diff --git a/assets/asserts/asserts-1.40.0.tgz b/assets/asserts/asserts-1.40.0.tgz new file mode 100644 index 000000000..5c7666ecf Binary files /dev/null and b/assets/asserts/asserts-1.40.0.tgz differ diff --git a/assets/bitnami/cassandra-10.4.2.tgz b/assets/bitnami/cassandra-10.4.2.tgz new file mode 100644 index 000000000..8cc33ed27 Binary files /dev/null and b/assets/bitnami/cassandra-10.4.2.tgz differ diff --git a/assets/bitnami/spark-7.0.1.tgz b/assets/bitnami/spark-7.0.1.tgz new file mode 100644 index 000000000..f5377e238 Binary files /dev/null and b/assets/bitnami/spark-7.0.1.tgz differ diff --git a/assets/bitnami/wordpress-16.1.11.tgz b/assets/bitnami/wordpress-16.1.11.tgz new file mode 100644 index 000000000..6a2935903 Binary files /dev/null and b/assets/bitnami/wordpress-16.1.11.tgz differ diff --git a/assets/citrix/citrix-cpx-with-ingress-controller-1.33.4.tgz b/assets/citrix/citrix-cpx-with-ingress-controller-1.33.4.tgz new file mode 100644 index 000000000..3820480df Binary files /dev/null and b/assets/citrix/citrix-cpx-with-ingress-controller-1.33.4.tgz differ diff --git a/assets/citrix/citrix-ingress-controller-1.33.4.tgz b/assets/citrix/citrix-ingress-controller-1.33.4.tgz new file mode 100644 index 000000000..640e5cb35 Binary files /dev/null and b/assets/citrix/citrix-ingress-controller-1.33.4.tgz differ diff --git a/assets/datadog/datadog-3.30.10.tgz b/assets/datadog/datadog-3.30.10.tgz new file mode 100644 index 000000000..e7a2862ef Binary files /dev/null and b/assets/datadog/datadog-3.30.10.tgz differ diff --git a/assets/metallb/metallb-0.13.10.tgz b/assets/metallb/metallb-0.13.10.tgz new file mode 100644 index 000000000..9897d85cb Binary files /dev/null and b/assets/metallb/metallb-0.13.10.tgz differ diff --git a/assets/minio/minio-operator-5.0.5.tgz b/assets/minio/minio-operator-5.0.5.tgz new file mode 100644 index 000000000..617edc4af Binary files /dev/null and b/assets/minio/minio-operator-5.0.5.tgz differ diff --git a/assets/redpanda/redpanda-4.0.32.tgz b/assets/redpanda/redpanda-4.0.32.tgz new file mode 100644 index 000000000..e70b593b6 Binary files /dev/null and b/assets/redpanda/redpanda-4.0.32.tgz differ diff --git a/assets/sysdig/sysdig-1.15.91.tgz b/assets/sysdig/sysdig-1.15.91.tgz new file mode 100644 index 000000000..863e9c272 Binary files /dev/null and b/assets/sysdig/sysdig-1.15.91.tgz differ diff --git a/assets/weka/csi-wekafsplugin-2.0.0.tgz b/assets/weka/csi-wekafsplugin-2.0.0.tgz new file mode 100644 index 000000000..3eaaf9347 Binary files /dev/null and b/assets/weka/csi-wekafsplugin-2.0.0.tgz differ diff --git a/charts/asserts/asserts/Chart.yaml b/charts/asserts/asserts/Chart.yaml index 597b86688..1713928b5 100644 --- a/charts/asserts/asserts/Chart.yaml +++ b/charts/asserts/asserts/Chart.yaml @@ -58,4 +58,4 @@ maintainers: url: https://github.com/asserts name: asserts type: application -version: 1.39.0 +version: 1.40.0 diff --git a/charts/asserts/asserts/templates/grafana/configmap.yaml b/charts/asserts/asserts/templates/grafana/configmap.yaml index 2fc53b45c..fcf1cd033 100644 --- a/charts/asserts/asserts/templates/grafana/configmap.yaml +++ b/charts/asserts/asserts/templates/grafana/configmap.yaml @@ -79,6 +79,9 @@ data: # Viewers can edit/inspect dashboard settings in the browser. But not save the dashboard. viewers_can_edit = true + [auth] + login_cookie_name = asserts_grafana_session + #################################### Unified Alerting #################### # [unified_alerting] # Enable the Unified Alerting sub-system and interface. When enabled we'll migrate all of your alert rules and notification channels to the new system. New alert rules will be created and your notification channels will be converted into an Alertmanager configuration. Previous data is preserved to enable backwards compatibility but new data is removed. diff --git a/charts/asserts/asserts/values.yaml b/charts/asserts/asserts/values.yaml index 4c89d4f04..7f048645d 100644 --- a/charts/asserts/asserts/values.yaml +++ b/charts/asserts/asserts/values.yaml @@ -142,7 +142,7 @@ server: repository: asserts/asserts-server pullPolicy: IfNotPresent ## Overrides the image tag whose default is the chart appVersion. - tag: v0.2.594 + tag: v0.2.627 resources: requests: @@ -251,7 +251,7 @@ authorization: repository: asserts/authorization pullPolicy: IfNotPresent ## Overrides the image tag whose default is the chart appVersion. - tag: v0.2.594 + tag: v0.2.627 resources: requests: @@ -317,7 +317,7 @@ ui: repository: asserts/asserts-ui pullPolicy: IfNotPresent ## Overrides the image tag whose default is the chart appVersion. - tag: v0.1.1192 + tag: v0.1.1216 imagePullSecrets: [] @@ -408,7 +408,7 @@ grafana: repository: asserts/grafana pullPolicy: IfNotPresent ## Overrides the image tag whose default is the chart appVersion. - tag: v1.0.216 + tag: v1.0.224 resources: requests: diff --git a/charts/bitnami/cassandra/Chart.yaml b/charts/bitnami/cassandra/Chart.yaml index 7145bf2c9..01ba0da16 100644 --- a/charts/bitnami/cassandra/Chart.yaml +++ b/charts/bitnami/cassandra/Chart.yaml @@ -28,4 +28,4 @@ maintainers: name: cassandra sources: - https://github.com/bitnami/charts/tree/main/bitnami/cassandra -version: 10.4.1 +version: 10.4.2 diff --git a/charts/bitnami/cassandra/README.md b/charts/bitnami/cassandra/README.md index aa0715dcf..b74c989f3 100644 --- a/charts/bitnami/cassandra/README.md +++ b/charts/bitnami/cassandra/README.md @@ -79,7 +79,7 @@ The command removes all the Kubernetes components associated with the chart and | ----------------------------- | ---------------------------------------------------------------------------------------------------------------------- | -------------------- | | `image.registry` | Cassandra image registry | `docker.io` | | `image.repository` | Cassandra image repository | `bitnami/cassandra` | -| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.2-debian-11-r0` | +| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.2-debian-11-r1` | | `image.digest` | Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | image pull policy | `IfNotPresent` | | `image.pullSecrets` | Cassandra image pull secrets | `[]` | @@ -230,7 +230,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.image.registry` | Init container volume image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r120` | +| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r121` | | `volumePermissions.image.digest` | Init container volume image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -245,7 +245,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.image.registry` | Cassandra exporter image registry | `docker.io` | | `metrics.image.repository` | Cassandra exporter image name | `bitnami/cassandra-exporter` | -| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r123` | +| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r124` | | `metrics.image.digest` | Cassandra exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/cassandra/values.yaml b/charts/bitnami/cassandra/values.yaml index c253f0319..0bc26c4a1 100644 --- a/charts/bitnami/cassandra/values.yaml +++ b/charts/bitnami/cassandra/values.yaml @@ -73,7 +73,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/cassandra - tag: 4.1.2-debian-11-r0 + tag: 4.1.2-debian-11-r1 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -613,7 +613,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r120 + tag: 11-debian-11-r121 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -682,7 +682,7 @@ metrics: registry: docker.io pullPolicy: IfNotPresent repository: bitnami/cassandra-exporter - tag: 2.3.8-debian-11-r123 + tag: 2.3.8-debian-11-r124 digest: "" ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. diff --git a/charts/bitnami/spark/Chart.yaml b/charts/bitnami/spark/Chart.yaml index ddc8171e1..bc4e3ca52 100644 --- a/charts/bitnami/spark/Chart.yaml +++ b/charts/bitnami/spark/Chart.yaml @@ -27,4 +27,4 @@ maintainers: name: spark sources: - https://github.com/bitnami/charts/tree/main/bitnami/spark -version: 7.0.0 +version: 7.0.1 diff --git a/charts/bitnami/spark/README.md b/charts/bitnami/spark/README.md index 0ee96bbce..c9ac5a6a6 100644 --- a/charts/bitnami/spark/README.md +++ b/charts/bitnami/spark/README.md @@ -84,7 +84,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------- | ----------------------------------------------------------------------------------------------------- | -------------------- | | `image.registry` | Spark image registry | `docker.io` | | `image.repository` | Spark image repository | `bitnami/spark` | -| `image.tag` | Spark image tag (immutable tags are recommended) | `3.4.0-debian-11-r0` | +| `image.tag` | Spark image tag (immutable tags are recommended) | `3.4.0-debian-11-r2` | | `image.digest` | Spark image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Spark image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -464,7 +464,7 @@ This version standardizes the way of defining Ingress rules. When configuring a ## License -Copyright © 2023 Bitnami +Copyright © 2023 VMware Inc Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/charts/bitnami/spark/values.yaml b/charts/bitnami/spark/values.yaml index 928e71cb2..19185f41b 100644 --- a/charts/bitnami/spark/values.yaml +++ b/charts/bitnami/spark/values.yaml @@ -92,7 +92,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/spark - tag: 3.4.0-debian-11-r0 + tag: 3.4.0-debian-11-r2 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/charts/bitnami/wordpress/Chart.yaml b/charts/bitnami/wordpress/Chart.yaml index 5c07cef8c..6b409ed91 100644 --- a/charts/bitnami/wordpress/Chart.yaml +++ b/charts/bitnami/wordpress/Chart.yaml @@ -40,4 +40,4 @@ maintainers: name: wordpress sources: - https://github.com/bitnami/charts/tree/main/bitnami/wordpress -version: 16.1.10 +version: 16.1.11 diff --git a/charts/bitnami/wordpress/README.md b/charts/bitnami/wordpress/README.md index 1ad858ded..359fb9670 100644 --- a/charts/bitnami/wordpress/README.md +++ b/charts/bitnami/wordpress/README.md @@ -80,7 +80,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------- | --------------------------------------------------------------------------------------------------------- | -------------------- | | `image.registry` | WordPress image registry | `docker.io` | | `image.repository` | WordPress image repository | `bitnami/wordpress` | -| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.2.2-debian-11-r5` | +| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.2.2-debian-11-r7` | | `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | | `image.pullSecrets` | WordPress image pull secrets | `[]` | @@ -247,7 +247,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` | | `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r120` | +| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r121` | | `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` | @@ -279,7 +279,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | | `metrics.image.registry` | Apache exporter image registry | `docker.io` | | `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.13.3-debian-11-r11` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.13.4-debian-11-r0` | | `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | diff --git a/charts/bitnami/wordpress/values.yaml b/charts/bitnami/wordpress/values.yaml index 9cd6265dd..1ec251180 100644 --- a/charts/bitnami/wordpress/values.yaml +++ b/charts/bitnami/wordpress/values.yaml @@ -73,7 +73,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/wordpress - tag: 6.2.2-debian-11-r5 + tag: 6.2.2-debian-11-r7 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -763,7 +763,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r120 + tag: 11-debian-11-r121 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -857,7 +857,7 @@ metrics: image: registry: docker.io repository: bitnami/apache-exporter - tag: 0.13.3-debian-11-r11 + tag: 0.13.4-debian-11-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml index 347ddd33d..491f03646 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller apiVersion: v2 -appVersion: 1.32.7 +appVersion: 1.33.4 description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running as sidecar. home: https://www.cloud.com @@ -18,4 +18,4 @@ maintainers: name: citrix-cpx-with-ingress-controller sources: - https://github.com/citrix/citrix-k8s-ingress-controller -version: 1.32.7 +version: 1.33.4 diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/README.md b/charts/citrix/citrix-cpx-with-ingress-controller/README.md index f363d2f19..e05568851 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/README.md +++ b/charts/citrix/citrix-cpx-with-ingress-controller/README.md @@ -455,7 +455,7 @@ The following table lists the configurable parameters of the Citrix ADC CPX with | daemonSet | Optional | False | Set this to true if Citrix ADC CPX needs to be deployed as DaemonSet. | | cic.imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | -| cic.imageTag | Mandatory | `1.32.7` | The Citrix ingress controller image tag | +| cic.imageTag | Mandatory | `1.33.4` | The Citrix ingress controller image tag | | cic.pullPolicy | Mandatory | IfNotPresent | The Citrix ingress controller image pull policy. | | cic.required | Mandatory | true | CIC to be run as sidecar with Citrix ADC CPX | | cic.resources | Optional | {} | CPU/Memory resource requests/limits for Citrix Ingress Controller container | diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/templates/cic_crds.