From a0180aa25a054a4247563fd55b3c2d89b3fb38620cfa9a3c091aa813ba345faf Mon Sep 17 00:00:00 2001 From: Denislav Prodanov Date: Fri, 29 Aug 2025 11:03:39 +0300 Subject: [PATCH 1/4] Upgrade CDI to 1.62.0 --- cdi-chart/Chart.yaml | 8 ++++---- cdi-chart/crds/cdi.yaml | 12 ++++++------ cdi-chart/templates/cdi-operator.yaml | 2 ++ cdi-chart/templates/cdi.yaml | 6 +++++- cdi-chart/values.yaml | 19 ++++++++++--------- 5 files changed, 27 insertions(+), 20 deletions(-) diff --git a/cdi-chart/Chart.yaml b/cdi-chart/Chart.yaml index 8df02c1..d0ae58b 100644 --- a/cdi-chart/Chart.yaml +++ b/cdi-chart/Chart.yaml @@ -1,9 +1,9 @@ -#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.5.0 -#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.5.0-%RELEASE% +#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.6.0 +#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.6.0-%RELEASE% apiVersion: v2 -appVersion: 1.61.0 +appVersion: 1.62.0 description: A Helm chart for Containerized Data Importer (CDI) icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/kubevirt/icon/color/kubevirt-icon-color.svg name: cdi type: application -version: "%%CHART_MAJOR%%.0.0+up0.5.0" +version: "%%CHART_MAJOR%%.0.0+up0.6.0" diff --git a/cdi-chart/crds/cdi.yaml b/cdi-chart/crds/cdi.yaml index 0b5e648..bbee187 100644 --- a/cdi-chart/crds/cdi.yaml +++ b/cdi-chart/crds/cdi.yaml @@ -109,9 +109,9 @@ spec: description: CDIConfig at CDI level properties: dataVolumeTTLSeconds: - description: DataVolumeTTLSeconds is the time in seconds after - DataVolume completion it can be garbage collected. Disabled - by default. + description: |- + DataVolumeTTLSeconds is the time in seconds after DataVolume completion it can be garbage collected. Disabled by default. + Deprecated: Removed in v1.62. format: int32 type: integer featureGates: @@ -2641,9 +2641,9 @@ spec: description: CDIConfig at CDI level properties: dataVolumeTTLSeconds: - description: DataVolumeTTLSeconds is the time in seconds after - DataVolume completion it can be garbage collected. Disabled - by default. + description: |- + DataVolumeTTLSeconds is the time in seconds after DataVolume completion it can be garbage collected. Disabled by default. + Deprecated: Removed in v1.62. format: int32 type: integer featureGates: diff --git a/cdi-chart/templates/cdi-operator.yaml b/cdi-chart/templates/cdi-operator.yaml index 314a66d..37fe16c 100644 --- a/cdi-chart/templates/cdi-operator.yaml +++ b/cdi-chart/templates/cdi-operator.yaml @@ -599,6 +599,8 @@ spec: strategy: {} template: metadata: + annotations: + openshift.io/required-scc: restricted-v2 labels: cdi.kubevirt.io: cdi-operator name: cdi-operator diff --git a/cdi-chart/templates/cdi.yaml b/cdi-chart/templates/cdi.yaml index e6524c5..fa937f2 100644 --- a/cdi-chart/templates/cdi.yaml +++ b/cdi-chart/templates/cdi.yaml @@ -18,4 +18,8 @@ spec: {{- with .Values.cdi.workload }} workload: {{- toYaml . | nindent 4 }} - {{- end }} \ No newline at end of file + {{- end }} + {{- with .Values.cdi.customizeComponents }} + customizeComponents: + {{- toYaml . | nindent 4 }} + {{- end }} diff --git a/cdi-chart/values.yaml b/cdi-chart/values.yaml index 483ef5f..c547dfa 100644 --- a/cdi-chart/values.yaml +++ b/cdi-chart/values.yaml @@ -1,12 +1,12 @@ deployment: - version: 1.61.0-150600.3.12.1 - operatorImage: registry.suse.com/suse/sles/15.6/cdi-operator - controllerImage: registry.suse.com/suse/sles/15.6/cdi-controller - importerImage: registry.suse.com/suse/sles/15.6/cdi-importer - clonerImage: registry.suse.com/suse/sles/15.6/cdi-cloner - apiserverImage: registry.suse.com/suse/sles/15.6/cdi-apiserver - uploadserverImage: registry.suse.com/suse/sles/15.6/cdi-uploadserver - uploadproxyImage: registry.suse.com/suse/sles/15.6/cdi-uploadproxy + version: 1.62.0-150700.9.3.1 + operatorImage: registry.suse.com/suse/sles/15.7/cdi-operator + controllerImage: registry.suse.com/suse/sles/15.7/cdi-controller + importerImage: registry.suse.com/suse/sles/15.7/cdi-importer + clonerImage: registry.suse.com/suse/sles/15.7/cdi-cloner + apiserverImage: registry.suse.com/suse/sles/15.7/cdi-apiserver + uploadserverImage: registry.suse.com/suse/sles/15.7/cdi-uploadserver + uploadproxyImage: registry.suse.com/suse/sles/15.7/cdi-uploadproxy pullPolicy: IfNotPresent affinity: podAffinity: @@ -30,6 +30,7 @@ cdi: featureGates: - HonorWaitForFirstConsumer imagePullPolicy: "IfNotPresent" + customizeComponents: {} infra: nodeSelector: kubernetes.io/os: linux @@ -41,7 +42,7 @@ cdi: nodeSelector: kubernetes.io/os: linux -hookImage: registry.rancher.com/rancher/kubectl:v1.30.10 +hookImage: registry.rancher.com/rancher/kubectl:v1.33.1 hookRestartPolicy: OnFailure hookSecurityContext: seccompProfile: -- 2.49.0 From b77a565a574d9d64a97c942b60b04a59489fcffe81f750e5c3589aa1cf572c89 Mon Sep 17 00:00:00 2001 From: Denislav Prodanov Date: Fri, 29 Aug 2025 11:07:13 +0300 Subject: [PATCH 2/4] Upgrade Kubevirt to 1.5.2 --- kubevirt-chart/Chart.yaml | 8 +-- kubevirt-chart/crds/kubevirt.yaml | 42 +++++++++----- .../templates/kubevirt-operator.yaml | 55 +++++++++++++++++-- kubevirt-chart/values.yaml | 6 +- 4 files changed, 86 insertions(+), 25 deletions(-) diff --git a/kubevirt-chart/Chart.yaml b/kubevirt-chart/Chart.yaml index fc531f8..4cec282 100644 --- a/kubevirt-chart/Chart.yaml +++ b/kubevirt-chart/Chart.yaml @@ -1,9 +1,9 @@ -#!BuildTag: %%CHART_PREFIX%%kubevirt:%%CHART_MAJOR%%.0.0_up0.5.0-%RELEASE% -#!BuildTag: %%CHART_PREFIX%%kubevirt:%%CHART_MAJOR%%.0.0_up0.5.0 +#!BuildTag: %%CHART_PREFIX%%kubevirt:%%CHART_MAJOR%%.0.0_up0.6.0-%RELEASE% +#!BuildTag: %%CHART_PREFIX%%kubevirt:%%CHART_MAJOR%%.0.0_up0.6.0 apiVersion: v2 -appVersion: 1.4.0 +appVersion: 1.5.2 description: A Helm chart for KubeVirt icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/kubevirt/icon/color/kubevirt-icon-color.svg name: kubevirt type: application -version: "%%CHART_MAJOR%%.0.0+up0.5.0" +version: "%%CHART_MAJOR%%.0.0+up0.6.0" diff --git a/kubevirt-chart/crds/kubevirt.yaml b/kubevirt-chart/crds/kubevirt.yaml index 0093721..3d21ec3 100644 --- a/kubevirt-chart/crds/kubevirt.yaml +++ b/kubevirt-chart/crds/kubevirt.yaml @@ -593,6 +593,13 @@ spec: If set to true, migrations will still start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB triggers. Defaults to false type: boolean + allowWorkloadDisruption: + description: |- + AllowWorkloadDisruption indicates that the migration shouldn't be + canceled after acceptableCompletionTime is exceeded. Instead, if + permitted, migration will be switched to post-copy or the VMI will be + paused to allow the migration to complete + type: boolean bandwidthPerMigration: anyOf: - type: integer @@ -605,8 +612,8 @@ spec: completionTimeoutPerGiB: description: |- CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. - If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, - the migration will be cancelled, unless