dprodanov/Factory
SHA256
1
0
Fork 0
forked from suse-edge/Factory
Code Pull Requests Activity

rancher-turtles-chart: Update to 0.17.0

Browse Source 
Aligns with https://github.com/suse-edge/charts/pull/193
This commit is contained in:
Steven Hardy
2025-03-20 09:58:37 +00:00
committed by Steven Hardy
parent d57078f9d9
commit eacabe4d71
20 changed files with 3446 additions and 813 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
rancher-turtles-chart/templates/addon-provider-fleet.yaml
View File

@@ -10,6 +10,12 @@ metadata:
"helm.sh/hook-weight": "2"
spec:
type: addon
deployment:
containers:
- name: manager
imageUrl: registry.rancher.com/rancher/cluster-api-fleet-controller:v0.6.0
- name: helm-manager
imageUrl: registry.rancher.com/rancher/cluster-api-fleet-controller:v0.6.0
additionalManifests:
name: fleet-addon-config
namespace: '{{ .Values.rancherTurtles.namespace }}'

2
rancher-turtles-chart/templates/deployment.yaml
View File

@@ -26,7 +26,7 @@ spec:
containers:
- args:
- --leader-elect
- --feature-gates=addon-provider-fleet={{ index .Values "rancherTurtles" "features" "addon-provider-fleet" "enabled"}},agent-tls-mode={{ index .Values "rancherTurtles" "features" "agent-tls-mode" "enabled"}}
- --feature-gates=addon-provider-fleet={{ index .Values "rancherTurtles" "features" "addon-provider-fleet" "enabled"}},agent-tls-mode={{ index .Values "rancherTurtles" "features" "agent-tls-mode" "enabled"}},ui-plugin={{ index .Values "turtlesUI" "enabled"}}
{{- range .Values.rancherTurtles.managerArguments }}
- {{ . }}
{{- end }}

20
rancher-turtles-chart/templates/rancher-turtles-components.yaml
View File

@@ -3385,6 +3385,17 @@ rules:
- patch
- update
- watch
- apiGroups:
- catalog.cattle.io
resources:
- uiplugins
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
@@ -3450,6 +3461,15 @@ rules:
- get
- list
- watch
- apiGroups:
- rbac.authorization.k8s.io
resourceNames:
- rancher-turtles-manager-role
resources:
- clusterroles
verbs:
- get
- list
- apiGroups:
- turtles-capi.cattle.io
resources:

793
rancher-turtles-chart/templates/rancher-turtles-exp-clusterclass-components.yaml Normal file
View File