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/templates/cic_crds.yaml index 04ab36605..085d7d271 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/templates/cic_crds.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/templates/cic_crds.yaml @@ -524,7 +524,7 @@ spec: type: array items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] header_name: description: "HTTP header that identifies the unique API client for e.g. X-apikey" type: string @@ -1089,7 +1089,7 @@ spec: type: array items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] required: - path expression: @@ -1129,7 +1129,7 @@ spec: type: array items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] claims: description: 'authorization scopes required for selected resource saved as claims or attributes' type: array @@ -1831,7 +1831,7 @@ spec: description: "List of http methods to inspect" items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] header: type: array description: "List of http headers to inspect" @@ -1978,7 +1978,7 @@ spec: description: "List of http methods to inspect" items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] header: type: array description: "List of http headers to inspect" diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml index da75965bf..9f20aa04c 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml @@ -82,7 +82,7 @@ servicePorts: [] cic: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.32.7 + imageTag: 1.33.4 image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}" pullPolicy: IfNotPresent required: true diff --git a/charts/citrix/citrix-ingress-controller/Chart.yaml b/charts/citrix/citrix-ingress-controller/Chart.yaml index 44dd51a17..abd7d56cd 100644 --- a/charts/citrix/citrix-ingress-controller/Chart.yaml +++ b/charts/citrix/citrix-ingress-controller/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/release-name: citrix-ingress-controller apiVersion: v2 -appVersion: 1.32.7 +appVersion: 1.33.4 description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX. home: https://www.cloud.com icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png @@ -17,4 +17,4 @@ maintainers: name: citrix-ingress-controller sources: - https://github.com/citrix/citrix-k8s-ingress-controller -version: 1.32.7 +version: 1.33.4 diff --git a/charts/citrix/citrix-ingress-controller/README.md b/charts/citrix/citrix-ingress-controller/README.md index 5f6711c37..c2f193f54 100644 --- a/charts/citrix/citrix-ingress-controller/README.md +++ b/charts/citrix/citrix-ingress-controller/README.md @@ -316,7 +316,7 @@ The following table lists the mandatory and optional parameters that you can con | license.accept | Mandatory | no | Set `yes` to accept the CIC end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | -| imageTag | Mandatory | `1.32.7` | The Citrix ingress controller image tag | +| imageTag | Mandatory | `1.33.4` | The Citrix ingress controller image tag | | pullPolicy | Mandatory | IfNotPresent | The CIC image pull policy. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | diff --git a/charts/citrix/citrix-ingress-controller/templates/cic_crds.yaml b/charts/citrix/citrix-ingress-controller/templates/cic_crds.yaml index 04ab36605..085d7d271 100644 --- a/charts/citrix/citrix-ingress-controller/templates/cic_crds.yaml +++ b/charts/citrix/citrix-ingress-controller/templates/cic_crds.yaml @@ -524,7 +524,7 @@ spec: type: array items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] header_name: description: "HTTP header that identifies the unique API client for e.g. X-apikey" type: string @@ -1089,7 +1089,7 @@ spec: type: array items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] required: - path expression: @@ -1129,7 +1129,7 @@ spec: type: array items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] claims: description: 'authorization scopes required for selected resource saved as claims or attributes' type: array @@ -1831,7 +1831,7 @@ spec: description: "List of http methods to inspect" items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] header: type: array description: "List of http headers to inspect" @@ -1978,7 +1978,7 @@ spec: description: "List of http methods to inspect" items: type: string - enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT', 'UNKNOWN_METHOD'] + enum: ['GET', 'PUT', 'POST', 'DELETE', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT','PATCH', 'UNKNOWN_METHOD'] header: type: array description: "List of http headers to inspect" diff --git a/charts/citrix/citrix-ingress-controller/values.yaml b/charts/citrix/citrix-ingress-controller/values.yaml index 5c5ef0340..1a2f8bf53 100644 --- a/charts/citrix/citrix-ingress-controller/values.yaml +++ b/charts/citrix/citrix-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # Citrix Ingress Controller config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.32.7 +imageTag: 1.33.4 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] diff --git a/charts/datadog/datadog/CHANGELOG.md b/charts/datadog/datadog/CHANGELOG.md index bb85f219a..324d50adf 100644 --- a/charts/datadog/datadog/CHANGELOG.md +++ b/charts/datadog/datadog/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 3.30.10 + +* Updated pointerdir mountPath for Windows deployments. + ## 3.30.9 * Pass its pod name to the cluster-agent. This is used by cluster agent 7.46+ to make leader election work when using host network. diff --git a/charts/datadog/datadog/Chart.yaml b/charts/datadog/datadog/Chart.yaml index dae1e10f1..a4de04640 100644 --- a/charts/datadog/datadog/Chart.yaml +++ b/charts/datadog/datadog/Chart.yaml @@ -19,4 +19,4 @@ name: datadog sources: - https://app.datadoghq.com/account/settings#agent/kubernetes - https://github.com/DataDog/datadog-agent -version: 3.30.9 +version: 3.30.10 diff --git a/charts/datadog/datadog/README.md b/charts/datadog/datadog/README.md index 574867858..a58762dc8 100644 --- a/charts/datadog/datadog/README.md +++ b/charts/datadog/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.30.9](https://img.shields.io/badge/Version-3.30.9-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.30.10](https://img.shields.io/badge/Version-3.30.10-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). diff --git a/charts/datadog/datadog/templates/_container-agent.yaml b/charts/datadog/datadog/templates/_container-agent.yaml index a7d822b49..81fc80678 100644 --- a/charts/datadog/datadog/templates/_container-agent.yaml +++ b/charts/datadog/datadog/templates/_container-agent.yaml @@ -225,7 +225,7 @@ {{- if eq .Values.targetSystem "windows" }} {{- if or .Values.datadog.logs.enabled .Values.datadog.logsEnabled }} - name: pointerdir - mountPath: C:/var/log + mountPath: c:/programdata/datadog/run readOnly: false # Need RW for logs pointer - name: logpodpath mountPath: C:/var/log/pods diff --git a/charts/metallb/metallb/Chart.lock b/charts/metallb/metallb/Chart.lock index 89c0e3b6b..7d3b2e40d 100644 --- a/charts/metallb/metallb/Chart.lock +++ b/charts/metallb/metallb/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: crds repository: "" - version: 0.13.9 -digest: sha256:3a0efb6755f91230c36a844438ffe107bea2b5acbdb42713a1bcc1d4d5201fda -generated: "2023-02-21T10:50:33.142117312+01:00" + version: 0.13.10 +digest: sha256:afb2e9d5b709e7ded68c21f9d033a0a14a1232be270b0966e5ef2722575afc77 +generated: "2023-05-31T15:40:56.282100173+02:00" diff --git a/charts/metallb/metallb/Chart.yaml b/charts/metallb/metallb/Chart.yaml index 863aac637..d34f18469 100644 --- a/charts/metallb/metallb/Chart.yaml +++ b/charts/metallb/metallb/Chart.yaml @@ -5,12 +5,12 @@ annotations: catalog.cattle.io/namespace: metallb-system catalog.cattle.io/release-name: metallb apiVersion: v2 -appVersion: v0.13.9 +appVersion: v0.13.10 dependencies: - condition: crds.enabled name: crds repository: file://./charts/crds - version: 0.13.9 + version: 0.13.10 description: A network load-balancer implementation for Kubernetes using standard routing protocols home: https://metallb.universe.tf @@ -20,4 +20,4 @@ name: metallb sources: - https://github.com/metallb/metallb type: application -version: 0.13.9 +version: 0.13.10 diff --git a/charts/metallb/metallb/README.md b/charts/metallb/metallb/README.md index 65a3bff22..85c19de68 100644 --- a/charts/metallb/metallb/README.md +++ b/charts/metallb/metallb/README.md @@ -27,6 +27,7 @@ Kubernetes: `>= 1.19.0-0` | controller.image.pullPolicy | string | `nil` | | | controller.image.repository | string | `"quay.io/metallb/controller"` | | | controller.image.tag | string | `nil` | | +| controller.labels | object | `{}` | | | controller.livenessProbe.enabled | bool | `true` | | | controller.livenessProbe.failureThreshold | int | `3` | | | controller.livenessProbe.initialDelaySeconds | int | `10` | | @@ -109,16 +110,18 @@ Kubernetes: `>= 1.19.0-0` | rbac.create | bool | `true` | | | speaker.affinity | object | `{}` | | | speaker.enabled | bool | `true` | | -| speaker.frr.enabled | bool | `false` | | +| speaker.excludeInterfaces.enabled | bool | `true` | | +| speaker.frr.enabled | bool | `true` | | | speaker.frr.image.pullPolicy | string | `nil` | | | speaker.frr.image.repository | string | `"quay.io/frrouting/frr"` | | -| speaker.frr.image.tag | string | `"7.5.1"` | | +| speaker.frr.image.tag | string | `"8.4.2"` | | | speaker.frr.metricsPort | int | `7473` | | | speaker.frr.resources | object | `{}` | | | speaker.frrMetrics.resources | object | `{}` | | | speaker.image.pullPolicy | string | `nil` | | | speaker.image.repository | string | `"quay.io/metallb/speaker"` | | | speaker.image.tag | string | `nil` | | +| speaker.labels | object | `{}` | | | speaker.livenessProbe.enabled | bool | `true` | | | speaker.livenessProbe.failureThreshold | int | `3` | | | speaker.livenessProbe.initialDelaySeconds | int | `10` | | diff --git a/charts/metallb/metallb/charts/crds/Chart.yaml b/charts/metallb/metallb/charts/crds/Chart.yaml index 349e221dd..0b5044026 100644 --- a/charts/metallb/metallb/charts/crds/Chart.yaml +++ b/charts/metallb/metallb/charts/crds/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: v0.13.9 +appVersion: v0.13.10 description: MetalLB CRDs home: https://metallb.universe.tf icon: https://metallb.universe.tf/images/logo/metallb-white.png @@ -7,4 +7,4 @@ name: crds sources: - https://github.com/metallb/metallb type: application -version: 0.13.9 +version: 0.13.10 diff --git a/charts/metallb/metallb/templates/controller.yaml b/charts/metallb/metallb/templates/controller.yaml index 544ef9664..5ba718916 100644 --- a/charts/metallb/metallb/templates/controller.yaml +++ b/charts/metallb/metallb/templates/controller.yaml @@ -6,6 +6,9 @@ metadata: labels: {{- include "metallb.labels" . | nindent 4 }} app.kubernetes.io/component: controller + {{- range $key, $value := .Values.controller.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: {{- if .Values.controller.strategy }} strategy: {{- toYaml .Values.controller.strategy | nindent 4 }} @@ -29,6 +32,9 @@ spec: labels: {{- include "metallb.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: controller + {{- range $key, $value := .Values.controller.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: {{- with .Values.controller.runtimeClassName }} runtimeClassName: {{ . | quote }} diff --git a/charts/metallb/metallb/templates/exclude-l2-config.yaml b/charts/metallb/metallb/templates/exclude-l2-config.yaml new file mode 100644 index 000000000..7cc2ff34e --- /dev/null +++ b/charts/metallb/metallb/templates/exclude-l2-config.yaml @@ -0,0 +1,22 @@ +{{- if .Values.speaker.excludeInterfaces.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: metallb-excludel2 +data: + excludel2.yaml: | + announcedInterfacesToExclude: + - docker.* + - cbr.* + - dummy.* + - virbr.* + - lxcbr.* + - veth.* + - lo + - ^cali.* + - ^tunl.* + - flannel.* + - kube-ipvs.* + - cni.* + - ^nodelocaldns.* +{{- end }} \ No newline at end of file diff --git a/charts/metallb/metallb/templates/rbac.yaml b/charts/metallb/metallb/templates/rbac.yaml index 1d0462578..6a38304b1 100644 --- a/charts/metallb/metallb/templates/rbac.yaml +++ b/charts/metallb/metallb/templates/rbac.yaml @@ -9,6 +9,9 @@ rules: - apiGroups: [""] resources: ["services", "namespaces"] verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["list"] - apiGroups: [""] resources: ["services/status"] verbs: ["update"] @@ -76,6 +79,9 @@ rules: - apiGroups: [""] resources: ["secrets"] verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] - apiGroups: ["metallb.io"] resources: ["addresspools"] verbs: ["get", "list", "watch"] diff --git a/charts/metallb/metallb/templates/servicemonitor.yaml b/charts/metallb/metallb/templates/servicemonitor.yaml index 5c2ab4228..1d8563d2e 100644 --- a/charts/metallb/metallb/templates/servicemonitor.yaml +++ b/charts/metallb/metallb/templates/servicemonitor.yaml @@ -58,14 +58,6 @@ spec: selector: matchLabels: name: {{ template "metallb.fullname" . }}-speaker-monitor-service -{{- if .Values.prometheus.serviceMonitor.metricRelabelings }} - metricRelabelings: -{{- toYaml .Values.prometheus.serviceMonitor.metricRelabelings | nindent 4 }} -{{- end }} -{{- if .Values.prometheus.serviceMonitor.relabelings }} - relabelings: -{{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 4 }} -{{- end }} --- apiVersion: v1 kind: Service @@ -80,8 +72,8 @@ metadata: name: {{ template "metallb.fullname" . }}-speaker-monitor-service spec: selector: - {{- include "metallb.selectorLabels" . | nindent 6 }} - app.kubernetes.io/component: speaker + {{- include "metallb.