From e6b075d9d274d5aac46b58cfbea4e0e8153ce22d Mon Sep 17 00:00:00 2001 From: actions Date: Wed, 15 Dec 2021 21:54:57 +0000 Subject: [PATCH] Bump rke2-kube-proxy-1.20 to v1.20.14-rke2r1-build20211215 Signed-off-by: Brad Davidson --- ...-proxy-v1.20.14-rke2r1-build2021121501.tgz | Bin 0 -> 4338 bytes .../Chart.yaml | 12 ++ .../templates/NOTES.txt | 2 + .../templates/_helpers.tpl | 21 +++ .../templates/config.yaml | 69 +++++++++ .../templates/daemonset.yaml | 78 ++++++++++ .../templates/rbac.yaml | 12 ++ .../templates/serviceaccount.yaml | 5 + .../values.yaml | 142 ++++++++++++++++++ index.yaml | 16 ++ 10 files changed, 357 insertions(+) create mode 100755 assets/rke2-kube-proxy-1.20/rke2-kube-proxy-v1.20.14-rke2r1-build2021121501.tgz create mode 100755 charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/Chart.yaml create mode 100755 charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/NOTES.txt create mode 100755 charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/_helpers.tpl create mode 100755 charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/config.yaml create mode 100755 charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/daemonset.yaml create mode 100755 charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/rbac.yaml create mode 100755 charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/serviceaccount.yaml create mode 100755 charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/values.yaml diff --git a/assets/rke2-kube-proxy-1.20/rke2-kube-proxy-v1.20.14-rke2r1-build2021121501.tgz b/assets/rke2-kube-proxy-1.20/rke2-kube-proxy-v1.20.14-rke2r1-build2021121501.tgz new file mode 100755 index 0000000000000000000000000000000000000000..f34b294190043189929f58c8644f290c51c2071f GIT binary patch literal 4338 zcmVDc zVQyr3R8em|NM&qo0PH+#bK5qy{mfr+Cg~m9b4}{uM_SHi=Q>W(^|VQJ?X>;S>0}`C zNJIq!3;@d3dh_4!9Dt-qO0ttCo1NWjbf%Vo^TNS-;i2dSj>APc#jw!oW;Hm^n6}Z1 z<>H$!)`r93@bviD{T&X6{lCNG@%Wq3@#y6A_;frxIr?TeIvyP#eFMWUC&KPl8q4%I z!_Vf`pWMGmV+H>Owc$#}up9-fC|X~m@h}=4hh!sq6r^Yp%?s-WFQl7v_B2371 zqF{lmYo${Y2O+FYD##g^mT`&NjbP5Wh#?_EGykKROfu9_qVfPhvK(W$^nLIXo0`CP z^~^Lds?-TOdYQF_i3fu@w^=zQLW7Fvz+rht!E(p6!fDAxIv$Qkqw(luI12vNEAn+) z-~X3PlxV(e0Jz)#M@Qo)M}7Z49*rLS|7)}`41?e?@SM#NW=cE9^*-kM;s8Knp$xZ5 zuVScOD`PrEiK(+4EzzP004$r|<6y+>ZH90$0hXp3jd5IUhTyn@LA^u`R{2k$Bm|FP z-=L+wyW8l)Fp0NZCFqy($9CrXtTL1^al*{zY^NyjSM`B&f!0Hkq z5y)g&052??ii#vJmIicLf5jVaqo9I}p`O+G#q(Hud|pirp+F5To3Q5uUnqRIT4 zp@c-q8K0LL(?hVD&1O6SgVN2C!4>KyPZ~5**G#J%RA~)Q5p2dy#VB|T*IWpgBIL}x zFHy4;QzvDIuETdC5eEr)V^K>ch`>*ZrO%jPGV#1>f+^RSSWF3pW}(p(m{`8-NXDhH z$kL$dA|=Ey8b-%sQte=LTC1mEHmgb1^JkP#V8#VTf$#I`{F}N4HM1>ERgg3dBESk> z*$SxwXBth0X#}rIV@dY8Mn(eKj7b>Q#IIH|nV{w>jbU_>4^2P=(rT70$krdjD|W;4 zG6z}aQ`EGMug~6+5RzuDq|={+hXOU6Pkx3(X@vbD4G3gQbn*$Fa|_Ibyt1IVB(R2C zm~(j$1pqm_nV>#b8e=#bKRNx*i@{}2j0O`>TFucfq!21$77sz=oat1MN40^&oZW;4 z>d*^Gezbk;>2CSGm|Vs%IvNe1jGcg_70Yu}rFFjc_I%ROQf2t(KfSqn@$T2Ni??7b zvq(`QDc*X-bD<3W%D9bTlnrS$i1I}$utORRc_OFv-C)yJyBD^@;l&y?hVijy5z`U?4r#x;bP)30l>F>|B1Xxd!CYGTnnoLubbJXXj zeK7;6Wawxg`Z(m4h~k~Gn#(yb13X1(`HUw%CR724R>ehz#Fk7zri`WPF$(HWZy9GgoxoI1)zZ`xAi1v*E!P*Fa=AT1-owrOBQG;9KJ8PQ09NTK7;%= zJcOgs?