diff --git a/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.0.0+up1.10.0.tgz b/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.0.0+up1.10.0.tgz
new file mode 100644
index 0000000000..6730f9c8ee
Binary files /dev/null and b/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.0.0+up1.10.0.tgz differ
diff --git a/assets/rancher-aks-operator/rancher-aks-operator-105.0.0+up1.10.0.tgz b/assets/rancher-aks-operator/rancher-aks-operator-105.0.0+up1.10.0.tgz
new file mode 100644
index 0000000000..7c2b2de6ec
Binary files /dev/null and b/assets/rancher-aks-operator/rancher-aks-operator-105.0.0+up1.10.0.tgz differ
diff --git a/assets/rancher-eks-operator-crd/rancher-eks-operator-crd-105.0.0+up1.10.0.tgz b/assets/rancher-eks-operator-crd/rancher-eks-operator-crd-105.0.0+up1.10.0.tgz
new file mode 100644
index 0000000000..49b3def053
Binary files /dev/null and b/assets/rancher-eks-operator-crd/rancher-eks-operator-crd-105.0.0+up1.10.0.tgz differ
diff --git a/assets/rancher-eks-operator/rancher-eks-operator-105.0.0+up1.10.0.tgz b/assets/rancher-eks-operator/rancher-eks-operator-105.0.0+up1.10.0.tgz
new file mode 100644
index 0000000000..0962e18684
Binary files /dev/null and b/assets/rancher-eks-operator/rancher-eks-operator-105.0.0+up1.10.0.tgz differ
diff --git a/assets/rancher-gke-operator-crd/rancher-gke-operator-crd-105.0.0+up1.10.0.tgz b/assets/rancher-gke-operator-crd/rancher-gke-operator-crd-105.0.0+up1.10.0.tgz
new file mode 100644
index 0000000000..d4a86e2a0f
Binary files /dev/null and b/assets/rancher-gke-operator-crd/rancher-gke-operator-crd-105.0.0+up1.10.0.tgz differ
diff --git a/assets/rancher-gke-operator/rancher-gke-operator-105.0.0+up1.10.0.tgz b/assets/rancher-gke-operator/rancher-gke-operator-105.0.0+up1.10.0.tgz
new file mode 100644
index 0000000000..392093f4d7
Binary files /dev/null and b/assets/rancher-gke-operator/rancher-gke-operator-105.0.0+up1.10.0.tgz differ
diff --git a/assets/rancher-vsphere-cpi/rancher-vsphere-cpi-105.0.0+up1.9.1.tgz b/assets/rancher-vsphere-cpi/rancher-vsphere-cpi-105.0.0+up1.9.1.tgz
new file mode 100644
index 0000000000..2d0a2932bf
Binary files /dev/null and b/assets/rancher-vsphere-cpi/rancher-vsphere-cpi-105.0.0+up1.9.1.tgz differ
diff --git a/assets/rancher-vsphere-csi/rancher-vsphere-csi-105.0.0+up3.3.1-rancher6.tgz b/assets/rancher-vsphere-csi/rancher-vsphere-csi-105.0.0+up3.3.1-rancher6.tgz
new file mode 100644
index 0000000000..28f55282d8
Binary files /dev/null and b/assets/rancher-vsphere-csi/rancher-vsphere-csi-105.0.0+up3.3.1-rancher6.tgz differ
diff --git a/charts/rancher-aks-operator-crd/105.0.0+up1.10.0/Chart.yaml b/charts/rancher-aks-operator-crd/105.0.0+up1.10.0/Chart.yaml
new file mode 100644
index 0000000000..bfedfeeaf7
--- /dev/null
+++ b/charts/rancher-aks-operator-crd/105.0.0+up1.10.0/Chart.yaml
@@ -0,0 +1,12 @@
+annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/release-name: rancher-aks-operator-crd
+apiVersion: v2
+appVersion: 1.10.0
+description: AKS Operator CustomResourceDefinitions
+name: rancher-aks-operator-crd
+version: 105.0.0+up1.10.0
diff --git a/charts/rancher-aks-operator-crd/105.0.0+up1.10.0/templates/crds.yaml b/charts/rancher-aks-operator-crd/105.0.0+up1.10.0/templates/crds.yaml
new file mode 100644
index 0000000000..c4fcdfac05
--- /dev/null
+++ b/charts/rancher-aks-operator-crd/105.0.0+up1.10.0/templates/crds.yaml
@@ -0,0 +1,211 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ helm.sh/resource-policy: keep
+ name: aksclusterconfigs.aks.cattle.io
+spec:
+ group: aks.cattle.io
+ names:
+ kind: AKSClusterConfig
+ plural: aksclusterconfigs
+ shortNames:
+ - akscc
+ singular: aksclusterconfig
+ preserveUnknownFields: false
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ properties:
+ authBaseUrl:
+ nullable: true
+ type: string
+ authorizedIpRanges:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ azureCredentialSecret:
+ nullable: true
+ type: string
+ baseUrl:
+ nullable: true
+ type: string
+ clusterName:
+ nullable: true
+ type: string
+ dnsPrefix:
+ nullable: true
+ type: string
+ dnsServiceIp:
+ nullable: true
+ type: string
+ dockerBridgeCidr:
+ nullable: true
+ type: string
+ httpApplicationRouting:
+ nullable: true
+ type: boolean
+ imported:
+ type: boolean
+ kubernetesVersion:
+ nullable: true
+ type: string
+ linuxAdminUsername:
+ nullable: true
+ type: string
+ loadBalancerSku:
+ nullable: true
+ type: string
+ logAnalyticsWorkspaceGroup:
+ nullable: true
+ type: string
+ logAnalyticsWorkspaceName:
+ nullable: true
+ type: string
+ managedIdentity:
+ nullable: true
+ type: boolean
+ monitoring:
+ nullable: true
+ type: boolean
+ networkPlugin:
+ nullable: true
+ type: string
+ networkPolicy:
+ nullable: true
+ type: string
+ nodePools:
+ items:
+ properties:
+ availabilityZones:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ count:
+ nullable: true
+ type: integer
+ enableAutoScaling:
+ nullable: true
+ type: boolean
+ maxCount:
+ nullable: true
+ type: integer
+ maxPods:
+ nullable: true
+ type: integer
+ maxSurge:
+ nullable: true
+ type: string
+ minCount:
+ nullable: true
+ type: integer
+ mode:
+ nullable: true
+ type: string
+ name:
+ nullable: true
+ type: string
+ nodeLabels:
+ additionalProperties:
+ nullable: true
+ type: string
+ nullable: true
+ type: object
+ nodeTaints:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ orchestratorVersion:
+ nullable: true
+ type: string
+ osDiskSizeGB:
+ nullable: true
+ type: integer
+ osDiskType:
+ nullable: true
+ type: string
+ osType:
+ nullable: true
+ type: string
+ vmSize:
+ nullable: true
+ type: string
+ vnetSubnetID:
+ nullable: true
+ type: string
+ type: object
+ nullable: true
+ type: array
+ nodeResourceGroup:
+ nullable: true
+ type: string
+ outboundType:
+ nullable: true
+ type: string
+ podCidr:
+ nullable: true
+ type: string
+ privateCluster:
+ nullable: true
+ type: boolean
+ privateDnsZone:
+ nullable: true
+ type: string
+ resourceGroup:
+ nullable: true
+ type: string
+ resourceLocation:
+ nullable: true
+ type: string
+ serviceCidr:
+ nullable: true
+ type: string
+ sshPublicKey:
+ nullable: true
+ type: string
+ subnet:
+ nullable: true
+ type: string
+ tags:
+ additionalProperties:
+ nullable: true
+ type: string
+ nullable: true
+ type: object
+ userAssignedIdentity:
+ nullable: true
+ type: string
+ virtualNetwork:
+ nullable: true
+ type: string
+ virtualNetworkResourceGroup:
+ nullable: true
+ type: string
+ type: object
+ status:
+ properties:
+ failureMessage:
+ nullable: true
+ type: string
+ phase:
+ nullable: true
+ type: string
+ rbacEnabled:
+ nullable: true
+ type: boolean
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/charts/rancher-aks-operator/105.0.0+up1.10.0/Chart.yaml b/charts/rancher-aks-operator/105.0.0+up1.10.0/Chart.yaml
new file mode 100644
index 0000000000..3396126059
--- /dev/null
+++ b/charts/rancher-aks-operator/105.0.0+up1.10.0/Chart.yaml
@@ -0,0 +1,20 @@
+annotations:
+ catalog.cattle.io/auto-install: rancher-aks-operator-crd=match
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/provides-gvr: aksclusterconfigs.aks.cattle.io/v1
+ catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0'
+ catalog.cattle.io/release-name: rancher-aks-operator
+ catalog.cattle.io/scope: management
+apiVersion: v2
+appVersion: 1.10.0
+description: A Helm chart for provisioning AKS clusters
+home: https://github.com/rancher/aks-operator
+name: rancher-aks-operator
+sources:
+- https://github.com/rancher/aks-operator
+version: 105.0.0+up1.10.0
diff --git a/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/NOTES.txt b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/NOTES.txt
new file mode 100644
index 0000000000..5ba05b482c
--- /dev/null
+++ b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/NOTES.txt
@@ -0,0 +1,4 @@
+You have deployed the Rancher AKS operator
+Version: {{ .Chart.AppVersion }}
+Description: This operator provisions AKS clusters
+from AKSClusterConfig CRs.
diff --git a/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/_helpers.tpl b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/_helpers.tpl
new file mode 100644
index 0000000000..de3b332f6a
--- /dev/null
+++ b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/_helpers.tpl
@@ -0,0 +1,25 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+ value: "linux"
+ effect: "NoSchedule"
+ operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
+
diff --git a/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/clusterrole.yaml b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/clusterrole.yaml
new file mode 100644
index 0000000000..5e2ce97567
--- /dev/null
+++ b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/clusterrole.yaml
@@ -0,0 +1,15 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: aks-operator
+ namespace: cattle-system
+rules:
+ - apiGroups: ['']
+ resources: ['secrets']
+ verbs: ['get', 'list', 'create', 'watch', 'update']
+ - apiGroups: ['aks.cattle.io']
+ resources: ['aksclusterconfigs']
+ verbs: ['get', 'list', 'update', 'watch']
+ - apiGroups: ['aks.cattle.io']
+ resources: ['aksclusterconfigs/status']
+ verbs: ['update']
diff --git a/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/clusterrolebinding.yaml b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..7aa7e785a4
--- /dev/null
+++ b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/clusterrolebinding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: aks-operator
+ namespace: cattle-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: aks-operator
+subjects:
+- kind: ServiceAccount
+ name: aks-operator
+ namespace: cattle-system
diff --git a/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/deployment.yaml b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/deployment.yaml
new file mode 100644
index 0000000000..e929a85cdc
--- /dev/null
+++ b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/deployment.yaml
@@ -0,0 +1,68 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: aks-config-operator
+ namespace: cattle-system
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ ke.cattle.io/operator: aks
+ template:
+ metadata:
+ labels:
+ ke.cattle.io/operator: aks
+ spec:
+ nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+ tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+ serviceAccountName: aks-operator
+ {{- if .Values.priorityClassName }}
+ priorityClassName: "{{.Values.priorityClassName}}"
+ {{- end }}
+ securityContext:
+ fsGroup: 1007
+ runAsUser: 1007
+ containers:
+ - name: aks-operator
+ image: '{{ template "system_default_registry" $ }}{{ $.Values.aksOperator.image.repository }}:{{ $.Values.aksOperator.image.tag }}'
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: HTTP_PROXY
+ value: {{ .Values.httpProxy }}
+ - name: HTTPS_PROXY
+ value: {{ .Values.httpsProxy }}
+ - name: NO_PROXY
+ value: {{ .Values.noProxy }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ readOnlyRootFilesystem: true
+ privileged: false
+ capabilities:
+ drop:
+ - ALL
+{{- if .Values.additionalTrustedCAs }}
+ # aks-operator mounts the additional CAs in two places:
+ volumeMounts:
+ # This directory is owned by the aks-operator user so c_rehash works here.
+ - mountPath: /etc/rancher/ssl/ca-additional.pem
+ name: tls-ca-additional-volume
+ subPath: ca-additional.pem
+ readOnly: true
+ # This directory is root-owned so c_rehash doesn't work here,
+ # but the cert is here in case update-ca-certificates is called in the future or by the OS.
+ - mountPath: /etc/pki/trust/anchors/ca-additional.pem
+ name: tls-ca-additional-volume
+ subPath: ca-additional.pem
+ readOnly: true
+ volumes:
+ - name: tls-ca-additional-volume
+ secret:
+ defaultMode: 0400
+ secretName: tls-ca-additional
+ {{- end }}
diff --git a/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/serviceaccount.yaml b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..9c40a152f5
--- /dev/null
+++ b/charts/rancher-aks-operator/105.0.0+up1.10.0/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ namespace: cattle-system
+ name: aks-operator
diff --git a/charts/rancher-aks-operator/105.0.0+up1.10.0/values.yaml b/charts/rancher-aks-operator/105.0.0+up1.10.0/values.yaml
new file mode 100644
index 0000000000..8bb929898f
--- /dev/null
+++ b/charts/rancher-aks-operator/105.0.0+up1.10.0/values.yaml
@@ -0,0 +1,23 @@
+global:
+ cattle:
+ systemDefaultRegistry: ""
+
+aksOperator:
+ image:
+ repository: rancher/aks-operator
+ tag: v1.10.0
+
+httpProxy: ""
+httpsProxy: ""
+noProxy: ""
+additionalTrustedCAs: false
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
diff --git a/charts/rancher-eks-operator-crd/105.0.0+up1.10.0/Chart.yaml b/charts/rancher-eks-operator-crd/105.0.0+up1.10.0/Chart.yaml
new file mode 100644
index 0000000000..7730b0a48f
--- /dev/null
+++ b/charts/rancher-eks-operator-crd/105.0.0+up1.10.0/Chart.yaml
@@ -0,0 +1,12 @@
+annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/release-name: rancher-eks-operator-crd
+apiVersion: v2
+appVersion: 1.10.0
+description: EKS Operator CustomResourceDefinitions
+name: rancher-eks-operator-crd
+version: 105.0.0+up1.10.0
diff --git a/charts/rancher-eks-operator-crd/105.0.0+up1.10.0/templates/crds.yaml b/charts/rancher-eks-operator-crd/105.0.0+up1.10.0/templates/crds.yaml
new file mode 100644
index 0000000000..5f2e07b221
--- /dev/null
+++ b/charts/rancher-eks-operator-crd/105.0.0+up1.10.0/templates/crds.yaml
@@ -0,0 +1,229 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ helm.sh/resource-policy: keep
+ name: eksclusterconfigs.eks.cattle.io
+spec:
+ group: eks.cattle.io
+ names:
+ kind: EKSClusterConfig
+ plural: eksclusterconfigs
+ shortNames:
+ - ekscc
+ singular: eksclusterconfig
+ preserveUnknownFields: false
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ properties:
+ amazonCredentialSecret:
+ nullable: true
+ type: string
+ displayName:
+ nullable: true
+ type: string
+ ebsCSIDriver:
+ nullable: true
+ type: boolean
+ imported:
+ type: boolean
+ kmsKey:
+ nullable: true
+ type: string
+ kubernetesVersion:
+ nullable: true
+ type: string
+ loggingTypes:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ nodeGroups:
+ items:
+ properties:
+ arm:
+ nullable: true
+ type: boolean
+ desiredSize:
+ nullable: true
+ type: integer
+ diskSize:
+ nullable: true
+ type: integer
+ ec2SshKey:
+ nullable: true
+ type: string
+ gpu:
+ nullable: true
+ type: boolean
+ imageId:
+ nullable: true
+ type: string
+ instanceType:
+ nullable: true
+ type: string
+ labels:
+ additionalProperties:
+ nullable: true
+ type: string
+ nullable: true
+ type: object
+ launchTemplate:
+ nullable: true
+ properties:
+ id:
+ nullable: true
+ type: string
+ name:
+ nullable: true
+ type: string
+ version:
+ nullable: true
+ type: integer
+ type: object
+ maxSize:
+ nullable: true
+ type: integer
+ minSize:
+ nullable: true
+ type: integer
+ nodeRole:
+ nullable: true
+ type: string
+ nodegroupName:
+ nullable: true
+ type: string
+ requestSpotInstances:
+ nullable: true
+ type: boolean
+ resourceTags:
+ additionalProperties:
+ nullable: true
+ type: string
+ nullable: true
+ type: object
+ spotInstanceTypes:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ subnets:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ tags:
+ additionalProperties:
+ nullable: true
+ type: string
+ nullable: true
+ type: object
+ userData:
+ nullable: true
+ type: string
+ version:
+ nullable: true
+ type: string
+ required:
+ - nodegroupName
+ type: object
+ nullable: true
+ type: array
+ privateAccess:
+ nullable: true
+ type: boolean
+ publicAccess:
+ nullable: true
+ type: boolean
+ publicAccessSources:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ region:
+ nullable: true
+ type: string
+ secretsEncryption:
+ nullable: true
+ type: boolean
+ securityGroups:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ serviceRole:
+ nullable: true
+ type: string
+ subnets:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ tags:
+ additionalProperties:
+ nullable: true
+ type: string
+ nullable: true
+ type: object
+ type: object
+ status:
+ properties:
+ failureMessage:
+ nullable: true
+ type: string
+ generatedNodeRole:
+ nullable: true
+ type: string
+ managedLaunchTemplateID:
+ nullable: true
+ type: string
+ managedLaunchTemplateVersions:
+ additionalProperties:
+ nullable: true
+ type: string
+ nullable: true
+ type: object
+ networkFieldsSource:
+ nullable: true
+ type: string
+ phase:
+ nullable: true
+ type: string
+ securityGroups:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ subnets:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ templateVersionsToDelete:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ virtualNetwork:
+ nullable: true
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/charts/rancher-eks-operator/105.0.0+up1.10.0/Chart.yaml b/charts/rancher-eks-operator/105.0.0+up1.10.0/Chart.yaml
new file mode 100644
index 0000000000..4677cf8f58
--- /dev/null
+++ b/charts/rancher-eks-operator/105.0.0+up1.10.0/Chart.yaml
@@ -0,0 +1,20 @@
+annotations:
+ catalog.cattle.io/auto-install: rancher-eks-operator-crd=match
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/provides-gvr: eksclusterconfigs.eks.cattle.io/v1
+ catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0'
+ catalog.cattle.io/release-name: rancher-eks-operator
+ catalog.cattle.io/scope: management
+apiVersion: v2
+appVersion: 1.10.0
+description: A Helm chart for provisioning EKS clusters
+home: https://github.com/rancher/eks-operator
+name: rancher-eks-operator
+sources:
+- https://github.com/rancher/eks-operator
+version: 105.0.0+up1.10.0
diff --git a/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/NOTES.txt b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/NOTES.txt
new file mode 100644
index 0000000000..23a1b4a8bf
--- /dev/null
+++ b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/NOTES.txt
@@ -0,0 +1,4 @@
+You have deployed the Rancher EKS operator
+Version: {{ .Chart.AppVersion }}
+Description: This operator provisions EKS clusters
+from EKSClusterConfig CRs.
diff --git a/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/_helpers.tpl b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/_helpers.tpl
new file mode 100644
index 0000000000..de3b332f6a
--- /dev/null
+++ b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/_helpers.tpl
@@ -0,0 +1,25 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+ value: "linux"
+ effect: "NoSchedule"
+ operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
+
diff --git a/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/clusterrole.yaml b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/clusterrole.yaml
new file mode 100644
index 0000000000..d0d561b6ea
--- /dev/null
+++ b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/clusterrole.yaml
@@ -0,0 +1,15 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: eks-operator
+ namespace: cattle-system
+rules:
+ - apiGroups: ['']
+ resources: ['secrets']
+ verbs: ['get', 'list', 'create', 'watch']
+ - apiGroups: ['eks.cattle.io']
+ resources: ['eksclusterconfigs']
+ verbs: ['get', 'list', 'update', 'watch']
+ - apiGroups: ['eks.cattle.io']
+ resources: ['eksclusterconfigs/status']
+ verbs: ['update']
diff --git a/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/clusterrolebinding.yaml b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..2b1846353e
--- /dev/null
+++ b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/clusterrolebinding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: eks-operator
+ namespace: cattle-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: eks-operator
+subjects:
+- kind: ServiceAccount
+ name: eks-operator
+ namespace: cattle-system
diff --git a/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/deployment.yaml b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/deployment.yaml
new file mode 100644
index 0000000000..27b1f58366
--- /dev/null
+++ b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/deployment.yaml
@@ -0,0 +1,68 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: eks-config-operator
+ namespace: cattle-system
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ ke.cattle.io/operator: eks
+ template:
+ metadata:
+ labels:
+ ke.cattle.io/operator: eks
+ spec:
+ nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+ tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+ serviceAccountName: eks-operator
+ {{- if .Values.priorityClassName }}
+ priorityClassName: "{{.Values.priorityClassName}}"
+ {{- end }}
+ securityContext:
+ fsGroup: 1007
+ runAsUser: 1007
+ containers:
+ - name: eks-operator
+ image: '{{ template "system_default_registry" $ }}{{ $.Values.eksOperator.image.repository }}:{{ $.Values.eksOperator.image.tag }}'
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: HTTP_PROXY
+ value: {{ .Values.httpProxy }}
+ - name: HTTPS_PROXY
+ value: {{ .Values.httpsProxy }}
+ - name: NO_PROXY
+ value: {{ .Values.noProxy }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ readOnlyRootFilesystem: true
+ privileged: false
+ capabilities:
+ drop:
+ - ALL
+{{- if .Values.additionalTrustedCAs }}
+ # eks-operator mounts the additional CAs in two places:
+ volumeMounts:
+ # This directory is owned by the eks-operator user so c_rehash works here.
+ - mountPath: /etc/rancher/ssl/ca-additional.pem
+ name: tls-ca-additional-volume
+ subPath: ca-additional.pem
+ readOnly: true
+ # This directory is root-owned so c_rehash doesn't work here,
+ # but the cert is here in case update-ca-certificates is called in the future or by the OS.
+ - mountPath: /etc/pki/trust/anchors/ca-additional.pem
+ name: tls-ca-additional-volume
+ subPath: ca-additional.pem
+ readOnly: true
+ volumes:
+ - name: tls-ca-additional-volume
+ secret:
+ defaultMode: 0400
+ secretName: tls-ca-additional
+ {{- end }}
diff --git a/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/serviceaccount.yaml b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..934de07e0d
--- /dev/null
+++ b/charts/rancher-eks-operator/105.0.0+up1.10.0/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ namespace: cattle-system
+ name: eks-operator
diff --git a/charts/rancher-eks-operator/105.0.0+up1.10.0/values.yaml b/charts/rancher-eks-operator/105.0.0+up1.10.0/values.yaml
new file mode 100644
index 0000000000..50c4cb6ae3
--- /dev/null
+++ b/charts/rancher-eks-operator/105.0.0+up1.10.0/values.yaml
@@ -0,0 +1,22 @@
+global:
+ cattle:
+ systemDefaultRegistry: ""
+
+eksOperator:
+ image:
+ repository: rancher/eks-operator
+ tag: v1.10.0
+
+httpProxy: ""
+httpsProxy: ""
+noProxy: ""
+additionalTrustedCAs: false
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
diff --git a/charts/rancher-gke-operator-crd/105.0.0+up1.10.0/Chart.yaml b/charts/rancher-gke-operator-crd/105.0.0+up1.10.0/Chart.yaml
new file mode 100644
index 0000000000..9c34fc61be
--- /dev/null
+++ b/charts/rancher-gke-operator-crd/105.0.0+up1.10.0/Chart.yaml
@@ -0,0 +1,12 @@
+annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/release-name: rancher-gke-operator-crd
+apiVersion: v2
+appVersion: 1.10.0
+description: GKE Operator CustomResourceDefinitions
+name: rancher-gke-operator-crd
+version: 105.0.0+up1.10.0
diff --git a/charts/rancher-gke-operator-crd/105.0.0+up1.10.0/templates/crds.yaml b/charts/rancher-gke-operator-crd/105.0.0+up1.10.0/templates/crds.yaml
new file mode 100644
index 0000000000..53fed0719c
--- /dev/null
+++ b/charts/rancher-gke-operator-crd/105.0.0+up1.10.0/templates/crds.yaml
@@ -0,0 +1,272 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ helm.sh/resource-policy: keep
+ name: gkeclusterconfigs.gke.cattle.io
+spec:
+ group: gke.cattle.io
+ names:
+ kind: GKEClusterConfig
+ plural: gkeclusterconfigs
+ shortNames:
+ - gkecc
+ singular: gkeclusterconfig
+ preserveUnknownFields: false
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ properties:
+ autopilotConfig:
+ nullable: true
+ properties:
+ enabled:
+ type: boolean
+ type: object
+ clusterAddons:
+ nullable: true
+ properties:
+ horizontalPodAutoscaling:
+ type: boolean
+ httpLoadBalancing:
+ type: boolean
+ networkPolicyConfig:
+ type: boolean
+ type: object
+ clusterIpv4Cidr:
+ nullable: true
+ type: string
+ clusterName:
+ nullable: true
+ type: string
+ customerManagedEncryptionKey:
+ nullable: true
+ properties:
+ keyName:
+ nullable: true
+ type: string
+ ringName:
+ nullable: true
+ type: string
+ type: object
+ description:
+ nullable: true
+ type: string
+ enableKubernetesAlpha:
+ nullable: true
+ type: boolean
+ googleCredentialSecret:
+ nullable: true
+ type: string
+ imported:
+ type: boolean
+ ipAllocationPolicy:
+ nullable: true
+ properties:
+ clusterIpv4CidrBlock:
+ nullable: true
+ type: string
+ clusterSecondaryRangeName:
+ nullable: true
+ type: string
+ createSubnetwork:
+ type: boolean
+ nodeIpv4CidrBlock:
+ nullable: true
+ type: string
+ servicesIpv4CidrBlock:
+ nullable: true
+ type: string
+ servicesSecondaryRangeName:
+ nullable: true
+ type: string
+ subnetworkName:
+ nullable: true
+ type: string
+ useIpAliases:
+ type: boolean
+ type: object
+ kubernetesVersion:
+ nullable: true
+ type: string
+ labels:
+ additionalProperties:
+ nullable: true
+ type: string
+ nullable: true
+ type: object
+ locations:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ loggingService:
+ nullable: true
+ type: string
+ maintenanceWindow:
+ nullable: true
+ type: string
+ masterAuthorizedNetworks:
+ nullable: true
+ properties:
+ cidrBlocks:
+ items:
+ properties:
+ cidrBlock:
+ nullable: true
+ type: string
+ displayName:
+ nullable: true
+ type: string
+ type: object
+ nullable: true
+ type: array
+ enabled:
+ type: boolean
+ type: object
+ monitoringService:
+ nullable: true
+ type: string
+ network:
+ nullable: true
+ type: string
+ networkPolicyEnabled:
+ nullable: true
+ type: boolean
+ nodePools:
+ items:
+ properties:
+ autoscaling:
+ nullable: true
+ properties:
+ enabled:
+ type: boolean
+ maxNodeCount:
+ type: integer
+ minNodeCount:
+ type: integer
+ type: object
+ config:
+ nullable: true
+ properties:
+ bootDiskKmsKey:
+ nullable: true
+ type: string
+ diskSizeGb:
+ type: integer
+ diskType:
+ nullable: true
+ type: string
+ imageType:
+ nullable: true
+ type: string
+ labels:
+ additionalProperties:
+ nullable: true
+ type: string
+ nullable: true
+ type: object
+ localSsdCount:
+ type: integer
+ machineType:
+ nullable: true
+ type: string
+ oauthScopes:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ preemptible:
+ type: boolean
+ serviceAccount:
+ nullable: true
+ type: string
+ tags:
+ items:
+ nullable: true
+ type: string
+ nullable: true
+ type: array
+ taints:
+ items:
+ properties:
+ effect:
+ nullable: true
+ type: string
+ key:
+ nullable: true
+ type: string
+ value:
+ nullable: true
+ type: string
+ type: object
+ nullable: true
+ type: array
+ type: object
+ initialNodeCount:
+ nullable: true
+ type: integer
+ management:
+ nullable: true
+ properties:
+ autoRepair:
+ type: boolean
+ autoUpgrade:
+ type: boolean
+ type: object
+ maxPodsConstraint:
+ nullable: true
+ type: integer
+ name:
+ nullable: true
+ type: string
+ version:
+ nullable: true
+ type: string
+ type: object
+ nullable: true
+ type: array
+ privateClusterConfig:
+ nullable: true
+ properties:
+ enablePrivateEndpoint:
+ type: boolean
+ enablePrivateNodes:
+ type: boolean
+ masterIpv4CidrBlock:
+ nullable: true
+ type: string
+ type: object
+ projectID:
+ nullable: true
+ type: string
+ region:
+ nullable: true
+ type: string
+ subnetwork:
+ nullable: true
+ type: string
+ zone:
+ nullable: true
+ type: string
+ type: object
+ status:
+ properties:
+ failureMessage:
+ nullable: true
+ type: string
+ phase:
+ nullable: true
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/charts/rancher-gke-operator/105.0.0+up1.10.0/Chart.yaml b/charts/rancher-gke-operator/105.0.0+up1.10.0/Chart.yaml
new file mode 100644
index 0000000000..78b8e5bf40
--- /dev/null
+++ b/charts/rancher-gke-operator/105.0.0+up1.10.0/Chart.yaml
@@ -0,0 +1,20 @@
+annotations:
+ catalog.cattle.io/auto-install: rancher-gke-operator-crd=match
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/provides-gvr: gkeclusterconfigs.gke.cattle.io/v1
+ catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0'
+ catalog.cattle.io/release-name: rancher-gke-operator
+ catalog.cattle.io/scope: management
+apiVersion: v2
+appVersion: 1.10.0
+description: A Helm chart for provisioning GKE clusters
+home: https://github.com/rancher/gke-operator
+name: rancher-gke-operator
+sources:
+- https://github.com/rancher/gke-operator
+version: 105.0.0+up1.10.0
diff --git a/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/NOTES.txt b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/NOTES.txt
new file mode 100644
index 0000000000..238173d1bd
--- /dev/null
+++ b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/NOTES.txt
@@ -0,0 +1,4 @@
+You have deployed the Rancher GKE operator
+Version: {{ .Chart.AppVersion }}
+Description: This operator provisions GKE clusters
+from GKEClusterConfig CRs.
