From ae564a60150da3c4f760084183cedab612eac3b2 Mon Sep 17 00:00:00 2001 From: Roberto Bonafiglia Date: Tue, 13 Sep 2022 11:30:48 +0200 Subject: [PATCH] Update Calico to 3.24.1 Signed-off-by: Roberto Bonafiglia --- .../generated-changes/patch/Chart.yaml.patch | 2 +- .../crd.projectcalico.org_bgppeers.yaml.patch | 2 +- ...tcalico.org_felixconfigurations.yaml.patch | 63 ------------------- ...alico.org_globalnetworkpolicies.yaml.patch | 8 +-- .../crd.projectcalico.org_ippools.yaml.patch | 4 +- ...ojectcalico.org_networkpolicies.yaml.patch | 8 +-- ...tor.tigera.io_installations_crd.yaml.patch | 8 +-- .../02-tigera-operator.yaml.patch | 4 +- .../generated-changes/patch/values.yaml.patch | 8 +-- packages/rke2-calico/package.yaml | 2 +- .../templates/crd-template/Chart.yaml | 2 +- 11 files changed, 24 insertions(+), 87 deletions(-) delete mode 100644 packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_felixconfigurations.yaml.patch diff --git a/packages/rke2-calico/generated-changes/patch/Chart.yaml.patch b/packages/rke2-calico/generated-changes/patch/Chart.yaml.patch index 153c6cc..2affbc6 100644 --- a/packages/rke2-calico/generated-changes/patch/Chart.yaml.patch +++ b/packages/rke2-calico/generated-changes/patch/Chart.yaml.patch @@ -10,6 +10,6 @@ - https://github.com/projectcalico/calico/tree/master/calico/_includes/charts/tigera-operator - https://github.com/tigera/operator - https://github.com/projectcalico/calico - version: v3.23.3 + version: v3.24.1 +annotations: + catalog.cattle.io/namespace: tigera-operator diff --git a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_bgppeers.yaml.patch b/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_bgppeers.yaml.patch index 6c62433..95d25dd 100644 --- a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_bgppeers.yaml.patch +++ b/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_bgppeers.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/crds/calico/crd.projectcalico.org_bgppeers.yaml +++ charts/crds/calico/crd.projectcalico.org_bgppeers.yaml -@@ -41,8 +41,8 @@ +@@ -42,8 +42,8 @@ in the specific branch of the Node on "bird.cfg". type: boolean maxRestartTime: diff --git a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_felixconfigurations.yaml.patch b/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_felixconfigurations.yaml.patch deleted file mode 100644 index 959bce6..0000000 --- a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_felixconfigurations.yaml.patch +++ /dev/null @@ -1,63 +0,0 @@ ---- charts-original/crds/calico/crd.projectcalico.org_felixconfigurations.yaml -+++ charts/crds/calico/crd.projectcalico.org_felixconfigurations.yaml -@@ -43,7 +43,7 @@ - type: boolean - awsSrcDstCheck: - description: 'Set source-destination-check on AWS EC2 instances. Accepted -- value must be one of "DoNothing", "Enable" or "Disable". [Default: -+ value must be one of "DoNothing", "Enabled" or "Disabled". [Default: - DoNothing]' - enum: - - DoNothing -@@ -82,13 +82,6 @@ - BPF programs regardless of what is the per-interfaces or global - setting. Possible values are Disabled or Strict. [Default: Strict]' - type: string -- bpfExtToServiceConnmark: -- description: 'BPFExtToServiceConnmark in BPF mode, control a 32bit -- mark that is set on connections from an external client to a local -- service. This mark allows us to control how packets of that connection -- are routed within the host and how is routing intepreted by RPF -- check. [Default: 0]' -- type: integer - bpfExternalServiceMode: - description: 'BPFExternalServiceMode in BPF mode, controls how connections - from outside the cluster to services (node ports and cluster IPs) -@@ -99,6 +92,13 @@ - node appears to use the IP of the ingress node; this requires a - permissive L2 network. [Default: Tunnel]' - type: string -+ bpfExtToServiceConnmark: -+ description: 'BPFExtToServiceConnmark in BPF mode, control a 32bit -+ mark that is set on connections from an external client to a local -+ service. This mark allows us to control how packets of that connection -+ are routed within the host and how is routing intepreted by RPF -+ check. [Default: 0]' -+ type: integer - bpfKubeProxyEndpointSlicesEnabled: - description: BPFKubeProxyEndpointSlicesEnabled in BPF mode, controls - whether Felix's embedded