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: speaker clusterIP: None ports: - name: {{ template "metrics.exposedportname" . }} @@ -112,11 +104,19 @@ metadata: spec: endpoints: - port: {{ template "metrics.exposedportname" . }} + {{- if .Values.prometheus.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml .Values.prometheus.serviceMonitor.metricRelabelings | nindent 8 }} + {{- end -}} + {{- if .Values.prometheus.serviceMonitor.relabelings }} + relabelings: + {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 8 }} + {{- end }} {{- if .Values.prometheus.serviceMonitor.interval }} interval: {{ .Values.prometheus.serviceMonitor.interval }} {{- end }} honorLabels: true -{{ if .Values.prometheus.secureMetricsPort }} +{{- if .Values.prometheus.secureMetricsPort }} bearerTokenFile: "/var/run/secrets/kubernetes.io/serviceaccount/token" scheme: "https" {{- if .Values.prometheus.serviceMonitor.controller.tlsConfig }} @@ -131,14 +131,6 @@ spec: selector: matchLabels: name: {{ template "metallb.fullname" . }}-controller-monitor-service -{{- if .Values.prometheus.serviceMonitor.metricRelabelings }} - metricRelabelings: -{{- toYaml .Values.prometheus.serviceMonitor.metricRelabelings | nindent 4 }} -{{- end }} -{{- if .Values.prometheus.serviceMonitor.relabelings }} - relabelings: -{{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 4 }} -{{- end }} --- apiVersion: v1 kind: Service @@ -153,8 +145,8 @@ metadata: name: {{ template "metallb.fullname" . }}-controller-monitor-service spec: selector: - {{- include "metallb.selectorLabels" . | nindent 6 }} - app.kubernetes.io/component: controller + {{- include "metallb.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: controller clusterIP: None ports: - name: {{ template "metrics.exposedportname" . }} diff --git a/charts/metallb/metallb/templates/speaker.yaml b/charts/metallb/metallb/templates/speaker.yaml index 1cf78b7b6..4bbbfb1d0 100644 --- a/charts/metallb/metallb/templates/speaker.yaml +++ b/charts/metallb/metallb/templates/speaker.yaml @@ -110,6 +110,9 @@ metadata: labels: {{- include "metallb.labels" . | nindent 4 }} app.kubernetes.io/component: speaker + {{- range $key, $value := .Values.speaker.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: {{- if .Values.speaker.updateStrategy }} updateStrategy: {{- toYaml .Values.speaker.updateStrategy | nindent 4 }} @@ -135,6 +138,9 @@ spec: labels: {{- include "metallb.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: speaker + {{- range $key, $value := .Values.speaker.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} spec: {{- if .Values.speaker.runtimeClassName }} runtimeClassName: {{ .Values.speaker.runtimeClassName }} @@ -153,6 +159,12 @@ spec: secretName: {{ include "metallb.secretName" . }} defaultMode: 420 {{- end }} + {{- if .Values.speaker.excludeInterfaces.enabled }} + - name: metallb-excludel2 + configMap: + defaultMode: 256 + name: metallb-excludel2 + {{- end }} {{- if .Values.speaker.frr.enabled }} - name: frr-sockets emptyDir: {} @@ -291,7 +303,7 @@ spec: - ALL add: - NET_RAW - {{- if or .Values.speaker.frr.enabled .Values.speaker.memberlist.enabled }} + {{- if or .Values.speaker.frr.enabled .Values.speaker.memberlist.enabled .Values.speaker.excludeInterfaces.enabled }} volumeMounts: {{- if .Values.speaker.memberlist.enabled }} - name: memberlist @@ -301,6 +313,10 @@ spec: - name: reloader mountPath: /etc/frr_reloader {{- end }} + {{- if .Values.speaker.excludeInterfaces.enabled }} + - name: metallb-excludel2 + mountPath: /etc/metallb + {{- end }} {{- end }} {{- if .Values.speaker.frr.enabled }} - name: frr @@ -397,7 +413,7 @@ spec: {{- if .Values.prometheus.secureMetricsPort }} - name: kube-rbac-proxy image: {{ .Values.prometheus.rbacProxy.repository }}:{{ .Values.prometheus.rbacProxy.tag }} - imagePullPolicy: IfNotPresent + imagePullPolicy: {{ .Values.prometheus.rbacProxy.pullPolicy }} args: - --logtostderr - --secure-listen-address=:{{ .Values.prometheus.secureMetricsPort }} @@ -430,7 +446,7 @@ spec: {{- if .Values.speaker.frr.secureMetricsPort }} - name: kube-rbac-proxy-frr image: {{ .Values.prometheus.rbacProxy.repository }}:{{ .Values.prometheus.rbacProxy.tag | default .Chart.AppVersion }} - imagePullPolicy: IfNotPresent + imagePullPolicy: {{ .Values.prometheus.rbacProxy.pullPolicy }} args: - --logtostderr - --secure-listen-address=:{{ .Values.speaker.frr.secureMetricsPort }} diff --git a/charts/metallb/metallb/values.schema.json b/charts/metallb/metallb/values.schema.json index 9d3516d0a..5a92e56a7 100644 --- a/charts/metallb/metallb/values.schema.json +++ b/charts/metallb/metallb/values.schema.json @@ -322,6 +322,14 @@ } } }, + "excludeInterfaces": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + } + } + }, "updateStrategy": { "type": "object", "properties": { diff --git a/charts/metallb/metallb/values.yaml b/charts/metallb/metallb/values.yaml index c18a809a9..a0b15818e 100644 --- a/charts/metallb/metallb/values.yaml +++ b/charts/metallb/metallb/values.yaml @@ -233,6 +233,7 @@ controller: runtimeClassName: "" affinity: {} podAnnotations: {} + labels: {} livenessProbe: enabled: true failureThreshold: 3 @@ -260,6 +261,8 @@ speaker: enabled: true mlBindPort: 7946 mlSecretKeyPath: "/etc/ml_secret_key" + excludeInterfaces: + enabled: true image: repository: quay.io/metallb/speaker tag: @@ -294,6 +297,7 @@ speaker: ## Selects which runtime class will be used by the pod. runtimeClassName: "" podAnnotations: {} + labels: {} livenessProbe: enabled: true failureThreshold: 3 @@ -315,10 +319,10 @@ speaker: # frr contains configuration specific to the MetalLB FRR container, # for speaker running alongside FRR. frr: - enabled: false + enabled: true image: repository: quay.io/frrouting/frr - tag: 7.5.1 + tag: 8.4.2 pullPolicy: metricsPort: 7473 resources: {} diff --git a/charts/minio/minio-operator/Chart.yaml b/charts/minio/minio-operator/Chart.yaml index 736190d61..9f1f2427f 100644 --- a/charts/minio/minio-operator/Chart.yaml +++ b/charts/minio/minio-operator/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.19-0' catalog.cattle.io/release-name: minio-operator apiVersion: v2 -appVersion: v5.0.4 +appVersion: v5.0.5 description: A Helm chart for MinIO Operator home: https://min.io icon: https://min.io/resources/img/logo/MINIO_wordmark.png @@ -19,4 +19,4 @@ name: minio-operator sources: - https://github.com/minio/operator type: application -version: 5.0.4 +version: 5.0.5 diff --git a/charts/minio/minio-operator/Chart.yaml-e b/charts/minio/minio-operator/Chart.yaml-e index fc7da98cf..cc7df9b3d 100644 --- a/charts/minio/minio-operator/Chart.yaml-e +++ b/charts/minio/minio-operator/Chart.yaml-e @@ -1,8 +1,8 @@ apiVersion: v2 description: A Helm chart for MinIO Operator name: operator -version: 5.0.4 -appVersion: v5.0.4 +version: 5.0.5 +appVersion: v5.0.5 keywords: - storage - object-storage diff --git a/charts/minio/minio-operator/values.yaml b/charts/minio/minio-operator/values.yaml index 2e6c0b902..bc8187800 100644 --- a/charts/minio/minio-operator/values.yaml +++ b/charts/minio/minio-operator/values.yaml @@ -11,7 +11,7 @@ operator: # value: "" image: repository: quay.io/minio/operator - tag: v5.0.4 + tag: v5.0.5 pullPolicy: IfNotPresent imagePullSecrets: [ ] initcontainers: [ ] @@ -48,7 +48,7 @@ operator: console: image: repository: quay.io/minio/operator - tag: v5.0.4 + tag: v5.0.5 pullPolicy: IfNotPresent imagePullSecrets: [ ] initcontainers: [ ] diff --git a/charts/minio/minio-operator/values.yaml-e b/charts/minio/minio-operator/values.yaml-e index 2e6c0b902..bc8187800 100644 --- a/charts/minio/minio-operator/values.yaml-e +++ b/charts/minio/minio-operator/values.yaml-e @@ -11,7 +11,7 @@ operator: # value: "" image: repository: quay.io/minio/operator - tag: v5.0.4 + tag: v5.0.5 pullPolicy: IfNotPresent imagePullSecrets: [ ] initcontainers: [ ] @@ -48,7 +48,7 @@ operator: console: image: repository: quay.io/minio/operator - tag: v5.0.4 + tag: v5.0.5 pullPolicy: IfNotPresent imagePullSecrets: [ ] initcontainers: [ ] diff --git a/charts/redpanda/redpanda/Chart.lock b/charts/redpanda/redpanda/Chart.lock index 4cd97da41..f93af5b38 100644 --- a/charts/redpanda/redpanda/Chart.lock +++ b/charts/redpanda/redpanda/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: console repository: https://charts.redpanda.com - version: 0.6.4 -digest: sha256:2d1ac97b8066aedf79fbefc8064088743a9500b6f0dc43711b47207df117d74f -generated: "2023-05-26T18:23:06.258117179Z" + version: 0.6.5 +digest: sha256:533659a56594d97d5583ad1d9796089d5bd8240db8037ab010dc9c959f16cce9 +generated: "2023-06-01T20:32:16.065074963Z" diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index 7065f2230..7fb3da6f6 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/images: | - name: redpanda - image: vectorized/redpanda:v23.1.8 + image: docker.redpanda.com/redpandadata/redpanda:v23.1.10 - name: busybox image: busybox:latest artifacthub.io/license: Apache-2.0 @@ -15,7 +15,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.21-0' catalog.cattle.io/release-name: redpanda apiVersion: v2 -appVersion: v23.1.10 +appVersion: v23.1.11 dependencies: - condition: console.enabled name: console @@ -31,4 +31,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 4.0.26 +version: 4.0.32 diff --git a/charts/redpanda/redpanda/charts/console/Chart.yaml b/charts/redpanda/redpanda/charts/console/Chart.yaml index a6e9f8639..349d2ead2 100644 --- a/charts/redpanda/redpanda/charts/console/Chart.yaml +++ b/charts/redpanda/redpanda/charts/console/Chart.yaml @@ -19,4 +19,4 @@ name: console sources: - https://github.com/redpanda-data/helm-charts type: application -version: 0.6.4 +version: 0.6.5 diff --git a/charts/redpanda/redpanda/charts/console/templates/deployment.yaml b/charts/redpanda/redpanda/charts/console/templates/deployment.yaml index bc0a1234f..cb6dbfcab 100644 --- a/charts/redpanda/redpanda/charts/console/templates/deployment.yaml +++ b/charts/redpanda/redpanda/charts/console/templates/deployment.yaml @@ -5,6 +5,10 @@ metadata: name: {{ include "console.fullname" . }} labels: {{- include "console.labels" . | nindent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} diff --git a/charts/redpanda/redpanda/charts/console/values.schema.json b/charts/redpanda/redpanda/charts/console/values.schema.json index ede5ff658..1d5b84524 100644 --- a/charts/redpanda/redpanda/charts/console/values.schema.json +++ b/charts/redpanda/redpanda/charts/console/values.schema.json @@ -154,6 +154,9 @@ "nodeSelector": { "type": "object" }, + "annotations": { + "type": "object" + }, "podAnnotations": { "type": "object" }, diff --git a/charts/redpanda/redpanda/charts/console/values.yaml b/charts/redpanda/redpanda/charts/console/values.yaml index 9b055eca5..46674a112 100644 --- a/charts/redpanda/redpanda/charts/console/values.yaml +++ b/charts/redpanda/redpanda/charts/console/values.yaml @@ -37,6 +37,9 @@ serviceAccount: # a name is generated using the `console.fullname` template name: "" +# -- Annotations to add to the deployment. +annotations: {} + podAnnotations: {} podLabels: {} diff --git a/charts/redpanda/redpanda/templates/_helpers.tpl b/charts/redpanda/redpanda/templates/_helpers.tpl index 61bd1b76a..eda4050a9 100644 --- a/charts/redpanda/redpanda/templates/_helpers.tpl +++ b/charts/redpanda/redpanda/templates/_helpers.tpl @@ -520,22 +520,22 @@ than 1 core. {{- end -}} {{- define "redpanda-atleast-22-2-0" -}} -{{- toJson (dict "bool" (or (not (eq .Values.image.repository "vectorized/redpanda")) (include "redpanda.semver" . | semverCompare ">=22.2.0"))) -}} +{{- toJson (dict "bool" (or (not (eq .Values.image.repository "docker.redpanda.com/redpandadata/redpanda")) (include "redpanda.semver" . | semverCompare ">=22.2.0-0 || <0.0.1-0"))) -}} {{- end -}} {{- define "redpanda-atleast-22-3-0" -}} -{{- toJson (dict "bool" (or (not (eq .Values.image.repository "vectorized/redpanda")) (include "redpanda.semver" . | semverCompare ">=22.3.0"))) -}} +{{- toJson (dict "bool" (or (not (eq .Values.image.repository "docker.redpanda.com/redpandadata/redpanda")) (include "redpanda.semver" . | semverCompare ">=22.3.0-0 || <0.0.1-0"))) -}} {{- end -}} {{- define "redpanda-atleast-23-1-1" -}} -{{- toJson (dict "bool" (or (not (eq .Values.image.repository "vectorized/redpanda")) (include "redpanda.semver" . | semverCompare ">=23.1.1"))) -}} +{{- toJson (dict "bool" (or (not (eq .Values.image.repository "docker.redpanda.com/redpandadata/redpanda")) (include "redpanda.semver" . | semverCompare ">=23.1.1-0 || <0.0.1-0"))) -}} {{- end -}} {{- define "redpanda-atleast-23-1-2" -}} -{{- toJson (dict "bool" (or (not (eq .Values.image.repository "vectorized/redpanda")) (include "redpanda.semver" . | semverCompare ">=23.1.2"))) -}} +{{- toJson (dict "bool" (or (not (eq .Values.image.repository "docker.redpanda.com/redpandadata/redpanda")) (include "redpanda.semver" . | semverCompare ">=23.1.2-0 || <0.0.1-0"))) -}} {{- end -}} {{- define "redpanda-22-3-atleast-22-3-13" -}} -{{- toJson (dict "bool" (or (not (eq .Values.image.repository "vectorized/redpanda")) (include "redpanda.semver" . | semverCompare ">=22.3.13,<22.4"))) -}} +{{- toJson (dict "bool" (or (not (eq .Values.image.repository "docker.redpanda.com/redpandadata/redpanda")) (include "redpanda.semver" . | semverCompare ">=22.3.13-0,<22.4"))) -}} {{- end -}} {{- define "redpanda-22-2-atleast-22-2-10" -}} -{{- toJson (dict "bool" (or (not (eq .Values.image.repository "vectorized/redpanda")) (include "redpanda.semver" . | semverCompare ">=22.2.10,<22.3"))) -}} +{{- toJson (dict "bool" (or (not (eq .Values.image.repository "docker.redpanda.com/redpandadata/redpanda")) (include "redpanda.semver" . | semverCompare ">=22.2.10-0,<22.3"))) -}} {{- end -}} # manage backward compatibility with renaming podSecurityContext to securityContext diff --git a/charts/redpanda/redpanda/templates/configmap.yaml b/charts/redpanda/redpanda/templates/configmap.yaml index 72e488c23..4b15f7af1 100644 --- a/charts/redpanda/redpanda/templates/configmap.yaml +++ b/charts/redpanda/redpanda/templates/configmap.yaml @@ -32,7 +32,8 @@ limitations under the License. {{- $cm := lookup "v1" "ConfigMap" .Release.Namespace (include "redpanda.fullname" .) -}} {{- $redpandaYAML := dig "data" "redpanda.yaml" "" $cm | fromYaml -}} {{- $currentRPCTLS := dig "redpanda" "rpc_server_tls" "enabled" false $redpandaYAML -}} -{{- if .Release.IsUpgrade -}} +{{- /* Lookup will return an empty map when running `helm template` or when `--dry-run` is passed. */ -}} +{{- if (and .Release.IsUpgrade $cm) -}} {{- if ne $currentRPCTLS $wantedRPCTLS -}} {{- if eq (get .Values "force" | default false) false -}} {{- fail (join "\n" (list diff --git a/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml b/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml index 847c225e9..a9d390ef7 100644 --- a/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml +++ b/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml @@ -81,9 +81,9 @@ spec: set -e {{- if (include "redpanda-atleast-22-2-0" . | fromJson).bool }} {{- if not (empty .Values.license_secret_ref) }} - rpk cluster license set "$REDPANDA_LICENSE" {{ template "rpk-flags-no-sasl" $ }} + rpk cluster license set "$REDPANDA_LICENSE" {{ template "rpk-acl-user-flags" $ }} {{- else if not (empty .Values.license_key) }} - rpk cluster license set {{ .Values.license_key | quote }} {{ template "rpk-flags-no-sasl" $ }} + rpk cluster license set {{ .Values.license_key | quote }} {{ template "rpk-acl-user-flags" $ }} {{- end }} {{- end }} {{- with .Values.post_install_job.resources }} diff --git a/charts/redpanda/redpanda/templates/servicemonitor.yaml b/charts/redpanda/redpanda/templates/servicemonitor.yaml index e59895d3f..8c7e20e71 100644 --- a/charts/redpanda/redpanda/templates/servicemonitor.yaml +++ b/charts/redpanda/redpanda/templates/servicemonitor.yaml @@ -26,6 +26,9 @@ metadata: {{- with include "full.labels" . }} {{- . | nindent 4 }} {{- end }} +{{- with .Values.monitoring.labels }} + {{- . | toYaml | nindent 4 }} +{{- end }} spec: endpoints: - interval: {{ .Values.monitoring.scrapeInterval }} diff --git a/charts/redpanda/redpanda/values.schema.json b/charts/redpanda/redpanda/values.schema.json index c35760e45..cebce578d 100644 --- a/charts/redpanda/redpanda/values.schema.json +++ b/charts/redpanda/redpanda/values.schema.json @@ -33,7 +33,7 @@ "properties": { "repository": { "description": "container image repository", - "default": "vectorized/redpanda", + "default": "docker.redpanda.com/redpandadata/redpanda", "type": "string", "pattern": "^[a-z0-9-_/.]+$" }, @@ -245,6 +245,9 @@ "scrapeInterval": { "type": "string", "pattern": ".*[smh]$" + }, + "labels": { + "type": "object" } } }, diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index f2dcbf2e7..33087bbd2 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -45,7 +45,7 @@ tolerations: [] # -- Redpanda Docker image settings. image: # -- Docker repository from which to pull the Redpanda Docker image. - repository: vectorized/redpanda + repository: docker.redpanda.com/redpandadata/redpanda # -- The Redpanda version. # See DockerHub for: # [All stable versions](https://hub.docker.com/r/redpandadata/redpanda/tags) @@ -228,6 +228,7 @@ logging: monitoring: enabled: false scrapeInterval: 30s + labels: {} # -- Pod resource management. # This section simplifies resource allocation @@ -411,7 +412,7 @@ storage: # -- Maximum size of the disk cache used by Tiered Storage. # Default is 20 GiB. # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_cache_size). - cloud_storage_cache_size: 21474836480 + cloud_storage_cache_size: 5368709120 # cloud_storage_cache_directory: "" # cloud_storage_cache_check_interval: 30000 # cloud_storage_initial_backoff_ms: 100 diff --git a/charts/sysdig/sysdig/CHANGELOG.md b/charts/sysdig/sysdig/CHANGELOG.md index 7acdc8ab1..8777f22bc 100644 --- a/charts/sysdig/sysdig/CHANGELOG.md +++ b/charts/sysdig/sysdig/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.15.91 +### Chores +* **sysdig, node-analyzer** [601a0685](https://github.com/sysdiglabs/charts/commit/601a0685639cefc10ec9120c74153f4bb2ac2473): bump sysdig/vuln-runtime-scanner to v1.4.12 ([#1127](https://github.com/sysdiglabs/charts/issues/1127)) # v1.15.90 ### New Features * **sysdig** [a1a22e4c](https://github.com/sysdiglabs/charts/commit/a1a22e4c0d439a1dc254a172e3d8fb4eaa801dd4): Update legacy engine HostAnalyzer with security updates ([#1128](https://github.com/sysdiglabs/charts/issues/1128)) diff --git a/charts/sysdig/sysdig/Chart.yaml b/charts/sysdig/sysdig/Chart.yaml index 502110eae..52b7f591c 100644 --- a/charts/sysdig/sysdig/Chart.yaml +++ b/charts/sysdig/sysdig/Chart.yaml @@ -29,4 +29,4 @@ name: sysdig sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig -version: 1.15.90 +version: 1.15.91 diff --git a/charts/sysdig/sysdig/README.md b/charts/sysdig/sysdig/README.md index 171c23a11..af58007c6 100644 --- a/charts/sysdig/sysdig/README.md +++ b/charts/sysdig/sysdig/README.md @@ -194,7 +194,7 @@ The following table lists the configurable parameters of the Sysdig chart and th | `nodeAnalyzer.runtimeScanner.deploy` | Deploy the Runtime Scanner | `false` | | `nodeAnalyzer.runtimeScanner.extraMounts` | Specify a container engine custom socket path (docker, containerd, CRI-O) | | | `nodeAnalyzer.runtimeScanner.image.repository` | The image repository to pull the Runtime Scanner from | `sysdig/vuln-runtime-scanner` | -| `nodeAnalyzer.runtimeScanner.image.tag` | The image tag to pull the Runtime Scanner | `1.4.11` | +| `nodeAnalyzer.runtimeScanner.image.tag` | The image tag to pull the Runtime Scanner | `1.4.12` | | `nodeAnalyzer.runtimeScanner.image.digest` | The image digest to pull | ` ` | | `nodeAnalyzer.runtimeScanner.image.pullPolicy` | The image pull policy for the Runtime Scanner | `IfNotPresent` | | `nodeAnalyzer.runtimeScanner.resources.requests.cpu` | Runtime Scanner CPU requests per node | `250m` | diff --git a/charts/sysdig/sysdig/RELEASE-NOTES.md b/charts/sysdig/sysdig/RELEASE-NOTES.md index c5c9773a4..3f0b8de8b 100644 --- a/charts/sysdig/sysdig/RELEASE-NOTES.md +++ b/charts/sysdig/sysdig/RELEASE-NOTES.md @@ -1,9 +1,6 @@ # What's Changed -### New Features -- **sysdig** [a1a22e4c](https://github.com/sysdiglabs/charts/commit/a1a22e4c0d439a1dc254a172e3d8fb4eaa801dd4): Update legacy engine HostAnalyzer with security updates ([#1128](https://github.com/sysdiglabs/charts/issues/1128)) +### Chores +- **sysdig, node-analyzer** [601a0685](https://github.com/sysdiglabs/charts/commit/601a0685639cefc10ec9120c74153f4bb2ac2473): bump sysdig/vuln-runtime-scanner to v1.4.12 ([#1127](https://github.com/sysdiglabs/charts/issues/1127)) - * Security updates (May 2023) for HostAnalyzer. Fixed 1 CVE: - * CVE-2023-28840 - -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.8.11...sysdig-1.15.90 +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.8.14...sysdig-1.15.91 diff --git a/charts/sysdig/sysdig/values.yaml b/charts/sysdig/sysdig/values.yaml index 73d164878..587aa5bfa 100644 --- a/charts/sysdig/sysdig/values.yaml +++ b/charts/sysdig/sysdig/values.yaml @@ -505,7 +505,7 @@ nodeAnalyzer: deploy: false image: repository: sysdig/vuln-runtime-scanner - tag: 1.4.11 + tag: 1.4.12 digest: pullPolicy: IfNotPresent diff --git a/charts/weka/csi-wekafsplugin/.helmignore b/charts/weka/csi-wekafsplugin/.helmignore new file mode 100644 index 000000000..50af03172 --- /dev/null +++ b/charts/weka/csi-wekafsplugin/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/weka/csi-wekafsplugin/CHANGELOG.md b/charts/weka/csi-wekafsplugin/CHANGELOG.md new file mode 100644 index 000000000..95adc2758 --- /dev/null +++ b/charts/weka/csi-wekafsplugin/CHANGELOG.md @@ -0,0 +1,64 @@ + +## What's Changed +Weka CSI Plugin v2.0.0 has a comprehensive set of improvenents and new functionality: +* Support of different backings for CSI volumes (filesystem, writable snapshot, directory) +* CSI snapshot and volume cloning support +* `fsGroup` support +* Custom mount options per storageClass +* Redundant CSI controllers +* Restructuring of CI and release workflows + +> **NOTE:** some of the functionality provided by Weka CSI Plugin 2.0.0 requires Weka software of version 4.2 or higher. Please refer to [documentation](README.md) for additional information + +> **NOTE:** To better understand the different types of volume backings and their implications, refer to documentation. + +### New features +* feat: Support of new volumes from content source by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/11 +* feat: Support Mount options by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/18 +* feat: Add fsGroup support on CSI driver by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/20 +* feat: Support different backing types for CSI volumes by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/69 +* feat: official support for multiple controller server replicas by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/47 + +### Improvements +* feat: configurable log format (colorized human-readable logs or JSON structured logs) by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/26 +* feat: OpenTelemetry tracing support by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/26 +* feat: support of mutually exclusive mount options by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/54 +* feat: Add concurrency limitation for multiple requests by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/56 +* refactor: concurrency improvements by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/68 + +### Bug Fixes +* fix: Correctly calculate capacity for FS-based volume expansion (fixu… by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/15 +* refactor: do not recover lost mounts and shorten default mountOptions by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/21 +* fix: plugin might crash when trying to create dir-based volume on non… by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/29 +* fix: CSI-47 Snapshot volumes run out of space after filling FS space by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/35 +* fix: WEKAPP-298226 volumes published with ReadOnlyMany were writable by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/36 +* fix: initial filesystem capacity conversion to bytes is invalid by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/38 +* fix: loozen snapshot id validation for static provisioning by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/41 +* fix: re-enable writecache by default by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/51 +* fix: make sure op is written correctly for each function by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/67 + +### Miscellaneous +* style: add more logging to initial FS resize by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/37 +* Add Helm linting and install test by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/13 +* Push updated docs to main branch straight after PR merge by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/19 +* docs: modify helm docs templates by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/22 +* chore: add S3 chart upload GH task by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/23 +* chore: auto increase version on feat git commit by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/24 +* feat: Bump versions of packages by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/25 +* chore: change docker build via native buildx GH action by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/27 +* ci: add csi-sanity action to PRs by @dontbreakit in https://github.com/weka/csi-wekafs/pull/30 +* ci: add release action by @dontbreakit in https://github.com/weka/csi-wekafs/pull/34 +* docs: Improve documentation on mount options and different volume types by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/39 +* chore: Bump CSI sidecar images to latest version by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/42 +* docs: fix capacityEnforcement comment inside storageClass examples by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/46 +* Add notifications to slack by @dontbreakit in https://github.com/weka/csi-wekafs/pull/53 +* docs: Improve release.yaml to include additional PR labels by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/70 + +## Upgrade Implications +In order to support `fsGroup` functionality, the CSIDriver manifest had to be modified. Since this type of Kubernetes objects is defined as immutable, upgrading Helm release with the new version might fail. +Hence, when upgrading from version below 2.0.0, a complete uninstall and reinstall of Helm release is required. +> NOTE: it is not required to remove any Secrets, storageClass definitions, PersistentVolumes or PersistentVolumeClaims. + +## Deprecation Notice +Support of legacy volumes without API binding will be removed in next major release of Weka CSI Plugin. New features rely on API connectivity to Weka cluster and will not be supported on API unbound volumes. Please make sure to migrate all existing volumes to API based scheme prior to next version upgrade. + diff --git a/charts/weka/csi-wekafsplugin/Chart.yaml b/charts/weka/csi-wekafsplugin/Chart.yaml index 8a83d8563..c69e910bf 100644 --- a/charts/weka/csi-wekafsplugin/Chart.yaml +++ b/charts/weka/csi-wekafsplugin/Chart.yaml @@ -1,15 +1,29 @@ annotations: + artifacthub.io/category: storage + artifacthub.io/containsSecurityUpdates: "true" + artifacthub.io/license: Apache-2.0 + artifacthub.io/prerelease: "false" catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WekaFS CSI Driver + catalog.cattle.io/kube-version: '>=1.18.0' catalog.cattle.io/release-name: csi-wekafsplugin apiVersion: v2 -appVersion: v0.8.4 +appVersion: 2.0.0 description: Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png +keywords: +- storage +- filesystem +- HPC +kubeVersion: '>=1.18.0' +maintainers: +- email: csi@weka.io + name: WekaIO, Inc. + url: https://weka.io name: csi-wekafsplugin sources: -- https://github.com/weka/csi-wekafs/tree/v0.8.4/deploy/helm/csi-wekafsplugin +- https://github.com/weka/csi-wekafs/tree/$VERSION type: application -version: 0.8.4 +version: 2.0.0 diff --git a/charts/weka/csi-wekafsplugin/LOCAL.md b/charts/weka/csi-wekafsplugin/LOCAL.md index 7562e551b..ebb0d84c4 100644 --- a/charts/weka/csi-wekafsplugin/LOCAL.md +++ b/charts/weka/csi-wekafsplugin/LOCAL.md @@ -3,22 +3,12 @@ Helm Chart for Weka wekafs CSI driver deployment # Usage -## Build charts -> **NOTE**: To simplify source control and packaging process, software versions and git tags are not stored in repository. -> For this reason, make is necessary. - -```shell -make -``` - ## Install driver - - - Optionally modify values.yaml - - Install the driver: - ``` - helm install csi-wekafsplugin --namespace csi-wekafsplugin --create-namespace . - ``` - +To install the driver, issue the following command +``` +helm install csi-wekafsplugin --namespace csi-wekafsplugin --create-namespace . +``` +> **NOTE:** Optionally modify values.yaml or set overrides via Helm command line ## Uninstall driver To uninstall a driver, issue the following command @@ -27,8 +17,22 @@ helm uninstall csi-wekafsplugin --namespace csi-wekafsplugin -n=csi-wekafsplugin ``` # Upgrade -To upgrade from versions before v0.6.0, first uninstall the previous version using cleanup script: -``` -./deploy/kubernetes-latest/cleanup.sh -``` -Then install as usual. \ No newline at end of file +## Upgrading from versions v0.6.0 and below +> WARNING: Removal of CSI plugin from versions v0.6.0 and below requires checking out an older version of Weka CSI Plugin. +To upgrade from versions before v0.6.0, the previous version must be uninstalled using a cleanup script (deprecated!) +1. Checkout the sources of previous version of the Weka CSI Plugin by using the following command: + ```shell + git clone https://github.com/weka/csi-wekafs.git csi-wekafs + git checkout v0.8.4 + ``` +2. Run the cleanup script + ``` + cd csi-wekafs + ./deploy/kubernetes-latest/cleanup.sh + ``` + Then proceed to [Helm installation](#install-driver) +## Upgrading from versions below v2.0.0 +In version v2.0.0, fsGroup support was added to CSIDriver. Since CSIDriver component is considered immutable by Kubernetes, +upgrading the driver requires a complete removal and reinstallation of the CSI driver. + +> **NOTE:** Existing Weka CSI volumes and workloads using those volumes will not be affected by Weka CSI Plugin uninstallation. diff --git a/charts/weka/csi-wekafsplugin/Makefile b/charts/weka/csi-wekafsplugin/Makefile deleted file mode 100644 index 06bd43404..000000000 --- a/charts/weka/csi-wekafsplugin/Makefile +++ /dev/null @@ -1,5 +0,0 @@ -chart: - yq w -i Chart.yaml version 1.2.3 - yq w -i Chart.yaml appVersion 1.2.3.4 - yq w -i values.yaml csiDriverVersion 1.2.3.4 - diff --git a/charts/weka/csi-wekafsplugin/README.md b/charts/weka/csi-wekafsplugin/README.md index d83e520ae..9c268c6a8 100644 --- a/charts/weka/csi-wekafsplugin/README.md +++ b/charts/weka/csi-wekafsplugin/README.md @@ -1,8 +1,18 @@ # CSI WekaFS Driver +Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem + [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) +![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0](https://img.shields.io/badge/AppVersion-2.0.0-informational?style=flat-square) -This repository hosts the CSI WekaFS driver and all of its build and dependent configuration files to deploy the driver. +## Homepage +https://github.com/weka/csi-wekafs + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WekaIO, Inc. | | | ## Pre-requisite - Kubernetes cluster of version 1.18 and up, 1.19 and up recommended @@ -36,28 +46,61 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs ## Additional Documentation - [Official Weka CSI Plugin documentation](https://docs.weka.io/appendix/weka-csi-plugin) +## Requirements + +Kubernetes: `>=1.18.0` + ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"0.8.4"` | CSI driver version | -| images.livenessprobesidecar | string | `"k8s.gcr.io/sig-storage/livenessprobe:v2.6.0"` | CSI liveness probe sidecar image URL | -| images.attachersidecar | string | `"k8s.gcr.io/sig-storage/csi-attacher:v3.4.0"` | CSI attacher sidecar image URL | -| images.provisionersidecar | string | `"k8s.gcr.io/sig-storage/csi-provisioner:v3.1.0"` | CSI provisioner sidecar image URL | -| images.registrarsidecar | string | `"k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.0"` | CSI registrar sidercar | -| images.resizersidecar | string | `"k8s.gcr.io/sig-storage/csi-resizer:v1.4.0"` | CSI provisioner sidecar image URL | +| csiDriverVersion | string | `"2.0.0"` | CSI driver version | +| images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.10.0"` | CSI liveness probe sidecar image URL | +| images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v3.5.0"` | CSI provisioner sidecar image URL | +| images.registrarsidecar | string | `"registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0"` | CSI registrar sidercar | +| images.resizersidecar | string | `"registry.k8s.io/sig-storage/csi-resizer:v1.8.0"` | CSI resizer sidecar image URL | +| images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.2.1"` | CSI snapshotter sidecar image URL | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"0.8.4"` | CSI driver tag | +| images.csidriverTag | string | `"2.0.0"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | | nodeSelector | object | `{}` | Optional nodeSelector for CSI plugin deployment on certain Kubernetes nodes only | +| controller | object | `{"concurrency":{"createSnapshot":5,"createVolume":5,"deleteSnapshot":5,"deleteVolume":1,"expandVolume":5},"configureProvisionerLeaderElection":true,"configureResizerLeaderElection":true,"configureSnapshotterLeaderElection":true,"grpcRequestTimeoutSeconds":30,"maxConcurrentRequests":5,"replicas":2}` | Controller-specific parameters, please do not change unless explicitly guided | +| controller.replicas | int | `2` | Controller number of replicas | +| controller.maxConcurrentRequests | int | `5` | Maximum concurrent requests from sidecars (global) | +| controller.concurrency | object | `{"createSnapshot":5,"createVolume":5,"deleteSnapshot":5,"deleteVolume":1,"expandVolume":5}` | maximum concurrent operations per operation type (to avoid API starvation) | +| controller.grpcRequestTimeoutSeconds | int | `30` | Return GRPC Unavailable if request waits in queue for that long time (seconds) | +| controller.configureProvisionerLeaderElection | bool | `true` | Configure provisioner sidecar for leader election | +| controller.configureResizerLeaderElection | bool | `true` | Configure resizer sidecar for leader election | +| controller.configureSnapshotterLeaderElection | bool | `true` | Configure snapshotter sidecar for leader election | +| node | object | `{"concurrency":{"nodePublishVolume":5,"nodeUnpublishVolume":5},"grpcRequestTimeoutSeconds":30,"maxConcurrentRequests":5}` | Node-specific parameters, please do not change unless explicitly guided | +| node.maxConcurrentRequests | int | `5` | Maximum concurrent requests from sidecars (global) | +| node.concurrency | object | `{"nodePublishVolume":5,"nodeUnpublishVolume":5}` | maximum concurrent operations per operation type (to avoid API starvation) | +| node.grpcRequestTimeoutSeconds | int | `30` | Return GRPC Unavailable if request waits in queue for that long time (seconds) | | logLevel | int | `5` | Log level of CSI plugin | +| useJsonLogging | bool | `false` | Use JSON structured logging instead of human-readable logging format (for exporting logs to structured log parser) | | legacyVolumeSecretName | string | `""` | for migration of pre-CSI 0.7.0 volumes only, default API secret. Must reside in same namespace as the plugin | | priorityClassName | string | `""` | Optional CSI Plugin priorityClassName | | selinuxSupport | string | `"off"` | Support SELinux labeling for Persistent Volumes, may be either `off`, `mixed`, `enforced` (default off) In `enforced` mode, CSI node components will only start on nodes having a label `selinuxNodeLabel` below In `mixed` mode, separate CSI node components will be installed on SELinux-enabled and regular hosts In `off` mode, only non-SELinux-enabled node components will be run on hosts without label. WARNING: if SELinux is not enabled, volume provisioning and publishing might fail! | -| selinuxNodeLabel | string | `"csi.weka.io/selinux_enabled"` | This label must be set to "true" on SELinux-enabled Kubernetes nodes, e.g., to run the node server in secure mode on SELinux-enabled node, the node must have label csi.weka.io/selinux_enabled="true" | +| selinuxNodeLabel | string | `"csi.weka.io/selinux_enabled"` | This label must be set to `"true"` on SELinux-enabled Kubernetes nodes, e.g., to run the node server in secure mode on SELinux-enabled node, the node must have label `csi.weka.io/selinux_enabled="true"` | | kubeletPath | string | `"/var/lib/kubelet"` | kubelet path, in cases Kubernetes is installed not in default folder | +| metrics.enabled | bool | `true` | Enable Prometheus Metrics | +| metrics.port | int | `9090` | Metrics port | +| metrics.provisionerPort | int | `9091` | Provisioner metrics port | +| metrics.resizerPort | int | `9092` | Resizer metrics port | +| metrics.snapshotterPort | int | `9093` | Snapshotter metrics port | +| pluginConfig.allowInsecureHttps | bool | `false` | Allow insecure HTTPS (skip TLS certificate verification) | +| pluginConfig.objectNaming.volumePrefix | string | `"csivol-"` | Prefix that will be added to names of Weka cluster filesystems / snapshots assocciated with CSI volume, must not exceed 7 symbols. | +| pluginConfig.objectNaming.snapshotPrefix | string | `"csisnp-"` | Prefix that will be added to names of Weka cluster snapshots assocciated with CSI snapshot, must not exceed 7 symbols. | +| pluginConfig.objectNaming.seedSnapshotPrefix | string | `"csisnp-seed-"` | Prefix that will be added to automatically created "seed" snapshot of empty filesytem, must not exceed 12 symbols. | +| pluginConfig.allowedOperations.autoCreateFilesystems | bool | `true` | Allow automatic provisioning of CSI volumes based on distinct Weka filesystem | +| pluginConfig.allowedOperations.autoExpandFilesystems | bool | `true` | Allow automatic expansion of filesystem on which Weka snapshot-backed CSI volumes, e.g. in case a required volume capacity exceeds the size of filesystem. Note: the filesystem is not expanded automatically when a new directory-backed volume is provisioned | +| pluginConfig.allowedOperations.snapshotDirectoryVolumes | bool | `false` | Create snapshots of legacy (dir/v1) volumes. By default disabled. Note: when enabled, for every legacy volume snapshot, a full filesystem snapshot will be created (wasteful) | +| pluginConfig.allowedOperations.snapshotVolumesWithoutQuotaEnforcement | bool | `false` | Allow creation of snapshot-backed volumes even on unsupported Weka cluster versions, off by default Note: On versions of Weka < v4.2 snapshot-backed volume capacity cannot be enforced | +| pluginConfig.mutuallyExclusiveMountOptions[0] | string | `"readcache,writecache,coherent"` | | +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/charts/weka/csi-wekafsplugin/README.md.gotmpl b/charts/weka/csi-wekafsplugin/README.md.gotmpl index fc4425cc1..b7bcc02ec 100644 --- a/charts/weka/csi-wekafsplugin/README.md.gotmpl +++ b/charts/weka/csi-wekafsplugin/README.md.gotmpl @@ -1,8 +1,14 @@ # CSI WekaFS Driver +{{ template "chart.description" . }} + [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) +{{ template "chart.badgesSection" . }} -This repository hosts the CSI WekaFS driver and all of its build and dependent configuration files to deploy the driver. +## Homepage +{{ template "chart.homepage" . }} + +{{ template "chart.maintainersSection" . }} ## Pre-requisite - Kubernetes cluster of version 1.18 and up, 1.19 and up recommended @@ -41,4 +47,4 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs {{ template "chart.valuesSection" . }} -{{ template "helm-docs.versionFooter" . }} \ No newline at end of file +{{ template "helm-docs.versionFooter" . }} diff --git a/charts/weka/csi-wekafsplugin/templates/NOTES.txt b/charts/weka/csi-wekafsplugin/templates/NOTES.txt index f8efd5663..7bf60d2f3 100644 --- a/charts/weka/csi-wekafsplugin/templates/NOTES.txt +++ b/charts/weka/csi-wekafsplugin/templates/NOTES.txt @@ -12,3 +12,16 @@ Official Weka CSI Plugin documentation can be found here: https://docs.weka.io/a Examples on how to configure a storage class and start using the driver are here: https://github.com/weka/csi-wekafs/tree/master/examples + +-------------------------------------------------- NOTICE -------------------------------------------------- +| THIS VERSION INTRODUCES SUPPORT FOR ADDITIONAL VOLUME TYPES, AS WELL AS SNAPSHOT AND VOLUME CLONING CAPS | +| TO BETTER UNDERSTAND DIFFERENT TYPES OF VOLUMES AND THEIR IMPLICATIONS, REFER TO THE DOCUMENTATION ABOVE | +| ALSO, IT IS RECOMMENDED TO CAREFULLY GO OVER NEW CONFIGURATION PARAMETERS AND ITS MEANINGS, AS BEHAVIOR | +| OF THE PLUGIN AND ITS REPORTED CAPABILITIES LARGELY DEPEND ON THE CONFIGURATION AND WEKA CLUSTER VERSION | +------------------------------------------------------------------------------------------------------------ + +-------------------------------------------------- WARNING ------------------------------------------------- +| SUPPORT OF LEGACY VOLUMES WITHOUT API BINDING WILL BE REMOVED IN NEXT MAJOR RELEASE OF WEKA CSI PLUGIN. | +| NEW FEATURES RELY ON API CONNECTIVITY TO WEKA CLUSTER AND WILL NOT BE SUPPORTED ON API-UNBOUND VOLUMES. | +| PLEASE MAKE SURE TO MIGRATE ALL EXISTING VOLUMES TO API-BASED SCHEME PRIOR TO NEXT VERSION UPGRADE. | +------------------------------------------------------------------------------------------------------------ diff --git a/charts/weka/csi-wekafsplugin/templates/controllerserver-role.yaml b/charts/weka/csi-wekafsplugin/templates/controllerserver-role.yaml new file mode 100644 index 000000000..f631b2dd3 --- /dev/null +++ b/charts/weka/csi-wekafsplugin/templates/controllerserver-role.yaml @@ -0,0 +1,12 @@ +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Release.Name }}-controller + labels: + app: {{ .Release.Name }}-controller + component: {{ .Release.Name }}-controller + release: {{ .Release.Name }} +rules: +- apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] diff --git a/charts/weka/csi-wekafsplugin/templates/controllerserver-rolebinding.yaml b/charts/weka/csi-wekafsplugin/templates/controllerserver-rolebinding.yaml new file mode 100644 index 000000000..1d0ce9b99 --- /dev/null +++ b/charts/weka/csi-wekafsplugin/templates/controllerserver-rolebinding.yaml @@ -0,0 +1,17 @@ +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Release.Name }}-controller + labels: + app: {{ .Release.Name }}-controller + component: {{ .Release.Name }}-controller + release: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} +subjects: + - kind: ServiceAccount + name: {{ .Release.Name }}-controller + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: {{ .Release.Name }}-controller + apiGroup: rbac.authorization.k8s.io diff --git a/charts/weka/csi-wekafsplugin/templates/controllerserver-statefulset.yaml b/charts/weka/csi-wekafsplugin/templates/controllerserver-statefulset.yaml index 099f20e5a..a265a2acf 100644 --- a/charts/weka/csi-wekafsplugin/templates/controllerserver-statefulset.yaml +++ b/charts/weka/csi-wekafsplugin/templates/controllerserver-statefulset.yaml @@ -12,55 +12,121 @@ spec: matchLabels: app: {{ .Release.Name }}-controller serviceName: {{ .Release.Name }}-controller - replicas: 1 + replicas: {{ .Values.controller.replicas | default 1 }} template: metadata: labels: app: {{ .Release.Name }}-controller component: {{ .Release.Name }}-controller release: {{ .Release.Name }} + {{- if .Values.metrics.enabled }} + annotations: + prometheus.io/scrape: 'true' + prometheus.io/path: '/metrics' + prometheus.io/port: '{{ .Values.metrics.port | default 9090 }}' + {{- end }} spec: {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8}} {{- end }} serviceAccountName: {{ .Release.Name }}-controller containers: - - name: csi-attacher - image: {{ required "csi attacher sidercar image." .Values.images.attachersidecar }} - securityContext: - privileged: true - args: - - "--csi-address=$(ADDRESS)" - - "--v={{ .Values.logLevel | default 5 }}" - env: - - name: ADDRESS - value: unix:///csi/csi.sock - volumeMounts: - - name: socket-dir - mountPath: /csi - name: csi-provisioner image: {{ required "csi provisioner sidecar container image." .Values.images.provisionersidecar }} args: - "--v={{ .Values.logLevel | default 5 }}" - "--csi-address=$(ADDRESS)" - "--feature-gates=Topology=true" + - "--timeout=60s" + - "--prevent-volume-mode-conversion" + {{- if .Values.controller.configureProvisionerLeaderElection | default true }} + - "--leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + {{- end }} + - "--worker-threads={{ .Values.controller.maxConcurrentRequests }}" + - "--retry-interval-start=10s" + {{- if or .Values.metrics.enabled .Values.controller.configureProvisionerLeaderElection }} + - "--http-endpoint=:{{ .Values.metrics.provisionerPort | default 9091 }}" + {{- end }} + {{- if .Values.controller.configureProvisionerLeaderElection }} + livenessProbe: + httpGet: + port: {{ .Values.metrics.provisionerPort | default 9091 }} + path: /healthz/leader-election + {{- end }} env: - name: ADDRESS value: unix:///csi/csi.sock volumeMounts: - name: socket-dir mountPath: "/csi" + ports: + - containerPort: {{ .Values.metrics.provisionerPort }} + name: pr-metrics + protocol: TCP - name: csi-resizer image: {{ required "csi attacher sidercar image." .Values.images.resizersidecar }} args: - "--v={{ .Values.logLevel | default 5 }}" - "--csi-address=$(ADDRESS)" + - "--timeout=60s" + {{- if or .Values.metrics.enabled .Values.controller.configureResizerLeaderElection }} + - "--http-endpoint=:{{ .Values.metrics.resizerPort | default 9092 }}" + {{- end }} + {{- if .Values.controller.configureResizerLeaderElection | default true }} + - "--leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + {{- end }} + - "--workers={{ .Values.controller.maxConcurrentRequests }}" + - "--retry-interval-start=10s" + {{- if .Values.controller.configureResizerLeaderElection }} + livenessProbe: + httpGet: + port: {{ .Values.metrics.resizerPort | default 9092 }} + path: /healthz/leader-election + {{- end }} env: - name: ADDRESS value: unix:///csi/csi.sock volumeMounts: - name: socket-dir mountPath: /csi + ports: + - containerPort: {{ .Values.metrics.resizerPort }} + name: rs-metrics + protocol: TCP + - name: csi-snapshotter + image: {{ required "csi snapshotter sidecar image." .Values.images.snapshottersidecar }} + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--timeout=60s" + {{- if .Values.controller.configureSnapshotterLeaderElection | default true }} + - "--leader-election" + - "--leader-election-namespace={{ .Release.Namespace }}" + {{- end }} + - "--worker-threads={{ .Values.controller.maxConcurrentRequests }}" + - "--retry-interval-start=10s" + {{- if or .Values.metrics.enabled .Values.controller.configureSnapshotterLeaderElection }} + - "--http-endpoint=:{{ .Values.metrics.snapshotterPort | default 9093 }}" + {{- end }} + {{- if .Values.controller.configureSnapshotterLeaderElection }} + livenessProbe: + httpGet: + port: {{ .Values.metrics.snapshotterPort | default 9093 }} + path: /healthz/leader-election + {{- end }} + ports: + - containerPort: {{ .Values.metrics.snapshotterPort }} + name: sn-metrics + protocol: TCP + env: + - name: ADDRESS + value: unix:///csi/csi.sock + imagePullPolicy: IfNotPresent + volumeMounts: + - name: socket-dir + mountPath: /csi - name: wekafs securityContext: @@ -74,10 +140,58 @@ spec: - "--nodeid=$(KUBE_NODE_NAME)" - "--dynamic-path=$(CSI_DYNAMIC_PATH)" - "--csimode=$(X_CSI_MODE)" + - "--newvolumeprefix={{ .Values.pluginConfig.objectNaming.volumePrefix | default "csivol-" | trunc 7 }}" + - "--newsnapshotprefix={{ .Values.pluginConfig.objectNaming.snapshotPrefix | default "csisnp-" | trunc 7 }}" + - "--seedsnapshotprefix={{ .Values.pluginConfig.objectNaming.seedSnapshotPrefix | default "csisnp-seed-" | trunc 12 }}" + {{- if .Values.pluginConfig.allowedOperations.autoCreateFilesystems | default true }} + - "--allowautofscreation" + {{- end }} + {{- if .Values.pluginConfig.allowedOperations.autoExpandFilesystems | default true }} + - "--allowautofsexpansion" + {{- end }} + {{- if .Values.pluginConfig.allowedOperations.snapshotDirectoryVolumes }} + - "--allowsnapshotsoflegacyvolumes" + {{- end }} + {{- if .Values.pluginConfig.allowedOperations.snapshotVolumesWithoutQuotaEnforcement }} + - "--alwaysallowsnapshotvolumes" + {{- end }} + {{- if .Values.tracingUrl }} + - "--tracingurl={{ .Values.tracingUrl }}" + {{- end }} + {{- if .Values.metrics.enabled }} + - "--enablemetrics" + - "--metricsport={{ .Values.metrics.port | default 9090 }}" + {{- end }} + {{- if .Values.pluginConfig.allowInsecureHttps }} + - "--allowinsecurehttps" + {{- end }} + {{- if .Values.pluginConfig.mutuallyExclusiveMountOptions }} + {{- range .Values.pluginConfig.mutuallyExclusiveMountOptions }} + - "--mutuallyexclusivemountoptions={{ . }}" + {{- end }} + {{- end}} + {{- if .Values.useJsonLogging }} + - "--usejsonlogging" + {{- end }} + {{- if .Values.controller.grpcRequestTimeoutSeconds }} + - "--grpcrequesttimeoutseconds={{ .Values.controller.grpcRequestTimeoutSeconds | default "5" }}" + {{- end }} + {{- if .Values.controller.concurrency }} + - "--concurrency.createVolume={{ .Values.controller.concurrency.createVolume | default "1" }}" + - "--concurrency.deleteVolume={{ .Values.controller.concurrency.deleteVolume | default "1" }}" + - "--concurrency.expandVolume={{ .Values.controller.concurrency.expandVolume | default "1" }}" + - "--concurrency.createSnapshot={{ .Values.controller.concurrency.createSnapshot | default "1" }}" + - "--concurrency.deleteSnapshot={{ .Values.controller.concurrency.deleteSnapshot | default "1" }}" + {{- end }} ports: - containerPort: 9898 name: healthz protocol: TCP + {{- if .Values.metrics.enabled }} + - containerPort: {{ .Values.metrics.port }} + name: metrics + protocol: TCP + {{- end }} livenessProbe: failureThreshold: 5 httpGet: @@ -106,10 +220,10 @@ spec: volumeMounts: - mountPath: /csi name: socket-dir - - mountPath: {{ .Values.kubeletPath | default "/var/lib/kubelet" }}/pods + - mountPath: {{ .Values.kubeletPath | default "/var/lib/kubelet" }}/pods mountPropagation: Bidirectional name: mountpoint-dir - - mountPath: {{ .Values.kubeletPath | default "/var/lib/kubelet" }}/plugins + - mountPath: {{ .Values.kubeletPath | default "/var/lib/kubelet" }}/plugins mountPropagation: Bidirectional name: plugins-dir - mountPath: /var/lib/csi-wekafs-data diff --git a/charts/weka/csi-wekafsplugin/templates/driver.yaml b/charts/weka/csi-wekafsplugin/templates/driver.yaml index 989df849f..e245b0bb3 100644 --- a/charts/weka/csi-wekafsplugin/templates/driver.yaml +++ b/charts/weka/csi-wekafsplugin/templates/driver.yaml @@ -11,3 +11,6 @@ spec: podInfoOnMount: true volumeLifecycleModes: - Persistent + {{- if semverCompare ">=1.19.0" .Capabilities.KubeVersion.Version }} + fsGroupPolicy: File + {{- end }} diff --git a/charts/weka/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml b/charts/weka/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml index f20f7d9c3..955cab38b 100644 --- a/charts/weka/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml +++ b/charts/weka/csi-wekafsplugin/templates/nodeserver-daemonset-selinux.yaml @@ -14,6 +14,12 @@ spec: app: {{ .Release.Name }}-node component: {{ .Release.Name }}-node-selinux release: {{ .Release.Name }} + {{- if .Values.metrics.enabled }} + annotations: + prometheus.io/scrape: 'true' + prometheus.io/path: '/metrics' + prometheus.io/port: '{{ .Values.metrics.port | default 9090 }}' + {{- end }} spec: affinity: nodeAffinity: @@ -46,11 +52,44 @@ spec: - "--nodeid=$(KUBE_NODE_NAME)" - "--dynamic-path=$(CSI_DYNAMIC_PATH)" - "--csimode=$(X_CSI_MODE)" + - "--newvolumeprefix={{ .Values.pluginConfig.objectNaming.volumePrefix | default "csivol-" | trunc 7 }}" + - "--newsnapshotprefix={{ .Values.pluginConfig.objectNaming.snapshotPrefix | default "csisnp-" | trunc 7 }}" + - "--seedsnapshotprefix={{ .Values.pluginConfig.objectNaming.seedSnapshotPrefix | default "csisnp-seed-" | trunc 12 }}" - "--selinux-support" + {{- if .Values.tracingUrl }} + - "--tracingurl={{ .Values.tracingUrl }}" + {{- end }} + {{- if .Values.metrics.enabled }} + - "--enablemetrics" + - "--metricsport={{ .Values.metrics.port | default 9090 }}" + {{- end }} + {{- if .Values.pluginConfig.allowInsecureHttps }} + - "--allowinsecurehttps" + {{- end }} + {{- if .Values.useJsonLogging }} + - "--usejsonlogging" + {{- end }} + {{- if .Values.pluginConfig.mutuallyExclusiveMountOptions }} + {{- range .Values.pluginConfig.mutuallyExclusiveMountOptions }} + - "--mutuallyexclusivemountoptions={{ . }}" + {{- end }} + {{- end }} + {{- if .Values.node.grpcRequestTimeoutSeconds }} + - "--grpcrequesttimeoutseconds={{ .Values.node.grpcRequestTimeoutSeconds | default "5" }}" + {{- end }} + {{- if .Values.node.concurrency }} + - "--concurrency.nodePublishVolume={{ .Values.node.concurrency.nodePublishVolume | default "1" }}" + - "--concurrency.nodeUnpublishVolume={{ .Values.node.concurrency.nodeUnpublishVolume | default "1" }}" + {{- end }} ports: - containerPort: 9898 name: healthz protocol: TCP + {{- if .Values.metrics.enabled }} + - containerPort: {{ .Values.metrics.port }} + name: metrics + protocol: TCP + {{- end }} livenessProbe: failureThreshold: 5 httpGet: @@ -111,6 +150,17 @@ spec: - "--v={{ .Values.logLevel | default 5 }}" - "--csi-address=$(ADDRESS)" - "--kubelet-registration-path=$(KUBELET_REGISTRATION_PATH)" + - "--timeout=60s" + - "--health-port=9809" + ports: + - containerPort: 9809 + name: healthz + livenessProbe: + httpGet: + port: healthz + path: /healthz + initialDelaySeconds: 5 + timeoutSeconds: 5 securityContext: privileged: true env: @@ -162,4 +212,4 @@ spec: secret: secretName: {{ .Values.legacyVolumeSecretName }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/weka/csi-wekafsplugin/templates/nodeserver-daemonset.yaml b/charts/weka/csi-wekafsplugin/templates/nodeserver-daemonset.yaml index 78172bd98..b3e701f2d 100644 --- a/charts/weka/csi-wekafsplugin/templates/nodeserver-daemonset.yaml +++ b/charts/weka/csi-wekafsplugin/templates/nodeserver-daemonset.yaml @@ -14,6 +14,12 @@ spec: app: {{ .Release.Name }}-node component: {{ .Release.Name }}-node release: {{ .Release.Name }} + {{- if .Values.metrics.enabled }} + annotations: + prometheus.io/scrape: 'true' + prometheus.io/path: '/metrics' + prometheus.io/port: '{{ .Values.metrics.port | default 9090 }}' + {{- end }} spec: affinity: nodeAffinity: @@ -45,10 +51,43 @@ spec: - "--nodeid=$(KUBE_NODE_NAME)" - "--dynamic-path=$(CSI_DYNAMIC_PATH)" - "--csimode=$(X_CSI_MODE)" + - "--newvolumeprefix={{ .Values.pluginConfig.objectNaming.volumePrefix | default "csivol-" | trunc 7 }}" + - "--newsnapshotprefix={{ .Values.pluginConfig.objectNaming.snapshotPrefix | default "csisnp-" | trunc 7 }}" + - "--seedsnapshotprefix={{ .Values.pluginConfig.objectNaming.seedSnapshotPrefix | default "csisnp-seed-" | trunc 12 }}" + {{- if .Values.tracingUrl }} + - "--tracingurl={{ .Values.tracingUrl }}" + {{- end }} + {{- if .Values.metrics.enabled }} + - "--enablemetrics" + - "--metricsport={{ .Values.metrics.port | default 9090 }}" + {{- end }} + {{- if .Values.pluginConfig.allowInsecureHttps }} + - "--allowinsecurehttps" + {{- end }} + {{- if .Values.useJsonLogging }} + - "--usejsonlogging" + {{- end }} + {{- if .Values.pluginConfig.mutuallyExclusiveMountOptions }} + {{- range .Values.pluginConfig.mutuallyExclusiveMountOptions }} + - "--mutuallyexclusivemountoptions={{ . }}" + {{- end }} + {{- end }} + {{- if .Values.node.grpcRequestTimeoutSeconds }} + - "--grpcrequesttimeoutseconds={{ .Values.node.grpcRequestTimeoutSeconds | default "5" }}" + {{- end }} + {{- if .Values.node.concurrency }} + - "--concurrency.nodePublishVolume={{ .Values.node.concurrency.nodePublishVolume | default "1" }}" + - "--concurrency.nodeUnpublishVolume={{ .Values.node.concurrency.nodeUnpublishVolume | default "1" }}" + {{- end }} ports: - containerPort: 9898 name: healthz protocol: TCP + {{- if .Values.metrics.enabled }} + - containerPort: {{ .Values.metrics.port }} + name: metrics + protocol: TCP + {{- end }} livenessProbe: failureThreshold: 5 httpGet: @@ -109,6 +148,17 @@ spec: - "--v={{ .Values.logLevel | default 5 }}" - "--csi-address=$(ADDRESS)" - "--kubelet-registration-path=$(KUBELET_REGISTRATION_PATH)" + - "--timeout=60s" + - "--health-port=9809" + ports: + - containerPort: 9809 + name: healthz + livenessProbe: + httpGet: + port: healthz + path: /healthz + initialDelaySeconds: 5 + timeoutSeconds: 5 securityContext: privileged: true env: diff --git a/charts/weka/csi-wekafsplugin/values.schema.json b/charts/weka/csi-wekafsplugin/values.schema.json index 763641204..a5eb7a120 100644 --- a/charts/weka/csi-wekafsplugin/values.schema.json +++ b/charts/weka/csi-wekafsplugin/values.schema.json @@ -2,9 +2,51 @@ "$schema": "http://json-schema.org/schema#", "type": "object", "properties": { + "controller": { + "type": "object", + "properties": { + "concurrency": { + "type": "object", + "properties": { + "createSnapshot": { + "type": "integer" + }, + "createVolume": { + "type": "integer" + }, + "deleteSnapshot": { + "type": "integer" + }, + "deleteVolume": { + "type": "integer" + }, + "expandVolume": { + "type": "integer" + } + } + }, + "configureProvisionerLeaderElection": { + "type": "boolean" + }, + "configureResizerLeaderElection": { + "type": "boolean" + }, + "configureSnapshotterLeaderElection": { + "type": "boolean" + }, + "grpcRequestTimeoutSeconds": { + "type": "integer" + }, + "maxConcurrentRequests": { + "type": "integer" + }, + "replicas": { + "type": "integer" + } + } + }, "controllerPluginTolerations": { "type": "array", - "description": "CSI Controller component tolerations", "items": { "type": "object", "properties": { @@ -21,19 +63,16 @@ } }, "csiDriverName": { - "type": "string", - "description": "Override name of CSI driver" + "type": "string" }, "csiDriverVersion": { "type": "string" }, "dynamicProvisionPath": { - "type": "string", - "description": "Root path of dynamic volumes (relative to filesystem root)" + "type": "string" }, "globalPluginTolerations": { "type": "array", - "description": "Global tolerations for all plugin components", "items": { "type": "object", "properties": { @@ -52,39 +91,82 @@ "images": { "type": "object", "properties": { - "attachersidecar": { - "type": "string", - "description": "Path to Docker image of attachersidecar container" - }, "csidriver": { - "type": "string", - "description": "Path to Docker image of csidriver container" + "type": "string" }, "csidriverTag": { - "type": "string", - "description": "Path to Docker image of csidriverTag container" + "type": "string" }, "livenessprobesidecar": { - "type": "string", - "description": "Path to Docker image of livenessprobesidecar container" + "type": "string" }, "provisionersidecar": { - "type": "string", - "description": "Path to Docker image of provisionersidecar container" + "type": "string" }, "registrarsidecar": { - "type": "string", - "description": "Path to Docker image of registrarsidecar container" + "type": "string" }, "resizersidecar": { - "type": "string", - "description": "Path to Docker image of resizersidecar container" + "type": "string" + }, + "snapshottersidecar": { + "type": "string" + } + } + }, + "kubeletPath": { + "type": "string" + }, + "legacyVolumeSecretName": { + "type": "string" + }, + "logLevel": { + "type": "integer" + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "port": { + "type": "integer" + }, + "provisionerPort": { + "type": "integer" + }, + "resizerPort": { + "type": "integer" + }, + "snapshotterPort": { + "type": "integer" + } + } + }, + "node": { + "type": "object", + "properties": { + "concurrency": { + "type": "object", + "properties": { + "nodePublishVolume": { + "type": "integer" + }, + "nodeUnpublishVolume": { + "type": "integer" + } + } + }, + "grpcRequestTimeoutSeconds": { + "type": "integer" + }, + "maxConcurrentRequests": { + "type": "integer" } } }, "nodePluginTolerations": { "type": "array", - "description": "CSI Node component tolerations", "items": { "type": "object", "properties": { @@ -99,6 +181,69 @@ } } } + }, + "nodeSelector": { + "type": "object" + }, + "pluginConfig": { + "type": "object", + "properties": { + "allowInsecureHttps": { + "type": "boolean" + }, + "allowedOperations": { + "type": "object", + "properties": { + "autoCreateFilesystems": { + "type": "boolean" + }, + "autoExpandFilesystems": { + "type": "boolean" + }, + "snapshotDirectoryVolumes": { + "type": "boolean" + }, + "snapshotVolumesWithoutQuotaEnforcement": { + "type": "boolean" + } + } + }, + "mutuallyExclusiveMountOptions": { + "type": "array", + "items": { + "type": "string" + } + }, + "objectNaming": { + "type": "object", + "properties": { + "seedSnapshotPrefix": { + "type": "string" + }, + "snapshotPrefix": { + "type": "string" + }, + "volumePrefix": { + "type": "string" + } + } + } + } + }, + "priorityClassName": { + "type": "string" + }, + "selinuxNodeLabel": { + "type": "string" + }, + "selinuxSupport": { + "type": "string" + }, + "tracingUrl": { + "type": "string" + }, + "useJsonLogging": { + "type": "boolean" } } } diff --git a/charts/weka/csi-wekafsplugin/values.yaml b/charts/weka/csi-wekafsplugin/values.yaml index 8291ac93d..f581e3a4e 100644 --- a/charts/weka/csi-wekafsplugin/values.yaml +++ b/charts/weka/csi-wekafsplugin/values.yaml @@ -5,18 +5,18 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 0.8.4 +csiDriverVersion: &csiDriverVersion 2.0.0 images: # -- CSI liveness probe sidecar image URL - livenessprobesidecar: k8s.gcr.io/sig-storage/livenessprobe:v2.6.0 - # -- CSI attacher sidecar image URL - attachersidecar: k8s.gcr.io/sig-storage/csi-attacher:v3.4.0 + livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.10.0 # -- CSI provisioner sidecar image URL - provisionersidecar: k8s.gcr.io/sig-storage/csi-provisioner:v3.1.0 + provisionersidecar: registry.k8s.io/sig-storage/csi-provisioner:v3.5.0 # -- CSI registrar sidercar - registrarsidecar: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.5.0 - # -- CSI provisioner sidecar image URL - resizersidecar: k8s.gcr.io/sig-storage/csi-resizer:v1.4.0 + registrarsidecar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0 + # -- CSI resizer sidecar image URL + resizersidecar: registry.k8s.io/sig-storage/csi-resizer:v1.8.0 + # -- CSI snapshotter sidecar image URL + snapshottersidecar: registry.k8s.io/sig-storage/csi-snapshotter:v6.2.1 # -- CSI driver main image URL csidriver: quay.io/weka.io/csi-wekafs # -- CSI driver tag @@ -32,8 +32,41 @@ controllerPluginTolerations: *globalPluginTolerations nodePluginTolerations: *globalPluginTolerations # -- Optional nodeSelector for CSI plugin deployment on certain Kubernetes nodes only nodeSelector: {} +# -- Controller-specific parameters, please do not change unless explicitly guided +controller: + # -- Controller number of replicas + replicas: 2 + # -- Maximum concurrent requests from sidecars (global) + maxConcurrentRequests: 5 + # -- maximum concurrent operations per operation type (to avoid API starvation) + concurrency: + createVolume: 5 + deleteVolume: 1 + expandVolume: 5 + createSnapshot: 5 + deleteSnapshot: 5 + # -- Return GRPC Unavailable if request waits in queue for that long time (seconds) + grpcRequestTimeoutSeconds: 30 + # -- Configure provisioner sidecar for leader election + configureProvisionerLeaderElection: true + # -- Configure resizer sidecar for leader election + configureResizerLeaderElection: true + # -- Configure snapshotter sidecar for leader election + configureSnapshotterLeaderElection: true +# -- Node-specific parameters, please do not change unless explicitly guided +node: + # -- Maximum concurrent requests from sidecars (global) + maxConcurrentRequests: 5 + # -- maximum concurrent operations per operation type (to avoid API starvation) + concurrency: + nodePublishVolume: 5 + nodeUnpublishVolume: 5 + # -- Return GRPC Unavailable if request waits in queue for that long time (seconds) + grpcRequestTimeoutSeconds: 30 # -- Log level of CSI plugin logLevel: 5 +# -- Use JSON structured logging instead of human-readable logging format (for exporting logs to structured log parser) +useJsonLogging: false # -- for migration of pre-CSI 0.7.0 volumes only, default API secret. Must reside in same namespace as the plugin legacyVolumeSecretName: "" # -- Optional CSI Plugin priorityClassName @@ -43,10 +76,52 @@ priorityClassName: "" # In `mixed` mode, separate CSI node components will be installed on SELinux-enabled and regular hosts # In `off` mode, only non-SELinux-enabled node components will be run on hosts without label. # WARNING: if SELinux is not enabled, volume provisioning and publishing might fail! -selinuxSupport: off -# -- This label must be set to "true" on SELinux-enabled Kubernetes nodes, +selinuxSupport: "off" +# -- This label must be set to `"true"` on SELinux-enabled Kubernetes nodes, # e.g., to run the node server in secure mode on SELinux-enabled node, the node must have label -# csi.weka.io/selinux_enabled="true" +# `csi.weka.io/selinux_enabled="true"` selinuxNodeLabel: "csi.weka.io/selinux_enabled" # -- kubelet path, in cases Kubernetes is installed not in default folder kubeletPath: "/var/lib/kubelet" +metrics: + # -- Enable Prometheus Metrics + enabled: true + # -- Metrics port + port: 9090 + # -- Provisioner metrics port + provisionerPort: 9091 + # -- Resizer metrics port + resizerPort: 9092 + # -- Snapshotter metrics port + snapshotterPort: 9093 +# -- Tracing URL (For Jaeger tracing engine / OpenTelemetry), optional +# @ignore +tracingUrl: "" +pluginConfig: + # -- Allow insecure HTTPS (skip TLS certificate verification) + allowInsecureHttps: false + objectNaming: + # -- Prefix that will be added to names of Weka cluster filesystems / snapshots assocciated with CSI volume, + # must not exceed 7 symbols. + volumePrefix: "csivol-" + # -- Prefix that will be added to names of Weka cluster snapshots assocciated with CSI snapshot, + # must not exceed 7 symbols. + snapshotPrefix: "csisnp-" + # -- Prefix that will be added to automatically created "seed" snapshot of empty filesytem, + # must not exceed 12 symbols. + seedSnapshotPrefix: "csisnp-seed-" + allowedOperations: + # -- Allow automatic provisioning of CSI volumes based on distinct Weka filesystem + autoCreateFilesystems: true + # -- Allow automatic expansion of filesystem on which Weka snapshot-backed CSI volumes, + # e.g. in case a required volume capacity exceeds the size of filesystem. + # Note: the filesystem is not expanded automatically when a new directory-backed volume is provisioned + autoExpandFilesystems: true + # -- Create snapshots of legacy (dir/v1) volumes. By default disabled. + # Note: when enabled, for every legacy volume snapshot, a full filesystem snapshot will be created (wasteful) + snapshotDirectoryVolumes: false + # -- Allow creation of snapshot-backed volumes even on unsupported Weka