diff --git a/assets/rke2-multus/rke2-multus-v4.0.2-build2023070702.tgz b/assets/rke2-multus/rke2-multus-v4.0.2-build2023070702.tgz new file mode 100755 index 000000000..38b964c57 Binary files /dev/null and b/assets/rke2-multus/rke2-multus-v4.0.2-build2023070702.tgz differ diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/.helmignore b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/.helmignore new file mode 100755 index 000000000..50af03172 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/Chart.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/Chart.yaml new file mode 100755 index 000000000..79162b548 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/Chart.yaml @@ -0,0 +1,17 @@ +apiVersion: v2 +appVersion: 4.0.2 +dependencies: +- condition: rke2-whereabouts.enabled + name: rke2-whereabouts + repository: file://./charts/rke2-whereabouts +description: Multus Helm chart for Kubernetes +home: https://github.com/k8snetworkplumbingwg/multus-cni +icon: https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/doc/images/Multus.png +maintainers: +- email: charts@rancher.com + name: Rancher Labs +name: rke2-multus +sources: +- https://github.com/intel/multus-cni +type: application +version: v4.0.2-build2023070702 diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/.helmignore b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/.helmignore new file mode 100755 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/Chart.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/Chart.yaml new file mode 100755 index 000000000..469fd0f42 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +appVersion: 0.6.2 +description: A Helm chart to deploy the whereabouts CNI +home: https://github.com/k8snetworkplumbingwg/whereabouts +maintainers: +- email: charts@rancher.com + name: Rancher Labs +name: rke2-whereabouts +type: application +version: 0.1.1 diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/crds/whereabouts.cni.cncf.io_ippools.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/crds/whereabouts.cni.cncf.io_ippools.yaml new file mode 100755 index 000000000..c912654e3 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/crds/whereabouts.cni.cncf.io_ippools.yaml @@ -0,0 +1,69 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: ippools.whereabouts.cni.cncf.io +spec: + group: whereabouts.cni.cncf.io + names: + kind: IPPool + listKind: IPPoolList + plural: ippools + singular: ippool + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IPPool is the Schema for the ippools API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPPoolSpec defines the desired state of IPPool + properties: + allocations: + additionalProperties: + description: IPAllocation represents metadata about the pod/container + owner of a specific IP + properties: + id: + type: string + podref: + type: string + required: + - id + type: object + description: Allocations is the set of allocated IPs for the given + range. Its` indices are a direct mapping to the IP with the same + index/offset for the pool's range. + type: object + range: + description: Range is a RFC 4632/4291-style string that represents + an IP address and prefix length in CIDR notation + type: string + required: + - allocations + - range + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/crds/whereabouts.cni.cncf.io_overlappingrangeipreservations.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/crds/whereabouts.cni.cncf.io_overlappingrangeipreservations.yaml new file mode 100755 index 000000000..82d9547d4 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/crds/whereabouts.cni.cncf.io_overlappingrangeipreservations.yaml @@ -0,0 +1,56 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: overlappingrangeipreservations.whereabouts.cni.cncf.io +spec: + group: whereabouts.cni.cncf.io + names: + kind: OverlappingRangeIPReservation + listKind: OverlappingRangeIPReservationList + plural: overlappingrangeipreservations + singular: overlappingrangeipreservation + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: OverlappingRangeIPReservation is the Schema for the OverlappingRangeIPReservations + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OverlappingRangeIPReservationSpec defines the desired state + of OverlappingRangeIPReservation + properties: + containerid: + type: string + podref: + type: string + required: + - containerid + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/NOTES.txt b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/NOTES.txt new file mode 100755 index 000000000..e68e92df9 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/NOTES.txt @@ -0,0 +1,5 @@ +Whereabouts is installed!! + +You can view the pods with the following command: + +kubectl get pods -n {{ .Release.Namespace }} -l app=whereabouts diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/_helpers.tpl b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/_helpers.tpl new file mode 100755 index 000000000..0f96f15b5 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/_helpers.tpl @@ -0,0 +1,86 @@ +{{/* +Support private registry. +*/}} +{{- define "system_default_registry" -}} +{{- if .Values.global.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "whereabouts.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "whereabouts.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Provide a method to override namespace so parent charts can set it +*/}} +{{- define "whereabouts.namespace" -}} +{{- if hasKey .Values "namespaceOverride" -}} +namespace: {{ .Values.namespaceOverride }} +{{- else }} +namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "whereabouts.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "whereabouts.labels" -}} +app: whereabouts +helm.sh/chart: {{ include "whereabouts.chart" . }} +{{ include "whereabouts.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "whereabouts.selectorLabels" -}} +app: {{ include "whereabouts.name" . }} +app.kubernetes.io/name: {{ include "whereabouts.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "whereabouts.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "whereabouts.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/cluster_role.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/cluster_role.yaml new file mode 100755 index 000000000..148ae9028 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/cluster_role.yaml @@ -0,0 +1,46 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "whereabouts.serviceAccountName" . }} +rules: +- apiGroups: + - whereabouts.cni.cncf.io + resources: + - ippools + - overlappingrangeipreservations + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - '*' +- apiGroups: [""] + resources: + - pods + verbs: + - list + - watch +- apiGroups: ["k8s.cni.cncf.io"] + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch +- apiGroups: + - "" + - events.k8s.io + resources: + - events + verbs: + - create + - patch + - update diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/cluster_role_binding.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/cluster_role_binding.yaml new file mode 100755 index 000000000..b1c0127de --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/cluster_role_binding.yaml @@ -0,0 +1,15 @@ +{{- if .Values.serviceAccount.create -}} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "whereabouts.serviceAccountName" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "whereabouts.serviceAccountName" . }} +subjects: +- kind: ServiceAccount + name: {{ include "whereabouts.serviceAccountName" . }} + {{- include "whereabouts.namespace" . | nindent 2 }} +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/daemonset.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/daemonset.yaml new file mode 100755 index 000000000..5e87076dc --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/daemonset.yaml @@ -0,0 +1,75 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ include "whereabouts.fullname" . }} + {{- include "whereabouts.namespace" . | nindent 2 }} + labels: + {{- include "whereabouts.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + name: whereabouts + {{- include "whereabouts.selectorLabels" . | nindent 6 }} + updateStrategy: + type: {{ .Values.updateStrategy }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + name: whereabouts + {{- include "whereabouts.selectorLabels" . | nindent 8 }} + spec: + hostNetwork: true + serviceAccountName: {{ include "whereabouts.serviceAccountName" . }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + command: [ "/bin/sh" ] + args: + - -c + - > + SLEEP=false /install-cni.sh && + /ip-control-loop -log-level debug + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: WHEREABOUTS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: cnibin + mountPath: /host/opt/cni/bin + - name: cni-net-dir + mountPath: /host/etc/cni/net.d + volumes: + - name: cnibin + hostPath: + path: /opt/cni/bin + - name: cni-net-dir + hostPath: + path: /etc/cni/net.d + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/serviceaccount.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/serviceaccount.yaml new file mode 100755 index 000000000..47147d458 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "whereabouts.serviceAccountName" . }} + {{- include "whereabouts.namespace" . | nindent 2 }} + labels: + {{- include "whereabouts.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/values.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/values.yaml new file mode 100755 index 000000000..3e787cd09 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/charts/rke2-whereabouts/values.yaml @@ -0,0 +1,50 @@ +# Default values for whereabouts. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + repository: rancher/hardened-whereabouts + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: v0.6.2-build20230717 + +updateStrategy: RollingUpdate +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" +namespaceOverride: "kube-system" +successfulJobsHistoryLimit: 0 + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + #name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: + privileged: true + +resources: + requests: + cpu: "100m" + memory: "100Mi" + limits: + cpu: "100m" + memory: "100Mi" + +nodeSelector: + kubernetes.io/arch: amd64 + +tolerations: + - operator: Exists + effect: NoSchedule + +affinity: {} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/NOTES.txt b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/NOTES.txt new file mode 100755 index 000000000..db7ecc51b --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/NOTES.txt @@ -0,0 +1,34 @@ +====== +{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} +1. The following components have been deployed as part of this helm chart: +{{- if .Values.manifests.clusterRole }} +Cluster Role: {{ .Values.serviceAccount.name }} +{{- end}} +{{- if .Values.manifests.clusterRoleBinding }} +Cluster Role Binding: {{ .Chart.Name }} +{{- end }} +{{- if .Values.manifests.configMap }} +Config Map: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config +{{- end }} +{{- if .Values.manifests.customResourceDefinition }} +Custom Resource Definition: network-attachment-definitions.k8s.cni.cncf.io +{{- end }} +{{- if .Values.manifests.daemonSet }} +Daemon Set: {{ .Release.Name }}-{{ .Chart.Name }}-ds +{{- end }} +{{- if .Values.manifests.serviceAccount }} +Service Account: {{ .Values.serviceAccount.name }} +{{- end }} + +You can now deploy any other CNI and create its Network Attachment Defintion. +--------- + +2. To uninstall helm chart use the command: +helm delete {{ .Release.Name }} + +You may have to manually delete CRD - +kubectl delete crd network-attachment-definitions.k8s.cni.cncf.io +--------- +{{- else }} +To run these charts, please use K8s ver >= v1.16 +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/_helpers.tpl b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/_helpers.tpl new file mode 100755 index 000000000..07147a25b --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/_helpers.tpl @@ -0,0 +1,27 @@ +# Copyright 2020 K8s Network Plumbing Group +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{/* Generate basic labels */}} +{{- define "multus.labels" }} +tier: node +app: {{ .Chart.Name }} +{{- end }} + +{{- define "system_default_registry" -}} +{{- if .Values.global.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/clusterRole.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/clusterRole.yaml new file mode 100755 index 000000000..14d5c047b --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/clusterRole.yaml @@ -0,0 +1,41 @@ +# Copyright 2020 K8s Network Plumbing Group +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} +{{- if .Values.manifests.clusterRole }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ .Chart.Name }} +rules: + - apiGroups: ["k8s.cni.cncf.io"] + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - pods/status + verbs: + - get + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create +{{- end }} +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/clusterRoleBinding.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/clusterRoleBinding.yaml new file mode 100755 index 000000000..d413af1ed --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/clusterRoleBinding.yaml @@ -0,0 +1,29 @@ +# Copyright 2020 K8s Network Plumbing Group +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} +{{- if .Values.manifests.clusterRoleBinding }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ .Chart.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Chart.Name }} +subjects: +- kind: ServiceAccount + name: {{ .Values.serviceAccount.name }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/configMap.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/configMap.yaml new file mode 100755 index 000000000..04187fd1f --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/configMap.yaml @@ -0,0 +1,27 @@ +# Copyright 2020 K8s Network Plumbing Group +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} +{{- if .Values.manifests.configMap }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-{{ .Chart.Version }}-config + namespace: {{ .Release.Namespace }} + labels: +{{- include "multus.labels" . | indent 4 }} +data: + cni-conf.json: |- +{{ toJson .Values.config.cni_conf | indent 4 }} +{{- end }} +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/customResourceDefinition.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/customResourceDefinition.yaml new file mode 100755 index 000000000..d86bf91c3 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/customResourceDefinition.yaml @@ -0,0 +1,43 @@ +# Copyright 2020 K8s Network Plumbing Group +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} +{{- if .Values.manifests.customResourceDefinition }} +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: network-attachment-definitions.k8s.cni.cncf.io +spec: + group: k8s.cni.cncf.io + scope: Namespaced + names: + plural: network-attachment-definitions + singular: network-attachment-definition + kind: NetworkAttachmentDefinition + shortNames: + - net-attach-def + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + config: + type: string +{{- end }} +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/daemonSet.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/daemonSet.yaml new file mode 100755 index 000000000..30eb3f8ed --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/daemonSet.yaml @@ -0,0 +1,103 @@ +# Copyright 2020 K8s Network Plumbing Group +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} +{{- if .Values.manifests.daemonSet }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ .Release.Name }}-ds + namespace: {{ .Release.Namespace }} + labels: +{{- include "multus.labels" . | indent 4 }} +spec: + selector: + matchLabels: + app: {{ .Chart.Name }} + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + template: + metadata: + labels: +{{- include "multus.labels" . | indent 8 }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configMap.yaml") . | sha256sum }} + spec: + priorityClassName: system-node-critical + hostNetwork: true + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + nodeSelector: {{- toYaml .Values.labels.nodeSelector | nindent 8 }} + tolerations: + - operator: Exists + effect: NoSchedule + - operator: Exists + effect: NoExecute + serviceAccountName: {{ .Values.serviceAccount.name }} + initContainers: + - name: cni-plugins + image: {{ template "system_default_registry" . }}{{ .Values.cniplugins.image.repository }}:{{ .Values.cniplugins.image.tag }} + securityContext: + privileged: true + volumeMounts: + - name: cnibin + mountPath: /host/opt/cni/bin + env: + - name: SKIP_CNI_BINARIES + value: {{ .Values.cniplugins.skipcnis }} + containers: + - name: kube-{{ .Chart.Name }} + image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: KUBERNETES_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + command: ["/thin_entrypoint"] + args: + - "--multus-conf-file=auto" + - "--cni-version=0.3.1" + {{- if .Values.pod.resources.multus }} + resources: {{- toYaml .Values.pod.resources.multus | nindent 10 }} + {{- end }} + securityContext: + privileged: true + volumeMounts: + - name: cni + mountPath: /host/etc/cni/net.d + - name: cnibin + mountPath: /host/opt/cni/bin + {{- if .Values.manifests.configMap }} + - name: multus-cfg + mountPath: /tmp/multus-conf/00-multus.conf.template + subPath: "cni-conf.json" + {{- end }} + volumes: + - name: cni + hostPath: + path: /etc/cni/net.d + - name: cnibin + hostPath: + path: /opt/cni/bin + {{- if .Values.manifests.configMap }} + - name: multus-cfg + configMap: + name: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/serviceAccount.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/serviceAccount.yaml new file mode 100755 index 000000000..35bcfbf45 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/templates/serviceAccount.yaml @@ -0,0 +1,22 @@ +# Copyright 2020 K8s Network Plumbing Group +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} +{{- if .Values.manifests.serviceAccount }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.serviceAccount.name }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/values.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/values.yaml new file mode 100755 index 000000000..273e5f3c0 --- /dev/null +++ b/charts/rke2-multus/rke2-multus/v4.0.2-build2023070702/values.yaml @@ -0,0 +1,131 @@ +# Copyright 2020 K8s Network Plumbing Group +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for multus. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +#replicaCount: 1 + +image: + repository: rancher/hardened-multus-cni + tag: v4.0.2-build20230707 + pullPolicy: IfNotPresent + +#imagePullSecrets: [] +#nameOverride: "" +#fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + #create: true + # Annotations to add to the service account + #annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: multus + +pod: + resources: + enabled: false + multus: + requests: + memory: "128Mi" + cpu: "250m" + limits: + memory: "1024Mi" + cpu: "2000m" + +#podSecurityContext: {} + # fsGroup: 2000 + +#securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +#service: + #type: ClusterIP + #port: 80 + +#ingress: + #enabled: false + #annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + #hosts: + #- host: chart-example.local + # paths: [] + #tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +labels: + nodeSelector: + kubernetes.io/os: linux + kubernetes.io/arch: amd64 + +config: + cni_conf: + name: multus-cni-network + type: multus + kubeconfig: /etc/cni/net.d/multus.d/multus.kubeconfig + cniVersion: 0.3.1 + confDir: /etc/cni/net.d + cniDir: /var/lib/cni/multus + binDir: /opt/cni/bin + logFile: /var/log/multus.log + logLevel: panic + capabilities: + portMappings: true + readinessindicatorfile: "" + namespaceIsolation: false + clusterNetwork: k8s-pod-network + defaultNetwork: [] + delegates: [] + systemNamespaces: ["kube-system"] + +manifests: + serviceAccount: true + clusterRole: true + clusterRoleBinding: true + configMap: false + daemonSet: true + customResourceDefinition: true + +#tolerations: [] + +#affinity: {} + + +## RANCHER ADDDED INFO ## +cniplugins: + image: + repository: rancher/hardened-cni-plugins + tag: v1.2.0-build20230523 + + # skipcnis is a comma separated list of cni binaries to skip from + # installing. + skipcnis: flannel + +global: + systemDefaultRegistry: "" + +rke2-whereabouts: + enabled: false + \ No newline at end of file diff --git a/index.yaml b/index.yaml index d126adfff..927964a81 100755 --- a/index.yaml +++ b/index.yaml @@ -8725,6 +8725,27 @@ entries: - assets/rke2-metrics-server/rke2-metrics-server-2.11.100-build2021022300.tgz version: 2.11.100-build2021022300 rke2-multus: + - apiVersion: v2 + appVersion: 4.0.2 + created: "2023-08-03T08:16:18.707276295Z" + dependencies: + - condition: rke2-whereabouts.enabled + name: rke2-whereabouts + repository: file://./charts/rke2-whereabouts + description: Multus Helm chart for Kubernetes + digest: 0644b98a83d142941d2f92d4685e83f16c139adc116b1d7b37f66b3ddf13d30f + home: https://github.com/k8snetworkplumbingwg/multus-cni + icon: https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/doc/images/Multus.png + maintainers: + - email: charts@rancher.com + name: Rancher Labs + name: rke2-multus + sources: + - https://github.com/intel/multus-cni + type: application + urls: + - assets/rke2-multus/rke2-multus-v4.0.2-build2023070702.tgz + version: v4.0.2-build2023070702 - apiVersion: v2 appVersion: 4.0.2 created: "2023-07-07T11:19:51.871251966Z"