First draft of v1.25.8

This commit is contained in:
Stefan Reimer 2023-04-12 11:14:31 +00:00
parent e64388d582
commit 70d03338e4
63 changed files with 9910 additions and 227 deletions

View File

@ -1,9 +1,9 @@
ARG ALPINE_VERSION=3.16 ARG ALPINE_VERSION=3.17
FROM alpine:${ALPINE_VERSION} FROM alpine:${ALPINE_VERSION}
ARG ALPINE_VERSION ARG ALPINE_VERSION
ARG KUBE_VERSION=1.24 ARG KUBE_VERSION=1.25
RUN cd /etc/apk/keys && \ RUN cd /etc/apk/keys && \
wget "https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub" && \ wget "https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub" && \
@ -18,19 +18,19 @@ RUN cd /etc/apk/keys && \
bash \ bash \
python3 \ python3 \
py3-yaml \ py3-yaml \
restic \
helm \
cri-tools@kubezero \ cri-tools@kubezero \
kubeadm@kubezero~=${KUBE_VERSION} \ kubeadm@kubezero~=${KUBE_VERSION} \
kubectl@kubezero~=${KUBE_VERSION} \ kubectl@kubezero~=${KUBE_VERSION} \
etcdhelper@kubezero \ etcdhelper@kubezero \
etcd-ctl@edge-testing \ etcd-ctl@edge-testing
restic@edge-community \
helm@edge-community
RUN helm repo add kubezero https://cdn.zero-downtime.net/charts && \ RUN helm repo add kubezero https://cdn.zero-downtime.net/charts && \
mkdir -p /var/lib/kubezero mkdir -p /var/lib/kubezero
ADD admin/kubezero.sh admin/libhelm.sh admin/migrate_argo_values.py /usr/bin ADD admin/kubezero.sh admin/libhelm.sh admin/migrate_argo_values.py /usr/bin
ADD admin/libhelm.sh admin/v${KUBE_VERSION}/* /var/lib/kubezero ADD admin/libhelm.sh admin/pre-upgrade.sh /var/lib/kubezero
ADD charts/kubeadm /charts/kubeadm ADD charts/kubeadm /charts/kubeadm
ADD charts/kubezero /charts/kubezero ADD charts/kubezero /charts/kubezero

View File

@ -8,26 +8,17 @@ import yaml
def migrate(values): def migrate(values):
"""Actual changes here""" """Actual changes here"""
# ClusterBackup is enabled on AWS anyways, same with cluster-autoscaler # Move additional prometheus labels to better config tree
if "aws" in values["global"]: try:
deleteKey(values["addons"], "clusterBackup") labels = {}
deleteKey(values["addons"], "cluster-autoscaler") for c in values["metrics"]['kube-prometheus-stack']["prometheus"]["prometheusSpec"]["additionalAlertRelabelConfigs"]:
labels[c["target_label"]] = c["replacement"]
# Remove calico and multus values["metrics"]['kube-prometheus-stack']["prometheus"]["prometheusSpec"]["externalLabels"] = labels
deleteKey(values["network"], "calico") deleteKey(values["metrics"]['kube-prometheus-stack']["prometheus"]["prometheusSpec"], "additionalAlertRelabelConfigs")
deleteKey(values["network"], "multus")
# ArgoCD helm changes except KeyError:
if "argocd" in values: pass
if "server" in values["argocd"]:
if not "configs" in values["argocd"]:
values["argocd"]["configs"] = {}
if not "cm" in values["argocd"]["configs"]:
values["argocd"]["configs"]["cm"] = {}
values["argocd"]["configs"]["cm"]["url"] = values["argocd"]["server"]["config"][
"url"
]
deleteKey(values["argocd"], "server")
return values return values

View File

@ -1,7 +1,7 @@
#!/bin/bash -e #!/bin/bash -e
#VERSION="latest" #VERSION="latest"
VERSION="v1.24" VERSION="v1.25"
ARGO_APP=${1:-/tmp/new-kubezero-argoapp.yaml} ARGO_APP=${1:-/tmp/new-kubezero-argoapp.yaml}
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
@ -148,38 +148,27 @@ argo_used && disable_argo
#all_nodes_upgrade "" #all_nodes_upgrade ""
# Cleanup
# Remove calico CRDs
kubectl delete -f https://git.zero-downtime.net/ZeroDownTime/kubezero/raw/tag/v1.23.11/charts/kubezero-network/charts/calico/crds/crds.yaml || true
# delete old kubelet configs
for cm in $(kubectl get cm -n kube-system --no-headers | awk '{if ($1 ~ "kubelet-config-1*") print $1}'); do kubectl delete cm $cm -n kube-system; done
for rb in $(kubectl get rolebindings -n kube-system --no-headers | awk '{if ($1 ~ "kubelet-config-1*") print $1}'); do kubectl delete rolebindings $rb -n kube-system; done
control_plane_upgrade kubeadm_upgrade control_plane_upgrade kubeadm_upgrade
echo "Adjust kubezero values as needed:" echo "Adjust kubezero values as needed:"
# shellcheck disable=SC2015 # shellcheck disable=SC2015
argo_used && kubectl edit app kubezero -n argocd || kubectl edit cm kubezero-values -n kube-system argo_used && kubectl edit app kubezero -n argocd || kubectl edit cm kubezero-values -n kube-system
# Remove calico
#kubectl delete deployment calico-kube-controllers -n kube-system || true
#kubectl delete daemonset calico-node -n kube-system || true
#kubectl delete network-attachment-definitions calico -n kube-system || true
# Remove previous cilium config as the helm options are additive only -> fail
kubectl delete configmap cilium-config -n kube-system || true
control_plane_upgrade "apply_network, apply_addons, apply_storage" control_plane_upgrade "apply_network, apply_addons, apply_storage"
kubectl rollout restart daemonset/kube-multus-ds -n kube-system
kubectl rollout restart daemonset/cilium -n kube-system
echo "Checking that all pods in kube-system are running ..." echo "Checking that all pods in kube-system are running ..."
waitSystemPodsRunning waitSystemPodsRunning
echo "Applying remaining KubeZero modules..." echo "Applying remaining KubeZero modules..."
# delete argocd deployments as various immutable things changed, also redis restart fails otherwise
kubectl delete deployment argocd-redis -n argocd || true
kubectl delete deployment argocd-repo-server -n argocd || true
kubectl delete statefulset argocd-application-controller -n argocd || true
# Delete prometheus-push gateway due to label changes
kubectl delete deploy -l app=prometheus-pushgateway -n monitoring || true
control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_argocd" control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_argocd"
# Final step is to commit the new argocd kubezero app # Final step is to commit the new argocd kubezero app

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubeadm name: kubeadm
description: KubeZero Kubeadm cluster config description: KubeZero Kubeadm cluster config
type: application type: application
version: 1.24.9 version: 1.25.8
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -11,4 +11,4 @@ keywords:
maintainers: maintainers:
- name: Stefan Reimer - name: Stefan Reimer
email: stefan@zero-downtime.net email: stefan@zero-downtime.net
kubeVersion: ">= 1.24.0" kubeVersion: ">= 1.25.0"

View File

@ -1,6 +1,6 @@
# kubeadm # kubeadm
![Version: 1.24.9](https://img.shields.io/badge/Version-1.24.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 1.25.8](https://img.shields.io/badge/Version-1.25.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero Kubeadm cluster config KubeZero Kubeadm cluster config
@ -14,7 +14,7 @@ KubeZero Kubeadm cluster config
## Requirements ## Requirements
Kubernetes: `>= 1.24.0` Kubernetes: `>= 1.25.0`
## Values ## Values

View File

@ -1,6 +1,6 @@
{{- /* Feature gates for all control plane components */ -}} {{- /* Feature gates for all control plane components */ -}}
{{- define "kubeadm.featuregates" }} {{- define "kubeadm.featuregates" }}
{{- $gates := list "CustomCPUCFSQuotaPeriod" "CronJobTimeZone" "NodeOutOfServiceVolumeDetach" }} {{- $gates := list "CustomCPUCFSQuotaPeriod" "NodeOutOfServiceVolumeDetach" }}
{{- if eq .return "csv" }} {{- if eq .return "csv" }}
{{- range $key := $gates }} {{- range $key := $gates }}
{{- $key }}=true, {{- $key }}=true,

View File

@ -12,13 +12,3 @@ spec:
memory: 128Mi memory: 128Mi
nodeSelector: nodeSelector:
node-role.kubernetes.io/control-plane: "" node-role.kubernetes.io/control-plane: ""
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: k8s-app
operator: In
values:
- kube-dns
topologyKey: "kubernetes.io/hostname"

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-addons name: kubezero-addons
description: KubeZero umbrella chart for various optional cluster addons description: KubeZero umbrella chart for various optional cluster addons
type: application type: application
version: 0.7.3 version: 0.7.4
appVersion: v1.24 appVersion: v1.24
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
@ -24,7 +24,7 @@ dependencies:
repository: https://kubernetes-sigs.github.io/external-dns/ repository: https://kubernetes-sigs.github.io/external-dns/
condition: external-dns.enabled condition: external-dns.enabled
- name: cluster-autoscaler - name: cluster-autoscaler
version: 9.21.0 version: 9.24.0
repository: https://kubernetes.github.io/autoscaler repository: https://kubernetes.github.io/autoscaler
condition: cluster-autoscaler.enabled condition: cluster-autoscaler.enabled
- name: nvidia-device-plugin - name: nvidia-device-plugin
@ -33,7 +33,7 @@ dependencies:
repository: https://nvidia.github.io/k8s-device-plugin repository: https://nvidia.github.io/k8s-device-plugin
condition: nvidia-device-plugin.enabled condition: nvidia-device-plugin.enabled
- name: sealed-secrets - name: sealed-secrets
version: 2.7.1 version: 2.7.3
repository: https://bitnami-labs.github.io/sealed-secrets repository: https://bitnami-labs.github.io/sealed-secrets
condition: sealed-secrets.enabled condition: sealed-secrets.enabled
- name: aws-node-termination-handler - name: aws-node-termination-handler

View File

@ -1,6 +1,6 @@
# kubezero-addons # kubezero-addons
![Version: 0.7.3](https://img.shields.io/badge/Version-0.7.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.24](https://img.shields.io/badge/AppVersion-v1.24-informational?style=flat-square) ![Version: 0.7.4](https://img.shields.io/badge/Version-0.7.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.24](https://img.shields.io/badge/AppVersion-v1.24-informational?style=flat-square)
KubeZero umbrella chart for various optional cluster addons KubeZero umbrella chart for various optional cluster addons
@ -20,9 +20,9 @@ Kubernetes: `>= 1.24.0`
|------------|------|---------| |------------|------|---------|
| | aws-eks-asg-rolling-update-handler | 1.2.7 | | | aws-eks-asg-rolling-update-handler | 1.2.7 |
| | aws-node-termination-handler | 0.20.1 | | | aws-node-termination-handler | 0.20.1 |
| https://bitnami-labs.github.io/sealed-secrets | sealed-secrets | 2.7.1 | | https://bitnami-labs.github.io/sealed-secrets | sealed-secrets | 2.7.3 |
| https://kubernetes-sigs.github.io/external-dns/ | external-dns | 1.11.0 | | https://kubernetes-sigs.github.io/external-dns/ | external-dns | 1.11.0 |
| https://kubernetes.github.io/autoscaler | cluster-autoscaler | 9.21.0 | | https://kubernetes.github.io/autoscaler | cluster-autoscaler | 9.24.0 |
| https://nvidia.github.io/k8s-device-plugin | nvidia-device-plugin | 0.13.0 | | https://nvidia.github.io/k8s-device-plugin | nvidia-device-plugin | 0.13.0 |
# MetalLB # MetalLB
@ -105,6 +105,7 @@ Device plugin for [AWS Neuron](https://aws.amazon.com/machine-learning/neuron/)
| cluster-autoscaler.enabled | bool | `false` | | | cluster-autoscaler.enabled | bool | `false` | |
| cluster-autoscaler.extraArgs.scan-interval | string | `"30s"` | | | cluster-autoscaler.extraArgs.scan-interval | string | `"30s"` | |
| cluster-autoscaler.extraArgs.skip-nodes-with-local-storage | bool | `false` | | | cluster-autoscaler.extraArgs.skip-nodes-with-local-storage | bool | `false` | |
| cluster-autoscaler.image.tag | string | `"v1.24.0"` | |
| cluster-autoscaler.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | | | cluster-autoscaler.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | |
| cluster-autoscaler.podDisruptionBudget | bool | `false` | | | cluster-autoscaler.podDisruptionBudget | bool | `false` | |
| cluster-autoscaler.prometheusRule.enabled | bool | `false` | | | cluster-autoscaler.prometheusRule.enabled | bool | `false` | |
@ -139,6 +140,10 @@ Device plugin for [AWS Neuron](https://aws.amazon.com/machine-learning/neuron/)
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key | string | `"node.kubernetes.io/instance-type"` | | | nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key | string | `"node.kubernetes.io/instance-type"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].operator | string | `"In"` | | | nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].operator | string | `"In"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[0] | string | `"g5.xlarge"` | | | nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[0] | string | `"g5.xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[10] | string | `"g4dn.4xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[11] | string | `"g4dn.8xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[12] | string | `"g4dn.12xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[13] | string | `"g4dn.16xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[1] | string | `"g5.2xlarge"` | | | nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[1] | string | `"g5.2xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[2] | string | `"g5.4xlarge"` | | | nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[2] | string | `"g5.4xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[3] | string | `"g5.8xlarge"` | | | nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[3] | string | `"g5.8xlarge"` | |
@ -146,6 +151,8 @@ Device plugin for [AWS Neuron](https://aws.amazon.com/machine-learning/neuron/)
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[5] | string | `"g5.16xlarge"` | | | nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[5] | string | `"g5.16xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[6] | string | `"g5.24xlarge"` | | | nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[6] | string | `"g5.24xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[7] | string | `"g5.48xlarge"` | | | nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[7] | string | `"g5.48xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[8] | string | `"g4dn.xlarge"` | |
| nvidia-device-plugin.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[9] | string | `"g4dn.2xlarge"` | |
| nvidia-device-plugin.enabled | bool | `false` | | | nvidia-device-plugin.enabled | bool | `false` | |
| nvidia-device-plugin.tolerations[0].effect | string | `"NoSchedule"` | | | nvidia-device-plugin.tolerations[0].effect | string | `"NoSchedule"` | |
| nvidia-device-plugin.tolerations[0].key | string | `"nvidia.com/gpu"` | | | nvidia-device-plugin.tolerations[0].key | string | `"nvidia.com/gpu"` | |
@ -155,7 +162,7 @@ Device plugin for [AWS Neuron](https://aws.amazon.com/machine-learning/neuron/)
| nvidia-device-plugin.tolerations[1].operator | string | `"Exists"` | | | nvidia-device-plugin.tolerations[1].operator | string | `"Exists"` | |
| sealed-secrets.enabled | bool | `false` | | | sealed-secrets.enabled | bool | `false` | |
| sealed-secrets.fullnameOverride | string | `"sealed-secrets-controller"` | | | sealed-secrets.fullnameOverride | string | `"sealed-secrets-controller"` | |
| sealed-secrets.keyrenewperiod | int | `0` | | | sealed-secrets.keyrenewperiod | string | `"0"` | |
| sealed-secrets.metrics.serviceMonitor.enabled | bool | `false` | | | sealed-secrets.metrics.serviceMonitor.enabled | bool | `false` | |
| sealed-secrets.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | | | sealed-secrets.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | |
| sealed-secrets.resources.limits.memory | string | `"128Mi"` | | | sealed-secrets.resources.limits.memory | string | `"128Mi"` | |

View File

@ -31,7 +31,7 @@ sealed-secrets:
fullnameOverride: sealed-secrets-controller fullnameOverride: sealed-secrets-controller
# Disable auto keyrotation for now # Disable auto keyrotation for now
keyrenewperiod: 0 keyrenewperiod: "0"
resources: resources:
requests: requests:
@ -179,10 +179,18 @@ nvidia-device-plugin:
- g5.24xlarge - g5.24xlarge
- g5.48xlarge - g5.48xlarge
- g4dn.xlarge - g4dn.xlarge
- g4dn.2xlarge
- g4dn.4xlarge
- g4dn.8xlarge
- g4dn.12xlarge
- g4dn.16xlarge
cluster-autoscaler: cluster-autoscaler:
enabled: false enabled: false
image:
tag: v1.24.0
autoDiscovery: autoDiscovery:
clusterName: "" clusterName: ""
awsRegion: "us-west-2" awsRegion: "us-west-2"

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-ci name: kubezero-ci
description: KubeZero umbrella chart for all things CI description: KubeZero umbrella chart for all things CI
type: application type: application
version: 0.5.25 version: 0.6.0
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -22,16 +22,15 @@ dependencies:
repository: https://gocd.github.io/helm-chart repository: https://gocd.github.io/helm-chart
condition: gocd.enabled condition: gocd.enabled
- name: gitea - name: gitea
version: 6.0.5 version: 7.0.4
repository: https://dl.gitea.io/charts/ repository: https://dl.gitea.io/charts/
condition: gitea.enabled condition: gitea.enabled
- name: jenkins - name: jenkins
version: 4.2.20 version: 4.3.2
repository: https://charts.jenkins.io repository: https://charts.jenkins.io
condition: jenkins.enabled condition: jenkins.enabled
- name: trivy - name: trivy
version: 0.4.17 version: 0.6.0
repository: https://aquasecurity.github.io/helm-charts/ repository: https://aquasecurity.github.io/helm-charts/
condition: trivy.enabled condition: trivy.enabled
kubeVersion: ">= 1.24.0"
kubeVersion: ">= 1.20.0"

View File

@ -1,6 +1,6 @@
# kubezero-ci # kubezero-ci
![Version: 0.5.24](https://img.shields.io/badge/Version-0.5.24-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.6.0](https://img.shields.io/badge/Version-0.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero umbrella chart for all things CI KubeZero umbrella chart for all things CI
@ -14,14 +14,14 @@ KubeZero umbrella chart for all things CI
## Requirements ## Requirements
Kubernetes: `>= 1.20.0` Kubernetes: `>= 1.24.0`
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://aquasecurity.github.io/helm-charts/ | trivy | 0.4.17 | | https://aquasecurity.github.io/helm-charts/ | trivy | 0.6.0 |
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
| https://charts.jenkins.io | jenkins | 4.2.17 | | https://charts.jenkins.io | jenkins | 4.3.2 |
| https://dl.gitea.io/charts/ | gitea | 6.0.5 | | https://dl.gitea.io/charts/ | gitea | 7.0.4 |
| https://gocd.github.io/helm-chart | gocd | 1.40.8 | | https://gocd.github.io/helm-chart | gocd | 1.40.8 |
# Jenkins # Jenkins
@ -82,6 +82,10 @@ Kubernetes: `>= 1.20.0`
| jenkins.agent.image | string | `"public.ecr.aws/zero-downtime/jenkins-podman"` | | | jenkins.agent.image | string | `"public.ecr.aws/zero-downtime/jenkins-podman"` | |
| jenkins.agent.podName | string | `"podman-aws"` | | | jenkins.agent.podName | string | `"podman-aws"` | |
| jenkins.agent.podRetention | string | `"Default"` | | | jenkins.agent.podRetention | string | `"Default"` | |
| jenkins.agent.resources.limits.cpu | string | `""` | |
| jenkins.agent.resources.limits.memory | string | `""` | |
| jenkins.agent.resources.requests.cpu | string | `""` | |
| jenkins.agent.resources.requests.memory | string | `""` | |
| jenkins.agent.showRawYaml | bool | `false` | | | jenkins.agent.showRawYaml | bool | `false` | |
| jenkins.agent.tag | string | `"v0.4.1"` | | | jenkins.agent.tag | string | `"v0.4.1"` | |
| jenkins.agent.yamlMergeStrategy | string | `"merge"` | | | jenkins.agent.yamlMergeStrategy | string | `"merge"` | |
@ -92,18 +96,18 @@ Kubernetes: `>= 1.20.0`
| jenkins.controller.initContainerResources.limits.memory | string | `"1024Mi"` | | | jenkins.controller.initContainerResources.limits.memory | string | `"1024Mi"` | |
| jenkins.controller.initContainerResources.requests.cpu | string | `"50m"` | | | jenkins.controller.initContainerResources.requests.cpu | string | `"50m"` | |
| jenkins.controller.initContainerResources.requests.memory | string | `"256Mi"` | | | jenkins.controller.initContainerResources.requests.memory | string | `"256Mi"` | |
| jenkins.controller.installPlugins[0] | string | `"kubernetes:3743.v1fa_4c724c3b_7"` | | | jenkins.controller.installPlugins[0] | string | `"kubernetes:3883.v4d70a_a_a_df034"` | |
| jenkins.controller.installPlugins[10] | string | `"build-discarder:139.v05696a_7fe240"` | | | jenkins.controller.installPlugins[10] | string | `"build-discarder:139.v05696a_7fe240"` | |
| jenkins.controller.installPlugins[11] | string | `"dark-theme:262.v0202a_4c8fb_6a"` | | | jenkins.controller.installPlugins[11] | string | `"dark-theme:302.vf069cb_e01486"` | |
| jenkins.controller.installPlugins[12] | string | `"kubernetes-credentials-provider:1.206.v7ce2cf7b_0c8b"` | | | jenkins.controller.installPlugins[12] | string | `"kubernetes-credentials-provider:1.209.v862c6e5fb_1ef"` | |
| jenkins.controller.installPlugins[1] | string | `"workflow-aggregator:581.v0c46fa_697ffd"` | | | jenkins.controller.installPlugins[1] | string | `"workflow-aggregator:581.v0c46fa_697ffd"` | |
| jenkins.controller.installPlugins[2] | string | `"git:4.14.3"` | | | jenkins.controller.installPlugins[2] | string | `"git:5.0.0"` | |
| jenkins.controller.installPlugins[3] | string | `"basic-branch-build-strategies:71.vc1421f89888e"` | | | jenkins.controller.installPlugins[3] | string | `"basic-branch-build-strategies:71.vc1421f89888e"` | |
| jenkins.controller.installPlugins[4] | string | `"pipeline-graph-view:144.vf3924feb_7e35"` | | | jenkins.controller.installPlugins[4] | string | `"pipeline-graph-view:154.v52138b_cb_557e"` | |
| jenkins.controller.installPlugins[5] | string | `"pipeline-stage-view:2.28"` | | | jenkins.controller.installPlugins[5] | string | `"pipeline-stage-view:2.31"` | |
| jenkins.controller.installPlugins[6] | string | `"configuration-as-code:1569.vb_72405b_80249"` | | | jenkins.controller.installPlugins[6] | string | `"configuration-as-code:1569.vb_72405b_80249"` | |
| jenkins.controller.installPlugins[7] | string | `"antisamy-markup-formatter:155.v795fb_8702324"` | | | jenkins.controller.installPlugins[7] | string | `"antisamy-markup-formatter:155.v795fb_8702324"` | |
| jenkins.controller.installPlugins[8] | string | `"prometheus:2.0.11"` | | | jenkins.controller.installPlugins[8] | string | `"prometheus:2.1.1"` | |
| jenkins.controller.installPlugins[9] | string | `"htmlpublisher:1.31"` | | | jenkins.controller.installPlugins[9] | string | `"htmlpublisher:1.31"` | |
| jenkins.controller.javaOpts | string | `"-XX:+UseContainerSupport -XX:+UseStringDeduplication -Dhudson.model.DirectoryBrowserSupport.CSP=\"sandbox allow-popups; default-src 'none'; img-src 'self' cdn.zero-downtime.net; style-src 'unsafe-inline';\""` | | | jenkins.controller.javaOpts | string | `"-XX:+UseContainerSupport -XX:+UseStringDeduplication -Dhudson.model.DirectoryBrowserSupport.CSP=\"sandbox allow-popups; default-src 'none'; img-src 'self' cdn.zero-downtime.net; style-src 'unsafe-inline';\""` | |
| jenkins.controller.jenkinsOpts | string | `"--sessionTimeout=180 --sessionEviction=3600"` | | | jenkins.controller.jenkinsOpts | string | `"--sessionTimeout=180 --sessionEviction=3600"` | |

View File

@ -121,19 +121,19 @@ jenkins:
numToKeepStr: "10" numToKeepStr: "10"
installPlugins: installPlugins:
- kubernetes:3802.vb_b_600831fcb_3 - kubernetes:3883.v4d70a_a_a_df034
- workflow-aggregator:581.v0c46fa_697ffd - workflow-aggregator:581.v0c46fa_697ffd
- git:5.0.0 - git:5.0.0
- basic-branch-build-strategies:71.vc1421f89888e - basic-branch-build-strategies:71.vc1421f89888e
- pipeline-graph-view:144.vf3924feb_7e35 - pipeline-graph-view:154.v52138b_cb_557e
- pipeline-stage-view:2.28 - pipeline-stage-view:2.31
- configuration-as-code:1569.vb_72405b_80249 - configuration-as-code:1569.vb_72405b_80249
- antisamy-markup-formatter:155.v795fb_8702324 - antisamy-markup-formatter:155.v795fb_8702324
- prometheus:2.1.0 - prometheus:2.1.1
- htmlpublisher:1.31 - htmlpublisher:1.31
- build-discarder:139.v05696a_7fe240 - build-discarder:139.v05696a_7fe240
- dark-theme:262.v0202a_4c8fb_6a - dark-theme:302.vf069cb_e01486
- kubernetes-credentials-provider:1.208.v128ee9800c04 - kubernetes-credentials-provider:1.209.v862c6e5fb_1ef
serviceAccountAgent: serviceAccountAgent:
create: true create: true
@ -231,7 +231,7 @@ jenkins:
trivy: trivy:
enabled: false enabled: false
image: image:
tag: 0.35.0 tag: 0.37.3
persistence: persistence:
enabled: true enabled: true
size: 1Gi size: 1Gi

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-istio-gateway name: kubezero-istio-gateway
description: KubeZero Umbrella Chart for Istio gateways description: KubeZero Umbrella Chart for Istio gateways
type: application type: application
version: 0.9.0 version: 0.9.1
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -14,9 +14,9 @@ maintainers:
email: stefan@zero-downtime.net email: stefan@zero-downtime.net
dependencies: dependencies:
- name: kubezero-lib - name: kubezero-lib
version: ">= 0.1.5" version: ">= 0.1.6"
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: gateway - name: gateway
version: 1.16.1 version: 1.16.3
repository: https://istio-release.storage.googleapis.com/charts repository: https://istio-release.storage.googleapis.com/charts
kubeVersion: ">= 1.24.0" kubeVersion: ">= 1.24.0"

View File

@ -1,5 +1,5 @@
apiVersion: v2 apiVersion: v2
appVersion: 1.16.1 appVersion: 1.16.3
description: Helm chart for deploying Istio gateways description: Helm chart for deploying Istio gateways
icon: https://istio.io/latest/favicons/android-192x192.png icon: https://istio.io/latest/favicons/android-192x192.png
keywords: keywords:
@ -9,4 +9,4 @@ name: gateway
sources: sources:
- http://github.com/istio/istio - http://github.com/istio/istio
type: application type: application
version: 1.16.1 version: 1.16.3

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-istio name: kubezero-istio
description: KubeZero Umbrella Chart for Istio description: KubeZero Umbrella Chart for Istio
type: application type: application
version: 0.9.0 version: 0.9.1
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -16,10 +16,10 @@ dependencies:
version: ">= 0.1.6" version: ">= 0.1.6"
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: base - name: base
version: 1.16.1 version: 1.16.3
repository: https://istio-release.storage.googleapis.com/charts repository: https://istio-release.storage.googleapis.com/charts
- name: istiod - name: istiod
version: 1.16.1 version: 1.16.3
repository: https://istio-release.storage.googleapis.com/charts repository: https://istio-release.storage.googleapis.com/charts
- name: kiali-server - name: kiali-server
version: "1.60.0" version: "1.60.0"

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-logging name: kubezero-logging
description: KubeZero Umbrella Chart for complete EFK stack description: KubeZero Umbrella Chart for complete EFK stack
type: application type: application
version: 0.8.4 version: 0.8.5
appVersion: 1.6.0 appVersion: 1.6.0
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
@ -27,6 +27,6 @@ dependencies:
version: 0.3.9 version: 0.3.9
condition: fluentd.enabled condition: fluentd.enabled
- name: fluent-bit - name: fluent-bit
version: 0.20.6 version: 0.24.0
condition: fluent-bit.enabled condition: fluent-bit.enabled
kubeVersion: ">= 1.24.0" kubeVersion: ">= 1.24.0"

View File

@ -1,13 +1,13 @@
annotations: annotations:
artifacthub.io/changes: | artifacthub.io/changes: |
- kind: changed - kind: changed
description: "Additional upstream config option added" description: "Updated Fluent Bit image to v2.0.9."
apiVersion: v1 apiVersion: v1
appVersion: 1.9.7 appVersion: 2.0.9
description: Fast and lightweight log processor and forwarder or Linux, OSX and BSD description: Fast and lightweight log processor and forwarder or Linux, OSX and BSD
family operating systems. family operating systems.
home: https://fluentbit.io/ home: https://fluentbit.io/
icon: https://fluentbit.io/assets/img/logo1-default.png icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/fluentd/fluentbit/icon/fluentbit-icon-color.svg
keywords: keywords:
- logging - logging
- fluent-bit - fluent-bit
@ -24,4 +24,4 @@ maintainers:
name: fluent-bit name: fluent-bit
sources: sources:
- https://github.com/fluent/fluent-bit/ - https://github.com/fluent/fluent-bit/
version: 0.20.6 version: 0.24.0

View File

@ -11,6 +11,9 @@ priorityClassName: {{ .Values.priorityClassName }}
securityContext: securityContext:
{{- toYaml . | nindent 2 }} {{- toYaml . | nindent 2 }}
{{- end }} {{- end }}
{{- with .Values.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ . }}
{{- end }}
hostNetwork: {{ .Values.hostNetwork }} hostNetwork: {{ .Values.hostNetwork }}
dnsPolicy: {{ .Values.dnsPolicy }} dnsPolicy: {{ .Values.dnsPolicy }}
{{- with .Values.dnsConfig }} {{- with .Values.dnsConfig }}

View File

@ -19,7 +19,7 @@ rules:
- get - get
- list - list
- watch - watch
{{- if .Values.podSecurityPolicy.create }} {{- if and .Values.podSecurityPolicy.create (semverCompare "<=1.25-0" .Capabilities.KubeVersion.GitVersion) }}
- apiGroups: - apiGroups:
- policy - policy
resources: resources:

View File

@ -20,6 +20,9 @@ spec:
updateStrategy: updateStrategy:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}
{{- end }} {{- end }}
{{- with .Values.minReadySeconds }}
minReadySeconds: {{ . }}
{{- end }}
template: template:
metadata: metadata:
annotations: annotations:

View File

@ -23,6 +23,9 @@ spec:
selector: selector:
matchLabels: matchLabels:
{{- include "fluent-bit.selectorLabels" . | nindent 6 }} {{- include "fluent-bit.selectorLabels" . | nindent 6 }}
{{- with .Values.minReadySeconds }}
minReadySeconds: {{ . }}
{{- end }}
template: template:
metadata: metadata:
annotations: annotations:

View File

@ -1,4 +1,4 @@
{{- if .Values.podSecurityPolicy.create }} {{- if and .Values.podSecurityPolicy.create (semverCompare "<=1.25-0" .Capabilities.KubeVersion.GitVersion) -}}
apiVersion: policy/v1beta1 apiVersion: policy/v1beta1
kind: PodSecurityPolicy kind: PodSecurityPolicy
metadata: metadata:

View File

@ -16,6 +16,15 @@ spec:
{{- if and (eq .Values.service.type "ClusterIP") (.Values.service.clusterIP) }} {{- if and (eq .Values.service.type "ClusterIP") (.Values.service.clusterIP) }}
clusterIP: {{ .Values.service.clusterIP }} clusterIP: {{ .Values.service.clusterIP }}
{{- end }} {{- end }}
{{- if (eq .Values.service.type "LoadBalancer")}}
{{- with .Values.service.loadBalancerClass}}
loadBalancerClass: {{ . }}
{{- end }}
{{- with .Values.service.loadBalancerSourceRanges}}
loadBalancerSourceRanges:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
ports: ports:
- port: {{ .Values.service.port }} - port: {{ .Values.service.port }}
targetPort: http targetPort: http

View File

@ -36,6 +36,16 @@ spec:
relabelings: relabelings:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
{{- if .Values.serviceMonitor.scheme }}
scheme: {{ .Values.serviceMonitor.scheme }}
{{- end }}
{{- if .Values.serviceMonitor.tlsConfig }}
tlsConfig:
{{- toYaml .Values.serviceMonitor.tlsConfig | nindent 8 }}
{{- end }}
{{- with .Values.serviceMonitor.additionalEndpoints }}
{{- toYaml . | nindent 4 }}
{{- end }}
namespaceSelector: namespaceSelector:
matchNames: matchNames:
- {{ .Release.Namespace }} - {{ .Release.Namespace }}

View File

@ -0,0 +1,38 @@
{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1/VerticalPodAutoscaler") .Values.autoscaling.vpa.enabled }}
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
metadata:
name: {{ include "fluent-bit.fullname" . }}
labels:
{{- include "fluent-bit.labels" . | nindent 4 }}
{{- with .Values.autoscaling.vpa.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
resourcePolicy:
containerPolicies:
- containerName: {{ .Chart.Name }}
{{- with .Values.autoscaling.vpa.controlledResources }}
controlledResources:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.autoscaling.vpa.maxAllowed }}
maxAllowed:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.autoscaling.vpa.minAllowed }}
minAllowed:
{{- toYaml . | nindent 8 }}
{{- end }}
targetRef:
apiVersion: apps/v1
kind: {{ .Values.kind }}
name: {{ include "fluent-bit.fullname" . }}
{{- if .Values.autoscaling.vpa.updatePolicy }}
updatePolicy:
{{- with .Values.autoscaling.vpa.updatePolicy.updateMode }}
updateMode: {{ . }}
{{- end }}
{{- end }}
{{- end }}

View File

@ -13,7 +13,7 @@ image:
pullPolicy: Always pullPolicy: Always
testFramework: testFramework:
enabled: false enabled: true
image: image:
repository: busybox repository: busybox
pullPolicy: Always pullPolicy: Always
@ -32,6 +32,11 @@ rbac:
create: true create: true
nodeAccess: false nodeAccess: false
# Configure podsecuritypolicy
# Ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
# from Kubernetes 1.25, PSP is deprecated
# See: https://kubernetes.io/blog/2022/08/23/kubernetes-v1-25-release/#pod-security-changes
# We automatically disable PSP if Kubernetes version is 1.25 or higher
podSecurityPolicy: podSecurityPolicy:
create: false create: false
annotations: {} annotations: {}
@ -78,6 +83,8 @@ securityContext: {}
service: service:
type: ClusterIP type: ClusterIP
port: 2020 port: 2020
loadBalancerClass:
loadBalancerSourceRanges: []
labels: {} labels: {}
# nodePort: 30020 # nodePort: 30020
# clusterIP: 172.16.10.1 # clusterIP: 172.16.10.1
@ -111,6 +118,35 @@ serviceMonitor:
# targetLabel: nodename # targetLabel: nodename
# replacement: $1 # replacement: $1
# action: replace # action: replace
# scheme: ""
# tlsConfig: {}
## Beare in mind if youn want to collec metrics from a different port
## you will need to configure the new ports on the extraPorts property.
additionalEndpoints: []
# - port: metrics
# path: /metrics
# interval: 10s
# scrapeTimeout: 10s
# scheme: ""
# tlsConfig: {}
# # metric relabel configs to apply to samples before ingestion.
# #
# metricRelabelings:
# - sourceLabels: [__meta_kubernetes_service_label_cluster]
# targetLabel: cluster
# regex: (.*)
# replacement: ${1}
# action: replace
# # relabel configs to apply to samples after ingestion.
# #
# relabelings:
# - sourceLabels: [__meta_kubernetes_pod_node_name]
# separator: ;
# regex: ^(.*)$
# targetLabel: nodename
# replacement: $1
# action: replace
prometheusRule: prometheusRule:
enabled: false enabled: false
@ -177,6 +213,28 @@ ingress:
## only available if kind is Deployment ## only available if kind is Deployment
autoscaling: autoscaling:
vpa:
enabled: false
annotations: {}
# List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
controlledResources: []
# Define the max allowed resources for the pod
maxAllowed: {}
# cpu: 200m
# memory: 100Mi
# Define the min allowed resources for the pod
minAllowed: {}
# cpu: 200m
# memory: 100Mi
updatePolicy:
# Specifies whether recommended updates are applied when a Pod is started and whether recommended updates
# are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto".
updateMode: Auto
enabled: false enabled: false
minReplicas: 1 minReplicas: 1
maxReplicas: 3 maxReplicas: 3
@ -222,6 +280,14 @@ podAnnotations: {}
podLabels: {} podLabels: {}
## How long (in seconds) a pods needs to be stable before progressing the deployment
##
minReadySeconds:
## How long (in seconds) a pod may take to exit (useful with lifecycle hooks to ensure lb deregistration is done)
##
terminationGracePeriodSeconds:
priorityClassName: "" priorityClassName: ""
env: [] env: []
@ -274,7 +340,7 @@ networkPolicy:
luaScripts: {} luaScripts: {}
## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/configuration-file ## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/configuration-file
config: config:
service: | service: |
[SERVICE] [SERVICE]
@ -332,15 +398,8 @@ config:
Retry_Limit False Retry_Limit False
## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/upstream-servers ## https://docs.fluentbit.io/manual/administration/configuring-fluent-bit/classic-mode/upstream-servers
## This configuration is deprecated, please use `extraFiles` instead.
upstream: {} upstream: {}
# upstream.conf: |
# [UPSTREAM]
# upstream1
#
# [NODE]
# name node-1
# host 127.0.0.1
# port 43000
## https://docs.fluentbit.io/manual/pipeline/parsers ## https://docs.fluentbit.io/manual/pipeline/parsers
customParsers: | customParsers: |
@ -354,6 +413,14 @@ config:
# This allows adding more files with arbitary filenames to /fluent-bit/etc by providing key/value pairs. # This allows adding more files with arbitary filenames to /fluent-bit/etc by providing key/value pairs.
# The key becomes the filename, the value becomes the file content. # The key becomes the filename, the value becomes the file content.
extraFiles: {} extraFiles: {}
# upstream.conf: |
# [UPSTREAM]
# upstream1
#
# [NODE]
# name node-1
# host 127.0.0.1
# port 43000
# example.conf: | # example.conf: |
# [OUTPUT] # [OUTPUT]
# Name example # Name example

View File

@ -1,24 +0,0 @@
diff -tubr charts/fluent-bit/templates/tests/test-connection.yaml charts/fluent-bit.zdt/templates/tests/test-connection.yaml
--- charts/fluent-bit/templates/tests/test-connection.yaml 2021-06-22 12:25:10.000000000 +0200
+++ charts/fluent-bit.zdt/templates/tests/test-connection.yaml 2021-05-17 12:09:02.724057438 +0200
@@ -1,3 +1,4 @@
+{{- if .Values.testFramework.enabled }}
apiVersion: v1
kind: Pod
metadata:
@@ -18,3 +19,4 @@
{{- toYaml . | nindent 4 }}
{{- end }}
restartPolicy: Never
+{{- end }}
diff -tubr charts/fluent-bit/values.yaml charts/fluent-bit.zdt/values.yaml
--- charts/fluent-bit/values.yaml 2021-06-22 12:25:10.000000000 +0200
+++ charts/fluent-bit.zdt/values.yaml 2021-07-19 10:23:01.383398153 +0200
@@ -12,6 +12,7 @@
# tag:
testFramework:
+ enabled: false
image:
repository: busybox
pullPolicy: Always

View File

@ -19,7 +19,7 @@ yq eval -Mi 'del(.dependencies)' charts/eck-operator/Chart.yaml
rm -rf charts/fluent-bit rm -rf charts/fluent-bit
curl -L -s -o - https://github.com/fluent/helm-charts/releases/download/fluent-bit-${FLUENT_BIT_VERSION}/fluent-bit-${FLUENT_BIT_VERSION}.tgz | tar xfz - -C charts curl -L -s -o - https://github.com/fluent/helm-charts/releases/download/fluent-bit-${FLUENT_BIT_VERSION}/fluent-bit-${FLUENT_BIT_VERSION}.tgz | tar xfz - -C charts
patch -i fluent-bit.patch -p0 --no-backup-if-mismatch # patch -i fluent-bit.patch -p0 --no-backup-if-mismatch
# FluentD # FluentD

View File

@ -246,7 +246,10 @@ fluent-bit:
image: image:
#repository: public.ecr.aws/zero-downtime/fluent-bit #repository: public.ecr.aws/zero-downtime/fluent-bit
tag: 1.9.8 tag: 2.0.10
testFramework:
enabled: false
serviceMonitor: serviceMonitor:
enabled: false enabled: false
@ -276,8 +279,8 @@ fluent-bit:
tls: false tls: false
input: input:
memBufLimit: 4MB memBufLimit: 16MB
refreshInterval: 10 refreshInterval: 5
logLevel: info logLevel: info
flushInterval: 5 flushInterval: 5
@ -300,16 +303,19 @@ fluent-bit:
[INPUT] [INPUT]
Name tail Name tail
Path /var/log/containers/*.log Path /var/log/containers/*.log
# Exclude ourselves to current error spam, https://github.com/fluent/fluent-bit/issues/5769
Exclude_Path *logging-fluent-bit*
multiline.parser cri multiline.parser cri
Tag cri.* Tag cri.*
Skip_Long_Lines On Skip_Long_Lines On
Skip_Empty_Lines On
DB /var/log/flb_kube.db DB /var/log/flb_kube.db
DB.Sync Normal DB.Sync Normal
DB.locking true DB.locking true
# Buffer_Max_Size 1M # Buffer_Max_Size 1M
{{- with .Values.config.input }} {{- with .Values.config.input }}
Mem_Buf_Limit {{ default "4MB" .memBufLimit }} Mem_Buf_Limit {{ default "16MB" .memBufLimit }}
Refresh_Interval {{ default 10 .refreshInterval }} Refresh_Interval {{ default 5 .refreshInterval }}
{{- end }} {{- end }}
filters: | filters: |

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-mq name: kubezero-mq
description: KubeZero umbrella chart for MQ systems like NATS, RabbitMQ description: KubeZero umbrella chart for MQ systems like NATS, RabbitMQ
type: application type: application
version: 0.3.4 version: 0.3.5
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:

View File

@ -1,6 +1,6 @@
# kubezero-mq # kubezero-mq
![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.3.5](https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero umbrella chart for MQ systems like NATS, RabbitMQ KubeZero umbrella chart for MQ systems like NATS, RabbitMQ
@ -20,7 +20,7 @@ Kubernetes: `>= 1.20.0`
|------------|------|---------| |------------|------|---------|
| | nats | 0.8.4 | | | nats | 0.8.4 |
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
| https://charts.bitnami.com/bitnami | rabbitmq | 11.1.5 | | https://charts.bitnami.com/bitnami | rabbitmq | 11.3.2 |
| https://charts.bitnami.com/bitnami | rabbitmq-cluster-operator | 3.1.4 | | https://charts.bitnami.com/bitnami | rabbitmq-cluster-operator | 3.1.4 |
## Values ## Values
@ -52,8 +52,10 @@ Kubernetes: `>= 1.20.0`
| rabbitmq.clustering.forceBoot | bool | `false` | | | rabbitmq.clustering.forceBoot | bool | `false` | |
| rabbitmq.enabled | bool | `false` | | | rabbitmq.enabled | bool | `false` | |
| rabbitmq.hosts | list | `[]` | hostnames of rabbitmq services, used for Istio and TLS | | rabbitmq.hosts | list | `[]` | hostnames of rabbitmq services, used for Istio and TLS |
| rabbitmq.istio.amqp | bool | `false` | |
| rabbitmq.istio.enabled | bool | `false` | | | rabbitmq.istio.enabled | bool | `false` | |
| rabbitmq.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | | | rabbitmq.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | |
| rabbitmq.istio.mqtt | bool | `false` | |
| rabbitmq.istio.mqtts | bool | `false` | | | rabbitmq.istio.mqtts | bool | `false` | |
| rabbitmq.metrics.enabled | bool | `false` | | | rabbitmq.metrics.enabled | bool | `false` | |
| rabbitmq.metrics.serviceMonitor.enabled | bool | `true` | | | rabbitmq.metrics.serviceMonitor.enabled | bool | `true` | |

View File

@ -25,6 +25,15 @@ spec:
host: rabbitmq host: rabbitmq
port: port:
number: 5672 number: 5672
{{- if .Values.rabbitmq.istio.amqp }}
- match:
- port: 5672
route:
- destination:
host: rabbitmq
port:
number: 5672
{{- end }}
{{- if .Values.rabbitmq.istio.mqtts }} {{- if .Values.rabbitmq.istio.mqtts }}
- match: - match:
- port: 8883 - port: 8883

View File

@ -56,6 +56,7 @@ rabbitmq:
istio: istio:
enabled: false enabled: false
gateway: istio-ingress/private-ingressgateway gateway: istio-ingress/private-ingressgateway
amqp: false
mqtt: false mqtt: false
mqtts: false mqtts: false

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-network name: kubezero-network
description: KubeZero umbrella chart for all things network description: KubeZero umbrella chart for all things network
type: application type: application
version: 0.4.2 version: 0.4.3
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -16,14 +16,14 @@ maintainers:
email: stefan@zero-downtime.net email: stefan@zero-downtime.net
dependencies: dependencies:
- name: kubezero-lib - name: kubezero-lib
version: ">= 0.1.5" version: ">= 0.1.6"
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: cilium - name: cilium
version: 1.12.5 version: 1.13.1
repository: https://helm.cilium.io/ repository: https://helm.cilium.io/
condition: cilium.enabled condition: cilium.enabled
- name: metallb - name: metallb
version: 0.13.7 version: 0.13.9
repository: https://metallb.github.io/metallb repository: https://metallb.github.io/metallb
condition: metallb.enabled condition: metallb.enabled
kubeVersion: ">= 1.24.0" kubeVersion: ">= 1.25.0"

View File

@ -18,7 +18,7 @@ metallb:
multus: multus:
enabled: false enabled: false
tag: "v3.9.2" tag: "v3.9.3"
clusterNetwork: "cilium" clusterNetwork: "cilium"
defaultNetworks: [] defaultNetworks: []

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-storage name: kubezero-storage
description: KubeZero umbrella chart for all things storage incl. AWS EBS/EFS, openEBS-lvm, gemini description: KubeZero umbrella chart for all things storage incl. AWS EBS/EFS, openEBS-lvm, gemini
type: application type: application
version: 0.7.5 version: 0.8.1
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -20,19 +20,23 @@ dependencies:
version: ">= 0.1.6" version: ">= 0.1.6"
repository: https://cdn.zero-downtime.net/charts/ repository: https://cdn.zero-downtime.net/charts/
- name: lvm-localpv - name: lvm-localpv
version: 1.0.0 version: 1.0.1
condition: lvm-localpv.enabled condition: lvm-localpv.enabled
# we patch: repository: https://openebs.github.io/lvm-localpv # we patch: repository: https://openebs.github.io/lvm-localpv
- name: gemini
version: 1.0.0
condition: gemini.enabled
# repository: https://charts.fairwinds.com/stable
- name: aws-ebs-csi-driver - name: aws-ebs-csi-driver
version: 2.14.1 version: 2.17.2
condition: aws-ebs-csi-driver.enabled condition: aws-ebs-csi-driver.enabled
repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver
- name: aws-efs-csi-driver - name: aws-efs-csi-driver
version: 2.3.2 version: 2.4.1
condition: aws-efs-csi-driver.enabled condition: aws-efs-csi-driver.enabled
# repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver # repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver
- name: gemini
version: 2.0.0
condition: gemini.enabled
# repository: https://charts.fairwinds.com/stable
- name: k8up
version: 4.2.0
condition: k8up.enabled
repository: https://k8up-io.github.io/k8up
kubeVersion: ">= 1.24.0" kubeVersion: ">= 1.24.0"

View File

@ -1,6 +1,6 @@
# kubezero-storage # kubezero-storage
![Version: 0.7.5](https://img.shields.io/badge/Version-0.7.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.8.1](https://img.shields.io/badge/Version-0.8.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
KubeZero umbrella chart for all things storage incl. AWS EBS/EFS, openEBS-lvm, gemini KubeZero umbrella chart for all things storage incl. AWS EBS/EFS, openEBS-lvm, gemini
@ -20,8 +20,9 @@ Kubernetes: `>= 1.24.0`
|------------|------|---------| |------------|------|---------|
| | aws-efs-csi-driver | 2.3.2 | | | aws-efs-csi-driver | 2.3.2 |
| | gemini | 1.0.0 | | | gemini | 1.0.0 |
| | lvm-localpv | 1.0.0 | | | lvm-localpv | 1.0.1 |
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
| https://k8up-io.github.io/k8up | k8up | 4.2.0 |
| https://kubernetes-sigs.github.io/aws-ebs-csi-driver | aws-ebs-csi-driver | 2.14.1 | | https://kubernetes-sigs.github.io/aws-ebs-csi-driver | aws-ebs-csi-driver | 2.14.1 |
## Values ## Values
@ -102,6 +103,18 @@ Kubernetes: `>= 1.24.0`
| gemini.resources.limits.memory | string | `"128Mi"` | | | gemini.resources.limits.memory | string | `"128Mi"` | |
| gemini.resources.requests.cpu | string | `"20m"` | | | gemini.resources.requests.cpu | string | `"20m"` | |
| gemini.resources.requests.memory | string | `"32Mi"` | | | gemini.resources.requests.memory | string | `"32Mi"` | |
| k8up.enabled | bool | `false` | |
| k8up.k8up.enableLeaderElection | bool | `false` | |
| k8up.metrics.serviceMonitor.enabled | bool | `true` | |
| k8up.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | |
| k8up.replicaCount | int | `1` | |
| k8up.resources.limits.memory | string | `"256Mi"` | |
| k8up.resources.requests.cpu | string | `"20m"` | |
| k8up.resources.requests.memory | string | `"32Mi"` | |
| k8up.tolerations[0].effect | string | `"NoSchedule"` | |
| k8up.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
| k8up.tolerations[1].effect | string | `"NoSchedule"` | |
| k8up.tolerations[1].key | string | `"node-role.kubernetes.io/control-plane"` | |
| lvm-localpv.analytics.enabled | bool | `false` | | | lvm-localpv.analytics.enabled | bool | `false` | |
| lvm-localpv.enabled | bool | `false` | | | lvm-localpv.enabled | bool | `false` | |
| lvm-localpv.lvmController.logLevel | int | `2` | | | lvm-localpv.lvmController.logLevel | int | `2` | |

View File

@ -1,4 +1,25 @@
# Helm chart # Helm chart
# v2.4.1
* Bump app/driver version to `v1.5.4`
# v2.4.0
* Bump app/driver version to `v1.5.3`
# v2.3.9
* Bump app/driver version to `v1.5.2`
# v2.3.8
* Bump app/driver version to `v1.5.1`
# v2.3.7
* Bump app/driver version to `v1.5.0`
# v2.3.6
* Bump app/driver version to `v1.4.9`
# v2.3.5
* Bump app/driver version to `v1.4.8`
# v2.3.4
* Bump app/driver version to `v1.4.7`
# v2.3.3
* Bump app/driver version to `v1.4.6`
# v2.3.2 # v2.3.2
* Bump app/driver version to `v1.4.5` * Bump app/driver version to `v1.4.5`

View File

@ -1,5 +1,5 @@
apiVersion: v2 apiVersion: v2
appVersion: 1.4.5 appVersion: 1.5.4
description: A Helm chart for AWS EFS CSI Driver description: A Helm chart for AWS EFS CSI Driver
home: https://github.com/kubernetes-sigs/aws-efs-csi-driver home: https://github.com/kubernetes-sigs/aws-efs-csi-driver
keywords: keywords:
@ -15,4 +15,4 @@ maintainers:
name: aws-efs-csi-driver name: aws-efs-csi-driver
sources: sources:
- https://github.com/kubernetes-sigs/aws-efs-csi-driver - https://github.com/kubernetes-sigs/aws-efs-csi-driver
version: 2.3.2 version: 2.4.1

View File

@ -15,7 +15,7 @@ spec:
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
{{- with .Values.controller.updateStrategy }} {{- with .Values.controller.updateStrategy }}
strategy: strategy:
type: {{ . }} {{ toYaml . | nindent 4 }}
{{- end }} {{- end }}
template: template:
metadata: metadata:

View File

@ -11,6 +11,10 @@ spec:
app: efs-csi-node app: efs-csi-node
app.kubernetes.io/name: {{ include "aws-efs-csi-driver.name" . }} app.kubernetes.io/name: {{ include "aws-efs-csi-driver.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
{{- with .Values.node.updateStrategy }}
updateStrategy:
{{ toYaml . | nindent 4 }}
{{- end }}
template: template:
metadata: metadata:
labels: labels:

View File

@ -11,26 +11,26 @@ useFIPS: false
image: image:
repository: amazon/aws-efs-csi-driver repository: amazon/aws-efs-csi-driver
tag: "v1.4.5" tag: "v1.5.4"
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
sidecars: sidecars:
livenessProbe: livenessProbe:
image: image:
repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe repository: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe
tag: v2.2.0-eks-1-18-13 tag: v2.8.0-eks-1-25-latest
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
resources: {} resources: {}
nodeDriverRegistrar: nodeDriverRegistrar:
image: image:
repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar repository: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar
tag: v2.1.0-eks-1-18-13 tag: v2.6.2-eks-1-25-latest
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
resources: {} resources: {}
csiProvisioner: csiProvisioner:
image: image:
repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner repository: public.ecr.aws/eks-distro/kubernetes-csi/external-provisioner
tag: v2.1.1-eks-1-18-13 tag: v3.3.0-eks-1-25-latest
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
resources: {} resources: {}
@ -68,6 +68,7 @@ controller:
# cpu: 100m # cpu: 100m
# memory: 128Mi # memory: 128Mi
nodeSelector: {} nodeSelector: {}
updateStrategy: {}
tolerations: [] tolerations: []
affinity: {} affinity: {}
# Specifies whether a service account should be created # Specifies whether a service account should be created
@ -112,6 +113,10 @@ node:
# cpu: 100m # cpu: 100m
# memory: 128Mi # memory: 128Mi
nodeSelector: {} nodeSelector: {}
updateStrategy: {}
# Override default strategy (RollingUpdate) to speed up deployment.
# This can be useful if helm timeouts are observed.
# type: OnDelete
tolerations: tolerations:
- operator: Exists - operator: Exists
# Specifies whether a service account should be created # Specifies whether a service account should be created

View File

@ -1,9 +1,9 @@
apiVersion: v1 apiVersion: v1
appVersion: "1.0" appVersion: "2.0"
description: Automated backup and restore of PersistentVolumes using the VolumeSnapshot description: Automated backup and restore of PersistentVolumes using the VolumeSnapshot
API API
maintainers: maintainers:
- email: robertb@fairwinds.com - email: robertb@fairwinds.com
name: rbren name: rbren
name: gemini name: gemini
version: 1.0.0 version: 2.0.0

View File

@ -16,12 +16,22 @@ See the [Gemini README](https://github.com/FairwindsOps/gemini) for more informa
## Installation ## Installation
```bash ```bash
helm repo add fairwinds-stable https://charts.fairwinds.com/stable helm repo add fairwinds-stable https://charts.fairwinds.com/stable
helm install gemini fairwinds-stable/gemini --namespace gemini helm install gemini fairwinds-stable/gemini --namespace gemini --create-namespace
``` ```
## Requirements ## Requirements
Your cluster must support the [VolumeSnapshot API](https://kubernetes.io/docs/concepts/storage/volume-snapshots/) Your cluster must support the [VolumeSnapshot API](https://kubernetes.io/docs/concepts/storage/volume-snapshots/)
## Upgrading to V2
Version 2.0 of Gemini updates the CRD from `v1beta1` to `v1`. There are no substantial
changes, but `v1` adds better support for PersistentVolumeClaims on Kubernetes 1.25.
If you want to keep the v1beta1 CRD available, you can run:
```
kubectl apply -f https://raw.githubusercontent.com/FairwindsOps/gemini/main/pkg/types/snapshotgroup/v1beta1/crd-with-beta1.yaml
```
before upgrading, and add `--skip-crds` when running `helm install`.
## Values ## Values
| Key | Type | Default | Description | | Key | Type | Default | Description |

View File

@ -16,10 +16,21 @@ See the [Gemini README](https://github.com/FairwindsOps/gemini) for more informa
## Installation ## Installation
```bash ```bash
helm repo add fairwinds-stable https://charts.fairwinds.com/stable helm repo add fairwinds-stable https://charts.fairwinds.com/stable
helm install gemini fairwinds-stable/gemini --namespace gemini helm install gemini fairwinds-stable/gemini --namespace gemini --create-namespace
``` ```
## Requirements ## Requirements
Your cluster must support the [VolumeSnapshot API](https://kubernetes.io/docs/concepts/storage/volume-snapshots/) Your cluster must support the [VolumeSnapshot API](https://kubernetes.io/docs/concepts/storage/volume-snapshots/)
## Upgrading to V2
Version 2.0 of Gemini updates the CRD from `v1beta1` to `v1`. There are no substantial
changes, but `v1` adds better support for PersistentVolumeClaims on Kubernetes 1.25.
If you want to keep the v1beta1 CRD available, you can run:
```
kubectl apply -f https://raw.githubusercontent.com/FairwindsOps/gemini/main/pkg/types/snapshotgroup/v1beta1/crd-with-beta1.yaml
```
before upgrading, and add `--skip-crds` when running `helm install`.
{{ template "chart.valuesSection" . }} {{ template "chart.valuesSection" . }}

View File

@ -0,0 +1,87 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: snapshotgroups.gemini.fairwinds.com
spec:
group: gemini.fairwinds.com
names:
plural: snapshotgroups
singular: snapshotgroup
kind: SnapshotGroup
listKind: SnapshotGroupList
scope: Namespaced
versions:
- name: v1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
persistentVolumeClaim:
type: object
properties:
claimName:
description: PersistentVolumeClaim name to backup
type: string
spec:
description: PersistentVolumeClaim spec to create and backup
type: object
properties:
storageClassName:
type: string
accessModes:
type: array
items:
type: string
volumeName:
type: string
resources:
type: object
properties:
requests:
type: object
additionalProperties: true
limits:
type: object
properties:
storageClassName:
type: string
additionalProperties: true
selector:
type: object
properties:
matchLabels:
type: object
additionalProperties: true
matchExpressions:
type: array
items:
type: object
additionalProperties: true
schedule:
type: array
items:
type: object
properties:
every:
description: Interval for creating new backups
type: string
keep:
description: Number of historical backups to keep
type: integer
template:
type: object
properties:
spec:
description: VolumeSnapshot spec
type: object
properties:
volumeSnapshotClassName:
description: 'VolumeSnapshotClassName is the name of the VolumeSnapshotClass requested by the VolumeSnapshot. VolumeSnapshotClassName may be left nil to indicate that the default SnapshotClass should be used. A given cluster may have multiple default Volume SnapshotClasses: one default per CSI Driver. If a VolumeSnapshot does not specify a SnapshotClass, VolumeSnapshotSource will be checked to figure out what the associated CSI Driver is, and the default VolumeSnapshotClass associated with that CSI Driver will be used. If more than one VolumeSnapshotClass exist for a given CSI Driver and more than one have been marked as default, CreateSnapshot will fail and generate an event. Empty string is not allowed for this field.'
type: string
conversion:
strategy: None

View File

@ -20,4 +20,4 @@ maintainers:
name: lvm-localpv name: lvm-localpv
sources: sources:
- https://github.com/openebs/lvm-localpv - https://github.com/openebs/lvm-localpv
version: 1.0.0 version: 1.0.1

View File

@ -131,7 +131,7 @@ spec:
emptyDir: {} emptyDir: {}
{{- if .Values.imagePullSecrets }} {{- if .Values.imagePullSecrets }}
imagePullSecrets: imagePullSecrets:
{{ toYaml .Values.imagePullSecrets | indent 2 }} {{ toYaml .Values.imagePullSecrets | indent 8 }}
{{- end }} {{- end }}
{{- if .Values.lvmController.nodeSelector }} {{- if .Values.lvmController.nodeSelector }}
nodeSelector: nodeSelector:

View File

@ -140,7 +140,7 @@ spec:
type: Directory type: Directory
{{- if .Values.imagePullSecrets }} {{- if .Values.imagePullSecrets }}
imagePullSecrets: imagePullSecrets:
{{ toYaml .Values.imagePullSecrets | indent 2 }} {{ toYaml .Values.imagePullSecrets | indent 8 }}
{{- end }} {{- end }}
{{- if .Values.lvmNode.nodeSelector }} {{- if .Values.lvmNode.nodeSelector }}
nodeSelector: nodeSelector:

File diff suppressed because it is too large Load Diff

View File

@ -1,17 +1,6 @@
diff -tuNr charts/aws-efs-csi-driver.orig/templates/controller-deployment.yaml charts/aws-efs-csi-driver/templates/controller-deployment.yaml diff -tuNr charts/aws-efs-csi-driver.orig/templates/controller-deployment.yaml charts/aws-efs-csi-driver/templates/controller-deployment.yaml
--- charts/aws-efs-csi-driver.orig/templates/controller-deployment.yaml 2022-10-11 20:57:20.000000000 +0200 --- charts/aws-efs-csi-driver.orig/templates/controller-deployment.yaml 2022-10-11 20:57:20.000000000 +0200
+++ charts/aws-efs-csi-driver/templates/controller-deployment.yaml 2022-10-12 22:40:48.100658738 +0200 +++ charts/aws-efs-csi-driver/templates/controller-deployment.yaml 2022-10-12 22:40:48.100658738 +0200
@@ -13,6 +13,10 @@
app: efs-csi-controller
app.kubernetes.io/name: {{ include "aws-efs-csi-driver.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
+ {{- with .Values.controller.updateStrategy }}
+ strategy:
+ type: {{ . }}
+ {{- end }}
template:
metadata:
labels:
@@ -69,9 +73,14 @@ @@ -69,9 +73,14 @@
- name: AWS_USE_FIPS_ENDPOINT - name: AWS_USE_FIPS_ENDPOINT
value: "true" value: "true"

