From 3bc7c0f9bb511230d04c11f3316ee0d4165d4a59 Mon Sep 17 00:00:00 2001 From: Tanmay Bhat Date: Tue, 24 Dec 2024 01:36:56 +0530 Subject: [PATCH] charts/operator: Add option to enable hostNetwork for custom CNI deployments (#1896) * charts/operator: Enable hostNetwork for custom CNI based deployments * charts/victoria-metrics-operator: Add option to enable hostNetwork for custom CNI deployments --- charts/victoria-metrics-operator/CHANGELOG.md | 2 +- charts/victoria-metrics-operator/README.md.gotmpl | 9 +++++++++ .../victoria-metrics-operator/templates/deployment.yaml | 3 +++ charts/victoria-metrics-operator/values.yaml | 3 +++ 4 files changed, 16 insertions(+), 1 deletion(-) diff --git a/charts/victoria-metrics-operator/CHANGELOG.md b/charts/victoria-metrics-operator/CHANGELOG.md index 210e4e636..95de2c43a 100644 --- a/charts/victoria-metrics-operator/CHANGELOG.md +++ b/charts/victoria-metrics-operator/CHANGELOG.md @@ -1,6 +1,6 @@ ## Next release -- TODO +- add option to enable hostNetwork for custom CNI based deployments ## 0.40.1 diff --git a/charts/victoria-metrics-operator/README.md.gotmpl b/charts/victoria-metrics-operator/README.md.gotmpl index 60b2ef123..d1480cff9 100644 --- a/charts/victoria-metrics-operator/README.md.gotmpl +++ b/charts/victoria-metrics-operator/README.md.gotmpl @@ -123,6 +123,15 @@ extraVolumeMounts: This configuration disables the automatic ServiceAccount token mount and mounts the token explicitly. +## Enable hostNetwork on operator + +When running managed Kubernetes such as EKS with custom CNI solution like Cilium or Calico, EKS control plane cannot communicate with CNI's pod CIDR. +In that scenario, we need to run webhook service i.e operator with hostNetwork so that it can share node's network namespace. + +```yaml +hostNetwork: true +``` + ## Parameters The following tables lists the configurable parameters of the chart and their default values. diff --git a/charts/victoria-metrics-operator/templates/deployment.yaml b/charts/victoria-metrics-operator/templates/deployment.yaml index d870fa6c2..3e34b1f5c 100644 --- a/charts/victoria-metrics-operator/templates/deployment.yaml +++ b/charts/victoria-metrics-operator/templates/deployment.yaml @@ -30,6 +30,9 @@ spec: {{- if .Values.podSecurityContext.enabled }} securityContext: {{ include "vm.securityContext" (dict "securityContext" .Values.podSecurityContext "helm" .) | nindent 8 }} {{- end }} + {{- if .Values.hostNetwork }} + hostNetwork: true + {{- end }} {{- if or (.Values.serviceAccount).name (.Values.serviceAccount).create }} serviceAccountName: {{ (.Values.serviceAccount).name | default $fullname }} {{- end }} diff --git a/charts/victoria-metrics-operator/values.yaml b/charts/victoria-metrics-operator/values.yaml index cfc779817..5e8d00465 100644 --- a/charts/victoria-metrics-operator/values.yaml +++ b/charts/victoria-metrics-operator/values.yaml @@ -229,6 +229,9 @@ extraContainers: # - name: config-reloader # image: reloader-image +# -- Enable hostNetwork on operator deployment +hostNetwork: false + # -- Configures resource validation admissionWebhooks: # -- Enables validation webhook.