steven.hardy/Factory
SHA256
1
0
Fork 0
forked from suse-edge/Factory
Code Pull Requests Activity

Add kubevirt-chart

Browse Source 
Imported from https://github.com/suse-edge/charts/tree/main/charts/kubevirt/0.4.0
This commit is contained in:
Steven Hardy 2024-11-15 17:30:49 +00:00
parent fcbe8b9452
commit fc3da390e9
Signed by: steven.hardy
GPG Key ID: 44E1F7EC6AC42B8E
15 changed files with 8412 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.obs/workflows.yml
View File

@ -210,3 +210,7 @@ staging_build:
source_package: kiwi-builder-image source_package: kiwi-builder-image
source_project: isv:SUSE:Edge:Factory source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: kubevirt-chart
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging

9
kubevirt-chart/Chart.yaml Normal file
View File

@ -0,0 +1,9 @@
#!BuildTag: %%IMG_PREFIX%%sriov-crd-chart:302.0.0_up0.4.0-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%sriov-crd-chart:302.0.0_up0.4.0
apiVersion: v2
appVersion: 1.3.1
description: A Helm chart for KubeVirt
icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/kubevirt/icon/color/kubevirt-icon-color.svg
name: kubevirt
type: application
version: 302.0.0+up0.4.0

8
kubevirt-chart/_service Normal file
View File

@ -0,0 +1,8 @@
<services>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service name="replace_using_env" mode="buildtime">
<param name="file">Chart.yaml</param>
<param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %{?img_prefix})</param>
<param name="var">IMG_PREFIX</param>
</service>
</services>

1
kubevirt-chart/app-readme.md Normal file
View File

@ -0,0 +1 @@
KubeVirt is a virtual machine management add-on for Kubernetes. The aim is to provide a common ground for virtualization solutions on top of Kubernetes.

6586
kubevirt-chart/crds/kubevirt.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

2
kubevirt-chart/templates/NOTES.txt Normal file
View File

@ -0,0 +1,2 @@
Verify that all KubeVirt components are installed correctly:
kubectl get all -n {{ .Release.Namespace }}

62
kubevirt-chart/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "kubevirt.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kubevirt.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kubevirt.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "kubevirt.labels" -}}
helm.sh/chart: {{ include "kubevirt.chart" . }}
{{ include "kubevirt.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "kubevirt.selectorLabels" -}}
app.kubernetes.io/name: {{ include "kubevirt.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "kubevirt.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "kubevirt.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

47
kubevirt-chart/templates/_hooks.tpl Normal file
View File

@ -0,0 +1,47 @@
{{/* Hook annotations */}}
{{- define "kubevirt.hook.annotations" -}}
annotations:
"helm.sh/hook": {{ .hookType }}
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook-weight": {{ .hookWeight | quote }}
{{- end -}}
{{/* Namespace modifying hook annotations */}}
{{- define "kubevirt.namespaceHook.annotations" -}}
{{ template "kubevirt.hook.annotations" merge (dict "hookType" "pre-install") . }}
{{- end -}}
{{/* CRD upgrading hook annotations */}}
{{- define "kubevirt.crdUpgradeHook.annotations" -}}
{{ template "kubevirt.hook.annotations" merge (dict "hookType" "pre-upgrade") . }}
{{- end -}}
{{/* Custom resource uninstalling hook annotations */}}
{{- define "kubevirt.crUninstallHook.annotations" -}}
{{ template "kubevirt.hook.annotations" merge (dict "hookType" "pre-delete") . }}
{{- end -}}
{{/* CRD uninstalling hook annotations */}}
{{- define "kubevirt.crdUninstallHook.annotations" -}}
{{ template "kubevirt.hook.annotations" merge (dict "hookType" "post-delete") . }}
{{- end -}}
{{/* Namespace modifying hook name */}}
{{- define "kubevirt.namespaceHook.name" -}}
{{ include "kubevirt.fullname" . }}-namespace-modify
{{- end }}
{{/* CRD upgrading hook name */}}
{{- define "kubevirt.crdUpgradeHook.name" -}}
{{ include "kubevirt.fullname" . }}-crd-upgrade
{{- end }}
{{/* Custom resource uninstalling hook name */}}
{{- define "kubevirt.crUninstallHook.name" -}}
{{ include "kubevirt.fullname" . }}-uninstall
{{- end }}
{{/* CRD uninstalling hook name */}}
{{- define "kubevirt.crdUninstallHook.name" -}}
{{ include "kubevirt.fullname" . }}-crd-uninstall
{{- end }}