View File

@ -18,7 +18,7 @@
"subdir": "contrib/mixin" "subdir": "contrib/mixin"
} }
}, },
"version": "9e3966fbce6dccd2271b7ade588fefeb4ca7b247", "version": "5872b80ed5e1aca4f6bb1d9a00b60e24826b9631",
"sum": "W/Azptf1PoqjyMwJON96UY69MFugDA4IAYiKURscryc=" "sum": "W/Azptf1PoqjyMwJON96UY69MFugDA4IAYiKURscryc="
}, },
{ {
@ -28,7 +28,7 @@
"subdir": "grafonnet" "subdir": "grafonnet"
} }
}, },
"version": "30280196507e0fe6fa978a3e0eaca3a62844f817", "version": "f0b70307b8e5f12236b277883d998af129a8211f",
"sum": "342u++/7rViR/zj2jeJOjshzglkZ1SY+hFNuyCBFMdc=" "sum": "342u++/7rViR/zj2jeJOjshzglkZ1SY+hFNuyCBFMdc="
}, },
{ {
@ -38,7 +38,7 @@
"subdir": "grafana-builder" "subdir": "grafana-builder"
} }
}, },
"version": "d68f9a6e0b1af7c4c4056dc2b43fb8f3bac01f43", "version": "713f3cae6766cbcbadce69074cb88c5538c8cb5c",
"sum": "tDR6yT2GVfw0wTU12iZH+m01HrbIr6g/xN+/8nzNkU0=" "sum": "tDR6yT2GVfw0wTU12iZH+m01HrbIr6g/xN+/8nzNkU0="
}, },
{ {
@ -58,7 +58,7 @@
"subdir": "lib/promgrafonnet" "subdir": "lib/promgrafonnet"
} }
}, },
"version": "3c386687c1f8ceb6b79ff887c4a934e9cee1b90a", "version": "eed459199703c969afc318ea55b9361ae48180a7",
"sum": "zv7hXGui6BfHzE9wPatHI/AGZa4A2WKo6pq7ZdqBsps=" "sum": "zv7hXGui6BfHzE9wPatHI/AGZa4A2WKo6pq7ZdqBsps="
}, },
{ {

View File

@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
set -ex set -ex
helm dependencies update #helm dependencies update
### Gemini ### Gemini
rm -rf charts/gemini rm -rf charts/gemini
@ -9,6 +9,10 @@ helm pull fairwinds-stable/gemini --untar --untardir charts
# Patch to run gemini on controller nodes # Patch to run gemini on controller nodes
patch -p0 -i gemini.patch --no-backup-if-mismatch patch -p0 -i gemini.patch --no-backup-if-mismatch
# k8up
VERSION=$(yq eval '.dependencies[] | select(.name=="k8up") | .version' Chart.yaml)
curl -L -s -o crds/k8up.yaml https://github.com/k8up-io/k8up/releases/download/k8up-${VERSION}/k8up-crd.yaml
### openEBS ### openEBS
VERSION=$(yq eval '.dependencies[] | select(.name=="lvm-localpv") | .version' Chart.yaml) VERSION=$(yq eval '.dependencies[] | select(.name=="lvm-localpv") | .version' Chart.yaml)
helm repo add openebs-lvmlocalpv https://openebs.github.io/lvm-localpv || true helm repo add openebs-lvmlocalpv https://openebs.github.io/lvm-localpv || true

View File

@ -51,6 +51,33 @@ lvm-localpv:
prometheus: prometheus:
enabled: false enabled: false
k8up:
enabled: false
replicaCount: 1
k8up:
enableLeaderElection: false
metrics:
serviceMonitor:
enabled: true
resources:
requests:
memory: 32Mi
cpu: 20m
limits:
memory: 256Mi
#cpu: 400m
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
nodeSelector:
node-role.kubernetes.io/control-plane: ""
gemini: gemini:
enabled: false enabled: false
# verbosity: 1 # verbosity: 1
@ -66,7 +93,6 @@ gemini:
memory: 128Mi memory: 128Mi
cpu: 400m cpu: 400m
aws-ebs-csi-driver: aws-ebs-csi-driver:
enabled: false enabled: false

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero name: kubezero
description: KubeZero - Root App of Apps chart description: KubeZero - Root App of Apps chart
type: application type: application
version: 1.24.9 version: 1.25.8
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:
@ -13,6 +13,6 @@ maintainers:
email: stefan@zero-downtime.net email: stefan@zero-downtime.net
dependencies: dependencies:
- name: kubezero-lib - name: kubezero-lib
version: ">= 0.1.5" version: ">= 0.1.6"
repository: https://cdn.zero-downtime.net/charts repository: https://cdn.zero-downtime.net/charts
kubeVersion: ">= 1.24.0" kubeVersion: ">= 1.25.0"

View File

@ -32,7 +32,7 @@ Kubernetes: `>= 1.24.0`
| addons.external-dns.enabled | bool | `false` | | | addons.external-dns.enabled | bool | `false` | |
| addons.forseti.enabled | bool | `false` | | | addons.forseti.enabled | bool | `false` | |
| addons.sealed-secrets.enabled | bool | `false` | | | addons.sealed-secrets.enabled | bool | `false` | |
| addons.targetRevision | string | `"0.7.3"` | | | addons.targetRevision | string | `"0.7.4"` | |
| argocd.argocd-image-updater.enabled | bool | `false` | | | argocd.argocd-image-updater.enabled | bool | `false` | |
| argocd.enabled | bool | `false` | | | argocd.enabled | bool | `false` | |
| argocd.istio.enabled | bool | `false` | | | argocd.istio.enabled | bool | `false` | |
@ -76,9 +76,9 @@ Kubernetes: `>= 1.24.0`
| storage.aws-efs-csi-driver.enabled | bool | `false` | | | storage.aws-efs-csi-driver.enabled | bool | `false` | |
| storage.enabled | bool | `false` | | | storage.enabled | bool | `false` | |
| storage.gemini.enabled | bool | `false` | | | storage.gemini.enabled | bool | `false` | |
| storage.k8up.enabled | bool | `false` | |
| storage.snapshotController.enabled | bool | `false` | | | storage.snapshotController.enabled | bool | `false` | |
| storage.targetRevision | string | `"0.7.4"` | | | storage.targetRevision | string | `"0.8.0"` | |
| storage.velero.enabled | bool | `false` | |
---------------------------------------------- ----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)

View File

@ -12,13 +12,13 @@ gemini:
{{- toYaml . | nindent 2 }} {{- toYaml . | nindent 2 }}
{{- end }} {{- end }}
{{- with .Values.storage.velero }} {{- with .Values.storage.k8up }}
velero: k8up:
{{- toYaml . | nindent 2 }} {{- toYaml . | nindent 2 }}
{{- end }} {{- end }}
snapshotController: snapshotController:
enabled: {{ default false (or (index .Values "storage" "velero" "enabled") (index .Values "storage" "gemini" "enabled")) }} enabled: {{ default false (index .Values "storage" "gemini" "enabled") }}
aws-ebs-csi-driver: aws-ebs-csi-driver:
enabled: {{ default false (index .Values "storage" "aws-ebs-csi-driver" "enabled")}} enabled: {{ default false (index .Values "storage" "aws-ebs-csi-driver" "enabled")}}

View File

@ -10,7 +10,7 @@ global:
addons: addons:
enabled: true enabled: true
targetRevision: 0.7.3 targetRevision: 0.7.4
external-dns: external-dns:
enabled: false enabled: false
forseti: forseti:
@ -29,7 +29,7 @@ addons:
network: network:
enabled: true enabled: true
retain: true retain: true
targetRevision: 0.4.2 targetRevision: 0.4.3
cilium: cilium:
cluster: {} cluster: {}
@ -40,12 +40,12 @@ cert-manager:
storage: storage:
enabled: false enabled: false
targetRevision: 0.7.4 targetRevision: 0.8.1
aws-ebs-csi-driver: aws-ebs-csi-driver:
enabled: false enabled: false
aws-efs-csi-driver: aws-efs-csi-driver:
enabled: false enabled: false
velero: k8up:
enabled: false enabled: false
gemini: gemini:
enabled: false enabled: false
@ -55,13 +55,13 @@ storage:
istio: istio:
enabled: false enabled: false
namespace: istio-system namespace: istio-system
targetRevision: 0.9.0 targetRevision: 0.9.1
istio-ingress: istio-ingress:
enabled: false enabled: false
chart: kubezero-istio-gateway chart: kubezero-istio-gateway
namespace: istio-ingress namespace: istio-ingress
targetRevision: 0.9.0 targetRevision: 0.9.1
gateway: gateway:
service: {} service: {}
@ -69,7 +69,7 @@ istio-private-ingress:
enabled: false enabled: false
chart: kubezero-istio-gateway chart: kubezero-istio-gateway
namespace: istio-ingress namespace: istio-ingress
targetRevision: 0.9.0 targetRevision: 0.9.1
gateway: gateway:
service: {} service: {}
@ -84,7 +84,7 @@ metrics:
logging: logging:
enabled: false enabled: false
namespace: logging namespace: logging
targetRevision: 0.8.4 targetRevision: 0.8.5
argocd: argocd:
enabled: false enabled: false

View File

@ -0,0 +1,19 @@
#!/bin/bash
# set -x
LOC=$(cd $1; pwd -P)
TMP=$(mktemp -d)
cd $TMP
for f in $(grep -Rl "kind: SealedSecret" $LOC); do
echo "Re-encrypting: $f"
csplit -z -s $f -f secret- -b %02d.yaml '/^---$/' '{*}'
for s in secret-*.yaml; do
kubeseal --re-encrypt -f $s -w new -o yaml && cat new >> $f.new && rm new $s
echo "---" >> $f.new
done
head -n -1 $f.new > $f && rm $f.new
done