From eff9a9b0c5ece1f7d6e855d674c332076d6f4b751f301db2e2abbed95d20df39 Mon Sep 17 00:00:00 2001 From: Steven Hardy Date: Thu, 20 Feb 2025 09:47:12 +0000 Subject: [PATCH] rancher-turtles-chart: Update to 0.16.0 Align with https://github.com/suse-edge/charts/pull/186 --- rancher-turtles-chart/Chart.lock | 6 +- rancher-turtles-chart/Chart.yaml | 8 +- rancher-turtles-chart/questions.yml | 112 ++---- .../templates/addon-provider-fleet.yaml | 7 + .../templates/clusterctl-cm-cleanup-job.yaml | 4 +- .../templates/deployment.yaml | 6 +- .../templates/metal3-infrastructure.yaml | 2 +- .../templates/post-delete-job.yaml | 18 +- .../templates/post-upgrade-job.yaml | 20 +- .../templates/pre-delete-job.yaml | 10 +- .../templates/pre-install-job.yaml | 14 +- .../templates/rancher-turtles-components.yaml | 337 ++++++++++++------ ...er-turtles-exp-etcdrestore-components.yaml | 90 +---- rancher-turtles-chart/values.yaml | 38 +- 14 files changed, 332 insertions(+), 340 deletions(-) diff --git a/rancher-turtles-chart/Chart.lock b/rancher-turtles-chart/Chart.lock index be85685..b03387b 100644 --- a/rancher-turtles-chart/Chart.lock +++ b/rancher-turtles-chart/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: cluster-api-operator repository: https://kubernetes-sigs.github.io/cluster-api-operator - version: 0.14.0 -digest: sha256:9e9e851dbab3212c279efec06bcf0da147228ea1590470f3a8cbbb5806a250d4 -generated: "2024-12-03T09:34:12.871417074Z" + version: 0.16.0 +digest: sha256:9b296be6ee446bff492e6736e084ce3734b07ea613791b77fd15d31c0f62dc70 +generated: "2025-01-30T10:14:58.692942399Z" diff --git a/rancher-turtles-chart/Chart.yaml b/rancher-turtles-chart/Chart.yaml index 4a806fd..d1cf0c4 100644 --- a/rancher-turtles-chart/Chart.yaml +++ b/rancher-turtles-chart/Chart.yaml @@ -1,5 +1,5 @@ -#!BuildTag: %%IMG_PREFIX%%rancher-turtles-chart:%%CHART_MAJOR%%.0.0_up0.14.1 -#!BuildTag: %%IMG_PREFIX%%rancher-turtles-chart:%%CHART_MAJOR%%.0.0_up0.14.1-%RELEASE% +#!BuildTag: %%IMG_PREFIX%%rancher-turtles-chart:%%CHART_MAJOR%%.0.0_up0.16.0 +#!BuildTag: %%IMG_PREFIX%%rancher-turtles-chart:%%CHART_MAJOR%%.0.0_up0.16.0-%RELEASE% annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/display-name: Rancher Turtles - the Cluster API Extension @@ -12,7 +12,7 @@ annotations: catalog.cattle.io/scope: management catalog.cattle.io/type: cluster-tool apiVersion: v2 -appVersion: 0.14.1 +appVersion: 0.16.0 dependencies: - condition: cluster-api-operator.enabled name: cluster-api-operator @@ -29,4 +29,4 @@ keywords: - provisioning name: rancher-turtles type: application -version: "%%CHART_MAJOR%%.0.0+up0.14.1" +version: "%%CHART_MAJOR%%.0.0+up0.16.0" diff --git a/rancher-turtles-chart/questions.yml b/rancher-turtles-chart/questions.yml index 96e21ef..8f043d9 100644 --- a/rancher-turtles-chart/questions.yml +++ b/rancher-turtles-chart/questions.yml @@ -1,78 +1,44 @@ namespace: rancher-turtles-system questions: -- variable: rancherTurtles.features.default - default: "false" - description: "Customize install settings" - label: Customize install settings - type: boolean - show_subquestion_if: true - group: "Rancher Turtles Extra Settings" - subquestions: - - variable: cluster-api-operator.cert-manager.enabled - default: false + - variable: rancherTurtles.features.default + default: "false" + description: "Customize install settings" + label: Customize install settings type: boolean - description: "Flag to enable or disable installation of cert-manager. If set to false then you will need to install cert-manager manually" - label: "Enable Cert Manager" - - variable: rancherTurtles.features.cluster-api-operator.cleanup - default: true - description: "Specify that the CAPI Operator post-delete cleanup job will be performed" - type: boolean - label: Cleanup CAPI Operator installation - group: "CAPI Operator cleanup settings" show_subquestion_if: true + group: "Rancher Turtles Extra Settings" subquestions: - - variable: rancherTurtles.features.cluster-api-operator.kubectlImage - default: "rancher/kubectl:v1.30.3" - description: "Specify the image to use when cleaning up the Cluster API Operator manifests" - type: string - label: Cleanup Image - group: "CAPI Operator cleanup settings" - - variable: rancherTurtles.features.rancher-webhook.cleanup - default: true - description: "Specify that the Rancher embedded cluster api webhooks should be removed" - type: boolean - label: Cleanup Rancher Embedded CAPI Webhooks - group: "Rancher webhook cleanup settings" - show_subquestion_if: true - subquestions: - - variable: rancherTurtles.features.rancher-webhook.kubectlImage - default: "rancher/kubectl:v1.30.3" - description: "Specify the image to use when cleaning up the webhooks" - type: string - label: Webhook Cleanup Image - group: "Rancher webhook cleanup settings" - - variable: rancherTurtles.features.rancher-kubeconfigs.label - default: false - description: "(Experimental) Specify that the kubeconfigs generated by Rancher should be automatically patched to contain the CAPI expected labels" - type: boolean - label: Label Rancher Kubeconfigs - group: "Rancher Turtles Features Settings" - - variable: rancherTurtles.features.managementv3-cluster.enabled - default: true - description: "Use v3/management cluster manifest for import, instead of v1/provisioning" - type: boolean - label: Use management v3 cluster manifest - group: "Rancher Turtles Features Settings" - - variable: rancherTurtles.features.managementv3-cluster-migration.enabled - default: false - description: "Automatically migrate between provisioning and management clusters on upgrade" - type: boolean - label: All imported clusters will use new cluster manifest, replacing old cluster manifest. - group: "Rancher Turtles Features Settings" - - variable: cluster-api-operator.cluster-api.rke2.enabled - default: "true" - description: "Flag to enable or disable installation of the RKE2 provider for Cluster API. By default this is enabled." - label: "Enable RKE2 Provider" - type: boolean - - variable: rancherTurtles.features.propagate-labels.enabled - default: false - description: "(Experimental) Specify that the labels from CAPI should be propagated to Rancher" - type: boolean - label: Propagate CAPI Labels - group: "Rancher Turtles Features Settings" - - variable: rancherTurtles.features.addon-provider-fleet.enabled - default: false - description: "Enable Fleet Addon Provider functionality in Rancher Turtles" - type: boolean - label: Seamless integration with Fleet and CAPI - group: "Rancher Turtles Features Settings" + - variable: cluster-api-operator.cert-manager.enabled + default: false + type: boolean + description: "Flag to enable or disable installation of cert-manager. If set to false then you will need to install cert-manager manually" + label: "Enable Cert Manager" + - variable: rancherTurtles.cluster-api-operator.cleanup + default: true + description: "Specify that the CAPI Operator post-delete cleanup job will be performed" + type: boolean + label: Cleanup CAPI Operator installation + group: "CAPI Operator cleanup settings" + - variable: cluster-api-operator.cluster-api.rke2.enabled + default: "true" + description: "Flag to enable or disable installation of the RKE2 provider for Cluster API. By default this is enabled." + label: "Enable RKE2 Provider" + type: boolean + - variable: rancherTurtles.features.addon-provider-fleet.enabled + default: false + description: "[BETA] Enable Fleet Addon Provider functionality in Rancher Turtles" + type: boolean + label: Seamless integration with Fleet and CAPI + group: "Rancher Turtles Features Settings" + - variable: rancherTurtles.features.agent-tls-mode.enabled + default: false + description: "[ALPHA] If enabled Turtles will use the agent-tls-mode setting to determine CA cert trust mode for importing clusters" + type: boolean + label: Enable Agent TLS Mode + group: "Rancher Turtles Features Settings" + - variable: rancherTurtles.kubectlImage + default: "registry.suse.com/edge/3.2/kubectl:1.30.3" + description: "Specify the image to use when running kubectl in jobs" + type: string + label: Kubectl Image + group: "Rancher Turtles Features Settings" diff --git a/rancher-turtles-chart/templates/addon-provider-fleet.yaml b/rancher-turtles-chart/templates/addon-provider-fleet.yaml index 5a6ced8..c12ef2a 100644 --- a/rancher-turtles-chart/templates/addon-provider-fleet.yaml +++ b/rancher-turtles-chart/templates/addon-provider-fleet.yaml @@ -35,10 +35,17 @@ data: cluster: patchResource: true setOwnerReferences: true + hostNetwork: true selector: matchLabels: cluster-api.cattle.io/rancher-auto-import: "true" + matchExpressions: + - key: cluster-api.cattle.io/disable-fleet-auto-import + operator: DoesNotExist namespaceSelector: matchLabels: cluster-api.cattle.io/rancher-auto-import: "true" + matchExpressions: + - key: cluster-api.cattle.io/disable-fleet-auto-import + operator: DoesNotExist {{- end }} diff --git a/rancher-turtles-chart/templates/clusterctl-cm-cleanup-job.yaml b/rancher-turtles-chart/templates/clusterctl-cm-cleanup-job.yaml index c2bd142..25f4f9a 100644 --- a/rancher-turtles-chart/templates/clusterctl-cm-cleanup-job.yaml +++ b/rancher-turtles-chart/templates/clusterctl-cm-cleanup-job.yaml @@ -1,4 +1,4 @@ -{{- if index .Values "rancherTurtles" "features" "rancher-webhook" "cleanup" }} +{{- if index .Values "rancherTurtles" "rancherInstalled" }} --- apiVersion: v1 kind: ServiceAccount @@ -55,7 +55,7 @@ spec: serviceAccountName: pre-upgrade-job containers: - name: rancher-clusterctl-configmap-cleanup - image: {{ index .Values "rancherTurtles" "features" "rancher-webhook" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} args: - delete - configmap diff --git a/rancher-turtles-chart/templates/deployment.yaml b/rancher-turtles-chart/templates/deployment.yaml index e2d2d09..6a0da62 100644 --- a/rancher-turtles-chart/templates/deployment.yaml +++ b/rancher-turtles-chart/templates/deployment.yaml @@ -26,7 +26,7 @@ spec: containers: - args: - --leader-elect - - --feature-gates=propagate-labels={{ index .Values "rancherTurtles" "features" "propagate-labels" "enabled"}},managementv3-cluster={{ index .Values "rancherTurtles" "features" "managementv3-cluster" "enabled"}},rancher-kube-secret-patch={{ index .Values "rancherTurtles" "features" "rancher-kubeconfigs" "label"}} + - --feature-gates=addon-provider-fleet={{ index .Values "rancherTurtles" "features" "addon-provider-fleet" "enabled"}},agent-tls-mode={{ index .Values "rancherTurtles" "features" "agent-tls-mode" "enabled"}} {{- range .Values.rancherTurtles.managerArguments }} - {{ . }} {{- end }} @@ -67,10 +67,10 @@ spec: resources: limits: cpu: 500m - memory: 128Mi + memory: 256Mi requests: cpu: 10m - memory: 64Mi + memory: 128Mi serviceAccountName: rancher-turtles-manager terminationGracePeriodSeconds: 10 tolerations: diff --git a/rancher-turtles-chart/templates/metal3-infrastructure.yaml b/rancher-turtles-chart/templates/metal3-infrastructure.yaml index 122d9c4..e06700c 100644 --- a/rancher-turtles-chart/templates/metal3-infrastructure.yaml +++ b/rancher-turtles-chart/templates/metal3-infrastructure.yaml @@ -22,7 +22,7 @@ metadata: spec: providers: - name: metal3 - url: "https://github.com/metal3-io/cluster-api-provider-metal3/releases/v1.7.2/infrastructure-components.yaml" + url: "https://github.com/rancher-sandbox/cluster-api-provider-metal3/releases/v1.9.2/infrastructure-components.yaml" type: InfrastructureProvider --- apiVersion: turtles-capi.cattle.io/v1alpha1 diff --git a/rancher-turtles-chart/templates/post-delete-job.yaml b/rancher-turtles-chart/templates/post-delete-job.yaml index 277a6d2..9633e09 100644 --- a/rancher-turtles-chart/templates/post-delete-job.yaml +++ b/rancher-turtles-chart/templates/post-delete-job.yaml @@ -1,4 +1,4 @@ -{{- if index .Values "rancherTurtles" "features" "cluster-api-operator" "cleanup" }} +{{- if index .Values "cluster-api-operator" "cleanup" }} --- apiVersion: v1 kind: ServiceAccount @@ -41,7 +41,7 @@ metadata: subjects: - kind: ServiceAccount name: post-delete-job - namespace: rancher-turtles-system + namespace: '{{ .Values.rancherTurtles.namespace }}' roleRef: kind: ClusterRole name: post-delete-job-delete-webhooks @@ -62,7 +62,7 @@ spec: serviceAccountName: post-delete-job containers: - name: cluster-api-operator-mutatingwebhook-cleanup - image: {{ index .Values "rancherTurtles" "features" "cluster-api-operator" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} command: ["kubectl"] args: - delete @@ -90,7 +90,7 @@ spec: serviceAccountName: post-delete-job containers: - name: cluster-api-operator-validatingwebhook-cleanup - image: {{ index .Values "rancherTurtles" "features" "cluster-api-operator" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} command: ["kubectl"] args: - delete @@ -119,7 +119,7 @@ spec: restartPolicy: Never containers: - name: delete-capi-controller-manager - image: {{ index .Values "rancherTurtles" "features" "cluster-api-operator" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} command: ["kubectl"] args: - delete @@ -128,7 +128,7 @@ spec: - {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }} - --ignore-not-found=true - name: delete-capi-kubeadm-bootstrap-controller-manager - image: {{ index .Values "rancherTurtles" "features" "cluster-api-operator" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} command: ["kubectl"] args: - delete @@ -137,7 +137,7 @@ spec: - capi-kubeadm-bootstrap-system - --ignore-not-found=true - name: delete-capi-kubeadm-control-plane-controller-manager - image: {{ index .Values "rancherTurtles" "features" "cluster-api-operator" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} command: ["kubectl"] args: - delete @@ -146,7 +146,7 @@ spec: - capi-kubeadm-control-plane-system - --ignore-not-found=true - name: delete-rke2-kubeadm-bootstrap-controller-manager - image: {{ index .Values "rancherTurtles" "features" "cluster-api-operator" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} command: ["kubectl"] args: - delete @@ -155,7 +155,7 @@ spec: - {{ index .Values "cluster-api-operator" "cluster-api" "rke2" "bootstrap" "namespace" }} - --ignore-not-found=true - name: delete-rke2-control-plane-controller-manager - image: {{ index .Values "rancherTurtles" "features" "cluster-api-operator" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} command: ["kubectl"] args: - delete diff --git a/rancher-turtles-chart/templates/post-upgrade-job.yaml b/rancher-turtles-chart/templates/post-upgrade-job.yaml index 489f63c..b19a86e 100644 --- a/rancher-turtles-chart/templates/post-upgrade-job.yaml +++ b/rancher-turtles-chart/templates/post-upgrade-job.yaml @@ -1,10 +1,9 @@ -{{- if eq (index .Values "rancherTurtles" "features" "managementv3-cluster-migration" "enabled") true }} --- apiVersion: v1 kind: ServiceAccount metadata: name: post-upgrade-job - namespace: rancher-turtles-system + namespace: '{{ .Values.rancherTurtles.namespace }}' annotations: "helm.sh/hook": post-upgrade "helm.sh/hook-weight": "1" @@ -24,13 +23,6 @@ rules: verbs: - list - delete -- apiGroups: - - management.cattle.io - resources: - - clusters - verbs: - - list - - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -42,7 +34,7 @@ metadata: subjects: - kind: ServiceAccount name: post-upgrade-job - namespace: rancher-turtles-system + namespace: '{{ .Values.rancherTurtles.namespace }}' roleRef: kind: ClusterRole name: post-upgrade-job-delete-clusters @@ -52,6 +44,7 @@ apiVersion: batch/v1 kind: Job metadata: name: post-upgrade-delete-clusters + namespace: '{{ .Values.rancherTurtles.namespace }}' annotations: "helm.sh/hook": post-upgrade "helm.sh/hook-weight": "2" @@ -62,17 +55,12 @@ spec: serviceAccountName: post-upgrade-job containers: - name: post-upgrade-delete-clusters - image: {{ index .Values "rancherTurtles" "features" "rancher-webhook" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} args: - delete - {{- if eq (index .Values "rancherTurtles" "features" "managementv3-cluster" "enabled") true }} - clusters.provisioning.cattle.io - {{- else }} - - clusters.management.cattle.io - {{- end }} - --selector=cluster-api.cattle.io/owned - -A - --ignore-not-found=true - --wait restartPolicy: OnFailure -{{- end }} diff --git a/rancher-turtles-chart/templates/pre-delete-job.yaml b/rancher-turtles-chart/templates/pre-delete-job.yaml index 5a8ae84..c099b9f 100644 --- a/rancher-turtles-chart/templates/pre-delete-job.yaml +++ b/rancher-turtles-chart/templates/pre-delete-job.yaml @@ -1,10 +1,10 @@ -{{- if index .Values "rancherTurtles" "features" "rancher-webhook" "cleanup" }} +{{- if index .Values "rancherTurtles" "rancherInstalled" }} --- apiVersion: v1 kind: ServiceAccount metadata: name: pre-delete-job - namespace: rancher-turtles-system + namespace: '{{ .Values.rancherTurtles.namespace }}' annotations: "helm.sh/hook": pre-delete "helm.sh/hook-weight": "-2" @@ -35,7 +35,7 @@ metadata: subjects: - kind: ServiceAccount name: pre-delete-job - namespace: rancher-turtles-system + namespace: '{{ .Values.rancherTurtles.namespace }}' roleRef: kind: ClusterRole name: pre-delete-job-delete-capiproviders @@ -45,7 +45,7 @@ apiVersion: batch/v1 kind: Job metadata: name: rancher-capiprovider-cleanup - namespace: rancher-turtles-system + namespace: '{{ .Values.rancherTurtles.namespace }}' annotations: "helm.sh/hook": pre-delete "helm.sh/hook-weight": "-1" @@ -56,7 +56,7 @@ spec: serviceAccountName: pre-delete-job containers: - name: rancher-capiprovider-cleanup - image: {{ index .Values "rancherTurtles" "features" "rancher-webhook" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} args: - delete - capiproviders diff --git a/rancher-turtles-chart/templates/pre-install-job.yaml b/rancher-turtles-chart/templates/pre-install-job.yaml index 355fb31..00880d2 100644 --- a/rancher-turtles-chart/templates/pre-install-job.yaml +++ b/rancher-turtles-chart/templates/pre-install-job.yaml @@ -1,4 +1,3 @@ -{{- if index .Values "rancherTurtles" "features" "embedded-capi" "disabled" }} {{- if index .Values "rancherTurtles" "rancherInstalled"}} --- apiVersion: management.cattle.io/v3 @@ -11,14 +10,13 @@ metadata: spec: value: false {{- end }} -{{- end }} -{{- if index .Values "rancherTurtles" "features" "rancher-webhook" "cleanup" }} +{{- if index .Values "rancherTurtles" "rancherInstalled" }} --- apiVersion: v1 kind: ServiceAccount metadata: name: pre-install-job - namespace: rancher-turtles-system + namespace: '{{ .Values.rancherTurtles.namespace }}' annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "1" @@ -49,7 +47,7 @@ metadata: subjects: - kind: ServiceAccount name: pre-install-job - namespace: rancher-turtles-system + namespace: '{{ .Values.rancherTurtles.namespace }}' roleRef: kind: ClusterRole name: pre-install-job-delete-webhooks @@ -59,6 +57,7 @@ apiVersion: batch/v1 kind: Job metadata: name: rancher-mutatingwebhook-cleanup + namespace: '{{ .Values.rancherTurtles.namespace }}' annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "2" @@ -69,7 +68,7 @@ spec: serviceAccountName: pre-install-job containers: - name: rancher-mutatingwebhook-cleanup - image: {{ index .Values "rancherTurtles" "features" "rancher-webhook" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} args: - delete - mutatingwebhookconfigurations.admissionregistration.k8s.io @@ -81,6 +80,7 @@ apiVersion: batch/v1 kind: Job metadata: name: rancher-validatingwebhook-cleanup + namespace: '{{ .Values.rancherTurtles.namespace }}' annotations: "helm.sh/hook": pre-install "helm.sh/hook-weight": "2" @@ -91,7 +91,7 @@ spec: serviceAccountName: pre-install-job containers: - name: rancher-validatingwebhook-cleanup - image: {{ index .Values "rancherTurtles" "features" "rancher-webhook" "kubectlImage" }} + image: {{ index .Values "rancherTurtles" "kubectlImage" }} args: - delete - validatingwebhookconfigurations.admissionregistration.k8s.io diff --git a/rancher-turtles-chart/templates/rancher-turtles-components.yaml b/rancher-turtles-chart/templates/rancher-turtles-components.yaml index 722d984..c6ef6ed 100644 --- a/rancher-turtles-chart/templates/rancher-turtles-components.yaml +++ b/rancher-turtles-chart/templates/rancher-turtles-components.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.1 helm.sh/resource-policy: keep name: capiproviders.turtles-capi.cattle.io spec: @@ -122,11 +122,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -154,11 +156,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic weight: @@ -172,6 +176,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -216,11 +221,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -248,14 +255,17 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object @@ -319,11 +329,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -338,13 +350,13 @@ spec: description: |- MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -353,13 +365,13 @@ spec: description: |- MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -400,11 +412,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -424,6 +438,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -446,6 +461,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -496,11 +512,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -515,13 +533,13 @@ spec: description: |- MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -530,13 +548,13 @@ spec: description: |- MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -576,11 +594,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -600,6 +620,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -612,6 +633,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: description: Describes pod anti-affinity scheduling @@ -671,11 +693,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -690,13 +714,13 @@ spec: description: |- MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -705,13 +729,13 @@ spec: description: |- MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -752,11 +776,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -776,6 +802,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -798,6 +825,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the anti-affinity requirements specified by this field are not met at @@ -848,11 +876,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -867,13 +897,13 @@ spec: description: |- MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -882,13 +912,13 @@ spec: description: |- MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -928,11 +958,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -952,6 +984,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -964,6 +997,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object containers: @@ -1025,10 +1059,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -1092,10 +1129,13 @@ spec: key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret @@ -1124,11 +1164,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry @@ -1140,6 +1178,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -1185,10 +1229,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -1259,7 +1306,6 @@ spec: CacheNamespace if specified restricts the manager's cache to watch objects in the desired namespace Defaults to all namespaces - Note: If a namespace is specified, controllers can still Watch for a cluster-scoped resource (e.g Node). For namespaced resources the cache will only hold objects from the desired namespace. @@ -1282,13 +1328,11 @@ spec: GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation allowed for that controller. - When a