From 27e7b94e5599db48d9b4bf00170d31798a5de844 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 3 Dec 2024 19:50:58 +0100 Subject: [PATCH] MetallB enable frr and disable frr-k8s by default (#503) --- packages/system/metallb/Makefile | 1 + .../charts/metallb/charts/frr-k8s/.helmignore | 23 - .../charts/metallb/charts/frr-k8s/Chart.lock | 6 - .../charts/metallb/charts/frr-k8s/Chart.yaml | 16 - .../charts/metallb/charts/frr-k8s/README.md | 96 ---- .../charts/frr-k8s/charts/crds/.helmignore | 23 - .../charts/frr-k8s/charts/crds/Chart.yaml | 10 - .../charts/frr-k8s/charts/crds/README.md | 14 - .../frrk8s.metallb.io_frrconfigurations.yaml | 462 ------------------ .../frrk8s.metallb.io_frrnodestates.yaml | 65 --- .../charts/frr-k8s/templates/NOTES.txt | 4 - .../charts/frr-k8s/templates/_helpers.tpl | 63 --- .../charts/frr-k8s/templates/controller.yaml | 431 ---------------- .../charts/frr-k8s/templates/rbac.yaml | 73 --- .../frr-k8s/templates/service-accounts.yaml | 16 - .../frr-k8s/templates/service-monitor.yaml | 128 ----- .../charts/frr-k8s/templates/webhooks.yaml | 159 ------ .../metallb/charts/frr-k8s/values.schema.json | 387 --------------- .../charts/metallb/charts/frr-k8s/values.yaml | 173 ------- packages/system/metallb/values.yaml | 3 - 20 files changed, 1 insertion(+), 2152 deletions(-) delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/.helmignore delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/Chart.lock delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/Chart.yaml delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/README.md delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/.helmignore delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/Chart.yaml delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/README.md delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrnodestates.yaml delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/templates/NOTES.txt delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/templates/_helpers.tpl delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/templates/controller.yaml delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/templates/rbac.yaml delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/templates/service-accounts.yaml delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/templates/service-monitor.yaml delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/templates/webhooks.yaml delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/values.schema.json delete mode 100644 packages/system/metallb/charts/metallb/charts/frr-k8s/values.yaml diff --git a/packages/system/metallb/Makefile b/packages/system/metallb/Makefile index 56fdee1ea..d01bf3969 100644 --- a/packages/system/metallb/Makefile +++ b/packages/system/metallb/Makefile @@ -8,3 +8,4 @@ update: helm repo add metallb https://metallb.github.io/metallb helm repo update metallb helm pull metallb/metallb --untar --untardir charts + rm -rf charts/metallb/charts/frr-k8s diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/.helmignore b/packages/system/metallb/charts/metallb/charts/frr-k8s/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/Chart.lock b/packages/system/metallb/charts/metallb/charts/frr-k8s/Chart.lock deleted file mode 100644 index dafe16503..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: crds - repository: "" - version: 0.0.14 -digest: sha256:b8b8aa510f86db5713e75b0bc5a03df88737a5f6868aab77c513eb0bbed3b8b7 -generated: "2024-07-19T12:07:59.737645816+02:00" diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/Chart.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/Chart.yaml deleted file mode 100644 index 228115b4f..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/Chart.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v2 -appVersion: v0.0.14 -dependencies: -- condition: crds.enabled - name: crds - repository: "" - version: 0.0.14 -description: A cloud native wrapper of FRR -home: https://metallb.universe.tf -icon: https://metallb.universe.tf/images/logo/metallb-white.png -kubeVersion: '>= 1.19.0-0' -name: frr-k8s -sources: -- https://github.com/metallb/frr-k8s -type: application -version: 0.0.14 diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/README.md b/packages/system/metallb/charts/metallb/charts/frr-k8s/README.md deleted file mode 100644 index aa5b74ebe..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/README.md +++ /dev/null @@ -1,96 +0,0 @@ -# frr-k8s - -![Version: 0.0.14](https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.14](https://img.shields.io/badge/AppVersion-v0.0.14-informational?style=flat-square) - -A cloud native wrapper of FRR - -**Homepage:** - -## Source Code - -* - -## Requirements - -Kubernetes: `>= 1.19.0-0` - -| Repository | Name | Version | -|------------|------|---------| -| | crds | 0.0.14 | - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| crds.enabled | bool | `true` | | -| crds.validationFailurePolicy | string | `"Fail"` | | -| frrk8s.affinity | object | `{}` | | -| frrk8s.alwaysBlock | string | `""` | | -| frrk8s.disableCertRotation | bool | `false` | | -| frrk8s.frr.image.pullPolicy | string | `nil` | | -| frrk8s.frr.image.repository | string | `"quay.io/frrouting/frr"` | | -| frrk8s.frr.image.tag | string | `"9.1.0"` | | -| frrk8s.frr.metricsBindAddress | string | `"127.0.0.1"` | | -| frrk8s.frr.metricsPort | int | `7573` | | -| frrk8s.frr.resources | object | `{}` | | -| frrk8s.frr.secureMetricsPort | int | `9141` | | -| frrk8s.frrMetrics.resources | object | `{}` | | -| frrk8s.healthPort | int | `8081` | | -| frrk8s.image.pullPolicy | string | `nil` | | -| frrk8s.image.repository | string | `"quay.io/metallb/frr-k8s"` | | -| frrk8s.image.tag | string | `nil` | | -| frrk8s.labels.app | string | `"frr-k8s"` | | -| frrk8s.livenessProbe.enabled | bool | `true` | | -| frrk8s.livenessProbe.failureThreshold | int | `3` | | -| frrk8s.livenessProbe.initialDelaySeconds | int | `10` | | -| frrk8s.livenessProbe.periodSeconds | int | `10` | | -| frrk8s.livenessProbe.successThreshold | int | `1` | | -| frrk8s.livenessProbe.timeoutSeconds | int | `1` | | -| frrk8s.logLevel | string | `"info"` | Controller log level. Must be one of: `all`, `debug`, `info`, `warn`, `error` or `none` | -| frrk8s.nodeSelector | object | `{}` | | -| frrk8s.podAnnotations | object | `{}` | | -| frrk8s.priorityClassName | string | `""` | | -| frrk8s.readinessProbe.enabled | bool | `true` | | -| frrk8s.readinessProbe.failureThreshold | int | `3` | | -| frrk8s.readinessProbe.initialDelaySeconds | int | `10` | | -| frrk8s.readinessProbe.periodSeconds | int | `10` | | -| frrk8s.readinessProbe.successThreshold | int | `1` | | -| frrk8s.readinessProbe.timeoutSeconds | int | `1` | | -| frrk8s.reloader.resources | object | `{}` | | -| frrk8s.resources | object | `{}` | | -| frrk8s.restartOnRotatorSecretRefresh | bool | `false` | | -| frrk8s.runtimeClassName | string | `""` | | -| frrk8s.serviceAccount.annotations | object | `{}` | | -| frrk8s.serviceAccount.create | bool | `true` | | -| frrk8s.serviceAccount.name | string | `""` | | -| frrk8s.startupProbe.enabled | bool | `true` | | -| frrk8s.startupProbe.failureThreshold | int | `30` | | -| frrk8s.startupProbe.periodSeconds | int | `5` | | -| frrk8s.tolerateMaster | bool | `true` | | -| frrk8s.tolerations | list | `[]` | | -| frrk8s.updateStrategy.type | string | `"RollingUpdate"` | | -| fullnameOverride | string | `""` | | -| nameOverride | string | `""` | | -| prometheus.metricsBindAddress | string | `"127.0.0.1"` | | -| prometheus.metricsPort | int | `7572` | | -| prometheus.metricsTLSSecret | string | `""` | | -| prometheus.namespace | string | `""` | | -| prometheus.rbacPrometheus | bool | `false` | | -| prometheus.rbacProxy.pullPolicy | string | `nil` | | -| prometheus.rbacProxy.