sriov-crd-chart/Chart.yaml

@@ -1,5 +1,5 @@
-#!BuildTag: %%CHART_PREFIX%%sriov-crd:%%CHART_MAJOR%%.0.0_up1.4.0-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%sriov-crd:%%CHART_MAJOR%%.0.0_up1.5.0-%RELEASE%
-#!BuildTag: %%CHART_PREFIX%%sriov-crd:%%CHART_MAJOR%%.0.0_up1.4.0
+#!BuildTag: %%CHART_PREFIX%%sriov-crd:%%CHART_MAJOR%%.0.0_up1.5.0
 annotations:
   catalog.cattle.io/experimental: "true"
   catalog.cattle.io/hidden: "true"
@@ -10,4 +10,4 @@ apiVersion: v2
 description: Installs the CRDs for the SR-IOV operator
 name: sriov-crd
 type: application
-version: "%%CHART_MAJOR%%.0.0+up1.4.0"
+version: "%%CHART_MAJOR%%.0.0+up1.5.0"

sriov-crd-chart/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml

@@ -81,6 +81,10 @@ spec:
                                   description: external_ids field in the Interface table
                                     in OVSDB
                                   type: object
+                                mtuRequest:
+                                  description: mtu_request field in the Interface table
+                                    in OVSDB
+                                  type: integer
                                 options:
                                   additionalProperties:
                                     type: string

sriov-crd-chart/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml

@@ -102,6 +102,10 @@ spec:
                                       description: external_ids field in the Interface
                                         table in OVSDB
                                       type: object
+                                    mtuRequest:
+                                      description: mtu_request field in the Interface
+                                        table in OVSDB
+                                      type: integer
                                     options:
                                       additionalProperties:
                                         type: string
@@ -174,6 +178,15 @@ spec:
                       - pciAddress
                     type: object
                   type: array
+                system:
+                  properties:
+                    rdmaMode:
+                      description: RDMA subsystem. Allowed value "shared", "exclusive".
+                      enum:
+                        - shared
+                        - exclusive
+                      type: string
+                  type: object
               type: object
             status:
               description: SriovNetworkNodeStateStatus defines the observed state of
@@ -228,6 +241,10 @@ spec:
                                       description: external_ids field in the Interface
                                         table in OVSDB
                                       type: object
+                                    mtuRequest:
+                                      description: mtu_request field in the Interface
+                                        table in OVSDB
+                                      type: integer
                                     options:
                                       additionalProperties:
                                         type: string
@@ -335,6 +352,15 @@ spec:
                   type: string
                 syncStatus:
                   type: string
+                system:
+                  properties:
+                    rdmaMode:
+                      description: RDMA subsystem. Allowed value "shared", "exclusive".
+                      enum:
+                        - shared
+                        - exclusive
+                      type: string
+                  type: object
               type: object
           type: object
       served: true

sriov-crd-chart/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml

@@ -111,6 +111,12 @@ spec:
                         Name is the name of MachineConfigPool to be enabled with OVS hardware offload
                       type: string
                   type: object
+                rdmaMode:
+                  description: RDMA subsystem. Allowed value "shared", "exclusive".
+                  enum:
+                    - shared
+                    - exclusive
+                  type: string
               type: object
             status:
               description: SriovNetworkPoolConfigStatus defines the observed state of

sriov-network-operator-chart/Chart.yaml

@@ -1,16 +1,16 @@
-#!BuildTag: %%CHART_PREFIX%%sriov-network-operator:%%CHART_MAJOR%%.0.0_up1.4.0-%RELEASE%
+#!BuildTag: %%CHART_PREFIX%%sriov-network-operator:%%CHART_MAJOR%%.0.0_up1.5.0-%RELEASE%
-#!BuildTag: %%CHART_PREFIX%%sriov-network-operator:%%CHART_MAJOR%%.0.0_up1.4.0
+#!BuildTag: %%CHART_PREFIX%%sriov-network-operator:%%CHART_MAJOR%%.0.0_up1.5.0
 annotations:
   catalog.cattle.io/auto-install: sriov-crd=match
   catalog.cattle.io/experimental: "true"
   catalog.cattle.io/namespace: cattle-sriov-system
   catalog.cattle.io/os: linux
   catalog.cattle.io/permits-os: linux
-  catalog.cattle.io/upstream-version: 1.4.0
+  catalog.cattle.io/upstream-version: 1.5.0
 apiVersion: v2
-appVersion: v1.4.0
+appVersion: v1.5.0
 dependencies:
-- condition: sriov-nfd.enabled
+  - condition: sriov-nfd.enabled
     name: sriov-nfd
     repository: file://./charts/sriov-nfd
     version: 0.15.7
@@ -19,10 +19,10 @@ description: SR-IOV network operator configures and manages SR-IOV networks in t
 home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
 icon: https://charts.rancher.io/assets/logos/sr-iov.svg
 keywords:
-- sriov
+  - sriov
-kubeVersion: '>= 1.16.0-0'
+kubeVersion: '>= 1.24.0-0'
 name: sriov-network-operator
 sources:
-- https://github.com/k8snetworkplumbingwg/sriov-network-operator
+  - https://github.com/k8snetworkplumbingwg/sriov-network-operator
 type: application
-version: "%%CHART_MAJOR%%.0.0+up1.4.0"
+version: "%%CHART_MAJOR%%.0.0+up1.5.0"

sriov-network-operator-chart/README.md

@@ -41,7 +41,7 @@ For additional information and methods for installing Helm, refer to the officia
 #### Deploy from OCI repo
 
 ```
-$ helm install -n sriov-network-operator --create-namespace --version 1.3.0 --set sriovOperatorConfig.deploy=true sriov-network-operator oci://ghcr.io/k8snetworkplumbingwg/sriov-network-operator
+$ helm install -n sriov-network-operator --create-namespace --version 1.3.0 --set sriovOperatorConfig.deploy=true sriov-network-operator oci://ghcr.io/k8snetworkplumbingwg/sriov-network-operator-chart
 ```
 
 #### Deploy from project sources
@@ -51,7 +51,7 @@ $ helm install -n sriov-network-operator --create-namespace --version 1.3.0 --se
 $ git clone https://github.com/k8snetworkplumbingwg/sriov-network-operator.git ; cd sriov-network-operator
 
 # Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait --set sriovOperatorConfig.deploy=true sriov-network-operator ./deployment/sriov-network-operator
+$ helm install -n sriov-network-operator --create-namespace --wait --set sriovOperatorConfig.deploy=true sriov-network-operator ./deployment/sriov-network-operator-chart
 
 # View deployed resources
 $ kubectl -n sriov-network-operator get pods
@@ -123,10 +123,16 @@ This section contains general parameters that apply to both the operator and dae
 | Name | Type | Default | description |
 | ---- | ---- | ------- | ----------- |
 | `sriovOperatorConfig.deploy` | bool | `false` | deploy SriovOperatorConfig custom resource |
-| `sriovOperatorConfig.configDaemonNodeSelector` | map[string]string | `{}` | node slectors for sriov-network-config-daemon |
+| `sriovOperatorConfig.configDaemonNodeSelector` | map[string]string | `{}` | node selectors for sriov-network-config-daemon |
 | `sriovOperatorConfig.logLevel` | int | `2` | log level for both operator and sriov-network-config-daemon |
 | `sriovOperatorConfig.disableDrain` | bool | `false` | disable node draining when configuring SR-IOV, set to true in case of a single node cluster or any other justifiable reason |
 | `sriovOperatorConfig.configurationMode` | string | `daemon` | sriov-network-config-daemon configuration mode. either `daemon` or `systemd` |
+| `sriovOperatorConfig.featureGates` | map[string]bool | `{}` | feature gates to enable/disable |
+
+**Note**
+
+When `sriovOperatorConfig.configurationMode` is configured as `systemd`, configurations files and `systemd` service files are created on the node.
+Upon chart deletion, those files are not cleaned up. For cases where this is not acceptable, users should rather configured the `daemon` mode.
 