diff --git a/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/_helpers.tpl b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/_helpers.tpl
new file mode 100644
index 0000000000..de3b332f6a
--- /dev/null
+++ b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/_helpers.tpl
@@ -0,0 +1,25 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+ value: "linux"
+ effect: "NoSchedule"
+ operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
+
diff --git a/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/clusterrole.yaml b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/clusterrole.yaml
new file mode 100644
index 0000000000..7c352696ee
--- /dev/null
+++ b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/clusterrole.yaml
@@ -0,0 +1,15 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: gke-operator
+ namespace: cattle-system
+rules:
+ - apiGroups: ['']
+ resources: ['secrets']
+ verbs: ['get', 'list', 'create', 'watch']
+ - apiGroups: ['gke.cattle.io']
+ resources: ['gkeclusterconfigs']
+ verbs: ['get', 'list', 'update', 'watch']
+ - apiGroups: ['gke.cattle.io']
+ resources: ['gkeclusterconfigs/status']
+ verbs: ['update']
diff --git a/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/clusterrolebinding.yaml b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000000..e2af390c71
--- /dev/null
+++ b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/clusterrolebinding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: gke-operator
+ namespace: cattle-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: gke-operator
+subjects:
+- kind: ServiceAccount
+ name: gke-operator
+ namespace: cattle-system
diff --git a/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/deployment.yaml b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/deployment.yaml
new file mode 100644
index 0000000000..731fa1d4c2
--- /dev/null
+++ b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/deployment.yaml
@@ -0,0 +1,69 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: gke-config-operator
+ namespace: cattle-system
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ ke.cattle.io/operator: gke
+ template:
+ metadata:
+ labels:
+ ke.cattle.io/operator: gke
+ spec:
+ nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+ tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+ serviceAccountName: gke-operator
+ {{- if .Values.priorityClassName }}
+ priorityClassName: "{{.Values.priorityClassName}}"
+ {{- end }}
+ securityContext:
+ fsGroup: 1007
+ runAsUser: 1007
+ containers:
+ - name: rancher-gke-operator
+ image: '{{ template "system_default_registry" $ }}{{ $.Values.gkeOperator.image.repository }}:{{ $.Values.gkeOperator.image.tag }}'
+ imagePullPolicy: IfNotPresent
+ args: ["-debug={{ .Values.gkeOperator.debug | default false }}"]
+ env:
+ - name: HTTP_PROXY
+ value: {{ .Values.httpProxy }}
+ - name: HTTPS_PROXY
+ value: {{ .Values.httpsProxy }}
+ - name: NO_PROXY
+ value: {{ .Values.noProxy }}
+ securityContext:
+ allowPrivilegeEscalation: false
+ readOnlyRootFilesystem: true
+ privileged: false
+ capabilities:
+ drop:
+ - ALL
+{{- if .Values.additionalTrustedCAs }}
+ # gke-operator mounts the additional CAs in two places:
+ volumeMounts:
+ # This directory is owned by the gke-operator user so c_rehash works here.
+ - mountPath: /etc/rancher/ssl/ca-additional.pem
+ name: tls-ca-additional-volume
+ subPath: ca-additional.pem
+ readOnly: true
+ # This directory is root-owned so c_rehash doesn't work here,
+ # but the cert is here in case update-ca-certificates is called in the future or by the OS.
+ - mountPath: /etc/pki/trust/anchors/ca-additional.pem
+ name: tls-ca-additional-volume
+ subPath: ca-additional.pem
+ readOnly: true
+ volumes:
+ - name: tls-ca-additional-volume
+ secret:
+ defaultMode: 0400
+ secretName: tls-ca-additional
+ {{- end }}
diff --git a/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/serviceaccount.yaml b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ba52af6280
--- /dev/null
+++ b/charts/rancher-gke-operator/105.0.0+up1.10.0/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ namespace: cattle-system
+ name: gke-operator
diff --git a/charts/rancher-gke-operator/105.0.0+up1.10.0/values.yaml b/charts/rancher-gke-operator/105.0.0+up1.10.0/values.yaml
new file mode 100644
index 0000000000..2d405d7435
--- /dev/null
+++ b/charts/rancher-gke-operator/105.0.0+up1.10.0/values.yaml
@@ -0,0 +1,23 @@
+global:
+ cattle:
+ systemDefaultRegistry: ""
+
+gkeOperator:
+ image:
+ repository: rancher/gke-operator
+ tag: v1.10.0
+ debug: false
+
+httpProxy: ""
+httpsProxy: ""
+noProxy: ""
+additionalTrustedCAs: false
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+## PriorityClassName assigned to deployment.
+priorityClassName: ""
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/Chart.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/Chart.yaml
new file mode 100644
index 0000000000..1d00526430
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/Chart.yaml
@@ -0,0 +1,24 @@
+annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/display-name: vSphere CPI
+ catalog.cattle.io/kube-version: '>= 1.27.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: kube-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/rancher-version: '>= 2.10.0-0'
+ catalog.cattle.io/release-name: vsphere-cpi
+apiVersion: v1
+appVersion: 1.9.1
+description: vSphere Cloud Provider Interface (CPI)
+icon: https://charts.rancher.io/assets/logos/vsphere-cpi.svg
+keywords:
+- infrastructure
+maintainers:
+- email: jiaqi.luo@suse.com
+ name: Jiaqi Luo
+- email: brad.davidson@suse.com
+ name: Brad Davidson
+name: rancher-vsphere-cpi
+sources:
+- https://github.com/kubernetes/cloud-provider-vsphere
+version: 105.0.0+up1.9.1
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/README.md b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/README.md
new file mode 100644
index 0000000000..a8a605e16b
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/README.md
@@ -0,0 +1,59 @@
+# vSphere Cloud Provider Interface (CPI)
+
+[vSphere Cloud Provider Interface (CPI)](https://github.com/kubernetes/cloud-provider-vsphere) is responsible for running all the platform specific control loops that were previously run in core Kubernetes components like the KCM and the kubelet, but have been moved out-of-tree to allow cloud and infrastructure providers to implement integrations that can be developed, built and released independent of Kubernetes core. The official documentation and tutorials can be found [here](https://vsphere-csi-driver.sigs.k8s.io/driver-deployment/prerequisites.html).
+
+**This chart requires being deployed into the `kube-system` namespace.**
+
+## Prerequisites
+
+- vSphere 6.7 U3+
+- Kubernetes v1.14+
+- A Secret on your Kubernetes cluster that contains vSphere credentials (Refer to `README` or `Detailed Descriptions`)
+
+## Installation
+
+This chart requires a Secret in your Kubernetes cluster that contains the server URL and credentials to connect to the vCenter. You can have the chart generate it for you, or create it yourself and provide the name of the Secret during installation.
+
+Warning: When the option to generate the Secret is enabled, the credentials are visible in the API to authorized users. If you create the Secret yourself they will not be visible.
+
+You can create a Secret in one of the following ways:
+### Option 1: Create a Secret using the Rancher UI
+Go to your cluster's project (Same project you will be installing the chart) > Resources > Secrets > Add Secret.
+```yaml
+# Example of data required in the Secret
+.username:
+.password:
+```
+
+### Option 2: Create a Secret using kubectl
+Replace placeholders with actual values, and execute the following:
+```bash
+cat <
+ namespace:
+data:
+ .username:
+ .password:
+EOF
+```
+
+More information on managing Secrets using kubectl [here](https://kubernetes.io/docs/tasks/configmap-secret/managing-secret-using-kubectl/).
+
+## Migration
+
+If using this chart to migrate volumes provisioned by the in-tree provider to the out-of-tree CPI + CSI, you need to taint all nodes with the following:
+```
+node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
+```
+
+To perform this operation on all nodes in your cluster, the following script has been provided for your convenience:
+```bash
+# Note: Since this script uses kubectl, ensure that you run `export KUBECONFIG=` before running this script
+for node in $(kubectl get nodes | awk '{print $1}' | tail -n +2); do
+ kubectl taint node $node node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
+done
+```
\ No newline at end of file
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/app-readme.md b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/app-readme.md
new file mode 100644
index 0000000000..67329e95b9
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/app-readme.md
@@ -0,0 +1,11 @@
+# vSphere Cloud Provider Interface (CPI)
+
+[vSphere Cloud Provider Interface (CPI)](https://github.com/kubernetes/cloud-provider-vsphere) is responsible for running all the platform specific control loops that were previously run in core Kubernetes components like the KCM and the kubelet, but have been moved out-of-tree to allow cloud and infrastructure providers to implement integrations that can be developed, built and released independent of Kubernetes core. The official documentation and tutorials can be found [here](https://vsphere-csi-driver.sigs.k8s.io/driver-deployment/prerequisites.html).
+
+**This chart requires being deployed into the `kube-system` namespace.**
+
+## Prerequisites
+
+- vSphere 6.7 U3+ or vSphere 7.0+
+- Kubernetes v1.19+
+- A Secret on your Kubernetes cluster that contains vSphere credentials (Refer to `README` or `Detailed Descriptions`)
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/questions.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/questions.yaml
new file mode 100644
index 0000000000..ee6e58891d
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/questions.yaml
@@ -0,0 +1,110 @@
+questions:
+ - variable: vCenter.host
+ label: vCenter Host
+ description: IP address or FQDN of the vCenter
+ type: string
+ required: true
+ group: vCenter
+
+ - variable: vCenter.datacenters
+ description: Comma-separated list of paths to data centers. E.g ", , ..."
+ label: Data Centers
+ type: string
+ required: true
+ group: vCenter
+
+ - variable: vCenter.credentialsSecret.generate
+ label: Generate Credential's Secret
+ description: Generates a secret with the vSphere credentials (If the option to generate it is enabled, credentials will be visible in the API to authorized users)
+ type: boolean
+ default: true
+ required: true
+ group: vCenter
+ show_subquestion_if: true
+ subquestions:
+ - variable: vCenter.username
+ label: Username
+ description: Username for vCenter
+ type: string
+ group: vCenter
+ - variable: vCenter.password
+ label: Password
+ description: Password for vCenter
+ type: password
+ group: vCenter
+
+ - variable: vCenter.credentialsSecret.name
+ label: Credential's Secret Name
+ description: Name of the secret with the vSphere credentials (Will not be visible in the API. More info in the README)
+ default: "vsphere-cpi-creds"
+ type: string
+ group: vCenter
+ show_if: "vCenter.credentialsSecret.generate=false"
+
+ - variable: vCenter.labels.generate
+ label: Define vSphere Tags
+ description: "vSphere Tags used to determine the zone and region of a Kubernetes node. This labels will be propagated to NodeLabels."
+ type: boolean
+ default: false
+ required: true
+ group: vCenter
+ show_subquestion_if: true
+ subquestions:
+ - variable: vCenter.labels.region
+ label: Region
+ description: vSphere tag which will used to define regions. e.g. eu-central
+ type: string
+ group: vCenter
+ - variable: vCenter.labels.zone
+ label: Zone
+ description: vSphere tag which will used to define availability zones
+ type: string
+ group: vCenter
+
+ - variable: global.ipFamily
+ label: Node Address IP Family
+ description: "The IP families of the address(es) to be assigned to the Node. The first selected family will be the Primary. Separate multiple families with a comma. Valid options are 'ipv4' and 'ipv6'."
+ type: string
+ default: "ipv4"
+ required: false
+ group: Global
+
+ - variable: nodesEnable
+ label: Node address selection filters
+ description: "Define the way that IP addresses are selected to be assigned to the Kubernetes Node"
+ type: boolean
+ default: false
+ required: false
+ group: Nodes
+ show_subquestion_if: true
+ subquestions:
+ - variable: nodes.internalNetworkSubnetCidr
+ label: Internal Network CIDR
+ description: "The vSphere cloud provider will select the first address that falls within the provided subnet and assign that value to the Internal IP for the node."
+ type: string
+ group: Nodes
+ - variable: nodes.externalNetworkSubnetCidr
+ label: External Network CIDR
+ description: "The vSphere cloud provider will select the first address that falls within the provided subnet and assign that value to the External IP for the node."
+ type: string
+ group: Nodes
+ - variable: nodes.internalVmNetworkName
+ label: Internal VM Network Name
+ description: "The vSphere cloud provider will select the first address found in the VM network matching the provided name and assign that value to the Internal IP for the node."
+ type: string
+ group: Nodes
+ - variable: nodes.externalVmNetworkName
+ label: External VM Network Name
+ description: "The vSphere cloud provider will select the first address found in the VM network matching the provided name and assign that value to the External IP for the node."
+ type: string
+ group: Nodes
+ - variable: nodes.excludeInternalNetworkSubnetCidr
+ label: Exclude Internal Network CIDR
+ description: "The vSphere cloud provider will never select addresses for the Internal IP that fall within the provided subnet ranges. This configuration has the highest precedence."
+ type: string
+ group: Nodes
+ - variable: nodes.excludeExternalNetworkSubnetCidr
+ label: Exclude External Network CIDR
+ description: "The vSphere cloud provider will never select addresses for the External IP that fall within the provided subnet ranges. This configuration has the highest precedence."
+ type: string
+ group: Nodes
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/_helpers.tpl b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/_helpers.tpl
new file mode 100644
index 0000000000..2e1ee14da2
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/_helpers.tpl
@@ -0,0 +1,50 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "applyVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.versionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+ value: "linux"
+ effect: "NoSchedule"
+ operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "chartName" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Labels that should be added on each resource
+*/}}
+{{- define "labels" -}}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+helm.sh/chart: {{ include "chartName" . }}
+{{- end -}}
+
+
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/configmap.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/configmap.yaml
new file mode 100644
index 0000000000..64b024bb98
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/configmap.yaml
@@ -0,0 +1,42 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: vsphere-cloud-config
+ labels:
+ vsphere-cpi-infra: config
+ component: {{ .Chart.Name }}-cloud-controller-manager
+ {{- include "labels" . | nindent 4 }}
+ namespace: {{ .Release.Namespace }}
+data:
+ vsphere.yaml: |
+ # Global properties in this section will be used for all specified vCenters unless overriden in VirtualCenter section.