AllowPostCopy is true. Defaults to 150 + If the timeout is reached, the migration will be either paused, switched + to post-copy or cancelled depending on other settings. Defaults to 150 format: int64 type: integer disableTLS: @@ -964,17 +971,17 @@ spec: type: object type: object vmRolloutStrategy: - description: VMRolloutStrategy defines how changes to a VM object - propagate to its VMI + description: |- + VMRolloutStrategy defines how live-updatable fields, like CPU sockets, memory, + tolerations, and affinity, are propagated from a VM to its VMI. enum: - Stage - LiveUpdate nullable: true type: string vmStateStorageClass: - description: |- - VMStateStorageClass is the name of the storage class to use for the PVCs created to preserve VM state, like TPM. - The storage class must support RWX in filesystem mode. + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. type: string webhookConfiguration: description: |- @@ -3850,6 +3857,13 @@ spec: If set to true, migrations will still start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB triggers. Defaults to false type: boolean + allowWorkloadDisruption: + description: |- + AllowWorkloadDisruption indicates that the migration shouldn't be + canceled after acceptableCompletionTime is exceeded. Instead, if + permitted, migration will be switched to post-copy or the VMI will be + paused to allow the migration to complete + type: boolean bandwidthPerMigration: anyOf: - type: integer @@ -3862,8 +3876,8 @@ spec: completionTimeoutPerGiB: description: |- CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. - If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, - the migration will be cancelled, unless AllowPostCopy is true. Defaults to 150 + If the timeout is reached, the migration will be either paused, switched + to post-copy or cancelled depending on other settings. Defaults to 150 format: int64 type: integer disableTLS: @@ -4221,17 +4235,17 @@ spec: type: object type: object vmRolloutStrategy: - description: VMRolloutStrategy defines how changes to a VM object - propagate to its VMI + description: |- + VMRolloutStrategy defines how live-updatable fields, like CPU sockets, memory, + tolerations, and affinity, are propagated from a VM to its VMI. enum: - Stage - LiveUpdate nullable: true type: string vmStateStorageClass: - description: |- - VMStateStorageClass is the name of the storage class to use for the PVCs created to preserve VM state, like TPM. - The storage class must support RWX in filesystem mode. + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. type: string webhookConfiguration: description: |- diff --git a/kubevirt-chart/templates/kubevirt-operator.yaml b/kubevirt-chart/templates/kubevirt-operator.yaml index bd06bdb..e21304e 100644 --- a/kubevirt-chart/templates/kubevirt-operator.yaml +++ b/kubevirt-chart/templates/kubevirt-operator.yaml @@ -608,6 +608,7 @@ rules: resources: - virtualmachinesnapshots - virtualmachinesnapshots/status + - virtualmachinesnapshots/finalizers - virtualmachinesnapshotcontents - virtualmachinesnapshotcontents/status - virtualmachinesnapshotcontents/finalizers @@ -660,15 +661,18 @@ rules: - kubevirt.io resources: - virtualmachines/finalizers + - virtualmachineinstances/finalizers verbs: - update - apiGroups: - subresources.kubevirt.io resources: + - virtualmachines/stop - virtualmachineinstances/addvolume - virtualmachineinstances/removevolume - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze + - virtualmachineinstances/reset - virtualmachineinstances/softreboot - virtualmachineinstances/sev/setupsession - virtualmachineinstances/sev/injectlaunchsecret @@ -772,6 +776,14 @@ rules: verbs: - list - watch + - apiGroups: + - batch + resources: + - jobs + verbs: + - create + - get + - delete - apiGroups: - kubevirt.io resources: @@ -883,6 +895,7 @@ rules: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/reset - virtualmachineinstances/sev/setupsession - virtualmachineinstances/sev/injectlaunchsecret verbs: @@ -902,7 +915,6 @@ rules: - virtualmachines/restart - virtualmachines/addvolume - virtualmachines/removevolume - - virtualmachines/migrate - virtualmachines/memorydump verbs: - update @@ -919,7 +931,6 @@ rules: - virtualmachineinstances - virtualmachineinstancepresets - virtualmachineinstancereplicasets - - virtualmachineinstancemigrations verbs: - get - delete @@ -929,6 +940,14 @@ rules: - list - watch - deletecollection + - apiGroups: + - kubevirt.io + resources: + - virtualmachineinstancemigrations + verbs: + - get + - list + - watch - apiGroups: - snapshot.kubevirt.io resources: @@ -1032,6 +1051,7 @@ rules: - virtualmachineinstances/freeze - virtualmachineinstances/unfreeze - virtualmachineinstances/softreboot + - virtualmachineinstances/reset - virtualmachineinstances/sev/setupsession - virtualmachineinstances/sev/injectlaunchsecret verbs: @@ -1051,7 +1071,6 @@ rules: - virtualmachines/restart - virtualmachines/addvolume - virtualmachines/removevolume - - virtualmachines/migrate - virtualmachines/memorydump verbs: - update @@ -1068,7 +1087,6 @@ rules: - virtualmachineinstances - virtualmachineinstancepresets - virtualmachineinstancereplicasets - - virtualmachineinstancemigrations verbs: - get - delete @@ -1077,6 +1095,14 @@ rules: - patch - list - watch + - apiGroups: + - kubevirt.io + resources: + - virtualmachineinstancemigrations + verbs: + - get + - list + - watch - apiGroups: - snapshot.kubevirt.io resources: @@ -1255,6 +1281,25 @@ rules: - get - list - watch + - apiGroups: + - subresources.kubevirt.io + resources: + - virtualmachines/migrate + verbs: + - update + - apiGroups: + - kubevirt.io + resources: + - virtualmachineinstancemigrations + verbs: + - get + - delete + - create + - update + - patch + - list + - watch + - deletecollection - apiGroups: - authentication.k8s.io resources: @@ -1300,6 +1345,8 @@ spec: type: RollingUpdate template: metadata: + annotations: + openshift.io/required-scc: restricted-v2 labels: kubevirt.io: virt-operator name: virt-operator diff --git a/kubevirt-chart/values.yaml b/kubevirt-chart/values.yaml index 490b9cf..f4cf90a 100644 --- a/kubevirt-chart/values.yaml +++ b/kubevirt-chart/values.yaml @@ -1,6 +1,6 @@ operator: - image: registry.suse.com/suse/sles/15.6/virt-operator - version: 1.4.0-150600.5.15.1 + image: registry.suse.com/suse/sles/15.7/virt-operator + version: 1.5.2-150700.3.5.2 replicas: 2 pullPolicy: IfNotPresent affinity: @@ -40,7 +40,7 @@ kubevirt: monitorAccount: "" monitorNamespace: "" -hookImage: registry.rancher.com/rancher/kubectl:v1.30.10 +hookImage: registry.rancher.com/rancher/kubectl:v1.33.1 hookRestartPolicy: OnFailure hookSecurityContext: seccompProfile: -- 2.49.0 From 8403958d39aae19399b86c0bb85c34432c690fd910361604ac3f528f24ad7b82 Mon Sep 17 00:00:00 2001 From: Denislav Prodanov Date: Fri, 29 Aug 2025 11:09:09 +0300 Subject: [PATCH 3/4] Update release manifest --- release-manifest-image/release_manifest.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/release-manifest-image/release_manifest.yaml b/release-manifest-image/release_manifest.yaml index 9ec4227..5f9cc58 100644 --- a/release-manifest-image/release_manifest.yaml +++ b/release-manifest-image/release_manifest.yaml @@ -111,11 +111,11 @@ spec: - prettyName: CDI releaseName: cdi chart: '%%CHART_REPO%%/%%CHART_PREFIX%%cdi' - version: '%%CHART_MAJOR%%.0.0+up0.5.0' + version: '%%CHART_MAJOR%%.0.0+up0.6.0' - prettyName: KubeVirt releaseName: kubevirt chart: '%%CHART_REPO%%/%%CHART_PREFIX%%kubevirt' - version: '%%CHART_MAJOR%%.0.0+up0.5.0' + version: '%%CHART_MAJOR%%.0.0+up0.6.0' addonCharts: - releaseName: kubevirt-dashboard-extension chart: '%%CHART_REPO%%/%%CHART_PREFIX%%kubevirt-dashboard-extension' -- 2.49.0 From 0295819a86e0a469c989f7f06be1577454c9983e93746508df2e4164a3a9fa45 Mon Sep 17 00:00:00 2001 From: Denislav Prodanov Date: Fri, 29 Aug 2025 12:36:47 +0300 Subject: [PATCH 4/4] bump chart version as well --- cdi-chart/Chart.yaml | 6 +++--- kubevirt-chart/Chart.yaml | 6 +++--- release-manifest-image/release_manifest.yaml | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/cdi-chart/Chart.yaml b/cdi-chart/Chart.yaml index d0ae58b..58828a2 100644 --- a/cdi-chart/Chart.yaml +++ b/cdi-chart/Chart.yaml @@ -1,9 +1,9 @@ -#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.6.0 -#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.0_up0.6.0-%RELEASE% +#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.1_up0.6.0 +#!BuildTag: %%CHART_PREFIX%%cdi:%%CHART_MAJOR%%.0.1_up0.6.0-%RELEASE% apiVersion: v2 appVersion: 1.62.0 description: A Helm chart for Containerized Data Importer (CDI) icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/kubevirt/icon/color/kubevirt-icon-color.svg name: cdi type: application -version: "%%CHART_MAJOR%%.0.0+up0.6.0" +version: "%%CHART_MAJOR%%.0.1+up0.6.0" diff --git a/kubevirt-chart/Chart.yaml b/kubevirt-chart/Chart.yaml index 4cec282..b91439c 100644 --- a/kubevirt-chart/Chart.yaml +++ b/kubevirt-chart/Chart.yaml @@ -1,9 +1,9 @@ -#!BuildTag: %%CHART_PREFIX%%kubevirt:%%CHART_MAJOR%%.0.0_up0.6.0-%RELEASE% -#!BuildTag: %%CHART_PREFIX%%kubevirt:%%CHART_MAJOR%%.0.0_up0.6.0 +#!BuildTag: %%CHART_PREFIX%%kubevirt:%%CHART_MAJOR%%.0.1_up0.6.0-%RELEASE% +#!BuildTag: %%CHART_PREFIX%%kubevirt:%%CHART_MAJOR%%.0.1_up0.6.0 apiVersion: v2 appVersion: 1.5.2 description: A Helm chart for KubeVirt icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/kubevirt/icon/color/kubevirt-icon-color.svg name: kubevirt type: application -version: "%%CHART_MAJOR%%.0.0+up0.6.0" +version: "%%CHART_MAJOR%%.0.1+up0.6.0" diff --git a/release-manifest-image/release_manifest.yaml b/release-manifest-image/release_manifest.yaml index 5f9cc58..41fba55 100644 --- a/release-manifest-image/release_manifest.yaml +++ b/release-manifest-image/release_manifest.yaml @@ -111,11 +111,11 @@ spec: - prettyName: CDI releaseName: cdi chart: '%%CHART_REPO%%/%%CHART_PREFIX%%cdi' - version: '%%CHART_MAJOR%%.0.0+up0.6.0' + version: '%%CHART_MAJOR%%.0.1+up0.6.0' - prettyName: KubeVirt releaseName: kubevirt chart: '%%CHART_REPO%%/%%CHART_PREFIX%%kubevirt' - version: '%%CHART_MAJOR%%.0.0+up0.6.0' + version: '%%CHART_MAJOR%%.0.1+up0.6.0' addonCharts: - releaseName: kubevirt-dashboard-extension chart: '%%CHART_REPO%%/%%CHART_PREFIX%%kubevirt-dashboard-extension' -- 2.49.0