andata
/
rke2-charts
mirror of https://git.rancher.io/rke2-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
456 Commits
5 Branches
0 Tags
39 MiB
Commit Graph

307 Commits (0ad9cba46fdbebd54835c243e686ef8321db01de)

Author SHA1 Message Date
dereknola de3c422c54 Update rke2-kube-proxy to new images for v1.19, v1.20, v1.21 
Signed-off-by: dereknola <derek.nola@suse.com>
 2021-09-16 11:31:17 -07:00
Manuel Buil e898161f65
Merge pull request #138 from manuelbuil/calico-dual-stack 
Add support for dual-stack in Calico chart
 2021-09-16 12:13:39 +02:00
Michal Rostecki 7be6855132 cilium: Fix the eni value 
The upstream Cilium chart changed the type of `eni` value to a nested
object. Adjust our rke2-cilium chart to that change.

Ref: rancher/rke2#1615

Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
 2021-09-13 09:44:44 +02:00
dereknola 3107aa319b Update kubeproxy image to v1.21.4+rke2r4 
Signed-off-by: dereknola <derek.nola@suse.com>
 2021-09-09 10:54:18 -07:00
Michal Rostecki 8e4234f309
Merge pull request #143 from vadorovsky/cilium-1.10.4 
cilium: Update to 1.10.4
 2021-09-09 00:57:30 +02:00
Canwu Yao 96dced93c4
Add harvester-cloud-provider and harvester-csi-driver (#140) 
* Add the pakcage.yaml for harvester-cloud-provider
* Add the pakcage.yaml for harvester-csi-driver
 2021-09-07 13:08:27 -07:00
Manuel Buil 5024f51679 Add support for dual-stack in Calico chart 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-09-06 17:15:49 +02:00
Michal Rostecki 3f615ba055 cilium: Update to 1.10.4 
Update Cilium from 1.9.8 to 1.10.4. Changelog:

https://github.com/cilium/cilium/releases/tag/v1.10.4

Ref: rancher/rke2#1615

Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
 2021-09-06 14:58:35 +02:00
Hussein Galal de5dd4c9f4
Upgrade kubeproxy image to v1.21.4+rke2r3 (#141) 2021-09-02 01:56:54 +02:00
Brian Downs 58d5cc6e60
update rke2 image to r2 (#139) 2021-08-29 15:40:43 -07:00
Brian Downs 88de7d4247
update k8s to v1.21.4 (#137) 
* update k8s to v1.21.4
 2021-08-24 12:36:49 -07:00
Manuel Buil 2acb4d1979 Pass featureDetectOverride 
This fixes https://github.com/rancher/rke2/issues/1541 even for
kernel version > 5.7

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-08-23 12:12:45 +02:00
Brian Downs a7d060c644
Merge pull request #135 from briandowns/update_rke2-k8s_images 
update rke2 k8s patch version 1.19.14 and 1.20.10
 2021-08-20 17:07:06 -07:00
Brian Downs c1b2275d02 update rke2 k8s patch version 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-08-20 16:49:10 -07:00
Brad Davidson fe21c2d380 Add linux nodeSelector to coredns autoscaler and nodelocal pods 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-08-20 14:05:13 -07:00
Brad Davidson 550851f5b4 add linux nodeSelectors to charts 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-08-19 11:29:56 -07:00
Manuel Buil 215dea65b9 Change the name of the CR 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-08-12 19:54:07 +02:00
Manuel Buil 9601493243 Update calico chart with the latest version 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-08-10 08:12:32 +00:00
Brad Davidson f56c44d57f Bump hardened-kubernetes to v1.21.3-rke2r2 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-08-09 21:58:28 -07:00
Brad Davidson 21ff5c1807 Bump versions for v1.19.13-rke2r2-build20210806 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-08-06 09:26:04 -07:00
Brad Davidson b96ced794f Bump versions for v1.20.9-rke2r2-build20210805 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-08-05 16:30:51 -07:00
Manuel Buil e853295c99 Increase memory resources for autoscaler 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-08-05 14:07:55 +02:00
Manuel Buil 20ec89d02a
Update rke2 calico config for Windows support (#124) 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-08-03 22:08:27 +02:00
Manuel Buil 0b61f9ec00 Update dns cache image 
The old image did not have iptables binaries in it which are needed

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-08-03 19:24:08 +02:00
Manuel Buil 0692021438 Update images to the hardened ones 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-08-02 19:40:30 +02:00
Erik Wilson 1ebb784e73
Bump ingress-nginx package version 2021-07-28 12:08:16 -07:00
Erik Wilson a830f361b2
Disable rke2-ingress-nginx service 2021-07-28 10:21:38 -07:00
Manuel Buil c9b8af1505 Modify the initImage 
* Use our mirrored busybox image
* Provide support for repos other than docker

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-07-27 11:08:32 +02:00
Manuel Buil 28dda9d869 Add nodelocal manifests 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-07-26 15:21:41 +02:00
Manuel Buil 86c0b73961 Update coredns helm version 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-07-23 11:48:33 +02:00
Manuel Buil 3d34528f6f
Merge pull request #116 from manuelbuil/coredns_autoscaler 
Activate dns autoscaler
 2021-07-23 10:17:55 +02:00
Brad Davidson 24f3bb329f Bump kube-proxy versions to GA build 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-07-21 10:49:56 -07:00
Hussein Galal f117ffb5b0
Use kubernetes image instead of kube-proxy image (#119) 2021-07-20 19:29:50 +02:00
Manuel Buil b421415617 Activate dns autoscaler 
* Add the image used by rke
* Enable it

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-07-20 11:18:17 +02:00
Hussein Galal b1cef5cf94
Update kube proxy versions (#117) 2021-07-19 18:43:49 +02:00
Manuel Buil 648dd29821 Update the Chart version too 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-07-14 20:40:33 +02:00
Manuel Buil 58ff6cb8f8 Move kube-proxy to newer images 
There is a fix in ip6tables in the new images.
New versions for 1.19, 1.20 and 1.21

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-07-14 19:25:38 +02:00
Erik Wilson 17f103cfed Update helm chart patches for ingress-nginx-3.34.0 
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
 2021-07-08 16:50:22 -07:00
Erik Wilson 86fd87c666 Bump helm chart to ingress-nginx-3.34.0 
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
 2021-07-08 16:50:22 -07:00
Manuel Buil 912b7362c7 Fix bug 
rke2-calico cni install does not honor global.systemDefaultRegistry

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-07-06 13:20:20 +02:00
Michal Rostecki ab9a260e3a multus: Make the daemonset init container privileged 
Before this change, the multus daemonset init container had troubles
with running with SELinux in enforced mode, due to lack of the
container_file_t label on the host /opt/cni/bin directory. Fix that by
making the container privileged.

Ref: rancher/rke2#746
Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
 2021-06-23 18:48:32 +02:00
Jacob Blain Christen e3b5d78bee
Revert "rke2-kube-proxy: correct package name" (#109) 
This reverts commit 073d132f79.
 2021-06-17 16:37:09 -07:00
Jacob Blain Christen 2f0573a487
rke2-kube-proxy: correct package name (#108) 
Prevent package name inference on the rke2-kube-proxy-* sub packages
from being the directory name, but instead roll up to rke2-kube-proxy.
This should address assets showing up as
- `assets/rke2-kube-proxy-1.21/rke2-kube-proxy-v1.21.2-build2021061701.tgz`
instead of
- `assets/rke2-kube-proxy/rke2-kube-proxy-v1.21.2-build2021061701.tgz`
in the index.yaml.