 ### Images parameters
 

sriov-network-operator-chart/app-README.md

@@ -4,10 +4,9 @@ This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator
 
 The chart installs the following components:
 
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
+- SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
+- SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
 
 Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
 
 The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-

sriov-network-operator-chart/charts/sriov-nfd/Chart.yaml

@@ -4,11 +4,11 @@ description: Detects hardware features available on each node in a Kubernetes cl
   and advertises those features using node labels
 home: https://github.com/kubernetes-sigs/node-feature-discovery
 keywords:
-- feature-discovery
+  - feature-discovery
-- feature-detection
+  - feature-detection
-- node-labels
+  - node-labels
 name: sriov-nfd
 sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
+  - https://github.com/kubernetes-sigs/node-feature-discovery
 type: application
 version: 0.15.7

sriov-network-operator-chart/charts/sriov-nfd/templates/cert-manager-issuer.yaml

@@ -1,8 +1,8 @@
 {{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
+  # See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
+  # - Create a self signed issuer
-# - Use this to create a CA cert
+  # - Use this to create a CA cert
-# - Use this to now create a CA issuer
+  # - Use this to now create a CA issuer
 ---
 apiVersion: cert-manager.io/v1
 kind: Issuer

sriov-network-operator-chart/charts/sriov-nfd/templates/clusterrole.yaml

@@ -6,7 +6,7 @@ metadata:
   labels:
     {{- include "node-feature-discovery.labels" . | nindent 4 }}
 rules:
-- apiGroups:
+  - apiGroups:
       - ""
     resources:
       - nodes
@@ -16,7 +16,7 @@ rules:
       - patch
       - update
       - list
-- apiGroups:
+  - apiGroups:
       - nfd.k8s-sigs.io
     resources:
       - nodefeatures
@@ -25,13 +25,13 @@ rules:
       - get
       - list
       - watch
-- apiGroups:
+  - apiGroups:
       - coordination.k8s.io
     resources:
       - leases
     verbs:
       - create
-- apiGroups:
+  - apiGroups:
       - coordination.k8s.io
     resources:
       - leases
@@ -51,26 +51,26 @@ metadata:
   labels:
     {{- include "node-feature-discovery.labels" . | nindent 4 }}
 rules:
-- apiGroups:
+  - apiGroups:
       - ""
     resources:
       - nodes
     verbs:
       - get
       - list
-- apiGroups:
+  - apiGroups:
       - ""
     resources:
       - nodes/proxy
     verbs:
       - get
-- apiGroups:
+  - apiGroups:
       - ""
     resources:
       - pods
     verbs:
       - get
-- apiGroups:
+  - apiGroups:
       - topology.node.k8s.io
     resources:
       - noderesourcetopologies
@@ -89,27 +89,27 @@ metadata:
   labels:
     {{- include "node-feature-discovery.labels" . | nindent 4 }}
 rules:
-- apiGroups:
+  - apiGroups:
       - ""
     resources:
       - nodes
     verbs:
       - list
       - watch
-- apiGroups:
+  - apiGroups:
       - ""
     resources:
       - nodes/proxy
     verbs:
       - get
-- apiGroups:
+  - apiGroups:
       - topology.node.k8s.io
     resources:
       - noderesourcetopologies
     verbs:
       - delete
       - list
-- apiGroups:
+  - apiGroups:
       - nfd.k8s-sigs.io
     resources:
       - nodefeatures

sriov-network-operator-chart/charts/sriov-nfd/templates/clusterrolebinding.yaml

@@ -10,7 +10,7 @@ roleRef:
   kind: ClusterRole
   name: {{ include "node-feature-discovery.fullname" . }}
 subjects:
-- kind: ServiceAccount
+  - kind: ServiceAccount
     name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
     namespace: {{ include "node-feature-discovery.namespace" .  }}
 {{- end }}
@@ -28,7 +28,7 @@ roleRef:
   kind: ClusterRole
   name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
 subjects:
-- kind: ServiceAccount
+  - kind: ServiceAccount
     name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
     namespace: {{ include "node-feature-discovery.namespace" .  }}
 {{- end }}
@@ -46,7 +46,7 @@ roleRef:
   kind: ClusterRole
   name: {{ include "node-feature-discovery.fullname" . }}-gc
 subjects:
-- kind: ServiceAccount
+  - kind: ServiceAccount
     name: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
     namespace: {{ include "node-feature-discovery.namespace" .  }}
 {{- end }}

