Add vsphere cpi 100.0.1

pull/1551/head
Steven Crespo 2021-10-13 14:24:18 -07:00
parent 3309ecdecc
commit ac7421c2ed
11 changed files with 342 additions and 5 deletions

View File

@ -1,7 +1,10 @@
apiVersion: v1
name: rancher-vsphere-cpi
version: 1.0.0
appVersion: 1.0.0
version: 1.0.1
# appVersion represents the upstream branch for the k8s version this chart was updated to. Since our chart is made to
# support multiple k8s versions, appVersion is used for reference to know what's the latest k8s version this chart supports.
appVersion: 1.21.0
kubeVersion: 1.18 - 1.21
description: vSphere Cloud Provider Interface (CPI)
sources:
- https://github.com/kubernetes/cloud-provider-vsphere

View File

@ -5,3 +5,33 @@
{{- "" -}}
{{- end -}}
{{- end -}}
{{- /* Return the image override if one is defined in the chart values. */ -}}
{{- define "get_image_override" -}}
{{- if hasKey .Values.cloudControllerManager.image "override" -}}
{{- if and (hasKey .Values.cloudControllerManager.image.override "repository") (hasKey .Values.cloudControllerManager.image.override "tag") -}}
{{- printf "%s:%s" .Values.cloudControllerManager.image.override.repository .Values.cloudControllerManager.image.override.tag -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- /* Return the image's repository and tag corresponding to the cluster's kubernetes version. */ -}}
{{- define "get_image" -}}
{{- $kubeVersion := printf "%s.%s" .Capabilities.KubeVersion.Major .Capabilities.KubeVersion.Minor -}}
{{- if hasKey .Values.cloudControllerManager.image $kubeVersion -}}
{{- $imageForKubeVersion := get .Values.cloudControllerManager.image $kubeVersion -}}
{{- printf "%s:%s" $imageForKubeVersion.repository $imageForKubeVersion.tag -}}
{{- else -}}
{{- $supportedVersions := include "get_supported_k8s_versions" . -}}
{{- required (printf "unsupported Kubernetes version: %s (supported versions: %s)" $kubeVersion $supportedVersions) "" -}}
{{- end -}}
{{- end -}}
{{- /* Return string of a comma separated list of the k8s version lines the chart supports in the `major.minor.x` format. */ -}}
{{- define "get_supported_k8s_versions" -}}
{{- $versions := list -}}
{{- range $k, $v := .Values.cloudControllerManager.image -}}
{{- $versions = append $versions (printf "%s.x" $k) -}}
{{- end -}}
{{- join ", " $versions -}}
{{- end -}}

View File

@ -0,0 +1,19 @@
# Source: https://github.com/kubernetes/cloud-provider-vsphere
apiVersion: v1
kind: ConfigMap
metadata:
name: vsphere-cloud-config
labels:
vsphere-cpi-infra: config
component: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
data:
vsphere.conf: |
[Global]
secret-name = {{ .Values.vCenter.credentialsSecret.name | quote }}
secret-namespace = {{ .Release.Namespace | quote }}
port = {{ .Values.vCenter.port | quote }}
insecure-flag = {{ .Values.vCenter.insecureFlag | quote }}
[VirtualCenter {{ .Values.vCenter.host | quote }}]
datacenters = {{ .Values.vCenter.datacenters | quote }}

View File

@ -0,0 +1,96 @@
# Source: https://github.com/kubernetes/cloud-provider-vsphere
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ .Chart.Name }}-cloud-controller-manager
labels:
component: {{ .Chart.Name }}-cloud-controller-manager
tier: control-plane
namespace: {{ .Release.Namespace }}
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ""
spec:
selector:
matchLabels:
name: {{ .Chart.Name }}-cloud-controller-manager
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
name: {{ .Chart.Name }}-cloud-controller-manager
component: {{ .Chart.Name }}-cloud-controller-manager
tier: control-plane
spec:
{{- if .Values.cloudControllerManager.nodeSelector }}
nodeSelector:
{{- with .Values.cloudControllerManager.nodeSelector }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- else }}
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
# RKE node selector label
- key: node-role.kubernetes.io/controlplane
operator: In
values:
- "true"
- matchExpressions:
# RKE2 node selector label
- key: node-role.kubernetes.io/control-plane
operator: In
values:
- "true"
{{- end }}
{{- if .Values.cloudControllerManager.tolerations }}
tolerations:
{{- with .Values.cloudControllerManager.tolerations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- else }}
tolerations:
- key: node.cloudprovider.kubernetes.io/uninitialized
value: "true"
effect: NoSchedule
- key: node-role.kubernetes.io/master
effect: NoSchedule
operator: Exists
- key: node.kubernetes.io/not-ready
effect: NoSchedule
operator: Exists
# Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints
- key: node-role.kubernetes.io/controlplane
effect: NoSchedule
value: "true"
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
value: "true"
- key: node-role.kubernetes.io/etcd
effect: NoSchedule
value: "true"
{{- end }}
securityContext:
runAsUser: 1001
serviceAccountName: {{ .Chart.Name }}-cloud-controller-manager
containers:
- name: {{ .Chart.Name }}-cloud-controller-manager
image: "{{ template "system_default_registry" . }}{{ default (include "get_image" . ) (include "get_image_override" . ) }}"
args:
- --cloud-provider=vsphere
- --v=2
- --cloud-config=/etc/cloud/vsphere.conf
volumeMounts:
- mountPath: /etc/cloud
name: vsphere-config-volume
readOnly: true
resources:
requests:
cpu: 200m
hostNetwork: true
volumes:
- name: vsphere-config-volume
configMap:
name: vsphere-cloud-config