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | | -| prometheus.rbacProxy.tag | string | `"v0.12.0"` | | -| prometheus.scrapeAnnotations | bool | `false` | | -| prometheus.secureMetricsPort | int | `9140` | | -| prometheus.serviceAccount | string | `""` | | -| prometheus.serviceMonitor.additionalLabels | object | `{}` | | -| prometheus.serviceMonitor.annotations | object | `{}` | | -| prometheus.serviceMonitor.enabled | bool | `false` | | -| prometheus.serviceMonitor.interval | string | `nil` | | -| prometheus.serviceMonitor.jobLabel | string | `"app.kubernetes.io/name"` | | -| prometheus.serviceMonitor.metricRelabelings | list | `[]` | | -| prometheus.serviceMonitor.relabelings | list | `[]` | | -| prometheus.serviceMonitor.tlsConfig.insecureSkipVerify | bool | `true` | | -| rbac.create | bool | `true` | | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0) diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/.helmignore b/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/Chart.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/Chart.yaml deleted file mode 100644 index 22e07a9d2..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/Chart.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v2 -appVersion: v0.0.14 -description: FRR K8s CRDs -home: https://metallb.universe.tf -icon: https://metallb.universe.tf/images/logo/metallb-white.png -name: crds -sources: -- https://github.com/metallb/frr-k8s -type: application -version: 0.0.14 diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/README.md b/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/README.md deleted file mode 100644 index 65e636c6d..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/README.md +++ /dev/null @@ -1,14 +0,0 @@ -# crds - -![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square) - -FRR-K8s CRDs - -**Homepage:** - -## Source Code - -* - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0) diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml deleted file mode 100644 index b68676512..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml +++ /dev/null @@ -1,462 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: frrconfigurations.frrk8s.metallb.io -spec: - group: frrk8s.metallb.io - names: - kind: FRRConfiguration - listKind: FRRConfigurationList - plural: frrconfigurations - singular: frrconfiguration - scope: Namespaced - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - description: FRRConfiguration is a piece of FRR configuration. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: FRRConfigurationSpec defines the desired state of FRRConfiguration. - properties: - bgp: - description: BGP is the configuration related to the BGP protocol. - properties: - bfdProfiles: - description: BFDProfiles is the list of bfd profiles to be used - when configuring the neighbors. - items: - description: |- - BFDProfile is the configuration related to the BFD protocol associated - to a BGP session. - properties: - detectMultiplier: - description: |- - Configures the detection multiplier to determine - packet loss. The remote transmission interval will be multiplied - by this value to determine the connection loss detection timer. - format: int32 - maximum: 255 - minimum: 2 - type: integer - echoInterval: - description: |- - Configures the minimal echo receive transmission - interval that this system is capable of handling in milliseconds. - Defaults to 50ms - format: int32 - maximum: 60000 - minimum: 10 - type: integer - echoMode: - description: |- - Enables or disables the echo transmission mode. - This mode is disabled by default, and not supported on multi - hops setups. - type: boolean - minimumTtl: - description: |- - For multi hop sessions only: configure the minimum - expected TTL for an incoming BFD control packet. - format: int32 - maximum: 254 - minimum: 1 - type: integer - name: - description: |- - The name of the BFD Profile to be referenced in other parts - of the configuration. - type: string - passiveMode: - description: |- - Mark session as passive: a passive session will not - attempt to start the connection and will wait for control packets - from peer before it begins replying. - type: boolean - receiveInterval: - description: |- - The minimum interval that this system is capable of - receiving control packets in milliseconds. - Defaults to 300ms. - format: int32 - maximum: 60000 - minimum: 10 - type: integer - transmitInterval: - description: |- - The minimum transmission interval (less jitter) - that this system wants to use to send BFD control packets in - milliseconds. Defaults to 300ms - format: int32 - maximum: 60000 - minimum: 10 - type: integer - required: - - name - type: object - type: array - routers: - description: Routers is the list of routers we want FRR to configure - (one per VRF). - items: - description: Router represent a neighbor router we want FRR - to connect to. - properties: - asn: - description: ASN is the AS number to use for the local end - of the session. - format: int32 - maximum: 4294967295 - minimum: 0 - type: integer - id: - description: ID is the BGP router ID - type: string - imports: - description: Imports is the list of imported VRFs we want - for this router / vrf. - items: - description: Import represents the possible imported VRFs - to a given router. - properties: - vrf: - description: Vrf is the vrf we want to import from - type: string - type: object - type: array - neighbors: - description: Neighbors is the list of neighbors we want - to establish BGP sessions with. - items: - description: Neighbor represents a BGP Neighbor we want - FRR to connect to. - properties: - address: - description: Address is the IP address to establish - the session with. - type: string - asn: - description: ASN is the AS number to use for the local - end of the session. - format: int32 - maximum: 4294967295 - minimum: 0 - type: integer - bfdProfile: - description: |- - BFDProfile is the name of the BFD Profile to be used for the BFD session associated - to the BGP session. If not set, the BFD session won't be set up. - type: string - connectTime: - description: Requested BGP connect time, controls - how long BGP waits between connection attempts to - a neighbor. - type: string - x-kubernetes-validations: - - message: connect time should be between 1 seconds - to 65535 - rule: duration(self).getSeconds() >= 1 && duration(self).getSeconds() - <= 65535 - - message: connect time should contain a whole number - of seconds - rule: duration(self).getMilliseconds() % 1000 == - 0 - disableMP: - default: false - description: To set if we want to disable MP BGP that - will separate IPv4 and IPv6 route exchanges into - distinct BGP sessions. - type: boolean - ebgpMultiHop: - description: EBGPMultiHop indicates if the BGPPeer - is multi-hops away. - type: boolean - enableGracefulRestart: - description: |- - EnableGracefulRestart allows BGP peer to continue to forward data packets along - known routes while the routing protocol information is being restored. If - the session is already established, the configuration will have effect - after reconnecting to the peer - type: boolean - holdTime: - description: |- - HoldTime is the requested