steven.hardy/Factory
SHA256
1
0
Fork 0
forked from suse-edge/Factory
Code Pull Requests Activity

Compare commits

merge into: steven.hardy:ipa-fix
Branches Tags
steven.hardy:main steven.hardy:arm_config steven.hardy:turtles_3.2 steven.hardy:turtles_fix_3.2 steven.hardy:turtles_upgrade_fix steven.hardy:cdi_fix steven.hardy:kubevirt_chart steven.hardy:sriov_update steven.hardy:capm3_downgrade steven.hardy:rm_capi_images steven.hardy:kiwi_fix steven.hardy:kiwi_builder steven.hardy:metal3_chart_090 steven.hardy:turtles_013 steven.hardy:rm_old_ipa steven.hardy:ipa-fix steven.hardy:kube-rbac-proxy-fix2 steven.hardy:turtles_fix steven.hardy:metal3_090 steven.hardy:metallb_rbac_proxy steven.hardy:kube-rbac-proxy-fix steven.hardy:kube_rbac_proxy steven.hardy:document-branch steven.hardy:supportlvl-macro steven.hardy:run-sync suse-edge:3.3 suse-edge:main suse-edge:dprodanov-patch-1 suse-edge:update-eib suse-edge:devel suse-edge:3.2
...
pull from: steven.hardy:turtles_013
Branches Tags
steven.hardy:arm_config steven.hardy:turtles_3.2 steven.hardy:turtles_fix_3.2 steven.hardy:turtles_upgrade_fix steven.hardy:cdi_fix steven.hardy:kubevirt_chart steven.hardy:sriov_update steven.hardy:capm3_downgrade steven.hardy:rm_capi_images steven.hardy:kiwi_fix steven.hardy:kiwi_builder steven.hardy:metal3_chart_090 steven.hardy:turtles_013 steven.hardy:rm_old_ipa steven.hardy:ipa-fix steven.hardy:kube-rbac-proxy-fix2 steven.hardy:turtles_fix steven.hardy:metal3_090 steven.hardy:metallb_rbac_proxy steven.hardy:kube-rbac-proxy-fix steven.hardy:kube_rbac_proxy steven.hardy:main steven.hardy:document-branch steven.hardy:supportlvl-macro steven.hardy:run-sync suse-edge:3.3 suse-edge:main suse-edge:dprodanov-patch-1 suse-edge:update-eib suse-edge:devel suse-edge:3.2

4 Commits
ipa-fix ... turtles_01

Author SHA256 Message Date
Steven Hardy
f38d3486d1 rancher-turtles-airgap-resources: update to 0.13 release 2024-11-14 18:17:20 +00:00
Steven Hardy
8209fa1064 rancher-turtles: Update to 0.13 upstream version 
Aligns with https://github.com/suse-edge/charts/pull/166
 2024-11-14 18:14:20 +00:00
Steven Hardy
6bd4999fe8 Remove openstack-ironic-image 
This was replaced by ironic-ipa-ramdisk in #8
 2024-11-13 14:08:10 +00:00
Steven Hardy
784cd801cd delete_package.py: Fix command to add message 
Without this it launches an editor to interactively specify the
message which doesn't seem to work from inside the python script
 2024-11-13 14:05:38 +00:00
33 changed files with 1006 additions and 567 deletions
Expand all files Collapse all files

2
.obs/delete_package.py
View File

@@ -21,7 +21,7 @@ def delete_package_from_workflow(name: str):
def delete_package_from_project(name: str):
p = subprocess.run(["osc", "rdelete", PROJECT, name], stdout=subprocess.PIPE)
p = subprocess.run(["osc", "rdelete", PROJECT, name, "-m \"Deleted via delete_package.py\"" ], stdout=subprocess.PIPE)
print(p.stdout)
print(p.stderr)
p.check_returncode()

4
.obs/workflows.yml
View File

@@ -198,10 +198,6 @@ staging_build:
source_package: cri-tools
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: openstack-ironic-image
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: crudini
source_project: isv:SUSE:Edge:Factory

8
openstack-ironic-image/_constraints
View File

@@ -1,8 +0,0 @@
<constraints>
<hardware>
<processors>4</processors>
<disk>
<size unit="G">12</size>
</disk>
</hardware>
</constraints>

105
openstack-ironic-image/config.sh
View File

@@ -1,105 +0,0 @@
#!/bin/bash
test -f /.kconfig && . /.kconfig
test -f /.profile && . /.profile
#======================================
# Greeting...
#--------------------------------------
echo "Configure image: [$kiwi_iname]..."
#==========================================
# setup build day
#------------------------------------------
baseSetupBuildDay
#======================================
# Mount system filesystems
#--------------------------------------
#baseMount
#==========================================
# remove unneded kernel files
#------------------------------------------
suseStripKernel
baseStripLocales en_US.utf-8 C.utf8
#======================================
# Setup baseproduct link
#--------------------------------------
suseSetupProduct
#======================================
# Add missing gpg keys to rpm
#--------------------------------------
suseImportBuildKey
#======================================
# Activate services
#--------------------------------------
baseInsertService openstack-ironic-python-agent
baseInsertService suse-ironic-image-setup
baseInsertService suse-network-setup
baseInsertService sshd
baseInsertService NetworkManager
#suseInsertService sshd
#suseInsertService openstack-ironic-python-agent
#suseInsertService suse-ironic-image-setup
echo 'DEFAULT_TIMEZONE="UTC"' >> /etc/sysconfig/clock
baseUpdateSysConfig /etc/sysconfig/clock HWCLOCK "-u"
baseUpdateSysConfig /etc/sysconfig/clock TIMEZONE UTC
baseUpdateSysConfig /etc/sysconfig/network/dhcp DHCLIENT_SET_HOSTNAME no
baseUpdateSysConfig /etc/sysconfig/network/dhcp WRITE_HOSTNAME_TO_HOSTS no
#==========================================
# generate autologin@ service
# based on getty@ service
#------------------------------------------
#sed 's/^ExecStart=.*/\0 --autologin root/' /usr/lib/systemd/system/getty@.service > /etc/systemd/system/autologin\@.service
sed -E 's/^(ExecStart=.*\/agetty).*(--noclear.*)/\1 \2 --autologin root/' /usr/lib/systemd/system/getty@.service > /etc/systemd/system/autologin\@.service
#==========================================
# add fstab entry for tmpfs based /tmp
#------------------------------------------
echo 'tmpfs /tmp tmpfs size=3G 0 0' >> /etc/fstab
#==========================================
# remove package docs and manuals
#------------------------------------------
#baseStripDocs
#baseStripMans
#baseStripInfos
#======================================
# only basic version of vim is
# installed; no syntax highlighting
#--------------------------------------
sed -i -e's/^syntax on/" syntax on/' /etc/vimrc
#======================================
# Remove yast if not in use
#--------------------------------------
#suseRemoveYaST
#======================================
# Remove package manager
#--------------------------------------
#suseStripPackager
#rm -f usr/lib/perl5/*/*/auto/Encode/??/??.so # 9MB
#======================================
# Umount kernel filesystems
#--------------------------------------
#baseCleanMount
ln -s /sbin/init /init
#==========================================
# umount
#------------------------------------------
umount /proc >/dev/null 2>&1
exit 0

