From 03d7a39ead0eeae9413d36010f2fae791cec4a617e8ebc3a550a578db7aeaecc Mon Sep 17 00:00:00 2001 From: Marco Chiappero Date: Fri, 1 Aug 2025 12:00:25 +0000 Subject: [PATCH 1/8] Allow control over IRONIC_EXTERNAL_HTTP_URL via values.yaml The purpose of this commit is to: - avoid providing IRONIC_EXTERNAL_HTTP_URL by default, as the Ironic startup scripts will be able to derive the value from other variables - define a new global value under the top values.yaml to generate IRONIC_EXTERNAL_HTTP_URL when actually needed - make sure that the input, which can either be a hostname or an IP address, is correctly formatted in case of an IPv6. This change also allows subsequent cleanups of the whole Configmap template for Ironic. Signed-off-by: Marco Chiappero --- metal3-chart/charts/ironic/templates/_helpers.tpl | 13 +++++++++++++ metal3-chart/charts/ironic/templates/configmap.yaml | 4 +++- metal3-chart/values.yaml | 3 +++ 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/metal3-chart/charts/ironic/templates/_helpers.tpl b/metal3-chart/charts/ironic/templates/_helpers.tpl index 0d1ab97..8bce553 100644 --- a/metal3-chart/charts/ironic/templates/_helpers.tpl +++ b/metal3-chart/charts/ironic/templates/_helpers.tpl @@ -83,3 +83,16 @@ Get ironic CA volumeMounts readOnly: true {{- end }} {{- end }} + +{{/* +Get the formatted "External" hostname or IP address +*/}} +{{- define "ironic.externalHttpHost" }} +{{- with .Values.global }} +{{- if regexMatch ".*:.*" .externalHttpHost }} +{{- print "[" .externalHttpHost "]" }} +{{- else }} +{{- .externalHttpHost }} +{{- end }} +{{- end }} +{{- end }} diff --git a/metal3-chart/charts/ironic/templates/configmap.yaml b/metal3-chart/charts/ironic/templates/configmap.yaml index ba43d20..6e45bd5 100644 --- a/metal3-chart/charts/ironic/templates/configmap.yaml +++ b/metal3-chart/charts/ironic/templates/configmap.yaml @@ -32,7 +32,9 @@ data: {{- else }} {{- $protocol = "http" }} {{- end }} - IRONIC_EXTERNAL_HTTP_URL: {{ $protocol }}://{{ $ironicCacheHost }} + {{- if .Values.global.externalHttpHost }} + IRONIC_EXTERNAL_HTTP_URL: {{ $protocol }}://{{ include "ironic.externalHttpHost" . }}:6385 + {{- end }} DEPLOY_ARCHITECTURE: {{ $deployArch }} IRONIC_BOOT_BASE_URL: {{ $protocol }}://{{ $ironicBootHost }} ENABLE_PXE_BOOT: "{{ .Values.global.enable_pxe_boot }}" diff --git a/metal3-chart/values.yaml b/metal3-chart/values.yaml index 2d24c8a..d68d6a9 100644 --- a/metal3-chart/values.yaml +++ b/metal3-chart/values.yaml @@ -60,6 +60,9 @@ global: # IP Address assigned to network interface on provisioning network provisioningIP: "" + # Hostname or IP for accessing the Ironic API server from a non-provisioning network + externalHttpHost: "" + # Name for the MariaDB service databaseServiceName: metal3-mariadb -- 2.49.0 From 343fcd24b78fb02f3f24d044e47b1ac55ed4aa83e698f86c87236a3b7a3d6485 Mon Sep 17 00:00:00 2001 From: Marco Chiappero Date: Fri, 1 Aug 2025 10:57:58 +0000 Subject: [PATCH 2/8] Remove unused env and helm variables Since currently we can only define the provisioning network and the external HTTP host, remove some clutter generating unused variables. Signed-off-by: Marco Chiappero --- metal3-chart/charts/ironic/templates/configmap.yaml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/metal3-chart/charts/ironic/templates/configmap.yaml b/metal3-chart/charts/ironic/templates/configmap.yaml index 6e45bd5..0270055 100644 --- a/metal3-chart/charts/ironic/templates/configmap.yaml +++ b/metal3-chart/charts/ironic/templates/configmap.yaml @@ -8,13 +8,9 @@ data: {{- $enableTLS := .Values.global.enable_tls }} {{- $enableVMediaTLS := .Values.global.enable_vmedia_tls }} {{- $protocol := ternary "https" "http" $enableTLS }} - {{- $ironicIP := .Values.global.ironicIP | default "" }} - {{- $ironicBootHost := print $ironicIP ":6180" }} - {{- $ironicCacheHost := print $ironicIP ":6180" }} {{- $deployArch := .Values.global.deployArchitecture }} {{- if ( .Values.global.enable_dnsmasq ) }} - DNSMASQ_BOOT_SERVER_ADDRESS: {{ $ironicBootHost }} DNSMASQ_DNS_SERVER_ADDRESS: {{ .Values.global.dnsmasqDNSServer }} DNSMASQ_DEFAULT_ROUTER: {{ .Values.global.dnsmasqDefaultRouter }} DHCP_RANGE: {{ .Values.global.dhcpRange }} @@ -26,8 +22,6 @@ data: PREDICTABLE_NIC_NAMES: "{{ .Values.global.predictableNicNames }}" # Switch VMedia to HTTP if enable_vmedia_tls is false {{- if and $enableTLS $enableVMediaTLS }} - {{- $ironicBootHost = print $ironicIP ":" .Values.global.vmediaTLSPort }} - {{- $ironicCacheHost = print $ironicIP ":" .Values.global.vmediaTLSPort }} {{- $protocol = "https" }} {{- else }} {{- $protocol = "http" }} @@ -36,7 +30,6 @@ data: IRONIC_EXTERNAL_HTTP_URL: {{ $protocol }}://{{ include "ironic.externalHttpHost" . }}:6385 {{- end }} DEPLOY_ARCHITECTURE: {{ $deployArch }} - IRONIC_BOOT_BASE_URL: {{ $protocol }}://{{ $ironicBootHost }} ENABLE_PXE_BOOT: "{{ .Values.global.enable_pxe_boot }}" {{- if .Values.global.provisioningInterface }} PROVISIONING_INTERFACE: {{ .Values.global.provisioningInterface }} -- 2.49.0 From 110a7b1f7c996fa24ab4628e60b7c2292641fd27d5afdb2c3d127baa709a10c0 Mon Sep 17 00:00:00 2001 From: Marco Chiappero Date: Thu, 31 Jul 2025 14:28:46 +0000 Subject: [PATCH 3/8] Introduce the provisioningHostname env variable in Ironic Create a new provisioningHostname value in values.yaml in order to set the new IRONIC_URL_HOSTNAME, that allows to set the address(es) Ironic will bind to. Signed-off-by: Marco Chiappero --- metal3-chart/charts/ironic/templates/configmap.yaml | 2 ++ metal3-chart/charts/ironic/values.yaml | 6 ++++++ metal3-chart/values.yaml | 6 ++++++ 3 files changed, 14 insertions(+) diff --git a/metal3-chart/charts/ironic/templates/configmap.yaml b/metal3-chart/charts/ironic/templates/configmap.yaml index 0270055..718f743 100644 --- a/metal3-chart/charts/ironic/templates/configmap.yaml +++ b/metal3-chart/charts/ironic/templates/configmap.yaml @@ -36,6 +36,8 @@ data: {{- end }} {{- if .Values.global.provisioningIP }} PROVISIONING_IP: {{ .Values.global.provisioningIP }} + {{- else if .Values.global.provisioningHostname }} + IRONIC_URL_HOSTNAME: {{ .Values.global.provisioningHostname }} {{- end }} IRONIC_FAST_TRACK: "true" LISTEN_ALL_INTERFACES: "true" diff --git a/metal3-chart/charts/ironic/values.yaml b/metal3-chart/charts/ironic/values.yaml index c0e5d62..ccc4d8e 100644 --- a/metal3-chart/charts/ironic/values.yaml +++ b/metal3-chart/charts/ironic/values.yaml @@ -32,6 +32,12 @@ global: # IP Address assigned to network interface on provisioning network provisioningIP: "" + # Fully Qualified Domain Name used by Ironic for both binding (to the + # associated IPv4 and/or IPv6 addresses) and exposing the API, dnsmask and + # media, also used by BMO. Note, this is the only way to enable a fully + # working dual-stack configuration. + provisioningHostname: "" + # Whether the NIC names should be predictable or not predictableNicNames: "true" diff --git a/metal3-chart/values.yaml b/metal3-chart/values.yaml index d68d6a9..d9f62a0 100644 --- a/metal3-chart/values.yaml +++ b/metal3-chart/values.yaml @@ -60,6 +60,12 @@ global: # IP Address assigned to network interface on provisioning network provisioningIP: "" + # Fully Qualified Domain Name used by Ironic for both binding (to the + # associated IPv4 and/or IPv6 addresses) and exposing the API, dnsmask and + # media, also used by BMO. Note, this is the only way to enable a fully + # working dual-stack configuration. + provisioningHostname: "" + # Hostname or IP for accessing the Ironic API server from a non-provisioning network externalHttpHost: "" -- 2.49.0 From 6012f480b078662f1615c69b220976567fe3898f7973edf33244b6ebc2981c2a Mon Sep 17 00:00:00 2001 From: Marco Chiappero Date: Thu, 31 Jul 2025 14:55:07 +0000 Subject: [PATCH 4/8] Allow to change the LISTEN_ALL_INTERFACE variable for Ironic It should be possible to enable or disable the environment variable LISTEN_ALL_INTERFACE in the Ironic configmap, as it allows to the way Ironic binds to socket, especially in combination with the changes introduced in v29. However, if listenOnAll is false, Ironic will bind to a specific IPv4 and/or IPv6 address and the 127.0.0.1 address used for the liveness and readiness probe will not be accepted. Also add a named template that, when it is set to false, picks a different host IP or address, according to the following priority: - ironicIP (deprecated) - provisioningIP - provisioningHostname Signed-off-by: Marco Chiappero --- metal3-chart/charts/ironic/templates/_helpers.tpl | 14 ++++++++++++++ .../charts/ironic/templates/configmap.yaml | 2 +- .../charts/ironic/templates/deployment.yaml | 4 ++-- metal3-chart/charts/ironic/values.yaml | 2 ++ 4 files changed, 19 insertions(+), 3 deletions(-) diff --git a/metal3-chart/charts/ironic/templates/_helpers.tpl b/metal3-chart/charts/ironic/templates/_helpers.tpl index 8bce553..b54f03a 100644 --- a/metal3-chart/charts/ironic/templates/_helpers.tpl +++ b/metal3-chart/charts/ironic/templates/_helpers.tpl @@ -96,3 +96,17 @@ Get the formatted "External" hostname or IP address {{- end }} {{- end }} {{- end }} + +{{/* +Get the command to use for Liveness and Readiness probes +*/}} +{{- define "ironic.probeCommand" }} +{{- $host := "127.0.0.1" }} +{{- if eq .Values.listenOnAll false }} +{{- $host = coalesce .Values.global.ironicIP .Values.global.provisioningIP .Values.global.provisioningHostname }} +{{- if regexMatch ".*:.*" $host }} +{{- $host = print "[" $host "]" }} +{{- end }} +{{- end }} +{{- print "curl -sSfk https://" $host ":6385" }} +{{- end }} diff --git a/metal3-chart/charts/ironic/templates/configmap.yaml b/metal3-chart/charts/ironic/templates/configmap.yaml index 718f743..bc1ed29 100644 --- a/metal3-chart/charts/ironic/templates/configmap.yaml +++ b/metal3-chart/charts/ironic/templates/configmap.yaml @@ -40,7 +40,7 @@ data: IRONIC_URL_HOSTNAME: {{ .Values.global.provisioningHostname }} {{- end }} IRONIC_FAST_TRACK: "true" - LISTEN_ALL_INTERFACES: "true" + LISTEN_ALL_INTERFACES: "{{ .Values.listenOnAll }}" {{- if .Values.global.ironicIP }} IRONIC_IP: {{ .Values.global.ironicIP }} {{- end }} diff --git a/metal3-chart/charts/ironic/templates/deployment.yaml b/metal3-chart/charts/ironic/templates/deployment.yaml index 56ca391..5204253 100644 --- a/metal3-chart/charts/ironic/templates/deployment.yaml +++ b/metal3-chart/charts/ironic/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: name: ironic livenessProbe: exec: - command: ["sh", "-c", "curl -sSfk https://127.0.0.1:6385"] + command: ["sh", "-c", "{{ include "ironic.probeCommand" . }}"] failureThreshold: 10 initialDelaySeconds: 30 periodSeconds: 30 @@ -60,7 +60,7 @@ spec: {{- end }} readinessProbe: exec: - command: ["sh", "-c", "curl -sSfk https://127.0.0.1:6385"] + command: ["sh", "-c", "{{ include "ironic.probeCommand" . }}"] failureThreshold: 10 initialDelaySeconds: 30 periodSeconds: 30 diff --git a/metal3-chart/charts/ironic/values.yaml b/metal3-chart/charts/ironic/values.yaml index ccc4d8e..81ea464 100644 --- a/metal3-chart/charts/ironic/values.yaml +++ b/metal3-chart/charts/ironic/values.yaml @@ -58,6 +58,8 @@ global: replicaCount: 1 +listenOnAll: true + images: ironic: repository: registry.opensuse.org/isv/suse/edge/metal3/containers/images/ironic -- 2.49.0 From 29dd8dda174bdd2359e4a09dc0c201c631b577ea442398989442c749128983cb Mon Sep 17 00:00:00 2001 From: Marco Chiappero Date: Fri, 1 Aug 2025 12:38:31 +0000 Subject: [PATCH 5/8] Introduce metal3.provisioningIP template and deprecate ironicIP So far ironicIP has been part of values.yaml under the global section, however this is very misleading: this variable is internal to the Ironic startup scripts and should not be set, moreover it conflicts with provisioningIP, which is instead a public configuration variable for the purpose. This commits thus introduces the following changes: - removes the creation of IRONIC_IP in the Ironic configmap - does not yet remove ironicIP from values.yaml to avoid breaking forward compatibility - introduces a utility function to perform input validation while still prioritizing ironicIP if present Signed-off-by: Marco Chiappero --- .../charts/ironic/templates/configmap.yaml | 7 ++----- metal3-chart/templates/_helpers.tpl | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/metal3-chart/charts/ironic/templates/configmap.yaml b/metal3-chart/charts/ironic/templates/configmap.yaml index bc1ed29..260e4c0 100644 --- a/metal3-chart/charts/ironic/templates/configmap.yaml +++ b/metal3-chart/charts/ironic/templates/configmap.yaml @@ -34,16 +34,13 @@ data: {{- if .Values.global.provisioningInterface }} PROVISIONING_INTERFACE: {{ .Values.global.provisioningInterface }} {{- end }} - {{- if .Values.global.provisioningIP }} - PROVISIONING_IP: {{ .Values.global.provisioningIP }} + {{- if or .Values.global.ironicIP .Values.global.provisioningIP }} + PROVISIONING_IP: {{ include "metal3.provisioningIP" . }} {{- else if .Values.global.provisioningHostname }} IRONIC_URL_HOSTNAME: {{ .Values.global.provisioningHostname }} {{- end }} IRONIC_FAST_TRACK: "true" LISTEN_ALL_INTERFACES: "{{ .Values.listenOnAll }}" - {{- if .Values.global.ironicIP }} - IRONIC_IP: {{ .Values.global.ironicIP }} - {{- end }} {{- if ( .Values.global.enable_tls ) }} RESTART_CONTAINER_CERTIFICATE_UPDATED: "true" IRONIC_KERNEL_PARAMS: {{ .Values.global.ironicKernelParams }} tls.enabled=true diff --git a/metal3-chart/templates/_helpers.tpl b/metal3-chart/templates/_helpers.tpl index 67024dd..caaef3d 100644 --- a/metal3-chart/templates/_helpers.tpl +++ b/metal3-chart/templates/_helpers.tpl @@ -60,3 +60,18 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Produce the correct IP or hostname for Ironic provisioning +*/}} +{{- define "metal3.provisioningIP" -}} +{{- with .Values.global }} +{{- if and .provisioningHostname (or .provisioningIP .ironicIP) }} +{{ fail "Please provide either provisioningHostname or provisioningIP (note: ironic IP is deprecated)" }} +{{- end }} +{{- if and .provisioningIP .ironicIP }} +{{ fail "Please provide either ironicIP or provisioningIP (note: ironicIP is deprecated)" }} +{{- end }} +{{- coalesce .ironicIP .provisioningIP }} +{{- end }} +{{- end }} -- 2.49.0 From aa56c231d418e9b62744fdf681f05e1a10a52012a15ab8cbf4449895f05724f4 Mon Sep 17 00:00:00 2001 From: Marco Chiappero Date: Thu, 31 Jul 2025 20:50:01 +0000 Subject: [PATCH 6/8] Include the hostname for SAN in Certificates Recently provisioningHostname has been introduced as an alternative way to configure the IPs to bind and respond to. This however requires that the Certificates for HTTPS also include a dnsNames section whenver such value is present. Signed-off-by: Marco Chiappero --- .../charts/ironic/templates/_helpers.tpl | 16 ++++++++++++++++ .../charts/ironic/templates/certificates.yaml | 9 +++------ 2 files changed, 19 insertions(+), 6 deletions(-) diff --git a/metal3-chart/charts/ironic/templates/_helpers.tpl b/metal3-chart/charts/ironic/templates/_helpers.tpl index b54f03a..e5d022f 100644 --- a/metal3-chart/charts/ironic/templates/_helpers.tpl +++ b/metal3-chart/charts/ironic/templates/_helpers.tpl @@ -110,3 +110,19 @@ Get the command to use for Liveness and Readiness probes {{- end }} {{- print "curl -sSfk https://" $host ":6385" }} {{- end }} + +{{/* +Create the subjectAltNames section to be set on the Certificate +*/}} +{{- define "ironic.subjectAltNames" -}} +{{- with .Values.global }} +{{- if .provisioningHostname }} +dnsNames: +- {{ .provisioningHostname }} +{{- end -}} +{{- if or .ironicIP .provisioningIP }} +ipAddresses: + - {{ coalesce .ironicIP .provisioningIP }} +{{- end }} +{{- end }} +{{- end }} diff --git a/metal3-chart/charts/ironic/templates/certificates.yaml b/metal3-chart/charts/ironic/templates/certificates.yaml index e78d329..be35844 100644 --- a/metal3-chart/charts/ironic/templates/certificates.yaml +++ b/metal3-chart/charts/ironic/templates/certificates.yaml @@ -6,8 +6,7 @@ metadata: spec: commonName: ironic-ca isCA: true - ipAddresses: - - {{ .Values.global.ironicIP }} + {{- include "ironic.subjectAltNames" . | indent 2 }} issuerRef: kind: Issuer name: selfsigned-issuer @@ -19,8 +18,7 @@ metadata: name: ironic-cert spec: commonName: ironic-cert - ipAddresses: - - {{ .Values.global.ironicIP }} + {{- include "ironic.subjectAltNames" . | indent 2 }} issuerRef: kind: Issuer name: ca-issuer @@ -33,8 +31,7 @@ metadata: name: ironic-vmedia-cert spec: commonName: ironic-vmedia-cert - ipAddresses: - - {{ .Values.global.ironicIP }} + {{- include "ironic.subjectAltNames" . | indent 2 }} issuerRef: kind: Issuer