi-infra: service-account
component: {{ .Chart.Name }}-cloud-controller-manager
{{- include "labels" . | nindent 4 }}
namespace: {{ .Release.Namespace }}
{{- end -}}

16
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/templates/service.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: Service
metadata:
labels:
component: {{ .Chart.Name }}-cloud-controller-manager
{{- include "labels" . | nindent 4 }}
name: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
spec:
type: NodePort
ports:
- port: 43001
protocol: TCP
targetPort: 43001
selector:
component: {{ .Chart.Name }}-cloud-controller-manager

103
charts/rancher-vsphere-cpi/103.1.0+up1.7.0/values.yaml Normal file
View File

@ -0,0 +1,103 @@
vCenter:
host: ""
port: 443
insecureFlag: true
datacenters: ""
username: ""
password: ""
credentialsSecret:
name: "vsphere-cpi-creds"
generate: true
# vSphere Tags used to determine the zone and region of a Kubernetes node. This labels will be propagated to NodeLabels
labels:
region: "k8s-region"
zone: "k8s-zone"
generate: false
# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
#
# For each key in versionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
# any of the semver constraints provided as keys on the map.
#
# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
#
# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
#
# Notes:
# - On running a helm template, Helm uses the `.Capabilities.APIVersion` of whatever
# Kubernetes release that version of Helm was built against.
# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
#
# Supported versions can be found at:
# https://github.com/kubernetes/cloud-provider-vsphere#compatibility-with-kubernetes
versionOverrides:
- constraint: "~ 1.28"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.28.0
- constraint: "~ 1.27"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.27.0
- constraint: "~ 1.26"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.26.2
- constraint: "~ 1.25"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.25.3
- constraint: ">= 1.24 < 1.25"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.24.6
- constraint: ">= 1.23 < 1.24"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.23.4
- constraint: "~ 1.22"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.22.8
- constraint: "~ 1.21"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.21.3
- constraint: "~ 1.20"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.20.1
- constraint: "~ 1.19"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.19.0
- constraint: "~ 1.18"
values:
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.18.0
cloudControllerManager:
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: latest
nodeSelector: {}
tolerations: []
## Optional additional labels to add to pods
podLabels: {}
rbac:
enabled: true
global:
cattle:
systemDefaultRegistry: ""

28
index.yaml
View File

@ -17778,6 +17778,34 @@ entries:
urls:
- assets/rancher-vsphere-cpi/rancher-vsphere-cpi-104.0.0+up1.7.0.tgz
version: 104.0.0+up1.7.0
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: vSphere CPI
catalog.cattle.io/kube-version: '>= 1.18.0-0 < 1.29.0-0'
catalog.cattle.io/namespace: kube-system
catalog.cattle.io/os: linux
catalog.cattle.io/permits-os: linux,windows
catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
catalog.cattle.io/release-name: vsphere-cpi
apiVersion: v1
appVersion: 1.7.0
created: "2024-04-03T11:55:48.125986-03:00"
description: vSphere Cloud Provider Interface (CPI)
digest: 7afe94830f59191390ea6bdb0c337adf7a31a98ed099509380b6ef749b7ae9db
icon: https://charts.rancher.io/assets/logos/vsphere-cpi.svg
keywords:
- infrastructure
maintainers:
- email: jiaqi.luo@suse.com
name: Jiaqi Luo
- email: brad.davidson@suse.com
name: Brad Davidson
name: rancher-vsphere-cpi
sources:
- https://github.com/kubernetes/cloud-provider-vsphere
urls:
- assets/rancher-vsphere-cpi/rancher-vsphere-cpi-103.1.0+up1.7.0.tgz
version: 103.1.0+up1.7.0
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: vSphere CPI

1
release.yaml
View File

@ -112,6 +112,7 @@ rancher-monitoring-crd:
rancher-vsphere-cpi:
- 104.0.0+up1.7.0
- 102.2.0+up1.6.0
- 103.1.0+up1.7.0
rancher-vsphere-csi:
- 104.0.0+up3.1.2-rancher2
- 102.2.0+up3.0.2-rancher1