From efef93a362789e5923a2713d2765529b92edea7d Mon Sep 17 00:00:00 2001
From: actions <actions@github.com>
Date: Mon, 19 Apr 2021 17:18:12 +0000
Subject: [PATCH] Merge pull request #68 from Oats87/issues/rke2/843

Change rke2-kube-proxy to v1.20.6-build20210419
---
 ...ke2-kube-proxy-v1.20.6-build2021041901.tgz | Bin 0 -> 4326 bytes
 .../v1.20.6-build2021041901/Chart.yaml        |  12 ++
 .../templates/NOTES.txt                       |   2 +
 .../templates/_helpers.tpl                    |  21 +++
 .../templates/config.yaml                     |  69 +++++++++
 .../templates/daemonset.yaml                  |  78 ++++++++++
 .../templates/rbac.yaml                       |  12 ++
 .../templates/serviceaccount.yaml             |   5 +
 .../v1.20.6-build2021041901/values.yaml       | 142 ++++++++++++++++++
 index.yaml                                    |  16 ++
 10 files changed, 357 insertions(+)
 create mode 100755 assets/rke2-kube-proxy/rke2-kube-proxy-v1.20.6-build2021041901.tgz
 create mode 100755 charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/Chart.yaml
 create mode 100755 charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/NOTES.txt
 create mode 100755 charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/_helpers.tpl
 create mode 100755 charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/config.yaml
 create mode 100755 charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/daemonset.yaml
 create mode 100755 charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/rbac.yaml
 create mode 100755 charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/serviceaccount.yaml
 create mode 100755 charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/values.yaml

diff --git a/assets/rke2-kube-proxy/rke2-kube-proxy-v1.20.6-build2021041901.tgz b/assets/rke2-kube-proxy/rke2-kube-proxy-v1.20.6-build2021041901.tgz
new file mode 100755
index 0000000000000000000000000000000000000000..79d9ae7c9590f2ec3123ed3a3af6ad4e4ee5a833
GIT binary patch
literal 4326
zcmV<C5E<_uiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PK8ibK5qya6j``oJsnO?RhMUl3&ttHapjGlCGysqHCw^hfXI0
zkw+pb5MTgMwl?eke&+xrMN*QTG`Z>QUZXR$1mL{j;Jo1gieBJ&uqdZED73m+4bL;C
zZMb5&_~whXD2k%f<74+XilYAC=r|gGGdhlro*W&WoQ#jZiAKkx<Iy(|eK{6(x6)Xq
zzllDZR)2B-CXE&R7u1F;8N+fEu%c*v4aZS<8l-3v%?s-~FQl<d2>7v_B1}kS!eD``
zYo${Y2Lo8EQjjw)E#nfk8^N4$5ko=>X8ubvnPjNLMCAd1WI4ug>HFX(HZ_6o>Zxa7
zRH+km_%dq?6Ay=TZnJVqh=vu?p@Z^-f@N<xgK5b{I*!Jp=y>#fGz$Le9r$Zo-~N|O
zlxV)J1GwA%M@Qq+qrUwgkD>?r{~B#D7zDv%;5nNk%#?Np>}}2U#Q}iELK$wAUd2$G
zSjKdU64SPE0$4WRVQ56;ZH90$0hXp3jd9d$hTwp~pkAT|tNbTW5`xFDZ_rZTUKG0j
z_8b&Bpo_`!7`U{kXDmSjOs23G$DIkMtqBLgl*{zY(~hCSM{Hfp!0Hkq5y)g&052??
