diff --git a/frr-image/Dockerfile b/frr-image/Dockerfile index da39fef..4255a41 100644 --- a/frr-image/Dockerfile +++ b/frr-image/Dockerfile @@ -1,7 +1,7 @@ # SPDX-License-Identifier: MIT -#!BuildTag: %%IMG_PREFIX%%frr:8.4 -#!BuildTag: %%IMG_PREFIX%%frr:8.4-%RELEASE% -#!BuildVersion: 15.5 +#!BuildTag: %%IMG_PREFIX%%frr:8.5.6 +#!BuildTag: %%IMG_PREFIX%%frr:8.5.6-%RELEASE% +#!BuildVersion: 15.6 ARG SLE_VERSION FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro @@ -15,11 +15,11 @@ FROM micro AS final LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)" LABEL org.opencontainers.image.title="FRR Container Image" LABEL org.opencontainers.image.description="frr based on the SLE Base Container Image." -LABEL org.opencontainers.image.version="8.4" +LABEL org.opencontainers.image.version="8.5.6" LABEL org.opencontainers.image.url="https://www.suse.com/products/server/" LABEL org.opencontainers.image.created="%BUILDTIME%" LABEL org.opencontainers.image.vendor="SUSE LLC" -LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%frr:8.4-%RELEASE%" +LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%frr:8.5.6-%RELEASE%" LABEL org.openbuildservice.disturl="%DISTURL%" LABEL com.suse.supportlevel="%%SUPPORT_LEVEL%%" LABEL com.suse.eula="SUSE Combined EULA February 2024" diff --git a/frr-k8s/_service b/frr-k8s/_service index f83862b..30fcaa1 100644 --- a/frr-k8s/_service +++ b/frr-k8s/_service @@ -2,7 +2,7 @@ https://github.com/metallb/frr-k8s git - v0.0.14 + v0.0.16 _auto_ @PARENT_TAG@ enable diff --git a/frr-k8s/frr-k8s.spec b/frr-k8s/frr-k8s.spec index 3d97a10..bb8f1be 100644 --- a/frr-k8s/frr-k8s.spec +++ b/frr-k8s/frr-k8s.spec @@ -17,8 +17,8 @@ Name: frr-k8s -Version: 0.0.14 -Release: 0.0.14 +Version: 0.0.16 +Release: 0.0.16 Summary: A kubernetes based daemonset that exposes a subset of the FRR API in a kubernetes compliant manner. License: Apache-2.0 URL: https://github.com/metallb/frr-k8s diff --git a/metallb-chart/Chart.yaml b/metallb-chart/Chart.yaml index 93514fb..ad7f56a 100644 --- a/metallb-chart/Chart.yaml +++ b/metallb-chart/Chart.yaml @@ -1,16 +1,15 @@ -#!BuildTag: %%IMG_PREFIX%%metallb-chart:%%CHART_MAJOR%%.0.0_up0.14.9 -#!BuildTag: %%IMG_PREFIX%%metallb-chart:%%CHART_MAJOR%%.0.0_up0.14.9-%RELEASE% apiVersion: v2 -appVersion: v0.14.3 +appVersion: v0.14.9 dependencies: -- condition: frrk8s.enabled +- condition: crds.enabled + name: crds + repository: file://./charts/crds + version: 0.14.9 +- alias: metallb-frr-k8s + condition: frrk8s.enabled name: frr-k8s repository: file://./charts/frr-k8s - version: 0.0.15 -- condition: crds.enabled - name: metallb-crds - repository: file://./charts/metallb-crds - version: 0.14.8 + version: 0.0.16 description: A network load-balancer implementation for Kubernetes using standard routing protocols home: https://metallb.universe.tf diff --git a/metallb-chart/README.md b/metallb-chart/README.md index 68692d1..1bf5c15 100644 --- a/metallb-chart/README.md +++ b/metallb-chart/README.md @@ -1,6 +1,6 @@ # metallb -![Version: 0.14.8](https://img.shields.io/badge/Version-0.14.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.8](https://img.shields.io/badge/AppVersion-v0.14.8-informational?style=flat-square) +![Version: 0.14.9](https://img.shields.io/badge/Version-0.14.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.9](https://img.shields.io/badge/AppVersion-v0.14.9-informational?style=flat-square) A network load-balancer implementation for Kubernetes using standard routing protocols @@ -16,8 +16,8 @@ Kubernetes: `>= 1.19.0-0` | Repository | Name | Version | |------------|------|---------| -| | crds | 0.14.8 | -| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.14 | +| | crds | 0.14.9 | +| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.16 | ## Values @@ -79,17 +79,17 @@ Kubernetes: `>= 1.19.0-0` | prometheus.podMonitor.relabelings | list | `[]` | | | prometheus.prometheusRule.additionalLabels | object | `{}` | | | prometheus.prometheusRule.addressPoolExhausted.enabled | bool | `true` | | -| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"critical"` | | | prometheus.prometheusRule.addressPoolUsage.enabled | bool | `true` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[0].labels.severity | string | `"warning"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[0].percent | int | `75` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[1].labels.severity | string | `"warning"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[1].percent | int | `85` | | -| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"critical"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[2].percent | int | `95` | | | prometheus.prometheusRule.annotations | object | `{}` | | | prometheus.prometheusRule.bgpSessionDown.enabled | bool | `true` | | -| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"critical"` | | | prometheus.prometheusRule.configNotLoaded.enabled | bool | `true` | | | prometheus.prometheusRule.configNotLoaded.labels.severity | string | `"warning"` | | | prometheus.prometheusRule.enabled | bool | `false` | | @@ -99,7 +99,7 @@ Kubernetes: `>= 1.19.0-0` | prometheus.rbacPrometheus | bool | `true` | | | prometheus.rbacProxy.pullPolicy | string | `nil` | | | prometheus.rbacProxy.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/kube-rbac-proxy"` | | -| prometheus.rbacProxy.tag | string | `"v0.12.0"` | | +| prometheus.rbacProxy.tag | string | `"v0.18.0"` | | | prometheus.scrapeAnnotations | bool | `false` | | | prometheus.serviceAccount | string | `""` | | | prometheus.serviceMonitor.controller.additionalLabels | object | `{}` | | @@ -122,7 +122,7 @@ Kubernetes: `>= 1.19.0-0` | speaker.frr.enabled | bool | `true` | | | speaker.frr.image.pullPolicy | string | `nil` | | | speaker.frr.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr"` | | -| speaker.frr.image.tag | string | `"8.4.2"` | | +| speaker.frr.image.tag | string | `"8.5.6"` | | | speaker.frr.metricsPort | int | `7473` | | | speaker.frr.resources | object | `{}` | | | speaker.frrMetrics.resources | object | `{}` | | diff --git a/metallb-chart/charts/metallb-crds/.helmignore b/metallb-chart/charts/crds/.helmignore similarity index 100% rename from metallb-chart/charts/metallb-crds/.helmignore rename to metallb-chart/charts/crds/.helmignore diff --git a/metallb-chart/charts/metallb-crds/Chart.yaml b/metallb-chart/charts/crds/Chart.yaml similarity index 86% rename from metallb-chart/charts/metallb-crds/Chart.yaml rename to metallb-chart/charts/crds/Chart.yaml index 6d070fc..a414973 100644 --- a/metallb-chart/charts/metallb-crds/Chart.yaml +++ b/metallb-chart/charts/crds/Chart.yaml @@ -3,8 +3,8 @@ appVersion: v0.14.9 description: MetalLB CRDs home: https://metallb.universe.tf icon: https://metallb.universe.tf/images/logo/metallb-white.png -name: metallb-crds +name: crds sources: - https://github.com/metallb/metallb type: application -version: 0.14.8 +version: 0.14.9 diff --git a/metallb-chart/charts/crds/README.md b/metallb-chart/charts/crds/README.md new file mode 100644 index 0000000..1300cf4 --- /dev/null +++ b/metallb-chart/charts/crds/README.md @@ -0,0 +1,14 @@ +# crds + +![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square) + +MetalLB CRDs + +**Homepage:** + +## Source Code + +* + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0) diff --git a/metallb-chart/charts/metallb-crds/templates/crds.yaml b/metallb-chart/charts/crds/templates/crds.yaml similarity index 97% rename from metallb-chart/charts/metallb-crds/templates/crds.yaml rename to metallb-chart/charts/crds/templates/crds.yaml index 9341bb4..8ae5043 100644 --- a/metallb-chart/charts/metallb-crds/templates/crds.yaml +++ b/metallb-chart/charts/crds/templates/crds.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bfdprofiles.metallb.io spec: group: metallb.io @@ -123,7 +123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bgpadvertisements.metallb.io spec: group: metallb.io @@ -329,7 +329,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bgppeers.metallb.io spec: conversion: @@ -365,6 +365,8 @@ spec: - jsonPath: .spec.ebgpMultiHop name: Multi Hops type: string + deprecated: true + deprecationWarning: v1beta1 is deprecated, please use v1beta2 name: v1beta1 schema: openAPIV3Schema: @@ -526,15 +528,26 @@ spec: default: false description: To set if we want to disable MP BGP that will separate IPv4 and IPv6 route exchanges into distinct BGP sessions. type: boolean + dynamicASN: + description: |- + DynamicASN detects the AS number to use for the remote end of the session + without explicitly setting it via the ASN field. Limited to: + internal - if the neighbor's ASN is different than MyASN connection is denied. + external - if the neighbor's ASN is the same as MyASN the connection is denied. + ASN and DynamicASN are mutually exclusive and one of them must be specified. + enum: + - internal + - external + type: string ebgpMultiHop: description: To set if the BGPPeer is multi-hops away. Needed for FRR mode only. type: boolean enableGracefulRestart: description: |- - EnableGracefulRestart allows BGP peer to continue to forward data packets along - known routes while the routing protocol information is being restored. - This field is immutable because it requires restart of the BGP session - Supported for FRR mode only. + EnableGracefulRestart allows BGP peer to continue to forward data packets + along known routes while the routing protocol information is being + restored. This field is immutable because it requires restart of the BGP + session. Supported for FRR mode only. type: boolean x-kubernetes-validations: - message: EnableGracefulRestart cannot be changed after creation @@ -622,7 +635,9 @@ spec: type: object x-kubernetes-map-type: atomic peerASN: - description: AS number to expect from the remote end of the session. + description: |- + AS number to expect from the remote end of the session. + ASN and DynamicASN are mutually exclusive and one of them must be specified. format: int32 maximum: 4294967295 minimum: 0 @@ -649,7 +664,6 @@ spec: type: string required: - myASN - - peerASN - peerAddress type: object status: @@ -665,7 +679,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: communities.metallb.io spec: group: metallb.io @@ -730,7 +744,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: ipaddresspools.metallb.io spec: group: metallb.io @@ -940,7 +954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: l2advertisements.metallb.io spec: group: metallb.io @@ -1120,7 +1134,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: servicel2statuses.metallb.io spec: group: metallb.io diff --git a/metallb-chart/charts/frr-k8s/.helmignore b/metallb-chart/charts/frr-k8s/.helmignore new file mode 100644 index 0000000..1b9a9cc --- /dev/null +++ b/metallb-chart/charts/frr-k8s/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/metallb-chart/charts/frr-k8s/Chart.lock b/metallb-chart/charts/frr-k8s/Chart.lock new file mode 100644 index 0000000..0e74035 --- /dev/null +++ b/metallb-chart/charts/frr-k8s/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: crds + repository: "" + version: 0.0.16 +digest: sha256:b54ee64c5e61f1dd38e89efc87ebd1e36cdb7c4dd7c897d9985040dccd713dba +generated: "2024-11-22T11:40:47.152053909+01:00" diff --git a/metallb-chart/charts/frr-k8s/Chart.yaml b/metallb-chart/charts/frr-k8s/Chart.yaml index 2fa4501..0cb0b51 100644 --- a/metallb-chart/charts/frr-k8s/Chart.yaml +++ b/metallb-chart/charts/frr-k8s/Chart.yaml @@ -1,5 +1,10 @@ apiVersion: v2 -appVersion: v0.0.14 +appVersion: v0.0.16 +dependencies: +- condition: crds.enabled + name: crds + repository: file://./charts/crds + version: 0.0.16 description: A cloud native wrapper of FRR home: https://metallb.universe.tf icon: https://metallb.universe.tf/images/logo/metallb-white.png @@ -8,4 +13,4 @@ name: frr-k8s sources: - https://github.com/metallb/frr-k8s type: application -version: 0.0.15 +version: 0.0.16 diff --git a/metallb-chart/charts/frr-k8s/README.md b/metallb-chart/charts/frr-k8s/README.md index 0418d64..0e6c246 100644 --- a/metallb-chart/charts/frr-k8s/README.md +++ b/metallb-chart/charts/frr-k8s/README.md @@ -1,6 +1,6 @@ # frr-k8s -![Version: 0.0.14](https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.14](https://img.shields.io/badge/AppVersion-v0.0.14-informational?style=flat-square) +![Version: 0.0.16](https://img.shields.io/badge/Version-0.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.16](https://img.shields.io/badge/AppVersion-v0.0.16-informational?style=flat-square) A cloud native wrapper of FRR @@ -16,7 +16,7 @@ Kubernetes: `>= 1.19.0-0` | Repository | Name | Version | |------------|------|---------| -| | crds | 0.0.14 | +| | crds | 0.0.16 | ## Values @@ -27,17 +27,17 @@ Kubernetes: `>= 1.19.0-0` | frrk8s.affinity | object | `{}` | | | frrk8s.alwaysBlock | string | `""` | | | frrk8s.disableCertRotation | bool | `false` | | +| frrk8s.frr.acceptIncomingBGPConnections | bool | `false` | | | frrk8s.frr.image.pullPolicy | string | `nil` | | -| frrk8s.frr.image.repository | string | `"quay.io/frrouting/frr"` | | -| frrk8s.frr.image.tag | string | `"9.1.0"` | | +| frrk8s.frr.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr"` | | +| frrk8s.frr.image.tag | string | `"8.5.6"` | | | frrk8s.frr.metricsBindAddress | string | `"127.0.0.1"` | | | frrk8s.frr.metricsPort | int | `7573` | | | frrk8s.frr.resources | object | `{}` | | | frrk8s.frr.secureMetricsPort | int | `9141` | | | frrk8s.frrMetrics.resources | object | `{}` | | -| frrk8s.healthPort | int | `8081` | | | frrk8s.image.pullPolicy | string | `nil` | | -| frrk8s.image.repository | string | `"quay.io/metallb/frr-k8s"` | | +| frrk8s.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr-k8s"` | | | frrk8s.image.tag | string | `nil` | | | frrk8s.labels.app | string | `"frr-k8s"` | | | frrk8s.livenessProbe.enabled | bool | `true` | | @@ -77,8 +77,8 @@ Kubernetes: `>= 1.19.0-0` | prometheus.namespace | string | `""` | | | prometheus.rbacPrometheus | bool | `false` | | | prometheus.rbacProxy.pullPolicy | string | `nil` | | -| prometheus.rbacProxy.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | | -| prometheus.rbacProxy.tag | string | `"v0.12.0"` | | +| prometheus.rbacProxy.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/kube-rbac-proxy"` | | +| prometheus.rbacProxy.tag | string | `"v0.18.0"` | | | prometheus.scrapeAnnotations | bool | `false` | | | prometheus.secureMetricsPort | int | `9140` | | | prometheus.serviceAccount | string | `""` | | diff --git a/metallb-chart/charts/frr-k8s/charts/crds/.helmignore b/metallb-chart/charts/frr-k8s/charts/crds/.helmignore new file mode 100644 index 0000000..1b9a9cc --- /dev/null +++ b/metallb-chart/charts/frr-k8s/charts/crds/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/metallb-chart/charts/frr-k8s/charts/crds/Chart.yaml b/metallb-chart/charts/frr-k8s/charts/crds/Chart.yaml new file mode 100644 index 0000000..14bb828 --- /dev/null +++ b/metallb-chart/charts/frr-k8s/charts/crds/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +appVersion: v0.0.16 +description: FRR K8s CRDs +home: https://metallb.universe.tf +icon: https://metallb.universe.tf/images/logo/metallb-white.png +name: crds +sources: +- https://github.com/metallb/frr-k8s +type: application +version: 0.0.16 diff --git a/metallb-chart/charts/frr-k8s/charts/crds/README.md b/metallb-chart/charts/frr-k8s/charts/crds/README.md new file mode 100644 index 0000000..8a23fb0 --- /dev/null +++ b/metallb-chart/charts/frr-k8s/charts/crds/README.md @@ -0,0 +1,14 @@ +# crds + +![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.0](https://img.shields.io/badge/AppVersion-v0.0.0-informational?style=flat-square) + +FRR-K8s CRDs + +**Homepage:** + +## Source Code + +* + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0) diff --git a/metallb-chart/charts/frr-k8s/crds/frrk8s.metallb.io_frrconfigurations.yaml b/metallb-chart/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml similarity index 95% rename from metallb-chart/charts/frr-k8s/crds/frrk8s.metallb.io_frrconfigurations.yaml rename to metallb-chart/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml index 2813767..49dd117 100644 --- a/metallb-chart/charts/frr-k8s/crds/frrk8s.metallb.io_frrconfigurations.yaml +++ b/metallb-chart/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml @@ -156,8 +156,9 @@ spec: the session with. type: string asn: - description: ASN is the AS number to use for the local - end of the session. + description: |- + ASN is the AS number to use for the local end of the session. + ASN and DynamicASN are mutually exclusive and one of them must be specified. format: int32 maximum: 4294967295 minimum: 0 @@ -187,6 +188,17 @@ spec: will separate IPv4 and IPv6 route exchanges into distinct BGP sessions. type: boolean + dynamicASN: + description: |- + DynamicASN detects the AS number to use for the local end of the session + without explicitly setting it via the ASN field. Limited to: + internal - if the neighbor's ASN is different than the router's the connection is denied. + external - if the neighbor's ASN is the same as the router's the connection is denied. + ASN and DynamicASN are mutually exclusive and one of them must be specified. + enum: + - internal + - external + type: string ebgpMultiHop: description: EBGPMultiHop indicates if the BGPPeer is multi-hops away. @@ -366,7 +378,6 @@ spec: type: object required: - address - - asn type: object type: array prefixes: diff --git a/metallb-chart/charts/frr-k8s/crds/frrk8s.metallb.io_frrnodestates.yaml b/metallb-chart/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrnodestates.yaml similarity index 100% rename from metallb-chart/charts/frr-k8s/crds/frrk8s.metallb.io_frrnodestates.yaml rename to metallb-chart/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrnodestates.yaml diff --git a/metallb-chart/charts/frr-k8s/templates/controller.yaml b/metallb-chart/charts/frr-k8s/templates/controller.yaml index 50badde..e28bd76 100644 --- a/metallb-chart/charts/frr-k8s/templates/controller.yaml +++ b/metallb-chart/charts/frr-k8s/templates/controller.yaml @@ -50,7 +50,7 @@ data: # vtysh_enable=yes zebra_options=" -A 127.0.0.1 -s 90000000" - bgpd_options=" -A 127.0.0.1" + bgpd_options=" -A 127.0.0.1 {{ if not .Values.frrk8s.frr.acceptIncomingBGPConnections }} -p 0 {{- end }}" ospfd_options=" -A 127.0.0.1" ospf6d_options=" -A ::1" ripd_options=" -A 127.0.0.1" @@ -199,7 +199,6 @@ spec: {{- with .Values.frrk8s.logLevel }} - --log-level={{ . }} {{- end }} - - --health-probe-bind-address={{.Values.prometheus.metricsBindAddress}}:{{ .Values.frrk8s.healthPort }} {{- if .Values.frrk8s.alwaysBlock }} - --always-block={{ .Values.frrk8s.alwaysBlock }} {{- end }} @@ -222,8 +221,8 @@ spec: {{- if .Values.frrk8s.livenessProbe.enabled }} livenessProbe: httpGet: - path: /healthz - port: {{ .Values.frrk8s.healthPort }} + path: /metrics + port: monitoring host: {{ .Values.prometheus.metricsBindAddress }} initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }} @@ -234,8 +233,8 @@ spec: {{- if .Values.frrk8s.readinessProbe.enabled }} readinessProbe: httpGet: - path: /healthz - port: {{ .Values.frrk8s.healthPort }} + path: /metrics + port: monitoring host: {{ .Values.prometheus.metricsBindAddress }} initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }} diff --git a/metallb-chart/charts/frr-k8s/templates/webhooks.yaml b/metallb-chart/charts/frr-k8s/templates/webhooks.yaml index a84b3b6..7925006 100644 --- a/metallb-chart/charts/frr-k8s/templates/webhooks.yaml +++ b/metallb-chart/charts/frr-k8s/templates/webhooks.yaml @@ -46,7 +46,7 @@ spec: - "--restart-on-rotator-secret-refresh=true" {{- end }} - "--namespace=$(NAMESPACE)" - - --health-probe-bind-address=:8081 + - "--metrics-bind-address=:{{ .Values.prometheus.metricsPort }}" env: - name: NAMESPACE valueFrom: @@ -63,11 +63,14 @@ spec: drop: - ALL readOnlyRootFilesystem: true + ports: + - containerPort: {{ .Values.prometheus.metricsPort }} + name: monitoring {{- if .Values.frrk8s.livenessProbe.enabled }} livenessProbe: httpGet: - path: /healthz - port: 8081 + path: /metrics + port: monitoring initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }} failureThreshold: {{ .Values.frrk8s.livenessProbe.failureThreshold }} @@ -75,8 +78,8 @@ spec: {{- if .Values.frrk8s.readinessProbe.enabled }} readinessProbe: httpGet: - path: /readyz - port: 8081 + path: /metrics + port: monitoring initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }} failureThreshold: {{ .Values.frrk8s.readinessProbe.failureThreshold }} diff --git a/metallb-chart/charts/frr-k8s/values.yaml b/metallb-chart/charts/frr-k8s/values.yaml index 87731fe..d17b81b 100644 --- a/metallb-chart/charts/frr-k8s/values.yaml +++ b/metallb-chart/charts/frr-k8s/values.yaml @@ -53,7 +53,7 @@ prometheus: # the image to be used for the kuberbacproxy container rbacProxy: repository: "registry.opensuse.org/isv/suse/edge/metallb/images/kube-rbac-proxy" - tag: "v0.18.0" + tag: "v0.18.1" pullPolicy: IfNotPresent # Prometheus Operator ServiceMonitors. @@ -98,7 +98,7 @@ frrk8s: tolerateMaster: true image: repository: "registry.opensuse.org/isv/suse/edge/metallb/images/frr-k8s" - tag: "v0.0.14" + tag: "v0.0.16" pullPolicy: IfNotPresent ## @param controller.updateStrategy.type FRR-K8s controller daemonset strategy type ## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/ @@ -132,7 +132,6 @@ frrk8s: podAnnotations: {} labels: app: frr-k8s - healthPort: 8081 livenessProbe: enabled: true failureThreshold: 3 @@ -162,15 +161,17 @@ frrk8s: frr: image: repository: "registry.opensuse.org/isv/suse/edge/metallb/images/frr" - tag: "8.4" + tag: "8.5.6" pullPolicy: IfNotPresent metricsBindAddress: 127.0.0.1 metricsPort: 7573 resources: {} secureMetricsPort: 9141 + acceptIncomingBGPConnections: false reloader: resources: {} frrMetrics: resources: {} crds: + enabled: true validationFailurePolicy: Fail diff --git a/metallb-chart/charts/metallb-crds/README.md b/metallb-chart/charts/metallb-crds/README.md deleted file mode 100644 index 58cf71b..0000000 --- a/metallb-chart/charts/metallb-crds/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# crds - -![Version: 0.14.3](https://img.shields.io/badge/Version-0.14.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.3](https://img.shields.io/badge/AppVersion-v0.14.3-informational?style=flat-square) - -MetalLB CRDs - -**Homepage:** - -## Source Code - -* diff --git a/metallb-chart/templates/_helpers.tpl b/metallb-chart/templates/_helpers.tpl index 0dc55f3..077a411 100644 --- a/metallb-chart/templates/_helpers.tpl +++ b/metallb-chart/templates/_helpers.tpl @@ -111,3 +111,4 @@ Create the name of the settings Secret to use. {{ .Values.speaker.frr.metricsPort }} {{- end }} {{- end }} + diff --git a/metallb-chart/templates/controller.yaml b/metallb-chart/templates/controller.yaml index 311a559..7403e55 100644 --- a/metallb-chart/templates/controller.yaml +++ b/metallb-chart/templates/controller.yaml @@ -84,7 +84,7 @@ spec: - name: METALLB_DEPLOYMENT value: {{ template "metallb.fullname" . }}-controller {{- end }} - {{- if .Values.speaker.frr.enabled }} + {{- if and .Values.speaker.enabled .Values.speaker.frr.enabled }} - name: METALLB_BGP_TYPE value: frr {{- end }} diff --git a/metallb-chart/templates/podmonitor.yaml b/metallb-chart/templates/podmonitor.yaml index 40155de..eb8ecec 100644 --- a/metallb-chart/templates/podmonitor.yaml +++ b/metallb-chart/templates/podmonitor.yaml @@ -36,6 +36,7 @@ spec: relabelings: {{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }} {{- end }} +{{- if .Values.speaker.enabled }} --- apiVersion: monitoring.coreos.com/v1 kind: PodMonitor @@ -74,6 +75,7 @@ spec: relabelings: {{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }} {{- end }} +{{- end }} --- {{- if .Values.prometheus.rbacPrometheus }} apiVersion: rbac.authorization.k8s.io/v1 diff --git a/metallb-chart/templates/prometheusrules.yaml b/metallb-chart/templates/prometheusrules.yaml index 50bd49a..5998e8d 100644 --- a/metallb-chart/templates/prometheusrules.yaml +++ b/metallb-chart/templates/prometheusrules.yaml @@ -19,8 +19,8 @@ spec: {{- if .Values.prometheus.prometheusRule.staleConfig.enabled }} - alert: MetalLBStaleConfig annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has a stale config for > 1 minute'`}} + summary: {{`'Stale config on {{ $labels.pod }}'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has a stale config for > 1 minute'`}} expr: metallb_k8s_client_config_stale_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 1 for: 1m {{- with .Values.prometheus.prometheusRule.staleConfig.labels }} @@ -31,8 +31,8 @@ spec: {{- if .Values.prometheus.prometheusRule.configNotLoaded.enabled }} - alert: MetalLBConfigNotLoaded annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has not loaded for > 1 minute'`}} + summary: {{`'Config on {{ $labels.pod }} has not been loaded'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has not loaded for > 1 minute'`}} expr: metallb_k8s_client_config_loaded_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 0 for: 1m {{- with .Values.prometheus.prometheusRule.configNotLoaded.labels }} @@ -43,8 +43,8 @@ spec: {{- if .Values.prometheus.prometheusRule.addressPoolExhausted.enabled }} - alert: MetalLBAddressPoolExhausted annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}} + summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}} expr: metallb_allocator_addresses_in_use_total >= on(pool) metallb_allocator_addresses_total for: 1m {{- with .Values.prometheus.prometheusRule.addressPoolExhausted.labels }} @@ -57,8 +57,8 @@ spec: {{- range .Values.prometheus.prometheusRule.addressPoolUsage.thresholds }} - alert: MetalLBAddressPoolUsage{{ .percent }}Percent annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}} + summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}} + message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}} expr: ( metallb_allocator_addresses_in_use_total / on(pool) metallb_allocator_addresses_total ) * 100 > {{ .percent }} {{- with .labels }} labels: @@ -69,8 +69,8 @@ spec: {{- if .Values.prometheus.prometheusRule.bgpSessionDown.enabled }} - alert: MetalLBBGPSessionDown annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has BGP session {{ $labels.peer }} down for > 1 minute'`}} + summary: {{`'BGP session down on {{ $labels.pod }}'`}} + message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has BGP session {{ $labels.peer }} down for > 1 minute'`}} expr: metallb_bgp_session_up{job=~"{{ template "metallb.fullname" . }}.*"} == 0 for: 1m {{- with .Values.prometheus.prometheusRule.bgpSessionDown.labels }} diff --git a/metallb-chart/templates/rbac.yaml b/metallb-chart/templates/rbac.yaml index 8c66b80..318c42f 100644 --- a/metallb-chart/templates/rbac.yaml +++ b/metallb-chart/templates/rbac.yaml @@ -19,11 +19,11 @@ rules: resources: ["events"] verbs: ["create", "patch"] - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + resources: ["validatingwebhookconfigurations"] resourceNames: ["metallb-webhook-configuration"] verbs: ["create", "delete", "get", "list", "patch", "update", "watch"] - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + resources: ["validatingwebhookconfigurations"] verbs: ["list", "watch"] - apiGroups: ["apiextensions.k8s.io"] resources: ["customresourcedefinitions"] @@ -41,6 +41,7 @@ rules: resources: ["subjectaccessreviews"] verbs: ["create"] {{- end }} +{{- if .Values.speaker.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -72,7 +73,7 @@ rules: {{- if or .Values.frrk8s.enabled .Values.frrk8s.external }} - apiGroups: ["frrk8s.metallb.io"] resources: ["frrconfigurations"] - verbs: ["get", "list", "watch","create","update"] + verbs: ["get", "list", "watch","create","update","delete"] {{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 @@ -109,6 +110,7 @@ rules: - apiGroups: ["metallb.io"] resources: ["communities"] verbs: ["get", "list", "watch"] +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -117,7 +119,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "metallb.labels" . | nindent 4 }} rules: -{{- if .Values.speaker.memberlist.enabled }} +{{- if and .Values.speaker.enabled .Values.speaker.memberlist.enabled }} - apiGroups: [""] resources: ["secrets"] verbs: ["create", "get", "list", "watch"] @@ -166,6 +168,7 @@ roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: {{ template "metallb.fullname" . }}:controller +{{- if .Values.speaker.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -195,6 +198,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "metallb.speaker.serviceAccountName" . }} +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/metallb-chart/templates/service-accounts.yaml b/metallb-chart/templates/service-accounts.yaml index c2157ff..826fa06 100644 --- a/metallb-chart/templates/service-accounts.yaml +++ b/metallb-chart/templates/service-accounts.yaml @@ -13,7 +13,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} {{- end }} -{{- if .Values.speaker.serviceAccount.create }} +{{- if and .Values.speaker.enabled .Values.speaker.serviceAccount.create }} --- apiVersion: v1 kind: ServiceAccount diff --git a/metallb-chart/templates/servicemonitor.yaml b/metallb-chart/templates/servicemonitor.yaml index 0aacf85..a103bbc 100644 --- a/metallb-chart/templates/servicemonitor.yaml +++ b/metallb-chart/templates/servicemonitor.yaml @@ -1,4 +1,9 @@ +{{- if and .Values.prometheus.serviceMonitor.enabled .Values.prometheus.podMonitor.enabled }} +{{- fail "prometheus.serviceMonitor.enabled and prometheus.podMonitor.enabled cannot both be set" }} +{{- end }} + {{- if .Values.prometheus.serviceMonitor.enabled }} +{{- if .Values.speaker.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -89,6 +94,7 @@ spec: {{- end }} sessionAffinity: None type: ClusterIP +{{- end }} --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor @@ -97,7 +103,6 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "metallb.labels" . | nindent 4 }} - app.kubernetes.io/component: speaker {{- if .Values.prometheus.serviceMonitor.controller.additionalLabels }} {{ toYaml .Values.prometheus.serviceMonitor.controller.additionalLabels | indent 4 }} {{- end }} diff --git a/metallb-chart/values.yaml b/metallb-chart/values.yaml index 0f2261c..66f123b 100644 --- a/metallb-chart/values.yaml +++ b/metallb-chart/values.yaml @@ -45,7 +45,7 @@ prometheus: # certificate to be used. controllerMetricsTLSSecret: "" - # prometheus doens't have the permission to scrape all namespaces so we give it permission to scrape metallb's one + # prometheus doesn't have the permission to scrape all namespaces so we give it permission to scrape metallb's one rbacPrometheus: true # the service account used by prometheus @@ -67,7 +67,7 @@ prometheus: # enable support for Prometheus Operator enabled: false - # optional additionnal labels for podMonitors + # optional additional labels for podMonitors additionalLabels: {} # optional annotations for podMonitors @@ -146,7 +146,7 @@ prometheus: # enable alertmanager alerts enabled: false - # optional additionnal labels for prometheusRules + # optional additional labels for prometheusRules additionalLabels: {} # optional annotations for prometheusRules @@ -168,7 +168,7 @@ prometheus: addressPoolExhausted: enabled: true labels: - severity: alert + severity: critical addressPoolUsage: enabled: true @@ -181,13 +181,13 @@ prometheus: severity: warning - percent: 95 labels: - severity: alert + severity: critical # MetalLBBGPSessionDown bgpSessionDown: enabled: true labels: - severity: alert + severity: critical extraAlerts: [] @@ -201,7 +201,7 @@ controller: # webhookMode: enabled image: repository: "%%IMG_REPO%%/%%IMG_PREFIX%%metallb-controller" - tag: "v0.14.8" + tag: "v0.14.9" pullPolicy: IfNotPresent ## @param controller.updateStrategy.type Metallb controller deployment strategy type. ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy @@ -282,7 +282,7 @@ speaker: image: repository: "%%IMG_REPO%%/%%IMG_PREFIX%%metallb-speaker" - tag: "v0.14.8" + tag: "v0.14.9" pullPolicy: IfNotPresent ## @param speaker.updateStrategy.type Speaker daemonset strategy type ## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/ @@ -346,7 +346,7 @@ speaker: enabled: false image: repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr" - tag: "8.4" + tag: "8.5.6" pullPolicy: IfNotPresent metricsPort: 7473 resources: {} @@ -378,3 +378,15 @@ frrk8s: enabled: false external: false namespace: "" + +# Override any settings for the metallb frr-k8s service here +metallb-frr-k8s: + prometheus: + rbacProxy: + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%kube-rbac-proxy" + frrk8s: + image: + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr-k8s" + frr: + image: + repository: "%%IMG_REPO%%/%%IMG_PREFIX%%frr" diff --git a/metallb/_service b/metallb/_service index e709ca2..bc6a0ab 100644 --- a/metallb/_service +++ b/metallb/_service @@ -2,7 +2,7 @@ https://github.com/metallb/metallb git - v0.14.8 + v0.14.9 _auto_ @PARENT_TAG@ enable diff --git a/metallb/metallb.spec b/metallb/metallb.spec index 17316a4..f6417e9 100644 --- a/metallb/metallb.spec +++ b/metallb/metallb.spec @@ -17,8 +17,8 @@ Name: metallb -Version: 0.14.8 -Release: 0.14.8 +Version: 0.14.9 +Release: 0.14.9 Summary: Load Balancer for bare metal Kubernetes clusters License: Apache-2.0 URL: https://github.com/metallb/metallb @@ -54,7 +54,7 @@ This package contains the speaker binary. cp ./frr-tools/reloader/frr-reloader.sh frr-reloader.sh %build -go install -v -mod vendor -buildmode=pie ./controller ./speaker ./frr-tools/metrics +go install -v -mod vendor -buildmode=pie ./controller ./speaker ./frr-tools/metrics ./frr-tools/cp-tool mv $HOME/go/bin/metrics $HOME/go/bin/frr-metrics %install @@ -63,6 +63,7 @@ mkdir -p %{buildroot}%{_sbindir}/ install -D -m 0755 $HOME/go/bin/controller %{buildroot}/ install -D -m 0755 $HOME/go/bin/speaker %{buildroot}/ install -D -m 0755 $HOME/go/bin/frr-metrics %{buildroot}/ +install -D -m 0755 $HOME/go/bin/cp-tool %{buildroot}/ install -D -m 0755 frr-reloader.sh %{buildroot}/ %files controller @@ -73,6 +74,7 @@ install -D -m 0755 frr-reloader.sh %{buildroot}/ %license LICENSE /speaker /frr-metrics +/cp-tool /frr-reloader.sh %changelog