controller is registered within this manager using the builder utilities, users have to specify the type the controller reconciles in the For(...) call. If the object's kind passed matches one of the keys in this map, the concurrency for that controller is set to the number specified. - The key is expected to be consistent in form with GroupKind.String(), e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. type: object @@ -1567,11 +1611,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -1599,11 +1645,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic weight: @@ -1616,6 +1664,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -1660,11 +1709,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -1692,14 +1743,17 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object @@ -1762,11 +1816,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1781,13 +1837,13 @@ spec: description: |- MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1796,13 +1852,13 @@ spec: description: |- MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1842,11 +1898,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1866,6 +1924,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -1888,6 +1947,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -1938,11 +1998,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1957,13 +2019,13 @@ spec: description: |- MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -1972,13 +2034,13 @@ spec: description: |- MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2018,11 +2080,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2042,6 +2106,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -2054,6 +2119,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: description: Describes pod anti-affinity scheduling rules @@ -2112,11 +2178,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2131,13 +2199,13 @@ spec: description: |- MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2146,13 +2214,13 @@ spec: description: |- MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2192,11 +2260,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2216,6 +2286,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -2238,6 +2309,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the anti-affinity requirements specified by this field are not met at @@ -2288,11 +2360,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2307,13 +2381,13 @@ spec: description: |- MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2322,13 +2396,13 @@ spec: description: |- MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). items: type: string type: array @@ -2368,11 +2442,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2392,6 +2468,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -2404,6 +2481,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object containers: @@ -2465,10 +2543,13 @@ spec: description: The key to select. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the ConfigMap @@ -2528,10 +2609,13 @@ spec: from. Must be a valid secret key. type: string name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: description: Specify whether the Secret or @@ -2560,11 +2644,9 @@ spec: Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. items: description: ResourceClaim references one entry in @@ -2576,6 +2658,12 @@ spec: the Pod where this field is used. It makes that resource available inside a container. type: string + request: + description: |- + Request is the name chosen for a request in the referenced claim. + If empty, everything from the claim is made available, otherwise + only the result of this request. + type: string required: - name type: object @@ -2620,10 +2708,13 @@ spec: referenced object inside the same namespace. properties: name: + default: "" description: |- Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? type: string type: object x-kubernetes-map-type: atomic @@ -2712,6 +2803,12 @@ spec: For example, the infrastructure name `aws` will fetch artifacts from https://github.com/kubernetes-sigs/cluster-api-provider-aws/releases. properties: + oci: + description: |- + OCI to be used for fetching the provider’s components and metadata from an OCI artifact. + You must set `providerSpec.Version` field for operator to pick up desired version of the release from GitHub. + If the providerSpec.Version is missing, latest provider version from clusterctl defaults is used. + type: string selector: description: |- Selector to be used for fetching provider’s components and metadata from @@ -2746,11 +2843,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2769,6 +2868,9 @@ spec: desired version of the release from GitHub. type: string type: object + x-kubernetes-validations: + - message: Must specify one and only one of {oci, url, selector} + rule: '[has(self.oci), has(self.url), has(self.selector)].exists_one(x,x)' manager: description: Manager defines the properties that can be enabled on the controller manager for the provider. @@ -2778,7 +2880,6 @@ spec: CacheNamespace if specified restricts the manager's cache to watch objects in the desired namespace Defaults to all namespaces - Note: If a namespace is specified, controllers can still Watch for a cluster-scoped resource (e.g Node). For namespaced resources the cache will only hold objects from the desired namespace. @@ -2801,13 +2902,11 @@ spec: GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation allowed for that controller. - When a controller is registered within this manager using the builder utilities, users have to specify the type the controller reconciles in the For(...) call. If the object's kind passed matches one of the keys in this map, the concurrency for that controller is set to the number specified. - The key is expected to be consistent in form with GroupKind.String(), e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`. type: object @@ -3033,20 +3132,20 @@ spec: description: |- The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. - This field may not be empty. + This field may be empty. type: string severity: description: |- - Severity provides an explicit classification of Reason code, so the users or machines can immediately + severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. type: string status: - description: Status of the condition, one of True, False, Unknown. + description: status of the condition, one of True, False, Unknown. type: string type: description: |- - Type of condition in CamelCase or in foo.example.com/CamelCase. + type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string @@ -3102,7 +3201,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.1 helm.sh/resource-policy: keep name: clusterctlconfigs.turtles-capi.cattle.io spec: @@ -3276,19 +3375,8 @@ rules: resources: - configmaps - events - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - namespaces + - secrets verbs: - create - delete @@ -3303,7 +3391,6 @@ rules: - clusters - clusters/status verbs: - - create - get - list - patch @@ -3319,6 +3406,7 @@ rules: - update - apiGroups: - infrastructure.cluster.x-k8s.io + - operator.cluster.x-k8s.io resources: - '*' verbs: @@ -3333,15 +3421,6 @@ rules: - management.cattle.io resources: - clusterregistrationtokens - - clusterregistrationtokens/status - verbs: - - get - - list - - watch - - create -- apiGroups: - - management.cattle.io - resources: - clusters - clusters/status verbs: @@ -3353,12 +3432,29 @@ rules: - patch - update - watch +- apiGroups: + - management.cattle.io + resources: + - clusterregistrationtokens/status + - settings + verbs: + - get + - list + - watch - apiGroups: - provisioning.cattle.io resources: - clusters - clusters/status verbs: + - get + - list + - watch +- apiGroups: + - turtles-capi.cattle.io + resources: + - capiproviders + verbs: - create - delete - get @@ -3369,28 +3465,37 @@ rules: - apiGroups: - turtles-capi.cattle.io resources: - - capiproviders + - capiproviders/finalizers + verbs: + - update +- apiGroups: + - turtles-capi.cattle.io + resources: - capiproviders/status + verbs: + - get + - patch + - update +- apiGroups: + - turtles-capi.cattle.io + resources: - clusterctlconfigs - clusterctlconfigs/status verbs: - get - list - - watch - patch - - update + - watch - apiGroups: - - operator.cluster.x-k8s.io + - turtles-capi.cattle.io resources: - - '*' + - clusterctlconfigs/finalizers verbs: - - create - get - list - - watch - patch - update - - create + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/rancher-turtles-chart/templates/rancher-turtles-exp-etcdrestore-components.yaml b/rancher-turtles-chart/templates/rancher-turtles-exp-etcdrestore-components.yaml index d305dca..c0e7119 100644 --- a/rancher-turtles-chart/templates/rancher-turtles-exp-etcdrestore-components.yaml +++ b/rancher-turtles-chart/templates/rancher-turtles-exp-etcdrestore-components.yaml @@ -4,7 +4,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-etcdsnapshotrestore-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: turtles-capi.cattle.io: etcd-restore name: etcdmachinesnapshots.turtles-capi.cattle.io @@ -116,7 +116,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-etcdsnapshotrestore-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: turtles-capi.cattle.io: etcd-restore name: etcdsnapshotrestores.turtles-capi.cattle.io @@ -195,20 +195,20 @@ spec: description: |- The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. - This