diff --git a/assets/elemental-crd/elemental-crd-103.0.0+up1.3.4.tgz b/assets/elemental-crd/elemental-crd-103.0.0+up1.3.4.tgz new file mode 100644 index 0000000000..bca800e1c6 Binary files /dev/null and b/assets/elemental-crd/elemental-crd-103.0.0+up1.3.4.tgz differ diff --git a/assets/elemental/elemental-103.0.0+up1.3.4.tgz b/assets/elemental/elemental-103.0.0+up1.3.4.tgz new file mode 100644 index 0000000000..5e21f4bb0b Binary files /dev/null and b/assets/elemental/elemental-103.0.0+up1.3.4.tgz differ diff --git a/assets/rancher-vsphere-cpi/rancher-vsphere-cpi-103.0.0+up1.6.0.tgz b/assets/rancher-vsphere-cpi/rancher-vsphere-cpi-103.0.0+up1.6.0.tgz new file mode 100644 index 0000000000..a4f3372f48 Binary files /dev/null and b/assets/rancher-vsphere-cpi/rancher-vsphere-cpi-103.0.0+up1.6.0.tgz differ diff --git a/assets/rancher-vsphere-csi/rancher-vsphere-csi-103.0.0+up3.0.2-rancher1.tgz b/assets/rancher-vsphere-csi/rancher-vsphere-csi-103.0.0+up3.0.2-rancher1.tgz new file mode 100644 index 0000000000..68f841f089 Binary files /dev/null and b/assets/rancher-vsphere-csi/rancher-vsphere-csi-103.0.0+up3.0.2-rancher1.tgz differ diff --git a/assets/rancher-webhook/rancher-webhook-2.0.6+up0.3.6.tgz b/assets/rancher-webhook/rancher-webhook-2.0.6+up0.3.6.tgz new file mode 100644 index 0000000000..13627a434f Binary files /dev/null and b/assets/rancher-webhook/rancher-webhook-2.0.6+up0.3.6.tgz differ diff --git a/charts/elemental-crd/103.0.0+up1.3.4/Chart.yaml b/charts/elemental-crd/103.0.0+up1.3.4/Chart.yaml new file mode 100644 index 0000000000..ceeb773e88 --- /dev/null +++ b/charts/elemental-crd/103.0.0+up1.3.4/Chart.yaml @@ -0,0 +1,11 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/release-name: elemental-operator-crds +apiVersion: v2 +appVersion: 1.3.4 +description: A Helm chart for deploying Rancher Elemental Operator CRDs +name: elemental-crd +type: application +version: 103.0.0+up1.3.4 diff --git a/charts/elemental-crd/103.0.0+up1.3.4/templates/crds.yaml b/charts/elemental-crd/103.0.0+up1.3.4/templates/crds.yaml new file mode 100644 index 0000000000..40946fbfcd --- /dev/null +++ b/charts/elemental-crd/103.0.0+up1.3.4/templates/crds.yaml @@ -0,0 +1,2710 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: machineinventories.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: MachineInventory + listKind: MachineInventoryList + plural: machineinventories + singular: machineinventory + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + machineHash: + description: MachineHash the hash of the identifier used by the host + to identify to the operator. This is used when the host authenticates + without TPM. Both the authentication method and the identifier used + to derive the hash depend upon the MachineRegistration spec.config.elemental.registration.auth + value. + type: string + tpmHash: + description: TPMHash the hash of the TPM EK public key. This is used + if you are using TPM2 to identifiy nodes. You can obtain the TPM + by running `rancherd get-tpm-hash` on the node. Or nodes can report + their TPM hash by using the MachineRegister. + type: string + type: object + status: + properties: + conditions: + description: Conditions describe the state of the machine inventory + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + plan: + description: PlanStatus reflect the status of the plan owned by the + machine inventory object. + properties: + checksum: + description: Checksum checksum of the created plan. + type: string + secretRef: + description: PlanSecretRef a reference to the created plan secret. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + state: + description: State reflect state of the plan that belongs to the + machine inventory. + enum: + - Applied + - Failed + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: machineinventoryselectors.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: MachineInventorySelector + listKind: MachineInventorySelectorList + plural: machineinventoryselectors + singular: machineinventoryselector + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + providerID: + description: 'ProviderID the identifier for the elemental instance. + NOTE: Functionality not implemented yet.' + type: string + selector: + description: Selector selector to choose elemental machines. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + status: + properties: + addresses: + description: Addresses represent machine addresses. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array + bootstrapPlanChecksum: + description: BootstrapPlanChecksum represent bootstrap plan checksum. + type: string + conditions: + description: Conditions describe the state of the machine selector + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + machineInventoryRef: + description: MachineInventoryRef reference to the machine inventory + that belongs to the selector. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + ready: + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: machineinventoryselectortemplates.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: MachineInventorySelectorTemplate + listKind: MachineInventorySelectorTemplateList + plural: machineinventoryselectortemplates + singular: machineinventoryselectortemplate + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + template: + description: Template machine inventory selector template. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + providerID: + description: 'ProviderID the identifier for the elemental + instance. NOTE: Functionality not implemented yet.' + type: string + selector: + description: Selector selector to choose elemental machines. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + status: + properties: + addresses: + description: Addresses represent machine addresses. + items: + description: MachineAddress contains information for the + node's address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, + ExternalIP or InternalIP. + type: string + required: + - address + - type + type: object + type: array + bootstrapPlanChecksum: + description: BootstrapPlanChecksum represent bootstrap plan + checksum. + type: string + conditions: + description: Conditions describe the state of the machine + selector object. + items: + description: "Condition contains details for one aspect + of the current state of this API Resource. --- This struct + is intended for direct use as an array at the field path + .status.conditions. For example, type FooStatus struct{ + // Represents the observations of a foo's current state. + // Known .status.conditions.type are: \"Available\", \"Progressing\", + and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` + \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the + condition transitioned from one status to another. + This should be when the underlying condition changed. If + that is not known, then using the time when the API + field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty + string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, + if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to + the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier + indicating the reason for the condition's last transition. + Producers of specific condition types may define expected + values and meanings for this field, and whether the + values are considered a guaranteed API. The value + should be a CamelCase string. This field may not be + empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across + resources like Available, but because arbitrary conditions + can be useful (see .node.status.conditions), the ability + to deconflict is important. The regex it matches is + (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + machineInventoryRef: + description: MachineInventoryRef reference to the machine + inventory that belongs to the selector. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + ready: + type: boolean + type: object + type: object + required: + - template + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: machineregistrations.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: MachineRegistration + listKind: MachineRegistrationList + plural: machineregistrations + singular: machineregistration + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + config: + description: Config the cloud config that will be used to provision + the node. + properties: + cloud-config: + x-kubernetes-preserve-unknown-fields: true + elemental: + properties: + install: + properties: + config-dir: + type: string + config-urls: + items: + type: string + type: array + debug: + type: boolean + device: + type: string + disable-boot-entry: + type: boolean + eject-cd: + type: boolean + firmware: + type: string + iso: + type: string + no-format: + type: boolean + poweroff: + type: boolean + reboot: + type: boolean + system-uri: + type: string + tty: + type: string + type: object + registration: + properties: + auth: + default: tpm + type: string + ca-cert: + type: string + emulate-tpm: + type: boolean + emulated-tpm-seed: + format: int64 + type: integer + no-smbios: + type: boolean + url: + type: string + type: object + reset: + default: + reboot: true + reset-oem: true + reset-persistent: true + properties: + config-urls: + items: + type: string + type: array + debug: + type: boolean + enabled: + type: boolean + poweroff: + type: boolean + reboot: + default: true + type: boolean + reset-oem: + default: true + type: boolean + reset-persistent: + default: true + type: boolean + system-uri: + type: string + type: object + system-agent: + properties: + secret-name: + type: string + secret-namespace: + type: string + token: + type: string + url: + type: string + type: object + type: object + type: object + machineInventoryAnnotations: + additionalProperties: + type: string + description: MachineInventoryAnnotations annotations to be added to + the created MachineInventory object. + type: object + machineInventoryLabels: + additionalProperties: + type: string + description: MachineInventoryLabels label to be added to the created + MachineInventory object. + type: object + machineName: + type: string + type: object + status: + properties: + conditions: + description: Conditions describe the state of the machine registration + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + registrationToken: + description: RegistrationToken a token for registering a machine. + type: string + registrationURL: + description: RegistrationURL is the URL for registering a new machine. + type: string + serviceAccountRef: + description: ServiceAccountRef a reference to the service account + created by the machine registration. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: managedosimages.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: ManagedOSImage + listKind: ManagedOSImageList + plural: managedosimages + singular: managedosimage + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + cloudConfig: + type: object + clusterRolloutStrategy: + properties: + autoPartitionSize: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + maxUnavailablePartitions: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + partitions: + items: + properties: + clusterGroup: + type: string + clusterGroupSelector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + clusterName: + type: string + clusterSelector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + maxUnavailable: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + type: object + type: array + type: object + clusterTargets: + items: + properties: + clusterGroup: + type: string + clusterGroupSelector: + description: A label selector is a label query over a set of + resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. A + null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + clusterName: + type: string + clusterSelector: + description: A label selector is a label query over a set of + resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. A + null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + defaultNamespace: + type: string + diff: + properties: + comparePatches: + items: + properties: + apiVersion: + type: string + jsonPointers: + items: + type: string + type: array + kind: + type: string + name: + type: string + namespace: + type: string + operations: + items: + properties: + op: + type: string + path: + type: string + value: + type: string + type: object + type: array + type: object + type: array + type: object + forceSyncGeneration: + format: int64 + type: integer + helm: + properties: + chart: + type: string + force: + type: boolean + maxHistory: + type: integer + releaseName: + type: string + repo: + type: string + takeOwnership: + type: boolean + timeoutSeconds: + type: integer + values: + type: object + valuesFiles: + items: + type: string + type: array + valuesFrom: + items: + description: 'Define helm values that can come from configmap, + secret or external. Credit: https://github.com/fluxcd/helm-operator/blob/0cfea875b5d44bea995abe7324819432070dfbdc/pkg/apis/helm.fluxcd.io/v1/types_helmrelease.go#L439' + properties: + configMapKeyRef: + description: The reference to a config map with release + values. + properties: + key: + type: string + name: + type: string + namespace: + type: string + required: + - name + type: object + secretKeyRef: + description: The reference to a secret with release + values. + properties: + key: + type: string + name: + type: string + namespace: + type: string + required: + - name + type: object + type: object + type: array + version: + type: string + type: object + kustomize: + properties: + dir: + type: string + type: object + name: + type: string + namespace: + type: string + serviceAccount: + type: string + yaml: + properties: + overlays: + items: + type: string + type: array + type: object + type: object + type: array + concurrency: + format: int64 + type: integer + cordon: + type: boolean + drain: + description: DrainSpec encapsulates `kubectl drain` parameters minus + node/pod selectors. + properties: + deleteLocalData: + type: boolean + disableEviction: + type: boolean + force: + type: boolean + gracePeriod: + format: int32 + type: integer + ignoreDaemonSets: + type: boolean + skipWaitForDeleteTimeout: + type: integer + timeout: + description: A Duration represents the elapsed time between two + instants as an int64 nanosecond count. The representation limits + the largest representable duration to approximately 290 years. + format: int64 + type: integer + type: object + managedOSVersionName: + type: string + nodeSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + osImage: + type: string + prepare: + description: ContainerSpec is a simplified container template. + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + envs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + image: + type: string + type: object + upgradeContainer: + description: ContainerSpec is a simplified container template. + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + envs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + image: + type: string + type: object + type: object + status: + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: managedosversionchannels.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: ManagedOSVersionChannel + listKind: ManagedOSVersionChannelList + plural: managedosversionchannels + singular: managedosversionchannel + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + options: + x-kubernetes-preserve-unknown-fields: true + syncInterval: + type: string + type: + type: string + upgradeContainer: + description: ContainerSpec is a simplified container template. + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + envs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + image: + type: string + type: object + type: object + status: + properties: + conditions: + description: Conditions describe the state of the managed OS version + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastSyncedTime: + description: LastSyncedTime is the timestamp of the last synchronization + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: managedosversions.