173
openstack-ironic-image/openstack-ironic-image.kiwi
View File

@@ -1,173 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<image schemaversion="7.4" name="openstack-ironic-image">
<description type="system">
<author>Cloud developers</author>
<contact>cloud-devel@suse.de</contact>
<specification>kernel and ramdisk image for metal3</specification>
</description>
<profiles>
<profile name="default" description="Booting default profile" import="true"/>
</profiles>
<preferences>
<locale>en_US</locale>
<packagemanager>zypper</packagemanager>
<rpm-check-signatures>false</rpm-check-signatures>
<timezone>UTC</timezone>
<version>1.0.0</version>
</preferences>
<preferences profiles="default">
<type image="kis" initrd_system="none" compressed="false"/>
</preferences>
<users>
<user password="*" home="/root" name="root" groups="root"/>
</users>
<repository alias="build-binaries" type="rpm-md" priority="99">
<source path="dir:///.build.binaries"/>
</repository>
<drivers>
<file name="crypto/*"/>
<file name="drivers/acpi/*"/>
<file name="drivers/acpi/dock.ko"/>
<file name="drivers/ata/*"/>
<file name="drivers/block/brd.ko"/>
<file name="drivers/block/cciss.ko"/>
<file name="drivers/block/loop.ko"/>
<file name="drivers/block/virtio_blk.ko"/>
<file name="drivers/cdrom/*"/>
<file name="drivers/char/hw_random/virtio-rng.ko"/>
<file name="drivers/char/lp.ko"/>
<file name="drivers/char/ipmi/*"/>
<file name="drivers/firmware/iscsi_ibft.ko"/>
<file name="drivers/firmware/edd.ko"/>
<file name="drivers/gpu/drm/*"/>
<file name="drivers/hid/*"/>
<file name="drivers/hv/*"/>
<file name="drivers/hwmon/*"/>
<file name="drivers/ide/*"/>
<file name="drivers/input/keyboard/*"/>
<file name="drivers/input/mouse/*"/>
<file name="drivers/md/*"/>
<file name="drivers/message/fusion/*"/>
<file name="drivers/misc/hpilo.ko"/>
<file name="drivers/net/*"/>
<file name="drivers/parport/*"/>
<file name="drivers/scsi/*"/>
<file name="drivers/staging/hv/*"/>
<file name="drivers/target/*"/>
<file name="drivers/thermal/*"/>
<file name="drivers/usb/*"/>
<file name="drivers/virtio/*"/>
<file name="fs/binfmt_aout.ko"/>
<file name="fs/binfmt_misc.ko"/>
<file name="fs/overlayfs/*"/>
<file name="fs/btrfs/*"/>
<file name="fs/exportfs/*"/>
<file name="fs/ext4/*"/>
<file name="fs/fat/*"/>
<file name="fs/fuse/*"/>
<file name="fs/hfs/*"/>
<file name="fs/jbd2/*"/>
<file name="fs/nfs/*"/>
<file name="fs/mbcache.ko"/>
<file name="fs/nls/nls_cp437.ko"/>
<file name="fs/nls/nls_iso8859-1.ko"/>
<file name="fs/nls/nls_utf8.ko"/>
<file name="fs/quota_v1.ko"/>
<file name="fs/quota_v2.ko"/>
<file name="fs/squashfs/*"/>
<file name="fs/udf/*"/>
<file name="fs/vfat/*"/>
<file name="fs/xfs/*"/>
<file name="fs/isofs/*"/>
<file name="lib/crc-t10dif.ko"/>
<file name="lib/crc16.ko"/>
<file name="lib/libcrc32c.ko"/>
<file name="lib/zlib_deflate/zlib_deflate.ko"/>
<file name="net/packet/*"/>
</drivers>
<packages type="delete">
<package name="gpg2"/>
<package name="libcairo2"/>
<package name="libpango-1_0-0"/>
<package name="libX11-6"/>
<package name="libXext6"/>
<package name="libXft2"/>
<package name="libXrender1"/>
<package name="libX11-data"/>
<package name="libXau6"/>
<package name="libxcb-render0"/>
<package name="libxcb-shm0"/>
<package name="libxcb1"/>
<package name="plymouth"/>
<package name="plymouth-branding-SLE"/>
</packages>
<packages type="image">
<package name="checkmedia"/>
<package name="plymouth-branding-SLE"/>
<package name="plymouth-dracut"/>
<package name="plymouth-theme-bgrt"/>
<package name="grub2-branding-SLE"/>
<package name="iputils"/>
<package name="vim"/>
<package name="grub2"/>
<package name="grub2-x86_64-efi" arch="x86_64"/>
<package name="grub2-i386-pc"/>
<package name="syslinux"/>
<package name="lvm2"/>
<package name="plymouth"/>
<package name="fontconfig"/>
<package name="fonts-config"/>
<package name="openssh"/>
<package name="iproute2"/>
<package name="which"/>
<package name="kernel-firmware"/>
<package name="kernel-default"/>
<package name="NetworkManager"/>
<package name="nm-configurator"/>
<package name="timezone"/>
<package name="haveged"/>
<!-- ironic-python-agent specific -->
<package name="openstack-ironic-python-agent"/>
<package name="hdparm"/>
<package name="qemu-tools"/>
<package name="python311-proliantutils" arch="x86_64"/>
<package name="lshw"/>
<package name="dmidecode" arch="aarch64"/>
<package name="dmidecode" arch="x86_64"/>
<package name="efibootmgr" arch="aarch64" />
<package name="efibootmgr" arch="x86_64" />
<package name="gptfdisk"/>
<package name="open-iscsi"/>
<package name="hwinfo"/>
<package name="ipmitool"/>
<package name="iputils"/>
<package name="lvm2"/>
<package name="net-tools"/>
<package name="ntp"/>
<package name="parted"/>
<package name="psmisc"/>
<package name="timezone"/>
<package name="which"/>
<package name="kbd"/>
</packages>
<packages type="kis">
<package name="gfxboot-branding-SLE"/>
<package name="dracut-kiwi-oem-repart"/>
<package name="dracut-kiwi-oem-dump"/>
</packages>
<packages type="bootstrap">
<package name="glibc-locale"/>
<package name="udev"/>
<package name="filesystem"/>
<package name="cracklib-dict-full"/>
<package name="ca-certificates"/>
<package name="sles-release"/>
</packages>
</image>