+ global:
+ secretName: {{ .Values.vCenter.credentialsSecret.name | quote }}
+ secretNamespace: {{ $.Release.Namespace | quote }}
+ port: {{ .Values.vCenter.port }}
+ insecureFlag: {{ .Values.vCenter.insecureFlag }}
+ {{- with .Values.global.ipFamily }}
+ ipFamily:
+ {{- splitList "," . | toYaml | nindent 8 }}
+ {{- end }}
+ {{ with .Values.vCenter }}
+ # vcenter section
+ vcenter:
+ {{ .host | quote }}:
+ server: {{ .host | quote }}
+ datacenters:
+ - {{ .datacenters | quote }}
+ {{- if .labels.generate }}
+
+ # labels for regions and zones
+ labels:
+ region: {{ .labels.region | quote }}
+ zone: {{ .labels.zone | quote }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.nodesEnable }}
+ {{- with .Values.nodes }}
+ nodes:
+ {{- toYaml . | nindent 6 }}
+ {{- end }}
+ {{- end }}
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/daemonset.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/daemonset.yaml
new file mode 100644
index 0000000000..48b36ec949
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/daemonset.yaml
@@ -0,0 +1,119 @@
+{{- template "applyVersionOverrides" . -}}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: {{ .Chart.Name }}-cloud-controller-manager
+ labels:
+ component: {{ .Chart.Name }}-cloud-controller-manager
+ tier: control-plane
+ {{- include "labels" . | nindent 4 }}
+ namespace: {{ .Release.Namespace }}
+ annotations:
+ scheduler.alpha.kubernetes.io/critical-pod: ""
+spec:
+ selector:
+ matchLabels:
+ name: {{ .Chart.Name }}-cloud-controller-manager
+ updateStrategy:
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ name: {{ .Chart.Name }}-cloud-controller-manager
+ component: {{ .Chart.Name }}-cloud-controller-manager
+ tier: control-plane
+ {{- include "labels" . | nindent 8 }}
+ {{- with .Values.cloudControllerManager.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if .Values.cloudControllerManager.nodeSelector }}
+ nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+ {{- with .Values.cloudControllerManager.nodeSelector }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- else }}
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ # RKE node selector label
+ - key: node-role.kubernetes.io/controlplane
+ operator: In
+ values:
+ - "true"
+ - key: kubernetes.io/os
+ operator: NotIn
+ values:
+ - "windows"
+ - matchExpressions:
+ # RKE2 node selector label
+ - key: node-role.kubernetes.io/control-plane
+ operator: In
+ values:
+ - "true"
+ - key: kubernetes.io/os
+ operator: NotIn
+ values:
+ - "windows"
+ {{- end }}
+ {{- if .Values.cloudControllerManager.tolerations }}
+ tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+ {{- with .Values.cloudControllerManager.tolerations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- else }}
+ tolerations:
+ - key: node.cloudprovider.kubernetes.io/uninitialized
+ value: "true"
+ effect: NoSchedule
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
+ operator: Exists
+ - key: node.kubernetes.io/not-ready
+ effect: NoSchedule
+ operator: Exists
+ # Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints
+ - key: node-role.kubernetes.io/controlplane
+ effect: NoSchedule
+ value: "true"
+ - key: node-role.kubernetes.io/control-plane
+ effect: NoSchedule
+ operator: Exists
+ - key: node-role.kubernetes.io/etcd
+ effect: NoExecute
+ operator: Exists
+ {{- end }}
+ securityContext:
+ runAsUser: 1001
+ serviceAccountName: {{ .Chart.Name }}-cloud-controller-manager
+ containers:
+ - name: {{ .Chart.Name }}-cloud-controller-manager
+ image: {{ template "system_default_registry" . }}{{ .Values.cloudControllerManager.repository }}:{{ .Values.cloudControllerManager.tag }}
+ args:
+ - --cloud-provider=vsphere
+ - --v=2
+ - --cloud-config=/etc/cloud/vsphere.yaml
+ volumeMounts:
+ - mountPath: /etc/cloud
+ name: vsphere-config-volume
+ readOnly: true
+ resources:
+ requests:
+ cpu: 200m
+ {{- if or (.Values.cloudControllerManager.env) (.Values.global.ipFamily) }}
+ env:
+ {{- if .Values.global.ipFamily }}
+ - name: ENABLE_ALPHA_DUAL_STACK
+ value: "true"
+ {{- end }}
+ {{- with .Values.cloudControllerManager.env }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- end }}
+ hostNetwork: true
+ volumes:
+ - name: vsphere-config-volume
+ configMap:
+ name: vsphere-cloud-config
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/role-binding.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/role-binding.yaml
new file mode 100644
index 0000000000..ec40b9d6cb
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/role-binding.yaml
@@ -0,0 +1,42 @@
+{{- if .Values.cloudControllerManager.rbac.enabled -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: servicecatalog.k8s.io:apiserver-authentication-reader
+ labels:
+ vsphere-cpi-infra: role-binding
+ component: {{ .Chart.Name }}-cloud-controller-manager
+ {{- include "labels" . | nindent 4 }}
+ namespace: {{ .Release.Namespace }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: extension-apiserver-authentication-reader
+subjects:
+- apiGroup: ""
+ kind: ServiceAccount
+ name: {{ .Chart.Name }}-cloud-controller-manager
+ namespace: {{ .Release.Namespace }}
+- apiGroup: ""
+ kind: User
+ name: {{ .Chart.Name }}-cloud-controller-manager
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: system:{{ .Chart.Name }}-cloud-controller-manager
+ labels:
+ vsphere-cpi-infra: cluster-role-binding
+ component: {{ .Chart.Name }}-cloud-controller-manager
+ {{- include "labels" . | nindent 4 }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: system:{{ .Chart.Name }}-cloud-controller-manager
+subjects:
+- kind: ServiceAccount
+ name: {{ .Chart.Name }}-cloud-controller-manager
+ namespace: {{ .Release.Namespace }}
+- kind: User
+ name: {{ .Chart.Name }}-cloud-controller-manager
+{{- end -}}
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/role.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/role.yaml
new file mode 100644
index 0000000000..c64e982280
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/role.yaml
@@ -0,0 +1,93 @@
+{{- if .Values.cloudControllerManager.rbac.enabled -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: system:{{ .Chart.Name }}-cloud-controller-manager
+ labels:
+ vsphere-cpi-infra: role
+ component: {{ .Chart.Name }}-cloud-controller-manager
+ {{- include "labels" . | nindent 4 }}
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+ - update
+- apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - "*"
+- apiGroups:
+ - ""
+ resources:
+ - nodes/status
+ verbs:
+ - patch
+- apiGroups:
+ - ""
+ resources:
+ - services
+ verbs:
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - services/status
+ verbs:
+ - patch
+- apiGroups:
+ - ""
+ resources:
+ - serviceaccounts
+ verbs:
+ - create
+ - get
+ - list
+ - watch
+ - update
+- apiGroups:
+ - ""
+ resources:
+ - persistentvolumes
+ verbs:
+ - get
+ - list
+ - update
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - endpoints
+ verbs:
+ - create
+ - get
+ - list
+ - watch
+ - update
+- apiGroups:
+ - ""
+ resources:
+ - secrets
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - "coordination.k8s.io"
+ resources:
+ - leases
+ verbs:
+ - create
+ - get
+ - list
+ - watch
+ - update
+{{- end -}}
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/secret.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/secret.yaml
new file mode 100644
index 0000000000..c426e40bd7
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/secret.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.vCenter.credentialsSecret.generate -}}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.vCenter.credentialsSecret.name }}
+ labels:
+ vsphere-cpi-infra: secret
+ component: {{ .Chart.Name }}-cloud-controller-manager
+ {{- include "labels" . | nindent 4 }}
+ namespace: {{ .Release.Namespace }}
+data:
+ {{ .Values.vCenter.host }}.username: {{ .Values.vCenter.username | b64enc | quote }}
+ {{ .Values.vCenter.host }}.password: {{ .Values.vCenter.password | b64enc | quote }}
+{{- end -}}
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/service-account.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/service-account.yaml
new file mode 100644
index 0000000000..39632a35eb
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/service-account.yaml
@@ -0,0 +1,11 @@
+{{- if .Values.cloudControllerManager.rbac.enabled -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ .Chart.Name }}-cloud-controller-manager
+ labels:
+ vsphere-cpi-infra: service-account
+ component: {{ .Chart.Name }}-cloud-controller-manager
+ {{- include "labels" . | nindent 4 }}
+ namespace: {{ .Release.Namespace }}
+{{- end -}}
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/service.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/service.yaml
new file mode 100644
index 0000000000..99a07062d5
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/templates/service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ component: {{ .Chart.Name }}-cloud-controller-manager
+ {{- include "labels" . | nindent 4 }}
+ name: {{ .Chart.Name }}-cloud-controller-manager
+ namespace: {{ .Release.Namespace }}
+spec:
+ type: NodePort
+ ports:
+ - port: 43001
+ protocol: TCP
+ targetPort: 43001
+ selector:
+ component: {{ .Chart.Name }}-cloud-controller-manager
diff --git a/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/values.yaml b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/values.yaml
new file mode 100644
index 0000000000..eb42a9cb4a
--- /dev/null
+++ b/charts/rancher-vsphere-cpi/105.0.0+up1.9.1/values.yaml
@@ -0,0 +1,87 @@
+vCenter:
+ host: ""
+ port: 443
+ insecureFlag: true
+ datacenters: ""
+ username: ""
+ password: ""
+ credentialsSecret:
+ name: "vsphere-cpi-creds"
+ generate: true
+
+ # vSphere Tags used to determine the zone and region of a Kubernetes node. This labels will be propagated to NodeLabels
+ labels:
+ region: "k8s-region"
+ zone: "k8s-zone"
+ generate: false
+
+# Nodes defines the way that the Node IPs are selected from the addresses assigned to the Node in kube-api
+# See https://github.com/kubernetes/cloud-provider-vsphere/blob/master/docs/book/cloud_config.md#nodes for details
+nodesEnable: false
+nodes:
+ internalNetworkSubnetCidr: ""
+ externalNetworkSubnetCidr: ""
+ internalVmNetworkName: ""
+ externalVmNetworkName: ""
+ excludeInternalNetworkSubnetCidr: ""
+ excludeExternalNetworkSubnetCidr: ""
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in versionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm uses the `.Capabilities.APIVersion` of whatever
+# Kubernetes release that version of Helm was built against.
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+#
+# Supported versions can be found at:
+# https://github.com/kubernetes/cloud-provider-vsphere#compatibility-with-kubernetes
+versionOverrides:
+ - constraint: "~ 1.31"
+ values:
+ cloudControllerManager:
+ repository: rancher/mirrored-cloud-provider-vsphere
+ tag: v1.31.0
+ - constraint: "~ 1.30"
+ values:
+ cloudControllerManager:
+ repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
+ tag: v1.30.1
+ - constraint: "~ 1.29"
+ values:
+ cloudControllerManager:
+ repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
+ tag: v1.29.0
+ - constraint: "~ 1.28"
+ values:
+ cloudControllerManager:
+ repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
+ tag: v1.28.0
+ - constraint: "~ 1.27"
+ values:
+ cloudControllerManager:
+ repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
+ tag: v1.27.0
+
+cloudControllerManager:
+ repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
+ tag: latest
+ nodeSelector: {}
+ tolerations: []
+ ## Optional additional labels to add to pods
+ podLabels: {}
+ rbac:
+ enabled: true
+ env: []
+
+global:
+ cattle:
+ systemDefaultRegistry: ""
+ # Set the IP Family to set Node addresses for (ipv4 or ipv6 or dual-stack, defaults to ipv4 only)
+ ipFamily: ""
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/Chart.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/Chart.yaml
new file mode 100644
index 0000000000..63b90a7144
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/Chart.yaml
@@ -0,0 +1,24 @@
+annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/display-name: vSphere CSI
+ catalog.cattle.io/kube-version: '>= 1.27.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: kube-system
+ catalog.cattle.io/os: linux,windows
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/rancher-version: '>= 2.10.0-0'
+ catalog.cattle.io/release-name: vsphere-csi
+apiVersion: v1
+appVersion: 3.3.1-rancher6
+description: vSphere Cloud Storage Interface (CSI)
+icon: https://charts.rancher.io/assets/logos/vsphere-csi.svg
+keywords:
+- infrastructure
+maintainers:
+- email: jiaqi.luo@suse.com
+ name: Jiaqi Luo
+- email: brad.davidson@suse.com
+ name: Brad Davidson
+name: rancher-vsphere-csi
+sources:
+- https://github.com/kubernetes-sigs/vsphere-csi-driver
+version: 105.0.0+up3.3.1-rancher6
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/README.md b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/README.md
new file mode 100644
index 0000000000..4cb94f45f2
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/README.md
@@ -0,0 +1,84 @@
+# vSphere Container Storage Interface (CSI)
+
+[vSphere Container Storage Interface (CSI)](https://github.com/kubernetes-sigs/vsphere-csi-driver/tree/release-2.1/manifests/v2.1.0/vsphere-7.0u1/) is a specification designed to enable persistent storage volume management on Container Orchestrators (COs) such as Kubernetes. The specification allows storage systems to integrate with containerized workloads running on Kubernetes. Using CSI, storage providers, such as VMware, can write and deploy plugins for storage systems in Kubernetes without a need to modify any core Kubernetes code.
+
+CSI allows volume plugins to be installed on Kubernetes clusters as extensions. Once a CSI compatible volume driver is deployed on a Kubernetes cluster, users can use the CSI to provision, attach, mount, and format the volumes exposed by the CSI driver.
+
+The CSI driver for vSphere is `csi.vsphere.vmware.com`.
+
+## Prerequisites
+
+- vSphere 6.7 U3+
+- Kubernetes v1.20+
+- Out-of-tree vSphere Cloud Provider Interface (CPI)
+- A Secret on your Kubernetes cluster that contains vSphere CSI configuration and credentials
+
+## Installation
+
+This chart requires a Secret in your Kubernetes cluster that contains the CSI configuration and credentials to connect to the vCenter. You can have the chart generate it for you, or create it yourself and provide the name of the Secret during installation.
+
+Warning: When the option to generate the Secret is enabled, the credentials are visible in the API to authorized users. If you create the Secret yourself they will not be visible.
+
+You can create a Secret in one of the following ways:
+
+### Option 1: Create a Secret using the Rancher UI
+
+Go to your cluster's project (Same project you will be installing the chart) > Resources > Secrets > Add Secret.
+```yaml
+# Example of data required in the Secret
+# The csi-vsphere.conf key name is required, otherwise the installation will fail
+csi-vsphere.conf: |
+ [Global]
+ cluster-id = ""
+ user = ""
+ password = ""
+ port = ""
+ insecure-flag = ""
+
+ [VirtualCenter ""]
+ datacenters = ", , ..."
+```
+More information on CSI vSphere configuration [here](https://vsphere-csi-driver.sigs.k8s.io/driver-deployment/installation.html#create_k8s_secret).
+
+### Option 2: Create a Secret using kubectl
+
+Replace placeholders with actual values, and execute the following:
+```bash
+# The csi-vsphere.conf key name is required, otherwise the installation will fail
+cat <
+ namespace:
+stringData:
+ csi-vsphere.conf: |
+ [Global]
+ cluster-id = ""
+ user = ""
+ password = ""
+ port = ""
+ insecure-flag = ""
+
+ [VirtualCenter ""]
+ datacenters = ", , ..."
+EOF
+```
+
+More information on managing Secrets using kubectl [here](https://kubernetes.io/docs/tasks/configmap-secret/managing-secret-using-kubectl/).
+
+## Migration
+
+The CSI migration feature is only available for vSphere 7.0 U1.
+
+## vSphere CSI with Topology
+
+When deploying to a vSphere environment using zoning, the topology plugin can be enabled for the CSI to make intelligent volume provisioning decisions. More information on vSphere zoning and prerequisites for the CSI toplogy plugin can be found [here](https://docs.vmware.com/en/VMware-vSphere-Container-Storage-Plug-in/2.0/vmware-vsphere-csp-getting-started/GUID-162E7582-723B-4A0F-A937-3ACE82EAFD31.html#guidelines-and-best-practices-for-deployment-with-topology-0).
+
+To enable the topology plugin, adjust the values for the chart as follows:
+
+```yaml
+topology:
+ enabled: true
+```
\ No newline at end of file
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/app-readme.md b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/app-readme.md
new file mode 100644
index 0000000000..bae1876f09
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/app-readme.md
@@ -0,0 +1,14 @@
+# vSphere Container Storage Interface (CSI)
+
+[vSphere Container Storage Interface (CSI)](https://github.com/kubernetes-sigs/vsphere-csi-driver) is a specification designed to enable persistent storage volume management on Container Orchestrators (COs) such as Kubernetes. The specification allows storage systems to integrate with containerized workloads running on Kubernetes. Using CSI, storage providers, such as VMware, can write and deploy plugins for storage systems in Kubernetes without a need to modify any core Kubernetes code.
+
+CSI allows volume plugins to be installed on Kubernetes clusters as extensions. Once a CSI compatible volume driver is deployed on a Kubernetes cluster, users can use the CSI to provision, attach, mount, and format the volumes exposed by the CSI driver.
+
+The CSI driver for vSphere is `csi.vsphere.vmware.com`.
+
+## Prerequisites
+
+- vSphere 6.7 U3+
+- Kubernetes v1.14+
+- Out-of-tree vSphere Cloud Provider Interface (CPI)
+- A Secret on your Kubernetes cluster that contains vSphere CSI configuration and credentials (Refer to `README` or `Detailed Descriptions`)
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/questions.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/questions.yaml
new file mode 100644
index 0000000000..74c5142685
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/questions.yaml
@@ -0,0 +1,169 @@
+questions:
+ - variable: vCenter.configSecret.generate
+ label: Generate CSI vSphere Config Secret
+ description: Generates a Secret that contains a CSI vSphere config and credentials (If the option to generate it is enabled, credentials will be visible in the API to authorized users)
+ type: boolean
+ default: true
+ required: true
+ group: vCenter Configuration
+ show_subquestion_if: true
+ subquestions:
+ - variable: vCenter.host
+ label: vCenter Host
+ description: IP address or FQDN of the vCenter
+ type: string
+
+ - variable: vCenter.datacenters
+ description: Comma-separated list of paths to data centers. E.g ", , ..."
+ label: Data Centers
+ type: string
+
+ - variable: vCenter.username
+ label: Username
+ description: Username for vCenter
+ type: string
+
+ - variable: vCenter.password
+ label: Password
+ description: Password for vCenter
+ type: password
+
+ - variable: vCenter.configSecret.name
+ label: CSI vSphere Config Secret Name
+ description: Name of the Secret that contains a CSI vSphere config and credentials (Will not be visible in the API. More info in the README)
+ type: string
+ group: vCenter Configuration
+ show_if: "vCenter.configSecret.generate=false"
+
+ - variable: csiMigration.enabled
+ label: Enable CSI Migration
+ description: Enable migration of volumes provisioned by in-tree vSphere provider to CSI (Available for vSphere 7.0 U1+ only)
+ type: boolean
+ default: false
+ group: Driver Configuration
+
+ - variable: csiAuthCheck.enabled
+ label: Enable authorization checks on operations involving datastores
+ type: boolean
+ default: true
+ group: Driver Configuration
+
+ - variable: onlineVolumeExtend.enabled
+ label: Enable Online Volume Extend
+ description: Enable expansion of PVCs that are in use by a Pod or mounted in a Node (Available for vSphere 7.0 U2+ only)
+ type: boolean
+ default: false
+ group: Driver Configuration
+
+ - variable: triggerCsiFullsync.enabled
+ label: Enable CSI Full Sync
+ description: Keeps CNS up to date with Kubernetes volume metadata information (such as PVs, PVCs, pods, and so on)
+ type: boolean
+ default: false
+ group: Driver Configuration
+
+ - variable: asyncQueryVolume.enabled
+ label: Enable Async Query Volume
+ description: Improves retrieval of volume information
+ type: boolean
+ default: false
+ group: Driver Configuration
+
+ - variable: improvedCsiIdempotency.enabled
+ label: Enable Improved CSI Idempotency
+ description: Enhances driver to ensure volume operations are idempotent
+ type: boolean
+ default: false
+ group: Driver Configuration
+
+ - variable: improvedVolumeTopology.enabled
+ label: Enable Improved Volume Topology
+ description: Allows using the topology feature without the need to mount vSphere credentials in the CSI node daemonset
+ type: boolean
+ default: false
+ group: Driver Configuration
+
+ - variable: multiVcenterCsiTopology.enabled
+ label: Enable Multi vCenter CSI Topology
+ description: Enables the vSphere CSI Driver to operate on a topology-aware Kubernetes Cluster (Generally this should always be enabled for CSI Plugin v3.1.0 and up)
+ type: boolean
+ default: true
+ group: Driver Configuration
+
+ - variable: csiWindowsSupport.enabled
+ label: Enable CSI Windows Support
+ description: Enables Windows support.
+ type: boolean
+ default: false
+ group: Driver Configuration
+
+ - variable: topology.enabled
+ label: Enable CSI Topology Plugin
+ description: Enables the CSI Topology Plugin
+ type: boolean
+ default: false
+ group: Driver Configuration
+
+ - variable: csiController.csiResizer.enabled
+ label: Enable CSI Volume Resizer
+ description: This feature is available for vSphere 7.0 U1+ only
+ type: boolean
+ default: false
+ group: Storage
+
+ - variable: blockVolumeSnapshot.enabled
+ label: Enable CSI Volume Snapshots
+ description: Enables CSI Snapshot support for vSphere PVs
+ type: boolean
+ default: false
+ group: Storage
+
+ - variable: storageClass.enabled
+ default: true
+ label: Create Storage Class
+ description: Create a storageClass with the vSphere CSI provisioner
+ type: boolean
+ required: true
+ show_subquestion_if: true
+ group: Storage
+ subquestions:
+ - variable: storageClass.name
+ label: Storage Class Name
+ default: "vsphere-csi-sc"
+ type: string
+
+ - variable: storageClass.isDefault
+ label: Default Storage Class
+ description: Set the Storage Class as the default
+ default: true
+ type: boolean
+
+ - variable: storageClass.allowVolumeExpansion
+ label: Allow Volume Expansion
+ description: Allows resizing the volume by editing the corresponding PVC object (Available for vSphere 7.0+ only)
+ default: false
+ type: boolean
+
+ - variable: storageClass.storagePolicyName
+ label: Storage Policy Name
+ description: Name of the Storage Policy created in vCenter
+ type: string
+
+ - variable: storageClass.datastoreURL
+ label: Data Store URL
+ description: URL of the data store to use for new volumes (If unspecified, any data store that matches the request will be selected).
+ type: string
+
+ - variable: csiNode.prefixPath
+ label: Prefix Path for `/var/lib/kubelet`
+ description: For some operating systems including RancherOS, RKE prefixes `/var/lib/kubelet` with `/opt/rke`. Add the prefix path of the location of /var/lib/kubelet
+ type: string
+ default: ""
+ group: Node Configuration
+
+ - variable: csiNode.prefixPathWindows
+ label: Prefix Path for `/var/lib/kubelet`
+ description: For some operating systems including RancherOS, RKE prefixes `/var/lib/kubelet` with `/opt/rke`. For Windows, this will likely be the default value, which is 'C:'
+ type: string
+ default: ""
+ group: Node Configuration
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/_helpers.tpl b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/_helpers.tpl
new file mode 100644
index 0000000000..77fc1c47eb
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/_helpers.tpl
@@ -0,0 +1,48 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "applyVersionOverrides" -}}
+{{- $overrides := dict -}}
+{{- range $override := .Values.versionOverrides -}}
+{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}}
+{{- $_ := mergeOverwrite $overrides $override.values -}}
+{{- end -}}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values $overrides -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+ value: "linux"
+ effect: "NoSchedule"
+ operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "chartName" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Labels that should be added on each resource
+*/}}
+{{- define "labels" -}}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+helm.sh/chart: {{ include "chartName" . }}
+{{- end -}}
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/configmap.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/configmap.yaml
new file mode 100644
index 0000000000..09a8846733
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/configmap.yaml
@@ -0,0 +1,23 @@
+# Source: https://github.com/kubernetes-sigs/vsphere-csi-driver
+apiVersion: v1
+data:
+ "csi-migration": {{ .Values.csiMigration.enabled | quote }}
+ "csi-auth-check": {{ .Values.csiAuthCheck.enabled | quote }}
+ "online-volume-extend": {{ .Values.onlineVolumeExtend.enabled | quote }}
+ "trigger-csi-fullsync": {{ .Values.triggerCsiFullsync.enabled | quote }}
+ "async-query-volume": {{ .Values.asyncQueryVolume.enabled | quote }}
+ "improved-csi-idempotency": {{ .Values.improvedCsiIdempotency.enabled | quote }}
+ "improved-volume-topology": {{ .Values.improvedVolumeTopology.enabled | quote }}
+ "block-volume-snapshot": {{ .Values.blockVolumeSnapshot.enabled | quote }}
+ "csi-windows-support": {{ .Values.csiWindowsSupport.enabled | quote }}
+ "use-csinode-id": {{ .Values.useCsinodeId.enabled | quote }}
+ "list-volumes": {{ .Values.listVolumes.enabled | quote }}
+ "pv-to-backingdiskobjectid-mapping": {{ .Values.pvToBackingdiskobjectidMapping.enabled | quote }}
+ "cnsmgr-suspend-create-volume": {{ .Values.cnsmgrSuspendCreateVolume.enabled | quote }}
+ "topology-preferential-datastores": {{ .Values.topologyPreferentialDatastores.enabled | quote }}
+ "max-pvscsi-targets-per-vm": {{ .Values.maxPvscsiTargetsPerVm.enabled | quote }}
+ "multi-vcenter-csi-topology": {{ .Values.multiVcenterCsiTopology.enabled | quote }}
+kind: ConfigMap
+metadata:
+ name: internal-feature-states.csi.vsphere.vmware.com
+ namespace: {{ .Release.Namespace }}
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/deployment.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/deployment.yaml
new file mode 100644
index 0000000000..0b098a3de5
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/deployment.yaml
@@ -0,0 +1,287 @@
+{{- template "applyVersionOverrides" . -}}
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+ name: vsphere-csi-controller
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "labels" . | nindent 4 }}
+spec:
+ replicas: 3
+ strategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxUnavailable: 1
+ maxSurge: 0
+ selector:
+ matchLabels:
+ app: vsphere-csi-controller
+ template:
+ metadata:
+ labels:
+ app: vsphere-csi-controller
+ role: vsphere-csi
+ {{- include "labels" . | nindent 8 }}
+ {{- with .Values.csiController.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: vsphere-csi-controller
+ {{- if .Values.csiController.nodeSelector }}
+ nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+ {{- with .Values.csiController.nodeSelector }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- else }}
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ # RKE node selector label
+ - key: node-role.kubernetes.io/controlplane
+ operator: In
+ values:
+ - "true"
+ # Rancher node selector label
+ - key: kubernetes.io/os
+ operator: NotIn
+ values:
+ - "windows"
+ - matchExpressions:
+ # RKE2 node selector label
+ - key: node-role.kubernetes.io/control-plane
+ operator: In
+ values:
+ - "true"
+ # Rancher node selector label
+ - key: kubernetes.io/os
+ operator: NotIn
+ values:
+ - "windows"
+ {{- end }}
+ {{- if .Values.csiController.tolerations }}
+ tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+ {{- with .Values.csiController.tolerations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- else }}
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
+ # Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints
+ - key: node-role.kubernetes.io/controlplane
+ effect: NoSchedule
+ value: "true"
+ - key: node-role.kubernetes.io/control-plane
+ effect: NoSchedule
+ operator: Exists
+ - key: node-role.kubernetes.io/etcd
+ effect: NoExecute
+ operator: Exists
+ {{- end }}
+ dnsPolicy: "Default"
+ containers:
+ - name: csi-attacher
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.csiAttacher.repository }}:{{ .Values.csiController.image.csiAttacher.tag }}"
+ imagePullPolicy: {{ .Values.csiController.image.csiAttacher.imagePullPolicy | quote }}
+ args:
+ - "--v=4"
+ - "--timeout=300s"
+ - "--csi-address=$(ADDRESS)"
+ - "--leader-election"
+ - "--kube-api-qps=100"
+ - "--kube-api-burst=100"
+ env:
+ - name: ADDRESS
+ value: /csi/csi.sock
+ {{- with .Values.csiController.image.csiAttacher.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - mountPath: /csi
+ name: socket-dir
+{{- if .Values.csiController.csiResizer.enabled }}
+ - name: csi-resizer
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.csiResizer.repository }}:{{ .Values.csiController.image.csiResizer.tag }}"
+ imagePullPolicy: {{ .Values.csiController.image.csiResizer.imagePullPolicy | quote }}
+ args:
+ - "--v=4"
+ - "--timeout=300s"
+ - "--handle-volume-inuse-error=false"
+ - "--csi-address=$(ADDRESS)"