@@ -0,0 +1,793 @@
{{- if index .Values "rancherTurtles" "features" "clusterclass-operations" "enabled" }}
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.1
labels:
turtles-capi.cattle.io: clusterclass
name: clusterupgradegroups.rollout.turtles-capi.cattle.io
spec:
group: rollout.turtles-capi.cattle.io
names:
kind: ClusterUpgradeGroup
listKind: ClusterUpgradeGroupList
plural: clusterupgradegroups
singular: clusterupgradegroup
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterUpgradeGroup is the Schema for the clusterupgrades API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ClusterUpgradeGroupSpec defines the desired state of ClusterUpgradeGroup
properties:
className:
type: string
rolloutStrategy:
description: |-
RolloutStrategy controls the rollout of bundles, by defining
partitions, canaries and percentages for cluster availability.
properties:
rollingUpdate:
description: |-
Rolling update config params. Present only if
RolloutStrategyType = RollingUpdate.
properties:
maxFailures:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of failed attempts before skipping the update for a given
cluster.
x-kubernetes-int-or-string: true
maxRollouts:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of clusters that can be in update state (non-active) during a
rolling update.
x-kubernetes-int-or-string: true
rolloutDelay:
anyOf:
- type: integer
- type: string
description: The delay between subsequent cluster rollouts.
x-kubernetes-int-or-string: true
type: object
type:
description: |-
Type of rollout.
Default is RollingUpdate.
type: string
type: object
targets:
description: Targets refer to the clusters that should be upgraded.
items:
properties:
clusterGroup:
description: ClusterGroup to match a specific cluster group
by name.
nullable: true
type: string
clusterGroupSelector:
description: ClusterGroupSelector is a selector to match cluster
groups.
nullable: true
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
clusterName:
description: |-
ClusterName to match a specific cluster by name that will be
selected
nullable: true
type: string
clusterSelector:
description: |-
ClusterSelector is a selector to match clusters. The structure is
the standard metav1.LabelSelector format. If clusterGroupSelector or
clusterGroup is specified, clusterSelector will be used only to
further refine the selection after clusterGroupSelector and
clusterGroup is evaluated.
nullable: true
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
doNotDeploy:
description: DoNotDeploy if set to true, will not deploy to
this target.
type: boolean
name:
description: |-
Name of target. This value is largely for display and logging. If
not specified a default name of the format "target000" will be used
type: string
type: object
type: array
required:
- className
type: object
status:
description: ClusterUpgradeGroupStatus defines the observed state of ClusterUpgradeGroup
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
labels:
turtles-capi.cattle.io: clusterclass
name: clusterupgrades.rollout.turtles-capi.cattle.io
spec:
group: rollout.turtles-capi.cattle.io
names:
kind: ClusterUpgrade
listKind: ClusterUpgradeList
plural: clusterupgrades
singular: clusterupgrade
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterUpgrade is the Schema for the clusterupgrades API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ClusterUpgradeSpec defines the desired state of ClusterUpgrade
properties:
className:
type: string
rolloutStrategy:
description: |-
RolloutStrategy controls the rollout of bundles, by defining
partitions, canaries and percentages for cluster availability.
properties:
autoPartitionSize:
anyOf:
- type: integer
- type: string
description: |-
A number or percentage of how to automatically partition clusters if no
specific partitioning strategy is configured.
default: 25%
x-kubernetes-int-or-string: true
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
A number or percentage of clusters that can be unavailable during an update
of a bundle. This follows the same basic approach as a deployment rollout
strategy. Once the number of clusters meets unavailable state update will be
paused. Default value is 100% which doesn't take effect on update.
default: 100%
x-kubernetes-int-or-string: true
maxUnavailablePartitions:
anyOf:
- type: integer
- type: string
description: |-
A number or percentage of cluster partitions that can be unavailable during
an update of a bundle.
default: 0
x-kubernetes-int-or-string: true
partitions:
description: |-
A list of definitions of partitions. If any target clusters do not match
the configuration they are added to partitions at the end following the
autoPartitionSize.
items:
description: Partition defines a separate rollout strategy for
a set of clusters.
properties:
clusterGroup:
description: A cluster group name to include in this partition
type: string
clusterGroupSelector:
description: Selector matching cluster group labels to include
in this partition
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
clusterName:
description: ClusterName is the name of a cluster to include
in this partition
type: string
clusterSelector:
description: Selector matching cluster labels to include
in this partition
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
A number or percentage of clusters that can be unavailable in this
partition before this partition is treated as done.
default: 10%
x-kubernetes-int-or-string: true
name:
description: A user-friendly name given to the partition
used for Display (optional).
type: string
type: object
type: array
type: object
targets:
description: Targets refer to the clusters that should be upgraded.
items:
properties:
clusterGroup:
description: ClusterGroup to match a specific cluster group
by name.
nullable: true
type: string
clusterGroupSelector:
description: ClusterGroupSelector is a selector to match cluster
groups.
nullable: true
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
clusterName:
description: |-
ClusterName to match a specific cluster by name that will be
selected
nullable: true
type: string
clusterSelector:
description: |-
ClusterSelector is a selector to match clusters. The structure is
the standard metav1.LabelSelector format. If clusterGroupSelector or
clusterGroup is specified, clusterSelector will be used only to
further refine the selection after clusterGroupSelector and
clusterGroup is evaluated.
nullable: true
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
doNotDeploy:
description: DoNotDeploy if set to true, will not deploy to
this target.
type: boolean
name:
description: |-
Name of target. This value is largely for display and logging. If
not specified a default name of the format "target000" will be used
type: string
type: object
type: array
required:
- className
type: object
status:
description: ClusterUpgradeStatus defines the observed state of ClusterUpgrade
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: turtles-rollout-poc
app.kubernetes.io/instance: controller-manager-sa
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: serviceaccount
app.kubernetes.io/part-of: turtles-rollout-poc
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: turtles-rollout-poc
app.kubernetes.io/instance: leader-election-role
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: role
app.kubernetes.io/part-of: turtles-rollout-poc
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-leader-election-role
namespace: {{ index .Values "rancherTurtles" "namespace" }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rancher-turtles/aggregate-to-manager: "true"
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-aggregated-manager-role
rules: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
rancher-turtles/aggregate-to-manager: "true"
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-manager-role
rules:
- apiGroups:
- cluster.x-k8s.io
resources:
- clusterclasses
- clusters
- clusters/status
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- rollout.turtles-capi.cattle.io
resources:
- clusterupgradegroups
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rollout.turtles-capi.cattle.io
resources:
- clusterupgradegroups/status
verbs:
- get
- patch
- update
- apiGroups:
- rollout.turtles-capi.cattle.io
resources:
- clusterupgradegroupss/finalizers
verbs:
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: turtles-rollout-poc
app.kubernetes.io/instance: leader-election-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: rolebinding
app.kubernetes.io/part-of: turtles-rollout-poc
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-leader-election-rolebinding
namespace: {{ index .Values "rancherTurtles" "namespace" }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: rancher-turtles-clusterclass-leader-election-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-clusterclass-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: turtles-rollout-poc
app.kubernetes.io/instance: manager-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: clusterrolebinding
app.kubernetes.io/part-of: turtles-rollout-poc
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: rancher-turtles-clusterclass-aggregated-manager-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-clusterclass-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: controller-manager
turtles-capi.cattle.io: clusterclass
name: rancher-turtles-clusterclass-controller-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
spec:
replicas: 1
selector:
matchLabels:
control-plane: controller-manager
turtles-capi.cattle.io: clusterclass
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
control-plane: controller-manager
turtles-capi.cattle.io: clusterclass
spec:
containers:
- args:
- --leader-elect
command:
- ./turtles-clusterclass-operations
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_UID
valueFrom:
fieldRef:
fieldPath: metadata.uid
{{- $imageVersion := index .Values "rancherTurtles" "features" "clusterclass-operations" "imageVersion" -}}
{{- if contains "sha256:" $imageVersion }}
image: {{ index .Values "rancherTurtles" "features" "clusterclass-operations" "image" }}@{{ index .Values "rancherTurtles" "features" "clusterclass-operations" "imageVersion" }}
{{- else }}
image: {{ index .Values "rancherTurtles" "features" "clusterclass-operations" "image" }}:{{ index .Values "rancherTurtles" "features" "clusterclass-operations" "imageVersion" }}
{{- end }}
imagePullPolicy: '{{ index .Values "rancherTurtles" "features" "clusterclass-operations" "imagePullPolicy" }}'
livenessProbe:
httpGet:
path: /healthz
port: 8081
initialDelaySeconds: 15
periodSeconds: 20
name: manager
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
serviceAccountName: rancher-turtles-clusterclass-manager
terminationGracePeriodSeconds: 10
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
{{- end }}

659
rancher-turtles-chart/templates/rancher-turtles-exp-day2-components.yaml Normal file
View File

@@ -0,0 +1,659 @@
{{- if index .Values "rancherTurtles" "features" "day2operations" "enabled" }}
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
controller-gen.kubebuilder.io/version: v0.16.1
labels:
turtles-capi.cattle.io: day2-operations
name: etcdmachinesnapshots.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: ETCDMachineSnapshot
listKind: ETCDMachineSnapshotList
plural: etcdmachinesnapshots
singular: etcdmachinesnapshot
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ETCDMachineSnapshot is the Schema for the ETCDMachineSnapshot
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ETCDMachineSnapshotSpec defines the desired state of EtcdMachineSnapshot
properties:
clusterName:
type: string
location:
type: string
machineName:
type: string
required:
- clusterName
type: object
x-kubernetes-validations:
- message: ETCD snapshot location can't be empty.
rule: size(self.clusterName)>0
status:
default: {}
description: EtcdSnapshotRestoreStatus defines observed state of EtcdSnapshotRestore
properties:
error:
type: string
phase:
description: ETCDSnapshotPhase is a string representation of the phase
of the etcd snapshot
type: string
s3Snapshots:
items:
properties:
creationTime:
description: CreationTime is the timestamp when the snapshot
was taken by etcd.
format: date-time
type: string
location:
type: string
name:
type: string
required:
- location
- name
type: object
type: array
snapshotFileName:
type: string
snapshots:
items:
properties:
creationTime:
description: CreationTime is the timestamp when the snapshot
was taken by etcd.
format: date-time
type: string
location:
type: string
machineName:
type: string
name:
type: string
required:
- location
- machineName
- name
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
controller-gen.kubebuilder.io/version: v0.16.1
labels:
turtles-capi.cattle.io: day2-operations
name: etcdsnapshotrestores.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: ETCDSnapshotRestore
listKind: ETCDSnapshotRestoreList
plural: etcdsnapshotrestores
singular: etcdsnapshotrestore
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ETCDSnapshotRestore is the schema for the ETCDSnapshotRestore
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ETCDSnapshotRestoreSpec defines the desired state of EtcdSnapshotRestore.
properties:
clusterName:
type: string
etcdMachineSnapshotName:
type: string
required:
- clusterName
- etcdMachineSnapshotName
type: object
x-kubernetes-validations:
- message: Cluster Name can't be empty.
rule: size(self.clusterName)>0
- message: ETCD machine snapshot name can't be empty.
rule: size(self.etcdMachineSnapshotName)>0
status:
default: {}
description: ETCDSnapshotRestoreStatus defines observed state of EtcdSnapshotRestore.
properties:
conditions:
description: Conditions provide observations of the operational state
of a Cluster API resource.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: |-
Last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when
the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
A human readable message indicating details about the transition.
This field may be empty.
type: string
reason:
description: |-
The reason for the condition's last transition in CamelCase.
The specific API may choose whether or not this field is considered a guaranteed API.
This field may be empty.
type: string
severity:
description: |-
severity provides an explicit classification of Reason code, so the users or machines can immediately
understand the current situation and act accordingly.
The Severity field MUST be set only when Status=False.
type: string
status:
description: status of the condition, one of True, False, Unknown.
type: string
type:
description: |-
type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions
can be useful (see .node.status.conditions), the ability to deconflict is important.
type: string
required:
- lastTransitionTime
- status
- type
type: object
type: array
phase:
default: Pending
description: ETCDSnapshotPhase is a string representation of the phase
of the etcd snapshot
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
controller-gen.kubebuilder.io/version: v0.16.1
labels:
turtles-capi.cattle.io: day2-operations
name: rke2etcdmachinesnapshotconfigs.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: RKE2EtcdMachineSnapshotConfig
listKind: RKE2EtcdMachineSnapshotConfigList
plural: rke2etcdmachinesnapshotconfigs
singular: rke2etcdmachinesnapshotconfig
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: RKE2EtcdMachineSnapshotConfig is the config for the RKE2EtcdMachineSnapshotConfig
API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: RKE2EtcdMachineSnapshotConfigSpec defines the desired state
of RKE2EtcdMachineSnapshotConfig
properties:
local:
properties:
dataDir:
type: string
required:
- dataDir
type: object
s3:
properties:
bucket:
type: string
endpoint:
type: string
endpointCAsecret:
type: string
folder:
type: string
insecure:
type: boolean
region:
type: string
s3CredentialSecret:
type: string
skipSSLVerify:
type: boolean
type: object
required:
- local
- s3
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: leader-election-role
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: role
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-leader-election-role
namespace: {{ index .Values "rancherTurtles" "namespace" }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rancher-turtles-exp/aggregate-to-manager: "true"
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-aggregated-manager-role
rules: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
rancher-turtles-exp/aggregate-to-manager: "true"
rancher-turtles/aggregate-to-manager: "true"
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-manager-role
rules:
- apiGroups:
- ""
resources:
- configmaps
- events
- secrets
- serviceaccounts
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- serviceaccounts/token
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
- get
- apiGroups:
- bootstrap.cluster.x-k8s.io
resources:
- rke2configs
- rke2configs/finalizers
- rke2configs/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- clusters
- clusters/status
- machines
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- management.cattle.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
- roles
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdmachinesnapshots
- etcdsnapshotrestores
- rke2etcdmachinesnapshotconfigs
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdmachinesnapshots/finalizers
- etcdsnapshotrestores/finalizers
- rke2etcdmachinesnapshotconfigs/finalizers
verbs:
- update
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdmachinesnapshots/status
- etcdsnapshotrestores/status
- rke2etcdmachinesnapshotconfigs/status
verbs:
- get
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: leader-election-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: rolebinding
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-leader-election-rolebinding
namespace: {{ index .Values "rancherTurtles" "namespace" }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: rancher-turtles-day2-operations-leader-election-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-day2-operations-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: manager-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: clusterrolebinding
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: rancher-turtles-day2-operations-aggregated-manager-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-day2-operations-manager
namespace: {{ index .Values "rancherTurtles" "namespace" }}
---
apiVersion: v1
kind: Service
metadata:
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-webhook-service
namespace: {{ index .Values "rancherTurtles" "namespace" }}
spec:
ports:
- port: 443
targetPort: webhook-server
selector:
turtles-capi.cattle.io: day2-operations
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-serving-cert
namespace: {{ index .Values "rancherTurtles" "namespace" }}
spec:
dnsNames:
- rancher-turtles-day2-operations-webhook-service.{{ index .Values "rancherTurtles" "namespace" }}.svc
- rancher-turtles-day2-operations-webhook-service.{{ index .Values "rancherTurtles" "namespace" }}.svc.cluster.local
issuerRef:
kind: Issuer
name: rancher-turtles-day2-operations-selfsigned-issuer
secretName: rancher-turtles-day2-operations-webhook-service-cert
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-selfsigned-issuer
namespace: {{ index .Values "rancherTurtles" "namespace" }}
spec:
selfSigned: {}
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-mutating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: rancher-turtles-day2-operations-webhook-service
namespace: {{ index .Values "rancherTurtles" "namespace" }}
path: /mutate-bootstrap-cluster-x-k8s-io-v1beta1-rke2config
failurePolicy: Fail
name: systemagentrke2config.kb.io
rules:
- apiGroups:
- bootstrap.cluster.x-k8s.io
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- rke2configs
sideEffects: None
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-day2-operations-serving-cert
labels:
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-validating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: rancher-turtles-day2-operations-webhook-service
namespace: {{ index .Values "rancherTurtles" "namespace" }}
path: /validate-turtles-capi-cattle-io-v1alpha1-etcdmachinesnapshot
failurePolicy: Fail
matchPolicy: Equivalent
name: etcdmachinesnapshot.kb.io
rules:
- apiGroups:
- turtles-capi.cattle.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- etcdmachinesnapshots
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: rancher-turtles-day2-operations-webhook-service
namespace: {{ index .Values "rancherTurtles" "namespace" }}
path: /validate-turtles-capi-cattle-io-v1alpha1-etcdsnapshotrestore
failurePolicy: Fail
matchPolicy: Equivalent
name: etcdsnapshotrestore.kb.io
rules:
- apiGroups:
- turtles-capi.cattle.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- etcdsnapshotrestores
sideEffects: None
{{- end }}

106
rancher-turtles-chart/templates/rancher-turtles-exp-day2-deployment.yaml Normal file
View File

@@ -0,0 +1,106 @@
{{- if index .Values "rancherTurtles" "features" "day2operations" "enabled" }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: controller-manager
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-controller-manager
namespace: '{{ .Values.rancherTurtles.namespace }}'
spec:
replicas: 1
selector:
matchLabels:
control-plane: controller-manager
turtles-capi.cattle.io: day2-operations
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
control-plane: controller-manager
turtles-capi.cattle.io: day2-operations
spec:
containers:
- args:
- --leader-elect
- --feature-gates=etcd-backup-restore={{ .Values.rancherTurtles.features.day2operations.etcdBackupRestore.enabled }}
command:
- ./turtles-day2-operations
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_UID
valueFrom:
fieldRef:
fieldPath: metadata.uid
{{- if (contains "sha256:" .Values.rancherTurtles.features.day2operations.imageVersion) }}
image: '{{ .Values.rancherTurtles.features.day2operations.image }}@{{ .Values.rancherTurtles.features.day2operations.imageVersion }}'
{{- else }}
image: '{{ .Values.rancherTurtles.features.day2operations.image }}:{{ .Values.rancherTurtles.features.day2operations.imageVersion }}'
{{- end }}
imagePullPolicy: '{{ .Values.rancherTurtles.features.day2operations.imagePullPolicy }}'
livenessProbe:
httpGet:
path: /healthz
port: 9440
initialDelaySeconds: 15
periodSeconds: 20
name: manager
ports:
- containerPort: 9443
name: webhook-server
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9440
initialDelaySeconds: 5
periodSeconds: 10
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
volumeMounts:
{{- if .Values.rancherTurtles.features.day2operations.etcdBackupRestore.enabled }}
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
{{- end }}
serviceAccountName: rancher-turtles-day2-operations-manager
terminationGracePeriodSeconds: 10
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
volumes:
{{- if .Values.rancherTurtles.features.day2operations.etcdBackupRestore.enabled }}
- name: cert
secret:
secretName: rancher-turtles-day2-operations-webhook-service-cert
{{- end }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: controller-manager-sa
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: serviceaccount
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: day2-operations
name: rancher-turtles-day2-operations-manager
namespace: '{{ .Values.rancherTurtles.namespace }}'
{{- end }}

16
rancher-turtles-chart/templates/ui-plugin.yaml Normal file
View File

@@ -0,0 +1,16 @@
{{- if and (index .Values "turtlesUI" "enabled") (index .Values "rancherTurtles" "rancherInstalled") }}
apiVersion: catalog.cattle.io/v1
kind: UIPlugin
metadata:
name: capi
namespace: '{{ .Values.rancherTurtles.namespace }}'
spec:
plugin:
endpoint: https://raw.githubusercontent.com/rancher/capi-ui-extension/gh-pages/extensions/capi/{{ index .Values "turtlesUI" "version" | toString }}
name: capi
version: {{ index .Values "turtlesUI" "version" }}
metadata:
catalog.cattle.io/display-name: CAPI UI
catalog.cattle.io/experimental: "true"
catalog.cattle.io/ui-extensions-version: ">= 3.0.0"
{{- end }}