sriov-network-operator-chart/charts/sriov-nfd/templates/role.yaml

@@ -7,7 +7,7 @@ metadata:
   labels:
     {{- include "node-feature-discovery.labels" . | nindent 4 }}
 rules:
-- apiGroups:
+  - apiGroups:
       - nfd.k8s-sigs.io
     resources:
       - nodefeatures
@@ -15,7 +15,7 @@ rules:
       - create
       - get
       - update
-- apiGroups:
+  - apiGroups:
       - ""
     resources:
       - pods

sriov-network-operator-chart/charts/sriov-nfd/templates/rolebinding.yaml

@@ -11,8 +11,7 @@ roleRef:
   kind: Role
   name: {{ include "node-feature-discovery.fullname" . }}-worker
 subjects:
-- kind: ServiceAccount
+  - kind: ServiceAccount
     name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
     namespace: {{ include "node-feature-discovery.namespace" .  }}
 {{- end }}
-

sriov-network-operator-chart/charts/sriov-nfd/values.yaml

@@ -3,7 +3,7 @@ image:
   # This should be set to 'IfNotPresent' for released version
   pullPolicy: IfNotPresent
   # tag, if defined will use the given image tag, else Chart.AppVersion will be used
-  tag: v0.15.7-build20241113
+  tag: v0.15.7-build20250402
 imagePullSecrets: []
 
 nameOverride: ""
@@ -376,7 +376,7 @@ worker:
   #      matchFeatures:
   #        - feature: kernel.config
   #          matchName: {op: In, value: ["SWAP", "X86", "ARM"]}
-### <NFD-WORKER-CONF-END-DO-NOT-REMOVE>
+  ### <NFD-WORKER-CONF-END-DO-NOT-REMOVE>
 
   metricsPort: 8081
   daemonsetAnnotations: {}
@@ -439,7 +439,7 @@ topologyUpdater:
   #  node1: [cpu]
   #  node2: [memory, example/deviceA]
   #  *: [hugepages-2Mi]
-### <NFD-TOPOLOGY-UPDATER-CONF-END-DO-NOT-REMOVE>
+  ### <NFD-TOPOLOGY-UPDATER-CONF-END-DO-NOT-REMOVE>
 
   enable: false
   createCRDs: false

sriov-network-operator-chart/templates/_webhook-certs.tpl

@@ -28,4 +28,3 @@ tls.key: {{ $cert.Key | b64enc }}
 tls.crt: {{ $cert.Cert | b64enc }}
 tls.key: {{ $cert.Key | b64enc }}
 {{- end }}
-

sriov-network-operator-chart/templates/certmanagercerts.yaml

@@ -38,4 +38,3 @@ spec:
   privateKey:
     rotationPolicy: Always
 {{- end -}}
-

sriov-network-operator-chart/templates/clusterrole.yaml

@@ -49,12 +49,6 @@ rules:
   - apiGroups: [""]
     resources: ["nodes"]
     verbs: ["get", "list", "watch", "patch", "update"]
-  - apiGroups: [""]
-    resources: ["pods"]
-    verbs: ["*"]
-  - apiGroups: ["apps"]
-    resources: ["daemonsets"]
-    verbs: ["get"]
   - apiGroups: [ "config.openshift.io" ]
     resources: [ "infrastructures" ]
     verbs: [ "get", "list", "watch" ]
@@ -67,7 +61,7 @@ metadata:
     rbac.authorization.k8s.io/aggregate-to-admin: "true"
   {{- end }}
 rules:
-- apiGroups:
+  - apiGroups:
       - sriovnetwork.openshift.io
     resources:
       - '*'
@@ -84,7 +78,7 @@ metadata:
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
   {{- end }}
 rules:
-- apiGroups:
+  - apiGroups:
       - sriovnetwork.openshift.io
     resources:
       - '*'
@@ -101,7 +95,7 @@ metadata:
     rbac.authorization.k8s.io/aggregate-to-view: "true"
   {{- end }}
 rules:
-- apiGroups:
+  - apiGroups:
       - sriovnetwork.openshift.io
     resources:
       - '*'