167
openstack-ironic-image/openstack-ironic-image.spec
View File

@@ -1,167 +0,0 @@
#
# spec file for package openstack-ironic-image
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
# needsrootforbuild
# needsbinariesforbuild
Name: openstack-ironic-image
Version: 2.0.0
Release: 0
Summary: Kernel and ramdisk image for OpenStack Ironic
License: SUSE-EULA
Group: System/Management
URL: https://github.com/SUSE-Cloud/
Source0: config.sh
Source10: openstack-ironic-image.kiwi
Source20: root.tar.bz2
BuildRequires: -post-build-checks
BuildRequires: bash
BuildRequires: kiwi
BuildRequires: kiwi-tools
BuildRequires: zypper
BuildArch: noarch
BuildRequires: checkmedia
BuildRequires: acl
BuildRequires: ca-certificates
BuildRequires: cracklib-dict-full
BuildRequires: cron
BuildRequires: dbus-1
BuildRequires: elfutils
BuildRequires: filesystem
BuildRequires: fipscheck
BuildRequires: fontconfig
BuildRequires: fonts-config
BuildRequires: gptfdisk
BuildRequires: grub2
BuildRequires: grub2-x86_64-efi
BuildRequires: haveged
BuildRequires: hdparm
BuildRequires: hwinfo
BuildRequires: ipmitool
BuildRequires: iproute2
BuildRequires: iputils
BuildRequires: kernel-default
BuildRequires: kernel-firmware
BuildRequires: lvm2
BuildRequires: net-tools
BuildRequires: ntp
BuildRequires: open-iscsi
BuildRequires: openssh
BuildRequires: openstack-ironic-python-agent
BuildRequires: pam-config
BuildRequires: parted
BuildRequires: patterns-base-minimal_base
BuildRequires: pinentry
BuildRequires: pkgconfig
BuildRequires: Mesa-gallium
BuildRequires: plymouth
BuildRequires: plymouth-scripts
BuildRequires: python311-proliantutils
BuildRequires: psmisc
BuildRequires: qemu-tools
BuildRequires: sg3_utils
BuildRequires: sles-release
BuildRequires: sudo
BuildRequires: suse-build-key
BuildRequires: systemd-presets-branding-SLE
BuildRequires: timezone
BuildRequires: udev
BuildRequires: vim
BuildRequires: wpa_supplicant
BuildRequires: dhcp-client
BuildRequires: which
BuildRequires: NetworkManager
BuildRequires: nm-configurator
BuildRequires: logrotate
BuildRequires: plymouth-dracut
BuildRequires: plymouth-theme-bgrt
BuildRequires: dracut-kiwi-oem-dump
BuildRequires: dracut-kiwi-oem-repart
BuildRequires: gfxboot-branding-SLE
BuildRequires: grub2-branding-SLE
BuildRequires: open-iscsi
BuildRequires: plymouth-branding-SLE
BuildRequires: lshw
BuildRequires: kbd
%ifarch aarch64
BuildRequires: dmidecode
BuildRequires: efibootmgr
%endif
%ifarch x86_64
BuildRequires: dmidecode
BuildRequires: efibootmgr
BuildRequires: syslinux
%endif
%description
Kernel and ramdisk image for use with Metal3
%package %{_arch}
Summary: Kernel and ramdisk image for Metal3
Group: System/Management
Provides: openstack-ironic-python-agent = %{version}
Obsoletes: openstack-ironic-python-agent < %{version}
%description %{_arch}
Kernel and ramdisk image for use with Metal3
For %{_arch}
%prep
mkdir -p /tmp/openstack-ironic-image/build /tmp/openstack-ironic-image/root /tmp/openstack-ironic-image/img
cp -a %{SOURCE0} /tmp/openstack-ironic-image/config.sh
cp -a %{SOURCE10} /tmp/openstack-ironic-image/config.kiwi
tar -xC /tmp/openstack-ironic-image/root -f %{SOURCE20}
%build
if ! which kiwi; then
cat <<EOF >&2
kiwi not found in \$PATH; most likely this build was missing
the --userootforbuild option. If you are invoking osc build
manually, please use 'make buildlocal' instead.
EOF
exit 1
fi
kiwi-ng --debug --profile default system build --description /tmp/openstack-ironic-image --target-dir /tmp/openstack-ironic-image/img
%install
TDIR=`mktemp -d /tmp/openstack-ironic-image.XXXXX`
cd /tmp/openstack-ironic-image/img/build/image-root
find . | cpio --create --format=newc --quiet > $TDIR/initrdtmp
cd $TDIR
gzip -9 -f initrdtmp
INITRDGZ=`ls *.gz | head -1`
gzip -cd $INITRDGZ | xz --check=crc32 -c9 > initrd.xz
INITRD=`ls *.xz | head -1`
ls /tmp/openstack-ironic-image/img/openstack-ironic-image*
KERNEL=`ls /tmp/openstack-ironic-image/img/openstack-ironic-image*default*kernel | head -1`
mkdir -p %{buildroot}/srv/tftpboot/openstack-ironic-image
install -p -m 644 $KERNEL $INITRD %{buildroot}/srv/tftpboot/openstack-ironic-image/
%files %{_arch}
%defattr(644,root,root)
%dir %attr(755, root, root) /srv/tftpboot/openstack-ironic-image
%attr(644, root, root) /srv/tftpboot/openstack-ironic-image/*
%changelog

BIN
openstack-ironic-image/root.tar.bz2 (Stored with Git LFS)
View File

Binary file not shown.

8
rancher-turtles-airgap-resources-chart/Chart.yaml
View File

@@ -1,10 +1,10 @@
#!BuildTag: %%IMG_PREFIX%%rancher-turtles-airgap-resources-chart:0.3.3
#!BuildTag: %%IMG_PREFIX%%rancher-turtles-airgap-resources-chart:0.3.3-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%rancher-turtles-airgap-resources-chart:302.0.0_up0.13.0
#!BuildTag: %%IMG_PREFIX%%rancher-turtles-airgap-resources-chart:302.0.0_up0.13.0
apiVersion: v2
appVersion: 0.11.0
appVersion: 0.13.0
description: Rancher Turtles utility chart for airgap scenarios
home: https://github.com/rancher/turtles/
icon: https://raw.githubusercontent.com/rancher/turtles/main/logos/capi.svg
name: rancher-turtles-airgap-resources
type: application
version: 0.3.3
version: 302.0.0+up0.13.0

4
rancher-turtles-airgap-resources-chart/templates/airgap-cm-core.yaml
View File

File diff suppressed because one or more lines are too long

6
rancher-turtles-airgap-resources-chart/templates/airgap-cm-metal3.yaml
View File

@@ -3647,7 +3647,7 @@ data:
envFrom:
- configMapRef:
name: capm3-capm3fasttrack-configmap
image: quay.io/metal3-io/cluster-api-provider-metal3:v1.7.1
image: quay.io/metal3-io/cluster-api-provider-metal3:v1.7.2
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@@ -3731,7 +3731,7 @@ data:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
image: quay.io/metal3-io/ip-address-manager:v1.7.1
image: quay.io/metal3-io/ip-address-manager:v1.7.2
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@@ -4384,7 +4384,7 @@ data:
kind: ConfigMap
metadata:
creationTimestamp: null
name: v1.7.1
name: v1.7.2
namespace: capm3-system
labels:
provider-components: metal3