BGP hold time, per RFC4271. - Defaults to 180s. - type: string - keepaliveTime: - description: |- - KeepaliveTime is the requested BGP keepalive time, per RFC4271. - Defaults to 60s. - type: string - password: - description: |- - Password to be used for establishing the BGP session. - Password and PasswordSecret are mutually exclusive. - type: string - passwordSecret: - description: |- - PasswordSecret is name of the authentication secret for the neighbor. - the secret must be of type "kubernetes.io/basic-auth", and created in the - same namespace as the frr-k8s daemon. The password is stored in the - secret as the key "password". - Password and PasswordSecret are mutually exclusive. - properties: - name: - description: name is unique within a namespace - to reference a secret resource. - type: string - namespace: - description: namespace defines the space within - which the secret name must be unique. - type: string - type: object - x-kubernetes-map-type: atomic - port: - description: |- - Port is the port to dial when establishing the session. - Defaults to 179. - maximum: 16384 - minimum: 0 - type: integer - sourceaddress: - description: |- - SourceAddress is the IPv4 or IPv6 source address to use for the BGP - session to this neighbour, may be specified as either an IP address - directly or as an interface name - type: string - toAdvertise: - description: |- - ToAdvertise represents the list of prefixes to advertise to the given neighbor - and the associated properties. - properties: - allowed: - description: |- - Allowed is is the list of prefixes allowed to be propagated to - this neighbor. They must match the prefixes defined in the router. - properties: - mode: - default: filtered - description: |- - Mode is the mode to use when handling the prefixes. - When set to "filtered", only the prefixes in the given list will be allowed. - When set to "all", all the prefixes configured on the router will be allowed. - enum: - - all - - filtered - type: string - prefixes: - items: - type: string - type: array - type: object - withCommunity: - description: |- - PrefixesWithCommunity is a list of prefixes that are associated to a - bgp community when being advertised. The prefixes associated to a given local pref - must be in the prefixes allowed to be advertised. - items: - description: CommunityPrefixes is a list of - prefixes associated to a community. - properties: - community: - description: Community is the community - associated to the prefixes. - type: string - prefixes: - description: Prefixes is the list of prefixes - associated to the community. - format: cidr - items: - type: string - minItems: 1 - type: array - type: object - type: array - withLocalPref: - description: |- - PrefixesWithLocalPref is a list of prefixes that are associated to a local - preference when being advertised. The prefixes associated to a given local pref - must be in the prefixes allowed to be advertised. - items: - description: LocalPrefPrefixes is a list of - prefixes associated to a local preference. - properties: - localPref: - description: LocalPref is the local preference - associated to the prefixes. - format: int32 - type: integer - prefixes: - description: Prefixes is the list of prefixes - associated to the local preference. - format: cidr - items: - type: string - minItems: 1 - type: array - type: object - type: array - type: object - toReceive: - description: ToReceive represents the list of prefixes - to receive from the given neighbor. - properties: - allowed: - description: |- - Allowed is the list of prefixes allowed to be received from - this neighbor. - properties: - mode: - default: filtered - description: |- - Mode is the mode to use when handling the prefixes. - When set to "filtered", only the prefixes in the given list will be allowed. - When set to "all", all the prefixes configured on the router will be allowed. - enum: - - all - - filtered - type: string - prefixes: - items: - description: PrefixSelector is a filter - of prefixes to receive. - properties: - ge: - description: |- - The prefix length modifier. This selector accepts any matching prefix with length - greater or equal the given value. - format: int32 - maximum: 128 - minimum: 1 - type: integer - le: - description: |- - The prefix length modifier. This selector accepts any matching prefix with length - less or equal the given value. - format: int32 - maximum: 128 - minimum: 1 - type: integer - prefix: - format: cidr - type: string - type: object - type: array - type: object - type: object - required: - - address - - asn - type: object - type: array - prefixes: - description: Prefixes is the list of prefixes we want to - advertise from this router instance. - items: - type: string - type: array - vrf: - description: VRF is the host vrf used to establish sessions - from this router. - type: string - required: - - asn - type: object - type: array - type: object - nodeSelector: - description: |- - NodeSelector limits the nodes that will attempt to apply this config. - When specified, the configuration will be considered only on nodes - whose labels match the specified selectors. - When it is not specified all nodes will attempt to apply this config. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - raw: - description: |- - Raw is a snippet of raw frr configuration that gets appended to the - one rendered translating the type safe API. - properties: - priority: - description: |- - Priority is the order with this configuration is appended to the - bottom of the rendered configuration. A higher value means the - raw config is appended later in the configuration file. - type: integer - rawConfig: - description: |- - Config is a raw FRR configuration to be appended to the configuration - rendered via the k8s api. - type: string - type: object - type: object - status: - description: FRRConfigurationStatus defines the observed state of FRRConfiguration. - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrnodestates.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrnodestates.yaml deleted file mode 100644 index e2bd77ecc..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrnodestates.yaml +++ /dev/null @@ -1,65 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: frrnodestates.frrk8s.metallb.io -spec: - group: frrk8s.metallb.io - names: - kind: FRRNodeState - listKind: FRRNodeStateList - plural: frrnodestates - singular: frrnodestate - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - description: FRRNodeState exposes the status of the FRR instance running on - each node. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: FRRNodeStateSpec defines the desired state of FRRNodeState. - type: object - status: - description: FRRNodeStateStatus defines the observed state of FRRNodeState. - properties: - lastConversionResult: - description: LastConversionResult is the status of the last translation - between the `FRRConfiguration`s resources and FRR's configuration, - contains "success" or an error. - type: string - lastReloadResult: - description: LastReloadResult represents the status of the last configuration - update operation by FRR, contains "success" or an error. - type: string - runningConfig: - description: RunningConfig represents the current FRR running config, - which is the configuration the FRR instance is currently running - with. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/NOTES.txt b/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/NOTES.txt deleted file mode 100644 index 5b5b84a17..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/NOTES.txt +++ /dev/null @@ -1,4 +0,0 @@ -FRR-k8s is now running in the cluster. - -Now you can configure it via its CRs. Please refer to the frr-k8s official docs -on how to use the CRs. diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/_helpers.tpl b/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/_helpers.tpl deleted file mode 100644 index 4e35f6fc6..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/_helpers.tpl +++ /dev/null @@ -1,63 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "frrk8s.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "frrk8s.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "frrk8s.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "frrk8s.labels" -}} -helm.sh/chart: {{ include "frrk8s.chart" . }} -{{ include "frrk8s.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "frrk8s.selectorLabels" -}} -app.kubernetes.io/name: {{ include "frrk8s.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the frrk8s service account to use -*/}} -{{- define "frrk8s.serviceAccountName" -}} -{{- if .Values.frrk8s.serviceAccount.create }} -{{- default (printf "%s-controller" (include "frrk8s.fullname" .)) .Values.frrk8s.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.frrk8s.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/controller.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/controller.yaml deleted file mode 100644 index e4a78d7a4..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/controller.yaml +++ /dev/null @@ -1,431 +0,0 @@ -# FRR expects to have these files owned by frr:frr on startup. -# Having them in a ConfigMap allows us to modify behaviors: for example enabling more daemons on startup. -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "frrk8s.fullname" . }}-frr-startup - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "frrk8s.labels" . | nindent 4 }} - app.kubernetes.io/component: frr-k8s -data: - daemons: | - # This file tells the frr package which daemons to start. - # - # Sample configurations for these daemons can be found in - # /usr/share/doc/frr/examples/. - # - # ATTENTION: - # - # When activating a daemon for the first time, a config file, even if it is - # empty, has to be present *and* be owned by the user and group "frr", else - # the daemon will not be started by /etc/init.d/frr. The permissions should - # be u=rw,g=r,o=. - # When using "vtysh" such a config file is also needed. It should be owned by - # group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too. - # - # The watchfrr and zebra daemons are always started. - # - bgpd=yes - ospfd=no - ospf6d=no - ripd=no - ripngd=no - isisd=no - pimd=no - ldpd=no - nhrpd=no - eigrpd=no - babeld=no - sharpd=no - pbrd=no - bfdd=yes - fabricd=no - vrrpd=no - - # - # If this option is set the /etc/init.d/frr script automatically loads - # the config via "vtysh -b" when the servers are started. - # Check /etc/pam.d/frr if you intend to use "vtysh"! - # - vtysh_enable=yes - zebra_options=" -A 127.0.0.1 -s 90000000" - bgpd_options=" -A 127.0.0.1" - ospfd_options=" -A 127.0.0.1" - ospf6d_options=" -A ::1" - ripd_options=" -A 127.0.0.1" - ripngd_options=" -A ::1" - isisd_options=" -A 127.0.0.1" - pimd_options=" -A 127.0.0.1" - ldpd_options=" -A 127.0.0.1" - nhrpd_options=" -A 127.0.0.1" - eigrpd_options=" -A 127.0.0.1" - babeld_options=" -A 127.0.0.1" - sharpd_options=" -A 127.0.0.1" - pbrd_options=" -A 127.0.0.1" - staticd_options="-A 127.0.0.1" - bfdd_options=" -A 127.0.0.1" - fabricd_options="-A 127.0.0.1" - vrrpd_options=" -A 127.0.0.1" - - # configuration profile - # - #frr_profile="traditional" - #frr_profile="datacenter" - - # - # This is the maximum number of FD's that will be available. - # Upon startup this is read by the control files and ulimit - # is called. Uncomment and use a reasonable value for your - # setup if you are expecting a large number of peers in - # say BGP. - #MAX_FDS=1024 - - # The list of daemons to watch is automatically generated by the init script. - #watchfrr_options="" - - # for debugging purposes, you can specify a "wrap" command to start instead - # of starting the daemon directly, e.g. to use valgrind on ospfd: - # ospfd_wrap="/usr/bin/valgrind" - # or you can use "all_wrap" for all daemons, e.g. to use perf record: - # all_wrap="/usr/bin/perf record --call-graph -" - # the normal daemon command is added to this at the end. - vtysh.conf: |+ - service integrated-vtysh-config - frr.conf: |+ - ! This file gets overriden the first time the speaker renders a config. - ! So anything configured here is only temporary. - frr version 8.0 - frr defaults traditional - hostname Router - line vty - log file /etc/frr/frr.log informational ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: {{ template "frrk8s.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "frrk8s.labels" . | nindent 4 }} - app.kubernetes.io/component: frr-k8s - {{- range $key, $value := .Values.frrk8s.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} -spec: - {{- if .Values.frrk8s.updateStrategy }} - updateStrategy: {{- toYaml .Values.frrk8s.updateStrategy | nindent 4 }} - {{- end }} - selector: - matchLabels: - {{- include "frrk8s.selectorLabels" . | nindent 6 }} - app.kubernetes.io/component: frr-k8s - template: - metadata: - labels: - {{- include "frrk8s.selectorLabels" . | nindent 8 }} - app.kubernetes.io/component: frr-k8s - {{- range $key, $value := .Values.frrk8s.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - spec: - {{- if .Values.frrk8s.runtimeClassName }} - runtimeClassName: {{ .Values.frrk8s.runtimeClassName }} - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ template "frrk8s.serviceAccountName" . }} - terminationGracePeriodSeconds: 0 - hostNetwork: true - volumes: - - name: frr-sockets - emptyDir: {} - - name: frr-startup - configMap: - name: {{ template "frrk8s.fullname" . }}-frr-startup - - name: frr-conf - emptyDir: {} - - name: reloader - emptyDir: {} - - name: metrics - emptyDir: {} - {{- if .Values.prometheus.metricsTLSSecret }} - - name: metrics-certs - secret: - secretName: {{ .Values.prometheus.metricsTLSSecret }} - {{- end }} - initContainers: - # Copies the initial config files with the right permissions to the shared volume. - - name: cp-frr-files - image: {{ .Values.frrk8s.frr.image.repository }}:{{ .Values.frrk8s.frr.image.tag | default .Chart.AppVersion }} - securityContext: - runAsUser: 100 - runAsGroup: 101 - command: ["/bin/sh", "-c", "cp -rLf /tmp/frr/* /etc/frr/"] - volumeMounts: - - name: frr-startup - mountPath: /tmp/frr - - name: frr-conf - mountPath: /etc/frr - # Copies the reloader to the shared volume between the speaker and reloader. - - name: cp-reloader - image: {{ .Values.frrk8s.image.repository }}:{{ .Values.frrk8s.image.tag | default .Chart.AppVersion }} - command: ["/bin/sh", "-c", "cp -f /frr-reloader.sh /etc/frr_reloader/"] - volumeMounts: - - name: reloader - mountPath: /etc/frr_reloader - # Copies the metrics exporter - - name: cp-metrics - image: {{ .Values.frrk8s.image.repository }}:{{ .Values.frrk8s.image.tag | default .Chart.AppVersion }} - command: ["/bin/sh", "-c", "cp -f /frr-metrics /etc/frr_metrics/"] - volumeMounts: - - name: metrics - mountPath: /etc/frr_metrics - shareProcessNamespace: true - containers: - - name: controller - image: {{ .Values.frrk8s.image.repository }}:{{ .Values.frrk8s.image.tag | default .Chart.AppVersion }} - {{- if .Values.frrk8s.image.pullPolicy }} - imagePullPolicy: {{ .Values.frrk8s.image.pullPolicy }} - {{- end }} - command: - - /frr-k8s - args: - - "--node-name=$(NODE_NAME)" - - "--namespace=$(NAMESPACE)" - - "--metrics-bind-address={{.Values.prometheus.metricsBindAddress}}:{{ .Values.prometheus.metricsPort }}" - {{- with .Values.frrk8s.logLevel }} - - --log-level={{ . }} - {{- end }} - - --health-probe-bind-address={{.Values.prometheus.metricsBindAddress}}:{{ .Values.frrk8s.healthPort }} - {{- if .Values.frrk8s.alwaysBlock }} - - --always-block={{ .Values.frrk8s.alwaysBlock }} - {{- end }} - env: - - name: FRR_CONFIG_FILE - value: /etc/frr_reloader/frr.conf - - name: FRR_RELOADER_PID_FILE - value: /etc/frr_reloader/reloader.pid - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - ports: - - containerPort: {{ .Values.prometheus.metricsPort }} - name: monitoring - {{- if .Values.frrk8s.