From 1ec1bf84480153876e515a22d0604990948b27f6 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Thu, 29 Aug 2024 12:49:31 +0000 Subject: [PATCH] feat: set network pullpolicy to Never, fix for cert-manager on AWS, doc updates --- charts/kubezero-ci/README.md | 4 ++-- charts/kubezero-istio-gateway/README.md.gotmpl | 5 ++--- charts/kubezero-network/templates/multus/daemonset.yaml | 3 +++ charts/kubezero-network/values.yaml | 3 ++- charts/kubezero/templates/addons.yaml | 1 + 5 files changed, 10 insertions(+), 6 deletions(-) diff --git a/charts/kubezero-ci/README.md b/charts/kubezero-ci/README.md index a231de32..abd25b13 100644 --- a/charts/kubezero-ci/README.md +++ b/charts/kubezero-ci/README.md @@ -1,6 +1,6 @@ # kubezero-ci -![Version: 0.8.15](https://img.shields.io/badge/Version-0.8.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.8.16](https://img.shields.io/badge/Version-0.8.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) KubeZero umbrella chart for all things CI @@ -22,7 +22,7 @@ Kubernetes: `>= 1.25.0` | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://charts.jenkins.io | jenkins | 5.5.8 | | https://dl.gitea.io/charts/ | gitea | 10.4.0 | -| https://docs.renovatebot.com/helm-charts | renovate | 37.440.7 | +| https://docs.renovatebot.com/helm-charts | renovate | 38.57.0 | # Jenkins - default build retention 10 builds, 32days diff --git a/charts/kubezero-istio-gateway/README.md.gotmpl b/charts/kubezero-istio-gateway/README.md.gotmpl index fcd08643..9627be13 100644 --- a/charts/kubezero-istio-gateway/README.md.gotmpl +++ b/charts/kubezero-istio-gateway/README.md.gotmpl @@ -19,6 +19,5 @@ Installs Istio Ingress Gateways, requires kubezero-istio to be installed ! ## Resources -- https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#IstioOperatorSpec -- https://github.com/istio/istio/blob/master/manifests/profiles/default.yaml -- https://istio.io/latest/docs/setup/install/standalone-operator/ +- https://github.com/cilium/cilium/blob/main/operator/pkg/model/translation/envoy_listener.go#L134 + diff --git a/charts/kubezero-network/templates/multus/daemonset.yaml b/charts/kubezero-network/templates/multus/daemonset.yaml index 2dffba39..e88cf5fd 100644 --- a/charts/kubezero-network/templates/multus/daemonset.yaml +++ b/charts/kubezero-network/templates/multus/daemonset.yaml @@ -28,6 +28,8 @@ spec: containers: - name: kube-multus image: {{ .Values.multus.image.repository }}:{{ .Values.multus.image.tag }} + # Always used cached images + imagePullPolicy: Never command: ["/entrypoint.sh"] args: - "--multus-conf-file=/tmp/multus-conf/00-multus.conf" @@ -45,6 +47,7 @@ spec: privileged: true capabilities: add: ["SYS_ADMIN"] + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - name: run mountPath: /run diff --git a/charts/kubezero-network/values.yaml b/charts/kubezero-network/values.yaml index 330dfd8f..336d590f 100644 --- a/charts/kubezero-network/values.yaml +++ b/charts/kubezero-network/values.yaml @@ -27,9 +27,10 @@ multus: cilium: enabled: false - # breaks preloaded images otherwise + # Always use cached images image: useDigest: false + pullPolicy: Never resources: requests: diff --git a/charts/kubezero/templates/addons.yaml b/charts/kubezero/templates/addons.yaml index 4d8d30ac..72085432 100644 --- a/charts/kubezero/templates/addons.yaml +++ b/charts/kubezero/templates/addons.yaml @@ -181,6 +181,7 @@ aws-eks-asg-rolling-update-handler: - name: AWS_WEB_IDENTITY_TOKEN_FILE value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token" - name: AWS_STS_REGIONAL_ENDPOINTS + value: "regional" {{- end }} {{- end }}