Part of:
- https://github.com/rancher/rke2/issues/1146 (1.18.20)
- https://github.com/rancher/rke2/issues/1136 (1.19.12)
- https://github.com/rancher/rke2/issues/1135 (1.20.8)
- https://github.com/rancher/rke2/issues/845 (1.21.2)

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-06-17 15:58:51 -07:00
Jacob Blain Christen bd42264d93
rke2-kube-proxy: v1.21.2 (#107) 
Part of https://github.com/rancher/rke2/issues/845

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-06-17 14:52:23 -07:00
Jacob Blain Christen 28cf559202
rke2-kube-proxy: v1.20.8 (#106) 
Part of https://github.com/rancher/rke2/issues/1135

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-06-17 14:45:38 -07:00
Jacob Blain Christen 8cc846489a
rke2-kube-proxy: v1.19.12 (#105) 
Part of https://github.com/rancher/rke2/issues/1136

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-06-17 14:44:31 -07:00
Jacob Blain Christen 109ab8307a
rke2-kube-proxy: v1.18.20 (#104) 
Part of https://github.com/rancher/rke2/issues/1146

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-06-17 14:43:17 -07:00
Manuel Buil 1b08559044 Remove rke2-sriov charts 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-06-16 16:29:57 +02:00
Michal Rostecki 28a8f68301
Merge pull request #102 from manuelbuil/update-canal-images 
Upgrade flannel and calico images
 2021-06-14 15:06:49 +02:00
Manuel Buil 81102df041 Upgrade flannel and calico images 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-06-14 12:13:25 +02:00
Chris Kim 034d31da6b remove nameOverride from the ingress-nginx chart 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2021-06-07 11:24:27 -07:00
Michal Rostecki 81286de9e5 cilium: Update to 1.9.8 
Update Cilium from 1.9.6 to 1.9.8. Changelogs of the last two releases:

* https://github.com/cilium/cilium/releases/tag/v1.9.8
* https://github.com/cilium/cilium/releases/tag/v1.9.7

Ref: rancher/rke2#1099
Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
 2021-06-07 18:59:31 +02:00
Manuel Buil e41a9179c3 Update Calico with the newer version 
This version fixes the problems we had:
1 - Image prefix no possible
2 - Images on 3.19.0 instead of 3.19.1

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-06-03 20:11:38 +02:00
Hussein Galal 12275df431
Add tolerations to network plugins and coredns (#98) 
* Add toleration for calico

* Add coredns tolerations

* Add multus tolerations

* Add sriov tolerations

* Add cilium tolerations

* fix sriov

* Fix coredns
 2021-05-27 21:12:25 +02:00
Michal Rostecki 4ece1471ec
Merge pull request #97 from manuelbuil/calico_update 
Update calico to 3.19
 2021-05-26 02:23:52 +02:00
Brad Davidson 991456c271 Split rke2-kube-proxy chart by release branch 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-25 14:32:27 -07:00
Manuel Buil d0a3cf2110 Update calico to 3.19 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-05-25 10:38:54 +02:00
Brad Davidson 2ddcaca3b8
[release-1.20] Do not quote kube-proxy config values of type bool (#94) 
* Set chart versions for 1.20

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-24 15:40:33 -07:00
Brad Davidson 55c01195e9 Set chart versions for 1.19 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-24 15:37:01 -07:00
Brad Davidson 46d09ceb73 Do not quote config values of type bool 
Validated against schema from
https://github.com/kubernetes/kube-proxy/blob/release-1.19/config/v1alpha1/types.go

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-24 15:37:01 -07:00
Jacob Blain Christen 15c781510b
kube-proxy: v1.21.1-build20210520 (#92) 
See rancher/rke2#845

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-05-20 17:01:55 -07:00
Jacob Blain Christen 1782f4798b
kube-proxy: v1.20.7 (#91) 
See rancher/rke2#951

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-05-20 16:51:33 -07:00
Jacob Blain Christen 4b46848ec8
kube-proxy: v1.19.11 (#90) 
See rancher/rke2#950

