2022-01-18 17:33:52 +00:00
|
|
|
--- charts-original/templates/cilium-agent/daemonset.yaml
|
|
|
|
|
+++ charts/templates/cilium-agent/daemonset.yaml
|
2022-06-16 15:12:29 +00:00
|
|
|
@@ -1,3 +1,11 @@
|
|
|
|
|
+{{- if empty .Values.global.clusterCIDRv4 }}
|
|
|
|
|
+{{- $_ := set .Values.ipv4 "enabled" false -}}
|
|
|
|
|
+{{- end }}
|
|
|
|
|
+
|
|
|
|
|
+{{- if not (empty .Values.global.clusterCIDRv6) }}
|
|
|
|
|
+{{- $_ := set .Values.ipv6 "enabled" true -}}
|
|
|
|
|
+{{- end }}
|
|
|
|
|
+
|
|
|
|
|
{{- if and .Values.agent (not .Values.preflight.enabled) }}
|
|
|
|
|
|
|
|
|
|
{{- /* Default values with backwards compatibility */ -}}
|
2022-10-27 17:32:23 +00:00
|
|
|
@@ -75,7 +83,7 @@
|
2022-01-20 10:56:21 +00:00
|
|
|
{{- end }}
|
|
|
|
|
containers:
|
|
|
|
|
- name: cilium-agent
|
|
|
|
|
- image: {{ include "cilium.image" .Values.image | quote }}
|
|
|
|
|
+ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
|
|
|
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
|
|
|
{{- if .Values.sleepAfterInit }}
|
|
|
|
|
command:
|
2022-10-27 17:32:23 +00:00
|
|
|
@@ -394,7 +402,7 @@
|
2022-01-20 10:56:21 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if .Values.monitor.enabled }}
|
|
|
|
|
- name: cilium-monitor
|
|
|
|
|
- image: {{ include "cilium.image" .Values.image | quote }}
|
|
|
|
|
+ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
|
|
|
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
2022-07-26 15:23:25 +00:00
|
|
|
command:
|
|
|
|
|
- /bin/bash
|
2022-10-27 17:32:23 +00:00
|
|
|
@@ -419,11 +427,21 @@
|
|
|
|
|
{{- end }}
|
|
|
|
|
{{- end }}
|
|
|
|
|
initContainers:
|
|
|
|
|
+ {{- if eq .Values.cni.chainingMode "portmap" }}
|
|
|
|
|
+ - name: install-portmap-cni-plugin
|
2022-11-13 13:51:02 +00:00
|
|
|
+ image: "{{ template "system_default_registry" . }}{{ .Values.portmapPlugin.image.repository }}:{{ .Values.portmapPlugin.image.tag }}"
|
2022-10-27 17:32:23 +00:00
|
|
|
+ volumeMounts:
|
|
|
|
|
+ - mountPath: /host/opt/cni/bin
|
|
|
|
|
+ name: cni-path
|
|
|
|
|
+ env:
|
|
|
|
|
+ - name: SKIP_CNI_BINARIES
|
|
|
|
|
+ value: "bandwidth,bridge,dhcp,firewall,flannel,host-device,host-local,ipvlan,loopback,macvlan,ptp,sbr,static,tuning,vlan,vrf"
|
|
|
|
|
+ {{- end }}
|
|
|
|
|
{{- if .Values.cgroup.autoMount.enabled }}
|
2022-01-20 10:56:21 +00:00
|
|
|
# Required to mount cgroup2 filesystem on the underlying Kubernetes node.
|
|
|
|
|
# We use nsenter command with host's cgroup and mount namespaces enabled.
|
|
|
|
|
- name: mount-cgroup
|
|
|
|
|
- image: {{ include "cilium.image" .Values.image | quote }}
|
|
|
|
|
+ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
|
|
|
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
|
|
|
env:
|
|
|
|
|
- name: CGROUP_ROOT
|
2022-10-27 17:32:23 +00:00
|
|
|
@@ -469,7 +487,7 @@
|
2022-10-20 08:11:28 +00:00
|
|
|
- SYS_PTRACE
|
|
|
|
|
{{- end}}
|
|
|
|
|
- name: apply-sysctl-overwrites
|
|
|
|
|
- image: {{ include "cilium.image" .Values.image | quote }}
|
|
|
|
|
+ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
|
|
|
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
|
|
|
env:
|
|
|
|
|
- name: BIN_PATH
|
2022-10-27 17:32:23 +00:00
|
|
|
@@ -518,7 +536,7 @@
|
2022-10-20 08:11:28 +00:00
|
|
|
# from a privileged container because the mount propagation bidirectional
|
|
|
|
|
# only works from privileged containers.
|
|
|
|
|
- name: mount-bpf-fs
|
|
|
|
|
- image: {{ include "cilium.image" .Values.image | quote }}
|
|
|
|
|
+ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
|
|
|
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
|
|
|
args:
|
|
|
|
|
- 'mount | grep "/sys/fs/bpf type bpf" || mount -t bpf bpf /sys/fs/bpf'
|
2022-10-27 17:32:23 +00:00
|
|
|
@@ -539,7 +557,7 @@
|
2022-01-20 10:56:21 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if and .Values.nodeinit.enabled .Values.nodeinit.bootstrapFile }}
|
|
|
|
|
- name: wait-for-node-init
|
|
|
|
|
- image: {{ include "cilium.image" .Values.image | quote }}
|
|
|
|
|
+ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
|
|
|
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
|
|
|
command:
|
|
|
|
|
- sh
|
2022-10-27 17:32:23 +00:00
|
|
|
@@ -553,9 +571,11 @@
|
2022-01-18 17:33:52 +00:00
|
|
|
volumeMounts:
|
2022-05-06 08:32:57 +00:00
|
|
|
- name: cilium-bootstrap-file-dir
|
|
|
|
|
mountPath: "/tmp/cilium-bootstrap.d"
|
2022-01-18 17:33:52 +00:00
|
|
|
+ securityContext:
|
|
|
|
|
+ privileged: true
|
|
|
|
|
{{- end }}
|
|
|
|
|
- name: clean-cilium-state
|
2022-01-20 10:56:21 +00:00
|
|
|
- image: {{ include "cilium.image" .Values.image | quote }}
|
|
|
|
|
+ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
|
|
|
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
|
|
|
command:
|
|
|
|
|
- /init-container.sh
|
2022-10-27 17:32:23 +00:00
|
|
|
@@ -636,7 +656,7 @@
|
2022-10-20 08:11:28 +00:00
|
|
|
{{- end }}
|
|
|
|
|
{{- if and .Values.waitForKubeProxy (ne $kubeProxyReplacement "strict") }}
|
|
|
|
|
- name: wait-for-kube-proxy
|
|
|
|
|
- image: {{ include "cilium.image" .Values.image | quote }}
|
|
|
|
|
+ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
|
|
|
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
|
|
|
securityContext:
|
|
|
|
|
privileged: true
|