field may not be empty. + This field may be empty. type: string severity: description: |- - Severity provides an explicit classification of Reason code, so the users or machines can immediately + severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. type: string status: - description: Status of the condition, one of True, False, Unknown. + description: status of the condition, one of True, False, Unknown. type: string type: description: |- - Type of condition in CamelCase or in foo.example.com/CamelCase. + type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string @@ -235,7 +235,7 @@ kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: {{ index .Values "rancherTurtles" "namespace" }}/rancher-turtles-etcdsnapshotrestore-serving-cert - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: turtles-capi.cattle.io: etcd-restore name: rke2etcdmachinesnapshotconfigs.turtles-capi.cattle.io @@ -438,29 +438,7 @@ rules: - cluster.x-k8s.io resources: - clusters - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - clusters/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - machines verbs: - create @@ -499,57 +477,7 @@ rules: - turtles-capi.cattle.io resources: - etcdmachinesnapshots - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - turtles-capi.cattle.io - resources: - - etcdmachinesnapshots/finalizers - verbs: - - update -- apiGroups: - - turtles-capi.cattle.io - resources: - - etcdmachinesnapshots/status - verbs: - - get - - patch - - update -- apiGroups: - - turtles-capi.cattle.io - resources: - etcdsnapshotrestores - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - turtles-capi.cattle.io - resources: - - etcdsnapshotrestores/finalizers - verbs: - - update -- apiGroups: - - turtles-capi.cattle.io - resources: - - etcdsnapshotrestores/status - verbs: - - get - - patch - - update -- apiGroups: - - turtles-capi.cattle.io - resources: - rke2etcdmachinesnapshotconfigs verbs: - create @@ -562,12 +490,16 @@ rules: - apiGroups: - turtles-capi.cattle.io resources: + - etcdmachinesnapshots/finalizers + - etcdsnapshotrestores/finalizers - rke2etcdmachinesnapshotconfigs/finalizers verbs: - update - apiGroups: - turtles-capi.cattle.io resources: + - etcdmachinesnapshots/status + - etcdsnapshotrestores/status - rke2etcdmachinesnapshotconfigs/status verbs: - get diff --git a/rancher-turtles-chart/values.yaml b/rancher-turtles-chart/values.yaml index cd93abd..6a50bf3 100644 --- a/rancher-turtles-chart/values.yaml +++ b/rancher-turtles-chart/values.yaml @@ -1,35 +1,24 @@ rancherTurtles: image: registry.rancher.com/rancher/rancher/turtles - imageVersion: v0.14.1 + imageVersion: v0.16.0 imagePullPolicy: IfNotPresent namespace: rancher-turtles-system managerArguments: [] imagePullSecrets: [] - rancherInstalled: true + rancherInstalled: false + kubectlImage: registry.suse.com/edge/3.2/kubectl:1.30.3 features: - cluster-api-operator: - cleanup: true - kubectlImage: rancher/kubectl:v1.30.3 - embedded-capi: - disabled: false - rancher-webhook: - cleanup: false - kubectlImage: rancher/kubectl:v1.30.3 - rancher-kubeconfigs: - label: false - managementv3-cluster: - enabled: true - managementv3-cluster-migration: - enabled: false - propagate-labels: - enabled: false etcd-snapshot-restore: enabled: false image: registry.rancher.com/rancher/rancher/turtles - imageVersion: v0.14.1 + imageVersion: v0.16.0 imagePullPolicy: IfNotPresent + # beta feature, see documentation for more information on feature stages addon-provider-fleet: enabled: false + # alpha feature, see documentation for more information on feature stages + agent-tls-mode: + enabled: false cluster-api-operator: enabled: true cert-manager: @@ -53,6 +42,7 @@ cluster-api-operator: - mountPath: /config name: clusterctl-config readOnly: true + cleanup: true cluster-api: enabled: true configSecret: @@ -60,30 +50,34 @@ cluster-api-operator: defaultName: capi-env-variables core: namespace: capi-system + imageUrl: "" fetchConfig: url: "" selector: "" rke2: enabled: true + version: "" bootstrap: namespace: rke2-bootstrap-system + imageUrl: "" fetchConfig: url: "" selector: "" controlPlane: namespace: rke2-control-plane-system + imageUrl: "" fetchConfig: url: "" selector: "" metal3: enabled: true - version: "v1.8.2" + version: "v1.9.2" infrastructure: namespace: capm3-system - imageUrl: "registry.rancher.com/rancher/cluster-api-metal3-controller:v1.8.2" + imageUrl: "registry.suse.com/rancher/cluster-api-provider-metal3:v1.9.2" fetchConfig: url: "" selector: "" ipam: namespace: capm3-system - imageUrl: "registry.rancher.com/rancher/cluster-api-metal3-ipam-controller:v1.8.1" + imageUrl: "registry.suse.com/rancher/ip-address-manager:v1.9.3"