17
rancher-turtles-airgap-resources-chart/templates/airgap-cm-rke2-bootstrap.yaml
View File

@@ -868,6 +868,11 @@ data:
type: string
type: array
type: object
podSecurityAdmissionConfigFile:
description: |-
PodSecurityPolicyConfigFile contains the path to the PodSecurityPolicy configuration file. The file can be passed through
spec.Files field.
type: string
protectKernelDefaults:
description: |-
ProtectKernelDefaults defines Kernel tuning behavior. If true, error if kernel tunables are different than kubelet defaults.
@@ -2050,6 +2055,11 @@ data:
type: string
type: array
type: object
podSecurityAdmissionConfigFile:
description: |-
PodSecurityPolicyConfigFile contains the path to the PodSecurityPolicy configuration file. The file can be passed through
spec.Files field.
type: string
protectKernelDefaults:
description: |-
ProtectKernelDefaults defines Kernel tuning behavior. If true, error if kernel tunables are different than kubelet defaults.
@@ -2535,7 +2545,7 @@ data:
- --insecure-diagnostics=${CAPRKE2_INSECURE_DIAGNOSTICS:=false}
command:
- /manager
image: ghcr.io/rancher/cluster-api-provider-rke2-bootstrap:v0.7.1
image: ghcr.io/rancher/cluster-api-provider-rke2-bootstrap:v0.8.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@@ -2742,10 +2752,13 @@ data:
- major: 0
minor: 7
contract: v1beta1
- major: 0
minor: 8
contract: v1beta1
kind: ConfigMap
metadata:
creationTimestamp: null
name: v0.7.1
name: v0.8.0
namespace: rke2-bootstrap-system
labels:
provider-components: rke2-bootstrap

17
rancher-turtles-airgap-resources-chart/templates/airgap-cm-rke2-control-plane.yaml
View File

@@ -1513,6 +1513,11 @@ data:
type: string
type: array
type: object
podSecurityAdmissionConfigFile:
description: |-
PodSecurityPolicyConfigFile contains the path to the PodSecurityPolicy configuration file. The file can be passed through
spec.Files field.
type: string
protectKernelDefaults:
description: |-
ProtectKernelDefaults defines Kernel tuning behavior. If true, error if kernel tunables are different than kubelet defaults.
@@ -2926,6 +2931,11 @@ data:
type: string
type: array
type: object
podSecurityAdmissionConfigFile:
description: |-
PodSecurityPolicyConfigFile contains the path to the PodSecurityPolicy configuration file. The file can be passed through
spec.Files field.
type: string
protectKernelDefaults:
description: |-
ProtectKernelDefaults defines Kernel tuning behavior. If true, error if kernel tunables are different than kubelet defaults.
@@ -4285,7 +4295,7 @@ data:
valueFrom:
fieldRef:
fieldPath: metadata.uid
image: ghcr.io/rancher/cluster-api-provider-rke2-controlplane:v0.7.1
image: ghcr.io/rancher/cluster-api-provider-rke2-controlplane:v0.8.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@@ -4499,10 +4509,13 @@ data:
- major: 0
minor: 7
contract: v1beta1
- major: 0
minor: 8
contract: v1beta1
kind: ConfigMap
metadata:
creationTimestamp: null
name: v0.7.1
name: v0.8.0
namespace: rke2-control-plane-system
labels:
provider-components: rke2-control-plane

6
rancher-turtles-chart/Chart.lock
View File

@@ -1,6 +1,6 @@
dependencies:
- name: cluster-api-operator
repository: https://kubernetes-sigs.github.io/cluster-api-operator
version: 0.12.0
digest: sha256:c167c074ca89ef7a520ec18a5afd380b9edaee513810aa3ac0e0bda51db9c526
generated: "2024-08-22T14:23:18.589443298Z"
version: 0.14.0
digest: sha256:9e9e851dbab3212c279efec06bcf0da147228ea1590470f3a8cbbb5806a250d4
generated: "2024-10-28T11:44:34.392387979Z"

10
rancher-turtles-chart/Chart.yaml
View File

@@ -1,5 +1,5 @@
#!BuildTag: %%IMG_PREFIX%%rancher-turtles-chart:0.3.3
#!BuildTag: %%IMG_PREFIX%%rancher-turtles-chart:0.3.3-%RELEASE%
#!BuildTag: %%IMG_PREFIX%%rancher-turtles-chart:302.0.0_up0.13.0
#!BuildTag: %%IMG_PREFIX%%rancher-turtles-chart:302.0.0_up0.13.0-%RELEASE%
annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: Rancher Turtles - the Cluster API Extension
@@ -12,12 +12,12 @@ annotations:
catalog.cattle.io/scope: management
catalog.cattle.io/type: cluster-tool
apiVersion: v2
appVersion: 0.11.0
appVersion: 0.13.0
dependencies:
- condition: cluster-api-operator.enabled
name: cluster-api-operator
repository: file://./charts/cluster-api-operator
version: 0.12.0
version: 0.14.0
description: Rancher Turtles is an extension to Rancher that brings full Cluster API
integration to Rancher.
home: https://github.com/rancher/turtles/
@@ -29,4 +29,4 @@ keywords:
- provisioning
name: rancher-turtles
type: application
version: 0.3.3+up0.11.0
version: 302.0.0+up0.13.0

10
rancher-turtles-chart/RELEASE_NOTES.md
View File

@@ -1,6 +1,4 @@
## Changes since test/v0.11.0
---
## :chart_with_upwards_trend: Overview
_Thanks to all our contributors!_ 😊
gh: To use GitHub CLI in a GitHub Actions workflow, set the GH_TOKEN environment variable. Example:
env:
GH_TOKEN: ${{ github.token }}
: exit status 4

4
rancher-turtles-chart/charts/cluster-api-operator/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v2
appVersion: 0.12.0
appVersion: 0.14.0
description: Cluster API Operator
name: cluster-api-operator
type: application
version: 0.12.0
version: 0.14.0

4
rancher-turtles-chart/charts/cluster-api-operator/templates/addon.yaml
View File

@@ -26,7 +26,7 @@ apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "1"
"argocd.argoproj.io/sync-wave": "1"
name: {{ $addonNamespace }}
@@ -37,7 +37,7 @@ metadata:
name: {{ $addonName }}
namespace: {{ $addonNamespace }}
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "2"
"argocd.argoproj.io/sync-wave": "2"
{{- if or $addonVersion $.Values.secretName }}

4
rancher-turtles-chart/charts/cluster-api-operator/templates/bootstrap.yaml
View File

@@ -26,7 +26,7 @@ apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "1"
name: {{ $bootstrapNamespace }}
---
@@ -36,7 +36,7 @@ metadata:
name: {{ $bootstrapName }}
namespace: {{ $bootstrapNamespace }}
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "2"
{{- if or $bootstrapVersion $.Values.configSecret.name }}
spec:

4
rancher-turtles-chart/charts/cluster-api-operator/templates/control-plane.yaml
View File

@@ -26,7 +26,7 @@ apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "1"
name: {{ $controlPlaneNamespace }}
---
@@ -36,7 +36,7 @@ metadata:
name: {{ $controlPlaneName }}
namespace: {{ $controlPlaneNamespace }}
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "2"
{{- if or $controlPlaneVersion $.Values.configSecret.name }}
spec:

4
rancher-turtles-chart/charts/cluster-api-operator/templates/core-conditions.yaml
View File

@@ -6,7 +6,7 @@ apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "1"
name: capi-system
---
@@ -16,7 +16,7 @@ metadata:
name: cluster-api
namespace: capi-system
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "2"
{{- with .Values.configSecret }}
spec:

4
rancher-turtles-chart/charts/cluster-api-operator/templates/core.yaml
View File

@@ -25,7 +25,7 @@ apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "1"
name: {{ $coreNamespace }}
---
@@ -35,7 +35,7 @@ metadata:
name: {{ $coreName }}
namespace: {{ $coreNamespace }}
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "2"
"argocd.argoproj.io/sync-wave": "2"
{{- if or $coreVersion $.Values.configSecret.name }}

3
rancher-turtles-chart/charts/cluster-api-operator/templates/deployment.yaml
View File

@@ -74,6 +74,9 @@ spec:
{{- if .Values.insecureDiagnostics }}
- --insecure-diagnostics={{ .Values.insecureDiagnostics }}
{{- end }}
{{- if .Values.watchConfigSecret }}
- --watch-configsecret
{{- end }}
{{- with .Values.leaderElection }}
- --leader-elect={{ .enabled }}
{{- if .leaseDuration }}

8
rancher-turtles-chart/charts/cluster-api-operator/templates/infra-conditions.yaml
View File

@@ -7,7 +7,7 @@ apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "1"
"argocd.argoproj.io/sync-wave": "1"
name: capi-kubeadm-bootstrap-system
@@ -18,7 +18,7 @@ metadata:
name: kubeadm
namespace: capi-kubeadm-bootstrap-system
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "2"
"argocd.argoproj.io/sync-wave": "2"
{{- with .Values.configSecret }}
@@ -37,7 +37,7 @@ apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "1"
"argocd.argoproj.io/sync-wave": "1"
name: capi-kubeadm-control-plane-system
@@ -48,7 +48,7 @@ metadata:
name: kubeadm
namespace: capi-kubeadm-control-plane-system
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "2"
"argocd.argoproj.io/sync-wave": "2"
{{- with .Values.configSecret }}

17
rancher-turtles-chart/charts/cluster-api-operator/templates/infra.yaml
View File

@@ -1,13 +1,3 @@
{{- define "recursivePrinter" }}
{{- range $key, $value := . }}
{{- if kindIs "map" $value }}
{{ $key }}:
{{- include "recursivePrinter" $value | indent 2 }}
{{- else }}
{{ $key }}: {{ $value }}
{{- end }}
{{- end }}
{{- end }}
# Infrastructure providers
{{- if .Values.infrastructure }}
{{- $infrastructures := split ";" .Values.infrastructure }}
@@ -36,7 +26,7 @@ apiVersion: v1
kind: Namespace
metadata:
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "1"
"argocd.argoproj.io/sync-wave": "1"
name: {{ $infrastructureNamespace }}
@@ -47,7 +37,7 @@ metadata:
name: {{ $infrastructureName }}
namespace: {{ $infrastructureNamespace }}
annotations:
"helm.sh/hook": "post-install"
"helm.sh/hook": "post-install,post-upgrade"
"helm.sh/hook-weight": "2"
"argocd.argoproj.io/sync-wave": "2"
{{- if or $infrastructureVersion $.Values.configSecret.name $.Values.manager $.Values.additionalDeployments }}
@@ -77,8 +67,7 @@ spec:
{{- end }}
{{- end }}
{{- if $.Values.additionalDeployments }}
additionalDeployments:
{{- include "recursivePrinter" $.Values.additionalDeployments | indent 2 }}
additionalDeployments: {{ toYaml $.Values.additionalDeployments | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}

7
rancher-turtles-chart/charts/cluster-api-operator/templates/operator-components.yaml
View File

@@ -13,7 +13,6 @@ spec:
strategy: Webhook
webhook:
clientConfig:
caBundle: Cg==
service:
name: capi-operator-webhook-service
namespace: '{{ .Release.Namespace }}'
@@ -3023,7 +3022,6 @@ spec:
strategy: Webhook
webhook:
clientConfig:
caBundle: Cg==
service:
name: capi-operator-webhook-service
namespace: '{{ .Release.Namespace }}'
@@ -7618,7 +7616,6 @@ spec:
strategy: Webhook
webhook:
clientConfig:
caBundle: Cg==
service:
name: capi-operator-webhook-service
namespace: '{{ .Release.Namespace }}'
@@ -12216,7 +12213,6 @@ spec:
strategy: Webhook
webhook:
clientConfig:
caBundle: Cg==
service:
name: capi-operator-webhook-service
namespace: '{{ .Release.Namespace }}'
@@ -16811,7 +16807,6 @@ spec:
strategy: Webhook
webhook:
clientConfig:
caBundle: Cg==
service:
name: capi-operator-webhook-service
namespace: '{{ .Release.Namespace }}'
@@ -21409,7 +21404,6 @@ spec:
strategy: Webhook
webhook:
clientConfig:
caBundle: Cg==
service:
name: capi-operator-webhook-service
namespace: '{{ .Release.Namespace }}'
@@ -24419,7 +24413,6 @@ spec:
strategy: Webhook
webhook:
clientConfig:
caBundle: Cg==
service:
name: capi-operator-webhook-service
namespace: '{{ .Release.Namespace }}'

3
rancher-turtles-chart/charts/cluster-api-operator/values.yaml
View File

@@ -19,7 +19,7 @@ leaderElection:
image:
manager:
repository: registry.k8s.io/capi-operator/cluster-api-operator
tag: v0.12.0
tag: v0.14.0
pullPolicy: IfNotPresent
env:
manager: []
@@ -27,6 +27,7 @@ healthAddr: ":8081"
metricsBindAddr: "127.0.0.1:8080"
diagnosticsAddress: "8443"
insecureDiagnostics: false
watchConfigSecret: false
imagePullSecrets: {}
resources:
manager:

66
rancher-turtles-chart/templates/clusterctl-cm-cleanup-job.yaml Normal file
View File

@@ -0,0 +1,66 @@
{{- if index .Values "rancherTurtles" "features" "rancher-webhook" "cleanup" }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pre-upgrade-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": "post-delete, pre-upgrade"
"helm.sh/hook-weight": "-2"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: pre-upgrade-job-delete-clusterctl-configmap
annotations:
"helm.sh/hook": "post-delete, pre-upgrade"
"helm.sh/hook-weight": "-2"
rules:
- apiGroups: [""]
resources:
- configmaps
verbs:
- list
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: pre-upgrade-job-clusterctl-configmap-cleanup
annotations:
"helm.sh/hook": "post-delete, pre-upgrade"
"helm.sh/hook-weight": "-2"
subjects:
- kind: ServiceAccount
name: pre-upgrade-job
namespace: '{{ .Values.rancherTurtles.namespace }}'
roleRef:
kind: ClusterRole
name: pre-upgrade-job-delete-clusterctl-configmap
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
name: rancher-clusterctl-configmap-cleanup
namespace: '{{ .Values.rancherTurtles.namespace }}'
annotations:
"helm.sh/hook": "post-delete, pre-upgrade"
"helm.sh/hook-weight": "-1"
spec:
ttlSecondsAfterFinished: 300
template:
spec:
serviceAccountName: pre-upgrade-job
containers:
- name: rancher-clusterctl-configmap-cleanup
image: {{ index .Values "rancherTurtles" "features" "rancher-webhook" "kubectlImage" }}
args:
- delete
- configmap
- --namespace={{ .Values.rancherTurtles.namespace }}
- clusterctl-config
- --ignore-not-found=true
restartPolicy: Never
{{- end }}

2
rancher-turtles-chart/templates/deployment.yaml
View File

@@ -26,7 +26,7 @@ spec:
containers:
- args:
- --leader-elect
- --feature-gates=etcd-snapshot-restore={{ index .Values "rancherTurtles" "features" "etcd-snapshot-restore" "enabled"}},propagate-labels={{ index .Values "rancherTurtles" "features" "propagate-labels" "enabled"}},managementv3-cluster={{ index .Values "rancherTurtles" "features" "managementv3-cluster" "enabled"}},rancher-kube-secret-patch={{ index .Values "rancherTurtles" "features" "rancher-kubeconfigs" "label"}}
- --feature-gates=propagate-labels={{ index .Values "rancherTurtles" "features" "propagate-labels" "enabled"}},managementv3-cluster={{ index .Values "rancherTurtles" "features" "managementv3-cluster" "enabled"}},rancher-kube-secret-patch={{ index .Values "rancherTurtles" "features" "rancher-kubeconfigs" "label"}}
{{- range .Values.rancherTurtles.managerArguments }}
- {{ . }}
{{- end }}

11
rancher-turtles-chart/templates/metal3-infrastructure.yaml
View File

@@ -2,6 +2,17 @@
{{- $namespace := index .Values "cluster-api-operator" "cluster-api" "metal3" "infrastructure" "namespace" }}
{{- if not (lookup "v1" "Namespace" "" $namespace) }}
---
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: ClusterctlConfig
metadata:
name: clusterctl-config
namespace: rancher-turtles-system
spec:
providers:
- name: metal3
url: "https://github.com/metal3-io/cluster-api-provider-metal3/releases/v1.7.2/infrastructure-components.yaml"
type: InfrastructureProvider
---
apiVersion: v1
kind: Namespace
metadata:

2
rancher-turtles-chart/templates/pre-install-job.yaml
View File

@@ -1,4 +1,5 @@
{{- if index .Values "rancherTurtles" "features" "embedded-capi" "disabled" }}
{{- if index .Values "rancherTurtles" "rancherInstalled"}}
---
apiVersion: management.cattle.io/v3
kind: Feature
@@ -10,6 +11,7 @@ metadata:
spec:
value: false
{{- end }}
{{- end }}
{{- if index .Values "rancherTurtles" "features" "rancher-webhook" "cleanup" }}
---
apiVersion: v1

116
rancher-turtles-chart/templates/rancher-turtles-components.yaml
View File

@@ -18,7 +18,7 @@ spec:
- jsonPath: .spec.type
name: Type
type: string
- jsonPath: .spec.name
- jsonPath: .status.name
name: ProviderName
type: string
- jsonPath: .status.installedVersion
@@ -2979,15 +2979,7 @@ spec:
type: string
type:
description: Type is the type of the provider to enable
enum:
- infrastructure
- core
- controlPlane
- bootstrap
- addon
- runtimeextension
- ipam
example: infrastructure
example: InfrastructureProvider
type: string
variables:
additionalProperties:
@@ -3073,6 +3065,10 @@ spec:
description: InstalledVersion is the version of the provider that
is installed.
type: string
name:
description: Name reflects actual provider name, which will be visible
to users in 'kubectl get capiproviders -A -o wide'
type: string
observedGeneration:
description: ObservedGeneration is the latest generation observed
by the controller.
@@ -3102,6 +3098,104 @@ spec:
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
helm.sh/resource-policy: keep
name: clusterctlconfigs.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: ClusterctlConfig
listKind: ClusterctlConfigList
plural: clusterctlconfigs
singular: clusterctlconfig
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterctlConfig is the Schema for the CAPI Clusterctl config
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ClusterctlConfigSpec defines the user overrides for images
and known providers with sources
properties:
images:
description: Images is a list of image overrided for specified providers
items:
description: Image allows to define transformations to apply to
the image contained in the YAML manifests.
properties:
name:
description: Name of the provider image override
example: all
type: string
repository:
description: Repository sets the container registry override
to pull images from.
example: my-registry/my-org
type: string
tag:
description: Tag allows to specify a tag for the images.
type: string
required:
- name
type: object
type: array
providers:
description: Provider overrides
items:
description: Provider allows to define providers with known URLs
to pull the components.
properties:
name:
description: Name of the provider
type: string
type:
description: Type is the type of the provider
example: InfrastructureProvider
type: string
url:
description: URL of the provider components. Will be used unless
and override is specified
type: string
required:
- name
- type
- url
type: object
type: array
type: object
type: object
x-kubernetes-validations:
- message: Clusterctl Config should be named clusterctl-config.
rule: self.metadata.name == 'clusterctl-config'
served: true
storage: true
subresources:
status: {}
---
apiVersion: v1
kind: ServiceAccount
metadata:
@@ -3277,6 +3371,8 @@ rules:
resources:
- capiproviders
- capiproviders/status
- clusterctlconfigs
- clusterctlconfigs/status
verbs:
- get
- list

754
rancher-turtles-chart/templates/rancher-turtles-exp-etcdrestore-components.yaml
View File

