From c1de89a662131078c92223927562f1b789da3f58 Mon Sep 17 00:00:00 2001 From: Manuel Buil Date: Mon, 14 Mar 2022 16:21:40 +0100 Subject: [PATCH] Change Cilium to consume all variables Signed-off-by: Manuel Buil --- .../patch/templates/_helpers.tpl.patch | 0 .../cilium-agent/daemonset.yaml.patch | 0 .../generated-changes/patch/values.yaml.patch | 0 .../{cilium => cilium-legacy}/package.yaml | 0 .../charts/Chart.yaml | 0 .../charts/requirements.yaml | 0 .../charts/values.yaml | 0 .../dependencies/cilium/dependency.yaml | 2 + .../charts/Chart.yaml | 0 .../charts/values.yaml | 0 .../rke2-cilium-hard-defaults/dependency.yaml | 0 packages/rke2-cilium-legacy/package.yaml | 3 + .../dependencies/cilium/dependency.yaml | 2 - .../generated-changes/patch/Chart.yaml.patch | 22 ++ .../patch/templates/_helpers.tpl.patch | 15 ++ .../cilium-agent/daemonset.yaml.patch | 59 ++++++ .../cilium-nodeinit/daemonset.yaml.patch | 11 + .../cilium-operator/deployment.yaml.patch | 11 + .../cilium-preflight/daemonset.yaml.patch | 28 +++ .../generated-changes/patch/values.yaml.patch | 191 ++++++++++++++++++ packages/rke2-cilium/package.yaml | 5 +- 21 files changed, 344 insertions(+), 5 deletions(-) rename packages/{cilium => cilium-legacy}/generated-changes/patch/templates/_helpers.tpl.patch (100%) rename packages/{cilium => cilium-legacy}/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch (100%) rename packages/{cilium => cilium-legacy}/generated-changes/patch/values.yaml.patch (100%) rename packages/{cilium => cilium-legacy}/package.yaml (100%) rename packages/{rke2-cilium => rke2-cilium-legacy}/charts/Chart.yaml (100%) rename packages/{rke2-cilium => rke2-cilium-legacy}/charts/requirements.yaml (100%) rename packages/{rke2-cilium => rke2-cilium-legacy}/charts/values.yaml (100%) create mode 100644 packages/rke2-cilium-legacy/generated-changes/dependencies/cilium/dependency.yaml rename packages/{rke2-cilium => rke2-cilium-legacy}/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/Chart.yaml (100%) rename packages/{rke2-cilium => rke2-cilium-legacy}/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/values.yaml (100%) rename packages/{rke2-cilium => rke2-cilium-legacy}/generated-changes/dependencies/rke2-cilium-hard-defaults/dependency.yaml (100%) create mode 100644 packages/rke2-cilium-legacy/package.yaml delete mode 100644 packages/rke2-cilium/generated-changes/dependencies/cilium/dependency.yaml create mode 100644 packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch create mode 100644 packages/rke2-cilium/generated-changes/patch/templates/_helpers.tpl.patch create mode 100644 packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch create mode 100644 packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch create mode 100644 packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch create mode 100644 packages/rke2-cilium/generated-changes/patch/templates/cilium-preflight/daemonset.yaml.patch create mode 100644 packages/rke2-cilium/generated-changes/patch/values.yaml.patch diff --git a/packages/cilium/generated-changes/patch/templates/_helpers.tpl.patch b/packages/cilium-legacy/generated-changes/patch/templates/_helpers.tpl.patch similarity index 100% rename from packages/cilium/generated-changes/patch/templates/_helpers.tpl.patch rename to packages/cilium-legacy/generated-changes/patch/templates/_helpers.tpl.patch diff --git a/packages/cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch b/packages/cilium-legacy/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch similarity index 100% rename from packages/cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch rename to packages/cilium-legacy/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch diff --git a/packages/cilium/generated-changes/patch/values.yaml.patch b/packages/cilium-legacy/generated-changes/patch/values.yaml.patch similarity index 100% rename from