ziV7t!mIicLf5jVa!=RcOL%pi=i|3alnmK}+L7`FuT)M?2qBItDNQ?P3LkWqJGd?dh
zriWlPo6UFv2BljigDccao-|-2u9;RjsL~pqBG`<Zics(vuDK8}MaY?XU!rCyrjE-F
zUI*`3A_@}l#-f%?5Q3i+OP?{pWa4Sn2ve>xv6vDFtwN(IFtL2u;fzaTk)=V^MM8*S
z6otoQ676twT8pP(Hmgz9>t_^CV8#W8f$#I;{D-;*HM1>ARWoTBgn$*i(iIW~&NP|~
z(-2;j#uD#yjf@zy8Iusz$gfs1nV{w>jbU_>M<$>FX*Ek0q~nj_6}#binS(6zDQeos
z*Jp2u2}vtg(#g-whXOU6Pkx3(X@vcV1_ZJtI{pODxdmnhywae#q-hPcLC)nt7y#t#
zW`g=$X^i1${N(gI&jy!0HX2AkX*EZ`kwU11Sv&-dbEZ>47S*0S$l1-HKt1qGk{xXy
zd%Bx{&nA~KjE+Xpld)rvq+)rFs<h75-kwi7QmPdH{HHfpFW&uncJUUBWfsXhB*j|~
zcrKK|Um3SCjIxM!gD_vD0z0VDkR@{3-wiTtv3q7a6ke=BV;CQMBEe&LrO1jDl*au@
z(PCnOWGQO134G^I)JN03UY-GoP|aY0tEVnXLczE;q-Pd<jx<G>A+x1Mm@|u}@<m0)
zhImt;<~d5sL_NvGLG|een!R=>Ehl-+Z3czXwsDskGGQ}FGE5d*yyh0C8IPjz$>}|=
z^S3zueapm-3k~54Enr^Ql@lH}<S4_yv-HnrTO6!MNejzR6itMwA_n#OWnaudDmiet
z54|69TSWfOSk2`em;s)mw0y=B?-MEqM7!cVLt;xNAXCOt_812Br#DN~n){usy}LL1
ziy4%Lkh?%c8`pS$$KfGdk-n2KI!<-TxA|%V`;K9$$k_5+NwETnm|}Y148C^LXF|mA
zkqpqll-qidv+JDc1(<>*PJ`XIf+Y*I<PP7L+zHFEP0F)&jP$KCP9H&jiw@yv^n2K0
z?U^&mW5*onVqW<prv^(Vh>xuC(S)pF*oVo4Nut(xX4*HDX`#5ZUe}BloT0M-@v)EL
zJcPXyvv&x4qn!Rf&c@?>ul7G}=e=gE^4HrL>oLW2o1;4j?hGRUrp3h(c@xSFyc(Uk
z?Pddm1=EZIr{KnI83n~X1J@Z(vPxP@zqK4Sm`s%-b^2menPhP7QUppbXcNl<E+)TR
z`85y=c$0`S#dDtOit@*9(ei6=k0WW44AWAO7*_@Q)%kQUCqK-Mn?|y&C;C;rkhFQu
z@DmGXmlK#$hG?zx1G;!u1y!qH<ank&CZ#H+w+aeX9{NldpP)3$|4oIdnP`VNPBG7I
zaxcIgLO;NT_w2+v__Y??rnQX>uo*F}F+sj`(uJ27uPcZ0r+AogS+lX5i=UrQYNz$-
zM9Q>TXb=R6;3(~Rv!ocR=BPg_wXt=;zs@*i7)&f^r7pBmFwzn!ST~7f0QA{GQa<bO
zoGWQvmQH%CX3o>1v1XmS*U+H{uK?bz3iNXL@5$At^YOkgF`PK~NtHy?OrO)b?Ae2}
z(q>BYf7WqvrgZK<?^~z#E<(AK(M>Qeo0+blH98Y)?&Q0s5W{fE^ic3=r?xU=bCh=2
z92LVggv+ruGHFAjsevilYeWe`&0!`=lc5QOn!luvFP%tbvWnrv1VNn()rn9Q{(fA`
z>1=XQ=Rf<ZityyYR^Zb!E?X-(2>dEPGRex3oQL_yQz<1m$KQWsg4LV&Q3+PXPA9<{