@>pzXU-{)op5A}c@>YG87!F~IkF~36R}2MpC%I~iCYtyY28q!h2qkBTQgp9 zhV}v^$38~$2=-3Q-XZLba{B)`8;|q7I{vhS_gb(jUT+tyClu3diSA&yGmQY4mJ~-6 zO{g~TW_0G3n}r4orWqwp!HruoN{V|1t}~uwmA00CX*p^znJPu7?R2vlCs zB9;YQOn$lYb087$CJ|+d=RDOF=Z{^Y<=0*w$I>JjrllY?t_t+C^W|PnahMwiM!Ky5 z{j6R{T0H0YiG{Pv2~4R%wARG|UA(K3s#P#@GE*OuQkBws1*IyFeWr^~Fq-8*(_m^L z+9{4x&U1_0OK^wKPjJyaE3r;~tqHezZDRv$MnY>$kT0Ef;pN5aDxmx+8D?D8V(gaU z=jW3;Xni`9GHoUr1VJJ=N_*Z+DTb;!?$1hXY@P70Gfou-6APNDORei|%(}1)fId4+ zs%IUYb0w{-(#ek1%tcx>)~svy8awjn6~fz9fnE>)JGuIFIo=m0h7*TBsfuWV^fj%k zo;^A%ZKgE;dz}|&O6UIbzIA5rGL$PB9e{Dw%yb2<(V1X#r{6V)7zRtG2ZB#KXDb6X zM`;JmmN8mmxEgDtk~TD&8knNJMwB4b9A=_48Ja+-`Ahov(y3G?s~Ap95Y)9$T?kd_ z@5i;C&L$Ui{j;yC3{Mek1-?AvvNe-~z|Zm{i>w?ec$kmel~R#&{QXB3SUtdxDzGYX zItA8f{KRn|d7@Q~>Psafs4!78uZcSS&>oJ@{F+x&_nQf_NfPO`N^zpJHEz55i^t8` zio)BH37(SDra~nPQ@Q9U8b?Rba4ZR(({PG2R*HH)9ntoG`~3iNWU}E; z>hNWFBU%(ll_IUnS=|-atEW^R8rr^uEd8Te@NRKQi6%i~qGlpH>!5Hn91ahG{{MTR zRDMN-&(c3)2*3aS`}P?D%BD7(aY6H;O7I$|>s2Hh8KgKZ=YxX4AY(EW6c-w#I0&4G zJ}~_17N?aKy+&f#D-CK_=-XU?eW?xop_nzC{#m|PrIRW!mB zjSbn7ap6*{XSbh}TBEdL)f7wzYYLs>&Lg7$Of9IL0>qD59)}fh|v6$}}PisLg zD@e$OTy-q#6D^mfq}rMS`Ju1*nYd;v12ZOsfhlc%tMh|KCte~~g3u-{cnp{I0Swjs z&YunJPjSvA8Fh#uBagdP92>+oqFqsdPh)8|Rl?&S#}K z1Z6YSO&B3LsaTyle^u9*MwL`P;Sly;a`uPPe~td)=>GK(C{V<(H;P85dpdRA`;mR3hfjVc>JBP+xE&Zzd<1o+3*G^;~Q9%0sn^X5I z&+ett^_5C}t|b%|Skf1LR06FFvBm}#SXfX6%DM;|pA2(X2aOGto0MO-SDb!nSy2d{ zI3Fj&aJCtehdgaOCukK=;K-AJ6U}L3Tbn_vgrM~GzT|d&mr{j9=PcKnTfangyzd^| zRkq{Ym)4qUmi1Ap!#;NiZ&e)3g_<%EyW*K5$a7Ef66f4ly^7({qyJ|YHUFg6zyGnA z7lK(dgV%4~zPO6)js0vM_uc;vkB7bcpOe$$hx?ze(tcdmNg1QU9Q|<`6M};JgOmM- zx845#E<;hEHjynp^D6ir{~wJ`p7i|x^yK*X!T-NTyS)u5Uvr7@$fw$ORr-FXt7Q8K z!Vez;0^~D@{3a^$2|C)Eog4UqN{Jaf`Y$th^l6wV3^rdLttCL2Zv9+Ofz0_`$}D@A za($QJ1o)g;_MGc2;%-R04ZJJk)&r7{7rZ$`dAB~R`1A7LaWM1gQ`@GN{$X2-!JSk7 zSDX7o>$TnS->>GEcnNe*{69H5>eqj#M<>IF`2RIp7=}Ub4IqV2+Idw5K!0NRM;HLO z1MLQM9bGEO#djv+YOox+tL~9Q=sdQ$y=?+Ws~`RW?@MJ7K74Q}8wdG;KgVZDf`x6J zr*|oCgrrUQJ|}>wKit2Ij00I?B(3xOJMmh8n|#|x>$kW5pefy%2BJ*@?n2-$_U{V= zA3i{((bmJ9+gnH!6KE3br-Bw-i}1Ryzfc=5YT5$z23tt$*EZDJ&tJOu9xhq~tf%iD zqil!fat&saqIqJ{oOEnO+XA_%bej~d_ayfc+=T6u+<0NqBGnt~qxuu*NpqCkM(vH& zDBGTAw6HdZ`#d+_QMA!}gMH-ogA2dzomUVoN;PEE0ckCM_mRTgn9q32dCApgTcF!_ z*Bv9#bR~wHW)gJ49uJH>mT%WfoZ%VIN5#(rDU33aIMNv(R6-C^BC0PGHWTVU7 zW>o$DT;XA(`H^k+{x4;iD{1iae+_oe{_lABr2qS`C&SZ+^S`gs+8a7n6lSm-RsQ+h zt^XC;o&LG_&V--iqo%;bUGce>1WJ3VIkQRjQ;W?mMzyKNbslPjq$WBPcF_Q+g{bx> z%@5UlPv{?X%5+UAgh6Taz`ao!Ot~EN2zr<>^c$e3&ADL9$yz(>4oY1@hxIe2r{C_s ze)IgryVqy0UK})_D3@(r1WjxYY?T<0#TgoOOGooe`y^jbY2?>)ciGo0LLKl;FuKhKt#2 zWhWX9O4~qfvBoMTVNz;tSMGe^#aHYv`Z?rxAJ$m;RkdPpNn-$=3Q&7>={F6H2++KLF3EH+42gJEZ| zOM~W|E2{6!2D;$WaC2;{XsI;ydY=1}hnHNNda~pouYHBl!6IY4>O>K!4q5yg!HBDY zG9-vBZ-Qo(l`{arjPdn~H`kD;g^A{tCrkvju#_ikE!&xUmek+#cq)~(hfQ~|-QwW3 z+0ghWLuW}s3f*ELU4Ylyt;nLzxpbBJ51J+Dw?S9_$z=>j!x~Nr^aXq?%q@^KUd{O| zO_emXHjOS-K{!gs@ZyFWYZ}BI1Kw3y3~1?`sk9yK&zZY*XKzh$xzql`>V)bQE8>rF z!W{#5$$ppXcrjmcfp7G=d!p0hw8g9L8zkIOc~Lxuex(RSDWddiY7^E>cQ|MwqGhr=fi_5ass?V8W6c;^=c z>nojl)9!Qfr4smz%aqG`XLqm;#IZ}F)$f}EtprvDCoA|5T9w5e?1K8(sl}}!?sIgP zyeX%DU}F70JmD~}ItlaPSYacj;{e gH$D8pj~?1XduR{s-@W}`00030|A0Bv@c>Q$0N%rWumAu6 literal 0 HcmV?d00001 diff --git a/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/Chart.yaml b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/Chart.yaml new file mode 100755 index 0000000..4ebf6a4 --- /dev/null +++ b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +appVersion: v1.20.14-rke2r1 +description: Install Kube Proxy. +keywords: +- kube-proxy +maintainers: +- email: charts@rancher.com + name: Rancher Labs +name: rke2-kube-proxy +sources: +- https://github.com/rancher/rke2-charts +version: v1.20.14-rke2r1-build2021121501 diff --git a/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/NOTES.txt b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/NOTES.txt new file mode 100755 index 0000000..2da0e24 --- /dev/null +++ b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/NOTES.txt @@ -0,0 +1,2 @@ +Kube-proxy has been installed. + diff --git a/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/_helpers.tpl b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/_helpers.tpl new file mode 100755 index 0000000..cb64d1f --- /dev/null +++ b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/_helpers.tpl @@ -0,0 +1,21 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} +{{- define "rke2_data_dir" -}} +{{- if .Values.global.rke2DataDir -}} +{{- printf "%s" .Values.global.rke2DataDir -}} +{{- else -}} +{{- "/var/lib/rancher/rke2" -}} +{{- end -}} +{{- end -}} +{{- define "kubeproxy_kubeconfig" -}} +{{- if .Values.global.rke2DataDir -}} +{{- printf "%s/agent/kubeproxy.kubeconfig" .Values.global.rke2DataDir -}} +{{- else -}} +{{- printf "%s" .Values.clientConnection.kubeconfig -}} +{{- end -}} +{{- end -}} diff --git a/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/config.yaml b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/config.yaml new file mode 100755 index 0000000..f8bb5cc --- /dev/null +++ b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/config.yaml @@ -0,0 +1,69 @@ +--- +apiVersion: v1 +data: + config.conf: |- + apiVersion: kubeproxy.config.k8s.io/v1alpha1 + bindAddress: {{ .Values.bindAddress | quote }} + clientConnection: + acceptContentTypes: {{ .Values.clientConnection.acceptContentTypes | quote }} + burst: {{ .Values.clientConnection.burst }} + contentType: {{ .Values.clientConnection.contentType | quote }} + kubeconfig: {{ include "kubeproxy_kubeconfig" . | quote }} + qps: {{ .Values.clientConnection.qps }} + clusterCIDR: {{ coalesce .Values.global.clusterCIDR .Values.clusterCIDR | quote }} + configSyncPeriod: {{ .Values.configSyncPeriod }} + conntrack: + maxPerCore: {{ .Values.conntrack.maxPerCore }} + min: {{ .Values.conntrack.min }} + tcpCloseWaitTimeout: {{ .Values.conntrack.tcpCloseWaitTimeout | quote }} + tcpEstablishedTimeout: {{ .Values.conntrack.tcpEstablishedTimeout | quote }} + detectLocalMode: {{ .Values.detectLocalMode | quote }} + enableProfiling: {{ .Values.enableProfiling }} + healthzBindAddress: {{ .Values.healthzBindAddress | quote }} + hostnameOverride: {{ .Values.hostnameOverride | quote }} + iptables: + masqueradeAll: {{ .Values.iptables.masqueradeAll }} + masqueradeBit: {{ .Values.iptables.masqueradeBit }} + {{ if .Values.iptables.minSyncPeriod }} + minSyncPeriod: {{ .Values.iptables.minSyncPeriod }} + {{ end }} + syncPeriod: {{ .Values.iptables.syncPeriod }} + ipvs: + excludeCIDRs: {{ .Values.ipvs.excludeCIDRs | quote }} + {{ if .Values.ipvs.minSyncPeriod }} + minSyncPeriod: {{ .Values.ipvs.minSyncPeriod }} + {{ end }} + scheduler: {{ .Values.ipvs.scheduler | quote }} + strictARP: {{ .Values.ipvs.strictARP }} + syncPeriod: {{ .Values.ipvs.syncPeriod }} + {{ if .Values.ipvs.tcpFinTimeout }} + tcpFinTimeout: {{ .Values.ipvs.tcpFinTimeout }} + {{ end }} + {{ if .Values.ipvs.tcpTimeout }} + tcpTimeout: {{ .Values.ipvs.tcpTimeout }} + {{ end }} + {{ if .Values.ipvs.udpTimeout }} + udpTimeout: {{ .Values.ipvs.udpTimeout }} + {{ end }} + kind: KubeProxyConfiguration + metricsBindAddress: {{ .Values.metricsBindAddress | quote }} + mode: {{ .Values.proxy.mode | quote }} + nodePortAddresses: null + oomScoreAdj: {{ .Values.oomScoreAdj }} + portRange: {{ .Values.proxy.portRange | quote }} + showHiddenMetricsForVersion: {{ .Values.showHiddenMetricsForVersion | quote }} + udpIdleTimeout: {{ .Values.udpTimeout | quote }} + featureGates: + {{- range $key, $value := .Values.featureGates }} + {{ $key }}: {{ $value }} + {{- end }} + winkernel: + enableDSR: false + networkName: "" + sourceVip: "" +kind: ConfigMap +metadata: + labels: + app: kube-proxy + name: kube-proxy + namespace: kube-system diff --git a/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/daemonset.yaml b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/daemonset.yaml new file mode 100755 index 0000000..1267df8 --- /dev/null +++ b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/daemonset.yaml @@ -0,0 +1,78 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + labels: + k8s-app: kube-proxy + name: kube-proxy + namespace: kube-system +spec: + selector: + matchLabels: + k8s-app: kube-proxy + template: + metadata: + labels: + k8s-app: kube-proxy + spec: + containers: + - command: + - /usr/local/bin/kube-proxy + - --config=/var/lib/kube-proxy/config.conf + - --hostname-override=$(NODE_NAME) + env: + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: IfNotPresent + name: kube-proxy + securityContext: + privileged: true + volumeMounts: + - mountPath: /var/lib/kube-proxy + name: kube-proxy + - mountPath: {{ template "rke2_data_dir" . }}/agent + name: rke2config + readOnly: true + - mountPath: /run/xtables.lock + name: xtables-lock + - mountPath: /lib/modules + name: lib-modules + readOnly: true + dnsPolicy: ClusterFirst + hostNetwork: true + nodeSelector: + kubernetes.io/os: linux + priorityClassName: system-node-critical + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: kube-proxy + serviceAccountName: kube-proxy + terminationGracePeriodSeconds: 30 + tolerations: + - key: CriticalAddonsOnly + operator: Exists + - operator: Exists + volumes: + - hostPath: + path: {{ template "rke2_data_dir" . }}/agent + type: "" + name: rke2config + - configMap: + name: kube-proxy + name: kube-proxy + - hostPath: + path: /run/xtables.lock + type: FileOrCreate + name: xtables-lock + - hostPath: + path: /lib/modules + type: "" + name: lib-modules + updateStrategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate diff --git a/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/rbac.yaml b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/rbac.yaml new file mode 100755 index 0000000..d98f84c --- /dev/null +++ b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/rbac.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: rke2:node-proxier +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:node-proxier +subjects: +- kind: ServiceAccount + name: kube-proxy + namespace: kube-system diff --git a/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/serviceaccount.yaml b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/serviceaccount.yaml new file mode 100755 index 0000000..59408a2 --- /dev/null +++ b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/templates/serviceaccount.yaml @@ -0,0 +1,5 @@ +kind: ServiceAccount +apiVersion: v1 +metadata: + name: kube-proxy + namespace: kube-system diff --git a/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/values.yaml b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/values.yaml new file mode 100755 index 0000000..3278def --- /dev/null +++ b/charts/rke2-kube-proxy-1.20/rke2-kube-proxy/v1.20.14-rke2r1-build2021121501/values.yaml @@ -0,0 +1,142 @@ +--- + +# image for kubeproxy +image: + repository: rancher/hardened-kubernetes + tag: v1.20.14-rke2r1-build20211215 + +# The IP address for the proxy server to serve on +# (set to '0.0.0.0' for all IPv4 interfaces and '::' for all IPv6 interfaces) +bindAddress: 0.0.0.0 + +# If true cleanup iptables and ipvs rules and exit. +cleanup: + +# The CIDR range of pods in the cluster. +# When configured, traffic sent to a Service cluster IP from outside this range +# will be masqueraded and traffic sent from pods to an external +# LoadBalancer IP will be directed to the respective cluster IP instead +clusterCIDR: 10.42.0.0/16 + +# The path to the configuration file. +config: + +# How often configuration from the apiserver is refreshed. Must be greater than 0. +configSyncPeriod: 15m0s + +conntrack: + # Maximum