From e7b9493e2ee5ac64e7d4c5d84a0bfce721fe530b Mon Sep 17 00:00:00 2001
From: Stefan Reimer <stefan@zero-downtime.net>
Date: Tue, 21 Dec 2021 16:05:08 +0100
Subject: [PATCH] fix: various bugfixes for 1.21 cluster

---
 charts/kubezero-addons/Chart.yaml             |  2 +-
 .../templates/cluster-backup/cronjob.yaml     |  1 +
 charts/kubezero-addons/values.yaml            |  2 ++
 charts/kubezero-network/Chart.yaml            |  2 +-
 .../templates/multus/daemonset.yaml           | 29 +++++++------------
 charts/kubezero/Chart.yaml                    |  2 +-
 charts/kubezero/templates/addons.yaml         |  1 +
 charts/kubezero/values.yaml                   |  2 +-
 containers/admin/v1.21/kubezero.sh            |  8 ++---
 containers/admin/v1.21/migrate_argo.sh        | 29 +++++++++++++++++++
 10 files changed, 51 insertions(+), 27 deletions(-)
 create mode 100755 containers/admin/v1.21/migrate_argo.sh

diff --git a/charts/kubezero-addons/Chart.yaml b/charts/kubezero-addons/Chart.yaml
index a3df2af..f34399c 100644
--- a/charts/kubezero-addons/Chart.yaml
+++ b/charts/kubezero-addons/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: kubezero-addons
 description: KubeZero umbrella chart for various optional cluster addons
 type: application
-version: 0.2.3
+version: 0.2.4
 home: https://kubezero.com
 icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
 keywords:
diff --git a/charts/kubezero-addons/templates/cluster-backup/cronjob.yaml b/charts/kubezero-addons/templates/cluster-backup/cronjob.yaml
index 97bb529..bcc30de 100644
--- a/charts/kubezero-addons/templates/cluster-backup/cronjob.yaml
+++ b/charts/kubezero-addons/templates/cluster-backup/cronjob.yaml
@@ -9,6 +9,7 @@ spec:
   jobTemplate:
     spec:
       backoffLimit: 1
+      ttlSecondsAfterFinished: 3600
       template:
         spec:
           containers:
diff --git a/charts/kubezero-addons/values.yaml b/charts/kubezero-addons/values.yaml
index 4a3fc6e..d89943f 100644
--- a/charts/kubezero-addons/values.yaml
+++ b/charts/kubezero-addons/values.yaml
@@ -18,9 +18,11 @@ aws-node-termination-handler:
   managedAsgTag: "aws-node-termination-handler/managed"
 
   enableSqsTerminationDraining: true
+  enableProbesServer: true
   deleteLocalData: true
   ignoreDaemonSets: true
   taintNode: true
+  emitKubernetesEvents: true
 
   # -- https://sqs.${AWS::Region}.amazonaws.com/${AWS::AccountId}/${ClusterName}_Nth
   queueURL: ""
diff --git a/charts/kubezero-network/Chart.yaml b/charts/kubezero-network/Chart.yaml
index 077e237..98815af 100644
--- a/charts/kubezero-network/Chart.yaml
+++ b/charts/kubezero-network/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: kubezero-network
 description: KubeZero umbrella chart for all things network
 type: application
-version: 0.1.0
+version: 0.1.1
 home: https://kubezero.com
 icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
 keywords:
diff --git a/charts/kubezero-network/templates/multus/daemonset.yaml b/charts/kubezero-network/templates/multus/daemonset.yaml
index a7a3a81..16573df 100644
--- a/charts/kubezero-network/templates/multus/daemonset.yaml
+++ b/charts/kubezero-network/templates/multus/daemonset.yaml
@@ -113,6 +113,7 @@ spec:
         args:
         - "--multus-conf-file=auto"
         - "--cni-version=0.3.1"
+        - "--cni-bin-dir=/host/usr/libexec/cni"
         resources:
           requests:
             cpu: "100m"
@@ -122,38 +123,28 @@ spec:
             memory: "50Mi"
         securityContext:
           privileged: true
+          capabilities:
+            add: ["SYS_ADMIN"]
         volumeMounts:
+        - name: run
+          mountPath: /run
         - name: cni
           mountPath: /host/etc/cni/net.d
         - name: cnibin
-          mountPath: /host/opt/cni/bin
+          mountPath: /host/usr/libexec/cni
         - name: multus-cfg
           mountPath: /tmp/multus-conf
-      initContainers:
-        - name: install-multus-binary
-          image: ghcr.io/k8snetworkplumbingwg/multus-cni:{{ .Values.multus.tag }}
-          command:
-            - "cp"
-            - "/usr/src/multus-cni/bin/multus"
-            - "/host/opt/cni/bin/multus"
-          resources:
-            requests:
-              cpu: "10m"
-              memory: "15Mi"
-          securityContext:
-            privileged: true
-          volumeMounts:
-            - name: cnibin
-              mountPath: /host/opt/cni/bin
-              mountPropagation: Bidirectional
       terminationGracePeriodSeconds: 10
       volumes:
+        - name: run
+          hostPath:
+            path: /run
         - name: cni
           hostPath:
             path: /etc/cni/net.d
         - name: cnibin
           hostPath:
-            path: /opt/cni/bin
+            path: /usr/libexec/cni
         - name: multus-cfg
           configMap:
             name: multus-cni-config
diff --git a/charts/kubezero/Chart.yaml b/charts/kubezero/Chart.yaml
index b831bdc..a100537 100644
--- a/charts/kubezero/Chart.yaml
+++ b/charts/kubezero/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: kubezero
 description: KubeZero - Root App of Apps chart
 type: application
-version: 1.21.8-3
+version: 1.21.8-4
 home: https://kubezero.com
 icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
 keywords:
diff --git a/charts/kubezero/templates/addons.yaml b/charts/kubezero/templates/addons.yaml
index 4c19852..5340f02 100644
--- a/charts/kubezero/templates/addons.yaml
+++ b/charts/kubezero/templates/addons.yaml
@@ -8,6 +8,7 @@ clusterBackup:
 {{- with index .Values "addons" "aws-node-termination-handler" }}
 aws-node-termination-handler:
   {{- toYaml . | nindent 2 }}
+  enablePrometheusServer: {{ .Values.metrics.enabled }}
 {{- end }}
 
 {{- with .Values.addons.fuseDevicePlugin }}
diff --git a/charts/kubezero/values.yaml b/charts/kubezero/values.yaml
index 8aaf887..7e7679a 100644
--- a/charts/kubezero/values.yaml
+++ b/charts/kubezero/values.yaml
@@ -8,7 +8,7 @@ HighAvailableControlplane: false
 
 addons:
   enabled: false
-  targetRevision: 0.2.3
+  targetRevision: 0.2.4
 
 network:
   enabled: false
diff --git a/containers/admin/v1.21/kubezero.sh b/containers/admin/v1.21/kubezero.sh
index 54e7037..ca234f1 100755
--- a/containers/admin/v1.21/kubezero.sh
+++ b/containers/admin/v1.21/kubezero.sh
@@ -145,12 +145,12 @@ if [ "$1" == 'upgrade' ]; then
 
   # network
   yq eval '.network // ""' ${HOSTFS}/etc/kubernetes/kubezero.yaml > _values.yaml
-  helm template kubezero/kubezero-network --version 0.1.0 --include-crds --namespace kube-system --name-template network \
+  helm template kubezero/kubezero-network --version 0.1.1 --include-crds --namespace kube-system --name-template network \
     -f _values.yaml --kube-version $KUBE_VERSION | kubectl apply -f - $LOG
 
   # addons
   yq eval '.addons // ""' ${HOSTFS}/etc/kubernetes/kubezero.yaml > _values.yaml
-  helm template kubezero/kubezero-addons --version 0.2.2 --include-crds --namespace kube-system --name-template addons \
+  helm template kubezero/kubezero-addons --version 0.2.4 --include-crds --namespace kube-system --name-template addons \
     -f _values.yaml --kube-version $KUBE_VERSION | kubectl apply -f - $LOG
 
   ######################
@@ -299,12 +299,12 @@ elif [[ "$1" =~ "^(bootstrap|recover|join)$" ]]; then
 
     # network
     yq eval '.network // ""' ${HOSTFS}/etc/kubernetes/kubezero.yaml > _values.yaml
-    helm template kubezero/kubezero-network --version 0.1.0 --include-crds --namespace kube-system --name-template network \
+    helm template kubezero/kubezero-network --version 0.1.1 --include-crds --namespace kube-system --name-template network \
       -f _values.yaml --kube-version $KUBE_VERSION | kubectl apply -f - $LOG
 
     # addons
     yq eval '.addons // ""' ${HOSTFS}/etc/kubernetes/kubezero.yaml > _values.yaml
-    helm template kubezero/kubezero-addons --version 0.2.2 --include-crds --namespace kube-system --name-template addons \
+    helm template kubezero/kubezero-addons --version 0.2.4 --include-crds --namespace kube-system --name-template addons \
       -f _values.yaml --kube-version $KUBE_VERSION | kubectl apply -f - $LOG
   fi
 
diff --git a/containers/admin/v1.21/migrate_argo.sh b/containers/admin/v1.21/migrate_argo.sh
new file mode 100755
index 0000000..32738af
--- /dev/null
+++ b/containers/admin/v1.21/migrate_argo.sh
@@ -0,0 +1,29 @@
+#!/bin/bash -x
+
+YAML=$1
+
+# Convert keys
+yq eval -i '
+  .spec.source.repoURL="https://cdn.zero-downtime.net/charts" |
+  .spec.source.targetRevision="1.21.8-4" |
+  del(.spec.source.helm.parameters)' $YAML
+
+# Extract values
+yq eval '.spec.source.helm.values' $1 > _values.yaml
+
+# Remove kiam and calico from Argo
+yq eval -i 'del(.calico) | del(.kiam)' _values.yaml
+
+# Move storage into module
+yq eval -i '.storage.enabled=true' _values.yaml
+
+[ $(yq eval 'has(".aws-ebs-csi-driver")' _values.yaml) == "true" ] && yq eval -i '.storage.aws-ebs-csi-driver=.aws-ebs-csi-driver' _values.yaml
+[ $(yq eval 'has(".aws-efs-csi-driver")' _values.yaml) == "true" ] && yq eval -i '.storage.aws-efs-csi-driver=.aws-efs-csi-driver' _values.yaml
+
+# Finally remove old helm apps
+yq eval -i 'del(.aws-ebs-csi-driver) | del(.aws-efs-csi-driver)' _values.yaml
+
+# merge _values.yaml back
+yq eval -i '.spec.source.helm.values |= strload("_values.yaml")' $YAML
+
+rm -f _values.yaml