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /healthz - port: {{ .Values.frrk8s.healthPort }} - host: {{ .Values.prometheus.metricsBindAddress }} - initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.frrk8s.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.frrk8s.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.frrk8s.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.frrk8s.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: /healthz - port: {{ .Values.frrk8s.healthPort }} - host: {{ .Values.prometheus.metricsBindAddress }} - initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.frrk8s.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.frrk8s.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.frrk8s.readinessProbe.failureThreshold }} - {{- end }} - {{- with .Values.frrk8s.resources }} - resources: - {{- toYaml . | nindent 10 }} - {{- end }} - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - capabilities: - drop: - - ALL - add: - - NET_RAW - volumeMounts: - - name: reloader - mountPath: /etc/frr_reloader - - name: frr - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - - SYS_ADMIN - - NET_BIND_SERVICE - image: {{ .Values.frrk8s.frr.image.repository }}:{{ .Values.frrk8s.frr.image.tag | default .Chart.AppVersion }} - {{- if .Values.frrk8s.frr.image.pullPolicy }} - imagePullPolicy: {{ .Values.frrk8s.frr.image.pullPolicy }} - {{- end }} - env: - - name: TINI_SUBREAPER - value: "true" - volumeMounts: - - name: frr-sockets - mountPath: /var/run/frr - - name: frr-conf - mountPath: /etc/frr - # The command is FRR's default entrypoint & waiting for the log file to appear and tailing it. - # If the log file isn't created in 60 seconds the tail fails and the container is restarted. - # This workaround is needed to have the frr logs as part of kubectl logs -c frr < controller_pod_name >. - command: - - /bin/sh - - -c - - | - /sbin/tini -- /usr/lib/frr/docker-start & - attempts=0 - until [[ -f /etc/frr/frr.log || $attempts -eq 60 ]]; do - sleep 1 - attempts=$(( $attempts + 1 )) - done - tail -f /etc/frr/frr.log - {{- with .Values.frrk8s.frr.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.frrk8s.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /livez - port: {{ .Values.frrk8s.frr.metricsPort }} - host: {{ .Values.frrk8s.frr.metricsBindAddress }} - periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }} - failureThreshold: {{ .Values.frrk8s.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.frrk8s.startupProbe.enabled }} - startupProbe: - httpGet: - path: /livez - port: {{ .Values.frrk8s.frr.metricsPort }} - host: {{ .Values.frrk8s.frr.metricsBindAddress }} - failureThreshold: {{ .Values.frrk8s.startupProbe.failureThreshold }} - periodSeconds: {{ .Values.frrk8s.startupProbe.periodSeconds }} - {{- end }} - - name: reloader - image: {{ .Values.frrk8s.frr.image.repository }}:{{ .Values.frrk8s.frr.image.tag | default .Chart.AppVersion }} - {{- if .Values.frrk8s.frr.image.pullPolicy }} - imagePullPolicy: {{ .Values.frrk8s.frr.image.pullPolicy }} - {{- end }} - command: ["/etc/frr_reloader/frr-reloader.sh"] - volumeMounts: - - name: frr-sockets - mountPath: /var/run/frr - - name: frr-conf - mountPath: /etc/frr - - name: reloader - mountPath: /etc/frr_reloader - {{- with .Values.frrk8s.reloader.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - - name: frr-metrics - image: {{ .Values.frrk8s.frr.image.repository }}:{{ .Values.frrk8s.frr.image.tag | default .Chart.AppVersion }} - command: ["/etc/frr_metrics/frr-metrics"] - args: - - --metrics-port={{ .Values.frrk8s.frr.metricsPort }} - - --metrics-bind-address={{ .Values.frrk8s.frr.metricsBindAddress }} - ports: - - containerPort: {{ .Values.frrk8s.frr.metricsPort }} - name: monitoring - volumeMounts: - - name: frr-sockets - mountPath: /var/run/frr - - name: frr-conf - mountPath: /etc/frr - - name: metrics - mountPath: /etc/frr_metrics - {{- with .Values.frrk8s.frrMetrics.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - - name: kube-rbac-proxy - image: {{ .Values.prometheus.rbacProxy.repository }}:{{ .Values.prometheus.rbacProxy.tag }} - imagePullPolicy: {{ .Values.prometheus.rbacProxy.pullPolicy }} - args: - - --logtostderr - - --secure-listen-address=:{{ .Values.prometheus.secureMetricsPort }} - - --upstream=http://{{.Values.prometheus.metricsBindAddress}}:{{ .Values.prometheus.metricsPort }}/ - - --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - {{- if .Values.prometheus.metricsTLSSecret }} - - --tls-private-key-file=/etc/metrics/tls.key - - --tls-cert-file=/etc/metrics/tls.crt - {{- end }} - ports: - - containerPort: {{ .Values.prometheus.secureMetricsPort }} - name: metricshttps - resources: - requests: - cpu: 10m - memory: 20Mi - terminationMessagePolicy: FallbackToLogsOnError - {{- if .Values.prometheus.metricsTLSSecret }} - volumeMounts: - - name: metrics-certs - mountPath: /etc/metrics - readOnly: true - {{- end }} - - name: kube-rbac-proxy-frr - image: {{ .Values.prometheus.rbacProxy.repository }}:{{ .Values.prometheus.rbacProxy.tag | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.prometheus.rbacProxy.pullPolicy }} - args: - - --logtostderr - - --secure-listen-address=:{{ .Values.frrk8s.frr.secureMetricsPort }} - - --tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - - --upstream=http://{{ .Values.frrk8s.frr.metricsBindAddress }}:{{ .Values.frrk8s.frr.metricsPort }}/ - {{- if .Values.prometheus.metricsTLSSecret }} - - --tls-private-key-file=/etc/metrics/tls.key - - --tls-cert-file=/etc/metrics/tls.crt - {{- end }} - ports: - - containerPort: {{ .Values.frrk8s.frr.secureMetricsPort }} - name: metricshttps - resources: - requests: - cpu: 10m - memory: 20Mi - terminationMessagePolicy: FallbackToLogsOnError - {{- if .Values.prometheus.metricsTLSSecret }} - volumeMounts: - - name: metrics-certs - mountPath: /etc/metrics - readOnly: true - {{- end }} - nodeSelector: - "kubernetes.io/os": linux - {{- with .Values.frrk8s.nodeSelector }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.frrk8s.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if or .Values.frrk8s.tolerateMaster .Values.frrk8s.tolerations }} - tolerations: - {{- if .Values.frrk8s.tolerateMaster }} - - key: node-role.kubernetes.io/master - effect: NoSchedule - operator: Exists - - key: node-role.kubernetes.io/control-plane - effect: NoSchedule - operator: Exists - {{- end }} - {{- with .Values.frrk8s.tolerations }} - {{- toYaml . | nindent 6 }} - {{- end }} - {{- end }} - {{- with .Values.frrk8s.priorityClassName }} - priorityClassName: {{ . | quote }} - {{- end }} diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/rbac.