packages/cilium/generated-changes/patch/values.yaml.patch rename to packages/cilium-legacy/generated-changes/patch/values.yaml.patch diff --git a/packages/cilium/package.yaml b/packages/cilium-legacy/package.yaml similarity index 100% rename from packages/cilium/package.yaml rename to packages/cilium-legacy/package.yaml diff --git a/packages/rke2-cilium/charts/Chart.yaml b/packages/rke2-cilium-legacy/charts/Chart.yaml similarity index 100% rename from packages/rke2-cilium/charts/Chart.yaml rename to packages/rke2-cilium-legacy/charts/Chart.yaml diff --git a/packages/rke2-cilium/charts/requirements.yaml b/packages/rke2-cilium-legacy/charts/requirements.yaml similarity index 100% rename from packages/rke2-cilium/charts/requirements.yaml rename to packages/rke2-cilium-legacy/charts/requirements.yaml diff --git a/packages/rke2-cilium/charts/values.yaml b/packages/rke2-cilium-legacy/charts/values.yaml similarity index 100% rename from packages/rke2-cilium/charts/values.yaml rename to packages/rke2-cilium-legacy/charts/values.yaml diff --git a/packages/rke2-cilium-legacy/generated-changes/dependencies/cilium/dependency.yaml b/packages/rke2-cilium-legacy/generated-changes/dependencies/cilium/dependency.yaml new file mode 100644 index 0000000..29871b3 --- /dev/null +++ b/packages/rke2-cilium-legacy/generated-changes/dependencies/cilium/dependency.yaml @@ -0,0 +1,2 @@ +workingDir: "" +url: packages/cilium-legacy diff --git a/packages/rke2-cilium/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/Chart.yaml b/packages/rke2-cilium-legacy/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/Chart.yaml similarity index 100% rename from packages/rke2-cilium/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/Chart.yaml rename to packages/rke2-cilium-legacy/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/Chart.yaml diff --git a/packages/rke2-cilium/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/values.yaml b/packages/rke2-cilium-legacy/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/values.yaml similarity index 100% rename from packages/rke2-cilium/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/values.yaml rename to packages/rke2-cilium-legacy/generated-changes/dependencies/rke2-cilium-hard-defaults/charts/values.yaml diff --git a/packages/rke2-cilium/generated-changes/dependencies/rke2-cilium-hard-defaults/dependency.yaml b/packages/rke2-cilium-legacy/generated-changes/dependencies/rke2-cilium-hard-defaults/dependency.yaml similarity index 100% rename from packages/rke2-cilium/generated-changes/dependencies/rke2-cilium-hard-defaults/dependency.yaml rename to packages/rke2-cilium-legacy/generated-changes/dependencies/rke2-cilium-hard-defaults/dependency.yaml diff --git a/packages/rke2-cilium-legacy/package.yaml b/packages/rke2-cilium-legacy/package.yaml new file mode 100644 index 0000000..0774348 --- /dev/null +++ b/packages/rke2-cilium-legacy/package.yaml @@ -0,0 +1,3 @@ +url: local +packageVersion: 01 +releaseCandidateVersion: 00 diff --git a/packages/rke2-cilium/generated-changes/dependencies/cilium/dependency.yaml b/packages/rke2-cilium/generated-changes/dependencies/cilium/dependency.yaml deleted file mode 100644 index 0539305..0000000 --- a/packages/rke2-cilium/generated-changes/dependencies/cilium/dependency.yaml +++ /dev/null @@ -1,2 +0,0 @@ -workingDir: "" -url: packages/cilium diff --git a/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch b/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch new file mode 100644 index 0000000..1beb2df --- /dev/null +++ b/packages/rke2-cilium/generated-changes/patch/Chart.yaml.patch @@ -0,0 +1,22 @@ +--- charts-original/Chart.yaml ++++ charts/Chart.yaml +@@ -71,8 +71,7 @@ + apiVersion: v2 + appVersion: 1.11.1 + description: eBPF-based Networking, Security, and Observability +-home: https://cilium.io/ +-icon: https://cdn.jsdelivr.net/gh/cilium/cilium@v1.11.1/Documentation/images/logo-solo.svg ++home: https://docs.rke2.io/ + keywords: + - BPF + - eBPF +@@ -82,7 +81,7 @@ + - Observability + - Troubleshooting + kubeVersion: '>= 1.16.0-0' +-name: cilium ++name: rke2-cilium + sources: +-- https://github.com/cilium/cilium ++- https://github.com/rancher/rke2-charts + version: 1.11.1 diff --git a/packages/rke2-cilium/generated-changes/patch/templates/_helpers.tpl.patch b/packages/rke2-cilium/generated-changes/patch/templates/_helpers.tpl.patch new file mode 100644 index 0000000..67c31a1 --- /dev/null +++ b/packages/rke2-cilium/generated-changes/patch/templates/_helpers.tpl.patch @@ -0,0 +1,15 @@ +--- charts-original/templates/_helpers.tpl ++++ charts/templates/_helpers.tpl +@@ -86,3 +86,12 @@ + {{- print "batch/v1beta1" -}} + {{- end -}} + {{- end -}} ++ ++{{- define "system_default_registry" -}} ++{{- if .Values.global.systemDefaultRegistry -}} ++{{- printf "%s/" .Values.global.systemDefaultRegistry -}} ++{{- else -}} ++{{- "" -}} ++{{- end }} ++{{- end }} ++ diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch new file mode 100644 index 0000000..a80aa35 --- /dev/null +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch @@ -0,0 +1,59 @@ +--- charts-original/templates/cilium-agent/daemonset.yaml ++++ charts/templates/cilium-agent/daemonset.yaml +@@ -47,7 +47,6 @@ + # cilium to be a critical pod in the cluster, which ensures cilium + # gets priority scheduling. + # https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/ +- scheduler.alpha.kubernetes.io/critical-pod: "" + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} +@@ -70,7 +69,7 @@ + {{- end }} + containers: + - name: cilium-agent +- image: {{ include "cilium.image" .Values.image | quote }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.sleepAfterInit }} + command: +@@ -321,7 +320,7 @@ + {{- end }} + {{- if .Values.monitor.enabled }} + - name: cilium-monitor +- image: {{ include "cilium.image" .Values.image | quote }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: ["cilium"] + args: +@@ -348,7 +347,7 @@ + # Required to mount cgroup2 filesystem on the underlying Kubernetes node. + # We use nsenter command with host's cgroup and mount namespaces enabled. + - name: mount-cgroup +- image: {{ include "cilium.image" .Values.image | quote }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: CGROUP_ROOT +@@ -377,7 +376,7 @@ + {{- end }} + {{- if and .Values.nodeinit.enabled .Values.nodeinit.bootstrapFile }} + - name: wait-for-node-init +- image: {{ include "cilium.image" .Values.image | quote }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - sh +@@ -390,9 +389,11 @@ + volumeMounts: + - name: cilium-bootstrap-file + mountPath: {{ .Values.nodeinit.bootstrapFile }} ++ securityContext: ++ privileged: true + {{- end }} + - name: clean-cilium-state +- image: {{ include "cilium.image" .Values.image | quote }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /init-container.sh diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch new file mode 100644 index 0000000..502c91f --- /dev/null +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-nodeinit/daemonset.yaml.patch @@ -0,0 +1,11 @@ +--- charts-original/templates/cilium-nodeinit/daemonset.yaml ++++ charts/templates/cilium-nodeinit/daemonset.yaml +@@ -42,7 +42,7 @@ + name: xtables-lock + containers: + - name: node-init +- image: {{ include "cilium.image" .Values.nodeinit.image | quote }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.nodeinit.image }}" + imagePullPolicy: {{ .Values.nodeinit.image.pullPolicy }} + securityContext: + privileged: true diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch new file mode 100644 index 0000000..246a9e6 --- /dev/null +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch @@ -0,0 +1,11 @@ +--- charts-original/templates/cilium-operator/deployment.yaml ++++ charts/templates/cilium-operator/deployment.yaml +@@ -53,7 +53,7 @@ + {{- end }} + containers: + - name: cilium-operator +- image: {{ include "cilium.operator.image" . }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.operator.image" . }}" + imagePullPolicy: {{ .Values.operator.image.pullPolicy }} + command: + - cilium-operator-{{ include "cilium.operator.cloud" . }} diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-preflight/daemonset.