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: ManagedOSVersion + listKind: ManagedOSVersionList + plural: managedosversions + singular: managedosversion + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + metadata: + x-kubernetes-preserve-unknown-fields: true + minVersion: + type: string + type: + type: string + upgradeContainer: + description: ContainerSpec is a simplified container template. + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + envFrom: + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + envs: + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. If + a variable cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced to a single + $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless + of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + image: + type: string + type: object + version: + type: string + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + lastUpdateTime: + description: The last time this condition was updated. + type: string + message: + description: Human-readable message indicating details about + last transition + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of cluster condition. + type: string + required: + - status + - type + type: object + type: array + display: + properties: + readyClusters: + type: string + state: + type: string + type: object + maxNew: + type: integer + maxUnavailable: + type: integer + maxUnavailablePartitions: + type: integer + newlyCreated: + type: integer + observedGeneration: + format: int64 + type: integer + partitions: + items: + properties: + count: + type: integer + maxUnavailable: + type: integer + name: + type: string + summary: + properties: + desiredReady: + type: integer + errApplied: + type: integer + modified: + type: integer + nonReadyResources: + items: + properties: + bundleState: + type: string + message: + type: string + modifiedStatus: + items: + properties: + apiVersion: + type: string + delete: + type: boolean + kind: + type: string + missing: + type: boolean + name: + type: string + namespace: + type: string + patch: + type: string + type: object + type: array + name: + type: string + nonReadyStatus: + items: + properties: + apiVersion: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + summary: + properties: + error: + type: boolean + message: + items: + type: string + type: array + state: + type: string + transitioning: + type: boolean + type: object + uid: + description: UID is a type that holds unique + ID values, including UUIDs. Because we don't + ONLY use UUIDs, this is an alias to string. Being + a type captures intent and helps make sure + that UIDs and names do not get conflated. + type: string + type: object + type: array + type: object + type: array + notReady: + type: integer + outOfSync: + type: integer + pending: + type: integer + ready: + type: integer + waitApplied: + type: integer + required: + - desiredReady + - ready + type: object + unavailable: + type: integer + type: object + type: array + resourceKey: + items: + properties: + apiVersion: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + type: object + type: array + summary: + properties: + desiredReady: + type: integer + errApplied: + type: integer + modified: + type: integer + nonReadyResources: + items: + properties: + bundleState: + type: string + message: + type: string + modifiedStatus: + items: + properties: + apiVersion: + type: string + delete: + type: boolean + kind: + type: string + missing: + type: boolean + name: + type: string + namespace: + type: string + patch: + type: string + type: object + type: array + name: + type: string + nonReadyStatus: + items: + properties: + apiVersion: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + summary: + properties: + error: + type: boolean + message: + items: + type: string + type: array + state: + type: string + transitioning: + type: boolean + type: object + uid: + description: UID is a type that holds unique ID values, + including UUIDs. Because we don't ONLY use UUIDs, + this is an alias to string. Being a type captures + intent and helps make sure that UIDs and names do + not get conflated. + type: string + type: object + type: array + type: object + type: array + notReady: + type: integer + outOfSync: + type: integer + pending: + type: integer + ready: + type: integer + waitApplied: + type: integer + required: + - desiredReady + - ready + type: object + unavailable: + type: integer + unavailablePartitions: + type: integer + required: + - maxUnavailable + - maxUnavailablePartitions + - observedGeneration + - unavailable + - unavailablePartitions + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-elemental + cluster.x-k8s.io/v1beta1: v1beta1 + release-name: '{{ .Release.Name }}' + name: seedimages.elemental.cattle.io +spec: + group: elemental.cattle.io + names: + kind: SeedImage + listKind: SeedImageList + plural: seedimages + singular: seedimage + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + baseImage: + description: BaseImg the base elemental image used to build the seed + image. + type: string + cleanupAfterMinutes: + default: 60 + description: LifetimeMinutes the time at which the built seed image + will be cleaned up. If when the lifetime elapses the built image + is being downloaded, the active download will be completed before + removing the built image. Default is 60 minutes, set to 0 to disable. + format: int32 + type: integer + cloud-config: + description: CloudConfig contains cloud-config data to be put in the + generated iso. + x-kubernetes-preserve-unknown-fields: true + registrationRef: + description: MachineRegistrationRef a reference to the related MachineRegistration. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + retriggerBuild: + description: RetriggerBuild triggers to build again a cleaned up seed + image. + type: boolean + required: + - registrationRef + type: object + status: + properties: + conditions: + description: Conditions describe the state of the machine registration + object. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + downloadToken: + description: DownloadToken a token to identify the seed image to download. + type: string + downloadURL: + description: DownloadURL the URL from which the SeedImage can be downloaded + once built. + type: string + state: + description: State reflect the state of the seed image build process. + enum: + - Initialized + - Started + - Completed + - Failed + - NotStarted + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/elemental/103.0.0+up1.3.4/Chart.yaml b/charts/elemental/103.0.0+up1.3.4/Chart.yaml new file mode 100644 index 0000000000..d40c30bd90 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/Chart.yaml @@ -0,0 +1,20 @@ +annotations: + catalog.cattle.io/auto-install: elemental-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Elemental + catalog.cattle.io/kube-version: '>= 1.23.0-0' + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/provides-gvr: elemental.cattle.io/v1beta1 + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: elemental-operator + catalog.cattle.io/scope: management + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 1.3.4 +apiVersion: v2 +appVersion: 1.3.4 +description: Elemental provides Cloud Native OS Management for Cluster Nodes. +icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg +name: elemental +version: 103.0.0+up1.3.4 diff --git a/charts/elemental/103.0.0+up1.3.4/README.md b/charts/elemental/103.0.0+up1.3.4/README.md new file mode 100644 index 0000000000..bf7b83ea6c --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/README.md @@ -0,0 +1,5 @@ +# Elemental Operator Helm Chart + +This chart bootstraps an elemental-operator deployment on a [Rancher Manager](https://rancher.com/docs/rancher/) cluster using the [Helm](https://helm.sh) package manager. + +Check out the [Elemental Operator Helm Chart documentation](https://elemental.docs.rancher.com/elementaloperatorchart-reference/) in the official [Elemental guide](https://elemental.docs.rancher.com/). diff --git a/charts/elemental/103.0.0+up1.3.4/app-readme.md b/charts/elemental/103.0.0+up1.3.4/app-readme.md new file mode 100644 index 0000000000..c66b1bbb04 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/app-readme.md @@ -0,0 +1,5 @@ +# Elemental + +Elemental brings to Rancher the ability to install and manage the OS of bare metal and virtualized machines. + +For more information on how to deploy an Elemental Cluster, follow the [official documentation](https://elemental.docs.rancher.com/). diff --git a/charts/elemental/103.0.0+up1.3.4/questions.yaml b/charts/elemental/103.0.0+up1.3.4/questions.yaml new file mode 100644 index 0000000000..7aa97a85c2 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/questions.yaml @@ -0,0 +1,27 @@ +questions: +- variable: channel.defaultChannel + default: "true" + description: "Provide an Elemental OS Channel container image" + label: Elemental OS Channel + type: boolean + show_subquestion_if: true + group: "Elemental OS Channel" + subquestions: + - variable: channel.repository + default: registry.suse.com/rancher/elemental-teal-channel + description: "Specify Elemental OS channel repository" + type: string + label: Elemental OS Channel Repository + group: "Elemental OS Channel" + - variable: channel.tag + default: "1.3.4" + description: "Specify Elemental OS channel tag" + type: string + label: "Elemental OS Channel Tag" + group: "Elemental OS Channel" +- variable: debug + default: "false" + description: "Enable debug logging in the Elemental operator" + type: boolean + label: "Enable Debug Logging" + group: "Logging" diff --git a/charts/elemental/103.0.0+up1.3.4/templates/_helpers.tpl b/charts/elemental/103.0.0+up1.3.4/templates/_helpers.tpl new file mode 100644 index 0000000000..ee1e6fe7d8 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/_helpers.tpl @@ -0,0 +1,17 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{- define "registry_url" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{ include "system_default_registry" . }} +{{- else if .Values.registryUrl -}} +{{- printf "%s/" .Values.registryUrl -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/elemental/103.0.0+up1.3.4/templates/apiservice.yaml b/charts/elemental/103.0.0+up1.3.4/templates/apiservice.yaml new file mode 100644 index 0000000000..73ae2e505f --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/apiservice.yaml @@ -0,0 +1,9 @@ +kind: APIService +apiVersion: management.cattle.io/v3 +metadata: + name: {{ .Release.Name }} +spec: + secretName: elemental-operator + secretNamespace: {{ .Release.Namespace }} + pathPrefixes: + - /elemental/ diff --git a/charts/elemental/103.0.0+up1.3.4/templates/capi_rbac.yaml b/charts/elemental/103.0.0+up1.3.4/templates/capi_rbac.yaml new file mode 100644 index 0000000000..8692f75269 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/capi_rbac.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: elemental-capi-role + labels: + cluster.x-k8s.io/aggregate-to-manager: "true" +rules: + - apiGroups: ["elemental.cattle.io"] + resources: ["*"] + verbs: ["*"] diff --git a/charts/elemental/103.0.0+up1.3.4/templates/channel.yaml b/charts/elemental/103.0.0+up1.3.4/templates/channel.yaml new file mode 100644 index 0000000000..b85c0c0852 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/channel.yaml @@ -0,0 +1,11 @@ +{{ if and .Values.channel .Values.channel.repository .Values.channel.tag }} +apiVersion: elemental.cattle.io/v1beta1 +kind: ManagedOSVersionChannel +metadata: + name: elemental-os-channel + namespace: fleet-default +spec: + options: + image: {{ .Values.channel.repository }}:{{ .Values.channel.tag }} + type: custom +{{ end }} diff --git a/charts/elemental/103.0.0+up1.3.4/templates/cluster_role.yaml b/charts/elemental/103.0.0+up1.3.4/templates/cluster_role.yaml new file mode 100644 index 0000000000..718f90a055 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/cluster_role.yaml @@ -0,0 +1,267 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: '{{ .Release.Name }}' +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get +- apiGroups: + - "" + resources: + - pods/status + verbs: + - get +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - delete + - get + - list + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services/status + verbs: + - get +- apiGroups: + - cluster.x-k8s.io + resources: + - machines + verbs: + - get + - list + - watch +- apiGroups: + - elemental.cattle.io + resources: + - machineinventories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - machineinventories/status + verbs: + - get + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - machineinventoryselectors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - machineinventoryselectors/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - machineregistrations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - machineregistrations/status + verbs: + - get + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - managedosimages + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - managedosimages/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - managedosversionchannels + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - managedosversionchannels/status + verbs: + - get + - list + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - managedosversions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - managedosversions/status + verbs: + - get + - patch + - update +- apiGroups: + - elemental.cattle.io + resources: + - seedimages + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elemental.cattle.io + resources: + - seedimages/status + verbs: + - get + - patch + - update +- apiGroups: + - fleet.cattle.io + resources: + - bundles + verbs: + - create + - get + - list + - watch +- apiGroups: + - management.cattle.io + resources: + - settings + verbs: + - get + - list + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - list + - watch diff --git a/charts/elemental/103.0.0+up1.3.4/templates/cluster_role_binding.yaml b/charts/elemental/103.0.0+up1.3.4/templates/cluster_role_binding.yaml new file mode 100644 index 0000000000..e68c7bc96b --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/cluster_role_binding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ .Release.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ .Release.Name }} + namespace: {{.Release.Namespace}} + diff --git a/charts/elemental/103.0.0+up1.3.4/templates/deployment.yaml b/charts/elemental/103.0.0+up1.3.4/templates/deployment.yaml new file mode 100644 index 0000000000..576d58d596 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/deployment.yaml @@ -0,0 +1,50 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }} +spec: + replicas: {{ .Values.replicas }} + selector: + matchLabels: + app: elemental-operator + template: + metadata: + labels: + app: elemental-operator + spec: + containers: + - env: + - name: NO_PROXY + value: {{ .Values.noProxy }} + {{- if .Values.proxy }} + - name: HTTP_PROXY + value: {{ .Values.proxy }} + - name: HTTPS_PROXY + value: {{ .Values.proxy }} + {{- end }} + name: {{ .Release.Name }} + imagePullPolicy: "{{ .Values.image.imagePullPolicy }}" + image: {{ template "registry_url" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} + args: + - operator + {{- if .Values.debug }} + - --v=5 + - --debug + {{- end }} + - --namespace + - {{ .Release.Namespace }} + - --operator-image + - {{ template "registry_url" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} + - --seedimage-image + - {{ template "registry_url" . }}{{ .Values.seedImage.repository }}:{{ .Values.seedImage.tag | default .Chart.AppVersion }} + - --seedimage-image-pullpolicy + - {{ .Values.seedImage.imagePullPolicy}} + serviceAccountName: {{ .Release.Name }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/elemental/103.0.0+up1.3.4/templates/globalrole.yaml b/charts/elemental/103.0.0+up1.3.4/templates/globalrole.yaml new file mode 100644 index 0000000000..323cf2ead8 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/globalrole.yaml @@ -0,0 +1,16 @@ +apiVersion: management.cattle.io/v3 +builtin: false +description: "Elemental Administrator Role" +displayName: Elemental Administrator +kind: GlobalRole +metadata: + labels: + cattle.io/creator: norman + name: {{ .Release.Name }} +rules: +- apiGroups: + - elemental.cattle.io + resources: + - '*' + verbs: + - '*' diff --git a/charts/elemental/103.0.0+up1.3.4/templates/serviceaccount.yaml b/charts/elemental/103.0.0+up1.3.4/templates/serviceaccount.yaml new file mode 100644 index 0000000000..cb203d6f6c --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/serviceaccount.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Release.Name }} diff --git a/charts/elemental/103.0.0+up1.3.4/templates/validate-install-crd.yaml b/charts/elemental/103.0.0+up1.3.4/templates/validate-install-crd.yaml new file mode 100644 index 0000000000..c5c4aded4f --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/templates/validate-install-crd.yaml @@ -0,0 +1,25 @@ +{{ if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 }} + {{ $apis := dict + "elemental.cattle.io/v1beta1/MachineInventory" "machineinventories" + "elemental.cattle.io/v1beta1/MachineInventorySelector" "machineinventoryselectors" + "elemental.cattle.io/v1beta1/MachineInventorySelectorTemplate" "machineinventoryselectortemplates" + "elemental.cattle.io/v1beta1/MachineRegistration" "machineregistrations" + "elemental.cattle.io/v1beta1/ManagedOSImage" "managedosimages" + "elemental.cattle.io/v1beta1/ManagedOSVersionChannel" "managedosversionchannels" + "elemental.cattle.io/v1beta1/ManagedOSVersion" "managedosversions" + "elemental.cattle.io/v1beta1/SeedImage" "seedimages" + }} + {{- range $api, $crd := $apis -}} + {{- if not ($.Capabilities.APIVersions.Has $api) -}} + {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}} + {{- end -}} + {{- $crdobj := lookup "apiextensions.k8s.io/v1" "CustomResourceDefinition" "" (print $crd ".elemental.cattle.io") -}} + {{- if not $crdobj -}} + {{- print "Cannot lookup " $crd ".elemental.cattle.io crd object" | fail -}} + {{- end -}} + {{- $crdrelease := index $crdobj.metadata.annotations "meta.helm.sh/release-name" -}} + {{- if eq $crdrelease $.Release.Name -}} + {{- required "Elemental CRDs should be moved to the new elemental-operator-crds chart before upgrading this operator." "" -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/charts/elemental/103.0.0+up1.3.4/values.yaml b/charts/elemental/103.0.0+up1.3.4/values.yaml new file mode 100644 index 0000000000..6051eb3de5 --- /dev/null +++ b/charts/elemental/103.0.0+up1.3.4/values.yaml @@ -0,0 +1,42 @@ +image: + empty: rancher/pause:3.1 + repository: "rancher/mirrored-elemental-operator" + tag: "1.3.4" + imagePullPolicy: IfNotPresent + +seedImage: + repository: "rancher/mirrored-elemental-seedimage-builder" + tag: "1.3.4" + imagePullPolicy: IfNotPresent + +channel: + repository: "" + tag: "" + +# number of operator replicas to deploy +replicas: 1 + +# http[s] proxy server +# proxy: http://@:: + +# comma separated list of domains or ip addresses that will not use the proxy +noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local + +global: + cattle: + systemDefaultRegistry: "" + +# used only if systemDefaultRegistry is empty +registryUrl: "" + +# enable debug output for operator +debug: false + +nodeSelector: + kubernetes.io/os: linux + +tolerations: + - key: cattle.io/os + operator: "Equal" + value: "linux" + effect: NoSchedule diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/Chart.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/Chart.yaml new file mode 100644 index 0000000000..497f241d74 --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/Chart.yaml @@ -0,0 +1,26 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: vSphere CPI + catalog.cattle.io/kube-version: '>= 1.18.0-0 < 1.28.0-0' + catalog.cattle.io/namespace: kube-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: vsphere-cpi +apiVersion: v1 +appVersion: 1.6.0 +description: vSphere Cloud Provider Interface (CPI) +icon: https://charts.rancher.io/assets/logos/vsphere-cpi.svg +keywords: +- infrastructure +maintainers: +- email: jiaqi.luo@suse.com + name: Jiaqi Luo +- email: anna.blendermann@suse.com + name: Andy Blendermann +- email: brad.davidson@suse.com + name: Brad Davidson +name: rancher-vsphere-cpi +sources: +- https://github.com/kubernetes/cloud-provider-vsphere +version: 103.0.0+up1.6.0 diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/README.md b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/README.md new file mode 100644 index 0000000000..a8a605e16b --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/README.md @@ -0,0 +1,59 @@ +# vSphere Cloud Provider Interface (CPI) + +[vSphere Cloud Provider Interface (CPI)](https://github.com/kubernetes/cloud-provider-vsphere) is responsible for running all the platform specific control loops that were previously run in core Kubernetes components like the KCM and the kubelet, but have been moved out-of-tree to allow cloud and infrastructure providers to implement integrations that can be developed, built and released independent of Kubernetes core. The official documentation and tutorials can be found [here](https://vsphere-csi-driver.sigs.k8s.io/driver-deployment/prerequisites.html). + +**This chart requires being deployed into the `kube-system` namespace.** + +## Prerequisites + +- vSphere 6.7 U3+ +- Kubernetes v1.14+ +- A Secret on your Kubernetes cluster that contains vSphere credentials (Refer to `README` or `Detailed Descriptions`) + +## Installation + +This chart requires a Secret in your Kubernetes cluster that contains the server URL and credentials to connect to the vCenter. You can have the chart generate it for you, or create it yourself and provide the name of the Secret during installation. + +Warning: When the option to generate the Secret is enabled, the credentials are visible in the API to authorized users. If you create the Secret yourself they will not be visible. + +You can create a Secret in one of the following ways: +### Option 1: Create a Secret using the Rancher UI +Go to your cluster's project (Same project you will be installing the chart) > Resources > Secrets > Add Secret. +```yaml +# Example of data required in the Secret +.username: +.password: +``` + +### Option 2: Create a Secret using kubectl +Replace placeholders with actual values, and execute the following: +```bash +cat < + namespace: +data: + .username: + .password: +EOF +``` + +More information on managing Secrets using kubectl [here](https://kubernetes.io/docs/tasks/configmap-secret/managing-secret-using-kubectl/). + +## Migration + +If using this chart to migrate volumes provisioned by the in-tree provider to the out-of-tree CPI + CSI, you need to taint all nodes with the following: +``` +node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule +``` + +To perform this operation on all nodes in your cluster, the following script has been provided for your convenience: +```bash +# Note: Since this script uses kubectl, ensure that you run `export KUBECONFIG=` before running this script +for node in $(kubectl get nodes | awk '{print $1}' | tail -n +2); do + kubectl taint node $node node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule +done +``` \ No newline at end of file diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/app-readme.md b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/app-readme.md new file mode 100644 index 0000000000..67329e95b9 --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/app-readme.md @@ -0,0 +1,11 @@ +# vSphere Cloud Provider Interface (CPI) + +[vSphere Cloud Provider Interface (CPI)](https://github.com/kubernetes/cloud-provider-vsphere) is responsible for running all the platform specific control loops that were previously run in core Kubernetes components like the KCM and the kubelet, but have been moved out-of-tree to allow cloud and infrastructure providers to implement integrations that can be developed, built and released independent of Kubernetes core. The official documentation and tutorials can be found [here](https://vsphere-csi-driver.sigs.k8s.io/driver-deployment/prerequisites.html). + +**This chart requires being deployed into the `kube-system` namespace.** + +## Prerequisites + +- vSphere 6.7 U3+ or vSphere 7.0+ +- Kubernetes v1.19+ +- A Secret on your Kubernetes cluster that contains vSphere credentials (Refer to `README` or `Detailed Descriptions`) diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/questions.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/questions.yaml new file mode 100644 index 0000000000..13e9c48dca --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/questions.yaml @@ -0,0 +1,62 @@ +questions: + - variable: vCenter.host + label: vCenter Host + description: IP address or FQDN of the vCenter + type: string + required: true + group: Configuration + + - variable: vCenter.datacenters + description: Comma-separated list of paths to data centers. E.g ", , ..." + label: Data Centers + type: string + required: true + group: Configuration + + - variable: vCenter.credentialsSecret.generate + label: Generate Credential's Secret + description: Generates a secret with the vSphere credentials (If the option to generate it is enabled, credentials will be visible in the API to authorized users) + type: boolean + default: true + required: true + group: Configuration + show_subquestion_if: true + subquestions: + - variable: vCenter.username + label: Username + description: Username for vCenter + type: string + group: Configuration + - variable: vCenter.password + label: Password + description: Password for vCenter + type: password + group: Configuration + + - variable: vCenter.credentialsSecret.name + label: Credential's Secret Name + description: Name of the secret with the vSphere credentials (Will not be visible in the API. More info in the README) + default: "vsphere-cpi-creds" + type: string + group: Configuration + show_if: "vCenter.credentialsSecret.generate=false" + + - variable: vCenter.labels.generate + label: Define vSphere Tags + description: "vSphere Tags used to determine the zone and region of a Kubernetes node. This labels will be propagated to NodeLabels" + type: boolean + default: false + required: true + group: Configuration + show_subquestion_if: true + subquestions: + - variable: vCenter.labels.region + label: Region + description: vSphere tag which will used to define regions. e.g. eu-central + type: string + group: Configuration + - variable: vCenter.labels.zone + label: Zone + description: vSphere tag which will used to define availability zones + type: string + group: Configuration diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/_helpers.tpl b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/_helpers.tpl new file mode 100644 index 0000000000..a608baf1d7 --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{- define "applyVersionOverrides" -}} +{{- $overrides := dict -}} +{{- range $override := .Values.versionOverrides -}} +{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}} +{{- $_ := mergeOverwrite $overrides $override.values -}} +{{- end -}} +{{- end -}} +{{- $_ := mergeOverwrite .Values $overrides -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +kubernetes.io/os: linux +{{- end -}} \ No newline at end of file diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/configmap.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/configmap.yaml new file mode 100644 index 0000000000..ba9576f333 --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/configmap.yaml @@ -0,0 +1,32 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: vsphere-cloud-config + labels: + vsphere-cpi-infra: config + component: {{ .Chart.Name }}-cloud-controller-manager + namespace: {{ .Release.Namespace }} +data: + vsphere.yaml: | + # Global properties in this section will be used for all specified vCenters unless overriden in VirtualCenter section. + {{ with .Values.vCenter }} + global: + secretName: {{ .credentialsSecret.name | quote }} + secretNamespace: {{ $.Release.Namespace | quote }} + port: {{ .port }} + insecureFlag: {{ .insecureFlag }} + + # vcenter section + vcenter: + {{ .host | quote }}: + server: {{ .host | quote }} + datacenters: + - {{ .datacenters | quote }} + {{- if .labels.generate }} + + # labels for regions and zones + labels: + region: {{ .labels.region | quote }} + zone: {{ .labels.zone | quote }} + {{- end }} + {{- end }} diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/daemonset.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/daemonset.yaml new file mode 100644 index 0000000000..fe9cc50a9b --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/daemonset.yaml @@ -0,0 +1,104 @@ +{{- template "applyVersionOverrides" . -}} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ .Chart.Name }}-cloud-controller-manager + labels: + component: {{ .Chart.Name }}-cloud-controller-manager + tier: control-plane + namespace: {{ .Release.Namespace }} + annotations: + scheduler.alpha.kubernetes.io/critical-pod: "" +spec: + selector: + matchLabels: + name: {{ .Chart.Name }}-cloud-controller-manager + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + name: {{ .Chart.Name }}-cloud-controller-manager + component: {{ .Chart.Name }}-cloud-controller-manager + tier: control-plane + spec: + {{- if .Values.cloudControllerManager.nodeSelector }} + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} + {{- with .Values.cloudControllerManager.nodeSelector }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- else }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + # RKE node selector label + - key: node-role.kubernetes.io/controlplane + operator: In + values: + - "true" + - key: kubernetes.io/os + operator: NotIn + values: + - "windows" + - matchExpressions: + # RKE2 node selector label + - key: node-role.kubernetes.io/control-plane + operator: In + values: + - "true" + - key: kubernetes.io/os + operator: NotIn + values: + - "windows" + {{- end }} + {{- if .Values.cloudControllerManager.tolerations }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} + {{- with .Values.cloudControllerManager.tolerations }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- else }} + tolerations: + - key: node.cloudprovider.kubernetes.io/uninitialized + value: "true" + effect: NoSchedule + - key: node-role.kubernetes.io/master + effect: NoSchedule + operator: Exists + - key: node.kubernetes.io/not-ready + effect: NoSchedule + operator: Exists + # Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints + - key: node-role.kubernetes.io/controlplane + effect: NoSchedule + value: "true" + - key: node-role.kubernetes.io/control-plane + effect: NoSchedule + operator: Exists + - key: node-role.kubernetes.io/etcd + effect: NoExecute + operator: Exists + {{- end }} + securityContext: + runAsUser: 1001 + serviceAccountName: {{ .Chart.Name }}-cloud-controller-manager + containers: + - name: {{ .Chart.Name }}-cloud-controller-manager + image: {{ template "system_default_registry" . }}{{ .Values.cloudControllerManager.repository }}:{{ .Values.cloudControllerManager.tag }} + args: + - --cloud-provider=vsphere + - --v=2 + - --cloud-config=/etc/cloud/vsphere.yaml + volumeMounts: + - mountPath: /etc/cloud + name: vsphere-config-volume + readOnly: true + resources: + requests: + cpu: 200m + hostNetwork: true + volumes: + - name: vsphere-config-volume + configMap: + name: vsphere-cloud-config diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/role-binding.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/role-binding.yaml new file mode 100644 index 0000000000..1a3a030d2b --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/role-binding.yaml @@ -0,0 +1,40 @@ +{{- if .Values.cloudControllerManager.rbac.enabled -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: servicecatalog.k8s.io:apiserver-authentication-reader + labels: + vsphere-cpi-infra: role-binding + component: {{ .Chart.Name }}-cloud-controller-manager + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: extension-apiserver-authentication-reader +subjects: +- apiGroup: "" + kind: ServiceAccount + name: {{ .Chart.Name }}-cloud-controller-manager + namespace: {{ .Release.Namespace }} +- apiGroup: "" + kind: User + name: {{ .Chart.Name }}-cloud-controller-manager +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: system:{{ .Chart.Name }}-cloud-controller-manager + labels: + vsphere-cpi-infra: cluster-role-binding + component: {{ .Chart.Name }}-cloud-controller-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:{{ .Chart.Name }}-cloud-controller-manager +subjects: +- kind: ServiceAccount + name: {{ .Chart.Name }}-cloud-controller-manager + namespace: {{ .Release.Namespace }} +- kind: User + name: {{ .Chart.Name }}-cloud-controller-manager +{{- end -}} diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/role.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/role.yaml new file mode 100644 index 0000000000..f26b834ace --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/role.yaml @@ -0,0 +1,92 @@ +{{- if .Values.cloudControllerManager.rbac.enabled -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: system:{{ .Chart.Name }}-cloud-controller-manager + labels: + vsphere-cpi-infra: role + component: {{ .Chart.Name }}-cloud-controller-manager +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - update +- apiGroups: + - "" + resources: + - nodes + verbs: + - "*" +- apiGroups: + - "" + resources: + - nodes/status + verbs: + - patch +- apiGroups: + - "" + resources: + - services + verbs: + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services/status + verbs: + - patch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - watch + - update +- apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - get + - list + - watch + - update +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "coordination.k8s.io" + resources: + - leases + verbs: + - create + - get + - list + - watch + - update +{{- end -}} diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/secret.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/secret.yaml new file mode 100644 index 0000000000..1fc8ef899e --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/secret.yaml @@ -0,0 +1,13 @@ +{{- if .Values.vCenter.credentialsSecret.generate -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.vCenter.credentialsSecret.name }} + labels: + vsphere-cpi-infra: secret + component: {{ .Chart.Name }}-cloud-controller-manager + namespace: {{ .Release.Namespace }} +data: + {{ .Values.vCenter.host }}.username: {{ .Values.vCenter.username | b64enc | quote }} + {{ .Values.vCenter.host }}.password: {{ .Values.vCenter.password | b64enc | quote }} +{{- end -}} diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/service-account.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/service-account.yaml new file mode 100644 index 0000000000..8e269556b6 --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/service-account.yaml @@ -0,0 +1,10 @@ +{{- if .Values.cloudControllerManager.rbac.enabled -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Chart.Name }}-cloud-controller-manager + labels: + vsphere-cpi-infra: service-account + component: {{ .Chart.Name }}-cloud-controller-manager + namespace: {{ .Release.Namespace }} +{{- end -}} diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/service.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/service.yaml new file mode 100644 index 0000000000..e50d0b5afb --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + component: {{ .Chart.Name }}-cloud-controller-manager + name: {{ .Chart.Name }}-cloud-controller-manager + namespace: {{ .Release.Namespace }} +spec: + type: NodePort + ports: + - port: 43001 + protocol: TCP + targetPort: 43001 + selector: + component: {{ .Chart.Name }}-cloud-controller-manager diff --git a/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/values.yaml b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/values.yaml new file mode 100644 index 0000000000..06de1b6841 --- /dev/null +++ b/charts/rancher-vsphere-cpi/103.0.0+up1.6.0/values.yaml @@ -0,0 +1,96 @@ +vCenter: + host: "" + port: 443 + insecureFlag: true + datacenters: "" + username: "" + password: "" + credentialsSecret: + name: "vsphere-cpi-creds" + generate: true + +# vSphere Tags used to determine the zone and region of a Kubernetes node. This labels will be propagated to NodeLabels + labels: + region: "k8s-region" + zone: "k8s-zone" + generate: false + +# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. +# +# For each key in versionOverrides, this chart will check to see if the current Kubernetes cluster's version matches +# any of the semver constraints provided as keys on the map. +# +# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. +# +# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. +# +# Notes: +# - On running a helm template, Helm uses the `.Capabilities.APIVersion` of whatever +# Kubernetes release that version of Helm was built against. +# - On running a helm install --dry-run, the correct kubeVersion should be chosen. +# +# Supported versions can be found at: +# https://github.com/kubernetes/cloud-provider-vsphere#compatibility-with-kubernetes +versionOverrides: + - constraint: "~ 1.27" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.27.0 + - constraint: "~ 1.26" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.26.2 + - constraint: "~ 1.25" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.25.3 + - constraint: ">= 1.24 < 1.25" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.24.6 + - constraint: ">= 1.23 < 1.24" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.23.4 + - constraint: "~ 1.22" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.22.8 + - constraint: "~ 1.21" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.21.3 + - constraint: "~ 1.20" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.20.1 + - constraint: "~ 1.19" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.19.0 + - constraint: "~ 1.18" + values: + cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: v1.18.0 + +cloudControllerManager: + repository: rancher/mirrored-cloud-provider-vsphere-cpi-release-manager + tag: latest + nodeSelector: {} + tolerations: [] + rbac: + enabled: true + +global: + cattle: + systemDefaultRegistry: "" diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/Chart.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/Chart.yaml new file mode 100644 index 0000000000..71e414cbc9 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/Chart.yaml @@ -0,0 +1,26 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: vSphere CSI + catalog.cattle.io/kube-version: '>= 1.20.0-0 < 1.28.0-0' + catalog.cattle.io/namespace: kube-system + catalog.cattle.io/os: linux,windows + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: vsphere-csi +apiVersion: v1 +appVersion: 3.0.2-rancher1 +description: vSphere Cloud Storage Interface (CSI) +icon: https://charts.rancher.io/assets/logos/vsphere-csi.svg +keywords: +- infrastructure +maintainers: +- email: jiaqi.luo@suse.com + name: Jiaqi Luo +- email: anna.blendermann@suse.com + name: Andy Blendermann +- email: brad.davidson@suse.com + name: Brad Davidson +name: rancher-vsphere-csi +sources: +- https://github.com/kubernetes-sigs/vsphere-csi-driver +version: 103.0.0+up3.0.2-rancher1 diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/README.md b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/README.md new file mode 100644 index 0000000000..4cb94f45f2 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/README.md @@ -0,0 +1,84 @@ +# vSphere Container Storage Interface (CSI) + +[vSphere Container Storage Interface (CSI)](https://github.com/kubernetes-sigs/vsphere-csi-driver/tree/release-2.1/manifests/v2.1.0/vsphere-7.0u1/) is a specification designed to enable persistent storage volume management on Container Orchestrators (COs) such as Kubernetes. The specification allows storage systems to integrate with containerized workloads running on Kubernetes. Using CSI, storage providers, such as VMware, can write and deploy plugins for storage systems in Kubernetes without a need to modify any core Kubernetes code. + +CSI allows volume plugins to be installed on Kubernetes clusters as extensions. Once a CSI compatible volume driver is deployed on a Kubernetes cluster, users can use the CSI to provision, attach, mount, and format the volumes exposed by the CSI driver. + +The CSI driver for vSphere is `csi.vsphere.vmware.com`. + +## Prerequisites + +- vSphere 6.7 U3+ +- Kubernetes v1.20+ +- Out-of-tree vSphere Cloud Provider Interface (CPI) +- A Secret on your Kubernetes cluster that contains vSphere CSI configuration and credentials + +## Installation + +This chart requires a Secret in your Kubernetes cluster that contains the CSI configuration and credentials to connect to the vCenter. You can have the chart generate it for you, or create it yourself and provide the name of the Secret during installation. + +Warning: When the option to generate the Secret is enabled, the credentials are visible in the API to authorized users. If you create the Secret yourself they will not be visible. + +You can create a Secret in one of the following ways: + +### Option 1: Create a Secret using the Rancher UI + +Go to your cluster's project (Same project you will be installing the chart) > Resources > Secrets > Add Secret. +```yaml +# Example of data required in the Secret +# The csi-vsphere.conf key name is required, otherwise the installation will fail +csi-vsphere.conf: | + [Global] + cluster-id = "" + user = "" + password = "" + port = "" + insecure-flag = "" + + [VirtualCenter ""] + datacenters = ", , ..." +``` +More information on CSI vSphere configuration [here](https://vsphere-csi-driver.sigs.k8s.io/driver-deployment/installation.html#create_k8s_secret). + +### Option 2: Create a Secret using kubectl + +Replace placeholders with actual values, and execute the following: +```bash +# The csi-vsphere.conf key name is required, otherwise the installation will fail +cat < + namespace: +stringData: + csi-vsphere.conf: | + [Global] + cluster-id = "" + user = "" + password = "" + port = "" + insecure-flag = "" + + [VirtualCenter ""] + datacenters = ", , ..." +EOF +``` + +More information on managing Secrets using kubectl [here](https://kubernetes.io/docs/tasks/configmap-secret/managing-secret-using-kubectl/). + +## Migration + +The CSI migration feature is only available for vSphere 7.0 U1. + +## vSphere CSI with Topology + +When deploying to a vSphere environment using zoning, the topology plugin can be enabled for the CSI to make intelligent volume provisioning decisions. More information on vSphere zoning and prerequisites for the CSI toplogy plugin can be found [here](https://docs.vmware.com/en/VMware-vSphere-Container-Storage-Plug-in/2.0/vmware-vsphere-csp-getting-started/GUID-162E7582-723B-4A0F-A937-3ACE82EAFD31.html#guidelines-and-best-practices-for-deployment-with-topology-0). + +To enable the topology plugin, adjust the values for the chart as follows: + +```yaml +topology: + enabled: true +``` \ No newline at end of file diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/app-readme.md b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/app-readme.md new file mode 100644 index 0000000000..bae1876f09 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/app-readme.md @@ -0,0 +1,14 @@ +# vSphere Container Storage Interface (CSI) + +[vSphere Container Storage Interface (CSI)](https://github.com/kubernetes-sigs/vsphere-csi-driver) is a specification designed to enable persistent storage volume management on Container Orchestrators (COs) such as Kubernetes. The specification allows storage systems to integrate with containerized workloads running on Kubernetes. Using CSI, storage providers, such as VMware, can write and deploy plugins for storage systems in Kubernetes without a need to modify any core Kubernetes code. + +CSI allows volume plugins to be installed on Kubernetes clusters as extensions. Once a CSI compatible volume driver is deployed on a Kubernetes cluster, users can use the CSI to provision, attach, mount, and format the volumes exposed by the CSI driver. + +The CSI driver for vSphere is `csi.vsphere.vmware.com`. + +## Prerequisites + +- vSphere 6.7 U3+ +- Kubernetes v1.14+ +- Out-of-tree vSphere Cloud Provider Interface (CPI) +- A Secret on your Kubernetes cluster that contains vSphere CSI configuration and credentials (Refer to `README` or `Detailed Descriptions`) diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/questions.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/questions.yaml new file mode 100644 index 0000000000..d02e91f757 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/questions.yaml @@ -0,0 +1,148 @@ +questions: + - variable: vCenter.configSecret.generate + label: Generate CSI vSphere Config Secret + description: Generates a Secret that contains a CSI vSphere config and credentials (If the option to generate it is enabled, credentials will be visible in the API to authorized users) + type: boolean + default: true + required: true + group: vCenter Configuration + show_subquestion_if: true + subquestions: + - variable: vCenter.host + label: vCenter Host + description: IP address or FQDN of the vCenter + type: string + + - variable: vCenter.datacenters + description: Comma-separated list of paths to data centers. E.g ", , ..." + label: Data Centers + type: string + + - variable: vCenter.username + label: Username + description: Username for vCenter + type: string + + - variable: vCenter.password + label: Password + description: Password for vCenter + type: password + + - variable: vCenter.configSecret.name + label: CSI vSphere Config Secret Name + description: Name of the Secret that contains a CSI vSphere config and credentials (Will not be visible in the API. More info in the README) + type: string + group: vCenter Configuration + show_if: "vCenter.configSecret.generate=false" + + - variable: csiMigration.enabled + label: Enable CSI Migration + description: Enable migration of volumes provisioned by in-tree vSphere provider to CSI (Available for vSphere 7.0 U1+ only) + type: boolean + default: false + group: Driver Configuration + + - variable: csiAuthCheck.enabled + label: Enable authorization checks on operations involving datastores + type: boolean + default: false + group: Driver Configuration + + - variable: onlineVolumeExtend.enabled + label: Enable Online Volume Extend + description: Enable expansion of PVCs that are in use by a Pod or mounted in a Node (Available for vSphere 7.0 U2+ only) + type: boolean + default: false + group: Driver Configuration + + - variable: triggerCsiFullsync.enabled + label: Enable CSI Full Sync + description: Keeps CNS up to date with Kubernetes volume metadata information (such as PVs, PVCs, pods, and so on) + type: boolean + default: false + group: Driver Configuration + + - variable: asyncQueryVolume.enabled + label: Enable Async Query Volume + description: Improves retrieval of volume information + type: boolean + default: false + group: Driver Configuration + + - variable: improvedCsiIdempotency.enabled + label: Enable Improved CSI Idempotency + description: Enhances driver to ensure volume operations are idempotent + type: boolean + default: false + group: Driver Configuration + + - variable: improvedVolumeTopology.enabled + label: Enable Improved Volume Topology + description: Allows using the topology feature without the need to mount vSphere credentials in the CSI node daemonset + type: boolean + default: false + group: Driver Configuration + + - variable: csiWindowsSupport.enabled + label: Enable CSI Windows Support + description: Enables Windows support. + type: boolean + default: false + group: Driver Configuration + + - variable: topology.enabled + label: Enable CSI Topology Plugin + description: Enables the CSI Topology Plugin + type: boolean + default: false + group: Driver Configuration + + - variable: csiController.csiResizer.enabled + label: Enable CSI Volume Resizer + description: This feature is available for vSphere 7.0 U1+ only + type: boolean + default: false + group: Storage + + - variable: storageClass.enabled + default: true + label: Create Storage Class + description: Create a storageClass with the vSphere CSI provisioner + type: boolean + required: true + show_subquestion_if: true + group: Storage + subquestions: + - variable: storageClass.name + label: Storage Class Name + default: "vsphere-csi-sc" + type: string + + - variable: storageClass.isDefault + label: Default Storage Class + description: Set the Storage Class as the default + default: true + type: boolean + + - variable: storageClass.allowVolumeExpansion + label: Allow Volume Expansion + description: Allows resizing the volume by editing the corresponding PVC object (Available for vSphere 7.0+ only) + default: false + type: boolean + + - variable: storageClass.storagePolicyName + label: Storage Policy Name + description: Name of the Storage Policy created in vCenter + type: string + + - variable: storageClass.datastoreURL + label: Data Store URL + description: URL of the data store to use for new volumes (If unspecified, any data store that matches the request will be selected). + type: string + + - variable: csiNode.prefixPath + label: Prefix Path for `/var/lib/kubelet` + description: For some operating systems including RancherOS, RKE prefixes `/var/lib/kubelet` with `/opt/rke`. Add the prefix path of the location of /var/lib/kubelet + type: string + default: "" + group: Node Configuration diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/_helpers.tpl b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/_helpers.tpl new file mode 100644 index 0000000000..a608baf1d7 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{- define "applyVersionOverrides" -}} +{{- $overrides := dict -}} +{{- range $override := .Values.versionOverrides -}} +{{- if semverCompare $override.constraint $.Capabilities.KubeVersion.Version -}} +{{- $_ := mergeOverwrite $overrides $override.values -}} +{{- end -}} +{{- end -}} +{{- $_ := mergeOverwrite .Values $overrides -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +kubernetes.io/os: linux +{{- end -}} \ No newline at end of file diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/configmap.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/configmap.yaml new file mode 100644 index 0000000000..9742ca3630 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/configmap.yaml @@ -0,0 +1,22 @@ +# Source: https://github.com/kubernetes-sigs/vsphere-csi-driver +apiVersion: v1 +data: + "csi-migration": {{ .Values.csiMigration.enabled | quote }} + "csi-auth-check": {{ .Values.csiAuthCheck.enabled | quote }} + "online-volume-extend": {{ .Values.onlineVolumeExtend.enabled | quote }} + "trigger-csi-fullsync": {{ .Values.triggerCsiFullsync.enabled | quote }} + "async-query-volume": {{ .Values.asyncQueryVolume.enabled | quote }} + "improved-csi-idempotency": {{ .Values.improvedCsiIdempotency.enabled | quote }} + "improved-volume-topology": {{ .Values.improvedVolumeTopology.enabled | quote }} + "block-volume-snapshot": {{ .Values.blockVolumeSnapshot.enabled | quote }} + "csi-windows-support": {{ .Values.csiWindowsSupport.enabled | quote }} + "use-csinode-id": {{ .Values.useCsinodeId.enabled | quote }} + "list-volumes": {{ .Values.listVolumes.enabled | quote }} + "pv-to-backingdiskobjectid-mapping": {{ .Values.pvToBackingdiskobjectidMapping.enabled | quote }} + "cnsmgr-suspend-create-volume": {{ .Values.cnsmgrSuspendCreateVolume.enabled | quote }} + "topology-preferential-datastores": {{ .Values.topologyPreferentialDatastores.enabled | quote }} + "max-pvscsi-targets-per-vm": {{ .Values.maxPvscsiTargetsPerVm.enabled | quote }} +kind: ConfigMap +metadata: + name: internal-feature-states.csi.vsphere.vmware.com + namespace: {{ .Release.Namespace }} diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/deployment.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/deployment.yaml new file mode 100644 index 0000000000..7e5600324d --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/deployment.yaml @@ -0,0 +1,228 @@ +{{- template "applyVersionOverrides" . -}} +kind: Deployment +apiVersion: apps/v1 +metadata: + name: vsphere-csi-controller + namespace: {{ .Release.Namespace }} +spec: + replicas: 3 + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + maxSurge: 0 + selector: + matchLabels: + app: vsphere-csi-controller + template: + metadata: + labels: + app: vsphere-csi-controller + role: vsphere-csi + spec: + serviceAccountName: vsphere-csi-controller + {{- if .Values.csiController.nodeSelector }} + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} + {{- with .Values.csiController.nodeSelector }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- else }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + # RKE node selector label + - key: node-role.kubernetes.io/controlplane + operator: In + values: + - "true" + # Rancher node selector label + - key: kubernetes.io/os + operator: NotIn + values: + - "windows" + - matchExpressions: + # RKE2 node selector label + - key: node-role.kubernetes.io/control-plane + operator: In + values: + - "true" + # Rancher node selector label + - key: kubernetes.io/os + operator: NotIn + values: + - "windows" + {{- end }} + {{- if .Values.csiController.tolerations }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} + {{- with .Values.csiController.tolerations }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- else }} + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + # Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints + - key: node-role.kubernetes.io/controlplane + effect: NoSchedule + value: "true" + - key: node-role.kubernetes.io/control-plane + effect: NoSchedule + operator: Exists + - key: node-role.kubernetes.io/etcd + effect: NoExecute + operator: Exists + {{- end }} + dnsPolicy: "Default" + containers: + - name: csi-attacher + image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.csiAttacher.repository }}:{{ .Values.csiController.image.csiAttacher.tag }}" + args: + - "--v=4" + - "--timeout=300s" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--kube-api-qps=100" + - "--kube-api-burst=100" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir +{{- if .Values.csiController.csiResizer.enabled }} + - name: csi-resizer + image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.csiResizer.repository }}:{{ .Values.csiController.image.csiResizer.tag }}" + args: + - "--v=4" + - "--timeout=300s" + - "--handle-volume-inuse-error=false" + - "--csi-address=$(ADDRESS)" + - "--kube-api-qps=100" + - "--kube-api-burst=100" + - "--leader-election" + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir +{{- end }} + - name: vsphere-csi-controller + image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.repository }}:{{ .Values.csiController.image.tag }}" + args: + - "--fss-name=internal-feature-states.csi.vsphere.vmware.com" + - "--fss-namespace=$(CSI_NAMESPACE)" + {{- if semverCompare "< 1.24" $.Capabilities.KubeVersion.Version }} + - "--use-gocsi=false" + {{- end }} + imagePullPolicy: "Always" + env: + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: X_CSI_MODE + value: "controller" + - name: X_CSI_SPEC_DISABLE_LEN_CHECK + value: "true" + - name: X_CSI_SERIAL_VOL_ACCESS_TIMEOUT + value: 3m + - name: VSPHERE_CSI_CONFIG + value: "/etc/cloud/csi-vsphere.conf" + - name: LOGGER_LEVEL + value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION + - name: INCLUSTER_CLIENT_QPS + value: "100" + - name: INCLUSTER_CLIENT_BURST + value: "100" + - name: CSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - mountPath: /etc/cloud + name: vsphere-config-volume + readOnly: true + - mountPath: /csi + name: socket-dir + ports: + - name: healthz + containerPort: 9808 + protocol: TCP + - name: prometheus + containerPort: 2112 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + timeoutSeconds: 3 + periodSeconds: 5 + failureThreshold: 3 + - name: liveness-probe + image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.livenessProbe.repository }}:{{ .Values.csiController.image.livenessProbe.tag }}" + args: + - "--v=4" + - "--csi-address=/csi/csi.sock" + volumeMounts: + - name: socket-dir + mountPath: /csi + - name: vsphere-syncer + image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.vsphereSyncer.repository }}:{{ .Values.csiController.image.vsphereSyncer.tag }}" + args: + - "--leader-election" + - "--fss-name=internal-feature-states.csi.vsphere.vmware.com" + - "--fss-namespace=$(CSI_NAMESPACE)" + imagePullPolicy: "Always" + ports: + - containerPort: 2113 + name: prometheus + protocol: TCP + env: + - name: FULL_SYNC_INTERVAL_MINUTES + value: "30" + - name: VSPHERE_CSI_CONFIG + value: "/etc/cloud/csi-vsphere.conf" + - name: LOGGER_LEVEL + value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION + - name: INCLUSTER_CLIENT_QPS + value: "100" + - name: INCLUSTER_CLIENT_BURST + value: "100" + - name: CSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - mountPath: /etc/cloud + name: vsphere-config-volume + readOnly: true + - name: csi-provisioner + image: "{{ template "system_default_registry" . }}{{ .Values.csiController.image.csiProvisioner.repository }}:{{ .Values.csiController.image.csiProvisioner.tag }}" + args: + - "--v=4" + - "--timeout=300s" + - "--csi-address=$(ADDRESS)" + - "--kube-api-qps=100" + - "--kube-api-burst=100" + - "--leader-election" + - "--default-fstype=ext4" + {{- if .Values.topology.enabled }} + # needed only for topology aware setup + - "--feature-gates=Topology=true" + - "--strict-topology" + {{- end }} + env: + - name: ADDRESS + value: /csi/csi.sock + volumeMounts: + - mountPath: /csi + name: socket-dir + volumes: + - name: vsphere-config-volume + secret: + secretName: {{ .Values.vCenter.configSecret.name }} + - name: socket-dir + emptyDir: {} diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/role-binding.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/role-binding.yaml new file mode 100644 index 0000000000..0a30fd71c6 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/role-binding.yaml @@ -0,0 +1,12 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-controller-binding +subjects: + - kind: ServiceAccount + name: vsphere-csi-controller + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: vsphere-csi-controller-role + apiGroup: rbac.authorization.k8s.io diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/role.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/role.yaml new file mode 100644 index 0000000000..0d869f7950 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/role.yaml @@ -0,0 +1,59 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-controller-role +rules: + - apiGroups: [""] + resources: ["nodes", "pods", "configmaps"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["patch"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "csinodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "patch"] + - apiGroups: ["cns.vmware.com"] + resources: ["triggercsifullsyncs"] + verbs: ["create", "get", "update", "watch", "list"] + - apiGroups: ["cns.vmware.com"] + resources: ["cnsvspherevolumemigrations"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "create", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["patch"] + - apiGroups: ["cns.vmware.com"] + resources: ["cnsvolumeoperationrequests"] + verbs: ["create", "get", "list", "update", "delete"] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshots" ] + verbs: [ "get", "list" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotclasses" ] + verbs: [ "watch", "get", "list" ] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents" ] + verbs: [ "create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: [ "snapshot.storage.k8s.io" ] + resources: [ "volumesnapshotcontents/status" ] + verbs: [ "update", "patch" ] + - apiGroups: [ "cns.vmware.com" ] + resources: [ "csinodetopologies" ] + verbs: ["get", "update", "watch", "list"] diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/service-account.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/service-account.yaml new file mode 100644 index 0000000000..b6dbe5d32a --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/service-account.yaml @@ -0,0 +1,5 @@ +kind: ServiceAccount +apiVersion: v1 +metadata: + name: vsphere-csi-controller + namespace: {{ .Release.Namespace }} diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/service.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/service.yaml new file mode 100644 index 0000000000..c3aa0e4336 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/controller/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: vsphere-csi-controller + namespace: {{ .Release.Namespace }} + labels: + app: vsphere-csi-controller +spec: + ports: + - name: ctlr + port: 2112 + targetPort: 2112 + protocol: TCP + - name: syncer + port: 2113 + targetPort: 2113 + protocol: TCP + selector: + app: vsphere-csi-controller diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/csi-driver.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/csi-driver.yaml new file mode 100644 index 0000000000..9b6909e6ac --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/csi-driver.yaml @@ -0,0 +1,8 @@ +# Source: https://github.com/kubernetes-sigs/vsphere-csi-driver +apiVersion: storage.k8s.io/v1 # For k8s 1.17 use storage.k8s.io/v1beta1 +kind: CSIDriver +metadata: + name: csi.vsphere.vmware.com +spec: + attachRequired: true + podInfoOnMount: false diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/daemonset.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/daemonset.yaml new file mode 100644 index 0000000000..2d14bde132 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/daemonset.yaml @@ -0,0 +1,180 @@ +{{- template "applyVersionOverrides" . -}} +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: vsphere-csi-node + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + app: vsphere-csi-node + updateStrategy: + type: "RollingUpdate" + rollingUpdate: + maxUnavailable: 1 + template: + metadata: + labels: + app: vsphere-csi-node + role: vsphere-csi + spec: + {{- if .Values.csiNode.nodeSelector }} + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} + {{- with .Values.csiNode.nodeSelector }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- else }} + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + # Rancher node selector label + - key: kubernetes.io/os + operator: NotIn + values: + - "windows" + {{- end }} + {{- if .Values.csiNode.tolerations }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} + {{- with .Values.csiNode.tolerations }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- else }} + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + # Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints + - key: node-role.kubernetes.io/controlplane + effect: NoSchedule + value: "true" + - key: node-role.kubernetes.io/control-plane + effect: NoSchedule + operator: Exists + - key: node-role.kubernetes.io/etcd + effect: NoExecute + operator: Exists + {{- end }} + serviceAccountName: vsphere-csi-node + hostNetwork: true + dnsPolicy: "ClusterFirstWithHostNet" + containers: + - name: node-driver-registrar + image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.nodeDriverRegistrar.repository }}:{{ .Values.csiNode.image.nodeDriverRegistrar.tag }}" + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock + volumeMounts: + - name: plugin-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + livenessProbe: + exec: + command: + - /csi-node-driver-registrar + - --kubelet-registration-path=/var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock + - --mode=kubelet-registration-probe + initialDelaySeconds: 3 + - name: vsphere-csi-node + image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.repository }}:{{ .Values.csiNode.image.tag }}" + args: + - "--fss-name=internal-feature-states.csi.vsphere.vmware.com" + - "--fss-namespace=$(CSI_NAMESPACE)" + {{- if semverCompare "< 1.24" $.Capabilities.KubeVersion.Version }} + - "--use-gocsi=false" + {{- end }} + imagePullPolicy: "Always" + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: MAX_VOLUMES_PER_NODE + value: "59" # Maximum number of volumes that controller can publish to the node. If value is not set or zero Kubernetes decide how many volumes can be published by the controller to the node. + - name: X_CSI_MODE + value: "node" + - name: X_CSI_SPEC_REQ_VALIDATION + value: "false" + - name: X_CSI_SPEC_DISABLE_LEN_CHECK + value: "true" + - name: LOGGER_LEVEL + value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION + - name: CSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES + value: "1" + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + volumeMounts: + - name: plugin-dir + mountPath: /csi + - name: pods-mount-dir + mountPath: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet + # needed so that any mounts setup inside this container are + # propagated back to the host machine. + mountPropagation: "Bidirectional" + - name: device-dir + mountPath: /dev + - name: blocks-dir + mountPath: /sys/block + - name: sys-devices-dir + mountPath: /sys/devices + ports: + - name: healthz + containerPort: 9808 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + timeoutSeconds: 5 + periodSeconds: 5 + failureThreshold: 3 + - name: liveness-probe + image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.livenessProbe.repository }}:{{ .Values.csiNode.image.livenessProbe.tag }}" + args: + - "--v=4" + - "--csi-address=/csi/csi.sock" + volumeMounts: + - name: plugin-dir + mountPath: /csi + volumes: + - name: registration-dir + hostPath: + path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins_registry + type: Directory + - name: plugin-dir + hostPath: + path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet/plugins/csi.vsphere.vmware.com + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: {{ .Values.csiNode.prefixPath }}/var/lib/kubelet + type: Directory + - name: device-dir + hostPath: + path: /dev + - name: blocks-dir + hostPath: + path: /sys/block + type: Directory + - name: sys-devices-dir + hostPath: + path: /sys/devices + type: Directory diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/role-binding.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/role-binding.yaml new file mode 100644 index 0000000000..c968ef0a79 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/role-binding.yaml @@ -0,0 +1,28 @@ +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-node-binding + namespace: {{ .Release.Namespace }} +subjects: + - kind: ServiceAccount + name: vsphere-csi-node + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: vsphere-csi-node-role + apiGroup: rbac.authorization.k8s.io + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-node-cluster-role-binding +subjects: + - kind: ServiceAccount + name: vsphere-csi-node + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: vsphere-csi-node-cluster-role + apiGroup: rbac.authorization.k8s.io diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/role.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/role.yaml new file mode 100644 index 0000000000..74546d0a5e --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/role.yaml @@ -0,0 +1,25 @@ +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-node-role + namespace: {{ .Release.Namespace }} +rules: + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: vsphere-csi-node-cluster-role +rules: + - apiGroups: ["cns.vmware.com"] + resources: ["csinodetopologies"] +{{- if semverCompare ">= 1.21" $.Capabilities.KubeVersion.Version }} + verbs: ["create", "watch", "get", "patch"] +{{- else }} + verbs: ["create", "watch"] +{{- end }} + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get"] diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/service-account.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/service-account.yaml new file mode 100644 index 0000000000..d2d452876e --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/service-account.yaml @@ -0,0 +1,5 @@ +kind: ServiceAccount +apiVersion: v1 +metadata: + name: vsphere-csi-node + namespace: {{ .Release.Namespace }} diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/windows-daemonset.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/windows-daemonset.yaml new file mode 100644 index 0000000000..4ae7faec8d --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/node/windows-daemonset.yaml @@ -0,0 +1,167 @@ +{{- if .Values.csiWindowsSupport.enabled }} +{{- template "applyVersionOverrides" . -}} +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: vsphere-csi-node-windows + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + app: vsphere-csi-node-windows + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + template: + metadata: + labels: + app: vsphere-csi-node-windows + role: vsphere-csi-windows + spec: + nodeSelector: + kubernetes.io/os: windows + {{- if .Values.csiNode.tolerations }} + tolerations: + {{- with .Values.csiNode.tolerations }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- else }} + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + # Rancher specific change: These tolerations are added to account for RKE1 and RKE2 taints + - key: node-role.kubernetes.io/controlplane + effect: NoSchedule + value: "true" + - key: node-role.kubernetes.io/control-plane + effect: NoSchedule + operator: Exists + - key: node-role.kubernetes.io/etcd + effect: NoExecute + operator: Exists + {{- end }} + serviceAccountName: vsphere-csi-node + containers: + - name: node-driver-registrar + image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.nodeDriverRegistrar.repository }}:{{ .Values.csiNode.image.nodeDriverRegistrar.tag }}" + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + {{- if semverCompare "< 1.24" $.Capabilities.KubeVersion.Version }} + - "--health-port=9809" + {{- end }} + env: + - name: ADDRESS + value: 'unix://C:\\csi\\csi.sock' + - name: DRIVER_REG_SOCK_PATH + value: {{ .Values.csiNode.prefixPath }}'\\var\\lib\\kubelet\\plugins\\csi.vsphere.vmware.com\\csi.sock' + volumeMounts: + - name: plugin-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + livenessProbe: + exec: + command: + - /csi-node-driver-registrar.exe + - --kubelet-registration-path=C:\\var\\lib\\kubelet\\plugins\\csi.vsphere.vmware.com\\csi.sock + - --mode=kubelet-registration-probe + initialDelaySeconds: 3 + - name: vsphere-csi-node + image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.repository }}:{{ .Values.csiNode.image.tag }}" + args: + - "--fss-name=internal-feature-states.csi.vsphere.vmware.com" + - "--fss-namespace=$(CSI_NAMESPACE)" + imagePullPolicy: "Always" + env: + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: CSI_ENDPOINT + value: 'unix://C:\\csi\\csi.sock' + - name: MAX_VOLUMES_PER_NODE + value: "0" # Maximum number of volumes that controller can publish to the node. If value is not set or zero Kubernetes decide how many volumes can be published by the controller to the node. + - name: X_CSI_MODE + value: node + - name: X_CSI_SPEC_REQ_VALIDATION + value: 'false' + - name: X_CSI_SPEC_DISABLE_LEN_CHECK + value: "true" + - name: LOGGER_LEVEL + value: "PRODUCTION" # Options: DEVELOPMENT, PRODUCTION + - name: X_CSI_LOG_LEVEL + value: DEBUG + - name: CSI_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODEGETINFO_WATCH_TIMEOUT_MINUTES + value: "1" + volumeMounts: + - name: plugin-dir + mountPath: 'C:\csi' + - name: pods-mount-dir + mountPath: 'C:\var\lib\kubelet' + - name: csi-proxy-volume-v1 + mountPath: \\.\pipe\csi-proxy-volume-v1 + - name: csi-proxy-filesystem-v1 + mountPath: \\.\pipe\csi-proxy-filesystem-v1 + - name: csi-proxy-disk-v1 + mountPath: \\.\pipe\csi-proxy-disk-v1 + - name: csi-proxy-system-v1alpha1 + mountPath: \\.\pipe\csi-proxy-system-v1alpha1 + ports: + - name: healthz + containerPort: 9808 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 10 + timeoutSeconds: 5 + periodSeconds: 5 + failureThreshold: 3 + - name: liveness-probe + image: "{{ template "system_default_registry" . }}{{ .Values.csiNode.image.livenessProbe.repository }}:{{ .Values.csiNode.image.livenessProbe.tag }}" + args: + - "--v=4" + - "--csi-address=/csi/csi.sock" + volumeMounts: + - name: plugin-dir + mountPath: /csi + volumes: + - name: registration-dir + hostPath: + path: 'C:\var\lib\kubelet\plugins_registry\' + type: Directory + - name: plugin-dir + hostPath: + path: 'C:\var\lib\kubelet\plugins\csi.vsphere.vmware.com\' + type: DirectoryOrCreate + - name: pods-mount-dir + hostPath: + path: \var\lib\kubelet + type: Directory + - name: csi-proxy-disk-v1 + hostPath: + path: \\.\pipe\csi-proxy-disk-v1 + type: '' + - name: csi-proxy-volume-v1 + hostPath: + path: \\.\pipe\csi-proxy-volume-v1 + type: '' + - name: csi-proxy-filesystem-v1 + hostPath: + path: \\.\pipe\csi-proxy-filesystem-v1 + type: '' + - name: csi-proxy-system-v1alpha1 + hostPath: + path: \\.\pipe\csi-proxy-system-v1alpha1 + type: '' +{{ end }} diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/secret.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/secret.yaml new file mode 100644 index 0000000000..2a8c530257 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/secret.yaml @@ -0,0 +1,9 @@ +{{- if .Values.vCenter.configSecret.generate -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.vCenter.configSecret.name }} + namespace: {{ .Release.Namespace }} +data: + csi-vsphere.conf: {{ tpl .Values.vCenter.configSecret.configTemplate . | b64enc | quote }} +{{- end -}} diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/storageclass.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/storageclass.yaml new file mode 100644 index 0000000000..30dfbd46a9 --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/templates/storageclass.yaml @@ -0,0 +1,17 @@ +{{- if .Values.storageClass.enabled -}} +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: {{ .Values.storageClass.name | quote }} + annotations: + storageclass.kubernetes.io/is-default-class: {{ .Values.storageClass.isDefault | quote }} +provisioner: csi.vsphere.vmware.com +allowVolumeExpansion: {{ .Values.storageClass.allowVolumeExpansion }} +parameters: + {{- if .Values.storageClass.datastoreURL }} + datastoreURL: {{ .Values.storageClass.datastoreURL | quote }} + {{- end }} + {{- if .Values.storageClass.storagePolicyName }} + storagepolicyname: {{ .Values.storageClass.storagePolicyName | quote }} + {{- end }} +{{- end -}} diff --git a/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/values.yaml b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/values.yaml new file mode 100644 index 0000000000..58f82fa7af --- /dev/null +++ b/charts/rancher-vsphere-csi/103.0.0+up3.0.2-rancher1/values.yaml @@ -0,0 +1,300 @@ +vCenter: + host: "" + port: 443 + insecureFlag: "1" + clusterId: "" + datacenters: "" + username: "" + password: "" + configSecret: + name: "vsphere-config-secret" + generate: true + configTemplate: | + [Global] + cluster-id = {{ required ".Values.vCenter.clusterId must be provided" (default .Values.vCenter.clusterId .Values.global.cattle.clusterId) | quote }} + user = {{ .Values.vCenter.username | quote }} + password = {{ .Values.vCenter.password | quote }} + port = {{ .Values.vCenter.port | quote }} + insecure-flag = {{ .Values.vCenter.insecureFlag | quote }} + + [VirtualCenter {{ .Values.vCenter.host | quote }}] + datacenters = {{ .Values.vCenter.datacenters | quote }} + +csiController: + csiResizer: + enabled: false + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: latest + csiAttacher: + repository: rancher/mirrored-sig-storage-csi-attacher + tag: latest + csiResizer: + repository: rancher/mirrored-sig-storage-csi-resizer + tag: latest + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: latest + vsphereSyncer: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-syncer + tag: latest + csiProvisioner: + repository: rancher/mirrored-sig-storage-csi-provisioner + tag: latest + ## Node labels for pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + # Uncomment below toleration if you need an aggressive pod eviction in case when + # node becomes not-ready or unreachable. Default is 300 seconds if not specified. + tolerations: [] + # - key: node.kubernetes.io/not-ready + # operator: Exists + # effect: NoExecute + # tolerationSeconds: 30 + # - key: node.kubernetes.io/unreachable + # operator: Exists + # effect: NoExecute + # tolerationSeconds: 30 + +# Internal features +csiMigration: + enabled: false +csiAuthCheck: + enabled: false +onlineVolumeExtend: + enabled: false +triggerCsiFullsync: + enabled: false +asyncQueryVolume: + enabled: false +improvedCsiIdempotency: + enabled: false +improvedVolumeTopology: + enabled: false +blockVolumeSnapshot: + enabled: false +csiWindowsSupport: + enabled: false +useCsinodeId: + enabled: true +listVolumes: + enabled: false +pvToBackingdiskobjectidMapping: + enabled: false +cnsmgrSuspendCreateVolume: + enabled: false +topology: + enabled: false +topologyPreferentialDatastores: + enabled: false +maxPvscsiTargetsPerVm: + enabled: false + +csiNode: + ## Node labels for pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## List of node taints to tolerate (requires Kubernetes >= 1.6) + tolerations: [] + prefixPath: "" + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: latest + nodeDriverRegistrar: + repository: rancher/mirrored-sig-storage-csi-node-driver-registrar + tag: latest + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: latest + +storageClass: + enabled: true + allowVolumeExpansion: false + name: "vsphere-csi-sc" + isDefault: true + storagePolicyName: "" + datastoreURL: "" + +global: + cattle: + systemDefaultRegistry: "" + +# A list of Semver constraint strings (defined by https://github.com/Masterminds/semver) and values.yaml overrides. +# +# For each key in versionOverrides, this chart will check to see if the current Kubernetes cluster's version matches +# any of the semver constraints provided as keys on the map. +# +# On seeing a match, the default value for each values.yaml field overridden will be updated with the new value. +# +# If multiple matches are encountered (due to overlapping semver ranges), the matches will be applied in order. +# +# Notes: +# - On running a helm template, Helm uses the `.Capabilities.APIVersion` of whatever +# Kubernetes release that version of Helm was built against. +# - On running a helm install --dry-run, the correct kubeVersion should be chosen. +# +# Supported versions can be found at: +# https://docs.vmware.com/en/VMware-vSphere-Container-Storage-Plug-in/3.0/vmware-vsphere-csp-getting-started/GUID-D4AAD99E-9128-40CE-B89C-AD451DA8379D.html#kubernetes-versions-compatible-with-vsphere-container-storage-plugin-1 +versionOverrides: + # Versions from https://github.com/kubernetes-sigs/vsphere-csi-driver/blob/release-3.0/manifests/vanilla/vsphere-csi-driver.yaml + - constraint: ">= 1.24 < 1.28" + values: + csiController: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v3.0.2 + csiAttacher: + repository: rancher/mirrored-sig-storage-csi-attacher + tag: v4.2.0 + csiResizer: + repository: rancher/mirrored-sig-storage-csi-resizer + tag: v1.7.0 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.9.0 + vsphereSyncer: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-syncer + tag: v3.0.2 + csiProvisioner: + repository: rancher/mirrored-sig-storage-csi-provisioner + tag: v3.4.0 + csiNode: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v3.0.2 + nodeDriverRegistrar: + repository: rancher/mirrored-sig-storage-csi-node-driver-registrar + tag: v2.7.0 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.9.0 + # Versions from https://github.com/kubernetes-sigs/vsphere-csi-driver/blob/release-2.7/manifests/vanilla/vsphere-csi-driver.yaml + - constraint: "~ 1.23" + values: + csiController: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v2.7.2 + csiAttacher: + repository: rancher/mirrored-sig-storage-csi-attacher + tag: v3.5.0 + csiResizer: + repository: rancher/mirrored-sig-storage-csi-resizer + tag: v1.6.0 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.8.0 + vsphereSyncer: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-syncer + tag: v2.7.2 + csiProvisioner: + repository: rancher/mirrored-sig-storage-csi-provisioner + tag: v3.3.0 + csiNode: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v2.7.2 + nodeDriverRegistrar: + repository: rancher/mirrored-sig-storage-csi-node-driver-registrar + tag: v2.6.2 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.8.0 + # Versions from https://github.com/kubernetes-sigs/vsphere-csi-driver/blob/release-2.6/manifests/vanilla/vsphere-csi-driver.yaml + - constraint: "~ 1.22" + values: + csiController: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v2.6.3 + csiAttacher: + repository: rancher/mirrored-sig-storage-csi-attacher + tag: v3.4.0 + csiResizer: + repository: rancher/mirrored-sig-storage-csi-resizer + tag: v1.4.0 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.7.0 + vsphereSyncer: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-syncer + tag: v2.6.3 + csiProvisioner: + repository: rancher/mirrored-sig-storage-csi-provisioner + tag: v3.2.1 + csiNode: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v2.6.3 + nodeDriverRegistrar: + repository: rancher/mirrored-sig-storage-csi-node-driver-registrar + tag: v2.5.1 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.7.0 + # Versions from https://github.com/kubernetes-sigs/vsphere-csi-driver/blob/release-2.5/manifests/vanilla/vsphere-csi-driver.yaml + - constraint: "~ 1.21" + values: + csiController: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v2.5.4 + csiAttacher: + repository: rancher/mirrored-sig-storage-csi-attacher + tag: v3.4.0 + csiResizer: + repository: rancher/mirrored-sig-storage-csi-resizer + tag: v1.4.0 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.6.0 + vsphereSyncer: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-syncer + tag: v2.5.4 + csiProvisioner: + repository: rancher/mirrored-sig-storage-csi-provisioner + tag: v3.1.0 + csiNode: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v2.5.4 + nodeDriverRegistrar: + repository: rancher/mirrored-sig-storage-csi-node-driver-registrar + tag: v2.5.0 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.6.0 + # Versions from https://github.com/kubernetes-sigs/vsphere-csi-driver/blob/release-2.4/manifests/vanilla/vsphere-csi-driver.yaml + - constraint: "~ 1.20" + values: + csiController: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v2.4.3 + csiAttacher: + repository: rancher/mirrored-sig-storage-csi-attacher + tag: v3.3.0 + csiResizer: + repository: rancher/mirrored-sig-storage-csi-resizer + tag: v1.3.0 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.4.0 + vsphereSyncer: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-syncer + tag: v2.4.3 + csiProvisioner: + repository: rancher/mirrored-sig-storage-csi-provisioner + tag: v3.0.0 + csiNode: + image: + repository: rancher/mirrored-cloud-provider-vsphere-csi-release-driver + tag: v2.4.3 + nodeDriverRegistrar: + repository: rancher/mirrored-sig-storage-csi-node-driver-registrar + tag: v2.3.0 + livenessProbe: + repository: rancher/mirrored-sig-storage-livenessprobe + tag: v2.4.0 diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/Chart.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/Chart.yaml new file mode 100644 index 0000000000..f83132fa37 --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/Chart.yaml @@ -0,0 +1,18 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.27.0-0' + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' + catalog.cattle.io/release-name: rancher-webhook +apiVersion: v2 +appVersion: 0.3.6 +dependencies: +- condition: capi.enabled + name: capi + repository: "" +description: ValidatingAdmissionWebhook for Rancher types +name: rancher-webhook +version: 2.0.6+up0.3.6 diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/charts/capi/Chart.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/charts/capi/Chart.yaml new file mode 100644 index 0000000000..388210bef1 --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/charts/capi/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v2 +appVersion: 0.0.0 +name: capi +version: 0.0.0 diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/charts/capi/templates/service.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/charts/capi/templates/service.yaml new file mode 100644 index 0000000000..de7c255c4e --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/charts/capi/templates/service.yaml @@ -0,0 +1,13 @@ +kind: Service +apiVersion: v1 +metadata: + name: webhook-service + annotations: + need-a-cert.cattle.io/secret-name: rancher-webhook-tls +spec: + ports: + - name: https + port: 443 + targetPort: {{ .Values.port | default 8777 }} + selector: + app: rancher-webhook diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/templates/_helpers.tpl b/charts/rancher-webhook/2.0.6+up0.3.6/templates/_helpers.tpl new file mode 100644 index 0000000000..c37a65c6f3 --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/templates/_helpers.tpl @@ -0,0 +1,22 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{- define "rancher-webhook.labels" -}} +app: rancher-webhook +{{- end }} + +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +kubernetes.io/os: linux +{{- end -}} \ No newline at end of file diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/templates/deployment.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/templates/deployment.yaml new file mode 100644 index 0000000000..13738feae0 --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/templates/deployment.yaml @@ -0,0 +1,83 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: rancher-webhook +spec: + selector: + matchLabels: + app: rancher-webhook + template: + metadata: + labels: + app: rancher-webhook + spec: + {{- if .Values.capi.enabled }} + volumes: + - name: tls + secret: + secretName: rancher-webhook-tls + {{- end }} + {{- if .Values.global.hostNetwork }} + hostNetwork: true + {{- end }} + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + tolerations: {{ include "linux-node-tolerations" . | nindent 6 }} + {{- if .Values.tolerations }} +{{ toYaml .Values.tolerations | indent 6 }} + {{- end }} + containers: + - env: + - name: STAMP + value: "{{.Values.stamp}}" + - name: ENABLE_CAPI + value: "{{.Values.capi.enabled}}" + - name: ENABLE_MCM + value: "{{.Values.mcm.enabled}}" + - name: CATTLE_PORT + value: {{.Values.port | default 9443 | quote}} + - name: CATTLE_CAPI_PORT + value: {{.Values.capi.port | default 8777 | quote}} + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}' + name: rancher-webhook + imagePullPolicy: "{{ .Values.image.imagePullPolicy }}" + ports: + - name: https + containerPort: {{ .Values.port | default 9443 }} + - name: capi-https + containerPort: {{ .Values.capi.port | default 8777}} + startupProbe: + httpGet: + path: "/healthz" + port: "https" + scheme: "HTTPS" + failureThreshold: 60 + periodSeconds: 5 + livenessProbe: + httpGet: + path: "/healthz" + port: "https" + scheme: "HTTPS" + periodSeconds: 5 + {{- if .Values.capi.enabled }} + volumeMounts: + - name: tls + mountPath: /tmp/k8s-webhook-server/serving-certs + {{- end }} + {{- if .Values.capNetBindService }} + securityContext: + capabilities: + add: + - NET_BIND_SERVICE + {{- end }} + serviceAccountName: rancher-webhook + {{- if .Values.priorityClassName }} + priorityClassName: "{{.Values.priorityClassName}}" + {{- end }} + \ No newline at end of file diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/templates/rbac.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/templates/rbac.yaml new file mode 100644 index 0000000000..f4364995c0 --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/templates/rbac.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: rancher-webhook +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: rancher-webhook + namespace: {{.Release.Namespace}} \ No newline at end of file diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/templates/service.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/templates/service.yaml new file mode 100644 index 0000000000..220afebeae --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/templates/service.yaml @@ -0,0 +1,13 @@ +kind: Service +apiVersion: v1 +metadata: + name: rancher-webhook + namespace: cattle-system +spec: + ports: + - port: 443 + targetPort: {{ .Values.port | default 9443 }} + protocol: TCP + name: https + selector: + app: rancher-webhook diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/templates/serviceaccount.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/templates/serviceaccount.yaml new file mode 100644 index 0000000000..9e7ad7e1fe --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/templates/serviceaccount.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: rancher-webhook +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: rancher-webhook-sudo + annotations: + cattle.io/description: "SA which can be impersonated to bypass rancher-webhook validation" \ No newline at end of file diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/templates/webhook.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/templates/webhook.yaml new file mode 100644 index 0000000000..53a0687b6f --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/templates/webhook.yaml @@ -0,0 +1,9 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: rancher.cattle.io +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: rancher.cattle.io diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/tests/README.md b/charts/rancher-webhook/2.0.6+up0.3.6/tests/README.md new file mode 100644 index 0000000000..6d3059a005 --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/tests/README.md @@ -0,0 +1,16 @@ + +## local dev testing instructions + +Option 1: Full chart CI run with a live cluster + +```bash +./scripts/charts/ci +``` + +Option 2: Test runs against the chart only + +```bash +# install the helm plugin first - helm plugin install https://github.com/helm-unittest/helm-unittest.git +bash dev-scripts/helm-unittest.sh +``` + diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/tests/capi-service_test.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/tests/capi-service_test.yaml new file mode 100644 index 0000000000..4ee94a84a4 --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/tests/capi-service_test.yaml @@ -0,0 +1,20 @@ +suite: Test Service +templates: + - charts/capi/templates/service.yaml +tests: + - it: should set webhook default port values + set: + capi.enabled: true + asserts: + - equal: + path: spec.ports[0].targetPort + value: 8777 + + - it: should set updated target port + set: + capi.port: 2319 + capi.enabled: true + asserts: + - equal: + path: spec.ports[0].targetPort + value: 2319 diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/tests/deployment_test.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/tests/deployment_test.yaml new file mode 100644 index 0000000000..66a74d4e5f --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/tests/deployment_test.yaml @@ -0,0 +1,62 @@ +suite: Test Deployment +templates: + - deployment.yaml + +tests: + - it: should set webhook default port values + asserts: + - equal: + path: spec.template.spec.containers[0].ports[0].containerPort + value: 9443 + - equal: + path: spec.template.spec.containers[0].ports[1].containerPort + value: 8777 + - contains: + path: spec.template.spec.containers[0].env + content: + name: CATTLE_PORT + value: "9443" + - contains: + path: spec.template.spec.containers[0].env + content: + name: CATTLE_CAPI_PORT + value: "8777" + + - it: should set updated webhook port + set: + port: 2319 + asserts: + - equal: + path: spec.template.spec.containers[0].ports[0].containerPort + value: 2319 + - contains: + path: spec.template.spec.containers[0].env + content: + name: CATTLE_PORT + value: "2319" + + - it: should set updated capi port + set: + capi.port: 2319 + asserts: + - equal: + path: spec.template.spec.containers[0].ports[1].containerPort + value: 2319 + - contains: + path: spec.template.spec.containers[0].env + content: + name: CATTLE_CAPI_PORT + value: "2319" + + - it: should not set capabilities by default. + asserts: + - isNull: + path: spec.template.spec.containers[0].securityContext + + - it: should set net capabilities when capNetBindService is true. + set: + capNetBindService: true + asserts: + - contains: + path: spec.template.spec.containers[0].securityContext.capabilities.add + content: NET_BIND_SERVICE diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/tests/service_test.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/tests/service_test.yaml new file mode 100644 index 0000000000..03172ad033 --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/tests/service_test.yaml @@ -0,0 +1,18 @@ +suite: Test Service +templates: + - service.yaml + +tests: + - it: should set webhook default port values + asserts: + - equal: + path: spec.ports[0].targetPort + value: 9443 + + - it: should set updated target port + set: + port: 2319 + asserts: + - equal: + path: spec.ports[0].targetPort + value: 2319 diff --git a/charts/rancher-webhook/2.0.6+up0.3.6/values.yaml b/charts/rancher-webhook/2.0.6+up0.3.6/values.yaml new file mode 100644 index 0000000000..1adbd283f9 --- /dev/null +++ b/charts/rancher-webhook/2.0.6+up0.3.6/values.yaml @@ -0,0 +1,26 @@ +image: + repository: rancher/rancher-webhook + tag: v0.3.6 + imagePullPolicy: IfNotPresent + +global: + cattle: + systemDefaultRegistry: "" + hostNetwork: false + +capi: + enabled: false + port: 8777 + +mcm: + enabled: true + +# tolerations for the webhook deployment. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ for more info +tolerations: [] +nodeSelector: {} + +## PriorityClassName assigned to deployment. +priorityClassName: "" + +# port assigns which port to use when running rancher-webhook +port: 9443 diff --git a/index.yaml b/index.yaml index d242c7efe6..f77be492b7 100755 --- a/index.yaml +++ b/index.yaml @@ -1,5 +1,46 @@ apiVersion: v1 entries: + elemental: + - annotations: + catalog.cattle.io/auto-install: elemental-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Elemental + catalog.cattle.io/kube-version: '>= 1.23.0-0' + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/provides-gvr: elemental.cattle.io/v1beta1 + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: elemental-operator + catalog.cattle.io/scope: management + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 1.3.4 + apiVersion: v2 + appVersion: 1.3.4 + created: "2023-10-09T11:59:28.169826066+02:00" + description: Elemental provides Cloud Native OS Management for Cluster Nodes. + digest: 96de208abc03a5506206325ed4f80de06abd1dd8520a98ac48d5673bd780c673 + icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg + name: elemental + urls: + - assets/elemental/elemental-103.0.0+up1.3.4.tgz + version: 103.0.0+up1.3.4 + elemental-crd: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/release-name: elemental-operator-crds + apiVersion: v2 + appVersion: 1.3.4 + created: "2023-10-09T11:59:29.728109125+02:00" + description: A Helm chart for deploying Rancher Elemental Operator CRDs + digest: 832419128610fa1055f23b5b4791c9e6ed5c6178f249435ea0671359a6327e5e + name: elemental-crd + type: application + urls: + - assets/elemental-crd/elemental-crd-103.0.0+up1.3.4.tgz + version: 103.0.0+up1.3.4 epinio: - annotations: artifacthub.io/license: Apache-2.0 @@ -13590,6 +13631,36 @@ entries: - assets/rancher-tracing/rancher-tracing-1.20.001.tgz version: 1.20.001 rancher-vsphere-cpi: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: vSphere CPI + catalog.cattle.io/kube-version: '>= 1.18.0-0 < 1.28.0-0' + catalog.cattle.io/namespace: kube-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: vsphere-cpi + apiVersion: v1 + appVersion: 1.6.0 + created: "2023-09-07T09:37:19.135692-04:00" + description: vSphere Cloud Provider Interface (CPI) + digest: 47f47ed50dd24d7f4a16e87ed12782c05c0100d37c69223c1c4bdfe3800aead2 + icon: https://charts.rancher.io/assets/logos/vsphere-cpi.svg + keywords: + - infrastructure + maintainers: + - email: jiaqi.luo@suse.com + name: Jiaqi Luo + - email: anna.blendermann@suse.com + name: Andy Blendermann + - email: brad.davidson@suse.com + name: Brad Davidson + name: rancher-vsphere-cpi + sources: + - https://github.com/kubernetes/cloud-provider-vsphere + urls: + - assets/rancher-vsphere-cpi/rancher-vsphere-cpi-103.0.0+up1.6.0.tgz + version: 103.0.0+up1.6.0 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/display-name: vSphere CPI @@ -13928,6 +13999,36 @@ entries: - assets/rancher-vsphere-cpi/rancher-vsphere-cpi-1.0.000.tgz version: 1.0.000 rancher-vsphere-csi: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: vSphere CSI + catalog.cattle.io/kube-version: '>= 1.20.0-0 < 1.28.0-0' + catalog.cattle.io/namespace: kube-system + catalog.cattle.io/os: linux,windows + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: vsphere-csi + apiVersion: v1 + appVersion: 3.0.2-rancher1 + created: "2023-09-07T09:37:07.463824-04:00" + description: vSphere Cloud Storage Interface (CSI) + digest: f87aa3925fbb08742e20aa331bb6f2a8a15718c9ae997139ba2c1ae314b53359 + icon: https://charts.rancher.io/assets/logos/vsphere-csi.svg + keywords: + - infrastructure + maintainers: + - email: jiaqi.luo@suse.com + name: Jiaqi Luo + - email: anna.blendermann@suse.com + name: Andy Blendermann + - email: brad.davidson@suse.com + name: Brad Davidson + name: rancher-vsphere-csi + sources: + - https://github.com/kubernetes-sigs/vsphere-csi-driver + urls: + - assets/rancher-vsphere-csi/rancher-vsphere-csi-103.0.0+up3.0.2-rancher1.tgz + version: 103.0.0+up3.0.2-rancher1 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/display-name: vSphere CSI @@ -14287,6 +14388,28 @@ entries: urls: - assets/rancher-webhook/rancher-webhook-103.0.0+up0.4.0.tgz version: 103.0.0+up0.4.0 + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.27.0-0' + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' + catalog.cattle.io/release-name: rancher-webhook + apiVersion: v2 + appVersion: 0.3.6 + created: "2023-09-21T15:21:33.124045-07:00" + dependencies: + - condition: capi.enabled + name: capi + repository: "" + description: ValidatingAdmissionWebhook for Rancher types + digest: 473a395b9956a71b8ba41786ca3daab8f13911854e87f3d9571524ac5e7729eb + name: rancher-webhook + urls: + - assets/rancher-webhook/rancher-webhook-2.0.6+up0.3.6.tgz + version: 2.0.6+up0.3.6 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/hidden: "true" diff --git a/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch b/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch new file mode 100644 index 0000000000..ceabb32366 --- /dev/null +++ b/packages/elemental/elemental-crd/generated-changes/patch/Chart.yaml.patch @@ -0,0 +1,13 @@ +--- charts-original/Chart.yaml ++++ charts/Chart.yaml +@@ -4,7 +4,8 @@ + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/release-name: elemental-operator-crds + apiVersion: v2 +-appVersion: v1.3.4 ++appVersion: 1.3.4 + description: A Helm chart for deploying Rancher Elemental Operator CRDs +-name: elemental-operator-crds ++name: elemental-crd ++type: application + version: 1.3.4 diff --git a/packages/elemental/elemental-crd/package.yaml b/packages/elemental/elemental-crd/package.yaml new file mode 100644 index 0000000000..ab086e0f66 --- /dev/null +++ b/packages/elemental/elemental-crd/package.yaml @@ -0,0 +1,2 @@ +url: https://github.com/rancher/elemental-operator/releases/download/v1.3.4/elemental-operator-crds-1.3.4.tgz +version: 103.0.0 diff --git a/packages/elemental/elemental/generated-changes/overlay/app-readme.md b/packages/elemental/elemental/generated-changes/overlay/app-readme.md new file mode 100644 index 0000000000..c66b1bbb04 --- /dev/null +++ b/packages/elemental/elemental/generated-changes/overlay/app-readme.md @@ -0,0 +1,5 @@ +# Elemental + +Elemental brings to Rancher the ability to install and manage the OS of bare metal and virtualized machines. + +For more information on how to deploy an Elemental Cluster, follow the [official documentation](https://elemental.docs.rancher.com/). diff --git a/packages/elemental/elemental/generated-changes/overlay/questions.yaml b/packages/elemental/elemental/generated-changes/overlay/questions.yaml new file mode 100644 index 0000000000..7aa97a85c2 --- /dev/null +++ b/packages/elemental/elemental/generated-changes/overlay/questions.yaml @@ -0,0 +1,27 @@ +questions: +- variable: channel.defaultChannel + default: "true" + description: "Provide an Elemental OS Channel container image" + label: Elemental OS Channel + type: boolean + show_subquestion_if: true + group: "Elemental OS Channel" + subquestions: + - variable: channel.repository + default: registry.suse.com/rancher/elemental-teal-channel + description: "Specify Elemental OS channel repository" + type: string + label: Elemental OS Channel Repository + group: "Elemental OS Channel" + - variable: channel.tag + default: "1.3.4" + description: "Specify Elemental OS channel tag" + type: string + label: "Elemental OS Channel Tag" + group: "Elemental OS Channel" +- variable: debug + default: "false" + description: "Enable debug logging in the Elemental operator" + type: boolean + label: "Enable Debug Logging" + group: "Logging" diff --git a/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch b/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch new file mode 100644 index 0000000000..b79e330e26 --- /dev/null +++ b/packages/elemental/elemental/generated-changes/patch/Chart.yaml.patch @@ -0,0 +1,27 @@ +--- charts-original/Chart.yaml ++++ charts/Chart.yaml +@@ -2,18 +2,19 @@ + catalog.cattle.io/auto-install: elemental-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Elemental +- catalog.cattle.io/kube-version: '>= 1.23.0-0 < 1.28.0-0' ++ catalog.cattle.io/kube-version: '>= 1.23.0-0' + catalog.cattle.io/namespace: cattle-elemental-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/provides-gvr: elemental.cattle.io/v1beta1 +- catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' ++ catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: elemental-operator + catalog.cattle.io/scope: management + catalog.cattle.io/type: cluster-tool ++ catalog.cattle.io/upstream-version: 1.3.4 + apiVersion: v2 +-appVersion: v1.3.4 +-description: Rancher Elemental Operator ++appVersion: 1.3.4 ++description: Elemental provides Cloud Native OS Management for Cluster Nodes. + icon: https://raw.githubusercontent.com/rancher/elemental/main/logo/icon-elemental.svg +-name: elemental-operator ++name: elemental + version: 1.3.4 diff --git a/packages/elemental/elemental/generated-changes/patch/templates/channel.yaml.patch b/packages/elemental/elemental/generated-changes/patch/templates/channel.yaml.patch new file mode 100644 index 0000000000..78068d59d8 --- /dev/null +++ b/packages/elemental/elemental/generated-changes/patch/templates/channel.yaml.patch @@ -0,0 +1,15 @@ +--- charts-original/templates/channel.yaml ++++ charts/templates/channel.yaml +@@ -2,10 +2,10 @@ + apiVersion: elemental.cattle.io/v1beta1 + kind: ManagedOSVersionChannel + metadata: +- name: elemental-teal-channel ++ name: elemental-os-channel + namespace: fleet-default + spec: + options: +- image: {{ template "registry_url" . }}{{ .Values.channel.repository }}:{{ .Values.channel.tag }} ++ image: {{ .Values.channel.repository }}:{{ .Values.channel.tag }} + type: custom + {{ end }} diff --git a/packages/elemental/elemental/generated-changes/patch/values.yaml.patch b/packages/elemental/elemental/generated-changes/patch/values.yaml.patch new file mode 100644 index 0000000000..9c247664f3 --- /dev/null +++ b/packages/elemental/elemental/generated-changes/patch/values.yaml.patch @@ -0,0 +1,51 @@ +--- charts-original/values.yaml ++++ charts/values.yaml +@@ -1,32 +1,40 @@ + image: + empty: rancher/pause:3.1 +- repository: "elemental-operator" +- tag: v1.3.4 ++ repository: "rancher/mirrored-elemental-operator" ++ tag: "1.3.4" + imagePullPolicy: IfNotPresent ++ + seedImage: +- repository: "elemental-seedimage" +- tag: v1.3.4 ++ repository: "rancher/mirrored-elemental-seedimage-builder" ++ tag: "1.3.4" + imagePullPolicy: IfNotPresent +-#channel: +-# repository: rancher/elemental-teal-channel +-# tag: latest ++ ++channel: ++ repository: "" ++ tag: "" + + # number of operator replicas to deploy + replicas: 1 ++ + # http[s] proxy server + # proxy: http://@:: + + # comma separated list of domains or ip addresses that will not use the proxy + noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local ++ + global: + cattle: + systemDefaultRegistry: "" ++ + # used only if systemDefaultRegistry is empty +-registryUrl: "quay.io/costoolkit" ++registryUrl: "" ++ + # enable debug output for operator + debug: false ++ + nodeSelector: + kubernetes.io/os: linux ++ + tolerations: + - key: cattle.io/os + operator: "Equal" diff --git a/packages/elemental/elemental/package.yaml b/packages/elemental/elemental/package.yaml new file mode 100644 index 0000000000..06134f2813 --- /dev/null +++ b/packages/elemental/elemental/package.yaml @@ -0,0 +1,2 @@ +url: https://github.com/rancher/elemental-operator/releases/download/v1.3.4/elemental-operator-1.3.4.tgz +version: 103.0.0 diff --git a/packages/rancher-vsphere/rancher-vsphere-cpi/generated-changes/patch/Chart.yaml.patch b/packages/rancher-vsphere/rancher-vsphere-cpi/generated-changes/patch/Chart.yaml.patch index 09570840a8..53af68b4e0 100644 --- a/packages/rancher-vsphere/rancher-vsphere-cpi/generated-changes/patch/Chart.yaml.patch +++ b/packages/rancher-vsphere/rancher-vsphere-cpi/generated-changes/patch/Chart.yaml.patch @@ -4,12 +4,12 @@ catalog.cattle.io/namespace: kube-system catalog.cattle.io/os: linux catalog.cattle.io/permits-os: linux,windows -- catalog.cattle.io/rancher-version: '>= 2.6.0-0' -+ catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' +- catalog.cattle.io/rancher-version: '>= 2.8.0-0' ++ catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' catalog.cattle.io/release-name: vsphere-cpi apiVersion: v1 --appVersion: 1.26.1 -+appVersion: 1.5.1 +-appVersion: 1.27.0 ++appVersion: 1.6.0 description: vSphere Cloud Provider Interface (CPI) icon: https://charts.rancher.io/assets/logos/vsphere-cpi.svg keywords: diff --git a/packages/rancher-vsphere/rancher-vsphere-cpi/package.yaml b/packages/rancher-vsphere/rancher-vsphere-cpi/package.yaml index 294a84121a..c843e3f4dc 100644 --- a/packages/rancher-vsphere/rancher-vsphere-cpi/package.yaml +++ b/packages/rancher-vsphere/rancher-vsphere-cpi/package.yaml @@ -1,4 +1,4 @@ url: https://github.com/rancher/vsphere-charts.git subdirectory: charts/rancher-vsphere-cpi -commit: 8b8e8cf13e9c971330bf96517fab1deec1f23b05 -version: 102.1.0 +commit: 8e3146aee008aa74618d9676030414317d422c54 +version: 103.0.0 diff --git a/packages/rancher-vsphere/rancher-vsphere-csi/generated-changes/patch/Chart.yaml.patch b/packages/rancher-vsphere/rancher-vsphere-csi/generated-changes/patch/Chart.yaml.patch index f8eaac0d74..2a8568b152 100644 --- a/packages/rancher-vsphere/rancher-vsphere-csi/generated-changes/patch/Chart.yaml.patch +++ b/packages/rancher-vsphere/rancher-vsphere-csi/generated-changes/patch/Chart.yaml.patch @@ -4,8 +4,8 @@ catalog.cattle.io/namespace: kube-system catalog.cattle.io/os: linux,windows catalog.cattle.io/permits-os: linux,windows -- catalog.cattle.io/rancher-version: '>= 2.6.0-0' -+ catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' +- catalog.cattle.io/rancher-version: '>= 2.8.0-0' ++ catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' catalog.cattle.io/release-name: vsphere-csi apiVersion: v1 - appVersion: 3.0.1-rancher1 + appVersion: 3.0.2-rancher1 diff --git a/packages/rancher-vsphere/rancher-vsphere-csi/package.yaml b/packages/rancher-vsphere/rancher-vsphere-csi/package.yaml index a3d63fffb5..233c7615d6 100644 --- a/packages/rancher-vsphere/rancher-vsphere-csi/package.yaml +++ b/packages/rancher-vsphere/rancher-vsphere-csi/package.yaml @@ -1,4 +1,4 @@ url: https://github.com/rancher/vsphere-charts.git subdirectory: charts/rancher-vsphere-csi -commit: 8b8e8cf13e9c971330bf96517fab1deec1f23b05 -version: 102.1.0 +commit: 8e3146aee008aa74618d9676030414317d422c54 +version: 103.0.0 \ No newline at end of file diff --git a/regsync.yaml b/regsync.yaml index 9d60b6967b..68dbd30818 100644 --- a/regsync.yaml +++ b/regsync.yaml @@ -13,6 +13,12 @@ defaults: - application/vnd.oci.image.manifest.v1+json - application/vnd.oci.image.index.v1+json sync: +- source: docker.io/ + target: '{{ env "REGISTRY_ENDPOINT" }}/' + type: repository + tags: + allow: + - - source: docker.io/rancher/aks-operator target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/aks-operator' type: repository @@ -542,9 +548,13 @@ sync: - v1.23.4 - v1.24.3 - v1.24.5 + - v1.24.6 - v1.25.0 - v1.25.2 + - v1.25.3 - v1.26.1 + - v1.26.2 + - v1.27.0 - source: docker.io/rancher/mirrored-cloud-provider-vsphere-csi-release-driver target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-cloud-provider-vsphere-csi-release-driver' type: repository @@ -561,7 +571,9 @@ sync: - v2.6.3 - v2.7.0 - v2.7.1 + - v2.7.2 - v3.0.1 + - v3.0.2 - source: docker.io/rancher/mirrored-cloud-provider-vsphere-csi-release-syncer target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-cloud-provider-vsphere-csi-release-syncer' type: repository @@ -578,7 +590,9 @@ sync: - v2.6.3 - v2.7.0 - v2.7.1 + - v2.7.2 - v3.0.1 + - v3.0.2 - source: docker.io/rancher/mirrored-coredns-coredns target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-coredns-coredns' type: repository @@ -633,6 +647,18 @@ sync: tags: allow: - v0.7.0 +- source: docker.io/rancher/mirrored-elemental-operator + target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-elemental-operator' + type: repository + tags: + allow: + - 1.3.4 +- source: docker.io/rancher/mirrored-elemental-seedimage-builder + target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-elemental-seedimage-builder' + type: repository + tags: + allow: + - 1.3.4 - source: docker.io/rancher/mirrored-epinio-epinio-server target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/mirrored-epinio-epinio-server' type: repository @@ -1478,6 +1504,7 @@ sync: - v0.3.3 - v0.3.4 - v0.3.5 + - v0.3.6 - v0.4.0 - source: docker.io/rancher/security-scan target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/security-scan' diff --git a/release.yaml b/release.yaml index e69de29bb2..b40f552aa7 100644 --- a/release.yaml +++ b/release.yaml @@ -0,0 +1,10 @@ +elemental: + - 103.0.0+up1.3.4 +elemental-crd: + - 103.0.0+up1.3.4 +rancher-webhook: + - 2.0.6+up0.3.6 +rancher-vsphere-csi: + - 103.0.0+up3.0.2-rancher1 +rancher-vsphere-cpi: + - 103.0.0+up1.6.0