name: ca-issuer -- 2.49.0 From 8617c3678983f04ae0f8cd28178a0ec2b52805c3bb66b391fa7215a21957d78d Mon Sep 17 00:00:00 2001 From: Marco Chiappero Date: Sun, 3 Aug 2025 20:31:10 +0000 Subject: [PATCH 7/8] Update the URL for the BMO to connect to Ironic The BMO should now connect via the provisioningHostname if set or an IP address. Add a helper that returns the ironic hostname or correctly formatted IP to define the ironicApiHost variable in the BMO configmap. Signed-off-by: Marco Chiappero --- .../baremetal-operator/templates/_helpers.tpl | 16 ++++++++++++++++ .../templates/configmap-ironic.yaml | 12 ++++++------ 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/metal3-chart/charts/baremetal-operator/templates/_helpers.tpl b/metal3-chart/charts/baremetal-operator/templates/_helpers.tpl index 08dc581..209fcc3 100644 --- a/metal3-chart/charts/baremetal-operator/templates/_helpers.tpl +++ b/metal3-chart/charts/baremetal-operator/templates/_helpers.tpl @@ -61,3 +61,19 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Create the URL to use for connecting to the Ironic servers (e.g. API, cache) +*/}} +{{- define "baremetal-operator.ironicHttpHost" -}} +{{- $ironicIP := include "metal3.provisioningIP" . -}} +{{- with .Values.global }} +{{- if .provisioningHostname }} +{{- .provisioningHostname }} +{{- else if regexMatch ".*:.*" $ironicIP}} +{{- print "[" $ironicIP "]" }} +{{- else }} +{{- $ironicIP }} +{{- end }} +{{- end }} +{{- end }} diff --git a/metal3-chart/charts/baremetal-operator/templates/configmap-ironic.yaml b/metal3-chart/charts/baremetal-operator/templates/configmap-ironic.yaml index 0e44f23..e27a359 100644 --- a/metal3-chart/charts/baremetal-operator/templates/configmap-ironic.yaml +++ b/metal3-chart/charts/baremetal-operator/templates/configmap-ironic.yaml @@ -1,10 +1,10 @@ {{- $enableTLS := .Values.global.enable_tls }} {{- $enableVMediaTLS := .Values.global.enable_vmedia_tls }} {{- $protocol := ternary "https" "http" $enableTLS }} - {{- $ironicIP := .Values.global.ironicIP | default "" }} - {{- $ironicApiHost := print $ironicIP ":6385" }} - {{- $ironicBootHost := print $ironicIP ":6180" }} - {{- $ironicCacheHost := print $ironicIP ":6180" }} + {{- $ironicHost := include "baremetal-operator.ironicHttpHost" . | required "Missing host information for BMO to connect to Ironic" }} + {{- $ironicApiHost := print $ironicHost ":6385" }} + {{- $ironicBootHost := print $ironicHost ":6180" }} + {{- $ironicCacheHost := print $ironicHost ":6180" }} {{- $deployArch := .Values.global.deployArchitecture }} apiVersion: v1 @@ -12,8 +12,8 @@ data: IRONIC_ENDPOINT: "{{ $protocol }}://{{ $ironicApiHost }}/v1/" # Switch VMedia to HTTP if enable_vmedia_tls is false {{- if and $enableTLS $enableVMediaTLS }} - {{- $ironicBootHost = print $ironicIP ":" .Values.global.vmediaTLSPort }} - {{- $ironicCacheHost = print $ironicIP ":" .Values.global.vmediaTLSPort }} + {{- $ironicBootHost = print $ironicHost ":" .Values.global.vmediaTLSPort }} + {{- $ironicCacheHost = print $ironicHost ":" .Values.global.vmediaTLSPort }} {{- $protocol = "https" }} RESTART_CONTAINER_CERTIFICATE_UPDATED: "true" {{- else }} -- 2.49.0 From e233adfec27727f8cf3b5c79b5c10afbb18f350a40fb80fdf48c03807e569fe1 Mon Sep 17 00:00:00 2001 From: Marco Chiappero Date: Wed, 6 Aug 2025 16:32:56 +0000 