sriov-network-operator-chart/templates/configmap.yaml

@@ -20,8 +20,11 @@ data:
   Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
   Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
   Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
+  Intel_ice_Columbiaville_E810-XXV_BACKPLANE: "8086 1599 1889"
   Intel_ice_Columbiaville_E810: "8086 1591 1889"
   Intel_ice_Columbiapark_E823C: "8086 188a 1889"
+  Intel_ice_Columbiapark_E823L_SFP: "8086 124d 1889"
+  Intel_ice_Columbiapark_E823L_BACKPLANE: "8086 124c 1889"
   Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
   Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
   Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
@@ -30,6 +33,7 @@ data:
   Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
   Nvidia_mlx5_ConnectX-6_Lx: "15b3 101f 101e"
   Nvidia_mlx5_ConnectX-7: "15b3 1021 101e"
+  Nvidia_mlx5_ConnectX-8: "15b3 1023 101e"
   Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
   Nvidia_mlx5_MT43244_BlueField-3_integrated_ConnectX-7_Dx: "15b3 a2dc 101e"
   Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"

sriov-network-operator-chart/templates/operator.yaml

@@ -95,6 +95,8 @@ spec:
               value: {{ .Values.operator.cniBinPath }}
             - name: CLUSTER_TYPE
               value: {{ .Values.operator.clusterType }}
+            - name: STALE_NODE_STATE_CLEANUP_DELAY_MINUTES
+              value: "{{ .Values.operator.staleNodeStateCleanupDelayMinutes }}"
         {{- if .Values.operator.admissionControllers.enabled }}
             - name: ADMISSION_CONTROLLERS_CERTIFICATES_OPERATOR_SECRET_NAME
               value: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}

sriov-network-operator-chart/templates/pre-delete-webooks.yaml

@@ -0,0 +1,33 @@
+# The following job will be used as Helm pre-delete hook. It executes a small go-client binary
+# which intent to delete 'default' SriovOperatorConfig, that triggers operator removal of generated cluster objects
+# e.g. mutating/validating webhooks, within operator's recoinciling loop and
+# preventing operator cluster object remainings while using helm uninstall
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ include "sriov-network-operator.fullname" . }}-pre-delete-hook
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    "helm.sh/hook": pre-delete
+    "helm.sh/hook-delete-policy": hook-succeeded,hook-failed
+spec:
+  template:
+    spec:
+      serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
+      {{- if .Values.imagePullSecrets }}
+      imagePullSecrets:
+      {{- range .Values.imagePullSecrets }}
+        - name: {{ . }}
+      {{- end }}
+      {{- end }}
+      containers:
+        - name: cleanup
+          image: {{ .Values.images.operator }}
+          command:
+            - sriov-network-operator-config-cleanup
+          args:
+            - --namespace
+            - {{ .Release.Namespace }}
+      restartPolicy: Never
+  backoffLimit: 2
+      

sriov-network-operator-chart/templates/role.yaml

@@ -32,9 +32,12 @@ rules:
       - monitoring.coreos.com
     resources:
       - servicemonitors
+      - prometheusrules
     verbs:
       - get
       - create
+      - update
+      - delete
   - apiGroups:
       - apps
     resourceNames:
@@ -79,13 +82,10 @@ rules:
     resources:
       - pods
     verbs:
-      - '*'
+      - "get"
-  - apiGroups:
+      - "list"
-      - apps
+      - "watch"
-    resources:
+      - "delete"
-      - daemonsets
-    verbs:
-      - '*'
   - apiGroups:
       - sriovnetwork.openshift.io
     resources:

sriov-network-operator-chart/templates/rolebinding.yaml

@@ -36,7 +36,7 @@ metadata:
   name: operator-webhook-sa
   namespace: {{ .Release.Namespace }}
 subjects:
-- kind: ServiceAccount
+  - kind: ServiceAccount
     name: operator-webhook-sa
 roleRef:
   kind: Role

sriov-network-operator-chart/templates/secrets.yaml

@@ -17,4 +17,3 @@ metadata:
 data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
 {{- end }}
 {{- end }}
-

sriov-network-operator-chart/templates/sriovoperatorconfig.yaml

@@ -14,4 +14,8 @@ spec:
   logLevel: {{ .Values.sriovOperatorConfig.logLevel }}
   disableDrain: {{ .Values.sriovOperatorConfig.disableDrain }}
   configurationMode: {{ .Values.sriovOperatorConfig.configurationMode }}
+  {{- with .Values.sriovOperatorConfig.featureGates }}
+  featureGates:
+    {{- range $k, $v := .}}{{printf "%s: %t" $k $v | nindent 4 }}{{ end }}
+  {{- end }}
 {{ end }}

sriov-network-operator-chart/templates/validate-install-crd.yaml

@@ -16,5 +16,5 @@
 # {{- if (eq $exists false) -}}
 # 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
 # {{- end -}}
-# {{- end -}}
+  # {{- end -}}
-#{{- end -}}
+  #{{- end -}}

sriov-network-operator-chart/values.yaml

@@ -30,6 +30,10 @@ operator:
   resourcePrefix: "rancher.io"
   cniBinPath: "/opt/cni/bin"
   clusterType: "kubernetes"
+  # minimal amount of time (in minutes) the operator will wait before removing
+  # stale SriovNetworkNodeState objects (objects that doesn't match node with the daemon)
+  # "0" means no extra delay, in this case the CR will be removed by the next reconcilation cycle (may take up to 5 minutes)
+  staleNodeStateCleanupDelayMinutes: "30"
   admissionControllers:
     enabled: false
     certificates:
@@ -81,7 +85,7 @@ operator:
 sriovOperatorConfig:
   # deploy sriovOperatorConfig CR with the below values
   deploy: true
-  # node slectors for sriov-network-config-daemon
+  # node selectors for sriov-network-config-daemon
   configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: 'true'}
   # log level for both operator and sriov-network-config-daemon
   logLevel: 2
@@ -90,31 +94,33 @@ sriovOperatorConfig:
   disableDrain: false
   # sriov-network-config-daemon configuration mode. either "daemon" or "systemd"
   configurationMode: daemon
+  # feature gates to enable/disable
+  featureGates: {}
 # Example for supportedExtraNICs values ['MyNIC: "8086 1521 1520"']
 supportedExtraNICs: []
 # Image URIs for sriov-network-operator components
 images:
   operator:
     repository: rancher/hardened-sriov-network-operator
-    tag: v1.4.0-build20241113
+    tag: v1.5.0-build20250402
   sriovConfigDaemon:
     repository: rancher/hardened-sriov-network-config-daemon
-    tag: v1.4.0-build20241113
+    tag: v1.5.0-build20250402
   sriovCni:
     repository: rancher/hardened-sriov-cni
-    tag: v2.8.1-build20241113
+    tag: v2.9.0-build20250402
   ibSriovCni:
     repository: rancher/hardened-ib-sriov-cni
-    tag: v1.1.1-build20241113
+    tag: v1.2.0-build20250402
   sriovDevicePlugin:
     repository: rancher/hardened-sriov-network-device-plugin
-    tag: v3.8.0-build20241114
+    tag: v3.9.0-build20250402
   resourcesInjector:
     repository: rancher/hardened-sriov-network-resources-injector
-    tag: v1.6.0-build20241113
+    tag: v1.7.1-build20250402
   webhook:
     repository: rancher/hardened-sriov-network-webhook
-    tag: v1.4.0-build20241113
+    tag: v1.5.0-build20250402
 imagePullSecrets: []
 extraDeploy: []
 global: