From c90afa722bb42dd055a6709b1e01a238019bd891 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Mon, 2 Dec 2024 19:17:04 +0100 Subject: [PATCH] Update KubeVirt v1.4.0 --- .../templates/kubevirt-operator.yaml | 322 ++++++++---------- 1 file changed, 147 insertions(+), 175 deletions(-) diff --git a/packages/system/kubevirt-operator/templates/kubevirt-operator.yaml b/packages/system/kubevirt-operator/templates/kubevirt-operator.yaml index d208e0b89..aa1700012 100644 --- a/packages/system/kubevirt-operator/templates/kubevirt-operator.yaml +++ b/packages/system/kubevirt-operator/templates/kubevirt-operator.yaml @@ -232,6 +232,17 @@ spec: type: object type: object x-kubernetes-map-type: atomic + commonInstancetypesDeployment: + description: CommonInstancetypesDeployment controls the deployment + of common-instancetypes resources + nullable: true + properties: + enabled: + description: Enabled controls the deployment of common-instancetypes + resources, defaults to True. + nullable: true + type: boolean + type: object controllerConfiguration: description: |- ReloadableComponentConfiguration holds all generic k8s configuration options which can @@ -413,6 +424,23 @@ spec: description: PullPolicy describes a policy for if/when to pull a container image type: string + instancetype: + description: Instancetype configuration + nullable: true + properties: + referencePolicy: + description: |- + ReferencePolicy defines how an instance type or preference should be referenced by the VM after submission, supported values are: + reference (default) - Where a copy of the original object is stashed in a ControllerRevision and referenced by the VM. + expand - Where the instance type or preference are expanded into the VM if no revisionNames have been populated. + expandAll - Where the instance type or preference are expanded into the VM regardless of revisionNames previously being populated. + enum: + - reference + - expand + - expandAll + nullable: true + type: string + type: object ksmConfiguration: description: KSMConfiguration holds the information regarding the enabling the KSM in the nodes (if available). @@ -471,8 +499,9 @@ spec: features properties: maxCpuSockets: - description: MaxCpuSockets holds the maximum amount of sockets - that can be hotplugged + description: |- + MaxCpuSockets provides a MaxSockets value for VMs that do not provide their own. + For VMs with more sockets than maximum the MaxSockets will be set to equal number of sockets. format: int32 type: integer maxGuest: @@ -578,7 +607,7 @@ spec: description: |- CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, - the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800 + the migration will be cancelled, unless AllowPostCopy is true. Defaults to 150 format: int64 type: integer disableTLS: @@ -641,34 +670,6 @@ spec: ComputeResourceOverhead specifies the resource overhead that should be added to the compute container when using the binding. version: v1alphav1 properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -697,7 +698,7 @@ spec: domainAttachmentType: description: |- DomainAttachmentType is a standard domain network attachment method kubevirt supports. - Supported values: "tap". + Supported values: "tap", "managedTap" (since v1.4). The standard domain attachment can be used instead or in addition to the sidecarImage. version: 1alphav1 type: string @@ -875,37 +876,10 @@ spec: usually idle and don't require a lot of memory or cpu. properties: resources: - description: ResourceRequirements describes the compute - resource requirements. + description: |- + ResourceRequirementsWithoutClaims describes the compute resource requirements. + This struct was taken from the k8s.ResourceRequirements and cleaned up the 'Claims' field. properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in - PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -959,10 +933,8 @@ spec: MinTLSVersion is a way to specify the minimum protocol version that is acceptable for TLS connections. Protocol versions are based on the following most common TLS configurations: - https://ssl-config.mozilla.org/ - Note that SSLv3.0 is not a supported protocol version due to well known vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE enum: @@ -1092,10 +1064,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1412,7 +1387,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1427,7 +1402,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1595,7 +1570,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1610,7 +1585,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1776,7 +1751,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1791,7 +1766,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1959,7 +1934,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1974,7 +1949,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2165,7 +2140,6 @@ spec: BatchEvictionInterval Represents the interval to wait before issuing the next batch of shutdowns - Defaults to 1 minute type: string batchEvictionSize: @@ -2173,7 +2147,6 @@ spec: BatchEvictionSize Represents the number of VMIs that can be forced updated per the BatchShutdownInteral interval - Defaults to 10 type: integer workloadUpdateMethods: @@ -2184,7 +2157,6 @@ spec: precedence over more disruptive methods. For example if both LiveMigrate and Shutdown methods are listed, only VMs which are not live migratable will be restarted/shutdown - An empty list defaults to no automated workload updating items: type: string @@ -2492,7 +2464,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2507,7 +2479,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2675,7 +2647,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2690,7 +2662,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2856,7 +2828,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2871,7 +2843,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -3039,7 +3011,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -3054,7 +3026,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -3517,6 +3489,17 @@ spec: type: object type: object x-kubernetes-map-type: atomic + commonInstancetypesDeployment: + description: CommonInstancetypesDeployment controls the deployment + of common-instancetypes resources + nullable: true + properties: + enabled: + description: Enabled controls the deployment of common-instancetypes + resources, defaults to True. + nullable: true + type: boolean + type: object controllerConfiguration: description: |- ReloadableComponentConfiguration holds all generic k8s configuration options which can @@ -3698,6 +3681,23 @@ spec: description: PullPolicy describes a policy for if/when to pull a container image type: string + instancetype: + description: Instancetype configuration + nullable: true + properties: + referencePolicy: + description: |- + ReferencePolicy defines how an instance type or preference should be referenced by the VM after submission, supported values are: + reference (default) - Where a copy of the original object is stashed in a ControllerRevision and referenced by the VM. + expand - Where the instance type or preference are expanded into the VM if no revisionNames have been populated. + expandAll - Where the instance type or preference are expanded into the VM regardless of revisionNames previously being populated. + enum: + - reference + - expand + - expandAll + nullable: true + type: string + type: object ksmConfiguration: description: KSMConfiguration holds the information regarding the enabling the KSM in the nodes (if available). @@ -3756,8 +3756,9 @@ spec: features properties: maxCpuSockets: - description: MaxCpuSockets holds the maximum amount of sockets - that can be hotplugged + description: |- + MaxCpuSockets provides a MaxSockets value for VMs that do not provide their own. + For VMs with more sockets than maximum the MaxSockets will be set to equal number of sockets. format: int32 type: integer maxGuest: @@ -3863,7 +3864,7 @@ spec: description: |- CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, - the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800 + the migration will be cancelled, unless AllowPostCopy is true. Defaults to 150 format: int64 type: integer disableTLS: @@ -3926,34 +3927,6 @@ spec: ComputeResourceOverhead specifies the resource overhead that should be added to the compute container when using the binding. version: v1alphav1 properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -3982,7 +3955,7 @@ spec: domainAttachmentType: description: |- DomainAttachmentType is a standard domain network attachment method kubevirt supports. - Supported values: "tap". + Supported values: "tap", "managedTap" (since v1.4). The standard domain attachment can be used instead or in addition to the sidecarImage. version: 1alphav1 type: string @@ -4160,37 +4133,10 @@ spec: usually idle and don't require a lot of memory or cpu. properties: resources: - description: ResourceRequirements describes the compute - resource requirements. + description: |- + ResourceRequirementsWithoutClaims describes the compute resource requirements. + This struct was taken from the k8s.ResourceRequirements and cleaned up the 'Claims' field. properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in - PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -4244,10 +4190,8 @@ spec: MinTLSVersion is a way to specify the minimum protocol version that is acceptable for TLS connections. Protocol versions are based on the following most common TLS configurations: - https://ssl-config.mozilla.org/ - Note that SSLv3.0 is not a supported protocol version due to well known vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE enum: @@ -4377,10 +4321,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -4697,7 +4644,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -4712,7 +4659,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -4880,7 +4827,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -4895,7 +4842,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5061,7 +5008,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5076,7 +5023,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5244,7 +5191,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5259,7 +5206,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5450,7 +5397,6 @@ spec: BatchEvictionInterval Represents the interval to wait before issuing the next batch of shutdowns - Defaults to 1 minute type: string batchEvictionSize: @@ -5458,7 +5404,6 @@ spec: BatchEvictionSize Represents the number of VMIs that can be forced updated per the BatchShutdownInteral interval - Defaults to 10 type: integer workloadUpdateMethods: @@ -5469,7 +5414,6 @@ spec: precedence over more disruptive methods. For example if both LiveMigrate and Shutdown methods are listed, only VMs which are not live migratable will be restarted/shutdown - An empty list defaults to no automated workload updating items: type: string @@ -5777,7 +5721,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5792,7 +5736,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5960,7 +5904,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -5975,7 +5919,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -6141,7 +6085,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -6156,7 +6100,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -6324,7 +6268,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -6339,7 +6283,7 @@ spec: pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -7195,15 +7139,35 @@ rules: - apiGroups: - snapshot.kubevirt.io resources: - - '*' + - virtualmachinesnapshots + - virtualmachinesnapshots/status + - virtualmachinesnapshotcontents + - virtualmachinesnapshotcontents/status + - virtualmachinesnapshotcontents/finalizers + - virtualmachinerestores + - virtualmachinerestores/status verbs: - - '*' + - get + - list + - watch + - create + - update + - delete + - patch - apiGroups: - export.kubevirt.io resources: - - '*' + - virtualmachineexports + - virtualmachineexports/status + - virtualmachineexports/finalizers verbs: - - '*' + - get + - list + - watch + - create + - update + - delete + - patch - apiGroups: - pool.kubevirt.io resources: @@ -7225,6 +7189,12 @@ rules: - '*' verbs: - '*' +- apiGroups: + - kubevirt.io + resources: + - virtualmachines/finalizers + verbs: + - update - apiGroups: - subresources.kubevirt.io resources: @@ -7433,6 +7403,7 @@ rules: - virtualmachineinstances/userlist - virtualmachineinstances/sev/fetchcertchain - virtualmachineinstances/sev/querylaunchmeasurement + - virtualmachineinstances/usbredir verbs: - get - apiGroups: @@ -7581,6 +7552,7 @@ rules: - virtualmachineinstances/userlist - virtualmachineinstances/sev/fetchcertchain - virtualmachineinstances/sev/querylaunchmeasurement + - virtualmachineinstances/usbredir verbs: - get - apiGroups: @@ -7889,14 +7861,14 @@ spec: - virt-operator env: - name: VIRT_OPERATOR_IMAGE - value: quay.io/kubevirt/virt-operator:v1.3.1 + value: quay.io/kubevirt/virt-operator:v1.4.0 - name: WATCH_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.annotations['olm.targetNamespaces'] - name: KUBEVIRT_VERSION - value: v1.3.1 - image: quay.io/kubevirt/virt-operator:v1.3.1 + value: v1.4.0 + image: quay.io/kubevirt/virt-operator:v1.4.0 imagePullPolicy: IfNotPresent name: virt-operator ports: