diff --git a/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch b/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch index 958c35e..95cb89a 100644 --- a/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch @@ -2,7 +2,7 @@ +++ charts/Chart.yaml @@ -105,8 +105,7 @@ apiVersion: v2 - appVersion: 1.13.0 + appVersion: 1.13.2 description: eBPF-based Networking, Security, and Observability -home: https://cilium.io/ -icon: https://cdn.jsdelivr.net/gh/cilium/cilium@v1.13/Documentation/images/logo-solo.svg @@ -19,4 +19,4 @@ sources: -- https://github.com/cilium/cilium +- https://github.com/rancher/rke2-charts - version: 1.13.0 + version: 1.13.2 diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch index 085ad78..3a95eff 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch @@ -12,7 +12,7 @@ {{- if and .Values.agent (not .Values.preflight.enabled) }} {{- /* Default values with backwards compatibility */ -}} -@@ -79,7 +87,7 @@ +@@ -83,7 +91,7 @@ {{- end }} containers: - name: cilium-agent @@ -21,7 +21,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} {{- if .Values.sleepAfterInit }} command: -@@ -372,7 +380,7 @@ +@@ -377,7 +385,7 @@ {{- end }} {{- if .Values.monitor.enabled }} - name: cilium-monitor @@ -30,7 +30,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} command: - /bin/bash -@@ -400,6 +408,16 @@ +@@ -405,6 +413,16 @@ {{- toYaml .Values.extraContainers | nindent 6 }} {{- end }} initContainers: @@ -47,7 +47,7 @@ - name: config image: {{ include "cilium.image" .Values.image | quote }} imagePullPolicy: {{ .Values.image.pullPolicy }} -@@ -442,7 +460,7 @@ +@@ -447,7 +465,7 @@ # Required to mount cgroup2 filesystem on the underlying Kubernetes node. # We use nsenter command with host's cgroup and mount namespaces enabled. - name: mount-cgroup @@ -56,7 +56,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} env: - name: CGROUP_ROOT -@@ -488,7 +506,7 @@ +@@ -493,7 +511,7 @@ - ALL {{- end}} - name: apply-sysctl-overwrites @@ -65,7 +65,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} env: - name: BIN_PATH -@@ -533,7 +551,7 @@ +@@ -538,7 +556,7 @@ # from a privileged container because the mount propagation bidirectional # only works from privileged containers. - name: mount-bpf-fs @@ -74,7 +74,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} args: - 'mount | grep "/sys/fs/bpf type bpf" || mount -t bpf bpf /sys/fs/bpf' -@@ -554,7 +572,7 @@ +@@ -559,7 +577,7 @@ {{- end }} {{- if and .Values.nodeinit.enabled .Values.nodeinit.bootstrapFile }} - name: wait-for-node-init @@ -83,7 +83,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} command: - sh -@@ -568,9 +586,11 @@ +@@ -573,9 +591,11 @@ volumeMounts: - name: cilium-bootstrap-file-dir mountPath: "/tmp/cilium-bootstrap.d" @@ -96,7 +96,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} command: - /init-container.sh -@@ -633,7 +653,7 @@ +@@ -638,7 +658,7 @@ {{- end }} {{- if and .Values.waitForKubeProxy (ne $kubeProxyReplacement "strict") }} - name: wait-for-kube-proxy diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch index c7d63ba..4917ff5 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch @@ -12,7 +12,7 @@ {{- if and (.Values.agent) (not .Values.preflight.enabled) }} {{- /* Default values with backwards compatibility */ -}} {{- $defaultEnableCnpStatusUpdates := "true" -}} -@@ -234,7 +242,11 @@ +@@ -235,7 +243,11 @@ # Enable IPv6 addressing. If enabled, all endpoints are allocated an IPv6 # address. @@ -25,7 +25,7 @@ {{- if .Values.cleanState }} # If a serious issue occurs during Cilium startup, this -@@ -396,6 +408,8 @@ +@@ -397,6 +409,8 @@ enable-local-node-route: "false" {{- else if .Values.aksbyocni.enabled }} tunnel: "vxlan" diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch index 88b778a..474a8d9 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch @@ -8,4 +8,4 @@ + image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.nodeinit.image }}" imagePullPolicy: {{ .Values.nodeinit.image.pullPolicy }} lifecycle: - {{- if .Values.eni.enabled }} + {{- if .Values.nodeinit.revertReconfigureKubelet }} diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch index 776e1ec..707a319 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch @@ -12,7 +12,7 @@ --- apiVersion: apps/v1 kind: Deployment -@@ -51,7 +58,7 @@ +@@ -55,7 +62,7 @@ {{- end }} containers: - name: cilium-operator diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-preflight/daemonset.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-preflight/daemonset.yaml.patch index 658a1d8..de758d9 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-preflight/daemonset.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-preflight/daemonset.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/templates/cilium-preflight/daemonset.yaml +++ charts/templates/cilium-preflight/daemonset.yaml -@@ -30,7 +30,7 @@ +@@ -34,7 +34,7 @@ {{- end }} initContainers: - name: clean-cilium-state @@ -9,7 +9,7 @@ imagePullPolicy: {{ .Values.preflight.image.pullPolicy }} command: ["/bin/echo"] args: -@@ -38,7 +38,7 @@ +@@ -42,7 +42,7 @@ terminationMessagePolicy: FallbackToLogsOnError containers: - name: cilium-pre-flight-check @@ -18,7 +18,7 @@ imagePullPolicy: {{ .Values.preflight.image.pullPolicy }} command: ["/bin/sh"] args: -@@ -86,7 +86,7 @@ +@@ -93,7 +93,7 @@ terminationMessagePolicy: FallbackToLogsOnError {{- if ne .Values.preflight.tofqdnsPreCache "" }} - name: cilium-pre-flight-fqdn-precache diff --git a/packages/rke2-cilium/generated-changes/patch/templates/clustermesh-apiserver/deployment.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/clustermesh-apiserver/deployment.yaml.patch index 1ef5beb..eb4d954 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/clustermesh-apiserver/deployment.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/clustermesh-apiserver/deployment.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/templates/clustermesh-apiserver/deployment.yaml +++ charts/templates/clustermesh-apiserver/deployment.yaml -@@ -37,7 +37,7 @@ +@@ -41,7 +41,7 @@ {{- end }} initContainers: - name: etcd-init @@ -9,7 +9,7 @@ imagePullPolicy: {{ .Values.clustermesh.apiserver.etcd.image.pullPolicy }} command: ["/bin/sh", "-c"] args: -@@ -78,7 +78,7 @@ +@@ -82,7 +82,7 @@ {{- end }} containers: - name: etcd @@ -18,7 +18,7 @@ imagePullPolicy: {{ .Values.clustermesh.apiserver.etcd.image.pullPolicy }} command: - /usr/local/bin/etcd -@@ -114,7 +114,7 @@ +@@ -122,7 +122,7 @@ {{- toYaml . | nindent 10 }} {{- end }} - name: apiserver diff --git a/packages/rke2-cilium/generated-changes/patch/templates/etcd-operator/cilium-etcd-operator-deployment.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/etcd-operator/cilium-etcd-operator-deployment.yaml.patch index a4aa8ca..9ab94fa 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/etcd-operator/cilium-etcd-operator-deployment.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/etcd-operator/cilium-etcd-operator-deployment.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/templates/etcd-operator/cilium-etcd-operator-deployment.yaml +++ charts/templates/etcd-operator/cilium-etcd-operator-deployment.yaml -@@ -86,7 +86,7 @@ +@@ -90,7 +90,7 @@ value: "revision" - name: CILIUM_ETCD_META_ETCD_AUTO_COMPACTION_RETENTION value: "25000" diff --git a/packages/rke2-cilium/generated-changes/patch/templates/hubble-ui/deployment.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/hubble-ui/deployment.yaml.patch index 9f8135e..410e2b0 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/hubble-ui/deployment.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/hubble-ui/deployment.