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-preflight/daemonset.yaml.patch new file mode 100644 index 0000000..b67cc7b --- /dev/null +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-preflight/daemonset.yaml.patch @@ -0,0 +1,28 @@ +--- charts-original/templates/cilium-preflight/daemonset.yaml ++++ charts/templates/cilium-preflight/daemonset.yaml +@@ -28,14 +28,14 @@ + {{- end }} + initContainers: + - name: clean-cilium-state +- image: {{ include "cilium.image" .Values.preflight.image | quote }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.preflight.image | quote }}" + imagePullPolicy: {{ .Values.preflight.image.pullPolicy }} + command: ["/bin/echo"] + args: + - "hello" + containers: + - name: cilium-pre-flight-check +- image: {{ include "cilium.image" .Values.preflight.image | quote }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.preflight.image | quote }}" + imagePullPolicy: {{ .Values.preflight.image.pullPolicy }} + command: ["/bin/sh"] + args: +@@ -70,7 +70,7 @@ + {{- end }} + {{- if ne .Values.preflight.tofqdnsPreCache "" }} + - name: cilium-pre-flight-fqdn-precache +- image: {{ include "cilium.image" .Values.preflight.image | quote }} ++ image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.preflight.image | quote }}" + imagePullPolicy: {{ .Values.preflight.image.pullPolicy }} + name: cilium-pre-flight-fqdn-precache + command: ["/bin/sh"] diff --git a/packages/rke2-cilium/generated-changes/patch/values.yaml.patch b/packages/rke2-cilium/generated-changes/patch/values.yaml.patch new file mode 100644 index 0000000..d6b33d7 --- /dev/null +++ b/packages/rke2-cilium/generated-changes/patch/values.yaml.patch @@ -0,0 +1,191 @@ +--- charts-original/values.yaml ++++ charts/values.yaml +@@ -81,12 +81,10 @@ + + # -- Agent container image. + image: +- repository: quay.io/cilium/cilium ++ repository: rancher/mirrored-cilium-cilium + tag: v1.11.1 + pullPolicy: IfNotPresent +- # cilium-digest +- digest: "sha256:251ff274acf22fd2067b29a31e9fda94253d2961c061577203621583d7e85bd2" +- useDigest: true ++ useDigest: false + + # -- Pod affinity for cilium-agent. + affinity: +@@ -98,12 +96,6 @@ + operator: In + values: + - linux +- # Compatible with Kubernetes 1.12.x and 1.13.x +- - matchExpressions: +- - key: beta.kubernetes.io/os +- operator: In +- values: +- - linux + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: +@@ -561,7 +553,7 @@ + + hubble: + # -- Enable Hubble (true by default). +- enabled: true ++ enabled: false + + # -- Buffer size of the channel Hubble uses to receive monitor events. If this + # value is not set, the queue size is set to the default monitor queue size. +@@ -694,7 +686,8 @@ + + # -- Node labels for pod assignment + # ref: https://kubernetes.io/docs/user-guide/node-selection/ +- nodeSelector: {} ++ nodeSelector: ++ kubernetes.io/os: linux + + # -- Annotations to be added to hubble-relay pods + podAnnotations: {} +@@ -864,7 +857,8 @@ + + # -- Node labels for pod assignment + # ref: https://kubernetes.io/docs/user-guide/node-selection/ +- nodeSelector: {} ++ nodeSelector: ++ kubernetes.io/os: linux + + # -- Node tolerations for pod assignment on nodes with taints + # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +@@ -925,7 +919,7 @@ + ipam: + # -- Configure IP Address Management mode. + # ref: https://docs.cilium.io/en/stable/concepts/networking/ipam/ +- mode: "cluster-pool" ++ mode: "kubernetes" + operator: + # -- Deprecated in favor of ipam.operator.clusterPoolIPv4PodCIDRList. + # IPv4 CIDR range to delegate to individual nodes for IPAM. +@@ -1122,7 +1116,7 @@ + + # -- Configure prometheus metrics on the configured port at /metrics + prometheus: +- enabled: false ++ enabled: true + port: 9090 + serviceMonitor: + # -- Enable service monitors. +@@ -1248,7 +1242,8 @@ + + # -- Node labels for cilium-etcd-operator pod assignment + # ref: https://kubernetes.io/docs/user-guide/node-selection/ +- nodeSelector: {} ++ nodeSelector: ++ kubernetes.io/os: linux + + # -- Annotations to be added to cilium-etcd-operator pods + podAnnotations: {} +@@ -1308,17 +1303,9 @@ + + # -- cilium-operator image. + image: +- repository: quay.io/cilium/operator ++ repository: rancher/mirrored-cilium-operator + tag: v1.11.1 +- # operator-generic-digest +- genericDigest: "sha256:977240a4783c7be821e215ead515da3093a10f4a7baea9f803511a2c2b44a235" +- # operator-azure-digest +- azureDigest: "sha256:dbe0da6d8cd82d036bd8d1162140c203f1375ae5a6084a09f704ddc42485f0fb" +- # operator-aws-digest +- awsDigest: "sha256:61895007b65fdc703614c92072d8e81fd0562c02dd605c411a088c355840ea50" +- # operator-alibabacloud-digest +- alibabacloudDigest: "sha256:e4b52b5579167da21fd72ec596f72f9dd7a38963a9bccf855c58af33b1b984c4" +- useDigest: true ++ useDigest: false + pullPolicy: IfNotPresent + suffix: "" + +@@ -1387,7 +1374,8 @@ + + # -- Node labels for cilium-operator pod assignment + # ref: https://kubernetes.io/docs/user-guide/node-selection/ +- nodeSelector: {} ++ nodeSelector: ++ kubernetes.io/os: linux + + # -- Annotations to be added to cilium-operator pods + podAnnotations: {} +@@ -1427,7 +1415,7 @@ + # -- Enable prometheus metrics for cilium-operator on the configured port at + # /metrics + prometheus: +- enabled: false ++ enabled: true + port: 6942 + serviceMonitor: + # -- Enable service monitors. +@@ -1442,11 +1430,11 @@ + + nodeinit: + # -- Enable the node initialization DaemonSet +- enabled: false ++ enabled: true + + # -- node-init image. + image: +- repository: quay.io/cilium/startup-script ++ repository: rancher/mirrored-cilium-startup-script + tag: 62bfbe88c17778aad7bef9fa57ff9e2d4a9ba0d8 + pullPolicy: IfNotPresent + +@@ -1489,7 +1477,8 @@ + + # -- Node labels for nodeinit pod assignment + # ref: https://kubernetes.io/docs/user-guide/node-selection/ +- nodeSelector: {} ++ nodeSelector: ++ kubernetes.io/os: linux + + # -- Annotations to be added to node-init pods. + podAnnotations: {} +@@ -1524,11 +1513,9 @@ + + # -- Cilium pre-flight image. + image: +- repository: quay.io/cilium/cilium ++ repository: rancher/mirrored-cilium-cilium + tag: v1.11.1 +- # cilium-digest +- digest: "sha256:251ff274acf22fd2067b29a31e9fda94253d2961c061577203621583d7e85bd2" +- useDigest: true ++ useDigest: false + pullPolicy: IfNotPresent + + # -- The priority class to use for the preflight pod. +@@ -1578,7 +1565,8 @@ + + # -- Node labels for preflight pod assignment + # ref: https://kubernetes.io/docs/user-guide/node-selection/ +- nodeSelector: {} ++ nodeSelector: ++ kubernetes.io/os: linux + + # -- Annotations to be added to preflight pods + podAnnotations: {} +@@ -1663,7 +1651,8 @@ + + # -- Node labels for pod assignment + # ref: https://kubernetes.io/docs/user-guide/node-selection/ +- nodeSelector: {} ++ nodeSelector: ++ kubernetes.io/os: linux + + # -- Annotations to be added to clustermesh-apiserver pods + podAnnotations: {} +@@ -1789,3 +1778,6 @@ + # -- Configure whether to enable auto detect of terminating state for endpoints + # in order to support graceful termination. + enableK8sTerminatingEndpoint: true ++ ++global: ++ systemDefaultRegistry: "" diff --git a/packages/rke2-cilium/package.yaml b/packages/rke2-cilium/package.yaml index 0774348..0d5b414 100644 --- a/packages/rke2-cilium/package.yaml +++ b/packages/rke2-cilium/package.yaml @@ -1,3 +1,2 @@ -url: local -packageVersion: 01 -releaseCandidateVersion: 00 +url: https://helm.cilium.io/cilium-1.11.1.tgz +packageVersion: 02