andata
/
rke2-charts
mirror of https://git.rancher.io/rke2-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update Cilium to v1.15.5 

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
pull/461/head
Roberto Bonafiglia 2024-05-21 07:11:13 +00:00 committed by Manuel Buil
parent 89690aee66
commit a6f9797641
7 changed files with 54 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch
View File

@ -2,10 +2,10 @@
+++ charts/Chart.yaml
@@ -81,8 +81,7 @@
apiVersion: v2
appVersion: 1.15.4
appVersion: 1.15.5
description: eBPF-based Networking, Security, and Observability
-home: https://cilium.io/
-icon: https://cdn.jsdelivr.net/gh/cilium/cilium@v1.15/Documentation/images/logo-solo.svg
-icon: https://cdn.jsdelivr.net/gh/cilium/cilium@main/Documentation/images/logo-solo.svg
+home: https://docs.rke2.io/
keywords:
- BPF
@ -19,4 +19,4 @@
sources:
-- https://github.com/cilium/cilium
+- https://github.com/rancher/rke2-charts
version: 1.15.4
version: 1.15.5

22
packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch
View File

@ -12,7 +12,7 @@
{{- if and .Values.agent (not .Values.preflight.enabled) }}
{{- /* Default values with backwards compatibility */ -}}
@@ -87,7 +95,7 @@
@@ -94,7 +102,7 @@
{{- end }}
containers:
- name: cilium-agent
@ -21,7 +21,7 @@
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.sleepAfterInit }}
command:
@@ -387,7 +395,7 @@
@@ -394,7 +402,7 @@
{{- end }}
{{- if .Values.monitor.enabled }}
- name: cilium-monitor
@ -30,7 +30,7 @@
imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- /bin/bash
@@ -418,8 +426,18 @@
@@ -425,8 +433,18 @@
{{- toYaml .Values.extraContainers | nindent 6 }}
{{- end }}
initContainers:
@ -50,7 +50,7 @@
imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- cilium-dbg
@@ -466,7 +484,7 @@
@@ -481,7 +499,7 @@
# Required to mount cgroup2 filesystem on the underlying Kubernetes node.
# We use nsenter command with host's cgroup and mount namespaces enabled.
- name: mount-cgroup
@ -59,7 +59,7 @@
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: CGROUP_ROOT
@@ -512,7 +530,7 @@
@@ -527,7 +545,7 @@
- ALL
{{- end}}
- name: apply-sysctl-overwrites
@ -68,7 +68,7 @@
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- with .Values.initResources }}
resources:
@@ -561,7 +579,7 @@
@@ -576,7 +594,7 @@
# from a privileged container because the mount propagation bidirectional
# only works from privileged containers.
- name: mount-bpf-fs
@ -77,7 +77,7 @@
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- with .Values.initResources }}
resources:
@@ -586,7 +604,7 @@
@@ -601,7 +619,7 @@
{{- end }}
{{- if and .Values.nodeinit.enabled .Values.nodeinit.bootstrapFile }}
- name: wait-for-node-init
@ -86,7 +86,7 @@
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- with .Values.initResources }}
resources:
@@ -604,9 +622,11 @@
@@ -619,9 +637,11 @@
volumeMounts:
- name: cilium-bootstrap-file-dir
mountPath: "/tmp/cilium-bootstrap.d"
@ -99,16 +99,16 @@
imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- /init-container.sh
@@ -678,7 +698,7 @@
@@ -693,7 +713,7 @@
{{- end }}
{{- if and .Values.waitForKubeProxy (and (ne $kubeProxyReplacement "strict") (ne $kubeProxyReplacement "true")) }}
{{- if and .Values.waitForKubeProxy (and (ne (toString $kubeProxyReplacement) "strict") (ne (toString $kubeProxyReplacement) "true")) }}
- name: wait-for-kube-proxy
- image: {{ include "cilium.image" .Values.image | quote }}
+ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- with .Values.initResources }}
resources:
@@ -716,7 +736,7 @@
@@ -731,7 +751,7 @@
{{- if .Values.cni.install }}
# Install the CNI binaries in an InitContainer so we don't have a writable host mount in the agent
- name: install-cni-binaries

2
packages/rke2-cilium/generated-changes/patch/templates/cilium-envoy/daemonset.yaml.patch
View File

@ -1,6 +1,6 @@
--- charts-original/templates/cilium-envoy/daemonset.yaml
+++ charts/templates/cilium-envoy/daemonset.yaml
@@ -62,7 +62,7 @@
@@ -69,7 +69,7 @@
{{- end }}
containers:
- name: cilium-envoy

2
packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch
View File

@ -1,6 +1,6 @@
--- charts-original/templates/cilium-nodeinit/daemonset.yaml
+++ charts/templates/cilium-nodeinit/daemonset.yaml
@@ -47,7 +47,7 @@
@@ -58,7 +58,7 @@
{{- end }}
containers:
- name: node-init

6
packages/rke2-cilium/generated-changes/patch/templates/clustermesh-apiserver/deployment.yaml.patch
View File