Subject: [PATCH 8/8] Enable PreferDualStack on all the Services in the subcharts Make sure that the services are created with both IPv4 and IPv6 addresses when the cluster has been created with both IPv4 and IPv6 ranges. They will behave as single stack otherwise. Signed-off-by: Marco Chiappero --- .../charts/baremetal-operator/templates/metrics_service.yaml | 1 + .../charts/baremetal-operator/templates/service-webhook.yaml | 1 + metal3-chart/charts/ironic/templates/service.yaml | 1 + metal3-chart/charts/mariadb/templates/service.yaml | 3 ++- metal3-chart/charts/media/templates/service.yaml | 1 + 5 files changed, 6 insertions(+), 1 deletion(-) diff --git a/metal3-chart/charts/baremetal-operator/templates/metrics_service.yaml b/metal3-chart/charts/baremetal-operator/templates/metrics_service.yaml index 64f39a6..c7d2ce6 100644 --- a/metal3-chart/charts/baremetal-operator/templates/metrics_service.yaml +++ b/metal3-chart/charts/baremetal-operator/templates/metrics_service.yaml @@ -6,6 +6,7 @@ metadata: control-plane: controller-manager name: {{ include "baremetal-operator.fullname" . }}-controller-manager-metrics-service spec: + ipFamilyPolicy: PreferDualStack ports: - name: https port: 8443 diff --git a/metal3-chart/charts/baremetal-operator/templates/service-webhook.yaml b/metal3-chart/charts/baremetal-operator/templates/service-webhook.yaml index 67fea7f..76834cf 100644 --- a/metal3-chart/charts/baremetal-operator/templates/service-webhook.yaml +++ b/metal3-chart/charts/baremetal-operator/templates/service-webhook.yaml @@ -5,6 +5,7 @@ metadata: {{- include "baremetal-operator.labels" . | nindent 4 }} name: {{ include "baremetal-operator.fullname" . }}-webhook-service spec: + ipFamilyPolicy: PreferDualStack ports: - port: 443 targetPort: 9443 diff --git a/metal3-chart/charts/ironic/templates/service.yaml b/metal3-chart/charts/ironic/templates/service.yaml index f3f0b51..cbe8c25 100644 --- a/metal3-chart/charts/ironic/templates/service.yaml +++ b/metal3-chart/charts/ironic/templates/service.yaml @@ -10,6 +10,7 @@ metadata: {{- end }} spec: type: {{ .Values.service.type }} + ipFamilyPolicy: PreferDualStack ports: {{- $enableTLS := .Values.global.enable_tls }} {{- $enableVMediaTLS := .Values.global.enable_vmedia_tls }} diff --git a/metal3-chart/charts/mariadb/templates/service.yaml b/metal3-chart/charts/mariadb/templates/service.yaml index 5d0d75d..9a60115 100644 --- a/metal3-chart/charts/mariadb/templates/service.yaml +++ b/metal3-chart/charts/mariadb/templates/service.yaml @@ -5,10 +5,11 @@ metadata: labels: {{- include "mariadb.labels" . | nindent 4 }} spec: + ipFamilyPolicy: PreferDualStack type: {{ .Values.service.type }} selector: {{- include "mariadb.selectorLabels" . | nindent 4 }} ports: {{- with .Values.service.ports }} {{- toYaml . | nindent 2 }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/metal3-chart/charts/media/templates/service.yaml b/metal3-chart/charts/media/templates/service.yaml index 93598e5..dd0c5ac 100644 --- a/metal3-chart/charts/media/templates/service.yaml +++ b/metal3-chart/charts/media/templates/service.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "media.labels" . | nindent 4 }} spec: + ipFamilyPolicy: PreferDualStack type: {{ .Values.service.type }} ports: - port: {{ .Values.service.port }} -- 2.49.0