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/rbac.yaml deleted file mode 100644 index e9beef897..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/rbac.yaml +++ /dev/null @@ -1,73 +0,0 @@ -{{- if .Values.rbac.create -}} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "frrk8s.fullname" . }}-controller - labels: {{- include "frrk8s.labels" . | nindent 4 }} -rules: -- apiGroups: ["frrk8s.metallb.io"] - resources: ["frrconfigurations"] - verbs: ["get", "list", "watch"] -- apiGroups: ["frrk8s.metallb.io"] - resources: ["frrnodestates"] - verbs: ["get", "list", "watch", "create", "delete", "patch", "update"] -- apiGroups: ["frrk8s.metallb.io"] - resources: ["frrnodestates/status"] - verbs: ["get", "patch", "update"] -- apiGroups: [""] - resources: ["nodes"] - verbs: ["get", "list", "watch"] -- apiGroups: ["authentication.k8s.io"] - resources: ["tokenreviews"] - verbs: ["create"] -- apiGroups: ["authorization.k8s.io"] - resources: ["subjectaccessreviews"] - verbs: ["create"] -- apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations"] - verbs: ["get", "list", "watch"] -- apiGroups: ["admissionregistration.k8s.io"] - resourceNames: ["frr-k8s-validating-webhook-configuration"] - resources: ["validatingwebhookconfigurations"] - verbs: ["update"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "frrk8s.fullname" . }}-controller - labels: {{- include "frrk8s.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "frrk8s.fullname" . }}-controller -subjects: -- kind: ServiceAccount - name: {{ include "frrk8s.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "frrk8s.fullname" . }}-controller - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "frrk8s.labels" . | nindent 4 }} -rules: -- apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch","update"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "frrk8s.fullname" . }}-controller - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "frrk8s.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "frrk8s.fullname" . }}-controller -subjects: -- kind: ServiceAccount - name: {{ include "frrk8s.serviceAccountName" . }} -{{ end -}} diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/service-accounts.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/service-accounts.yaml deleted file mode 100644 index 3c64c5cb2..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/service-accounts.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.frrk8s.serviceAccount.create }} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "frrk8s.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "frrk8s.labels" . | nindent 4 }} - app.kubernetes.io/component: controller - {{- with .Values.frrk8s.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} - diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/service-monitor.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/service-monitor.yaml deleted file mode 100644 index c6f91304e..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/service-monitor.yaml +++ /dev/null @@ -1,128 +0,0 @@ -{{- if .Values.prometheus.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "frrk8s.fullname" . }}-frr-k8s-monitor - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "frrk8s.labels" . | nindent 4 }} - app.kubernetes.io/component: frr-k8s - {{- if .Values.prometheus.serviceMonitor.additionalLabels }} -{{ toYaml .Values.prometheus.serviceMonitor.additionalLabels | indent 4 }} - {{- end }} - {{- if .Values.prometheus.serviceMonitor.annotations }} - annotations: -{{ toYaml .Values.prometheus.serviceMonitor.annotations | indent 4 }} - {{- end }} -spec: - endpoints: - - port: "metricshttps" - honorLabels: true - {{- if .Values.prometheus.serviceMonitor.metricRelabelings }} - metricRelabelings: - {{- toYaml .Values.prometheus.serviceMonitor.metricRelabelings | nindent 8 }} - {{- end -}} - {{- if .Values.prometheus.serviceMonitor.relabelings }} - relabelings: - {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 8 }} - {{- end }} - {{- if .Values.prometheus.serviceMonitor.interval }} - interval: {{ .Values.prometheus.serviceMonitor.interval }} - {{- end -}} -{{ if .Values.prometheus.secureMetricsPort }} - bearerTokenFile: "/var/run/secrets/kubernetes.io/serviceaccount/token" - scheme: "https" -{{- if .Values.prometheus.serviceMonitor.tlsConfig }} - tlsConfig: -{{ toYaml .Values.prometheus.serviceMonitor.tlsConfig | indent 8 }} -{{- end }} -{{ end }} -{{ if .Values.frrk8s.frr.secureMetricsPort }} - - port: "frrmetricshttps" - honorLabels: true - {{- if .Values.prometheus.serviceMonitor.metricRelabelings }} - metricRelabelings: - {{- toYaml .Values.prometheus.serviceMonitor.metricRelabelings | nindent 8 }} - {{- end -}} - {{- if .Values.prometheus.serviceMonitor.relabelings }} - relabelings: - {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 8 }} - {{- end }} - {{- if .Values.prometheus.serviceMonitor.interval }} - interval: {{ .Values.prometheus.serviceMonitor.interval }} - {{- end }} - bearerTokenFile: "/var/run/secrets/kubernetes.io/serviceaccount/token" - scheme: "https" -{{- if .Values.prometheus.serviceMonitor.tlsConfig }} - tlsConfig: -{{ toYaml .Values.prometheus.serviceMonitor.tlsConfig | indent 8 }} -{{- end }} -{{- end }} - jobLabel: {{ .Values.prometheus.serviceMonitor.jobLabel | quote }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - name: {{ template "frrk8s.fullname" . }}-frr-k8s-monitor-service ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - prometheus.io/scrape: "true" - {{- if .Values.prometheus.serviceMonitor.annotations }} -{{ toYaml .Values.prometheus.serviceMonitor.annotations | indent 4 }} - {{- end }} - labels: - name: {{ template "frrk8s.fullname" . }}-frr-k8s-monitor-service - name: {{ template "frrk8s.fullname" . }}-frr-k8s-monitor-service - namespace: {{ .Release.Namespace | quote }} -spec: - selector: - {{- include "frrk8s.selectorLabels" . | nindent 4 }} - app.kubernetes.io/component: frr-k8s - clusterIP: None - ports: - - name: "metricshttps" - port: {{ .Values.prometheus.secureMetricsPort }} - targetPort: {{ .Values.prometheus.secureMetricsPort }} - - name: frrmetricshttps - port: {{ .Values.frrk8s.frr.secureMetricsPort }} - targetPort: {{ .Values.frrk8s.frr.secureMetricsPort }} - sessionAffinity: None - type: ClusterIP ---- -{{- if .Values.prometheus.rbacPrometheus }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "frrk8s.fullname" . }}-prometheus - namespace: {{ .Release.Namespace | quote }} -rules: - - apiGroups: - - "" - resources: - - pods - - services - - endpoints - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "frrk8s.fullname" . }}-prometheus - namespace: {{ .Release.Namespace | quote }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "frrk8s.fullname" . }}-prometheus -subjects: - - kind: ServiceAccount - name: {{ required ".Values.prometheus.serviceAccount must be defined when .Values.prometheus.serviceMonitor.enabled == true" .Values.prometheus.serviceAccount }} - namespace: {{ required ".Values.prometheus.namespace must be defined when .Values.prometheus.serviceMonitor.enabled == true" .Values.prometheus.namespace }} -{{- end }} -{{- end }} diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/webhooks.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/webhooks.yaml deleted file mode 100644 index 3a4b9cd14..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/templates/webhooks.yaml +++ /dev/null @@ -1,159 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "frrk8s.fullname" . }}-webhook-server - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "frrk8s.labels" . | nindent 4 }} - app.kubernetes.io/component: frr-k8s-webhook-server - {{- range $key, $value := .Values.frrk8s.