From da84464275e276196777b5d641dcf086ef82a035 Mon Sep 17 00:00:00 2001 From: Roberto Bonafiglia Date: Thu, 16 Jun 2022 17:12:29 +0200 Subject: [PATCH] Updated cilium chart to support IPv6 only config Signed-off-by: Roberto Bonafiglia --- .../cilium-agent/daemonset.yaml.patch | 24 ++++++++++++----- .../templates/cilium-configmap.yaml.patch | 27 ++++++++++++++++++- .../cilium-operator/deployment.yaml.patch | 14 +++++++++- packages/rke2-cilium/package.yaml | 2 +- 4 files changed, 58 insertions(+), 9 deletions(-) diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch index 85e87c0..d33419b 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-agent/daemonset.yaml.patch @@ -1,6 +1,18 @@ --- charts-original/templates/cilium-agent/daemonset.yaml +++ charts/templates/cilium-agent/daemonset.yaml -@@ -47,7 +47,6 @@ +@@ -1,3 +1,11 @@ ++{{- if empty .Values.global.clusterCIDRv4 }} ++{{- $_ := set .Values.ipv4 "enabled" false -}} ++{{- end }} ++ ++{{- if not (empty .Values.global.clusterCIDRv6) }} ++{{- $_ := set .Values.ipv6 "enabled" true -}} ++{{- end }} ++ + {{- if and .Values.agent (not .Values.preflight.enabled) }} + + {{- /* Default values with backwards compatibility */ -}} +@@ -47,7 +55,6 @@ # cilium to be a critical pod in the cluster, which ensures cilium # gets priority scheduling. # https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/ @@ -8,7 +20,7 @@ {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} -@@ -70,7 +69,7 @@ +@@ -70,7 +77,7 @@ {{- end }} containers: - name: cilium-agent @@ -17,7 +29,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} {{- if .Values.sleepAfterInit }} command: -@@ -321,7 +320,7 @@ +@@ -321,7 +328,7 @@ {{- end }} {{- if .Values.monitor.enabled }} - name: cilium-monitor @@ -26,7 +38,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} command: ["cilium"] args: -@@ -348,7 +347,7 @@ +@@ -348,7 +355,7 @@ # Required to mount cgroup2 filesystem on the underlying Kubernetes node. # We use nsenter command with host's cgroup and mount namespaces enabled. - name: mount-cgroup @@ -35,7 +47,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} env: - name: CGROUP_ROOT -@@ -377,7 +376,7 @@ +@@ -377,7 +384,7 @@ {{- end }} {{- if and .Values.nodeinit.enabled .Values.nodeinit.bootstrapFile }} - name: wait-for-node-init @@ -44,7 +56,7 @@ imagePullPolicy: {{ .Values.image.pullPolicy }} command: - sh -@@ -390,9 +389,11 @@ +@@ -390,9 +397,11 @@ volumeMounts: - name: cilium-bootstrap-file-dir mountPath: "/tmp/cilium-bootstrap.d" diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch index c6654b8..916dcd2 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-configmap.yaml.patch @@ -1,6 +1,18 @@ --- charts-original/templates/cilium-configmap.yaml +++ charts/templates/cilium-configmap.yaml -@@ -199,7 +199,11 @@ +@@ -1,3 +1,11 @@ ++{{- if empty .Values.global.clusterCIDRv4 }} ++{{- $_ := set .Values.ipv4 "enabled" false -}} ++{{- end }} ++ ++{{- if not (empty .Values.global.clusterCIDRv6) }} ++{{- $_ := set .Values.ipv6 "enabled" true -}} ++{{- end }} ++ + {{- if and (.Values.agent) (not .Values.preflight.enabled) }} + {{- /* Default values with backwards compatibility */ -}} + {{- $defaultEnableCnpStatusUpdates := "true" -}} +@@ -199,7 +207,11 @@ # Enable IPv6 addressing. If enabled, all endpoints are allocated an IPv6 # address. @@ -13,3 +25,16 @@ {{- if .Values.cleanState }} # If a serious issue occurs during Cilium startup, this +@@ -361,8 +373,12 @@ + enable-endpoint-routes: "true" + enable-local-node-route: "false" + {{- else }} ++{{- if not .Values.ipv4.enabled }} ++ tunnel: "disabled" ++{{- else }} + tunnel: {{ .Values.tunnel }} + {{- end }} ++{{- end }} + + {{- if hasKey .Values "tunnelPort" }} + tunnel-port: "{{ .Values.tunnelPort }}" diff --git a/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch b/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch index 246a9e6..ffa9ea5 100644 --- a/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch +++ b/packages/rke2-cilium/generated-changes/patch/templates/cilium-operator/deployment.yaml.patch @@ -1,6 +1,18 @@ --- charts-original/templates/cilium-operator/deployment.yaml +++ charts/templates/cilium-operator/deployment.yaml -@@ -53,7 +53,7 @@ +@@ -1,4 +1,11 @@ + {{- if .Values.operator.enabled }} ++{{- if empty .Values.global.clusterCIDRv4 }} ++{{- $_ := set .Values.ipv4 "enabled" false -}} ++{{- end }} ++ ++{{- if not (empty .Values.global.clusterCIDRv6) }} ++{{- $_ := set .Values.ipv6 "enabled" true -}} ++{{- end }} + --- + apiVersion: apps/v1 + kind: Deployment +@@ -53,7 +60,7 @@ {{- end }} containers: - name: cilium-operator diff --git a/packages/rke2-cilium/package.yaml b/packages/rke2-cilium/package.yaml index 0c6284b..884e33f 100644 --- a/packages/rke2-cilium/package.yaml +++ b/packages/rke2-cilium/package.yaml @@ -1,2 +1,2 @@ url: https://helm.cilium.io/cilium-1.11.5.tgz -packageVersion: 01 +packageVersion: 02