From a4535f12ca1a79c23b0c376eec0080ce1afb16a4 Mon Sep 17 00:00:00 2001 From: Michal Rostecki Date: Tue, 18 Jan 2022 18:33:52 +0100 Subject: [PATCH] Update Cilium to 1.11.0 Update Cilium from 1.10.4 to 1.11.0. https://github.com/cilium/cilium/releases/tag/v1.11.0 Ref: rancher/rke2#2242 Signed-off-by: Michal Rostecki --- ...piserver-generate-certs-job-spec.tpl.patch | 19 ------ .../patch/templates/_helpers.tpl.patch | 22 +++++-- .../_hubble-generate-certs-job-spec.tpl.patch | 19 ------ .../cilium-agent-daemonset.yaml.patch | 60 ------------------- .../cilium-agent/daemonset.yaml.patch | 11 ++++ ...cilium-etcd-operator-deployment.yaml.patch | 21 ------- .../cilium-nodeinit-daemonset.yaml.patch | 21 ------- .../cilium-operator-deployment.yaml.patch | 30 ---------- .../cilium-operator/_helpers.tpl.patch | 12 ++++ .../cilium-preflight-daemonset.yaml.patch | 38 ------------ .../cilium-preflight-deployment.yaml.patch | 21 ------- ...lustermesh-apiserver-deployment.yaml.patch | 39 ------------ .../hubble-relay-deployment.yaml.patch | 21 ------- .../templates/hubble-ui-deployment.yaml.patch | 39 ------------ .../generated-changes/patch/values.yaml.patch | 29 +++++---- packages/cilium/package.yaml | 2 +- packages/rke2-cilium/charts/Chart.yaml | 4 +- packages/rke2-cilium/charts/values.yaml | 9 +-- packages/rke2-cilium/package.yaml | 2 +- 19 files changed, 69 insertions(+), 350 deletions(-) delete mode 100644 packages/cilium/generated-changes/patch/templates/_clustermesh-apiserver-generate-certs-job-spec.tpl.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/_hubble-generate-certs-job-spec.tpl.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/cilium-agent-daemonset.yaml.patch create mode 100644 packages/cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/cilium-etcd-operator-deployment.yaml.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/cilium-nodeinit-daemonset.yaml.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/cilium-operator-deployment.yaml.patch create mode 100644 packages/cilium/generated-changes/patch/templates/cilium-operator/_helpers.tpl.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/cilium-preflight-daemonset.yaml.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/cilium-preflight-deployment.yaml.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/clustermesh-apiserver-deployment.yaml.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/hubble-relay-deployment.yaml.patch delete mode 100644 packages/cilium/generated-changes/patch/templates/hubble-ui-deployment.yaml.patch diff --git a/packages/cilium/generated-changes/patch/templates/_clustermesh-apiserver-generate-certs-job-spec.tpl.patch b/packages/cilium/generated-changes/patch/templates/_clustermesh-apiserver-generate-certs-job-spec.tpl.patch deleted file mode 100644 index a890ec7..0000000 --- a/packages/cilium/generated-changes/patch/templates/_clustermesh-apiserver-generate-certs-job-spec.tpl.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- charts-original/templates/_clustermesh-apiserver-generate-certs-job-spec.tpl -+++ charts/templates/_clustermesh-apiserver-generate-certs-job-spec.tpl -@@ -5,15 +5,12 @@ - metadata: - labels: - k8s-app: clustermesh-apiserver-generate-certs -- {{- with .Values.clustermesh.apiserver.podLabels }} -- {{- toYaml . | nindent 8 }} -- {{- end }} - spec: - serviceAccount: {{ .Values.serviceAccounts.clustermeshcertgen.name | quote }} - serviceAccountName: {{ .Values.serviceAccounts.clustermeshcertgen.name | quote }} - containers: - - name: certgen -- image: {{ .Values.certgen.image.repository }}:{{ .Values.certgen.image.tag }} -+ image: {{ template "system_default_registry" . }}{{ .Values.certgen.image.repository }}:{{ .Values.certgen.image.tag }} - imagePullPolicy: {{ .Values.certgen.image.pullPolicy }} - command: - - "/usr/bin/cilium-certgen" diff --git a/packages/cilium/generated-changes/patch/templates/_helpers.tpl.patch b/packages/cilium/generated-changes/patch/templates/_helpers.tpl.patch index fbca563..833cec0 100644 --- a/packages/cilium/generated-changes/patch/templates/_helpers.tpl.patch +++ b/packages/cilium/generated-changes/patch/templates/_helpers.tpl.patch @@ -1,10 +1,9 @@ --- charts-original/templates/_helpers.tpl +++ charts/templates/_helpers.tpl -@@ -126,3 +126,11 @@ - tls.crt: {{ $cert.Cert | b64enc }} - tls.key: {{ $cert.Key | b64enc }} +@@ -5,6 +5,14 @@ + {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} -+ + +{{- define "system_default_registry" -}} +{{- if .Values.global.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.systemDefaultRegistry -}} @@ -12,3 +11,18 @@ +{{- "" -}} +{{- end }} +{{- end }} ++ + {{/* + Render full image name from given values, e.g: + ``` +@@ -18,8 +26,9 @@ + will return `quay.io/cilium/cilium:v1.10.1@abcdefgh` + */}} + {{- define "cilium.image" -}} ++{{- $registry := include "system_default_registry" . -}} + {{- $digest := (.useDigest | default false) | ternary (printf "@%s" .digest) "" -}} +-{{- printf "%s:%s%s" .repository .tag $digest -}} ++{{- printf "%s%s:%s%s" $registry .repository .tag $digest -}} + {{- end -}} + + {{/* diff --git a/packages/cilium/generated-changes/patch/templates/_hubble-generate-certs-job-spec.tpl.patch b/packages/cilium/generated-changes/patch/templates/_hubble-generate-certs-job-spec.tpl.patch deleted file mode 100644 index 13a58b5..0000000 --- a/packages/cilium/generated-changes/patch/templates/_hubble-generate-certs-job-spec.tpl.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- charts-original/templates/_hubble-generate-certs-job-spec.tpl -+++ charts/templates/_hubble-generate-certs-job-spec.tpl -@@ -5,15 +5,12 @@ - metadata: - labels: - k8s-app: hubble-generate-certs -- {{- with .Values.certgen.podLabels }} -- {{- toYaml . | nindent 8 }} -- {{- end }} - spec: - serviceAccount: {{ .Values.serviceAccounts.hubblecertgen.name | quote }} - serviceAccountName: {{ .Values.serviceAccounts.hubblecertgen.name | quote }} - containers: - - name: certgen -- image: {{ .Values.certgen.image.repository }}:{{ .Values.certgen.image.tag }} -+ image: {{ template "system_default_registry" . }}{{ .Values.certgen.image.repository }}:{{ .Values.certgen.image.tag }} - imagePullPolicy: {{ .Values.certgen.image.pullPolicy }} - command: - - "/usr/bin/cilium-certgen" diff --git a/packages/cilium/generated-changes/patch/templates/cilium-agent-daemonset.yaml.patch b/packages/cilium/generated-changes/patch/templates/cilium-agent-daemonset.yaml.patch deleted file mode 100644 index cf36a3f..0000000 --- a/packages/cilium/generated-changes/patch/templates/cilium-agent-daemonset.yaml.patch +++ /dev/null @@ -1,60 +0,0 @@ ---- charts-original/templates/cilium-agent-daemonset.yaml -+++ charts/templates/cilium-agent-daemonset.yaml -@@ -75,9 +75,6 @@ - {{- if .Values.keepDeprecatedLabels }} - kubernetes.io/cluster-service: "true" - {{- end }} --{{- with .Values.podLabels }} -- {{- toYaml . | nindent 8 }} --{{- end }} - spec: - {{- if .Values.affinity }} - affinity: -@@ -223,7 +220,7 @@ - {{- with .Values.extraEnv }} - {{ toYaml . | trim | indent 8 }} - {{- end }} -- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}{{ if .Values.image.useDigest }}@{{ .Values.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.cni.install }} - lifecycle: -@@ -358,7 +355,7 @@ - {{- range $type := .Values.monitor.eventTypes }} - - --type={{ $type }} - {{- end }} -- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}{{ if .Values.image.useDigest }}@{{ .Values.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - volumeMounts: - - mountPath: /var/run/cilium -@@ -393,7 +390,7 @@ - # same directory where we install cilium cni plugin so that exec permissions - # are available. - - 'cp /usr/bin/cilium-mount /hostbin/cilium-mount && nsenter --cgroup=/hostproc/1/ns/cgroup --mount=/hostproc/1/ns/mnt "${BIN_PATH}/cilium-mount" $CGROUP_ROOT; rm /hostbin/cilium-mount' -- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}{{ if .Values.image.useDigest }}@{{ .Values.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}{{ if .Values.image.useDigest }}@{{ .Values.image.digest }}{{ end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - volumeMounts: - - mountPath: /hostproc -@@ -406,8 +403,10 @@ - {{- if and .Values.nodeinit.enabled (not (eq .Values.nodeinit.bootstrapFile "")) }} - - name: wait-for-node-init - command: ['sh', '-c', 'until stat {{ .Values.nodeinit.bootstrapFile }} > /dev/null 2>&1; do echo "Waiting on node-init to run..."; sleep 1; done'] -- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}{{ if .Values.image.useDigest }}@{{ .Values.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ .Values.image.pullPolicy }} -+ securityContext: -+ privileged: true - volumeMounts: - - mountPath: {{ .Values.nodeinit.bootstrapFile }} - name: cilium-bootstrap-file -@@ -438,7 +437,7 @@ - {{- if .Values.extraEnv }} - {{ toYaml .Values.extraEnv | indent 8 }} - {{- end }} -- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}{{ if .Values.image.useDigest }}@{{ .Values.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - name: clean-cilium-state - securityContext: diff --git a/packages/cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch b/packages/cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch new file mode 100644 index 0000000..4da3ab3 --- /dev/null +++ b/packages/cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch @@ -0,0 +1,11 @@ +--- charts-original/templates/cilium-agent/daemonset.yaml ++++ charts/templates/cilium-agent/daemonset.yaml +@@ -390,6 +390,8 @@ + volumeMounts: + - name: cilium-bootstrap-file + mountPath: {{ .Values.nodeinit.bootstrapFile }} ++ securityContext: ++ privileged: true + {{- end }} + - name: clean-cilium-state + image: {{ include "cilium.image" .Values.image | quote }} diff --git a/packages/cilium/generated-changes/patch/templates/cilium-etcd-operator-deployment.yaml.patch b/packages/cilium/generated-changes/patch/templates/cilium-etcd-operator-deployment.yaml.patch deleted file mode 100644 index c7dab7d..0000000 --- a/packages/cilium/generated-changes/patch/templates/cilium-etcd-operator-deployment.yaml.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- charts-original/templates/cilium-etcd-operator-deployment.yaml -+++ charts/templates/cilium-etcd-operator-deployment.yaml -@@ -46,9 +46,6 @@ - labels: - io.cilium/app: etcd-operator - name: cilium-etcd-operator --{{- with .Values.etcd.podLabels }} -- {{- toYaml . | nindent 8 }} --{{- end }} - spec: - {{- if .Values.etcd.affinity }} - affinity: -@@ -90,7 +87,7 @@ - value: "revision" - - name: CILIUM_ETCD_META_ETCD_AUTO_COMPACTION_RETENTION - value: "25000" -- image: {{ .Values.etcd.image.repository }}:{{ .Values.etcd.image.tag }} -+ image: {{ template "system_default_registry" . }}{{ .Values.etcd.image.repository }}:{{ .Values.etcd.image.tag }} - imagePullPolicy: {{ .Values.etcd.image.pullPolicy }} - name: cilium-etcd-operator - dnsPolicy: ClusterFirst diff --git a/packages/cilium/generated-changes/patch/templates/cilium-nodeinit-daemonset.yaml.patch b/packages/cilium/generated-changes/patch/templates/cilium-nodeinit-daemonset.yaml.patch deleted file mode 100644 index 48669b5..0000000 --- a/packages/cilium/generated-changes/patch/templates/cilium-nodeinit-daemonset.yaml.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- charts-original/templates/cilium-nodeinit-daemonset.yaml -+++ charts/templates/cilium-nodeinit-daemonset.yaml -@@ -38,9 +38,6 @@ - {{- end }} - labels: - app: cilium-node-init --{{- with .Values.nodeinit.podLabels }} -- {{- toYaml . | nindent 8 }} --{{- end }} - spec: - {{- with .Values.tolerations }} - tolerations: -@@ -57,7 +54,7 @@ - {{- end }} - containers: - - name: node-init -- image: {{ .Values.nodeinit.image.repository }}:{{ .Values.nodeinit.image.tag }} -+ image: {{ template "system_default_registry" . }}{{ .Values.nodeinit.image.repository }}:{{ .Values.nodeinit.image.tag }} - imagePullPolicy: {{ .Values.nodeinit.image.pullPolicy }} - securityContext: - privileged: true diff --git a/packages/cilium/generated-changes/patch/templates/cilium-operator-deployment.yaml.patch b/packages/cilium/generated-changes/patch/templates/cilium-operator-deployment.yaml.patch deleted file mode 100644 index 2c30bcd..0000000 --- a/packages/cilium/generated-changes/patch/templates/cilium-operator-deployment.yaml.patch +++ /dev/null @@ -1,30 +0,0 @@ ---- charts-original/templates/cilium-operator-deployment.yaml -+++ charts/templates/cilium-operator-deployment.yaml -@@ -56,9 +56,6 @@ - labels: - io.cilium/app: operator - name: cilium-operator --{{- with .Values.operator.podLabels }} -- {{- toYaml . | nindent 8 }} --{{- end }} - spec: - # In HA mode, cilium-operator pods must not be scheduled on the same - # node as they will clash with each other. -@@ -171,13 +168,13 @@ - value: {{ $value }} - {{- end }} - {{- if .Values.eni.enabled }} -- image: "{{ .Values.operator.image.repository }}-aws{{ .Values.operator.image.suffix }}:{{ .Values.operator.image.tag }}{{ if .Values.operator.image.useDigest }}@{{ .Values.operator.image.awsDigest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.operator.image.repository }}-aws:{{ .Values.operator.image.tag }} - {{- else if .Values.azure.enabled }} -- image: "{{ .Values.operator.image.repository }}-azure{{ .Values.operator.image.suffix }}:{{ .Values.operator.image.tag }}{{ if .Values.operator.image.useDigest }}@{{ .Values.operator.image.azureDigest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.operator.image.repository }}-azure:{{ .Values.operator.image.tag }} - {{- else if .Values.alibabacloud.enabled }} -- image: "{{ .Values.operator.image.repository }}-alibabacloud{{ .Values.operator.image.suffix }}:{{ .Values.operator.image.tag }}{{ if .Values.operator.image.useDigest }}@{{ .Values.operator.image.alibabacloudDigest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.operator.image.repository }}-alibabacloud:{{ .Values.operator.image.tag }} - {{- else }} -- image: "{{ .Values.operator.image.repository }}-generic{{ .Values.operator.image.suffix }}:{{ .Values.operator.image.tag }}{{ if .Values.operator.image.useDigest }}@{{ .Values.operator.image.genericDigest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.operator.image.repository }}-generic:{{ .Values.operator.image.tag }} - {{- end }} - imagePullPolicy: {{ .Values.operator.image.pullPolicy }} - name: cilium-operator diff --git a/packages/cilium/generated-changes/patch/templates/cilium-operator/_helpers.tpl.patch b/packages/cilium/generated-changes/patch/templates/cilium-operator/_helpers.tpl.patch new file mode 100644 index 0000000..e144996 --- /dev/null +++ b/packages/cilium/generated-changes/patch/templates/cilium-operator/_helpers.tpl.patch @@ -0,0 +1,12 @@ +--- charts-original/templates/cilium-operator/_helpers.tpl ++++ charts/templates/cilium-operator/_helpers.tpl +@@ -26,7 +26,8 @@ + Return cilium operator image + */}} + {{- define "cilium.operator.image" -}} ++{{- $registry := include "system_default_registry" . }} + {{- $cloud := include "cilium.operator.cloud" . }} + {{- $imageDigest := include "cilium.operator.imageDigestName" . }} +-{{- printf "%s-%s%s:%s%s" .Values.operator.image.repository $cloud .Values.operator.image.suffix .Values.operator.image.tag $imageDigest -}} ++{{- printf "%s%s-%s%s:%s%s" $registry .Values.operator.image.repository $cloud .Values.operator.image.suffix .Values.operator.image.tag $imageDigest -}} + {{- end -}} diff --git a/packages/cilium/generated-changes/patch/templates/cilium-preflight-daemonset.yaml.patch b/packages/cilium/generated-changes/patch/templates/cilium-preflight-daemonset.yaml.patch deleted file mode 100644 index dd4d51e..0000000 --- a/packages/cilium/generated-changes/patch/templates/cilium-preflight-daemonset.yaml.patch +++ /dev/null @@ -1,38 +0,0 @@ ---- charts-original/templates/cilium-preflight-daemonset.yaml -+++ charts/templates/cilium-preflight-daemonset.yaml -@@ -18,9 +18,6 @@ - labels: - k8s-app: cilium-pre-flight-check - kubernetes.io/cluster-service: "true" --{{- with .Values.preflight.podLabels }} -- {{- toYaml . | nindent 8 }} --{{- end }} - spec: - {{- if .Values.imagePullSecrets }} - imagePullSecrets: -@@ -28,14 +25,14 @@ - {{- end }} - initContainers: - - name: clean-cilium-state -- image: "{{ .Values.preflight.image.repository }}:{{ .Values.preflight.image.tag }}{{ if .Values.preflight.image.useDigest }}@{{ .Values.preflight.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.preflight.image.repository }}:{{ .Values.preflight.image.tag }} - imagePullPolicy: {{ .Values.preflight.image.pullPolicy }} - command: ["/bin/echo"] - args: - - "hello" - containers: - - name: cilium-pre-flight-check -- image: "{{ .Values.preflight.image.repository }}:{{ .Values.preflight.image.tag }}{{ if .Values.preflight.image.useDigest }}@{{ .Values.preflight.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.preflight.image.repository }}:{{ .Values.preflight.image.tag }} - imagePullPolicy: {{ .Values.preflight.image.pullPolicy }} - command: ["/bin/sh"] - args: -@@ -71,7 +68,7 @@ - - {{- if ne .Values.preflight.tofqdnsPreCache "" }} - - name: cilium-pre-flight-fqdn-precache -- image: "{{ .Values.preflight.image.repository }}:{{ .Values.preflight.image.tag }}{{ if .Values.preflight.image.useDigest }}@{{ .Values.preflight.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.preflight.image.repository }}:{{ .Values.preflight.image.tag }} - imagePullPolicy: {{ .Values.preflight.image.pullPolicy }} - name: cilium-pre-flight-fqdn-precache - command: ["/bin/sh"] diff --git a/packages/cilium/generated-changes/patch/templates/cilium-preflight-deployment.yaml.patch b/packages/cilium/generated-changes/patch/templates/cilium-preflight-deployment.yaml.patch deleted file mode 100644 index b149aff..0000000 --- a/packages/cilium/generated-changes/patch/templates/cilium-preflight-deployment.yaml.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- charts-original/templates/cilium-preflight-deployment.yaml -+++ charts/templates/cilium-preflight-deployment.yaml -@@ -19,9 +19,6 @@ - labels: - k8s-app: cilium-pre-flight-check-deployment - kubernetes.io/cluster-service: "true" --{{- with .Values.preflight.podLabels }} -- {{- toYaml . | nindent 8 }} --{{- end }} - spec: - affinity: - podAffinity: -@@ -40,7 +37,7 @@ - containers: - {{- if .Values.preflight.validateCNPs }} - - name: cnp-validator -- image: "{{ .Values.preflight.image.repository }}:{{ .Values.preflight.image.tag }}{{ if .Values.preflight.image.useDigest }}@{{ .Values.preflight.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.preflight.image.repository }}:{{ .Values.preflight.image.tag }} - imagePullPolicy: {{ .Values.preflight.image.pullPolicy }} - command: ["/bin/sh"] - args: diff --git a/packages/cilium/generated-changes/patch/templates/clustermesh-apiserver-deployment.yaml.patch b/packages/cilium/generated-changes/patch/templates/clustermesh-apiserver-deployment.yaml.patch deleted file mode 100644 index 29581cd..0000000 --- a/packages/cilium/generated-changes/patch/templates/clustermesh-apiserver-deployment.yaml.patch +++ /dev/null @@ -1,39 +0,0 @@ ---- charts-original/templates/clustermesh-apiserver-deployment.yaml -+++ charts/templates/clustermesh-apiserver-deployment.yaml -@@ -22,9 +22,6 @@ - {{- end }} - labels: - k8s-app: clustermesh-apiserver --{{- with .Values.clustermesh.apiserver.podLabels }} -- {{- toYaml . | nindent 8 }} --{{- end }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: {{- toYaml . | nindent 8 }} -@@ -34,7 +31,7 @@ - serviceAccountName: {{ .Values.serviceAccounts.clustermeshApiserver.name | quote }} - initContainers: - - name: etcd-init -- image: {{ .Values.clustermesh.apiserver.etcd.image.repository }}:{{ .Values.clustermesh.apiserver.etcd.image.tag }} -+ image: {{ template "system_default_registry" . }}{{ .Values.clustermesh.apiserver.etcd.image.repository }}:{{ .Values.clustermesh.apiserver.etcd.image.tag }} - imagePullPolicy: {{ .Values.clustermesh.apiserver.etcd.image.pullPolicy }} - env: - - name: ETCDCTL_API -@@ -71,7 +68,7 @@ - name: etcd-data-dir - containers: - - name: etcd -- image: {{ .Values.clustermesh.apiserver.etcd.image.repository }}:{{ .Values.clustermesh.apiserver.etcd.image.tag }} -+ image: {{ template "system_default_registry" . }}{{ .Values.clustermesh.apiserver.etcd.image.repository }}:{{ .Values.clustermesh.apiserver.etcd.image.tag }} - imagePullPolicy: {{ .Values.clustermesh.apiserver.etcd.image.pullPolicy }} - env: - - name: ETCDCTL_API -@@ -100,7 +97,7 @@ - - mountPath: /var/run/etcd - name: etcd-data-dir - - name: "apiserver" -- image: "{{ .Values.clustermesh.apiserver.image.repository }}:{{ .Values.clustermesh.apiserver.image.tag }}{{ if .Values.clustermesh.apiserver.image.useDigest }}@{{ .Values.clustermesh.apiserver.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.clustermesh.apiserver.image.repository }}:{{ .Values.clustermesh.apiserver.image.tag }} - imagePullPolicy: {{ .Values.clustermesh.apiserver.image.pullPolicy }} - command: - - /usr/bin/clustermesh-apiserver diff --git a/packages/cilium/generated-changes/patch/templates/hubble-relay-deployment.yaml.patch b/packages/cilium/generated-changes/patch/templates/hubble-relay-deployment.yaml.patch deleted file mode 100644 index b995803..0000000 --- a/packages/cilium/generated-changes/patch/templates/hubble-relay-deployment.yaml.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- charts-original/templates/hubble-relay-deployment.yaml -+++ charts/templates/hubble-relay-deployment.yaml -@@ -28,9 +28,6 @@ - {{- end }} - labels: - k8s-app: hubble-relay --{{- with .Values.hubble.relay.podLabels }} -- {{- toYaml . | nindent 8 }} --{{- end }} - spec: - affinity: - podAffinity: -@@ -48,7 +45,7 @@ - {{- end }} - containers: - - name: hubble-relay -- image: "{{ .Values.hubble.relay.image.repository }}:{{ .Values.hubble.relay.image.tag }}{{ if .Values.hubble.relay.image.useDigest }}@{{ .Values.hubble.relay.image.digest }}{{ end }}" -+ image: {{ template "system_default_registry" . }}{{ .Values.hubble.relay.image.repository }}:{{ .Values.hubble.relay.image.tag }} - imagePullPolicy: {{ .Values.hubble.relay.image.pullPolicy }} - command: - - hubble-relay diff --git a/packages/cilium/generated-changes/patch/templates/hubble-ui-deployment.yaml.patch b/packages/cilium/generated-changes/patch/templates/hubble-ui-deployment.yaml.patch deleted file mode 100644 index 9932392..0000000 --- a/packages/cilium/generated-changes/patch/templates/hubble-ui-deployment.yaml.patch +++ /dev/null @@ -1,39 +0,0 @@ ---- charts-original/templates/hubble-ui-deployment.yaml -+++ charts/templates/hubble-ui-deployment.yaml -@@ -23,9 +23,6 @@ - {{- end }} - labels: - k8s-app: hubble-ui --{{- with .Values.hubble.ui.podLabels }} -- {{- toYaml . | nindent 8 }} --{{- end }} - spec: - {{- if .Values.hubble.ui.securityContext.enabled }} - securityContext: -@@ -47,7 +44,7 @@ - {{- end }} - containers: - - name: frontend -- image: "{{ .Values.hubble.ui.frontend.image.repository }}:{{ .Values.hubble.ui.frontend.image.tag }}" -+ image: "{{ template "system_default_registry" . }}{{ .Values.hubble.ui.frontend.image.repository }}:{{ .Values.hubble.ui.frontend.image.tag }}" - imagePullPolicy: {{ .Values.hubble.ui.frontend.image.pullPolicy }} - ports: - - containerPort: 8080 -@@ -55,7 +52,7 @@ - resources: - {{- toYaml .Values.hubble.ui.frontend.resources | trim | nindent 12 }} - - name: backend -- image: "{{ .Values.hubble.ui.backend.image.repository }}:{{ .Values.hubble.ui.backend.image.tag }}" -+ image: "{{ template "system_default_registry" . }}{{ .Values.hubble.ui.backend.image.repository }}:{{ .Values.hubble.ui.backend.image.tag }}" - imagePullPolicy: {{ .Values.hubble.ui.backend.image.pullPolicy }} - env: - - name: EVENTS_SERVER_PORT -@@ -68,7 +65,7 @@ - resources: - {{- toYaml .Values.hubble.ui.backend.resources | trim | nindent 12 }} - - name: proxy -- image: "{{ .Values.hubble.ui.proxy.image.repository }}:{{ .Values.hubble.ui.proxy.image.tag }}" -+ image: "{{ template "system_default_registry" . }}{{ .Values.hubble.ui.proxy.image.repository }}:{{ .Values.hubble.ui.proxy.image.tag }}" - imagePullPolicy: {{ .Values.hubble.ui.proxy.image.pullPolicy }} - ports: - - containerPort: 8081 diff --git a/packages/cilium/generated-changes/patch/values.yaml.patch b/packages/cilium/generated-changes/patch/values.yaml.patch index ad5a45e..832031a 100644 --- a/packages/cilium/generated-changes/patch/values.yaml.patch +++ b/packages/cilium/generated-changes/patch/values.yaml.patch @@ -1,6 +1,15 @@ --- charts-original/values.yaml +++ charts/values.yaml -@@ -658,7 +658,8 @@ +@@ -561,7 +561,7 @@ + + hubble: + # -- Enable Hubble (true by default). +- enabled: true ++ enabled: false + + # -- Buffer size of the channel Hubble uses to receive monitor events. If this + # value is not set, the queue size is set to the default monitor queue size. +@@ -694,7 +694,8 @@ # -- Node labels for pod assignment # ref: https://kubernetes.io/docs/user-guide/node-selection/ @@ -10,7 +19,7 @@ # -- Annotations to be added to hubble-relay pods podAnnotations: {} -@@ -789,7 +790,8 @@ +@@ -864,7 +865,8 @@ # -- Node labels for pod assignment # ref: https://kubernetes.io/docs/user-guide/node-selection/ @@ -20,7 +29,7 @@ # -- Node tolerations for pod assignment on nodes with taints # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ -@@ -1145,7 +1147,8 @@ +@@ -1248,7 +1250,8 @@ # -- Node labels for cilium-etcd-operator pod assignment # ref: https://kubernetes.io/docs/user-guide/node-selection/ @@ -30,37 +39,37 @@ # -- Annotations to be added to cilium-etcd-operator pods podAnnotations: {} -@@ -1288,7 +1291,8 @@ +@@ -1387,7 +1390,8 @@ + # -- Node labels for cilium-operator pod assignment # ref: https://kubernetes.io/docs/user-guide/node-selection/ - # - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux # -- Annotations to be added to cilium-operator pods podAnnotations: {} -@@ -1394,7 +1398,8 @@ +@@ -1489,7 +1493,8 @@ + # -- Node labels for nodeinit pod assignment # ref: https://kubernetes.io/docs/user-guide/node-selection/ - # - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux # -- Annotations to be added to node-init pods. podAnnotations: {} -@@ -1488,7 +1493,8 @@ +@@ -1578,7 +1583,8 @@ + # -- Node labels for preflight pod assignment # ref: https://kubernetes.io/docs/user-guide/node-selection/ - # - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux # -- Annotations to be added to preflight pods podAnnotations: {} -@@ -1576,7 +1582,8 @@ +@@ -1663,7 +1669,8 @@ # -- Node labels for pod assignment # ref: https://kubernetes.io/docs/user-guide/node-selection/ diff --git a/packages/cilium/package.yaml b/packages/cilium/package.yaml index bae90d9..531205c 100644 --- a/packages/cilium/package.yaml +++ b/packages/cilium/package.yaml @@ -1,4 +1,4 @@ -url: https://helm.cilium.io/cilium-1.10.4.tgz +url: https://helm.cilium.io/cilium-1.11.0.tgz packageVersion: 01 releaseCandidateVersion: 00 # This package is meant to be consumed as a subchart of another package, diff --git a/packages/rke2-cilium/charts/Chart.yaml b/packages/rke2-cilium/charts/Chart.yaml index 2e9253d..e4ff03f 100644 --- a/packages/rke2-cilium/charts/Chart.yaml +++ b/packages/rke2-cilium/charts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: rke2-cilium description: eBPF-based Networking, Security, and Observability -version: 1.10.4 -kubeVersion: '>= 1.12.0-0' +version: 1.11.0 +kubeVersion: ">= 1.12.0-0" home: https://cilium.io/ keywords: - cilium diff --git a/packages/rke2-cilium/charts/values.yaml b/packages/rke2-cilium/charts/values.yaml index b8acd37..0f67851 100644 --- a/packages/rke2-cilium/charts/values.yaml +++ b/packages/rke2-cilium/charts/values.yaml @@ -1,17 +1,17 @@ # Cilium specific options that can be customized for RKE2 # Set with '--set cilium.