From 6e62c2be06e16221b7e0ed646751fdf1eb94e320 Mon Sep 17 00:00:00 2001 From: Manuel Buil Date: Wed, 17 Aug 2022 12:56:07 +0200 Subject: [PATCH] Update Cilium and remove the node-init daemonSet Signed-off-by: Manuel Buil --- .../generated-changes/patch/Chart.yaml.patch | 4 +- .../templates/cilium-configmap.yaml.patch | 6 +- .../cilium-nodeinit/daemonset.yaml.patch | 8 +- .../generated-changes/patch/values.yaml.patch | 43 +++------ .../patch/values.yaml.tmpl.patch | 87 ------------------- packages/rke2-cilium/package.yaml | 2 +- 6 files changed, 24 insertions(+), 126 deletions(-) delete mode 100644 packages/rke2-cilium/generated-changes/patch/values.yaml.tmpl.patch diff --git a/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch b/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch index 0e0a753..9c3133b 100644 --- a/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch @@ -2,7 +2,7 @@ +++ charts/Chart.yaml @@ -106,8 +106,7 @@ apiVersion: v2 - appVersion: 1.12.0 + appVersion: 1.12.1 description: eBPF-based Networking, Security, and Observability -home: https://cilium.io/ -icon: https://cdn.jsdelivr.net/gh/cilium/cilium@v1.12/Documentation/images/logo-solo.svg @@ -19,4 +19,4 @@ sources: -- https://github.com/cilium/cilium +- https://github.com/rancher/rke2-charts - version: 1.12.0 + version: 1.12.1 diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch index f37f35c..816cd5c 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch @@ -12,7 +12,7 @@ {{- if and (.Values.agent) (not .Values.preflight.enabled) }} {{- /* Default values with backwards compatibility */ -}} {{- $defaultEnableCnpStatusUpdates := "true" -}} -@@ -220,7 +228,11 @@ +@@ -221,7 +229,11 @@ # Enable IPv6 addressing. If enabled, all endpoints are allocated an IPv6 # address. @@ -25,7 +25,7 @@ {{- if .Values.cleanState }} # If a serious issue occurs during Cilium startup, this -@@ -386,6 +398,8 @@ +@@ -387,6 +399,8 @@ enable-local-node-route: "false" {{- else if .Values.aksbyocni.enabled }} tunnel: "vxlan" @@ -34,7 +34,7 @@ {{- else }} tunnel: {{ .Values.tunnel | quote }} {{- end }} -@@ -545,6 +559,8 @@ +@@ -539,6 +553,8 @@ {{- if hasKey .Values "ipv6NativeRoutingCIDR" }} ipv6-native-routing-cidr: {{ .Values.ipv6NativeRoutingCIDR }} diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch index 586d1d4..7026383 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch @@ -1,11 +1,11 @@ --- charts-original/templates/cilium-nodeinit/daemonset.yaml +++ charts/templates/cilium-nodeinit/daemonset.yaml -@@ -45,7 +45,7 @@ - name: xtables-lock +@@ -39,7 +39,7 @@ + {{- end }} containers: - name: node-init - image: {{ include "cilium.image" .Values.nodeinit.image | quote }} + image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.nodeinit.image }}" imagePullPolicy: {{ .Values.nodeinit.image.pullPolicy }} - volumeMounts: - # To access iptables concurrently with other processes (e.g. kube-proxy) + lifecycle: + {{- if .Values.eni.enabled }} diff --git a/packages/rke2-cilium/generated-changes/patch/values.yaml.patch b/packages/rke2-cilium/generated-changes/patch/values.yaml.patch index 836919a..13deb92 100644 --- a/packages/rke2-cilium/generated-changes/patch/values.