number of NAT connections to track per CPU core (0 to leave the limit as-is and ignore conntrack-min). + maxPerCore: 32768 + # Minimum number of conntrack entries to allocate, regardless of conntrack-max-per-core (set conntrack-max-per-core=0 to leave the limit as-is). + min: 131072 + # NAT timeout for TCP connections in the CLOSE_WAIT state + tcpTimeoutCloseWait: 1h0m0s + # Idle timeout for established TCP connections (0 to leave as-is) + tcpTimeoutEstablished: 24h0m0s + +# Mode to use to detect local traffic +detectLocalMode: + +# A set of key=value pairs that describe feature gates for alpha/experimental features: +featureGates: + +# The IP address with port for the health check server to serve on +# (set to '0.0.0.0:10256' for all IPv4 interfaces and '[::]:10256' for all IPv6 interfaces). Set empty to disable. +healthzBindAddress: 0.0.0.0:10256 + +# help for kube-proxy +help: + +# If non-empty, will use this string as identification instead of the actual hostname. +hostnameOverride: + +iptables: + # If using the pure iptables proxy, SNAT all traffic sent via Service cluster IPs (this not commonly needed) + masqueradeAll: + # If using the pure iptables proxy, the bit of the fwmark space to mark packets requiring SNAT with. Must be within the range [0, 31]. + masqueradeBit: 14 + # The minimum interval of how often the iptables rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m'). + minSyncPeriod: + # The maximum interval of how often iptables rules are refreshed (e.g. '5s', '1m', '2h22m'). Must be greater than 0. + syncPeriod: 30s + +ipvs: + # A comma-separated list of CIDR's which the ipvs proxier should not touch when cleaning up IPVS rules. + excludeCidrs: + # The minimum interval of how often the ipvs rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m'). + minSyncPeriod: + # The ipvs scheduler type when proxy mode is ipvs + scheduler: + # Enable strict ARP by setting arp_ignore to 1 and arp_announce to 2 + strictArp: + # The maximum interval of how often ipvs rules are refreshed (e.g. '5s', '1m', '2h22m'). Must be greater than 0. + syncPeriod: 30s + # The timeout for idle IPVS TCP connections, 0 to leave as-is. (e.g. '5s', '1m', '2h22m'). + tcpTimeout: + # The timeout for IPVS TCP connections after receiving a FIN packet, 0 to leave as-is. (e.g. '5s', '1m', '2h22m'). + tcpfinTimeout: + # The timeout for IPVS UDP packets, 0 to leave as-is. (e.g. '5s', '1m', '2h22m'). + udpTimeout: + + +clientConnection: + # Burst to use while talking with kubernetes apiserver + apiBurst: 10 + # Content type of requests sent to apiserver. + apiContentType: + # QPS to use while talking with kubernetes apiserver + qps: 5 + # Path to kubeconfig file with authorization information (the master location is set by the master flag). + kubeconfig: /var/lib/rancher/rke2/agent/kubeproxy.kubeconfig + +# Maximum number of seconds between log flushes +logFlushFrequency: 5s + + + +# The address of the Kubernetes API server (overrides any value in kubeconfig) +master: + +# The IP address with port for the metrics server to serve on +# (set to '0.0.0.0:10249' for all IPv4 interfaces and '[::]:10249' for all IPv6 interfaces). Set empty to disable. +metricsBindAddress: 127.0.0.1:10249 + +# A string slice of values which specify the addresses to use for NodePorts. +# Values may be valid IP blocks (e.g. 1.2.3.0/24, 1.2.3.4/32). The default empty string slice ([]) means to use all local addresses. +nodeportAddresses: + +# The oom-score-adj value for kube-proxy process. Values must be within the range [-1000, 1000] +oomScoreAdj: -999 + +# If true enables profiling via web interface on /debug/pprof handler. +profiling: + +proxy: + # Which proxy mode to use: 'userspace' (older) or 'iptables' (faster) or 'ipvs'. + # If blank, use the best-available proxy (currently iptables). + # If the iptables proxy is selected, regardless of how, but the system's + # kernel or iptables versions are insufficient, this always falls back to the userspace proxy. + mode: +# Range of host ports (beginPort-endPort, single port or beginPort+offset, inclusive) +# that may be consumed in order to proxy service traffic. +# If (unspecified, 0, or 0-0) then ports will be randomly chosen. + portRange: + +# The previous version for which you want to show hidden metrics. +# Only the previous minor version is meaningful, other values will not be allowed. +# The format is ., e.g.: '1.16'. The purpose of this format is make +# sure you have the opportunity to notice if the next release hides additional metrics, +# rather than being surprised when they are permanently removed in the release after that. +showHiddenMetricsForVersion: + +# How long an idle UDP connection will be kept open (e.g. '250ms', '2s'). +# Must be greater than 0. Only applicable for proxy-mode=userspace +udpTimeout: 250ms + +# Print version information and quit +version: + +# If set, write the default configuration values to this file and exit. +writeConfigTo: +global: + systemDefaultRegistry: "" diff --git a/index.yaml b/index.yaml index 655548c..224b725 100755 --- a/index.yaml +++ b/index.yaml @@ -2438,6 +2438,22 @@ entries: urls: - assets/rke2-kube-proxy/rke2-kube-proxy-v1.21.0-build2021041301.tgz version: v1.21.0-build2021041301 + - apiVersion: v1 + appVersion: v1.20.14-rke2r1 + created: "2021-12-15T21:54:56.909044396Z" + description: Install Kube Proxy. + digest: 6e7c981868c16dd460f5f0b1892611b6ff5ae2430262a082439fa305d09d3c91 + keywords: + - kube-proxy + maintainers: + - email: charts@rancher.com + name: Rancher Labs + name: rke2-kube-proxy + sources: + - https://github.com/rancher/rke2-charts + urls: + - assets/rke2-kube-proxy-1.20/rke2-kube-proxy-v1.20.14-rke2r1-build2021121501.tgz + version: v1.20.14-rke2r1-build2021121501 - apiVersion: v1 appVersion: v1.20.13-rke2r2 created: "2021-12-10T20:20:20.016296195Z"