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-05-20 16:46:31 -07:00
Jacob Blain Christen 4571327ad0
kube-proxy: v1.18.19 (#89) 
See rancher/rke2#949

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-05-20 16:43:05 -07:00
Manuel Buil 5bd07b7b31 Revert "Fix bug when deploying with Cilium" 
This reverts commit 730b1f6398.
 2021-05-20 20:46:28 +02:00
Manuel Buil 730b1f6398 Fix bug when deploying with Cilium 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-05-19 17:07:04 +02:00
Jacob Blain Christen 80271b67d4
rke2-canal: fix use of coalesce (#85) 
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-05-12 17:28:42 -07:00
Jacob Blain Christen 98bae75a63
rke2-canal: fix for templated config (#84) 
Seeing this error at runtime:
```
Error: parse error at (rke2-canal/templates/config.yaml:63): function "Values" not defined
```

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-05-12 17:02:02 -07:00
Jacob Blain Christen 56f06d2c47
rke2-kube-proxy: v1.21.2-build20210512 (#83) 
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2021-05-12 14:44:12 -07:00
Brad Davidson 68f04dcf40 Honor .Values.global.clusterCIDR in rke2-canal 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-12 14:11:03 -07:00
Erik Wilson 84edab15a9
Bump ingress-nginx package version 2021-05-11 10:14:53 -07:00
Erik Wilson d61ab34e6f
Update for rke2 ingress-nginx CI issues 2021-05-11 10:07:23 -07:00
Erik Wilson 1e40d7c975 Bump ingress-nginx chart 
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
 2021-05-07 13:18:57 -07:00
Brian Downs 09e1932f90 Update ingress-nginx chart. 
Update package version
Convert from deployment to daemonset
Enable host port

Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-05-06 13:05:17 -07:00
Manuel Buil 62da0673f7
Merge pull request #77 from manuelbuil/cidr_global_2 
Add pod_cidr option and systemDefaultRegistry
 2021-05-05 09:11:46 +02:00
Manuel Buil d0393b2489 Add pod_cidr option and systemDefaultRegistry 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-05-04 11:13:28 +00:00
Manuel Buil 797fa74eb5
Merge pull request #75 from mrostecki/cilium-selinux 
cilium: Make the wait-for-note-init container privileged
 2021-05-04 10:26:44 +02:00
Manuel Buil b8194ba10d
Merge pull request #72 from jcaamano/sriov 
Add multus & sr-iov charts
 2021-05-04 10:25:00 +02:00
Michal Rostecki 7b841da6e9 cilium: Make the wait-for-note-init container privileged 
Before this change, wait-for-node-init container was not able to execute
properly with SELinux enabled, due to lack of ability to access the bind
mounted file. Due to lack of ability to set the container_file_t label
through Kubernetes, the other possible solution, done in this commit, is
making the container privileged. All the other containers accessing the
bootstrap file are already privileged as well, so it should not be that
harmful.

Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
 2021-05-03 19:48:58 +02:00
Manuel Buil 352b66abee
Merge pull request #76 from manuelbuil/calico 
Add the calicoctl and operator images
 2021-04-30 20:43:18 +02:00
Manuel Buil fa98b97a33 Add the calicoctl and operator images 
Consume the images from our rancher/mirrored-xxx images

Unfortunately, we can't consume the rest of the images. This feature is
unavailable

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-04-30 20:12:31 +02:00
Manuel Buil 515320182b
Merge pull request #74 from manuelbuil/calico 
Add Calico helm chart
 2021-04-30 10:55:45 +02:00
Manuel Buil 97e2c7dd55
Merge pull request #70 from mrostecki/cilium-1.9.6 
cilium: Update to 1.9.6
 2021-04-29 16:37:22 +02:00
Jaime Caamaño Ruiz b67bef6057 Add multus & sr-iov charts 
Adds charts for sriov and multus.