@ -9,7 +9,7 @@
imagePullPolicy: {{ .Values.clustermesh.apiserver.image.pullPolicy }}
command:
- /usr/bin/clustermesh-apiserver
@@ -93,7 +93,7 @@
@@ -101,7 +101,7 @@
containers:
- name: etcd
# The clustermesh-apiserver container image includes an etcd binary.
@ -18,7 +18,7 @@
imagePullPolicy: {{ .Values.clustermesh.apiserver.image.pullPolicy }}
command:
- /usr/bin/etcd
@@ -153,7 +153,7 @@
@@ -165,7 +165,7 @@
{{- toYaml . | nindent 10 }}
{{- end }}
- name: apiserver
@ -27,7 +27,7 @@
imagePullPolicy: {{ .Values.clustermesh.apiserver.image.pullPolicy }}
command:
- /usr/bin/clustermesh-apiserver
@@ -240,7 +240,7 @@
@@ -252,7 +252,7 @@
{{- end }}
{{- if .Values.clustermesh.apiserver.kvstoremesh.enabled }}
- name: kvstoremesh

69
packages/rke2-cilium/generated-changes/patch/values.yaml.patch
View File

@ -6,41 +6,40 @@
override: ~
- repository: "quay.io/cilium/cilium"
+ repository: "rancher/mirrored-cilium-cilium"
tag: "v1.15.4"
tag: "v1.15.5"
pullPolicy: "IfNotPresent"
- # cilium-digest
- digest: "sha256:b760a4831f5aab71c711f7537a107b751d0d0ce90dd32d8b358df3c5da385426"
- digest: "sha256:4ce1666a73815101ec9a4d360af6c5b7f1193ab00d89b7124f8505dee147ca40"
- useDigest: true
+ useDigest: false
# -- Affinity for cilium-agent.
affinity:
@@ -559,8 +557,10 @@
@@ -561,7 +559,9 @@
# - flannel
# - generic-veth
# - portmap
- chainingMode: ~
+
+ # Otherwise rke2 hostPort does not work! Used for nginx
+ chainingMode: portmap
+
# -- A CNI network name in to which the Cilium plugin should be added as a chained plugin.
# This will cause the agent to watch for a CNI network with this network name. When it is
# found, this will be used as the basis for Cilium's CNI configuration file. If this is
@@ -974,10 +974,9 @@
@@ -976,10 +976,9 @@
certgen:
image:
override: ~
- repository: "quay.io/cilium/certgen"
+ repository: "rancher/mirrored-cilium-certgen"
tag: "v0.1.11"
- digest: "sha256:5586de5019abc104637a9818a626956cd9b1e827327b958186ec412ae3d5dea6"
tag: "v0.1.12"
- digest: "sha256:bbc5e65e9dc65bc6b58967fe536b7f3b54e12332908aeb0a96a36866b4372b4e"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
# -- Seconds after which the completed job pod will be deleted
ttlSecondsAfterFinished: 1800
@@ -1002,7 +1001,7 @@
@@ -1004,7 +1003,7 @@
hubble:
# -- Enable Hubble (true by default).
@ -49,21 +48,21 @@
# -- Annotations to be added to all top-level hubble objects (resources under templates/hubble)
annotations: {}
@@ -1233,11 +1232,9 @@
@@ -1235,11 +1234,9 @@
# -- Hubble-relay container image.
image:
override: ~
- repository: "quay.io/cilium/hubble-relay"
+ repository: "rancher/mirrored-cilium-hubble-relay"
tag: "v1.15.4"
tag: "v1.15.5"
- # hubble-relay-digest
- digest: "sha256:03ad857feaf52f1b4774c29614f42a50b370680eb7d0bfbc1ae065df84b1070a"
- digest: "sha256:1d24b24e3477ccf9b5ad081827db635419c136a2bd84a3e60f37b26a38dd0781"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
# -- Specifies the resources for the hubble-relay pods
@@ -1470,10 +1467,9 @@
@@ -1472,10 +1469,9 @@
# -- Hubble-ui backend image.
image:
override: ~
@ -76,7 +75,7 @@
pullPolicy: "IfNotPresent"
# -- Hubble-ui backend security context.
@@ -1509,10 +1505,9 @@
@@ -1511,10 +1507,9 @@
# -- Hubble-ui frontend image.
image:
override: ~
@ -89,7 +88,7 @@
pullPolicy: "IfNotPresent"
# -- Hubble-ui frontend security context.
@@ -1690,7 +1685,7 @@
@@ -1692,7 +1687,7 @@
ipam:
# -- Configure IP Address Management mode.
# ref: https://docs.cilium.io/en/stable/network/concepts/ipam/
@ -98,7 +97,7 @@
# -- Maximum rate at which the CiliumNode custom resource is updated.
ciliumNodeUpdateRate: "15s"
operator:
@@ -1984,7 +1979,7 @@
@@ -1986,7 +1981,7 @@
# -- Configure prometheus metrics on the configured port at /metrics
prometheus:
@ -107,21 +106,21 @@
port: 9962
serviceMonitor:
# -- Enable service monitors.
@@ -2073,11 +2068,10 @@
@@ -2079,11 +2074,10 @@
# -- Envoy container image.
image:
override: ~
- repository: "quay.io/cilium/cilium-envoy"
+ repository: "rancher/mirrored-cilium-cilium-envoy"
tag: "v1.27.4-21905253931655328edaacf3cd16aeda73bbea2f"
tag: "v1.28.3-31ec52ec5f2e4d28a8e19a0bfb872fa48cf7a515"
pullPolicy: "IfNotPresent"
- digest: "sha256:d52f476c29a97c8b250fdbfbb8472191a268916f6a8503671d0da61e323b02cc"
- digest: "sha256:bc8dcc3bc008e3a5aab98edb73a0985e6ef9469bda49d5bb3004c001c995c380"
- useDigest: true
+ useDigest: false
# -- Additional containers added to the cilium Envoy DaemonSet.
extraContainers: []
@@ -2386,10 +2380,9 @@
@@ -2394,10 +2388,9 @@
# -- cilium-etcd-operator image.
image:
override: ~
@ -134,27 +133,27 @@
pullPolicy: "IfNotPresent"
# -- The priority class to use for cilium-etcd-operator
@@ -2494,17 +2487,9 @@
@@ -2502,17 +2495,9 @@
# -- cilium-operator image.
image:
override: ~
- repository: "quay.io/cilium/operator"
+ repository: "rancher/mirrored-cilium-operator"
tag: "v1.15.4"
tag: "v1.15.5"
- # operator-generic-digest
- genericDigest: "sha256:404890a83cca3f28829eb7e54c1564bb6904708cdb7be04ebe69c2b60f164e9a"
- genericDigest: "sha256:f5d3d19754074ca052be6aac5d1ffb1de1eb5f2d947222b5f10f6d97ad4383e8"
- # operator-azure-digest
- azureDigest: "sha256:4c1a31502931681fa18a41ead2a3904b97d47172a92b7a7b205026bd1e715207"
- azureDigest: "sha256:0a56f2cfdcdf13da21b7fdcc870e29fef82e71e599cd8dd74eb65c377e035522"
- # operator-aws-digest
- awsDigest: "sha256:8675486ce8938333390c37302af162ebd12aaebc08eeeaf383bfb73128143fa9"
- awsDigest: "sha256:f9c0eaea023ce5a75b3ed1fc4b783f390c5a3c7dc1507a2dc4dbc667b80d1bd9"
- # operator-alibabacloud-digest
- alibabacloudDigest: "sha256:7c0e5346483a517e18a8951f4d4399337fb47020f2d9225e2ceaa8c5d9a45a5f"
- alibabacloudDigest: "sha256:d76d45e308f23398b786f1f05504863759849046c20c741ebb64ad80613f8fd3"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
suffix: ""
@@ -2676,8 +2661,7 @@
@@ -2684,8 +2669,7 @@
# -- Taint nodes where Cilium is scheduled but not running. This prevents pods
# from being scheduled to nodes where Cilium is not the default CNI provider.
@ -164,35 +163,35 @@
# -- Set Node condition NetworkUnavailable to 'false' with the reason
# 'CiliumIsUp' for nodes that have a healthy Cilium pod.
@@ -2791,11 +2775,9 @@
@@ -2803,11 +2787,9 @@
# -- Cilium pre-flight image.
image:
override: ~
- repository: "quay.io/cilium/cilium"
+ repository: "rancher/mirrored-cilium-cilium"
tag: "v1.15.4"
tag: "v1.15.5"
- # cilium-digest
- digest: "sha256:b760a4831f5aab71c711f7537a107b751d0d0ce90dd32d8b358df3c5da385426"
- digest: "sha256:4ce1666a73815101ec9a4d360af6c5b7f1193ab00d89b7124f8505dee147ca40"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
# -- The priority class to use for the preflight pod.
@@ -2953,11 +2935,9 @@
@@ -2965,11 +2947,9 @@
# -- Clustermesh API server image.
image:
override: ~
- repository: "quay.io/cilium/clustermesh-apiserver"
+ repository: "rancher/mirrored-cilium-clustermesh-apiserver"
tag: "v1.15.4"
tag: "v1.15.5"
- # clustermesh-apiserver-digest
- digest: "sha256:3fadf85d2aa0ecec09152e7e2d57648bda7e35bdc161b25ab54066dd4c3b299c"
- digest: "sha256:914549caf4376a844b5e7696019182dd2a655b89d6a3cad10f9d0f9821759fd7"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
etcd:
@@ -3526,3 +3506,11 @@
@@ -3538,3 +3518,11 @@
agentSocketPath: /run/spire/sockets/agent/agent.sock
# -- SPIRE connection timeout
connectionTimeout: 30s

2
packages/rke2-cilium/package.yaml
View File

@ -1,2 +1,2 @@
url: https://helm.cilium.io/cilium-1.15.4.tgz
url: https://helm.cilium.io/cilium-1.15.5.tgz
packageVersion: 00