cluster versions, off by default + # Note: On versions of Weka < v4.2 snapshot-backed volume capacity cannot be enforced + snapshotVolumesWithoutQuotaEnforcement: false + mutuallyExclusiveMountOptions: + - "readcache,writecache,coherent" diff --git a/index.yaml b/index.yaml index a595276f8..a9ff4f004 100644 --- a/index.yaml +++ b/index.yaml @@ -4800,6 +4800,71 @@ entries: - assets/jfrog/artifactory-jcr-2.5.100.tgz version: 2.5.100 asserts: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Asserts + catalog.cattle.io/kube-version: '>=1.17-0' + catalog.cattle.io/release-name: asserts + apiVersion: v2 + created: "2023-06-02T14:45:20.129646225Z" + dependencies: + - condition: knowledge-sensor.enabled + name: knowledge-sensor + repository: file://./charts/knowledge-sensor + version: 1.1.0 + - alias: tsdb + condition: tsdb.enabled + name: victoria-metrics-single + repository: file://./charts/victoria-metrics-single + version: 1.1.0 + - condition: alertmanager.enabled + name: alertmanager + repository: file://./charts/alertmanager + version: 1.0.0 + - alias: promxyruler + condition: promxyruler.enabled + name: promxy + repository: file://./charts/promxy + version: 0.8.0 + - alias: promxyuser + condition: promxyuser.enabled + name: promxy + repository: file://./charts/promxy + version: 0.8.0 + - alias: ebpfProbe + condition: ebpfProbe.enabled + name: ebpf-probe + repository: file://./charts/ebpf-probe + version: 0.7.0 + - name: common + repository: file://./charts/common + version: 1.x.x + - alias: redisgraph + condition: redisgraph.enabled + name: redis + repository: file://./charts/redis + version: 16.13.2 + - alias: redisearch + condition: redisearch.enabled + name: redis + repository: file://./charts/redis + version: 16.13.2 + - alias: postgres + condition: postgres.enabled + name: postgresql + repository: file://./charts/postgresql + version: 11.9.13 + description: Asserts Helm Chart to configure entire asserts stack + digest: 9e30a9288b5bcd8ba33eddecda3ca7f304d1e572593db06ee1d7b64e96897ab2 + icon: https://www.asserts.ai/favicon.png + maintainers: + - name: Asserts + url: https://github.com/asserts + name: asserts + type: application + urls: + - assets/asserts/asserts-1.40.0.tgz + version: 1.40.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Asserts @@ -6367,6 +6432,41 @@ entries: - assets/aws-event-sources/aws-event-sources-0.1.901.tgz version: 0.1.901 cassandra: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Cassandra + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: cassandra + category: Database + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 4.1.2 + created: "2023-06-02T14:45:20.648028444Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Cassandra is an open source distributed database management + system designed to handle large amounts of data across many servers, providing + high availability with no single point of failure. + digest: debaa9e4734855ec4bba590833126d12db3f6d357ecb22f99a3d4900923236a4 + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/cassandra-4.svg + keywords: + - cassandra + - database + - nosql + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: cassandra + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/cassandra + urls: + - assets/bitnami/cassandra-10.4.2.tgz + version: 10.4.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Cassandra @@ -7772,6 +7872,31 @@ entries: - assets/citrix/citrix-cpx-istio-sidecar-injector-1.11.0.tgz version: 1.11.0 citrix-cpx-with-ingress-controller: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Citrix Cpx with Ingress Controller + catalog.cattle.io/kube-version: '>=v1.16.0-0' + catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller + apiVersion: v2 + appVersion: 1.33.4 + created: "2023-06-02T14:45:22.2753468Z" + description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running + as sidecar. + digest: aa18ea4e9648da71df522861fc6047f6434488d1af5434439c8914b3c78d94a4 + home: https://www.cloud.com + icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png + kubeVersion: '>=v1.16.0-0' + maintainers: + - email: priyanka.sharma@cloud.com + name: priyankash-citrix + - email: subash.dangol@cloud.com + name: subashd + name: citrix-cpx-with-ingress-controller + sources: + - https://github.com/citrix/citrix-k8s-ingress-controller + urls: + - assets/citrix/citrix-cpx-with-ingress-controller-1.33.4.tgz + version: 1.33.4 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Citrix Cpx with Ingress Controller @@ -7920,6 +8045,30 @@ entries: - assets/citrix/citrix-cpx-with-ingress-controller-1.8.2800.tgz version: 1.8.2800 citrix-ingress-controller: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Citrix Ingress Controller + catalog.cattle.io/kube-version: '>=v1.16.0-0' + catalog.cattle.io/release-name: citrix-ingress-controller + apiVersion: v2 + appVersion: 1.33.4 + created: "2023-06-02T14:45:22.288251408Z" + description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX. + digest: 33941f4732bd8e237a3a184864e4d29b8dec1ff401ff6f3c4e47bc4138b27707 + home: https://www.cloud.com + icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png + kubeVersion: '>=v1.16.0-0' + maintainers: + - email: priyanka.sharma@cloud.com + name: priyankash-citrix + - email: subash.dangol@cloud.com + name: subashd + name: citrix-ingress-controller + sources: + - https://github.com/citrix/citrix-k8s-ingress-controller + urls: + - assets/citrix/citrix-ingress-controller-1.33.4.tgz + version: 1.33.4 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Citrix Ingress Controller @@ -10432,6 +10581,39 @@ entries: - assets/dell/csi-vxflexos-2.1.0.tgz version: 2.1.0 csi-wekafsplugin: + - annotations: + artifacthub.io/category: storage + artifacthub.io/containsSecurityUpdates: "true" + artifacthub.io/license: Apache-2.0 + artifacthub.io/prerelease: "false" + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WekaFS CSI Driver + catalog.cattle.io/kube-version: '>=1.18.0' + catalog.cattle.io/release-name: csi-wekafsplugin + apiVersion: v2 + appVersion: 2.0.0 + created: "2023-06-02T14:45:27.896959168Z" + description: Helm chart for Deployment of WekaIO Container Storage Interface (CSI) + plugin for WekaFS - the world fastest filesystem + digest: 285cd771978db88713a03870be59b4fe80946ac4a2c692190ef4a010ed482131 + home: https://github.com/weka/csi-wekafs + icon: https://weka.github.io/csi-wekafs/logo.png + keywords: + - storage + - filesystem + - HPC + kubeVersion: '>=1.18.0' + maintainers: + - email: csi@weka.io + name: WekaIO, Inc. + url: https://weka.io + name: csi-wekafsplugin + sources: + - https://github.com/weka/csi-wekafs/tree/$VERSION + type: application + urls: + - assets/weka/csi-wekafsplugin-2.0.0.tgz + version: 2.0.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WekaFS CSI Driver @@ -10488,6 +10670,43 @@ entries: - assets/weka/csi-wekafsplugin-0.6.400.tgz version: 0.6.400 datadog: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Datadog + catalog.cattle.io/kube-version: '>=1.10-0' + catalog.cattle.io/release-name: datadog + apiVersion: v1 + appVersion: "7" + created: "2023-06-02T14:45:22.723624634Z" + dependencies: + - condition: clusterAgent.metricsProvider.useDatadogMetrics + name: datadog-crds + repository: https://helm.datadoghq.com + tags: + - install-crds + version: 0.4.7 + - condition: datadog.kubeStateMetricsEnabled + name: kube-state-metrics + repository: https://prometheus-community.github.io/helm-charts + version: 2.13.2 + description: Datadog Agent + digest: e6cc6ffae8594ffd4bffed09d83f98ee5ef6b63a70e0c00d7a5c6c039a00b97b + home: https://www.datadoghq.com + icon: https://datadog-live.imgix.net/img/dd_logo_70x75.png + keywords: + - monitoring + - alerting + - metric + maintainers: + - email: support@datadoghq.com + name: Datadog + name: datadog + sources: + - https://app.datadoghq.com/account/settings#agent/kubernetes + - https://github.com/DataDog/datadog-agent + urls: + - assets/datadog/datadog-3.30.10.tgz + version: 3.30.10 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Datadog @@ -24952,6 +25171,33 @@ entries: - assets/bitnami/mariadb-11.3.3.tgz version: 11.3.3 metallb: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: MetalLB + catalog.cattle.io/kube-version: '>= 1.19.0-0' + catalog.cattle.io/namespace: metallb-system + catalog.cattle.io/release-name: metallb + apiVersion: v2 + appVersion: v0.13.10 + created: "2023-06-02T14:45:26.259195029Z" + dependencies: + - condition: crds.enabled + name: crds + repository: file://./charts/crds + version: 0.13.10 + description: A network load-balancer implementation for Kubernetes using standard + routing protocols + digest: 405385b696010335f7adb59c2fa97e3ea3bc5376453cb2963f76408d12dfb9a3 + home: https://metallb.universe.tf + icon: https://metallb.universe.tf/images/logo/metallb-blue.png + kubeVersion: '>= 1.19.0-0' + name: metallb + sources: + - https://github.com/metallb/metallb + type: application + urls: + - assets/metallb/metallb-0.13.10.tgz + version: 0.13.10 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: MetalLB @@ -25005,6 +25251,32 @@ entries: - assets/metallb/metallb-0.13.7.tgz version: 0.13.7 minio-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Minio Operator + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: minio-operator + apiVersion: v2 + appVersion: v5.0.5 + created: "2023-06-02T14:45:26.283640578Z" + description: A Helm chart for MinIO Operator + digest: 56b7922c2cc8f3012438a79bee1361d6e7dee23d4d6ffc1e3a6ee3df633a3294 + home: https://min.io + icon: https://min.io/resources/img/logo/MINIO_wordmark.png + keywords: + - storage + - object-storage + - S3 + maintainers: + - email: dev@minio.io + name: MinIO, Inc + name: minio-operator + sources: + - https://github.com/minio/operator + type: application + urls: + - assets/minio/minio-operator-5.0.5.tgz + version: 5.0.5 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Minio Operator @@ -32615,6 +32887,44 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/redpanda:v23.1.10 + - name: busybox + image: busybox:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v23.1.11 + created: "2023-06-02T14:45:27.153518551Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: 3cacf9971f74b50a9b0e0eac4bdff15c673e81af434b4ee7633f05b95b6b7203 + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-4.0.32.tgz + version: 4.0.32 - annotations: artifacthub.io/images: | - name: redpanda @@ -35098,6 +35408,40 @@ entries: - assets/shipa/shipa-1.4.0.tgz version: 1.4.0 spark: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Spark + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: spark + category: Infrastructure + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 3.4.0 + created: "2023-06-02T14:45:21.527253568Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Spark is a high-performance engine for large-scale computing + tasks, such as data processing, machine learning and real-time data streaming. + It includes APIs for Java, Python, Scala and R. + digest: 72de8b69c6ae7c646b2d95aec5ce56d6fa6034c08501f40b43f4bc72aa64fb96 + home: https://bitnami.com + icon: https://www.apache.org/logos/res/spark/default.png + keywords: + - apache + - spark + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: spark + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/spark + urls: + - assets/bitnami/spark-7.0.1.tgz + version: 7.0.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Spark @@ -37152,6 +37496,42 @@ entries: - assets/sumologic/sumologic-2.17.0.tgz version: 2.17.0 sysdig: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Sysdig + catalog.cattle.io/release-name: sysdig + apiVersion: v1 + appVersion: 12.14.1 + created: "2023-06-02T14:45:27.519090116Z" + description: Sysdig Monitor and Secure agent + digest: b2b5aab35436a0ea01db2a2103b0e0b5e2dcd2a28b97c3648561564f5d8b2a4d + home: https://www.sysdig.com/ + icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 + keywords: + - monitoring + - security + - alerting + - metric + - troubleshooting + - run-time + maintainers: + - email: lachlan@deis.com + name: lachie83 + - email: jorge.salamero@sysdig.com + name: bencer + - email: nestor.salceda@sysdig.com + name: nestorsalceda + - email: alvaro.iradier@sysdig.com + name: airadier + - email: carlos.arilla@sysdig.com + name: carillan81 + name: sysdig + sources: + - https://app.sysdigcloud.com/#/settings/user + - https://github.com/draios/sysdig + urls: + - assets/sysdig/sysdig-1.15.91.tgz + version: 1.15.91 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Sysdig @@ -40728,6 +41108,53 @@ entries: - assets/hashicorp/vault-0.22.0.tgz version: 0.22.0 wordpress: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WordPress + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: wordpress + category: CMS + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.2.2 + created: "2023-06-02T14:45:22.087243533Z" + dependencies: + - condition: memcached.enabled + name: memcached + repository: file://./charts/memcached + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: file://./charts/mariadb + version: 12.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: 7b7fa1b9c435dda0e9511d7d043e611bdbcd7632daaf72d5d0ab91d9a91bb6b0 + home: https://bitnami.com + icon: https://s.w.org/style/images/about/WordPress-logotype-simplified.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/wordpress + urls: + - assets/bitnami/wordpress-16.1.11.tgz + version: 16.1.11 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WordPress