View File

@ -0,0 +1,44 @@
{{- if .Values.cloudControllerManager.rbac.enabled -}}
# Source: https://github.com/kubernetes/cloud-provider-vsphere
apiVersion: v1
kind: List
metadata: {}
items:
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: servicecatalog.k8s.io:apiserver-authentication-reader
labels:
vsphere-cpi-infra: role-binding
component: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: extension-apiserver-authentication-reader
subjects:
- apiGroup: ""
kind: ServiceAccount
name: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
- apiGroup: ""
kind: User
name: {{ .Chart.Name }}-cloud-controller-manager
- apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: system:{{ .Chart.Name }}-cloud-controller-manager
labels:
vsphere-cpi-infra: cluster-role-binding
component: {{ .Chart.Name }}-cloud-controller-manager
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:{{ .Chart.Name }}-cloud-controller-manager
subjects:
- kind: ServiceAccount
name: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
- kind: User
name: {{ .Chart.Name }}-cloud-controller-manager
{{- end -}}

View File

@ -0,0 +1,93 @@
{{- if .Values.cloudControllerManager.rbac.enabled -}}
# Source: https://github.com/kubernetes/cloud-provider-vsphere
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: system:{{ .Chart.Name }}-cloud-controller-manager
labels:
vsphere-cpi-infra: role
component: {{ .Chart.Name }}-cloud-controller-manager
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- update
- apiGroups:
- ""
resources:
- nodes
verbs:
- "*"
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- patch
- apiGroups:
- ""
resources:
- services
verbs:
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- services/status
verbs:
- patch
- apiGroups:
- ""
resources:
- serviceaccounts
verbs:
- create
- get
- list
- watch
- update
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- update
- watch
- apiGroups:
- ""
resources:
- endpoints
verbs:
- create
- get
- list
- watch
- update
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- "coordination.k8s.io"
resources:
- leases
verbs:
- create
- get
- list
- watch
- update
{{- end -}}

View File

@ -0,0 +1,14 @@
{{- if .Values.vCenter.credentialsSecret.generate -}}
# Source: https://github.com/kubernetes/cloud-provider-vsphere
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.vCenter.credentialsSecret.name }}
labels:
vsphere-cpi-infra: secret
component: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
data:
{{ .Values.vCenter.host }}.username: {{ .Values.vCenter.username | b64enc | quote }}
{{ .Values.vCenter.host }}.password: {{ .Values.vCenter.password | b64enc | quote }}
{{- end -}}

View File

@ -0,0 +1,11 @@
{{- if .Values.cloudControllerManager.rbac.enabled -}}
# Source: https://github.com/kubernetes/cloud-provider-vsphere
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Chart.Name }}-cloud-controller-manager
labels:
vsphere-cpi-infra: service-account
component: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
{{- end -}}

View File

@ -0,0 +1,16 @@
# Source: https://github.com/kubernetes/cloud-provider-vsphere
apiVersion: v1
kind: Service
metadata:
labels:
component: {{ .Chart.Name }}-cloud-controller-manager
name: {{ .Chart.Name }}-cloud-controller-manager
namespace: {{ .Release.Namespace }}
spec:
type: NodePort
ports:
- port: 43001
protocol: TCP
targetPort: 43001
selector:
component: {{ .Chart.Name }}-cloud-controller-manager

View File

@ -11,9 +11,20 @@ vCenter:
cloudControllerManager:
image:
"1.21":
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.2.1
tag: v1.21.0
"1.20":
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.20.0
"1.19":
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.19.0
"1.18":
repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
tag: v1.18.0
nodeSelector: {}
tolerations: {}
rbac:
enabled: true

View File

@ -1,2 +1,2 @@
url: local
version: 100.0.0
version: 100.0.1