@@ -3,13 +3,16 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: rancher-turtles-system/rancher-turtles-etcdsnapshotrestore-serving-cert
controller-gen.kubebuilder.io/version: v0.14.0
labels:
turtles-capi.cattle.io: etcd-restore
name: etcdmachinesnapshots.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: EtcdMachineSnapshot
listKind: EtcdMachineSnapshotList
kind: ETCDMachineSnapshot
listKind: ETCDMachineSnapshotList
plural: etcdmachinesnapshots
singular: etcdmachinesnapshot
scope: Namespaced
@@ -17,7 +20,7 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: EtcdMachineSnapshot is the Schema for the EtcdMachineSnapshot
description: ETCDMachineSnapshot is the Schema for the ETCDMachineSnapshot
API.
properties:
apiVersion:
@@ -38,21 +41,81 @@ spec:
metadata:
type: object
spec:
description: EtcdMachineSnapshotSpec defines the desired state of EtcdMachineSnapshot.
description: ETCDMachineSnapshotSpec defines the desired state of EtcdMachineSnapshot
properties:
foo:
clusterName:
type: string
configRef:
type: string
location:
type: string
machineName:
type: string
required:
- foo
- clusterName
- configRef
- location
- machineName
type: object
x-kubernetes-validations:
- message: ETCD snapshot location can't be empty.
rule: size(self.location)>0
status:
default: {}
description: EtcdMachineSnapshotStatus defines observed state of EtcdMachineSnapshot.
description: EtcdSnapshotRestoreStatus defines observed state of EtcdSnapshotRestore
properties:
bar:
conditions:
description: Conditions provide observations of the operational state
of a Cluster API resource.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: |-
Last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when
the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
A human readable message indicating details about the transition.
This field may be empty.
type: string
reason:
description: |-
The reason for the condition's last transition in CamelCase.
The specific API may choose whether or not this field is considered a guaranteed API.
This field may not be empty.
type: string
severity:
description: |-
Severity provides an explicit classification of Reason code, so the users or machines can immediately
understand the current situation and act accordingly.
The Severity field MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: |-
Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions
can be useful (see .node.status.conditions), the ability to deconflict is important.
type: string
required:
- lastTransitionTime
- status
- type
type: object
type: array
manual:
type: boolean
phase:
description: ETCDSnapshotPhase is a string representation of the phase
of the etcd snapshot
type: string
required:
- bar
type: object
type: object
served: true
@@ -64,13 +127,16 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: rancher-turtles-system/rancher-turtles-etcdsnapshotrestore-serving-cert
controller-gen.kubebuilder.io/version: v0.14.0
labels:
turtles-capi.cattle.io: etcd-restore
name: etcdsnapshotrestores.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: EtcdSnapshotRestore
listKind: EtcdSnapshotRestoreList
kind: ETCDSnapshotRestore
listKind: ETCDSnapshotRestoreList
plural: etcdsnapshotrestores
singular: etcdsnapshotrestore
scope: Namespaced
@@ -78,7 +144,7 @@ spec:
- name: v1alpha1
schema:
openAPIV3Schema:
description: EtcdSnapshotRestore is the schema for the EtcdSnapshotRestore
description: ETCDSnapshotRestore is the schema for the ETCDSnapshotRestore
API.
properties:
apiVersion:
@@ -99,25 +165,673 @@ spec:
metadata:
type: object
spec:
description: EtcdSnapshotRestoreSpec defines the desired state of EtcdSnapshotRestore.
description: ETCDSnapshotRestoreSpec defines the desired state of EtcdSnapshotRestore.
properties:
foo:
clusterName:
type: string
etcdMachineSnapshotName:
type: string
required:
- foo
- clusterName
- etcdMachineSnapshotName
type: object
x-kubernetes-validations:
- message: Cluster Name can't be empty.
rule: size(self.clusterName)>0
- message: ETCD machine snapshot name can't be empty.
rule: size(self.etcdMachineSnapshotName)>0
status:
default: {}
description: EtcdSnapshotRestoreStatus defines observed state of EtcdSnapshotRestore.
description: ETCDSnapshotRestoreStatus defines observed state of EtcdSnapshotRestore.
properties:
bar:
conditions:
description: Conditions provide observations of the operational state
of a Cluster API resource.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: |-
Last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when
the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
A human readable message indicating details about the transition.
This field may be empty.
type: string
reason:
description: |-
The reason for the condition's last transition in CamelCase.
The specific API may choose whether or not this field is considered a guaranteed API.
This field may not be empty.
type: string
severity:
description: |-
Severity provides an explicit classification of Reason code, so the users or machines can immediately
understand the current situation and act accordingly.
The Severity field MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: |-
Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions
can be useful (see .node.status.conditions), the ability to deconflict is important.
type: string
required:
- lastTransitionTime
- status
- type
type: object
type: array
phase:
default: Pending
description: ETCDSnapshotPhase is a string representation of the phase
of the etcd snapshot
type: string
required:
- bar
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: rancher-turtles-system/rancher-turtles-etcdsnapshotrestore-serving-cert
controller-gen.kubebuilder.io/version: v0.14.0
labels:
turtles-capi.cattle.io: etcd-restore
name: rke2etcdmachinesnapshotconfigs.turtles-capi.cattle.io
spec:
group: turtles-capi.cattle.io
names:
kind: RKE2EtcdMachineSnapshotConfig
listKind: RKE2EtcdMachineSnapshotConfigList
plural: rke2etcdmachinesnapshotconfigs
singular: rke2etcdmachinesnapshotconfig
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: RKE2EtcdMachineSnapshotConfig is the config for the RKE2EtcdMachineSnapshotConfig
API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: RKE2EtcdMachineSnapshotConfigSpec defines the desired state
of RKE2EtcdMachineSnapshotConfig
properties:
local:
properties:
dataDir:
type: string
required:
- dataDir
type: object
s3:
properties:
bucket:
type: string
endpoint:
type: string
endpointCAsecret:
type: string
folder:
type: string
insecure:
type: boolean
location:
type: string
region:
type: string
s3CredentialSecret:
type: string
skipSSLVerify:
type: boolean
type: object
required:
- local
- s3
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: controller-manager-sa
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: serviceaccount
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-manager
namespace: rancher-turtles-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: leader-election-role
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: role
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-leader-election-role
namespace: rancher-turtles-system
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rancher-turtles-exp/aggregate-to-manager: "true"
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-aggregated-manager-role
rules: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
rancher-turtles-exp/aggregate-to-manager: "true"
rancher-turtles/aggregate-to-manager: "true"
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-manager-role
rules:
- apiGroups:
- ""
resources:
- configmaps
- events
- secrets
- serviceaccounts
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- serviceaccounts/token
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
- get
- apiGroups:
- bootstrap.cluster.x-k8s.io
resources:
- rke2configs
- rke2configs/finalizers
- rke2configs/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- clusters
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- clusters/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- machines
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- management.cattle.io
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
- roles
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdmachinesnapshots
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdmachinesnapshots/finalizers
verbs:
- update
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdmachinesnapshots/status
verbs:
- get
- patch
- update
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdsnapshotrestores
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdsnapshotrestores/finalizers
verbs:
- update
- apiGroups:
- turtles-capi.cattle.io
resources:
- etcdsnapshotrestores/status
verbs:
- get
- patch
- update
- apiGroups:
- turtles-capi.cattle.io
resources:
- rke2etcdmachinesnapshotconfigs
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- turtles-capi.cattle.io
resources:
- rke2etcdmachinesnapshotconfigs/finalizers
verbs:
- update
- apiGroups:
- turtles-capi.cattle.io
resources:
- rke2etcdmachinesnapshotconfigs/status
verbs:
- get
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: leader-election-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: rolebinding
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-leader-election-rolebinding
namespace: rancher-turtles-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: rancher-turtles-etcdsnapshotrestore-leader-election-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-etcdsnapshotrestore-manager
namespace: rancher-turtles-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: rancher-turtles
app.kubernetes.io/instance: manager-rolebinding
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: clusterrolebinding
app.kubernetes.io/part-of: rancher-turtles
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: rancher-turtles-etcdsnapshotrestore-aggregated-manager-role
subjects:
- kind: ServiceAccount
name: rancher-turtles-etcdsnapshotrestore-manager
namespace: rancher-turtles-system
---
apiVersion: v1
kind: Service
metadata:
labels:
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-webhook-service
namespace: rancher-turtles-system
spec:
ports:
- port: 443
targetPort: webhook-server
selector:
turtles-capi.cattle.io: etcd-restore
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: controller-manager
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-controller-manager
namespace: rancher-turtles-system
spec:
replicas: 1
selector:
matchLabels:
control-plane: controller-manager
turtles-capi.cattle.io: etcd-restore
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
control-plane: controller-manager
turtles-capi.cattle.io: etcd-restore
spec:
containers:
- args:
- --leader-elect
command:
- /manager
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_UID
valueFrom:
fieldRef:
fieldPath: metadata.uid
image: ghcr.io/rancher/turtles-etcd-snapshot-restore:dev
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /healthz
port: 9440
initialDelaySeconds: 15
periodSeconds: 20
name: manager
ports:
- containerPort: 9443
name: webhook-server
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: 9440
initialDelaySeconds: 5
periodSeconds: 10
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
volumeMounts:
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
serviceAccountName: rancher-turtles-etcdsnapshotrestore-manager
terminationGracePeriodSeconds: 10
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
volumes:
- name: cert
secret:
secretName: rancher-turtles-etcdsnapshotrestore-webhook-service-cert
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
labels:
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-serving-cert
namespace: rancher-turtles-system
spec:
dnsNames:
- rancher-turtles-etcdsnapshotrestore-webhook-service.rancher-turtles-system.svc
- rancher-turtles-etcdsnapshotrestore-webhook-service.rancher-turtles-system.svc.cluster.local
issuerRef:
kind: Issuer
name: rancher-turtles-etcdsnapshotrestore-selfsigned-issuer
secretName: rancher-turtles-etcdsnapshotrestore-webhook-service-cert
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
labels:
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-selfsigned-issuer
namespace: rancher-turtles-system
spec:
selfSigned: {}
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: rancher-turtles-system/rancher-turtles-etcdsnapshotrestore-serving-cert
labels:
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-mutating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: rancher-turtles-etcdsnapshotrestore-webhook-service
namespace: rancher-turtles-system
path: /mutate-bootstrap-cluster-x-k8s-io-v1beta1-rke2config
failurePolicy: Fail
name: systemagentrke2config.kb.io
rules:
- apiGroups:
- bootstrap.cluster.x-k8s.io
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- rke2configs
sideEffects: None
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: rancher-turtles-system/rancher-turtles-etcdsnapshotrestore-serving-cert
labels:
turtles-capi.cattle.io: etcd-restore
name: rancher-turtles-etcdsnapshotrestore-validating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
clientConfig:
service:
name: rancher-turtles-etcdsnapshotrestore-webhook-service
namespace: rancher-turtles-system
path: /validate-turtles-capi-cattle-io-v1alpha1-etcdmachinesnapshot
failurePolicy: Fail
matchPolicy: Equivalent
name: etcdmachinesnapshot.kb.io
rules:
- apiGroups:
- turtles-capi.cattle.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- etcdmachinesnapshots
sideEffects: None
- admissionReviewVersions:
- v1
clientConfig:
service:
name: rancher-turtles-etcdsnapshotrestore-webhook-service
namespace: rancher-turtles-system
path: /validate-turtles-capi-cattle-io-v1alpha1-etcdsnapshotrestore
failurePolicy: Fail
matchPolicy: Equivalent
name: etcdsnapshotrestore.kb.io
rules:
- apiGroups:
- turtles-capi.cattle.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- etcdsnapshotrestores
sideEffects: None
{{- end }}