kube-proxy accepts EndpointSlices or not. -@@ -525,12 +525,6 @@ - to false. This reduces the number of metrics reported, reducing - Prometheus load. [Default: true]' - type: boolean -- prometheusWireGuardMetricsEnabled: -- description: 'PrometheusWireGuardMetricsEnabled disables wireguard -- metrics collection, which the Prometheus client does by default, -- when set to false. This reduces the number of metrics reported, -- reducing Prometheus load. [Default: true]' -- type: boolean - removeExternalRoutes: - description: Whether or not to remove device routes that have not - been programmed by Felix. Disabling this will allow external applications -@@ -637,10 +631,6 @@ - description: 'WireguardEnabled controls whether Wireguard is enabled. - [Default: false]' - type: boolean -- wireguardHostEncryptionEnabled: -- description: 'WireguardHostEncryptionEnabled controls whether Wireguard -- host-to-host encryption is enabled. [Default: false]' -- type: boolean - wireguardInterfaceName: - description: 'WireguardInterfaceName specifies the name to use for - the Wireguard interface. [Default: wg.calico]' diff --git a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml.patch b/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml.patch index e355043..fbe1f98 100644 --- a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml.patch +++ b/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml +++ charts/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml -@@ -169,8 +169,8 @@ +@@ -170,8 +170,8 @@ within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, @@ -11,7 +11,7 @@ properties: name: description: Name specifies the name of a Kubernetes -@@ -395,8 +395,8 @@ +@@ -396,8 +396,8 @@ within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, @@ -22,7 +22,7 @@ properties: name: description: Name specifies the name of a Kubernetes -@@ -542,8 +542,8 @@ +@@ -543,8 +543,8 @@ within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, @@ -33,7 +33,7 @@ properties: name: description: Name specifies the name of a Kubernetes -@@ -768,8 +768,8 @@ +@@ -769,8 +769,8 @@ within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, diff --git a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_ippools.yaml.patch b/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_ippools.yaml.patch index a902dba..1902c38 100644 --- a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_ippools.yaml.patch +++ b/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_ippools.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/crds/calico/crd.projectcalico.org_ippools.yaml +++ charts/crds/calico/crd.projectcalico.org_ippools.yaml -@@ -30,12 +30,6 @@ +@@ -31,12 +31,6 @@ spec: description: IPPoolSpec contains the specification for an IPPool resource. properties: @@ -13,7 +13,7 @@ blockSize: description: The block size to use for IP address assignments from this pool. Defaults to 26 for IPv4 and 122 for IPv6. -@@ -43,10 +37,6 @@ +@@ -44,10 +38,6 @@ cidr: description: The pool CIDR. type: string diff --git a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_networkpolicies.yaml.patch b/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_networkpolicies.yaml.patch index 6294292..45ae9f8 100644 --- a/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_networkpolicies.yaml.patch +++ b/packages/rke2-calico/generated-changes/patch/crds/calico/crd.projectcalico.org_networkpolicies.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/crds/calico/crd.projectcalico.org_networkpolicies.yaml +++ charts/crds/calico/crd.projectcalico.org_networkpolicies.yaml -@@ -158,8 +158,8 @@ +@@ -159,8 +159,8 @@ within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, @@ -11,7 +11,7 @@ properties: name: description: Name specifies the name of a Kubernetes -@@ -384,8 +384,8 @@ +@@ -385,8 +385,8 @@ within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, @@ -22,7 +22,7 @@ properties: name: description: Name specifies the name of a Kubernetes -@@ -531,8 +531,8 @@ +@@ -532,8 +532,8 @@ within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, @@ -33,7 +33,7 @@ properties: name: description: Name specifies the name of a Kubernetes -@@ -757,8 +757,8 @@ +@@ -758,8 +758,8 @@ within the selected service(s) will be matched, and only to/from each endpoint's port. \n Services cannot be specified on the same rule as Selector, NotSelector, NamespaceSelector, diff --git a/packages/rke2-calico/generated-changes/patch/crds/operator.tigera.io_installations_crd.yaml.patch b/packages/rke2-calico/generated-changes/patch/crds/operator.tigera.io_installations_crd.yaml.patch index b7067ff..ac69da5 100644 --- a/packages/rke2-calico/generated-changes/patch/crds/operator.tigera.io_installations_crd.yaml.patch +++ b/packages/rke2-calico/generated-changes/patch/crds/operator.tigera.io_installations_crd.yaml.patch @@ -1,6 +1,6 @@ --- charts-original/crds/operator.tigera.io_installations_crd.yaml +++ charts/crds/operator.tigera.io_installations_crd.yaml -@@ -354,13 +354,6 @@ +@@ -4154,13 +4154,6 @@ nodes on which to run Calico components. This is globally applied to all resources created by the operator excluding daemonsets. type: object @@ -14,7 +14,7 @@ controlPlaneTolerations: description: ControlPlaneTolerations specify tolerations which are then globally applied to all resources created by the operator. -@@ -531,10 +524,6 @@ +@@ -4337,10 +4330,6 @@ or "OnDelete". Default is RollingUpdate. type: string type: object @@ -25,7 +25,7 @@ registry: description: "Registry is the default Docker registry used for component Docker images. If specified then the given value must end with a -@@ -1103,13 +1092,6 @@ +@@ -10305,13 +10294,6 @@ plane nodes on which to run Calico components. This is globally applied to all resources created by the operator excluding daemonsets. type: object @@ -39,7 +39,7 @@ controlPlaneTolerations: description: ControlPlaneTolerations specify tolerations which are then globally applied to all resources created by the operator. -@@ -1282,10 +1264,6 @@ +@@ -10490,10 +10472,6 @@ or "OnDelete". Default is RollingUpdate. type: string type: object diff --git a/packages/rke2-calico/generated-changes/patch/templates/tigera-operator/02-tigera-operator.yaml.patch b/packages/rke2-calico/generated-changes/patch/templates/tigera-operator/02-tigera-operator.yaml.patch index edee762..8c37e9d 100644 --- a/packages/rke2-calico/generated-changes/patch/templates/tigera-operator/02-tigera-operator.yaml.patch +++ b/packages/rke2-calico/generated-changes/patch/templates/tigera-operator/02-tigera-operator.yaml.patch @@ -9,7 +9,7 @@ labels: k8s-app: tigera-operator spec: -@@ -29,7 +29,7 @@ +@@ -37,7 +37,7 @@ dnsPolicy: ClusterFirstWithHostNet containers: - name: tigera-operator @@ -18,7 +18,7 @@ imagePullPolicy: IfNotPresent command: - operator -@@ -78,7 +78,6 @@ +@@ -86,7 +86,6 @@ command: - calicoctl args: diff --git a/packages/rke2-calico/generated-changes/patch/values.yaml.patch b/packages/rke2-calico/generated-changes/patch/values.yaml.patch index 291c797..7afbca6 100644 --- a/packages/rke2-calico/generated-changes/patch/values.yaml.patch +++ b/packages/rke2-calico/generated-changes/patch/values.yaml.patch @@ -25,19 +25,19 @@ certs: node: -@@ -22,9 +34,25 @@ +@@ -40,9 +52,32 @@ - # Configuration for the tigera operator + # Image and registry configuration for the tigera/operator pod. tigeraOperator: - image: tigera/operator + image: rancher/mirrored-calico-operator - version: v1.27.12 + version: v1.28.1 - registry: quay.io + registry: docker.io calicoctl: - image: docker.io/calico/ctl + image: rancher/mirrored-calico-ctl - tag: v3.23.3 + tag: v3.24.1 + +global: + systemDefaultRegistry: "" diff --git a/packages/rke2-calico/package.yaml b/packages/rke2-calico/package.yaml index dde2a1c..07b3224 100644 --- a/packages/rke2-calico/package.yaml +++ b/packages/rke2-calico/package.yaml @@ -1,4 +1,4 @@ -url: https://github.com/projectcalico/calico/releases/download/v3.23.3/tigera-operator-v3.23.3.tgz +url: https://github.com/projectcalico/calico/releases/download/v3.24.1/tigera-operator-v3.24.1.tgz packageVersion: 01 additionalCharts: - workingDir: charts-crd diff --git a/packages/rke2-calico/templates/crd-template/Chart.yaml b/packages/rke2-calico/templates/crd-template/Chart.yaml index 0c3e7e2..0ad854c 100644 --- a/packages/rke2-calico/templates/crd-template/Chart.yaml +++ b/packages/rke2-calico/templates/crd-template/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -version: v3.23.3 +version: v3.24.1 description: Installs the CRDs for rke2-calico name: rke2-calico-crd type: application