andata
/
rke2-charts
mirror of https://git.rancher.io/rke2-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #393 from thomasferrandiz/update-whereabouts-v0.6.3 

Turn rke2-whereabouts into a local chart
pull/394/head
thomasferrandiz 2024-01-10 09:59:42 +01:00 committed by GitHub
parent 9521d362fe 9dad6f78bd
commit ea9b57a7e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
20 changed files with 471 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
packages/rke2-multus/charts/templates/NOTES.txt
View File

@ -7,14 +7,17 @@ Cluster Role: {{ .Values.serviceAccount.name }}
Cluster Role Binding: {{ .Chart.Name }}
{{- end }}
{{- if .Values.manifests.configMap }}
Config Map: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config
Config Map: {{ .Release.Name }}-{{ .Chart.Version }}-config
{{- end }}
{{- if .Values.manifests.customResourceDefinition }}
Custom Resource Definition: network-attachment-definitions.k8s.cni.cncf.io
{{- end }}
{{- if .Values.manifests.daemonSet }}
Daemon Set: {{ .Release.Name }}-{{ .Chart.Name }}-ds
Daemon Set: {{ .Release.Name }}
{{- end }}
{{- if .Values.manifests.dhcpDaemonSet }}
Daemon Set: {{ .Release.Name }}-dhcp
{{- end}}
{{- if .Values.manifests.serviceAccount }}
Service Account: {{ .Values.serviceAccount.name }}
{{- end }}

2
packages/rke2-multus/package.yaml
View File

@ -1,3 +1,3 @@
url: local
workingDir: charts
packageVersion: 06
packageVersion: 07

27
packages/rke2-whereabouts/charts/Chart.yaml Normal file
View File

@ -0,0 +1,27 @@
apiVersion: v2
name: whereabouts
description: A Helm chart to deploy the whereabouts CNI
home: https://github.com/k8snetworkplumbingwg/whereabouts
maintainers:
- name: Rancher Labs
email: charts@rancher.com
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 0.6.3

69
packages/rke2-whereabouts/charts/crds/whereabouts.cni.cncf.io_ippools.yaml Normal file
View File

@ -0,0 +1,69 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: ippools.whereabouts.cni.cncf.io
spec:
group: whereabouts.cni.cncf.io
names:
kind: IPPool
listKind: IPPoolList
plural: ippools
singular: ippool
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: IPPool is the Schema for the ippools API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: IPPoolSpec defines the desired state of IPPool
properties:
allocations:
additionalProperties:
description: IPAllocation represents metadata about the pod/container
owner of a specific IP
properties:
id:
type: string
podref:
type: string
required:
- id
type: object
description: Allocations is the set of allocated IPs for the given
range. Its` indices are a direct mapping to the IP with the same
index/offset for the pool's range.
type: object
range:
description: Range is a RFC 4632/4291-style string that represents
an IP address and prefix length in CIDR notation
type: string
required:
- allocations
- range
type: object
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

56
packages/rke2-whereabouts/charts/crds/whereabouts.cni.cncf.io_overlappingrangeipreservations.yaml Normal file
View File

@ -0,0 +1,56 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: overlappingrangeipreservations.whereabouts.cni.cncf.io
spec:
group: whereabouts.cni.cncf.io
names:
kind: OverlappingRangeIPReservation
listKind: OverlappingRangeIPReservationList
plural: overlappingrangeipreservations
singular: overlappingrangeipreservation
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: OverlappingRangeIPReservation is the Schema for the OverlappingRangeIPReservations
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OverlappingRangeIPReservationSpec defines the desired state
of OverlappingRangeIPReservation
properties:
containerid:
type: string
podref:
type: string
required:
- containerid
type: object
required:
- spec
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

5
packages/rke2-whereabouts/charts/templates/NOTES.txt Normal file
View File

@ -0,0 +1,5 @@
Whereabouts is installed!!
You can view the pods with the following command:
kubectl get pods -n {{ .Release.Namespace }} -l app=whereabouts

75
packages/rke2-whereabouts/charts/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,75 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "whereabouts.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "whereabouts.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Provide a method to override namespace so parent charts can set it
*/}}
{{- define "whereabouts.namespace" -}}
{{- if hasKey .Values "namespaceOverride" -}}
namespace: {{ .Values.namespaceOverride }}
{{- else }}
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "whereabouts.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "whereabouts.labels" -}}
app: whereabouts
helm.sh/chart: {{ include "whereabouts.chart" . }}
{{ include "whereabouts.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "whereabouts.selectorLabels" -}}
app: {{ include "whereabouts.name" . }}
app.kubernetes.io/name: {{ include "whereabouts.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "whereabouts.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "whereabouts.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

52
packages/rke2-whereabouts/charts/templates/cluster_role.yaml Normal file
View File

@ -0,0 +1,52 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "whereabouts.serviceAccountName" . }}
rules:
- apiGroups:
- whereabouts.cni.cncf.io
resources:
- ippools
- overlappingrangeipreservations
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- '*'
- apiGroups: [""]
resources:
- pods
verbs:
- list
- watch
- apiGroups: [""]
resources:
- nodes
verbs:
- get
- apiGroups: ["k8s.cni.cncf.io"]
resources:
- network-attachment-definitions
verbs:
- get
- list
- watch
- apiGroups:
- ""
- events.k8s.io
resources:
- events
verbs:
- create
- patch
- update
- get

15
packages/rke2-whereabouts/charts/templates/cluster_role_binding.yaml Normal file
View File

@ -0,0 +1,15 @@
{{- if .Values.serviceAccount.create -}}
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "whereabouts.serviceAccountName" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "whereabouts.serviceAccountName" . }}
subjects:
- kind: ServiceAccount
name: {{ include "whereabouts.serviceAccountName" . }}
{{- include "whereabouts.namespace" . | nindent 2 }}
{{- end }}

10
packages/rke2-whereabouts/charts/templates/configmap.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "whereabouts.fullname" . }}-config
{{- include "whereabouts.namespace" . | nindent 2 }}
annotations:
kubernetes.io/description: |
Configmap containing user customizable cronjob schedule
data:
cron-expression: "30 4 * * *" # Default schedule is once per day at 4:30am. Users may configure this value to their liking.

93
packages/rke2-whereabouts/charts/templates/daemonset.yaml Normal file
View File

@ -0,0 +1,93 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "whereabouts.fullname" . }}
{{- include "whereabouts.namespace" . | nindent 2 }}
labels:
{{- include "whereabouts.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
name: whereabouts
{{- include "whereabouts.selectorLabels" . | nindent 6 }}
updateStrategy:
type: {{ .Values.updateStrategy }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
name: whereabouts
{{- include "whereabouts.selectorLabels" . | nindent 8 }}
spec:
hostNetwork: true
serviceAccountName: {{ include "whereabouts.serviceAccountName" . }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext: #TODO still needed?
{{- toYaml .Values.podSecurityContext | nindent 8 }}
tolerations:
- operator: Exists
effect: NoSchedule
containers:
- name: {{ .Chart.Name }}
command: [ "/bin/sh" ]
args:
- -c
- >
SLEEP=false /install-cni.sh &&
/ip-control-loop -log-level debug
securityContext:
# {{- toYaml .Values.securityContext | nindent 12 }}
privileged: true
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: NODENAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: WHEREABOUTS_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- name: cnibin
mountPath: /host/opt/cni/bin
- name: cni-net-dir
mountPath: /host/etc/cni/net.d
- name: cron-scheduler-configmap
mountPath: /cron-schedule
volumes:
- name: cnibin
hostPath:
path: /opt/cni/bin
- name: cni-net-dir
hostPath:
path: /etc/cni/net.d
- name: cron-scheduler-configmap
configMap:
name: {{ include "whereabouts.fullname" . }}-config
defaultMode: 0744
items:
- key: "cron-expression"
path: "config"
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

13
packages/rke2-whereabouts/charts/templates/serviceaccount.yaml Normal file
View File

@ -0,0 +1,13 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "whereabouts.serviceAccountName" . }}
{{- include "whereabouts.namespace" . | nindent 2 }}
labels:
{{- include "whereabouts.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

47
packages/rke2-whereabouts/charts/values.yaml Normal file
View File

@ -0,0 +1,47 @@
# Default values for whereabouts.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
image:
repository: rancher/hardened-whereabouts
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: v0.6.3-build20240109
updateStrategy: RollingUpdate
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
namespaceOverride: "kube-system"
successfulJobsHistoryLimit: 0
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
#name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext:
privileged: true
resources:
requests:
cpu: "100m"
memory: "100Mi"
nodeSelector:
kubernetes.io/arch: amd64
tolerations:
- operator: Exists
effect: NoSchedule
affinity: {}

57
packages/rke2-whereabouts/generated-changes/exclude/templates/cronjob.yaml
View File

@ -1,57 +0,0 @@
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: {{ include "whereabouts.fullname" . }}
{{- include "whereabouts.namespace" . | nindent 2 }}
labels:
{{- include "whereabouts.labels" . | nindent 4 }}
spec:
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: {{ .Values.successfulJobsHistoryLimit | default "0" }}
schedule: "*/5 * * * *"
jobTemplate:
spec:
backoffLimit: 0
template:
metadata:
labels:
name: whereabouts
{{- include "whereabouts.selectorLabels" . | nindent 12 }}
spec:
priorityClassName: "system-node-critical"
serviceAccountName: {{ include "whereabouts.serviceAccountName" . }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 12 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 16 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
resources:
{{- toYaml .Values.resources | nindent 16 }}
command:
- /ip-reconciler
- -log-level=verbose
volumeMounts:
- name: cni-net-dir
mountPath: /host/etc/cni/net.d
volumes:
- name: cni-net-dir
hostPath:
path: /etc/cni/net.d
restartPolicy: OnFailure
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 12 }}
{{- end }}

20
packages/rke2-whereabouts/generated-changes/patch/Chart.yaml.patch
View File

@ -1,20 +0,0 @@
--- charts-original/Chart.yaml
+++ charts/Chart.yaml
@@ -1,6 +1,10 @@
apiVersion: v2
name: whereabouts
-description: A Helm chart for Kubernetes
+description: A Helm chart to deploy the whereabouts CNI
+home: https://github.com/k8snetworkplumbingwg/whereabouts
+maintainers:
+ - name: Rancher Labs
+ email: charts@rancher.com
# A chart can be either an 'application' or a 'library' chart.
#
@@ -20,4 +24,4 @@
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 1.16.0
+appVersion: 0.6.2

18
packages/rke2-whereabouts/generated-changes/patch/templates/_helpers.tpl.patch
View File

@ -1,18 +0,0 @@
--- charts-original/templates/_helpers.tpl
+++ charts/templates/_helpers.tpl
@@ -1,4 +1,15 @@
{{/*
+Support private registry.
+*/}}
+{{- define "system_default_registry" -}}
+{{- if .Values.global.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
Expand the name of the chart.
*/}}
{{- define "whereabouts.name" -}}

14
packages/rke2-whereabouts/generated-changes/patch/templates/cluster_role.yaml.patch
View File

@ -1,14 +0,0 @@
--- charts-original/templates/cluster_role.yaml
+++ charts/templates/cluster_role.yaml
@@ -28,6 +28,11 @@
verbs:
- list
- watch
+- apiGroups: [""]
+ resources:
+ - nodes
+ verbs:
+ - get
- apiGroups: ["k8s.cni.cncf.io"]
resources:
- network-attachment-definitions

26
packages/rke2-whereabouts/generated-changes/patch/templates/daemonset.yaml.patch
View File

@ -1,26 +0,0 @@
--- charts-original/templates/daemonset.yaml
+++ charts/templates/daemonset.yaml
@@ -32,11 +32,22 @@
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
+ command: [ "/bin/sh" ]
+ args:
+ - -c
+ - >
+ SLEEP=false /install-cni.sh &&
+ /ip-control-loop -log-level debug
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+ image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
+ - name: NODENAME
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: spec.nodeName
- name: WHEREABOUTS_NAMESPACE
valueFrom:
fieldRef:

32
packages/rke2-whereabouts/generated-changes/patch/values.yaml.patch
View File

@ -1,32 +0,0 @@
--- charts-original/values.yaml
+++ charts/values.yaml
@@ -3,10 +3,10 @@
# Declare variables to be passed into your templates.
image:
- repository: ghcr.io/k8snetworkplumbingwg/whereabouts
+ repository: rancher/hardened-whereabouts
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
- tag: "latest-amd64"
+ tag: v0.6.2-build20231009
updateStrategy: RollingUpdate
imagePullSecrets: []
@@ -35,13 +35,13 @@
resources:
requests:
cpu: "100m"
- memory: "50Mi"
+ memory: "100Mi"
limits:
cpu: "100m"
- memory: "50Mi"
+ memory: "100Mi"
nodeSelector:
- beta.kubernetes.io/arch: amd64
+ kubernetes.io/arch: amd64
tolerations:
- operator: Exists

7
packages/rke2-whereabouts/package.yaml
View File

@ -1,6 +1,5 @@
url: https://github.com/k8snetworkplumbingwg/helm-charts.git
commit: ca7c0a7549952660eab8f4b12e7ec7be133b381c
subdirectory: whereabouts
packageVersion: 03
url: local
workingDir: charts
packageVersion: 00
# whereabouts is only used as a dependency of multus
doNotRelease: true