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/templates/hubble-ui/deployment.yaml +++ charts/templates/hubble-ui/deployment.yaml -@@ -46,7 +46,7 @@ +@@ -51,7 +51,7 @@ {{- end }} containers: - name: frontend @@ -9,9 +9,9 @@ imagePullPolicy: {{ .Values.hubble.ui.frontend.image.pullPolicy }} ports: - name: http -@@ -67,7 +67,7 @@ - mountPath: /tmp - terminationMessagePolicy: FallbackToLogsOnError +@@ -79,7 +79,7 @@ + {{- toYaml . | trim | nindent 10 }} + {{- end }} - name: backend - image: {{ include "cilium.image" .Values.hubble.ui.backend.image | quote }} + image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.hubble.ui.backend.image }}" diff --git a/packages/rke2-cilium/generated-changes/patch/values.yaml.patch b/packages/rke2-cilium/generated-changes/patch/values.yaml.patch index 7cb0b75..1beebe1 100644 --- a/packages/rke2-cilium/generated-changes/patch/values.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/values.yaml.patch @@ -1,21 +1,21 @@ --- charts-original/values.yaml +++ charts/values.yaml -@@ -104,12 +104,10 @@ +@@ -113,12 +113,10 @@ # -- Agent container image. image: override: ~ - repository: "quay.io/cilium/cilium" + repository: "rancher/mirrored-cilium-cilium" - tag: "v1.13.0" + tag: "v1.13.2" pullPolicy: "IfNotPresent" - # cilium-digest -- digest: "sha256:6544a3441b086a2e09005d3e21d1a4afb216fae19c5a60b35793c8a9438f8f68" +- digest: "sha256:85708b11d45647c35b9288e0de0706d24a5ce8a378166cadc700f756cc1a38d6" - useDigest: true + useDigest: false # -- Affinity for cilium-agent. affinity: -@@ -450,7 +448,9 @@ +@@ -468,7 +466,9 @@ # - flannel # - generic-veth # - portmap @@ -26,7 +26,7 @@ # -- Make Cilium take ownership over the `/etc/cni/net.d` directory on the # node, renaming all non-Cilium CNI configurations to `*.cilium_bak`. -@@ -797,8 +797,8 @@ +@@ -815,8 +815,8 @@ certgen: image: override: ~ @@ -37,7 +37,7 @@ pullPolicy: "IfNotPresent" # -- Seconds after which the completed job pod will be deleted ttlSecondsAfterFinished: 1800 -@@ -810,7 +810,7 @@ +@@ -834,7 +834,7 @@ hubble: # -- Enable Hubble (true by default). @@ -46,52 +46,52 @@ # -- Buffer size of the channel Hubble uses to receive monitor events. If this # value is not set, the queue size is set to the default monitor queue size. -@@ -973,11 +973,9 @@ +@@ -996,11 +996,9 @@ # -- Hubble-relay container image. image: override: ~ - repository: "quay.io/cilium/hubble-relay" + repository: "rancher/mirrored-cilium-hubble-relay" - tag: "v1.13.0" + tag: "v1.13.2" - # hubble-relay-digest -- digest: "sha256:bc00f086285d2d287dd662a319d3dbe90e57179515ce8649425916aecaa9ac3c" +- digest: "sha256:51b772cab0724511583c3da3286439791dc67d7c35077fa30eaba3b5d555f8f4" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" # -- Specifies the resources for the hubble-relay pods -@@ -1175,8 +1173,8 @@ +@@ -1197,8 +1195,8 @@ # -- Hubble-ui backend image. image: override: ~ - repository: "quay.io/cilium/hubble-ui-backend" -- tag: "v0.10.0@sha256:cc5e2730b3be6f117b22176e25875f2308834ced7c3aa34fb598aa87a2c0a6a4" +- tag: "v0.11.0@sha256:14c04d11f78da5c363f88592abae8d2ecee3cbe009f443ef11df6ac5f692d839" + repository: "rancher/mirrored-cilium-hubble-ui-backend" -+ tag: "v0.10.0" ++ tag: "v0.11.0" pullPolicy: "IfNotPresent" - # -- Additional hubble-ui backend environment variables. -@@ -1195,8 +1193,8 @@ + # -- Hubble-ui backend security context. +@@ -1226,8 +1224,8 @@ # -- Hubble-ui frontend image. image: override: ~ - repository: "quay.io/cilium/hubble-ui" -- tag: "v0.10.0@sha256:118ad2fcfd07fabcae4dde35ec88d33564c9ca7abe520aa45b1eb13ba36c6e0a" +- tag: "v0.11.0@sha256:bcb369c47cada2d4257d63d3749f7f87c91dde32e010b223597306de95d1ecc8" + repository: "rancher/mirrored-cilium-hubble-ui" -+ tag: "v0.10.0" ++ tag: "v0.11.0" pullPolicy: "IfNotPresent" - # -- Additional hubble-ui frontend environment variables. -@@ -1315,7 +1313,7 @@ + # -- Hubble-ui frontend security context. +@@ -1356,7 +1354,7 @@ ipam: # -- Configure IP Address Management mode. - # ref: https://docs.cilium.io/en/stable/concepts/networking/ipam/ + # ref: https://docs.cilium.io/en/stable/network/concepts/ipam/ - mode: "cluster-pool" + mode: "kubernetes" operator: # -- Deprecated in favor of ipam.operator.clusterPoolIPv4PodCIDRList. # IPv4 CIDR range to delegate to individual nodes for IPAM. -@@ -1578,7 +1576,7 @@ +@@ -1619,7 +1617,7 @@ # -- Configure prometheus metrics on the configured port at /metrics prometheus: @@ -100,7 +100,7 @@ port: 9962 serviceMonitor: # -- Enable service monitors. -@@ -1703,8 +1701,8 @@ +@@ -1744,8 +1742,8 @@ # -- cilium-etcd-operator image. image: override: ~ @@ -111,27 +111,27 @@ pullPolicy: "IfNotPresent" # -- The priority class to use for cilium-etcd-operator -@@ -1797,17 +1795,9 @@ +@@ -1847,17 +1845,9 @@ # -- cilium-operator image. image: override: ~ - repository: "quay.io/cilium/operator" + repository: "rancher/mirrored-cilium-operator" - tag: "v1.13.0" + tag: "v1.13.2" - # operator-generic-digest -- genericDigest: "sha256:4b58d5b33e53378355f6e8ceb525ccf938b7b6f5384b35373f1f46787467ebf5" +- genericDigest: "sha256:a1982c0a22297aaac3563e428c330e17668305a41865a842dec53d241c5490ab" - # operator-azure-digest -- azureDigest: "sha256:ec1246bbbf7125998e2f547fc518ae56ae364dbd3f46812fa325c068cc406bd7" +- azureDigest: "sha256:bfce3268bd32f1703ffb22339f9c306e99015585328a39b179c8ace72481a714" - # operator-aws-digest -- awsDigest: "sha256:3cc9ff5bcc57f536427e7059abc916831b368654dfddcbad8a412731984a95e4" +- awsDigest: "sha256:94d5a291f80e2d568302b144d1d002fb1d43b436befed74a38f630fdc6d6f0c6" - # operator-alibabacloud-digest -- alibabacloudDigest: "sha256:0332376a4a6f92ff7936d3b52614f8219a10d6fd46aa14fead8426d0e140f79a" +- alibabacloudDigest: "sha256:8b5623a272c18ba823a4105308902cf1901fef494ccad85ab00791296fde4b3b" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" suffix: "" -@@ -1936,7 +1926,7 @@ +@@ -1988,7 +1978,7 @@ # -- Enable prometheus metrics for cilium-operator on the configured port at # /metrics prometheus: @@ -140,29 +140,29 @@ port: 9963 serviceMonitor: # -- Enable service monitors. -@@ -2053,11 +2043,9 @@ +@@ -2104,11 +2094,9 @@ # -- Cilium pre-flight image. image: override: ~ - repository: "quay.io/cilium/cilium" + repository: "rancher/mirrored-cilium-cilium" - tag: "v1.13.0" + tag: "v1.13.2" - # cilium-digest -- digest: "sha256:6544a3441b086a2e09005d3e21d1a4afb216fae19c5a60b35793c8a9438f8f68" +- digest: "sha256:85708b11d45647c35b9288e0de0706d24a5ce8a378166cadc700f756cc1a38d6" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" # -- The priority class to use for the preflight pod. -@@ -2192,19 +2180,17 @@ +@@ -2251,19 +2239,17 @@ # -- Clustermesh API server image. image: override: ~ - repository: "quay.io/cilium/clustermesh-apiserver" + repository: "rancher/mirrored-cilium-clustermesh-apiserver" - tag: "v1.13.0" + tag: "v1.13.2" - # clustermesh-apiserver-digest -- digest: "sha256:f7273ddb4c223e54827d1185d0c8f3b87966b05229358a224cdc3fe11a25fc72" +- digest: "sha256:4b07ac66d83dcf329252145f82c126705f291687d5b41161321220d115b7fee3" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" @@ -178,7 +178,7 @@ pullPolicy: "IfNotPresent" # -- Specifies the resources for etcd container in the apiserver -@@ -2447,3 +2433,11 @@ +@@ -2520,3 +2506,11 @@ sctp: # -- Enable SCTP support. NOTE: Currently, SCTP support does not support rewriting ports or multihoming. enabled: false diff --git a/packages/rke2-cilium/package.yaml b/packages/rke2-cilium/package.yaml index cabe205..c7725e7 100644 --- a/packages/rke2-cilium/package.yaml +++ b/packages/rke2-cilium/package.yaml @@ -1,2 +1,2 @@ -url: https://helm.cilium.io/cilium-1.13.0.tgz +url: https://helm.cilium.io/cilium-1.13.2.tgz packageVersion: 00