Details:

* Multus chart, on deployment installs number of cnis, not only multus
  itself but also other cnis ussually combined with it, like host-device
  and macvlan.
* Multus includes a CRD, NetworkAttachmentDefinition, which is the
  means to attach interfaces to pods by specifying a delegated cni for
  each.
* Multus replaces the existing cni with itself, and sets up a default
  NetworkAttachmentDefinition with that existing cni that will setup the
  first interface of the pod just as if multus was not there.
* The NetworkAttachmentDefinition CRD is included along other multus
  templates in the chart and no specific chart is setup for the CRD.
  This CRD is no consumed on deployment and is unlikely to change
  frequently.
* Sriov depends on NetworkAttachmentDefinition CRD but no dependency is
  set between Multus and Sriov. Sriov charts checks on the presence of
  NetworkAttachmentDefinition CRD via capabilities and fails deployment
  if unavailable.
* Sriov includes a number of CRDs which are setup as separate chart.
* Sriov operator depends on certificates to be able to deploy its
  webhooks. The charts depends and checks for the presence of
  cert-manager to generate these certificates. Optionally, via chart
  value, cert-manager integration can be disabled in which case the
  chart will generate certificates with 1 year validity as a means to
  quickly test or trial, but not the intended setup for production
  clusters.

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-04-29 16:05:55 +02:00
Manuel Buil d8ad84be5a Add Calico helm chart 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-04-29 16:00:13 +02:00
Jonas Falck 22324fa3fc Add ability to configure calico failsafe ports 
Made FailsafeOutboundHostPorts and FailsafeInboundHostPorts configurable
to allow users to have custom network policy for example SSH (22)

Previously failsafe rules would always have opened 22 even if user had
custom GlobalNetworkPolicy applied on the node.

Fixes https://github.com/rancher/rke2/issues/921
 2021-04-28 17:14:54 -07:00
Brad Davidson 1b4dda478d
Update coredns and kube-proxy charts to use passthrough values (#73) 
* Update coredns and kube-proxy charts to use passthrough values
* bump kube-proxy versions back to v1.21.0

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-04-27 15:58:35 -07:00
Michal Rostecki fe4f204537 cilium: generated-changes: Regenerate patches after update to 1.9.6 
This change contains only autoregenerated patches after the update of
Cilium to 1.9.6. Those patches had to be regenerated due to upstream
changes in Cilium Helm charts.

Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
 2021-04-26 18:16:21 +01:00
Michal Rostecki e2952f85f1 cilium: Update to 1.9.6 
This change updates the Cilium version from 1.9.4 to 1.9.6. This release
updates Envoy to 1.17.2 to address CVE-2021-28682, CVE-2021-28683 and
CVE-2021-29258.

Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
 2021-04-26 18:13:55 +01:00
Manuel Buil d666fe9746 Change the default ipam mode of cilium 
Cilium's default ipam mode does not honor the pod CIDR set in kube-controller-manager.
The benefits of that mode are not relevant when deploying with rke2

Fixes issue rke2/891

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-04-19 20:12:55 +02:00
Chris Kim 37bf4a2df3 Change rke2-kube-proxy to v1.20.6-build20210419 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2021-04-19 10:08:39 -07:00
Chris Kim 0dc3240167 Change rke2-kube-proxy to v1.18.18-build20210419 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2021-04-19 10:04:13 -07:00
Chris Kim 5a3e8ffe34 Change rke2-kube-proxy to v1.18.18 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2021-04-19 09:54:27 -07:00
Brian Downs f75d23a263 update kube-proxy to v1.21.0 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-04-13 10:46:59 -07:00
Manuel Buil b7d773f99a Allow users to deploy Cilium with dual stack config 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-04-09 10:32:28 +02:00
David Nuzik cef1dde9fd
Merge pull request #46 from jcaamano/main-source 
Add cilium chart
 2021-04-08 07:58:42 -07:00
Brad Davidson 87e567bead update kube-proxy version to v1.20.5-build20210405 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-04-06 10:17:30 -07:00
Jaime Caamaño Ruiz 3d1dedcf2b Add cilium chart 
The chart is organized in subcharts to clearly delimit supported vs
non-supported customization options, as follows:

- The main rke2-cilium chart which only supplies supported customization
  options through its values.yaml.
- Cilium upstream chart is pulled in as a subchart dependency and is
  patched to support a system default registry as a global variable.
- A rke2-cilium-hard-defaults subchart which supplies cilium options
  that change from upstream defaults for which we don't intend to
  support any customization.