55
kubevirt-chart/templates/crd-uninstall-hooks.yaml Normal file
View File

@ -0,0 +1,55 @@
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crdUninstallHook.name" . }}
{{ template "kubevirt.crdUninstallHook.annotations" (dict "hookWeight" 1) }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "kubevirt.crdUninstallHook.name" . }}
{{ template "kubevirt.crdUninstallHook.annotations" (dict "hookWeight" 1) }}
rules:
- apiGroups: [ "apiextensions.k8s.io" ]
resources: [ "customresourcedefinitions" ]
resourceNames:
- "kubevirts.kubevirt.io"
verbs: [ "delete" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "kubevirt.crdUninstallHook.name" . }}
{{ template "kubevirt.crdUninstallHook.annotations" (dict "hookWeight" 2) }}
subjects:
- kind: ServiceAccount
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crdUninstallHook.name" . }}
roleRef:
kind: ClusterRole
name: {{ template "kubevirt.crdUninstallHook.name" . }}
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crdUninstallHook.name" . }}
{{ template "kubevirt.crdUninstallHook.annotations" (dict "hookWeight" 3) }}
spec:
template:
metadata:
name: {{ template "kubevirt.crdUninstallHook.name" . }}
spec:
serviceAccountName: {{ template "kubevirt.crdUninstallHook.name" . }}
restartPolicy: {{ .Values.hookRestartPolicy }}
containers:
- name: {{ template "kubevirt.crdUninstallHook.name" . }}
image: {{ .Values.hookImage }}
args:
- delete
- customresourcedefinitions
- kubevirts.kubevirt.io
securityContext:
{{- toYaml .Values.hookSecurityContext | nindent 12 }}

80
kubevirt-chart/templates/crd-upgrade-hooks.yaml Normal file
View File

@ -0,0 +1,80 @@
apiVersion: v1
kind: ConfigMap
metadata:
namespace: {{ .Release.Namespace }}
name: kubevirt-crd-manifest
{{ template "kubevirt.crdUpgradeHook.annotations" (dict "hookWeight" 1) }}
data:
crd: |-
{{ $.Files.Get "crds/kubevirt.yaml" | nindent 4 }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crdUpgradeHook.name" . }}
{{ template "kubevirt.crdUpgradeHook.annotations" (dict "hookWeight" 2) }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "kubevirt.crdUpgradeHook.name" . }}
{{ template "kubevirt.crdUpgradeHook.annotations" (dict "hookWeight" 2) }}
rules:
- apiGroups: [ "" ]
resources: [ "configmaps" ]
resourceNames:
- "kubevirt-crd-manifest"
verbs: [ "get" ]
- apiGroups: [ "apiextensions.k8s.io" ]
resources: [ "customresourcedefinitions" ]
resourceNames:
- "kubevirts.kubevirt.io"
verbs: [ "get", "patch" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "kubevirt.crdUpgradeHook.name" . }}
{{ template "kubevirt.crdUpgradeHook.annotations" (dict "hookWeight" 3) }}
subjects:
- kind: ServiceAccount
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crdUpgradeHook.name" . }}
roleRef:
kind: ClusterRole
name: {{ template "kubevirt.crdUpgradeHook.name" . }}
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crdUpgradeHook.name" . }}
{{ template "kubevirt.crdUpgradeHook.annotations" (dict "hookWeight" 4) }}
spec:
template:
metadata:
name: {{ template "kubevirt.crdUpgradeHook.name" . }}
spec:
serviceAccountName: {{ template "kubevirt.crdUpgradeHook.name" . }}
restartPolicy: {{ .Values.hookRestartPolicy }}
containers:
- name: {{ template "kubevirt.crdUpgradeHook.name" . }}
securityContext:
{{- toYaml .Values.hookSecurityContext | nindent 12 }}
image: {{ .Values.hookImage }}
args:
- apply
- -f
- /etc/manifests/crd.yaml
volumeMounts:
- name: crd-volume
mountPath: /etc/manifests
volumes:
- name: crd-volume
configMap:
name: kubevirt-crd-manifest
items:
- key: crd
path: crd.yaml

1361
kubevirt-chart/templates/kubevirt-operator.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

71
kubevirt-chart/templates/kubevirt-uninstall-hooks.yaml Normal file
View File

@ -0,0 +1,71 @@
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crUninstallHook.name" . }}
{{ template "kubevirt.crUninstallHook.annotations" (dict "hookWeight" 1) }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crUninstallHook.name" . }}
{{ template "kubevirt.crUninstallHook.annotations" (dict "hookWeight" 1) }}
rules:
- apiGroups: [ "kubevirt.io" ]
resources: [ "kubevirts" ]
resourceNames:
- "kubevirt"
verbs: [ "get", "list", "delete" ]
- apiGroups: [ "apps" ]
resources: [ "deployments", "daemonsets" ]
verbs: [ "get", "list" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crUninstallHook.name" . }}
{{ template "kubevirt.crUninstallHook.annotations" (dict "hookWeight" 2) }}
subjects:
- kind: ServiceAccount
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crUninstallHook.name" . }}
roleRef:
kind: Role
name: {{ template "kubevirt.crUninstallHook.name" . }}
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.crUninstallHook.name" . }}
{{ template "kubevirt.crUninstallHook.annotations" (dict "hookWeight" 3) }}
spec:
template:
metadata:
name: {{ template "kubevirt.crUninstallHook.name" . }}
spec:
serviceAccountName: {{ template "kubevirt.crUninstallHook.name" . }}
restartPolicy: {{ .Values.hookRestartPolicy }}
containers:
- name: {{ template "kubevirt.crUninstallHook.name" . }}
image: {{ .Values.hookImage }}
securityContext:
{{- toYaml .Values.hookSecurityContext | nindent 12 }}
args:
- delete
- kubevirt
- kubevirt
- name: {{ template "kubevirt.crUninstallHook.name" . }}-cleanup
image: {{ .Values.hookImage }}
securityContext:
{{- toYaml .Values.hookSecurityContext | nindent 12 }}
args:
- wait
- --for=delete
- deployments/virt-api
- deployments/virt-controller
- daemonsets/virt-handler
- --timeout=60s

32
kubevirt-chart/templates/kubevirt.yaml Normal file
View File

@ -0,0 +1,32 @@
apiVersion: kubevirt.io/v1
kind: KubeVirt
metadata:
name: kubevirt
namespace: {{ .Release.Namespace }}
spec:
{{- with .Values.kubevirt.configuration }}
configuration:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.kubevirt.customizeComponents }}
customizeComponents:
{{- toYaml . | nindent 4 }}
{{- end }}
imagePullPolicy: {{ .Values.kubevirt.imagePullPolicy }}
{{- with .Values.kubevirt.infra }}
infra:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if .Values.kubevirt.uninstallStrategy }}
uninstallStrategy: {{ .Values.kubevirt.uninstallStrategy }}
{{- end }}
{{- with .Values.kubevirt.workloadUpdateStrategy }}
workloadUpdateStrategy:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- if .Values.kubevirt.monitorNamespace }}
monitorNamespace: {{ .Values.kubevirt.monitorNamespace }}
{{- end }}
{{- if .Values.kubevirt.monitorAccount }}
monitorAccount: {{ .Values.kubevirt.monitorAccount }}
{{- end }}

60
kubevirt-chart/templates/namespace-hooks.yaml Normal file
View File

@ -0,0 +1,60 @@
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.namespaceHook.name" . }}
{{ template "kubevirt.namespaceHook.annotations" (dict "hookWeight" 1) }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "kubevirt.namespaceHook.name" . }}
{{ template "kubevirt.namespaceHook.annotations" (dict "hookWeight" 1) }}
rules:
- apiGroups: [ "" ]
resources: [ "namespaces" ]
resourceNames:
- {{ .Release.Namespace | quote }}
verbs: [ "get", "patch" ]
- apiGroups: [ "management.cattle.io" ] # Rancher
resources: [ "projects" ]
verbs: [ "updatepsa" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "kubevirt.namespaceHook.name" . }}
{{ template "kubevirt.namespaceHook.annotations" (dict "hookWeight" 2) }}
subjects:
- kind: ServiceAccount
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.namespaceHook.name" . }}
roleRef:
kind: ClusterRole
name: {{ template "kubevirt.namespaceHook.name" . }}
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
namespace: {{ .Release.Namespace }}
name: {{ template "kubevirt.namespaceHook.name" . }}
{{ template "kubevirt.namespaceHook.annotations" (dict "hookWeight" 3) }}
spec:
template:
metadata:
name: {{ template "kubevirt.namespaceHook.name" . }}
spec:
serviceAccountName: {{ template "kubevirt.namespaceHook.name" . }}
restartPolicy: {{ .Values.hookRestartPolicy }}
containers:
- name: {{ template "kubevirt.namespaceHook.name" . }}
securityContext:
{{- toYaml .Values.hookSecurityContext | nindent 12 }}
image: {{ .Values.hookImage }}
args:
- label
- namespace
- {{ .Release.Namespace }}
- kubevirt.io=
- pod-security.kubernetes.io/enforce=privileged

34
kubevirt-chart/values.yaml Normal file
View File

@ -0,0 +1,34 @@
operator:
image: registry.suse.com/suse/sles/15.6/virt-operator
version: 1.3.1-150600.5.9.1
pullPolicy: IfNotPresent
kubevirt:
# Holds kubevirt configurations. Same as the virt-configMap.
configuration: {}
customizeComponents: {}
# The ImagePullPolicy to use.
imagePullPolicy: IfNotPresent
# Selectors and tolerations that should apply to KubeVirt infrastructure components.
infra: {}
# Specifies if KubeVirt can be deleted if workloads are still present.
# This is mainly a precaution to avoid accidental data loss.
uninstallStrategy: ""
# WorkloadUpdateStrategy defines at the cluster level how to handle automated workload updates.
workloadUpdateStrategy: {}
# Optionally enable ServiceMonitor for prometheus, see
# https://kubevirt.io/user-guide/user_workloads/component_monitoring/
monitorAccount: ""
monitorNamespace: ""
hookImage: rancher/kubectl:v1.30.2
hookRestartPolicy: OnFailure
hookSecurityContext:
seccompProfile:
type: RuntimeDefault
runAsNonRoot: true
runAsUser: 1000
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL