From 8c9d66590037940a1408f8f639b3fdb31e3b72a0 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Mon, 4 Nov 2024 13:41:40 +0000 Subject: [PATCH] feat: add cloudnative-pg operator, migrate keycloak and gitea to pg --- admin/dev_apply.sh | 9 +- charts/kubezero-argo/values.yaml | 6 +- charts/kubezero-auth/Chart.yaml | 6 +- charts/kubezero-auth/README.md | 5 +- charts/kubezero-auth/values.yaml | 30 +-- charts/kubezero-ci/values.yaml | 6 +- charts/kubezero-operators/Chart.yaml | 7 +- charts/kubezero-operators/README.md | 8 +- .../charts/eck-operator/Chart.yaml | 4 +- .../charts/eck-operator/crds/all-crds.yaml | 247 +++++++++++++++--- charts/kubezero-operators/values.yaml | 8 + .../templates/lvm/volumesnapshotclass.yaml | 2 +- charts/kubezero/templates/operators.yaml | 12 + 13 files changed, 276 insertions(+), 74 deletions(-) diff --git a/admin/dev_apply.sh b/admin/dev_apply.sh index 56f55829..e2a47903 100755 --- a/admin/dev_apply.sh +++ b/admin/dev_apply.sh @@ -84,8 +84,13 @@ get_kubezero_values $ARGOCD # Always use embedded kubezero chart helm template $CHARTS/kubezero -f $WORKDIR/kubezero-values.yaml --kube-version $KUBE_VERSION --version ~$KUBE_VERSION --devel --output-dir $WORKDIR -# Resolve all the all enabled artifacts -if [ ${ARTIFACTS[0]} == "all" ]; then +# Root KubeZero apply directly and exit +if [ ${ARTIFACTS[0]} == "kubezero" ]; then + kubectl apply -f $WORKDIR/kubezero/templates + exit $? + +# "catch all" apply all enabled modules +elif [ ${ARTIFACTS[0]} == "all" ]; then ARTIFACTS=($(ls $WORKDIR/kubezero/templates | sed -e 's/.yaml//g')) fi diff --git a/charts/kubezero-argo/values.yaml b/charts/kubezero-argo/values.yaml index ee82a163..04181d5d 100644 --- a/charts/kubezero-argo/values.yaml +++ b/charts/kubezero-argo/values.yaml @@ -54,8 +54,8 @@ argo-cd: .sidebar { background: linear-gradient(to bottom, #6A4D79, #493558, #2D1B30, #0D0711); } cm: - ui.bannercontent: "KubeZero v1.29 - Release notes" - ui.bannerurl: "https://kubezero.com/releases/v1.29" + ui.bannercontent: "KubeZero v1.30 - Release notes" + ui.bannerurl: "https://kubezero.com/releases/v1.30" ui.bannerpermanent: "true" ui.bannerposition: "bottom" @@ -97,7 +97,7 @@ argo-cd: # argocdServerAdminPasswordMtime: "2020-04-24T15:33:09BST" ssh: - extraHosts: "git.zero-downtime.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8YdJ4YcOK7A0K7qOWsRjCS+wHTStXRcwBe7gjG43HPSNijiCKoGf/c+tfNsRhyouawg7Law6M6ahmS/jKWBpznRIM+OdOFVSuhnK/nr6h6wG3/ZfdLicyAPvx1/STGY/Fc6/zXA88i/9PV+g84gSVmhf3fGY92wokiASiu9DU4T9dT1gIkdyOX6fbMi1/mMKLSrHnAQcjyasYDvw9ISCJ95EoSwbj7O4c+7jo9fxYvdCfZZZAEZGozTRLAAO0AnjVcRah7bZV/jfHJuhOipV/TB7UVAhlVv1dfGV7hoTp9UKtKZFJF4cjIrSGxqQA/mdhSdLgkepK7yc4Jp2xGnaarhY29DfqsQqop+ugFpTbj7Xy5Rco07mXc6XssbAZhI1xtCOX20N4PufBuYippCK5AE6AiAyVtJmvfGQk4HP+TjOyhFo7PZm3wc9Hym7IBBVC0Sl30K8ddufkAgHwNGvvu1ZmD9ZWaMOXJDHBCZGMMr16QREZwVtZTwMEQalc7/yqmuqMhmcJIfs/GA2Lt91y+pq9C8XyeUL0VFPch0vkcLSRe3ghMZpRFJ/ht307xPcLzgTJqN6oQtNNDzSQglSEjwhge2K4GyWcIh+oGsWxWz5dHyk1iJmw90Y976BZIl/mYVgbTtZAJ81oGe/0k5rAe+LDL+Yq6tG28QFOg0QmiQ==" + extraHosts: "git.zero-downtime.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7UgK7Z4dDcuIW1uMOsuwhrqdkJCvYG/ZjHtLM7WaKFxVRnzNnNkQJNncWIGNDUQ1xxrbsoSNRZDtk0NlOjNtx2aApSWl4iWghkpXELvsZtOZ7I9FSC/E6ImLC3KWfK7P0mhZaF6kHPfpu8Y6pjUyLBTpV1AaVwr0I8onyqGazJOVotTFaBFEi/sT0O2FUk7agwZYfj61w3JGOy3c+fmBcK3lXf/QM90tosOpJNuJ7n5Vk5FDDLkl9rO4XR/+mXHFvITiWb8F5C50YAwjYcy36yWSSryUAAHAuqpgotwh65vSG6fZvFhmEwO2BrCkOV5+k8iRfhy/yZODJzZ5V/5cbMbdZrY6lm/p5/S1wv8BEyPekBGdseqQjEO0IQiQHcMrfgTrrQ7ndbZzVZRByZI+wbGFkBCzNSJcNsoiHjs2EblxYyuW0qUvvrBxLnySvaxyPm4BOukSAZAOEaUrajpQlnHdnY1CGcgbwxw0LNv3euKQ3tDJSUlKO0Wd8d85PRv1THW4Ui9Lhsmv+BPA2vJZDOkx/n0oyPFAB0oyd5JNM38eFxLCmPC2OE63gDP+WmzVO61YCVTnvhpQjEOLawEWVFsk0y25R5z5BboDqJaOFnZF6i517O96cn17z3Ls4hxw3+0rlKczYRoyfUHs7KQENa4mY8YlJweNTBgld//RMUQ==" params: controller.status.processors: "10" diff --git a/charts/kubezero-auth/Chart.yaml b/charts/kubezero-auth/Chart.yaml index 63e5108a..e9dab7cb 100644 --- a/charts/kubezero-auth/Chart.yaml +++ b/charts/kubezero-auth/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: kubezero-auth description: KubeZero umbrella chart for all things Authentication and Identity management type: application -version: 0.5.2 -appVersion: 22.0.5 +version: 0.6.0 +appVersion: 26.0.5 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: @@ -18,6 +18,6 @@ dependencies: repository: https://cdn.zero-downtime.net/charts/ - name: keycloak repository: "oci://registry-1.docker.io/bitnamicharts" - version: 24.0.1 + version: 24.0.4 condition: keycloak.enabled kubeVersion: ">= 1.26.0" diff --git a/charts/kubezero-auth/README.md b/charts/kubezero-auth/README.md index 0fa25766..b9413375 100644 --- a/charts/kubezero-auth/README.md +++ b/charts/kubezero-auth/README.md @@ -1,6 +1,6 @@ # kubezero-auth -![Version: 0.5.1](https://img.shields.io/badge/Version-0.5.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 22.0.5](https://img.shields.io/badge/AppVersion-22.0.5-informational?style=flat-square) +![Version: 0.6.0](https://img.shields.io/badge/Version-0.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 26.0.5](https://img.shields.io/badge/AppVersion-26.0.5-informational?style=flat-square) KubeZero umbrella chart for all things Authentication and Identity management @@ -19,7 +19,7 @@ Kubernetes: `>= 1.26.0` | Repository | Name | Version | |------------|------|---------| | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | -| oci://registry-1.docker.io/bitnamicharts | keycloak | 22.2.1 | +| oci://registry-1.docker.io/bitnamicharts | keycloak | 24.0.4 | # Keycloak @@ -55,6 +55,7 @@ https://github.com/keycloak/keycloak-benchmark/tree/main/provision/minikube/keyc | keycloak.postgresql.auth.database | string | `"keycloak"` | | | keycloak.postgresql.auth.existingSecret | string | `"kubezero-auth"` | | | keycloak.postgresql.auth.username | string | `"keycloak"` | | +| keycloak.postgresql.enabled | bool | `false` | | | keycloak.postgresql.primary.persistence.size | string | `"1Gi"` | | | keycloak.postgresql.primary.resources.limits.memory | string | `"128Mi"` | | | keycloak.postgresql.primary.resources.requests.cpu | string | `"100m"` | | diff --git a/charts/kubezero-auth/values.yaml b/charts/kubezero-auth/values.yaml index bf66d7d1..d24e7fac 100644 --- a/charts/kubezero-auth/values.yaml +++ b/charts/kubezero-auth/values.yaml @@ -7,7 +7,7 @@ keycloak: auth: adminUser: admin - existingSecret: kubezero-auth + existingSecret: keycloak-auth passwordSecretKey: admin-password replicaCount: 1 @@ -29,26 +29,16 @@ keycloak: serviceMonitor: enabled: true + externalDatabase: + host: "keycloak-pg-rw" + port: 5432 + user: keycloak + database: keycloak + existingSecret: keycloak-pg + existingSecretPasswordKey: "password" + postgresql: - auth: - existingSecret: kubezero-auth - username: keycloak - database: keycloak - - primary: - persistence: - size: 1Gi - - resources: - limits: - #cpu: 750m - memory: 128Mi - requests: - cpu: 100m - memory: 64Mi - - readReplicas: - replicaCount: 0 + enabled: false istio: admin: diff --git a/charts/kubezero-ci/values.yaml b/charts/kubezero-ci/values.yaml index 0378632f..ec5abbe3 100644 --- a/charts/kubezero-ci/values.yaml +++ b/charts/kubezero-ci/values.yaml @@ -21,8 +21,8 @@ gitea: capabilities: drop: - ALL - add: - - SYS_CHROOT + # add: + # - SYS_CHROOT resources: requests: @@ -71,6 +71,8 @@ gitea: DEFAULT_THEME: "gitea-dark" log: LEVEL: warn + ssh.minimum_key_sizes: + RSA: 2047 redis-cluster: enabled: false diff --git a/charts/kubezero-operators/Chart.yaml b/charts/kubezero-operators/Chart.yaml index cebfe605..d5f97801 100644 --- a/charts/kubezero-operators/Chart.yaml +++ b/charts/kubezero-operators/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: kubezero-operators -description: Various operators supported by KubeZero +description: Various operators supported by KubeZero type: application version: 0.1.5 home: https://kubezero.com @@ -9,6 +9,7 @@ keywords: - kubezero - operators - opensearch + - postgres maintainers: - name: Stefan Reimer email: stefan@zero-downtime.net @@ -24,4 +25,8 @@ dependencies: version: 2.14.0 repository: https://helm.elastic.co condition: eck-operator.enabled + - name: cloudnative-pg + version: 0.22.1 + repository: https://cloudnative-pg.github.io/charts + condition: cloudnative-pg.enabled kubeVersion: ">= 1.26.0" diff --git a/charts/kubezero-operators/README.md b/charts/kubezero-operators/README.md index 2235f8c2..f99cc972 100644 --- a/charts/kubezero-operators/README.md +++ b/charts/kubezero-operators/README.md @@ -1,6 +1,6 @@ # kubezero-operators -![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) Various operators supported by KubeZero @@ -19,7 +19,8 @@ Kubernetes: `>= 1.26.0` | Repository | Name | Version | |------------|------|---------| | https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 | -| https://helm.elastic.co | eck-operator | 2.13.0 | +| https://cloudnative-pg.github.io/charts | cloudnative-pg | 0.22.1 | +| https://helm.elastic.co | eck-operator | 2.14.0 | | https://opensearch-project.github.io/opensearch-k8s-operator/ | opensearch-operator | 2.6.1 | ## Values @@ -39,3 +40,6 @@ Kubernetes: `>= 1.26.0` | opensearch-operator.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | | | opensearch-operator.tolerations[0].effect | string | `"NoSchedule"` | | | opensearch-operator.tolerations[0].key | string | `"node-role.kubernetes.io/control-plane"` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/kubezero-operators/charts/eck-operator/Chart.yaml b/charts/kubezero-operators/charts/eck-operator/Chart.yaml index 774c48f4..d3d930b0 100644 --- a/charts/kubezero-operators/charts/eck-operator/Chart.yaml +++ b/charts/kubezero-operators/charts/eck-operator/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 2.13.0 +appVersion: 2.14.0 description: Elastic Cloud on Kubernetes (ECK) operator home: https://github.com/elastic/cloud-on-k8s icon: https://helm.elastic.co/icons/eck.png @@ -18,4 +18,4 @@ maintainers: name: Elastic name: eck-operator type: application -version: 2.13.0 +version: 2.14.0 diff --git a/charts/kubezero-operators/charts/eck-operator/crds/all-crds.yaml b/charts/kubezero-operators/charts/eck-operator/crds/all-crds.yaml index 88bc7ee0..fe8c8974 100644 --- a/charts/kubezero-operators/charts/eck-operator/crds/all-crds.yaml +++ b/charts/kubezero-operators/charts/eck-operator/crds/all-crds.yaml @@ -4,14 +4,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: agents.agent.k8s.elastic.co spec: group: agent.k8s.elastic.co @@ -394,6 +394,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -509,6 +510,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -640,6 +642,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -888,6 +900,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: |- dataSource field can be used to specify either: @@ -1031,11 +1044,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1063,7 +1078,7 @@ spec: If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. type: string volumeMode: @@ -1135,14 +1150,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: apmservers.apm.k8s.elastic.co spec: group: apm.k8s.elastic.co @@ -1336,6 +1351,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -1451,6 +1467,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -1582,6 +1599,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -1958,6 +1985,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -2073,6 +2101,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -2204,6 +2233,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -2358,14 +2397,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: beats.beat.k8s.elastic.co spec: group: beat.k8s.elastic.co @@ -2847,14 +2886,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: elasticmapsservers.maps.k8s.elastic.co spec: group: maps.k8s.elastic.co @@ -3060,6 +3099,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -3175,6 +3215,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -3306,6 +3347,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -3446,14 +3497,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: elasticsearchautoscalers.autoscaling.k8s.elastic.co spec: group: autoscaling.k8s.elastic.co @@ -3804,14 +3855,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: elasticsearches.elasticsearch.k8s.elastic.co spec: group: elasticsearch.k8s.elastic.co @@ -4002,6 +4053,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -4117,6 +4169,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -4248,6 +4301,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -4492,6 +4555,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: |- dataSource field can be used to specify either: @@ -4636,11 +4700,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -4668,7 +4734,7 @@ spec: If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. type: string volumeMode: @@ -4773,11 +4839,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -5004,6 +5072,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -5119,6 +5188,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -5250,6 +5320,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -5304,6 +5384,15 @@ spec: extension of each Elasticsearch node's transport TLS certificate. Example: if set to "node.cluster.local", the generated certificate will have its otherName set to ".node.cluster.local". type: string + selfSignedCertificates: + description: SelfSignedCertificates allows configuring the + self-signed certificate generated by the operator. + properties: + disabled: + description: Disabled indicates that provisioning of the + self-signed certificates should be disabled. + type: boolean + type: object subjectAltNames: description: SubjectAlternativeNames is a list of SANs to include in the generated node transport TLS certificates. @@ -5693,6 +5782,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -5808,6 +5898,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -5939,6 +6030,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -6090,6 +6191,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: |- dataSource field can be used to specify either: @@ -6234,11 +6336,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -6266,7 +6370,7 @@ spec: If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. type: string volumeMode: @@ -6372,11 +6476,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -6521,14 +6627,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: enterprisesearches.enterprisesearch.k8s.elastic.co spec: group: enterprisesearch.k8s.elastic.co @@ -6733,6 +6839,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -6848,6 +6955,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -6979,6 +7087,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -7306,6 +7424,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -7421,6 +7540,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -7552,6 +7672,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -7678,14 +7808,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: kibanas.kibana.k8s.elastic.co spec: group: kibana.k8s.elastic.co @@ -7909,6 +8039,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -8024,6 +8155,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -8155,6 +8287,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -8592,6 +8734,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -8707,6 +8850,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -8838,6 +8982,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -8981,14 +9135,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: logstashes.logstash.k8s.elastic.co spec: group: logstash.k8s.elastic.co @@ -9374,6 +9528,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic externalName: description: |- externalName is the external reference that discovery mechanisms will @@ -9489,6 +9644,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic ports: description: |- The list of ports that are exposed by this service. @@ -9620,6 +9776,16 @@ spec: type: integer type: object type: object + trafficDistribution: + description: |- + TrafficDistribution offers a way to express preferences for how traffic is + distributed to Service endpoints. Implementations can use this field as a + hint, but are not required to guarantee strict adherence. If the field is + not set, the implementation will apply its default routing strategy. If set + to "PreferClose", implementations should prioritize endpoints that are + topologically close (e.g., same zone). + This is an alpha field and requires enabling ServiceTrafficDistribution feature. + type: string type: description: |- type determines how the Service is exposed. Defaults to ClusterIP. Valid @@ -9782,6 +9948,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: description: |- dataSource field can be used to specify either: @@ -9921,11 +10088,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -9953,7 +10122,7 @@ spec: If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. type: string volumeMode: @@ -9979,6 +10148,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic allocatedResourceStatuses: additionalProperties: description: |- @@ -10068,7 +10238,7 @@ spec: conditions: description: |- conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'ResizeStarted'. + resized then the Condition will be set to 'Resizing'. items: description: PersistentVolumeClaimCondition contains details about state of pvc @@ -10090,7 +10260,7 @@ spec: reason: description: |- reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "ResizeStarted" that means the underlying + for condition's last transition. If it reports "Resizing" that means the underlying persistent volume is being resized. type: string status: @@ -10104,6 +10274,9 @@ spec: - type type: object type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map currentVolumeAttributesClassName: description: |- currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. @@ -10205,14 +10378,14 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.15.0 helm.sh/resource-policy: keep labels: app.kubernetes.io/instance: 'logging' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'eck-operator-crds' - app.kubernetes.io/version: '2.13.0' - helm.sh/chart: 'eck-operator-crds-2.13.0' + app.kubernetes.io/version: '2.14.0' + helm.sh/chart: 'eck-operator-crds-2.14.0' name: stackconfigpolicies.stackconfigpolicy.k8s.elastic.co spec: group: stackconfigpolicy.k8s.elastic.co @@ -10445,11 +10618,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string diff --git a/charts/kubezero-operators/values.yaml b/charts/kubezero-operators/values.yaml index 34be69ad..7da6346c 100644 --- a/charts/kubezero-operators/values.yaml +++ b/charts/kubezero-operators/values.yaml @@ -27,3 +27,11 @@ eck-operator: effect: NoSchedule nodeSelector: node-role.kubernetes.io/control-plane: "" + +cloudnative-pg: + enabled: false + tolerations: + - key: node-role.kubernetes.io/control-plane + effect: NoSchedule + nodeSelector: + node-role.kubernetes.io/control-plane: "" diff --git a/charts/kubezero-storage/templates/lvm/volumesnapshotclass.yaml b/charts/kubezero-storage/templates/lvm/volumesnapshotclass.yaml index cdaf9cd3..ef76aa20 100644 --- a/charts/kubezero-storage/templates/lvm/volumesnapshotclass.yaml +++ b/charts/kubezero-storage/templates/lvm/volumesnapshotclass.yaml @@ -2,7 +2,7 @@ kind: VolumeSnapshotClass apiVersion: snapshot.storage.k8s.io/v1 metadata: - name: lvmpv-snapclass + name: openebs-lvm-snapshots #annotations: # snapshot.storage.kubernetes.io/is-default-class: "true" labels: diff --git a/charts/kubezero/templates/operators.yaml b/charts/kubezero/templates/operators.yaml index 70f65639..9bd5d5fd 100644 --- a/charts/kubezero/templates/operators.yaml +++ b/charts/kubezero/templates/operators.yaml @@ -10,6 +10,18 @@ eck-operator: {{- toYaml . | nindent 2 }} {{- end }} +{{- with index .Values "operators" "cloudnative-pg" }} +cloudnative-pg: + {{- toYaml . | nindent 2 }} + + {{- with $.Values.metrics }} + monitoring: + podMonitorEnabled: {{ .enabled }} + grafanaDashboard: + create: {{ .enabled }} + {{- end }} +{{- end }} + {{- end }}