+ - "--kube-api-qps=100"
+ - "--kube-api-burst=100"
+ - "--leader-election"
+ env:
+ - name: ADDRESS
+ value: /csi/csi.sock
+ {{- with .Values.csiController.image.csiResizer.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - mountPath: /csi
+ name: socket-dir
+{{- end }}
+{{- if .Values.blockVolumeSnapshot.enabled }}
+ - name: csi-snapshotter
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.csiSnapshotter.repository }}:{{ .Values.csiController.image.csiSnapshotter.tag }}"
+ imagePullPolicy: {{ .Values.csiController.image.csiSnapshotter.imagePullPolicy | quote }}
+ args:
+ - "--v=4"
+ - "--kube-api-qps=100"
+ - "--kube-api-burst=100"
+ - "--timeout=300s"
+ - "--csi-address=$(ADDRESS)"
+ - "--leader-election"
+ - "--leader-election-lease-duration=120s"
+ - "--leader-election-renew-deadline=60s"
+ - "--leader-election-retry-period=30s"
+ env:
+ - name: ADDRESS
+ value: /csi/csi.sock
+ {{- with .Values.csiController.image.csiSnapshotter.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - mountPath: /csi
+ name: socket-dir
+{{- end }}
+ - name: vsphere-csi-controller
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.repository }}:{{ .Values.csiController.image.tag }}"
+ imagePullPolicy: {{ .Values.csiController.image.imagePullPolicy | quote }}
+ args:
+ - "--fss-name=internal-feature-states.csi.vsphere.vmware.com"
+ - "--fss-namespace=$(CSI_NAMESPACE)"
+ {{- if semverCompare "< 1.24" $.Capabilities.KubeVersion.Version }}
+ - "--use-gocsi=false"
+ {{- end }}
+ env:
+ - name: CSI_ENDPOINT
+ value: unix:///csi/csi.sock
+ - name: X_CSI_MODE
+ value: "controller"
+ - name: X_CSI_SPEC_DISABLE_LEN_CHECK
+ value: "true"
+ - name: X_CSI_SERIAL_VOL_ACCESS_TIMEOUT
+ value: 3m
+ - name: VSPHERE_CSI_CONFIG
+ value: "/etc/cloud/csi-vsphere.conf"
+ - name: LOGGER_LEVEL
+ value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION
+ - name: INCLUSTER_CLIENT_QPS
+ value: "100"
+ - name: INCLUSTER_CLIENT_BURST
+ value: "100"
+ - name: CSI_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ {{- with .Values.csiController.image.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - mountPath: /etc/cloud
+ name: vsphere-config-volume
+ readOnly: true
+ - mountPath: /csi
+ name: socket-dir
+ ports:
+ - name: healthz
+ containerPort: 9808
+ protocol: TCP
+ - name: prometheus
+ containerPort: 2112
+ protocol: TCP
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: healthz
+ initialDelaySeconds: 10
+ timeoutSeconds: 3
+ periodSeconds: 5
+ failureThreshold: 3
+ - name: liveness-probe
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.livenessProbe.repository }}:{{ .Values.csiController.image.livenessProbe.tag }}"
+ imagePullPolicy: {{ .Values.csiController.image.livenessProbe.imagePullPolicy | quote }}
+ args:
+ - "--v=4"
+ - "--csi-address=/csi/csi.sock"
+ {{- with .Values.csiController.image.livenessProbe.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - name: socket-dir
+ mountPath: /csi
+ - name: vsphere-syncer
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.vsphereSyncer.repository }}:{{ .Values.csiController.image.vsphereSyncer.tag }}"
+ imagePullPolicy: {{ .Values.csiController.image.vsphereSyncer.imagePullPolicy | quote }}
+ args:
+ - "--leader-election"
+ - "--fss-name=internal-feature-states.csi.vsphere.vmware.com"
+ - "--fss-namespace=$(CSI_NAMESPACE)"
+ ports:
+ - containerPort: 2113
+ name: prometheus
+ protocol: TCP
+ env:
+ - name: FULL_SYNC_INTERVAL_MINUTES
+ value: "30"
+ - name: VSPHERE_CSI_CONFIG
+ value: "/etc/cloud/csi-vsphere.conf"
+ - name: LOGGER_LEVEL
+ value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION
+ - name: INCLUSTER_CLIENT_QPS
+ value: "100"
+ - name: INCLUSTER_CLIENT_BURST
+ value: "100"
+ - name: CSI_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ {{- with .Values.csiController.image.vsphereSyncer.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - mountPath: /etc/cloud
+ name: vsphere-config-volume
+ readOnly: true
+ - name: csi-provisioner
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.csiProvisioner.repository }}:{{ .Values.csiController.image.csiProvisioner.tag }}"
+ imagePullPolicy: {{ .Values.csiController.image.csiProvisioner.imagePullPolicy | quote }}
+ args:
+ - "--v=4"
+ - "--timeout=300s"
+ - "--csi-address=$(ADDRESS)"
+ - "--kube-api-qps=100"
+ - "--kube-api-burst=100"
+ - "--leader-election"
+ - "--default-fstype=ext4"
+ {{- if .Values.topology.enabled }}
+ # needed only for topology aware setup
+ - "--feature-gates=Topology=true"
+ - "--strict-topology"
+ {{- end }}
+ env:
+ - name: ADDRESS
+ value: /csi/csi.sock
+ {{- with .Values.csiController.image.csiProvisioner.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - mountPath: /csi
+ name: socket-dir
+ volumes:
+ - name: vsphere-config-volume
+ secret:
+ secretName: {{ .Values.vCenter.configSecret.name }}
+ - name: socket-dir
+ emptyDir: {}
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/role-binding.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/role-binding.yaml
new file mode 100644
index 0000000000..6e2e836190
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/role-binding.yaml
@@ -0,0 +1,14 @@
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: vsphere-csi-controller-binding
+ labels:
+ {{- include "labels" . | nindent 4 }}
+subjects:
+ - kind: ServiceAccount
+ name: vsphere-csi-controller
+ namespace: {{ .Release.Namespace }}
+roleRef:
+ kind: ClusterRole
+ name: vsphere-csi-controller-role
+ apiGroup: rbac.authorization.k8s.io
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/role.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/role.yaml
new file mode 100644
index 0000000000..b6cd1c0ab2
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/role.yaml
@@ -0,0 +1,61 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: vsphere-csi-controller-role
+ labels:
+ {{- include "labels" . | nindent 4 }}
+rules:
+ - apiGroups: [""]
+ resources: ["nodes", "pods", "configmaps"]
+ verbs: ["get", "list", "watch"]
+ - apiGroups: [""]
+ resources: ["persistentvolumeclaims"]
+ verbs: ["get", "list", "watch", "update"]
+ - apiGroups: [""]
+ resources: ["persistentvolumeclaims/status"]
+ verbs: ["patch"]
+ - apiGroups: [""]
+ resources: ["persistentvolumes"]
+ verbs: ["get", "list", "watch", "create", "update", "delete", "patch"]
+ - apiGroups: [""]
+ resources: ["events"]
+ verbs: ["get", "list", "watch", "create", "update", "patch"]
+ - apiGroups: ["coordination.k8s.io"]
+ resources: ["leases"]
+ verbs: ["get", "watch", "list", "delete", "update", "create"]
+ - apiGroups: ["storage.k8s.io"]
+ resources: ["storageclasses", "csinodes"]
+ verbs: ["get", "list", "watch"]
+ - apiGroups: ["storage.k8s.io"]
+ resources: ["volumeattachments"]
+ verbs: ["get", "list", "watch", "patch"]
+ - apiGroups: ["cns.vmware.com"]
+ resources: ["triggercsifullsyncs"]
+ verbs: ["create", "get", "update", "watch", "list"]
+ - apiGroups: ["cns.vmware.com"]
+ resources: ["cnsvspherevolumemigrations"]
+ verbs: ["create", "get", "list", "watch", "update", "delete"]
+ - apiGroups: ["apiextensions.k8s.io"]
+ resources: ["customresourcedefinitions"]
+ verbs: ["get", "create", "update"]
+ - apiGroups: ["storage.k8s.io"]
+ resources: ["volumeattachments/status"]
+ verbs: ["patch"]
+ - apiGroups: ["cns.vmware.com"]
+ resources: ["cnsvolumeoperationrequests"]
+ verbs: ["create", "get", "list", "update", "delete"]
+ - apiGroups: [ "snapshot.storage.k8s.io" ]
+ resources: [ "volumesnapshots" ]
+ verbs: [ "get", "list" ]
+ - apiGroups: [ "snapshot.storage.k8s.io" ]
+ resources: [ "volumesnapshotclasses" ]
+ verbs: [ "watch", "get", "list" ]
+ - apiGroups: [ "snapshot.storage.k8s.io" ]
+ resources: [ "volumesnapshotcontents" ]
+ verbs: [ "create", "get", "list", "watch", "update", "delete", "patch"]
+ - apiGroups: [ "snapshot.storage.k8s.io" ]
+ resources: [ "volumesnapshotcontents/status" ]
+ verbs: [ "update", "patch" ]
+ - apiGroups: [ "cns.vmware.com" ]
+ resources: [ "csinodetopologies" ]
+ verbs: ["get", "update", "watch", "list"]
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/service-account.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/service-account.yaml
new file mode 100644
index 0000000000..332a814df3
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/service-account.yaml
@@ -0,0 +1,7 @@
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+ name: vsphere-csi-controller
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "labels" . | nindent 4 }}
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/service.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/service.yaml
new file mode 100644
index 0000000000..ae0f17f44b
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/controller/service.yaml
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: vsphere-csi-controller
+ namespace: {{ .Release.Namespace }}
+ labels:
+ app: vsphere-csi-controller
+ {{- include "labels" . | nindent 4 }}
+spec:
+ ports:
+ - name: ctlr
+ port: 2112
+ targetPort: 2112
+ protocol: TCP
+ - name: syncer
+ port: 2113
+ targetPort: 2113
+ protocol: TCP
+ selector:
+ app: vsphere-csi-controller
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/csi-driver.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/csi-driver.yaml
new file mode 100644
index 0000000000..9b6909e6ac
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/csi-driver.yaml
@@ -0,0 +1,8 @@
+# Source: https://github.com/kubernetes-sigs/vsphere-csi-driver
+apiVersion: storage.k8s.io/v1 # For k8s 1.17 use storage.k8s.io/v1beta1
+kind: CSIDriver
+metadata:
+ name: csi.vsphere.vmware.com
+spec:
+ attachRequired: true
+ podInfoOnMount: false
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/daemonset.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/daemonset.yaml
new file mode 100644
index 0000000000..391563d1b5
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/daemonset.yaml
@@ -0,0 +1,200 @@
+{{- template "applyVersionOverrides" . -}}
+kind: DaemonSet
+apiVersion: apps/v1
+metadata:
+ name: vsphere-csi-node
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "labels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ app: vsphere-csi-node
+ updateStrategy:
+ type: "RollingUpdate"
+ rollingUpdate:
+ maxUnavailable: 1
+ template:
+ metadata:
+ labels:
+ app: vsphere-csi-node
+ role: vsphere-csi
+ {{- include "labels" . | nindent 8 }}
+ {{- with .Values.csiNode.podLabels }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- if .Values.csiNode.nodeSelector }}
+ nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+ {{- with .Values.csiNode.nodeSelector }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- else }}
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ # Rancher node selector label
+ - key: kubernetes.io/os
+ operator: NotIn
+ values:
+ - "windows"
+ {{- end }}
+ {{- if .Values.csiNode.tolerations }}
+ tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+ {{- with .Values.csiNode.tolerations }}
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- else }}
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
+ # Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints
+ - key: node-role.kubernetes.io/controlplane
+ effect: NoSchedule
+ value: "true"
+ - key: node-role.kubernetes.io/control-plane
+ effect: NoSchedule
+ operator: Exists
+ - key: node-role.kubernetes.io/etcd
+ effect: NoExecute
+ operator: Exists
+ {{- end }}
+ serviceAccountName: vsphere-csi-node
+ hostNetwork: true
+ dnsPolicy: "ClusterFirstWithHostNet"
+ containers:
+ - name: node-driver-registrar
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.nodeDriverRegistrar.repository }}:{{ .Values.csiNode.image.nodeDriverRegistrar.tag }}"
+ imagePullPolicy: {{ .Values.csiNode.image.nodeDriverRegistrar.imagePullPolicy | quote }}
+ args:
+ - "--v=5"
+ - "--csi-address=$(ADDRESS)"
+ - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)"
+ env:
+ - name: ADDRESS
+ value: /csi/csi.sock
+ - name: DRIVER_REG_SOCK_PATH
+ value: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock
+ {{- with .Values.csiNode.image.nodeDriverRegistrar.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - name: plugin-dir
+ mountPath: /csi
+ - name: registration-dir
+ mountPath: /registration
+ livenessProbe:
+ exec:
+ command:
+ - /csi-node-driver-registrar
+ - --kubelet-registration-path={{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock
+ - --mode=kubelet-registration-probe
+ initialDelaySeconds: 3
+ - name: vsphere-csi-node
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.repository }}:{{ .Values.csiNode.image.tag }}"
+ imagePullPolicy: {{ .Values.csiNode.image.imagePullPolicy | quote }}
+ args:
+ - "--fss-name=internal-feature-states.csi.vsphere.vmware.com"
+ - "--fss-namespace=$(CSI_NAMESPACE)"
+ {{- if semverCompare "< 1.24" $.Capabilities.KubeVersion.Version }}
+ - "--use-gocsi=false"
+ {{- end }}
+ env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ - name: CSI_ENDPOINT
+ value: unix:///csi/csi.sock
+ - name: MAX_VOLUMES_PER_NODE
+ value: "59" # Maximum number of volumes that controller can publish to the node. If value is not set or zero Kubernetes decide how many volumes can be published by the controller to the node.
+ - name: X_CSI_MODE
+ value: "node"
+ - name: X_CSI_SPEC_REQ_VALIDATION
+ value: "false"
+ - name: X_CSI_SPEC_DISABLE_LEN_CHECK
+ value: "true"
+ - name: LOGGER_LEVEL
+ value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION
+ - name: CSI_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES
+ value: "1"
+ {{- with .Values.csiNode.image.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ securityContext:
+ privileged: true
+ capabilities:
+ add: ["SYS_ADMIN"]
+ allowPrivilegeEscalation: true
+ volumeMounts:
+ - name: plugin-dir
+ mountPath: /csi
+ - name: pods-mount-dir
+ mountPath: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet
+ # needed so that any mounts setup inside this container are
+ # propagated back to the host machine.
+ mountPropagation: "Bidirectional"
+ - name: device-dir
+ mountPath: /dev
+ - name: blocks-dir
+ mountPath: /sys/block
+ - name: sys-devices-dir
+ mountPath: /sys/devices
+ ports:
+ - name: healthz
+ containerPort: 9808
+ protocol: TCP
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: healthz
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 5
+ failureThreshold: 3
+ - name: liveness-probe
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.livenessProbe.repository }}:{{ .Values.csiNode.image.livenessProbe.tag }}"
+ imagePullPolicy: {{ .Values.csiNode.image.livenessProbe.imagePullPolicy | quote }}
+ args:
+ - "--v=4"
+ - "--csi-address=/csi/csi.sock"
+ {{- with .Values.csiNode.image.livenessProbe.resources }}
+ resources:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ - name: plugin-dir
+ mountPath: /csi
+ volumes:
+ - name: registration-dir
+ hostPath:
+ path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins_registry
+ type: Directory
+ - name: plugin-dir
+ hostPath:
+ path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins/csi.vsphere.vmware.com
+ type: DirectoryOrCreate
+ - name: pods-mount-dir
+ hostPath:
+ path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet
+ type: Directory
+ - name: device-dir
+ hostPath:
+ path: /dev
+ - name: blocks-dir
+ hostPath:
+ path: /sys/block
+ type: Directory
+ - name: sys-devices-dir
+ hostPath:
+ path: /sys/devices
+ type: Directory
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/role-binding.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/role-binding.yaml
new file mode 100644
index 0000000000..8424efe294
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/role-binding.yaml
@@ -0,0 +1,32 @@
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: vsphere-csi-node-binding
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "labels" . | nindent 4 }}
+subjects:
+ - kind: ServiceAccount
+ name: vsphere-csi-node
+ namespace: {{ .Release.Namespace }}
+roleRef:
+ kind: Role
+ name: vsphere-csi-node-role
+ apiGroup: rbac.authorization.k8s.io
+
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: vsphere-csi-node-cluster-role-binding
+ labels:
+ {{- include "labels" . | nindent 4 }}
+subjects:
+ - kind: ServiceAccount
+ name: vsphere-csi-node
+ namespace: {{ .Release.Namespace }}
+roleRef:
+ kind: ClusterRole
+ name: vsphere-csi-node-cluster-role
+ apiGroup: rbac.authorization.k8s.io
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/role.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/role.yaml
new file mode 100644
index 0000000000..00d6fe3d60
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/role.yaml
@@ -0,0 +1,29 @@
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: vsphere-csi-node-role
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "labels" . | nindent 4 }}
+rules:
+ - apiGroups: [""]
+ resources: ["configmaps"]
+ verbs: ["get", "list", "watch"]
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: vsphere-csi-node-cluster-role
+ labels:
+ {{- include "labels" . | nindent 4 }}
+rules:
+ - apiGroups: ["cns.vmware.com"]
+ resources: ["csinodetopologies"]
+{{- if semverCompare ">= 1.21" $.Capabilities.KubeVersion.Version }}
+ verbs: ["create", "watch", "get", "patch"]
+{{- else }}
+ verbs: ["create", "watch"]
+{{- end }}
+ - apiGroups: [""]
+ resources: ["nodes"]
+ verbs: ["get"]
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/service-account.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/service-account.yaml
new file mode 100644
index 0000000000..88f1f63c05
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/service-account.yaml
@@ -0,0 +1,7 @@
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+ name: vsphere-csi-node
+ namespace: {{ .Release.Namespace }}
+ labels:
+ {{- include "labels" . | nindent 4 }}
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/windows-daemonset.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/windows-daemonset.yaml
new file mode 100644
index 0000000000..a3b62be48d
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/node/windows-daemonset.yaml
@@ -0,0 +1,167 @@
+{{- if .Values.csiWindowsSupport.enabled }}
+{{- template "applyVersionOverrides" . -}}
+kind: DaemonSet
+apiVersion: apps/v1
+metadata:
+ name: vsphere-csi-node-windows
+ namespace: {{ .Release.Namespace }}
+spec:
+ selector:
+ matchLabels:
+ app: vsphere-csi-node-windows
+ updateStrategy:
+ type: RollingUpdate
+ rollingUpdate:
+ maxUnavailable: 1
+ template:
+ metadata:
+ labels:
+ app: vsphere-csi-node-windows
+ role: vsphere-csi-windows
+ spec:
+ nodeSelector:
+ kubernetes.io/os: windows
+ {{- if .Values.csiNode.tolerations }}
+ tolerations:
+ {{- with .Values.csiNode.tolerations }}
+ {{- toYaml . | nindent 6 }}
+ {{- end }}
+ {{- else }}
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
+ # Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints
+ - key: node-role.kubernetes.io/controlplane
+ effect: NoSchedule
+ value: "true"
+ - key: node-role.kubernetes.io/control-plane
+ effect: NoSchedule
+ operator: Exists
+ - key: node-role.kubernetes.io/etcd
+ effect: NoExecute
+ operator: Exists
+ {{- end }}
+ serviceAccountName: vsphere-csi-node
+ containers:
+ - name: node-driver-registrar
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.nodeDriverRegistrar.repository }}:{{ .Values.csiNode.image.nodeDriverRegistrar.tag }}"
+ args:
+ - "--v=5"
+ - "--csi-address=$(ADDRESS)"
+ - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)"
+ {{- if semverCompare "< 1.24" $.Capabilities.KubeVersion.Version }}
+ - "--health-port=9809"
+ {{- end }}
+ env:
+ - name: ADDRESS
+ value: 'unix://C:\\csi\\csi.sock'
+ - name: DRIVER_REG_SOCK_PATH
+ value: '{{ .Values.csiNode.prefixPathWindows | default "C:" }}\\var\\lib\\kubelet\\plugins\\csi.vsphere.vmware.com\\csi.sock'
+ volumeMounts:
+ - name: plugin-dir
+ mountPath: /csi
+ - name: registration-dir
+ mountPath: /registration
+ livenessProbe:
+ exec:
+ command:
+ - /csi-node-driver-registrar.exe
+ - --kubelet-registration-path=C:\\var\\lib\\kubelet\\plugins\\csi.vsphere.vmware.com\\csi.sock
+ - --mode=kubelet-registration-probe
+ initialDelaySeconds: 3
+ - name: vsphere-csi-node
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.repository }}:{{ .Values.csiNode.image.tag }}"
+ args:
+ - "--fss-name=internal-feature-states.csi.vsphere.vmware.com"
+ - "--fss-namespace=$(CSI_NAMESPACE)"
+ imagePullPolicy: "Always"
+ env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: spec.nodeName
+ - name: CSI_ENDPOINT
+ value: 'unix://C:\\csi\\csi.sock'
+ - name: MAX_VOLUMES_PER_NODE
+ value: "0" # Maximum number of volumes that controller can publish to the node. If value is not set or zero Kubernetes decide how many volumes can be published by the controller to the node.
+ - name: X_CSI_MODE
+ value: node
+ - name: X_CSI_SPEC_REQ_VALIDATION
+ value: 'false'
+ - name: X_CSI_SPEC_DISABLE_LEN_CHECK
+ value: "true"
+ - name: LOGGER_LEVEL
+ value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION
+ - name: X_CSI_LOG_LEVEL
+ value: DEBUG
+ - name: CSI_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES
+ value: "1"
+ volumeMounts:
+ - name: plugin-dir
+ mountPath: 'C:\csi'
+ - name: pods-mount-dir
+ mountPath: 'C:\var\lib\kubelet'
+ - name: csi-proxy-volume-v1
+ mountPath: \\.\pipe\csi-proxy-volume-v1
+ - name: csi-proxy-filesystem-v1
+ mountPath: \\.\pipe\csi-proxy-filesystem-v1
+ - name: csi-proxy-disk-v1
+ mountPath: \\.\pipe\csi-proxy-disk-v1
+ - name: csi-proxy-system-v1alpha1
+ mountPath: \\.\pipe\csi-proxy-system-v1alpha1
+ ports:
+ - name: healthz
+ containerPort: 9808
+ protocol: TCP
+ livenessProbe:
+ httpGet:
+ path: /healthz
+ port: healthz
+ initialDelaySeconds: 10
+ timeoutSeconds: 5
+ periodSeconds: 5
+ failureThreshold: 3
+ - name: liveness-probe
+ image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.livenessProbe.repository }}:{{ .Values.csiNode.image.livenessProbe.tag }}"
+ args:
+ - "--v=4"
+ - "--csi-address=/csi/csi.sock"
+ volumeMounts:
+ - name: plugin-dir
+ mountPath: /csi
+ volumes:
+ - name: registration-dir
+ hostPath:
+ path: 'C:\var\lib\kubelet\plugins_registry\'
+ type: Directory
+ - name: plugin-dir
+ hostPath:
+ path: 'C:\var\lib\kubelet\plugins\csi.vsphere.vmware.com\'
+ type: DirectoryOrCreate
+ - name: pods-mount-dir
+ hostPath:
+ path: \var\lib\kubelet
+ type: Directory
+ - name: csi-proxy-disk-v1
+ hostPath:
+ path: \\.\pipe\csi-proxy-disk-v1
+ type: ''
+ - name: csi-proxy-volume-v1
+ hostPath:
+ path: \\.\pipe\csi-proxy-volume-v1
+ type: ''
+ - name: csi-proxy-filesystem-v1
+ hostPath:
+ path: \\.\pipe\csi-proxy-filesystem-v1
+ type: ''
+ - name: csi-proxy-system-v1alpha1
+ hostPath:
+ path: \\.\pipe\csi-proxy-system-v1alpha1
+ type: ''
+{{ end }}
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/secret.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/secret.yaml
new file mode 100644
index 0000000000..2a8c530257
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/secret.yaml
@@ -0,0 +1,9 @@
+{{- if .Values.vCenter.configSecret.generate -}}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.vCenter.configSecret.name }}
+ namespace: {{ .Release.Namespace }}
+data:
+ csi-vsphere.conf: {{ tpl .Values.vCenter.configSecret.configTemplate . | b64enc | quote }}
+{{- end -}}
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/storageclass.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/storageclass.yaml
new file mode 100644
index 0000000000..61628cda4f
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/templates/storageclass.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.storageClass.enabled -}}
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+ name: {{ .Values.storageClass.name | quote }}
+ annotations:
+ storageclass.kubernetes.io/is-default-class: {{ .Values.storageClass.isDefault | quote }}
+provisioner: csi.vsphere.vmware.com
+reclaimPolicy: {{ .Values.storageClass.reclaimPolicy }}
+allowVolumeExpansion: {{ .Values.storageClass.allowVolumeExpansion }}
+parameters:
+ {{- if .Values.storageClass.datastoreURL }}
+ datastoreURL: {{ .Values.storageClass.datastoreURL | quote }}
+ {{- end }}
+ {{- if .Values.storageClass.storagePolicyName }}
+ storagepolicyname: {{ .Values.storageClass.storagePolicyName | quote }}
+ {{- end }}
+{{- end -}}
diff --git a/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/values.yaml b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/values.yaml
new file mode 100644
index 0000000000..b530d1761d
--- /dev/null
+++ b/charts/rancher-vsphere-csi/105.0.0+up3.3.1-rancher6/values.yaml
@@ -0,0 +1,313 @@
+vCenter:
+ host: ""
+ port: 443
+ insecureFlag: "1"
+ clusterId: ""
+ datacenters: ""
+ username: ""
+ password: ""
+ configSecret:
+ name: "vsphere-config-secret"
+ generate: true
+ configTemplate: |
+ [Global]
+ cluster-id = {{ required ".Values.vCenter.clusterId must be provided" (default .Values.vCenter.clusterId .Values.global.cattle.clusterId) | quote }}
+ user = {{ .Values.vCenter.username | quote }}
+ password = {{ .Values.vCenter.password | quote }}
+ port = {{ .Values.vCenter.port | quote }}
+ insecure-flag = {{ .Values.vCenter.insecureFlag | quote }}
+
+ [VirtualCenter {{ .Values.vCenter.host | quote }}]
+ datacenters = {{ .Values.vCenter.datacenters | quote }}
+
+csiController:
+ csiResizer:
+ enabled: false
+ image:
+ repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 100m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+ csiAttacher:
+ repository: rancher/mirrored-sig-storage-csi-attacher
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 100m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+ csiResizer:
+ repository: rancher/mirrored-sig-storage-csi-resizer
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 100m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+ livenessProbe:
+ repository: rancher/mirrored-sig-storage-livenessprobe
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 100m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+ vsphereSyncer:
+ repository: rancher/mirrored-cloud-provider-vsphere-csi-release-syncer
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 100m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+ csiProvisioner:
+ repository: rancher/mirrored-sig-storage-csi-provisioner
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 100m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+ csiSnapshotter:
+ repository: rancher/mirrored-sig-storage-csi-snapshotter
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 100m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+
+ ## Node labels for pod assignment
+ ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+ ##
+ nodeSelector: {}
+ # Uncomment below toleration if you need an aggressive pod eviction in case when
+ # node becomes not-ready or unreachable. Default is 300 seconds if not specified.
+ tolerations: []
+ # - key: node.kubernetes.io/not-ready
+ # operator: Exists
+ # effect: NoExecute
+ # tolerationSeconds: 30
+ # - key: node.kubernetes.io/unreachable
+ # operator: Exists
+ # effect: NoExecute
+ # tolerationSeconds: 30
+ ##
+ ## Optional additional labels to add to pods
+ podLabels: {}
+
+# Internal features
+csiMigration:
+ enabled: false
+csiAuthCheck:
+ enabled: true
+onlineVolumeExtend:
+ enabled: false
+triggerCsiFullsync:
+ enabled: false
+asyncQueryVolume:
+ enabled: false
+improvedCsiIdempotency:
+ enabled: false
+improvedVolumeTopology:
+ enabled: false
+blockVolumeSnapshot:
+ enabled: false
+csiWindowsSupport:
+ enabled: false
+useCsinodeId:
+ enabled: true
+listVolumes:
+ enabled: false
+pvToBackingdiskobjectidMapping:
+ enabled: false
+cnsmgrSuspendCreateVolume:
+ enabled: false
+topology:
+ enabled: false
+topologyPreferentialDatastores:
+ enabled: false
+maxPvscsiTargetsPerVm:
+ enabled: false
+multiVcenterCsiTopology:
+ enabled: true
+
+csiNode:
+ ## Node labels for pod assignment
+ ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+ ##
+ nodeSelector: {}
+ ## List of node taints to tolerate (requires Kubernetes >= 1.6)
+ tolerations: []
+ ## Optional additional labels to add to pods
+ podLabels: {}
+ prefixPath: ""
+ prefixPathWindows: ""
+ image:
+ repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 100m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+ nodeDriverRegistrar:
+ repository: rancher/mirrored-sig-storage-csi-node-driver-registrar
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 100m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+ livenessProbe:
+ repository: rancher/mirrored-sig-storage-livenessprobe
+ tag: latest
+ imagePullPolicy: ""
+ resources: {}
+ #resources:
+ # limits:
+ # cpu: 500m
+ # memory: 256Mi
+ # requests:
+ # cpu: 50m
+ # memory: 128Mi
+
+storageClass:
+ enabled: true
+ allowVolumeExpansion: false
+ name: "vsphere-csi-sc"
+ isDefault: true
+ storagePolicyName: ""
+ datastoreURL: ""
+ reclaimPolicy: Delete
+
+global:
+ cattle:
+ systemDefaultRegistry: ""
+
+# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides.
+#
+# For each key in versionOverrides, this chart will check to see if the current Kubernetes cluster's version matches
+# any of the semver constraints provided as keys on the map.
+#
+# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value.
+#
+# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order.
+#
+# Notes:
+# - On running a helm template, Helm uses the `.Capabilities.APIVersion` of whatever
+# Kubernetes release that version of Helm was built against.
+# - On running a helm install --dry-run, the correct kubeVersion should be chosen.