All cilium options are scoped & accessible, for example:
`helm install rke2-cilium --set cilium.preflight.enabled=true`

Signed-off-by: Jaime Caamaño Ruiz <jcaamano@suse.com>
 2021-04-06 12:55:27 +02:00
Brad Davidson 7ca69fe3b6
Strip 'nginx-' prefix from image tags when using semverCompare (#62) 
* Revert rke2-ingress-nginx to 1.36.3
* Add trimPrefix calls to rke2-ingress-nginx daemonset manifest
* Add trimPrefix call to rke2-ingress-nginx deployment with defaultBackend disabled

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-04-05 15:47:34 -07:00
Menna Elmasry b82df0f267
update kube-proxy version to v1.18.17 (#61) 2021-03-19 00:14:31 +02:00
Menna Elmasry 544195db21
update kube-proxy version to v1.19.9 (#58) 2021-03-18 23:55:20 +02:00
Menna Elmasry 5380bf3c90
update kube-proxy version to v1.20.5 (#57) 2021-03-18 23:39:16 +02:00
Brad Davidson 491707bbeb Update flexvol path 
Update flex volume plugin dir to match new RKE2 default; make it a Value
so that it can be changed by users to match the kubelet setting if
necessary.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-03-10 11:18:48 -08:00
Brad Davidson 83ceb61b60 Update kube-proxy chart to v1.20.4-build20210302 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-03-02 12:21:57 -08:00
Arvind Iyengar 019321a949
remove execute permissions 2021-03-01 11:16:06 -08:00
Arvind Iyengar d4bda1833c
Bump all packageVersions and introduce comment 
Why do we need to bump all the packageVersions?

The new charts-build-scripts treat Chart.yaml and requirements.yaml as "managed files", which means that the scripts themselves can make changes to those files.

When the scripts touch those files (e.g. to add a new dependency based on the contents of generated-changes/dependencies or to patch a rcVersion or packageVersion to the chart), dumping back out the YAML results in slight changes due to the unmarshalling process, such as the re-ordering of annotations.

Since these minor changes comprise a change introduced by Rancher and the scripts refuse changes that modify already released packages, the simple fix for this is just to universally bump the packageVersion as part of the migration process.

As part of creating this PR, I generated these minor changes in https://github.com/aiyengar2/charts-diff/tree/rke2-charts/diff so that we can sign off that these are indeed inconsequential to the migration. For context, the process used to generate these files was:
- Pull in the current branch. Run make charts with the old scripts
- Pull in the migration branch. Run make charts with the new scripts
- Dump the diff between them in a patch file

Signed-off-by: Arvind Iyengar <arvind.iyengar@rancher.com>
 2021-02-25 18:45:59 -08:00
Arvind Iyengar 36569143f0
Migrate all packages 
Just needed to run:
```bash
REPOSITORY=https://github.com/rancher/rke2-charts BRANCH=main-source ./scripts/regenerate-packages
```

Signed-off-by: Arvind Iyengar <arvind.iyengar@rancher.com>
 2021-02-25 17:35:31 -08:00
Arvind Iyengar cb07ef8e36
Initialize basic template 
```bash
arvindiyengar: ~/Rancher/rke2-charts/src/github.com/rancher/rke2-charts
$ curl -s https://raw.githubusercontent.com/aiyengar2/charts-build-scripts/add_init_steps/init.sh > /dev/null | sh
Pulling in charts-build-scripts version v0.0.4
charts-build-scripts version v0.0.4 (567c991)
INFO[0000] Pulling rancher/charts-build-scripts[path=templates] from upstream into templates299650162
INFO[0002] Successfully pulled new updated docs into working directory.
Pulled in basic template for source into configuration.yaml and constructed charts directory
Next Steps:
1. Modify the configuration.yaml with your expected setup and re-run make docs to automatically update the repository.
2. Modify .github/workflows/pull-request.md and .github/workflows/push.md to set up automatic pushes to another branch.
```

Signed-off-by: Arvind Iyengar <arvind.iyengar@rancher.com>
 2021-02-25 17:19:38 -08:00
Erik Wilson f1dc481c57
Merge pull request #50 from rancher/update-nginx 
Upgrade ingress-nginx to 0.35
 2021-02-24 14:41:46 -07:00
Erik Wilson 4602ead17c
Upgrade ingress-nginx to 0.35 2021-02-24 13:49:07 -07:00
Erik Wilson e276402663
Update hardened images 2021-02-24 13:32:35 -07:00
Erik Wilson f6772641d1
Update kube-proxy chart to v1.18.16 (#47) 2021-02-19 10:03:31 -07:00
Erik Wilson 27cdcaa16a
Update kube-proxy chart to v1.19.8 2021-02-19 03:33:04 -07:00
Erik Wilson b40561ff50
Merge pull request #45 from erikwilson/main-source 
Remove kube-proxy default featureGates
 2021-01-25 16:00:51 -07:00
Erik Wilson 1acfb1d290
Remove kube-proxy default featureGates 2021-01-25 15:32:23 -07:00
Erik Wilson 768a019a97
Merge pull request #44 from erikwilson/main-source 
Update kube-proxy chart to v1.20.2
 2021-01-22 14:48:08 -07:00
Brad Davidson 07e578cebd Fix metricsBindAddress variable typo 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-01-22 13:35:19 -08:00
Erik Wilson fb521464ad
Update kube-proxy chart to v1.20.2 2021-01-22 13:50:55 -07:00
Brian Downs 73382aef57 update kube proxy chart for 1.19 release 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-01-14 12:02:07 -07:00
Brian Downs f0c9e5ed74 update kube-proxy k8s version 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-01-13 16:14:56 -07:00
Brad Davidson 576c3194d7 Fix CoreDNS CriticalAddonsOnly toleration 
The scheduler annotation has been unsupported since Kubernetes 1.6 so
this is long overdue.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-01-12 16:41:36 -08:00
Brad Davidson 17ceb0a979 Revert changes for coredns v1.7.1 but keep priorityClassName 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-01-08 16:58:10 -08:00
Brad Davidson cf3ffd959f Update stable charts repo URL and set priorityClassName 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-01-08 10:11:40 -08:00
Brad Davidson 53a28fdcc2 Honor data-dir when templating kubeconfig volumeMount and path 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-12-17 11:20:30 -08:00
Brad Davidson f0b07424c8 Allow customizing rke2 data-dir path for kube-proxy 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-12-16 16:40:43 -08:00
Jacob Blain Christen e5784e99f8 coredns v1.7.1 but correct this time 
Had duplicated deployment somehow.
 2020-12-14 16:49:12 -07:00
Jacob Blain Christen 67c631846a coredns: v1.7.1 
Part of rancher/rke2#345
 2020-12-14 14:32:40 -07:00
Jacob Blain Christen 319be28781 kube-proxy: remove reference to deprecated FGs 
This removes the final feature gate mentioned at
https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/
as being depreated in 1.19.
 2020-12-11 17:20:34 -07:00
Jacob Blain Christen f311fc7216 kube-proxy: remove DynamicAuditing feature gate 
This was removed in 1.19

Part of rancher/rke2#485 (updates #32)
 2020-12-11 17:00:43 -07:00
Jacob Blain Christen f2cc3f14d8 kube-proxy: v1.19.5 2020-12-11 13:35:31 -07:00
Brian Downs df9d0a34b8 update kube-proxy for rke2 upgrade 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-12-10 14:40:42 -07:00
Brian Downs c2f5c81940 update coredns to create a service account 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-12-07 13:56:07 -07:00
Chris Kim 4000184fd7 Bump rke2-kube-proxy to v1.18.12 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-11-16 08:58:10 -08:00
Brad Davidson 5c9a8f08b3 kube-proxy v1.18.10 
Bump kube-proxy to v1.18.10 for rancher/rke2#484

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-15 15:21:04 -07:00
Brian Downs b18a786a27 change hardenedflannel image version 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-10-05 11:26:33 -07:00
Menna Elmasry 4b1c166ad6
pull ingress controller image from default registry (#22) 
* pull ingress controller image from default registry
 2020-09-25 20:55:19 +02:00
Jacob Blain Christen ba54d84eff kube-proxy v1.18.9 
Bump kube-proxy to v1.18.9 as part of rancher/rke2#343
 2020-09-24 23:21:25 -07:00
Brad Davidson 92a0565b52 Add command for flexvol-driver initcontainer 
Related to https://github.com/rancher/rke2/issues/234

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-09-18 15:28:11 -07:00
Brian Downs 7c6b908bd6 update repository names to point to new hardened repositories 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-09-11 19:31:33 -07:00
Brian Downs ed9a58b42d update kube-proxy to 1.18.8 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-09-09 21:30:53 -07:00
Menna Elmasry eb8756072b
use rancher nginx controller/backed images instead of upstream (#17) 
* use rancher nginx controller/backed images instead of upstream

* trim nginx- prefix from semver check

* remove ingress-nginx tar asset
 2020-09-09 23:34:16 +02:00
Brian Downs 826716b799 remove incorrect list value from yaml 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-09-08 13:10:54 -07:00
Brian Downs b56ce5d48b remove charts dir 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-09-08 12:42:02 -07:00
Brian Downs bbdaeb0a9f update files to autopopulate patch 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-09-08 12:34:34 -07:00
Brian Downs 741f0188dd add preferred address type ip to metrics server 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-09-04 17:50:53 -07:00
Chris Kim 308e2ed97a Disable XDP in canal 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-08-26 16:20:52 -07:00
Chris Kim e4c89e5290 Add FELIX_IPTABLESBACKEND=auto 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-08-25 17:30:54 -07:00
Menna Elmasry 38b0316832
add private registry support for rke2-charts (#13) 
* allow private registry

* add pull image from private registry

* delete old assets

* add newline at the end of _helpers.tpl files

* standardize image fields

* add system default registry to ingress-nginx
 2020-08-21 20:56:13 +02:00
Menna Elmasry acd272dd7c
remove_spaces (#12) 
* remove_spaces

* delete .tgz file
 2020-08-19 20:26:49 +02:00
Menna Elmasry 53cbc86e9c
Enable prometheus metrics (#9) 
* Enable prometheus metrics
 2020-08-19 19:07:58 +02:00
Brian Downs 60a5b2d50c
Merge pull request #7 from briandowns/update_image_location 
update image repository
 2020-08-17 14:01:56 -07:00
Brian Downs e6f0b74393 pr comment remediation 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-08-17 12:20:49 -07:00
Brian Downs 938a98530e update image repository 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-08-17 12:14:21 -07:00
Jacob Blain Christen 74eb43e5ad canal: fix configmap reference 
Fixes #4
 2020-08-17 10:46:15 -07:00
Menna Elmasry 73a1e9c8e7
change k8s-app to kube-dns (#3) 
* change k8s-app to kube-dns
 2020-08-14 23:08:09 +02:00
Menna ca6f29a0c4 fix chart name in patch 2020-08-12 22:28:44 +02:00
Menna 4f6fb63640 add rke2 packages 2020-08-12 20:08:12 +02:00