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/values.yaml.patch @@ -6,10 +6,10 @@ override: ~ - repository: "quay.io/cilium/cilium" + repository: "rancher/mirrored-cilium-cilium" - tag: "v1.12.0" + tag: "v1.12.1" pullPolicy: "IfNotPresent" - # cilium-digest -- digest: "sha256:079baa4fa1b9fe638f96084f4e0297c84dd4fb215d29d2321dcbe54273f63ade" +- digest: "sha256:ea2db1ee21b88127b5c18a96ad155c25485d0815a667ef77c2b7c7f31cab601b" - useDigest: true + useDigest: false @@ -33,7 +33,7 @@ operator: # -- Deprecated in favor of ipam.operator.clusterPoolIPv4PodCIDRList. # IPv4 CIDR range to delegate to individual nodes for IPAM. -@@ -1335,7 +1333,7 @@ +@@ -1327,7 +1325,7 @@ # -- Configure prometheus metrics on the configured port at /metrics prometheus: @@ -42,27 +42,27 @@ port: 9962 serviceMonitor: # -- Enable service monitors. -@@ -1531,17 +1529,9 @@ +@@ -1523,17 +1521,9 @@ # -- cilium-operator image. image: override: ~ - repository: "quay.io/cilium/operator" + repository: "rancher/mirrored-cilium-operator" - tag: "v1.12.0" + tag: "v1.12.1" - # operator-generic-digest -- genericDigest: "sha256:bb2a42eda766e5d4a87ee8a5433f089db81b72dd04acf6b59fcbb445a95f9410" +- genericDigest: "sha256:93d5aaeda37d59e6c4325ff05030d7b48fabde6576478e3fdbfb9bb4a68ec4a1" - # operator-azure-digest -- azureDigest: "sha256:98ffa2c8ebff33d4e91762fb57d4c36f152bb044c4e2141e15362cf95ecc24ba" +- azureDigest: "sha256:73f3ecfc331a3bd3017017492489c45979cf43103d61c6eb6af1662e28e499ac" - # operator-aws-digest -- awsDigest: "sha256:cb73df18b03b4fc914c80045d0ddb6c9256972449382e3c4b294fd9c371ace22" +- awsDigest: "sha256:cbd07141fb2c6ef172b3241d4cf3edac21922959b9325ef1f2d12d9f67e13ea3" - # operator-alibabacloud-digest -- alibabacloudDigest: "sha256:93dddf88e92119a141a913b44ab9cb909f19b9a7bf01e30b98c1e8afeec51cd5" +- alibabacloudDigest: "sha256:a5ae07d5866c3299f6ff2d00634fa500b911fe2629dcabfcd119026aa8062b58" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" suffix: "" -@@ -1653,7 +1643,7 @@ +@@ -1645,7 +1635,7 @@ # -- Enable prometheus metrics for cilium-operator on the configured port at # /metrics prometheus: @@ -71,36 +71,21 @@ port: 9963 serviceMonitor: # -- Enable service monitors. -@@ -1684,12 +1674,12 @@ - - nodeinit: - # -- Enable the node initialization DaemonSet -- enabled: false -+ enabled: true - - # -- node-init image. - image: - override: ~ -- repository: "quay.io/cilium/startup-script" -+ repository: "rancher/mirrored-cilium-startup-script" - tag: "d69851597ea019af980891a4628fb36b7880ec26" - pullPolicy: "IfNotPresent" - -@@ -1764,11 +1754,9 @@ +@@ -1756,11 +1746,9 @@ # -- Cilium pre-flight image. image: override: ~ - repository: "quay.io/cilium/cilium" + repository: "rancher/mirrored-cilium-cilium" - tag: "v1.12.0" + tag: "v1.12.1" - # cilium-digest -- digest: "sha256:079baa4fa1b9fe638f96084f4e0297c84dd4fb215d29d2321dcbe54273f63ade" +- digest: "sha256:ea2db1ee21b88127b5c18a96ad155c25485d0815a667ef77c2b7c7f31cab601b" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" # -- The priority class to use for the preflight pod. -@@ -2118,3 +2106,6 @@ +@@ -2110,3 +2098,6 @@ proxyPort: 0 # -- The maximum time the DNS proxy holds an allowed DNS response before sending it along. Responses