+#
+# Supported versions can be found at:
+# https://docs.vmware.com/en/VMware-vSphere-Container-Storage-Plug-in/3.0/vmware-vsphere-csp-getting-started/GUID-D4AAD99E-9128-40CE-B89C-AD451DA8379D.html#kubernetes-versions-compatible-with-vsphere-container-storage-plugin-1
+versionOverrides:
+ # Versions from https://github.com/kubernetes-sigs/vsphere-csi-driver/blob/v3.3.1/manifests/vanilla/vsphere-csi-driver.yaml
+ - constraint: ">= 1.28 < 1.32"
+ values:
+ csiController:
+ image:
+ repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver
+ tag: v3.3.1
+ csiAttacher:
+ repository: rancher/mirrored-sig-storage-csi-attacher
+ tag: v4.7.0
+ csiResizer:
+ repository: rancher/mirrored-sig-storage-csi-resizer
+ tag: v1.10.1
+ livenessProbe:
+ repository: rancher/mirrored-sig-storage-livenessprobe
+ tag: v2.14.0
+ vsphereSyncer:
+ repository: rancher/mirrored-cloud-provider-vsphere-csi-release-syncer
+ tag: v3.3.1
+ csiProvisioner:
+ repository: rancher/mirrored-sig-storage-csi-provisioner
+ tag: v4.0.1
+ csiSnapshotter:
+ repository: rancher/mirrored-sig-storage-csi-snapshotter
+ tag: v7.0.2
+ csiNode:
+ image:
+ repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver
+ tag: v3.3.1
+ nodeDriverRegistrar:
+ repository: rancher/mirrored-sig-storage-csi-node-driver-registrar
+ tag: v2.12.0
+ livenessProbe:
+ repository: rancher/mirrored-sig-storage-livenessprobe
+ tag: v2.14.0
+ # Versions from https://github.com/kubernetes-sigs/vsphere-csi-driver/blob/v3.2.0/manifests/vanilla/vsphere-csi-driver.yaml
+ - constraint: ">= 1.27 < 1.28"
+ values:
+ csiController:
+ image:
+ repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver
+ tag: v3.2.0
+ csiAttacher:
+ repository: rancher/mirrored-sig-storage-csi-attacher
+ tag: v4.5.0
+ csiResizer:
+ repository: rancher/mirrored-sig-storage-csi-resizer
+ tag: v1.10.0
+ livenessProbe:
+ repository: rancher/mirrored-sig-storage-livenessprobe
+ tag: v2.12.0
+ vsphereSyncer:
+ repository: rancher/mirrored-cloud-provider-vsphere-csi-release-syncer
+ tag: v3.2.0
+ csiProvisioner:
+ repository: rancher/mirrored-sig-storage-csi-provisioner
+ tag: v4.0.0
+ csiSnapshotter:
+ repository: rancher/mirrored-sig-storage-csi-snapshotter
+ tag: v7.0.1
+ csiNode:
+ image:
+ repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver
+ tag: v3.2.0
+ nodeDriverRegistrar:
+ repository: rancher/mirrored-sig-storage-csi-node-driver-registrar
+ tag: v2.10.0
+ livenessProbe:
+ repository: rancher/mirrored-sig-storage-livenessprobe
+ tag: v2.12.0
diff --git a/index.yaml b/index.yaml
index 6b42b63754..b9416a30d5 100755
--- a/index.yaml
+++ b/index.yaml
@@ -6859,6 +6859,30 @@ entries:
- assets/prometheus-federator/prometheus-federator-0.1.0.tgz
version: 0.1.0
rancher-aks-operator:
+ - annotations:
+ catalog.cattle.io/auto-install: rancher-aks-operator-crd=match
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/provides-gvr: aksclusterconfigs.aks.cattle.io/v1
+ catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0'
+ catalog.cattle.io/release-name: rancher-aks-operator
+ catalog.cattle.io/scope: management
+ apiVersion: v2
+ appVersion: 1.10.0
+ created: "2024-11-08T14:06:56.38655505-03:00"
+ description: A Helm chart for provisioning AKS clusters
+ digest: ee0e5745bf1904534eea532e43555822d434e5ffb3dd41ee2ad75ce4a316d540
+ home: https://github.com/rancher/aks-operator
+ name: rancher-aks-operator
+ sources:
+ - https://github.com/rancher/aks-operator
+ urls:
+ - assets/rancher-aks-operator/rancher-aks-operator-105.0.0+up1.10.0.tgz
+ version: 105.0.0+up1.10.0
- annotations:
catalog.cattle.io/auto-install: rancher-aks-operator-crd=match
catalog.cattle.io/certified: rancher
@@ -7292,6 +7316,22 @@ entries:
- assets/rancher-aks-operator/rancher-aks-operator-101.0.0+up1.0.7.tgz
version: 101.0.0+up1.0.7
rancher-aks-operator-crd:
+ - annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/release-name: rancher-aks-operator-crd
+ apiVersion: v2
+ appVersion: 1.10.0
+ created: "2024-11-08T14:07:11.08414965-03:00"
+ description: AKS Operator CustomResourceDefinitions
+ digest: f297c5d4d83202cd0f68f70dfe82a66d1fc7f202b0b2a4170434b2f3256784aa
+ name: rancher-aks-operator-crd
+ urls:
+ - assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.0.0+up1.10.0.tgz
+ version: 105.0.0+up1.10.0
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"
@@ -10229,6 +10269,30 @@ entries:
- assets/rancher-csp-adapter/rancher-csp-adapter-1.0.0.tgz
version: 1.0.0
rancher-eks-operator:
+ - annotations:
+ catalog.cattle.io/auto-install: rancher-eks-operator-crd=match
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/provides-gvr: eksclusterconfigs.eks.cattle.io/v1
+ catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0'
+ catalog.cattle.io/release-name: rancher-eks-operator
+ catalog.cattle.io/scope: management
+ apiVersion: v2
+ appVersion: 1.10.0
+ created: "2024-11-08T14:08:01.692009038-03:00"
+ description: A Helm chart for provisioning EKS clusters
+ digest: 28b2a1248c62bcb3cff919ca62dccb546d4fb725ab2722fa99d8e34e14b94b13
+ home: https://github.com/rancher/eks-operator
+ name: rancher-eks-operator
+ sources:
+ - https://github.com/rancher/eks-operator
+ urls:
+ - assets/rancher-eks-operator/rancher-eks-operator-105.0.0+up1.10.0.tgz
+ version: 105.0.0+up1.10.0
- annotations:
catalog.cattle.io/auto-install: rancher-eks-operator-crd=match
catalog.cattle.io/certified: rancher
@@ -10710,6 +10774,22 @@ entries:
- assets/rancher-eks-operator/rancher-eks-operator-101.0.0+up1.1.5.tgz
version: 101.0.0+up1.1.5
rancher-eks-operator-crd:
+ - annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/release-name: rancher-eks-operator-crd
+ apiVersion: v2
+ appVersion: 1.10.0
+ created: "2024-11-08T14:08:16.968207829-03:00"
+ description: EKS Operator CustomResourceDefinitions
+ digest: 09392e263e2034d81315c20e3efe631da499ac40036472b1a95054342618b629
+ name: rancher-eks-operator-crd
+ urls:
+ - assets/rancher-eks-operator-crd/rancher-eks-operator-crd-105.0.0+up1.10.0.tgz
+ version: 105.0.0+up1.10.0
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"
@@ -11385,6 +11465,30 @@ entries:
- assets/rancher-gatekeeper-crd/rancher-gatekeeper-crd-101.0.0+up3.9.0.tgz
version: 101.0.0+up3.9.0
rancher-gke-operator:
+ - annotations:
+ catalog.cattle.io/auto-install: rancher-gke-operator-crd=match
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/provides-gvr: gkeclusterconfigs.gke.cattle.io/v1
+ catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0'
+ catalog.cattle.io/release-name: rancher-gke-operator
+ catalog.cattle.io/scope: management
+ apiVersion: v2
+ appVersion: 1.10.0
+ created: "2024-11-08T14:06:19.145975032-03:00"
+ description: A Helm chart for provisioning GKE clusters
+ digest: 94c17abf2e2435fcba6c69ce85d0668002f2567fb5ee818231db2b8cd3919a37
+ home: https://github.com/rancher/gke-operator
+ name: rancher-gke-operator
+ sources:
+ - https://github.com/rancher/gke-operator
+ urls:
+ - assets/rancher-gke-operator/rancher-gke-operator-105.0.0+up1.10.0.tgz
+ version: 105.0.0+up1.10.0
- annotations:
catalog.cattle.io/auto-install: rancher-gke-operator-crd=match
catalog.cattle.io/certified: rancher
@@ -11770,6 +11874,22 @@ entries:
- assets/rancher-gke-operator/rancher-gke-operator-101.0.0+up1.1.5.tgz
version: 101.0.0+up1.1.5
rancher-gke-operator-crd:
+ - annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/hidden: "true"
+ catalog.cattle.io/namespace: cattle-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/release-name: rancher-gke-operator-crd
+ apiVersion: v2
+ appVersion: 1.10.0
+ created: "2024-11-08T14:06:30.915684923-03:00"
+ description: GKE Operator CustomResourceDefinitions
+ digest: 2999b0c992caf6c77bfe3c36283f44c7936b5fbed5d15456d1483230bf7b3586
+ name: rancher-gke-operator-crd
+ urls:
+ - assets/rancher-gke-operator-crd/rancher-gke-operator-crd-105.0.0+up1.10.0.tgz
+ version: 105.0.0+up1.10.0
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"
@@ -16472,6 +16592,34 @@ entries:
- assets/rancher-pushprox/rancher-pushprox-102.0.0.tgz
version: 102.0.0
rancher-vsphere-cpi:
+ - annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/display-name: vSphere CPI
+ catalog.cattle.io/kube-version: '>= 1.27.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: kube-system
+ catalog.cattle.io/os: linux
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/rancher-version: '>= 2.10.0-0'
+ catalog.cattle.io/release-name: vsphere-cpi
+ apiVersion: v1
+ appVersion: 1.9.1
+ created: "2024-11-08T14:12:43.694632443-03:00"
+ description: vSphere Cloud Provider Interface (CPI)
+ digest: 88a7d327cf657340a66e499f130437b496be15c0e447cb0c0ff996a77f52408d
+ icon: https://charts.rancher.io/assets/logos/vsphere-cpi.svg
+ keywords:
+ - infrastructure
+ maintainers:
+ - email: jiaqi.luo@suse.com
+ name: Jiaqi Luo
+ - email: brad.davidson@suse.com
+ name: Brad Davidson
+ name: rancher-vsphere-cpi
+ sources:
+ - https://github.com/kubernetes/cloud-provider-vsphere
+ urls:
+ - assets/rancher-vsphere-cpi/rancher-vsphere-cpi-105.0.0+up1.9.1.tgz
+ version: 105.0.0+up1.9.1
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: vSphere CPI
@@ -16671,6 +16819,34 @@ entries:
- assets/rancher-vsphere-cpi/rancher-vsphere-cpi-101.0.0+up1.2.2.tgz
version: 101.0.0+up1.2.2
rancher-vsphere-csi:
+ - annotations:
+ catalog.cattle.io/certified: rancher
+ catalog.cattle.io/display-name: vSphere CSI
+ catalog.cattle.io/kube-version: '>= 1.27.0-0 < 1.32.0-0'
+ catalog.cattle.io/namespace: kube-system
+ catalog.cattle.io/os: linux,windows
+ catalog.cattle.io/permits-os: linux,windows
+ catalog.cattle.io/rancher-version: '>= 2.10.0-0'
+ catalog.cattle.io/release-name: vsphere-csi
+ apiVersion: v1
+ appVersion: 3.3.1-rancher6
+ created: "2024-11-08T14:10:16.32337841-03:00"
+ description: vSphere Cloud Storage Interface (CSI)
+ digest: 75af2214c17c5dcd1fe94f40ea7dc40aad2b2ff0dd5e7cbd4301ea8eeb840d5e
+ icon: https://charts.rancher.io/assets/logos/vsphere-csi.svg
+ keywords:
+ - infrastructure
+ maintainers:
+ - email: jiaqi.luo@suse.com
+ name: Jiaqi Luo
+ - email: brad.davidson@suse.com
+ name: Brad Davidson
+ name: rancher-vsphere-csi
+ sources:
+ - https://github.com/kubernetes-sigs/vsphere-csi-driver
+ urls:
+ - assets/rancher-vsphere-csi/rancher-vsphere-csi-105.0.0+up3.3.1-rancher6.tgz
+ version: 105.0.0+up3.3.1-rancher6
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: vSphere CSI
diff --git a/regsync.yaml b/regsync.yaml
index 06e10fcf0a..57e05d2de5 100644
--- a/regsync.yaml
+++ b/regsync.yaml
@@ -31,6 +31,7 @@ sync:
- v1.1.3
- v1.1.4
- v1.1.5
+ - v1.10.0
- v1.2.0
- v1.2.1
- v1.2.2
@@ -95,6 +96,7 @@ sync:
tags:
allow:
- v1.1.5
+ - v1.10.0
- v1.2.0
- v1.2.1
- v1.2.2
@@ -210,6 +212,7 @@ sync:
- v1.1.6
- v1.1.7
- v1.1.8
+ - v1.10.0
- v1.2.0
- v1.2.1
- v1.2.2
@@ -394,6 +397,12 @@ sync:
allow:
- 3.17.10
- 3.17.7
+- source: docker.io/rancher/mirrored-cloud-provider-vsphere
+ target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-cloud-provider-vsphere'
+ type: repository
+ tags:
+ allow:
+ - v1.31.0
- source: docker.io/rancher/mirrored-cloud-provider-vsphere-cpi-release-manager
target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-cloud-provider-vsphere-cpi-release-manager'
type: repository
@@ -440,6 +449,7 @@ sync:
- v3.1.2
- v3.2.0
- v3.3.0
+ - v3.3.1
- source: docker.io/rancher/mirrored-cloud-provider-vsphere-csi-release-syncer
target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-cloud-provider-vsphere-csi-release-syncer'
type: repository
@@ -459,6 +469,7 @@ sync:
- v3.1.2
- v3.2.0
- v3.3.0
+ - v3.3.1
- source: docker.io/rancher/mirrored-cluster-api-controller
target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-cluster-api-controller'
type: repository
@@ -1180,6 +1191,7 @@ sync:
- v4.3.0
- v4.5.0
- v4.5.1
+ - v4.7.0
- source: docker.io/rancher/mirrored-sig-storage-csi-node-driver-registrar
target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-sig-storage-csi-node-driver-registrar'
type: repository
@@ -1187,6 +1199,7 @@ sync:
allow:
- v2.10.0
- v2.10.1
+ - v2.12.0
- v2.3.0
- v2.5.0
- v2.5.1
@@ -1234,6 +1247,7 @@ sync:
allow:
- v2.10.0
- v2.12.0
+ - v2.14.0
- v2.4.0
- v2.6.0
- v2.7.0
diff --git a/release.yaml b/release.yaml
index a3a3494cc6..70d7564bb6 100644
--- a/release.yaml
+++ b/release.yaml
@@ -1,22 +1,16 @@
-elemental:
- - 105.0.0+up1.6.4
- - 105.0.1+up1.6.5
-elemental-crd:
- - 105.0.0+up1.6.4
- - 105.0.1+up1.6.5
-rancher-alerting-drivers:
- - 105.0.0
-rancher-backup:
- - 105.0.0+up6.0.0
-rancher-backup-crd:
- - 105.0.0+up6.0.0
-rancher-istio:
- - 105.0.0+up1.19.6
- - 105.1.0+up1.20.3
- - 105.2.0+up1.21.1
- - 105.3.0+up1.22.1
- - 105.4.0+up1.23.2
-rancher-provisioning-capi:
- - 105.0.0+up0.4.0
-system-upgrade-controller:
- - 105.0.0
+rancher-aks-operator:
+ - 105.0.0+up1.10.0
+rancher-aks-operator-crd:
+ - 105.0.0+up1.10.0
+rancher-eks-operator:
+ - 105.0.0+up1.10.0
+rancher-eks-operator-crd:
+ - 105.0.0+up1.10.0
+rancher-gke-operator:
+ - 105.0.0+up1.10.0
+rancher-gke-operator-crd:
+ - 105.0.0+up1.10.0
+rancher-vsphere-cpi:
+ - 105.0.0+up1.9.1
+rancher-vsphere-csi:
+ - 105.0.0+up3.3.1-rancher6