20
rancher-turtles-chart/values.yaml
View File

@@ -1,10 +1,11 @@
rancherTurtles:
image: registry.rancher.com/rancher/rancher/turtles
imageVersion: v0.11.0
imageVersion: v0.13.0
imagePullPolicy: IfNotPresent
namespace: rancher-turtles-system
managerArguments: []
imagePullSecrets: []
rancherInstalled: true
features:
cluster-api-operator:
cleanup: true
@@ -30,10 +31,6 @@ cluster-api-operator:
enabled: true
cert-manager:
enabled: false
image:
manager:
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%cluster-api-operator"
tag: 0.12.0
volumes:
- name: cert
secret:
@@ -42,6 +39,9 @@ cluster-api-operator:
- name: clusterctl-config
configMap:
name: clusterctl-config
image:
manager:
repository: registry.rancher.com/rancher/cluster-api-operator
volumeMounts:
manager:
- mountPath: /tmp/k8s-webhook-server/serving-certs
@@ -57,7 +57,7 @@ cluster-api-operator:
defaultName: capi-env-variables
core:
namespace: capi-system
imageUrl: "%%IMG_REPO%%/%%IMG_PREFIX%%cluster-api-controller:1.7.5"
imageUrl: ""
fetchConfig:
url: ""
selector: ""
@@ -66,13 +66,13 @@ cluster-api-operator:
version: ""
bootstrap:
namespace: rke2-bootstrap-system
imageUrl: "%%IMG_REPO%%/%%IMG_PREFIX%%cluster-api-provider-rke2-bootstrap:0.7.1"
imageUrl: "registry.rancher.com/rancher/cluster-api-provider-rke2-bootstrap:v0.8.0"
fetchConfig:
url: ""
selector: ""
controlPlane:
namespace: rke2-control-plane-system
imageUrl: "%%IMG_REPO%%/%%IMG_PREFIX%%cluster-api-provider-rke2-controlplane:0.7.1"
imageUrl: "registry.rancher.com/rancher/cluster-api-provider-rke2-controlplane:v0.8.0"
fetchConfig:
url: ""
selector: ""
@@ -81,10 +81,10 @@ cluster-api-operator:
version: ""
infrastructure:
namespace: capm3-system
imageUrl: "%%IMG_REPO%%/%%IMG_PREFIX%%cluster-api-provider-metal3:1.7.1"
imageUrl: "%%IMG_REPO%%/%%IMG_PREFIX%%cluster-api-provider-metal3:1.7.2"
fetchConfig:
url: ""
selector: ""
ipam:
namespace: capm3-system
imageUrl: "%%IMG_REPO%%/%%IMG_PREFIX%%ip-address-manager:1.7.1"
imageUrl: "%%IMG_REPO%%/%%IMG_PREFIX%%images/ip-address-manager:1.7.2"