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} -spec: - selector: - matchLabels: - app.kubernetes.io/component: frr-k8s-webhook-server - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: frr-k8s-webhook-server - labels: - app.kubernetes.io/component: frr-k8s-webhook-server - spec: - {{- if .Values.frrk8s.runtimeClassName }} - runtimeClassName: {{ .Values.frrk8s.runtimeClassName }} - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - containers: - - command: - - /frr-k8s - args: - {{- with .Values.frrk8s.logLevel }} - - --log-level={{ . }} - {{- end }} - - "--webhook-mode=onlywebhook" - {{- if .Values.frrk8s.disableCertRotation }} - - "--disable-cert-rotation=true" - {{- end }} - {{- if .Values.frrk8s.restartOnRotatorSecretRefresh }} - - "--restart-on-rotator-secret-refresh=true" - {{- end }} - - "--namespace=$(NAMESPACE)" - - --health-probe-bind-address=:8081 - env: - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: {{ .Values.frrk8s.image.repository }}:{{ .Values.frrk8s.image.tag | default .Chart.AppVersion }} - {{- if .Values.frrk8s.image.pullPolicy }} - imagePullPolicy: {{ .Values.frrk8s.image.pullPolicy }} - {{- end }} - name: frr-k8s-webhook-server - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - {{- if .Values.frrk8s.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }} - failureThreshold: {{ .Values.frrk8s.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.frrk8s.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }} - failureThreshold: {{ .Values.frrk8s.readinessProbe.failureThreshold }} - {{- end }} - {{- with .Values.frrk8s.resources }} - resources: - {{- toYaml . | nindent 10 }} - {{- end }} - volumeMounts: - - name: cert - mountPath: /tmp/k8s-webhook-server/serving-certs - readOnly: true - {{- with .Values.frrk8s.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if or .Values.frrk8s.tolerateMaster .Values.frrk8s.tolerations }} - tolerations: - {{- if .Values.frrk8s.tolerateMaster }} - - key: node-role.kubernetes.io/master - effect: NoSchedule - operator: Exists - - key: node-role.kubernetes.io/control-plane - effect: NoSchedule - operator: Exists - {{- end }} - {{- with .Values.frrk8s.tolerations }} - {{- toYaml . | nindent 6 }} - {{- end }} - {{- end }} - {{- with .Values.frrk8s.priorityClassName }} - priorityClassName: {{ . | quote }} - {{- end }} - volumes: - - name: cert - secret: - defaultMode: 420 - secretName: frr-k8s-webhook-server-cert - serviceAccountName: {{ template "frrk8s.serviceAccountName" . }} - terminationGracePeriodSeconds: 10 ---- -apiVersion: v1 -kind: Secret -metadata: - name: frr-k8s-webhook-server-cert - namespace: {{ .Release.Namespace | quote }} ---- -apiVersion: v1 -kind: Service -metadata: - name: frr-k8s-webhook-service - namespace: {{ .Release.Namespace | quote }} -spec: - ports: - - port: 443 - targetPort: 9443 - selector: - app.kubernetes.io/component: frr-k8s-webhook-server ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: frr-k8s-validating-webhook-configuration -webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: frr-k8s-webhook-service - namespace: {{ .Release.Namespace }} - path: /validate-frrk8s-metallb-io-v1beta1-frrconfiguration - failurePolicy: {{ .Values.crds.validationFailurePolicy }} - name: frrconfigurationsvalidationwebhook.metallb.io - rules: - - apiGroups: - - frrk8s.metallb.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - frrconfigurations - sideEffects: None diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/values.schema.json b/packages/system/metallb/charts/metallb/charts/frr-k8s/values.schema.json deleted file mode 100644 index cb7b914c7..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/values.schema.json +++ /dev/null @@ -1,387 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft-07/schema#", - "title": "Values", - "type": "object", - "definitions": { - "prometheusAlert": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "labels": { - "type": "object", - "additionalProperties": { - "type": "string" - } - } - }, - "required": [ - "enabled" - ] - }, - "probe": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "failureThreshold": { - "type": "integer" - }, - "initialDelaySeconds": { - "type": "integer" - }, - "periodSeconds": { - "type": "integer" - }, - "successThreshold": { - "type": "integer" - }, - "timeoutSeconds": { - "type": "integer" - } - }, - "required": [ - "failureThreshold", - "initialDelaySeconds", - "periodSeconds", - "successThreshold", - "timeoutSeconds" - ] - }, - "component": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "logLevel": { - "type": "string", - "enum": [ - "all", - "debug", - "info", - "warn", - "error", - "none" - ] - }, - "image": { - "type": "object", - "properties": { - "repository": { - "type": "string" - }, - "tag": { - "anyOf": [ - { - "type": "string" - }, - { - "type": "null" - } - ] - }, - "pullPolicy": { - "anyOf": [ - { - "type": "null" - }, - { - "type": "string", - "enum": [ - "Always", - "IfNotPresent", - "Never" - ] - } - ] - } - } - }, - "serviceAccount": { - "type": "object", - "properties": { - "create": { - "type": "boolean" - }, - "name": { - "type": "string" - }, - "annotations": { - "type": "object" - } - } - }, - "resources": { - "type": "object" - }, - "nodeSelector": { - "type": "object" - }, - "tolerations": { - "type": "array", - "items": { - "type": "object" - } - }, - "priorityClassName": { - "type": "string" - }, - "runtimeClassName": { - "type": "string" - }, - "affinity": { - "type": "object" - }, - "podAnnotations": { - "type": "object" - }, - "livenessProbe": { - "$ref": "#/definitions/probe" - }, - "readinessProbe": { - "$ref": "#/definitions/probe" - } - }, - "required": [ - "image", - "serviceAccount" - ] - } - }, - "properties": { - "imagePullSecrets": { - "description": "Secrets used for pulling images", - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string" - } - }, - "required": [ - "name" - ], - "additionalProperties": false - } - }, - "nameOverride": { - "description": "Override chart name", - "type": "string" - }, - "fullNameOverride": { - "description": "Override fully qualified app name", - "type": "string" - }, - "rbac": { - "description": "RBAC configuration", - "type": "object", - "properties": { - "create": { - "description": "Enable RBAC", - "type": "boolean" - } - } - }, - "prometheus": { - "description": "Prometheus monitoring config", - "type": "object", - "properties": { - "scrapeAnnotations": { - "type": "boolean" - }, - "metricsPort": { - "type": "integer" - }, - "secureMetricsPort": { - "type": "integer" - }, - "rbacPrometheus": { - "type": "boolean" - }, - "serviceAccount": { - "type": "string" - }, - "namespace": { - "type": "string" - }, - "rbacProxy": { - "description": "kube-rbac-proxy configuration", - "type": "object", - "properties": { - "repository": { - "type": "string" - }, - "tag": { - "type": "string" - } - } - }, - "serviceMonitor": { - "description": "Prometheus Operator ServiceMonitors", - "type": "object", - "properties": { - "enabled": { - "type": "boolean" - }, - "jobLabel": { - "type": "string" - }, - "interval": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "null" - } - ] - }, - "metricRelabelings": { - "type": "array", - "items": { - "type": "object" - } - }, - "relabelings": { - "type": "array", - "items": { - "type": "object" - } - } - } - } - }, - "frrk8s": { - "allOf": [ - { - "$ref": "#/definitions/component" - }, - { - "description": "FRR-K8s controller", - "type": "object", - "properties": { - "tolerateMaster": { - "type": "boolean" - }, - "updateStrategy": { - "type": "object", - "properties": { - "type": { - "type": "string" - } - }, - "required": [ - "type" - ] - }, - "runtimeClassName": { - "type": "string" - }, - "secretName": { - "type": "string" - }, - "frr": { - "description": "The FRR properties in the controller", - "type": "object", - "properties": { - "image": { - "$ref": "#/definitions/component/properties/image" - }, - "metricsPort": { - "type": "integer" - }, - "secureMetricsPort": { - "type": "integer" - }, - "resources:": { - "type": "object" - } - }, - "required": [ - "enabled" - ] - }, - "command": { - "type": "string" - }, - "reloader": { - "type": "object", - "properties": { - "resources": { - "type": "object" - } - } - }, - "frrMetrics": { - "type": "object", - "properties": { - "resources": { - "type": "object" - } - } - } - }, - "required": [ - "tolerateMaster" - ] - } - ] - }, - "crds": { - "description": "CRD configuration", - "type": "object", - "properties": { - "enabled": { - "description": "Enable CRDs", - "type": "boolean" - }, - "validationFailurePolicy": { - "description": "Failure policy to use with validating webhooks", - "type": "string", - "enum": [ - "Ignore", - "Fail" - ] - } - } - } - }, - "frrk8s": { - "allOf": [ - { - "$ref": "#/definitions/component" - }, - { - "description": "FRRk8s Controller", - "type": "object", - "properties": { - "strategy": { - "type": "object", - "properties": { - "type": { - "type": "string" - } - }, - "required": [ - "type" - ] - }, - "command": { - "type": "string" - }, - "webhookMode": { - "type": "string" - } - } - } - ] - } - }, - "required": [ - "frrk8s" - ] -} \ No newline at end of file diff --git a/packages/system/metallb/charts/metallb/charts/frr-k8s/values.yaml b/packages/system/metallb/charts/metallb/charts/frr-k8s/values.yaml deleted file mode 100644 index 2cefcaa22..000000000 --- a/packages/system/metallb/charts/metallb/charts/frr-k8s/values.yaml +++ /dev/null @@ -1,173 +0,0 @@ -# Default values for frr-k8s. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -nameOverride: "" -fullnameOverride: "" - -rbac: - # create specifies whether to install and use RBAC rules. - create: true - -prometheus: - # scrape annotations specifies whether to add Prometheus metric - # auto-collection annotations to pods. See - # https://github.com/prometheus/prometheus/blob/release-2.1/documentation/examples/prometheus-kubernetes.yml - # for a corresponding Prometheus configuration. Alternatively, you - # may want to use the Prometheus Operator - # (https://github.com/coreos/prometheus-operator) for more powerful - # monitoring configuration. If you use the Prometheus operator, this - # can be left at false. - scrapeAnnotations: false - - # bind addr frr-k8s will use for metrics - metricsBindAddress: 127.0.0.1 - - # port frr-k8s will listen on for metrics - metricsPort: 7572 - - # if set, enables rbac proxy on frr-k8s to expose - # the metrics via tls. - secureMetricsPort: 9140 - - # the name of the secret to be mounted in the frr-k8s pod - # to expose the metrics securely. If not present, a self signed - # certificate to be used. - metricsTLSSecret: "" - - # prometheus doens't have the permission to scrape all namespaces so we give it permission to scrape metallb's one - rbacPrometheus: false - - # the service account used by prometheus - # required when " .Values.prometheus.rbacPrometheus == true " and " prometheus.serviceMonitor.enabled=true " - serviceAccount: "" - - # the namespace where prometheus is deployed - # required when " .Values.prometheus.rbacPrometheus == true " and " prometheus.serviceMonitor.enabled=true " - namespace: "" - - # the image to be used for the kuberbacproxy container - rbacProxy: - repository: gcr.io/kubebuilder/kube-rbac-proxy - tag: v0.12.0 - pullPolicy: - - # Prometheus Operator ServiceMonitors. - serviceMonitor: - # enable support for Prometheus Operator - enabled: false - - additionalLabels: {} - # optional additional annotations for the controller serviceMonitor - annotations: {} - # optional tls configuration for the controller serviceMonitor, in case - # secure metrics are enabled. - tlsConfig: - insecureSkipVerify: true - - # Job label for scrape target - jobLabel: "app.kubernetes.io/name" - - # Scrape interval. If not set, the Prometheus default scrape interval is used. - interval: - - # metric relabel configs to apply to samples before ingestion. - metricRelabelings: [] - # - action: keep - # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' - # sourceLabels: [__name__] - - # relabel configs to apply to samples before ingestion. - relabelings: [] - # - sourceLabels: [__meta_kubernetes_pod_node_name] - # separator: ; - # regex: ^(.*)$ - # target_label: nodename - # replacement: $1 - # action: replace - -# controller contains configuration specific to the FRRK8s controller -# daemonset. -frrk8s: - # -- Controller log level. Must be one of: `all`, `debug`, `info`, `warn`, `error` or `none` - logLevel: info - tolerateMaster: true - image: - repository: quay.io/metallb/frr-k8s - tag: - pullPolicy: - ## @param controller.updateStrategy.type FRR-K8s controller daemonset strategy type - ## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/ - ## - updateStrategy: - ## StrategyType - ## Can be set to RollingUpdate or OnDelete - ## - type: RollingUpdate - serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccount to use. If not set and create is - # true, a name is generated using the fullname template - name: "" - annotations: {} - ## Defines a secret name for the controller to generate a memberlist encryption secret - ## By default secretName: {{ "metallb.fullname" }}-memberlist - ## - # secretName: - resources: {} - # limits: - # cpu: 100m - # memory: 100Mi - nodeSelector: {} - tolerations: [] - priorityClassName: "" - affinity: {} - ## Selects which runtime class will be used by the pod. - runtimeClassName: "" - podAnnotations: {} - labels: - app: frr-k8s - healthPort: 8081 - livenessProbe: - enabled: true - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - readinessProbe: - enabled: true - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - startupProbe: - enabled: true - failureThreshold: 30 - periodSeconds: 5 - ## A comma separated list of cidrs we want always to block for incoming routes - alwaysBlock: "" - ## Specifies whether the cert rotator works as part of the webhook. - disableCertRotation: false - ## Specifies whether the pod restarts when the rotator refreshes the cert secret. - ## Enabling this proved useful for the webhook's stability when it is redeployed multiple times in succession. - restartOnRotatorSecretRefresh: false - # frr contains configuration specific to the FRR container, - frr: - image: - repository: quay.io/frrouting/frr - tag: 9.1.0 - pullPolicy: - metricsBindAddress: 127.0.0.1 - metricsPort: 7573 - resources: {} - secureMetricsPort: 9141 - reloader: - resources: {} - frrMetrics: - resources: {} -crds: - enabled: true - validationFailurePolicy: Fail diff --git a/packages/system/metallb/values.yaml b/packages/system/metallb/values.yaml index 6409872e4..737f17cf9 100644 --- a/packages/system/metallb/values.yaml +++ b/packages/system/metallb/values.yaml @@ -1,9 +1,6 @@ metallb: crds: enabled: true - speaker: - frr: - enabled: false #speaker: # tolerateMaster: false