zjh{H`BagJoQGKdp1SKYF<|R>wA3DSFncwqj>HaW5I!P?ORw+)Dw#FS-fAO$6TakNP
zGQm?4+El1yVJZ_Hh2!ujjE3Xm!|L<#@MwGxItiyZW2LCq(_wA@x8DySM<yHkBo3d3
zH>`z$R4LNFoYh@%y?aXK14GA`0Zad=HoTi$QlLrDn6O#M&OB%^ilXQc=>NY5O66CC
z_$>V+hQasWf8VYVploup85gu3$^@@*y52?7kztC{ay~3*8e~kSg8V`Q6bFH0(L07;
z-R88yqL)Yvd!<3`61_dxS0Y7y07}DNo!jie{>&+L-Mut>VUt!)1(S=zDvL&#qOk+E
zWL&t=>dEaVrPe5|STzaL!5Tv+x$^+daR^r%=$||@b$tla(mF7+G8Xea<8dv>WCbzV
zpsUKVKG1S$O3JOtkstb;pNVU>GB9I87?{%Gx2hjBGVvU_6od|G!DG0r3ow-TJ9{>;
zKgBthq|^hHDg8YJ%C|`bWbjHuGvoiO+00PX<C1cEzQhBv19!lytRPX+lsTs4T$E0|
zYgiYsNVThTf-|9u8SIzR+Z`v7MTbN&8bk-Q7+En{mt8cIsmjF)l1v$tv^JXH*41c!
zp>fGo*@)1oy*KccD&d;>cw{K8$#|Ngti73I=?$GpY#UF`rP2*HZk%0mIiHo{5R}bO
zH*SRZq-1sK>{VT38dhBSfJ4xK%h?}F|2_Ph!~6F`AV(3y-Y6WM?s>;hl)6v`y-(++
z1)Q^mt85uM3DI)0x-6jz5=AMwca2h65;pf*D)GjGMuE&AEt-68nsSPDOw`LiB*dDz
z1-T?`iq0XGy3pKU>eEx3;mRpxfjVc>8;8bRE&Z<ha+s&&b0^Y|Fd%vV!-@NqC-+k6
z`YNTaYY9aOmh?#<r9kUMtkHo578X>2vQC1=CsFS5ps}HJlj7_4jMHx|D+<9AXXB(8
zPB#Z+Ax|6230eshIP}EeL~}aW)@sm7At-#kFS%XcrBp7_8Oyci)^Abm@4JP&N_U+3
z(q2=}vM!}M=yM0~R>i?ws3{Y%OP<MtJohLsan6m^s~8?V`agbQ^Mzag{>Nfo2xid?
zU%z?#;wrQ^_Oof+cmEq5N4@)>lhcR$->=htT<1#}qXZp&S&a!n&i%pI{=?gD`+t|A
zC{UZw7N2<)e2@K)Mkh~t_J4YEeEeYlU!#5aFrc{2CBh>ga^F>9{GG0X?jso7-Uc+0
z&mi=Nsn7@NaBGxq<`<Mw%;3@gGs8!p28qI8^X1W+1C;63&-D^Wo!_O*vUe%hcQH;A
zpEJvzbG?P#4Q{th@A9~{Q1bDNH?@>^>zc)%=l_lZ&8IJIn^^iqw-$jrm;6_&`$Oxs
z-TvS2=9hR0bdUc(IU1ex{r}O)(S!g08f`Eb1id$a<UZ*HRw)4eiQ!*^0KgTto2hH>
zQq5d^XF{%q%aObC9yx%{qni&O8VAzqhkwEQQdxxCTL-dH&<}h)pCt(vwpCZ}V%%^^
zoAdjW0H(gke-|1zWet(E>iT!WwI*)TZI{?TeDDRQbY~a{HxamtfxF1RFAUt?LM74G
z1Dy^~)8C>{!E8L6X#@5Ko2_d<siD?><I;uq^TPFn_1fHvlkKy)Tu-w}(YzyR${Ab1
zw#?j=s7;F2qmg?NZqDta+;~RPLe(4VgZeV_q^TFTL3?9;&~0xqTF{%r8wfTYO|-##
zgMHxk>k7aBohJ`1O!dsLGi7sIdM^|1#_)`{ES2nPwq<tv!n&h$JCyxC$PXV}deeM2
z_n<KwIO>N4ZtJTn{)^|ArU$<?VS98_R{a$(|I})CLv5_IxwYTGu)g`<;Ig`xznpA=
zs)x2f-NEjrM7PSqCdJF<a=K&q>+VhDJD~cq*iLU7vAZb!88Yi??s{6g!rLdaZGM-`
zg3B~^SFP@a|9QKf>n3cwk8F|I9PaOD-gk&Tk;u3BLRno(uI~UrmO{9(&Rty#TdTiD
zv%W~#B-@PjY2Q`UZ=<<mULR$d78j|&ZM)Ojm>y8)nPA{IY*5`^!nX@t9m2Q%4m5t+
zplbtlcA5a-_SVs^z^dW;s8)Tw=F(r?HO|S!p66GWG0d1SSanOZ*Gey5yPs@4dQ@Ai
z`>n<=yl{P9r@Sh?VnvXnWp$=0*c3&zFjf>XbRL!aUxI9OxvPw--xm`ePM4qFcAx)J
zhPjdkKmXTY_niNZqbL2}e?5s#AL@T!rL_-qtSHQIIjT(cx!eCMv^!08@tqlbj=7ow
z6L;0;UKA+pvF6Ms*-tGpy9m{)8rLDIVUn8YVAzENpk|^vzBE5r^F0Iquv4aML<1O>
zMi1RvmEn}jVGp67GZ^?Y($l6c*fO%#$+`nlXV-)JIn&c`_g}wx{^H&1vsW(;nyDz4
zZFaoCn|aL$_^a2KTIF%86JW+sq?b7B_I3~V%TaI80Zo|AVkfeY!ZJDhW}5%G5XF>w
zWA3OZhj4q_&Pxb3T>s99qSMB(W%G3ytLRNiAtp-jWEI23?6tBJjRvJ{W^K{NDmr0O
zYHnAqK5%2(vM4lPa)EP9WB2N(8Coh)=J-mL(wg=T<kaJ3vt_$mn0Ip1!O;<6ucA$Y
z^VQuAv^2ANgts2j$kI1bta>Zy@~lfays1tnLM4k0)YagiGuXvJYt9v={AL4O@abT4
zY%6Q2H1&R-`|89?u1&pIGLY9k+2}x#GG2AO2vkKD|5h;MYN!k`BFmeg*=6MvKrmx`
z>f+UPK-dO}=9VW+1U0i1Cv45znR}kpKL&X$m9`I>?qIvd!H4E-<DU+lB?$?1i-L3~
zyxy)w7In_0OVWSPEJ1%Fy7EsiV>pWHc}k$q<y&rUfh6&2&1Y$<q@lfOWT^^*Q96bf
zH{4j$0PYy@rqUunTjx}zZD@Z^-L0#=HF@Sv{U20CtXHgvKgI}m4BW;0U8dvNe8~mA
z(dX`|PLI+StGbicb`#qnjjqj=ManE*S<NiYS01-kLU1|%*$uS{c0bGJnP3b)40sxs
zZGeYl`#+-X&j0n4C12)u;P?Lf595CRe;P$k9`gUM(b_qm+wsmX3D#FS_4(b$<Vz*+
z8J8)S^UmpD?TBL+M62I91zHKL5>8g|AG9iqJIDof1*%1@LGEL87riN`e_&$$KS1Fi
zuQ~zqp@^`v?Y93a=U`rhpW_Mcv;Wai&;G~JX!LOZ`&HUjbLkxfH!b|Zjvm@WduR{s
U-@W}$00030|J@J11prO}0D``bP5=M^

literal 0
HcmV?d00001

diff --git a/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/Chart.yaml b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/Chart.yaml
new file mode 100755
index 0000000..4a53eb4
--- /dev/null
+++ b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/Chart.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+appVersion: v1.20.6
+description: Install Kube Proxy.
+keywords:
+- kube-proxy
+maintainers:
+- email: charts@rancher.com
+  name: Rancher Labs
+name: rke2-kube-proxy
+sources:
+- https://github.com/rancher/rke2-charts
+version: v1.20.6-build2021041901
diff --git a/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/NOTES.txt b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/NOTES.txt
new file mode 100755
index 0000000..2da0e24
--- /dev/null
+++ b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/NOTES.txt
@@ -0,0 +1,2 @@
+Kube-proxy has been installed.
+
diff --git a/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/_helpers.tpl b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/_helpers.tpl
new file mode 100755
index 0000000..cb64d1f
--- /dev/null
+++ b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/_helpers.tpl
@@ -0,0 +1,21 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+{{- define "rke2_data_dir" -}}
+{{- if .Values.global.rke2DataDir -}}
+{{- printf "%s" .Values.global.rke2DataDir -}}
+{{- else -}}
+{{- "/var/lib/rancher/rke2" -}}
+{{- end -}}
+{{- end -}}
+{{- define "kubeproxy_kubeconfig" -}}
+{{- if .Values.global.rke2DataDir -}}
+{{- printf "%s/agent/kubeproxy.kubeconfig" .Values.global.rke2DataDir -}}
+{{- else -}}
+{{- printf "%s" .Values.clientConnection.kubeconfig -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/config.yaml b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/config.yaml
new file mode 100755
index 0000000..536a12a
--- /dev/null
+++ b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/config.yaml
@@ -0,0 +1,69 @@
+---
+apiVersion: v1
+data:
+  config.conf: |-
+    apiVersion: kubeproxy.config.k8s.io/v1alpha1
+    bindAddress: {{ .Values.bindAddress | quote }}
+    clientConnection:
+      acceptContentTypes: {{ .Values.clientConnection.acceptContentTypes | quote }}
+      burst: {{ .Values.clientConnection.burst }}
+      contentType: {{ .Values.clientConnection.contentType | quote }}
+      kubeconfig: {{ include "kubeproxy_kubeconfig" . | quote }}
+      qps: {{ .Values.clientConnection.qps }} 
+    clusterCIDR: {{ .Values.clusterCIDR | quote }} 
+    configSyncPeriod: {{ .Values.configSyncPeriod }}
+    conntrack:
+      maxPerCore: {{ .Values.conntrack.maxPerCore }}
+      min: {{ .Values.conntrack.min }}
+      tcpCloseWaitTimeout: {{ .Values.conntrack.tcpCloseWaitTimeout | quote }}
+      tcpEstablishedTimeout: {{ .Values.conntrack.tcpEstablishedTimeout | quote }}
+    detectLocalMode: {{ .Values.detectLocalMode | quote }}
+    enableProfiling: {{ .Values.enableProfiling | quote }}
+    healthzBindAddress: {{ .Values.healthzBindAddress | quote }}
+    hostnameOverride: {{ .Values.hostnameOverride | quote }}
+    iptables:
+      masqueradeAll: {{ .Values.iptables.masqueradeAll | quote }}
+      masqueradeBit: {{ .Values.iptables.masqueradeBit }}
+      {{ if .Values.iptables.minSyncPeriod }}
+      minSyncPeriod: {{ .Values.iptables.minSyncPeriod }}
+      {{ end }}
+      syncPeriod: {{ .Values.iptables.syncPeriod }}
+    ipvs:
+      excludeCIDRs: {{ .Values.ipvs.excludeCIDRs | quote }}
+      {{ if .Values.ipvs.minSyncPeriod }}
+      minSyncPeriod: {{ .Values.ipvs.minSyncPeriod }}
+      {{ end }}
+      scheduler: {{ .Values.ipvs.scheduler | quote }}
+      strictARP: {{ .Values.ipvs.strictARP | quote }}
+      syncPeriod: {{ .Values.ipvs.syncPeriod }}
+      {{ if .Values.ipvs.tcpFinTimeout }}
+      tcpFinTimeout: {{ .Values.ipvs.tcpFinTimeout }}
+      {{ end }}
+      {{ if .Values.ipvs.tcpTimeout }}
+      tcpTimeout: {{ .Values.ipvs.tcpTimeout }}
+      {{ end }}
+      {{ if .Values.ipvs.udpTimeout }}
+      udpTimeout: {{ .Values.ipvs.udpTimeout }}
+      {{ end }}
+    kind: KubeProxyConfiguration
+    metricsBindAddress: {{ .Values.metricsBindAddress | quote }}
+    mode: {{ .Values.proxy.mode | quote }}
+    nodePortAddresses: null
+    oomScoreAdj: {{ .Values.oomScoreAdj }}
+    portRange: {{ .Values.proxy.portRange | quote }}
+    showHiddenMetricsForVersion: {{ .Values.showHiddenMetricsForVersion | quote }}
+    udpIdleTimeout: {{ .Values.udpTimeout | quote }}
+    featureGates:
+    {{- range  $key, $value := .Values.featureGates }}
+      {{ $key }}: {{ $value }}
+    {{- end }}
+    winkernel:
+      enableDSR: false
+      networkName: ""
+      sourceVip: ""
+kind: ConfigMap
+metadata:
+  labels:
+    app: kube-proxy
+  name: kube-proxy
+  namespace: kube-system
diff --git a/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/daemonset.yaml b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/daemonset.yaml
new file mode 100755
index 0000000..1267df8
--- /dev/null
+++ b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/daemonset.yaml
@@ -0,0 +1,78 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  labels:
+    k8s-app: kube-proxy
+  name: kube-proxy
+  namespace: kube-system
+spec:
+  selector:
+    matchLabels:
+      k8s-app: kube-proxy
+  template:
+    metadata:
+      labels:
+        k8s-app: kube-proxy
+    spec:
+      containers:
+      - command:
+        - /usr/local/bin/kube-proxy
+        - --config=/var/lib/kube-proxy/config.conf
+        - --hostname-override=$(NODE_NAME)
+        env:
+        - name: NODE_NAME
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: spec.nodeName
+        image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+        imagePullPolicy: IfNotPresent
+        name: kube-proxy
+        securityContext:
+          privileged: true
+        volumeMounts:
+        - mountPath: /var/lib/kube-proxy
+          name: kube-proxy
+        - mountPath: {{ template "rke2_data_dir" . }}/agent
+          name: rke2config
+          readOnly: true
+        - mountPath: /run/xtables.lock
+          name: xtables-lock
+        - mountPath: /lib/modules
+          name: lib-modules
+          readOnly: true
+      dnsPolicy: ClusterFirst
+      hostNetwork: true
+      nodeSelector:
+        kubernetes.io/os: linux
+      priorityClassName: system-node-critical
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      serviceAccount: kube-proxy
+      serviceAccountName: kube-proxy
+      terminationGracePeriodSeconds: 30
+      tolerations:
+      - key: CriticalAddonsOnly
+        operator: Exists
+      - operator: Exists
+      volumes:
+      - hostPath:
+          path: {{ template "rke2_data_dir" . }}/agent
+          type: ""
+        name: rke2config
+      - configMap:
+          name: kube-proxy
+        name: kube-proxy
+      - hostPath:
+          path: /run/xtables.lock
+          type: FileOrCreate
+        name: xtables-lock
+      - hostPath:
+          path: /lib/modules
+          type: ""
+        name: lib-modules
+  updateStrategy:
+    rollingUpdate:
+      maxUnavailable: 1
+    type: RollingUpdate
diff --git a/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/rbac.yaml b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/rbac.yaml
new file mode 100755
index 0000000..d98f84c
--- /dev/null
+++ b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/rbac.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: rke2:node-proxier
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:node-proxier
+subjects:
+- kind: ServiceAccount
+  name: kube-proxy
+  namespace: kube-system
diff --git a/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/serviceaccount.yaml b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/serviceaccount.yaml
new file mode 100755
index 0000000..59408a2
--- /dev/null
+++ b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: kube-proxy
+  namespace: kube-system
diff --git a/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/values.yaml b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/values.yaml
new file mode 100755
index 0000000..3297386
--- /dev/null
+++ b/charts/rke2-kube-proxy/rke2-kube-proxy/v1.20.6-build2021041901/values.yaml
@@ -0,0 +1,142 @@
+---
+
+# image for kubeproxy
+image:
+  repository: rancher/hardened-kube-proxy
+  tag: v1.20.6-build20210419
+
+# The IP address for the proxy server to serve on 
+# (set to '0.0.0.0' for all IPv4 interfaces and '::' for all IPv6 interfaces)
+bindAddress: 0.0.0.0
+
+# If true cleanup iptables and ipvs rules and exit.
+cleanup: 
+
+# The CIDR range of pods in the cluster. 
+# When configured, traffic sent to a Service cluster IP from outside this range 
+# will be masqueraded and traffic sent from pods to an external 
+# LoadBalancer IP will be directed to the respective cluster IP instead
+clusterCIDR: 10.42.0.0/16
+
+# The path to the configuration file.
+config: 
+
+# How often configuration from the apiserver is refreshed. Must be greater than 0.
+configSyncPeriod: 15m0s
+
+conntrack:
+  # Maximum number of NAT connections to track per CPU core (0 to leave the limit as-is and ignore conntrack-min).
+  maxPerCore: 32768
+  # Minimum number of conntrack entries to allocate, regardless of conntrack-max-per-core (set conntrack-max-per-core=0 to leave the limit as-is).
+  min: 131072
+  # NAT timeout for TCP connections in the CLOSE_WAIT state
+  tcpTimeoutCloseWait: 1h0m0s
+  # Idle timeout for established TCP connections (0 to leave as-is)
+  tcpTimeoutEstablished: 24h0m0s
+
+# Mode to use to detect local traffic
+detectLocalMode: 
+
+# A set of key=value pairs that describe feature gates for alpha/experimental features:
+featureGates: 
+
+# The IP address with port for the health check server to serve on
+# (set to '0.0.0.0:10256' for all IPv4 interfaces and '[::]:10256' for all IPv6 interfaces). Set empty to disable.
+healthzBindAddress: 0.0.0.0:10256
+
+# help for kube-proxy
+help: 
+
+# If non-empty, will use this string as identification instead of the actual hostname.
+hostnameOverride: 
+
+iptables:
+  # If using the pure iptables proxy, SNAT all traffic sent via Service cluster IPs (this not commonly needed)
+  masqueradeAll: 
+  # If using the pure iptables proxy, the bit of the fwmark space to mark packets requiring SNAT with. Must be within the range [0, 31].
+  masqueradeBit: 14
+  # The minimum interval of how often the iptables rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m').
+  minSyncPeriod: 
+  # The maximum interval of how often iptables rules are refreshed (e.g. '5s', '1m', '2h22m'). Must be greater than 0.
+  syncPeriod: 30s
+
+ipvs:
+  # A comma-separated list of CIDR's which the ipvs proxier should not touch when cleaning up IPVS rules.
+  excludeCidrs:
+  # The minimum interval of how often the ipvs rules can be refreshed as endpoints and services change (e.g. '5s', '1m', '2h22m').
+  minSyncPeriod: 
+  # The ipvs scheduler type when proxy mode is ipvs
+  scheduler:
+  # Enable strict ARP by setting arp_ignore to 1 and arp_announce to 2
+  strictArp: 
+  # The maximum interval of how often ipvs rules are refreshed (e.g. '5s', '1m', '2h22m'). Must be greater than 0.
+  syncPeriod: 30s
+  # The timeout for idle IPVS TCP connections, 0 to leave as-is. (e.g. '5s', '1m', '2h22m').
+  tcpTimeout: 
+  # The timeout for IPVS TCP connections after receiving a FIN packet, 0 to leave as-is. (e.g. '5s', '1m', '2h22m').
+  tcpfinTimeout:
+  # The timeout for IPVS UDP packets, 0 to leave as-is. (e.g. '5s', '1m', '2h22m').
+  udpTimeout:
+
+
+clientConnection:        
+  # Burst to use while talking with kubernetes apiserver
+  apiBurst: 10
+  # Content type of requests sent to apiserver.
+  apiContentType:
+  # QPS to use while talking with kubernetes apiserver
+  qps: 5
+  # Path to kubeconfig file with authorization information (the master location is set by the master flag).
+  kubeconfig: /var/lib/rancher/rke2/agent/kubeproxy.kubeconfig
+
+# Maximum number of seconds between log flushes
+logFlushFrequency: 5s
+
+
+
+# The address of the Kubernetes API server (overrides any value in kubeconfig)
+master: 
+
+# The IP address with port for the metrics server to serve on 
+# (set to '0.0.0.0:10249' for all IPv4 interfaces and '[::]:10249' for all IPv6 interfaces). Set empty to disable.
+metricsBindAddress: 127.0.0.1:10249
+
+# A string slice of values which specify the addresses to use for NodePorts. 
+# Values may be valid IP blocks (e.g. 1.2.3.0/24, 1.2.3.4/32). The default empty string slice ([]) means to use all local addresses.
+nodeportAddresses:
+
+# The oom-score-adj value for kube-proxy process. Values must be within the range [-1000, 1000]
+oomScoreAdj: -999
+
+# If true enables profiling via web interface on /debug/pprof handler.
+profiling:
+
+proxy:
+  # Which proxy mode to use: 'userspace' (older) or 'iptables' (faster) or 'ipvs'. 
+  # If blank, use the best-available proxy (currently iptables). 
+  # If the iptables proxy is selected, regardless of how, but the system's 
+  # kernel or iptables versions are insufficient, this always falls back to the userspace proxy.
+  mode:
+# Range of host ports (beginPort-endPort, single port or beginPort+offset, inclusive) 
+# that may be consumed in order to proxy service traffic. 
+# If (unspecified, 0, or 0-0) then ports will be randomly chosen.
+  portRange:
+
+# The previous version for which you want to show hidden metrics. 
+# Only the previous minor version is meaningful, other values will not be allowed.
+# The format is <major>.<minor>, e.g.: '1.16'. The purpose of this format is make 
+# sure you have the opportunity to notice if the next release hides additional metrics, 
+# rather than being surprised when they are permanently removed in the release after that.
+showHiddenMetricsForVersion:
+
+# How long an idle UDP connection will be kept open (e.g. '250ms', '2s'). 
+# Must be greater than 0. Only applicable for proxy-mode=userspace
+udpTimeout: 250ms
+
+# Print version information and quit
+version: 
+
+# If set, write the default configuration values to this file and exit.
+writeConfigTo:
+global:
+  systemDefaultRegistry: ""
diff --git a/index.yaml b/index.yaml
index 3557f2b..a4616ed 100755
--- a/index.yaml
+++ b/index.yaml
@@ -320,6 +320,22 @@ entries:
     urls:
     - assets/rke2-kube-proxy/rke2-kube-proxy-v1.21.0-build2021041301.tgz
     version: v1.21.0-build2021041301
+  - apiVersion: v1
+    appVersion: v1.20.6
+    created: "2021-04-19T17:18:12.689949065Z"
+    description: Install Kube Proxy.
+    digest: 821c3efd387abacafa6c84900a2d2885bd7429cec073393c5d40712c10dd2005
+    keywords:
+    - kube-proxy
+    maintainers:
+    - email: charts@rancher.com
+      name: Rancher Labs
+    name: rke2-kube-proxy
+    sources:
+    - https://github.com/rancher/rke2-charts
+    urls:
+    - assets/rke2-kube-proxy/rke2-kube-proxy-v1.20.6-build2021041901.tgz
+    version: v1.20.6-build2021041901
   - apiVersion: v1
     appVersion: v1.20.5
     created: "2021-04-06T17:18:45.105546562Z"