are sent as soon as the datapath is updated with the new IP information. proxyResponseMaxDelay: 100ms diff --git a/packages/rke2-cilium/generated-changes/patch/values.yaml.tmpl.patch b/packages/rke2-cilium/generated-changes/patch/values.yaml.tmpl.patch deleted file mode 100644 index 3a0d991..0000000 --- a/packages/rke2-cilium/generated-changes/patch/values.yaml.tmpl.patch +++ /dev/null @@ -1,87 +0,0 @@ ---- charts-original/values.yaml.tmpl -+++ charts/values.yaml.tmpl -@@ -89,8 +89,6 @@ - repository: "${CILIUM_REPO}" - tag: "${CILIUM_VERSION}" - pullPolicy: "${PULL_POLICY}" -- # cilium-digest -- digest: ${CILIUM_DIGEST} - useDigest: ${USE_DIGESTS} - - # -- Affinity for cilium-agent. -@@ -645,7 +643,7 @@ - - hubble: - # -- Enable Hubble (true by default). -- enabled: true -+ enabled: false - - # -- Buffer size of the channel Hubble uses to receive monitor events. If this - # value is not set, the queue size is set to the default monitor queue size. -@@ -1102,7 +1100,7 @@ - ipam: - # -- Configure IP Address Management mode. - # ref: https://docs.cilium.io/en/stable/concepts/networking/ipam/ -- mode: "cluster-pool" -+ mode: "kubernetes" - operator: - # -- Deprecated in favor of ipam.operator.clusterPoolIPv4PodCIDRList. - # IPv4 CIDR range to delegate to individual nodes for IPAM. -@@ -1332,7 +1330,7 @@ - - # -- Configure prometheus metrics on the configured port at /metrics - prometheus: -- enabled: false -+ enabled: true - port: 9962 - serviceMonitor: - # -- Enable service monitors. -@@ -1530,14 +1528,6 @@ - override: ~ - repository: "${CILIUM_OPERATOR_BASE_REPO}" - tag: "${CILIUM_VERSION}" -- # operator-generic-digest -- genericDigest: ${OPERATOR_GENERIC_DIGEST} -- # operator-azure-digest -- azureDigest: ${OPERATOR_AZURE_DIGEST} -- # operator-aws-digest -- awsDigest: ${OPERATOR_AWS_DIGEST} -- # operator-alibabacloud-digest -- alibabacloudDigest: ${OPERATOR_ALIBABACLOUD_DIGEST} - useDigest: ${USE_DIGESTS} - pullPolicy: "${PULL_POLICY}" - suffix: "${CILIUM_OPERATOR_SUFFIX}" -@@ -1650,7 +1640,7 @@ - # -- Enable prometheus metrics for cilium-operator on the configured port at - # /metrics - prometheus: -- enabled: false -+ enabled: true - port: 9963 - serviceMonitor: - # -- Enable service monitors. -@@ -1681,7 +1671,7 @@ - - nodeinit: - # -- Enable the node initialization DaemonSet -- enabled: false -+ enabled: true - - # -- node-init image. - image: -@@ -1763,8 +1753,6 @@ - override: ~ - repository: "${CILIUM_REPO}" - tag: "${CILIUM_VERSION}" -- # cilium-digest -- digest: ${CILIUM_DIGEST} - useDigest: ${USE_DIGESTS} - pullPolicy: "${PULL_POLICY}" - -@@ -2115,3 +2103,6 @@ - proxyPort: 0 - # -- The maximum time the DNS proxy holds an allowed DNS response before sending it along. Responses are sent as soon as the datapath is updated with the new IP information. - proxyResponseMaxDelay: 100ms -+ -+global: -+ systemDefaultRegistry: "" diff --git a/packages/rke2-cilium/package.yaml b/packages/rke2-cilium/package.yaml index 55c1850..ab71393 100644 --- a/packages/rke2-cilium/package.yaml +++ b/packages/rke2-cilium/package.yaml @@ -1,2 +1,2 @@ -url: https://helm.cilium.io/cilium-1.12.0.tgz +url: https://helm.cilium.io/cilium-1.12.1.tgz packageVersion: 01