Uncomment values and update to v0.24.1

Signed-off-by: Manuel Buil <[email protected]>
rancher · Jan 17, 2024 · cbce538 · cbce538
1 parent 369ff55
commit cbce538
Show file tree

Hide file tree

Showing 33 changed files with 1,396 additions and 0 deletions.
diff --git a/assets/rke2-flannel/rke2-flannel-v0.24.100.tgz b/assets/rke2-flannel/rke2-flannel-v0.24.100.tgz
diff --git a/assets/rke2-multus/rke2-multus-v4.0.2-build2023081108.tgz b/assets/rke2-multus/rke2-multus-v4.0.2-build2023081108.tgz
diff --git a/charts/rke2-flannel/rke2-flannel/v0.24.100/Chart.yaml b/charts/rke2-flannel/rke2-flannel/v0.24.100/Chart.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+appVersion: v0.24.1
+description: Install Flannel Network Plugin.
+keywords:
+- Flannel
+name: rke2-flannel
+sources:
+- https://github.com/rancher/rke2-charts
+version: v0.24.100
diff --git a/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/_helpers.tpl b/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/_helpers.tpl
@@ -0,0 +1,7 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/config.yaml b/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/config.yaml
@@ -0,0 +1,91 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: kube-flannel-cfg
+  namespace: {{ .Release.Namespace }}
+  labels:
+    tier: node
+    app: flannel
+data:
+  cni-conf.json: |
+    {
+      "name": "cbr0",
+      "cniVersion": "0.3.1",
+      "plugins": [
+        {
+          "type": "flannel",
+          "delegate": {
+            "hairpinMode": true,
+            "isDefaultGateway": true
+          }
+        },
+        {
+          "type": "portmap",
+          "capabilities": {
+            "portMappings": true
+          }
+        }
+      ]
+    }
+  net-conf.json: |
+    {
+{{- if .Values.global.clusterCIDRv4 }}
+      "Network": {{ .Values.global.clusterCIDRv4 | quote }},
+{{- else }}
+      "EnableIPv4": false,
+{{- end }}
+{{- if .Values.global.clusterCIDRv6 }}
+      "IPv6Network": {{ .Values.global.clusterCIDRv6 | quote }},
+      "EnableIPv6": true,
+{{- end }}
+      "Backend": {
+{{- if eq .Values.flannel.backend "vxlan" }}
+{{- if .Values.flannel.backendPort }}
+        "Port": {{ .Values.flannel.backendPort }},
+{{- end }}
+{{- if .Values.flannel.vni }}
+        "VNI": {{ .Values.flannel.vni }},
+{{- end }}
+{{- if .Values.flannel.GBP }}
+        "GBP": {{ .Values.flannel.GBP }},
+{{- end }}
+{{- if .Values.flannel.directRouting }}
+        "DirectRouting": {{ .Values.flannel.directRouting }},
+{{- end }}
+{{- if .Values.flannel.mtu }}
+        "MTU": {{ .Values.flannel.mtu }},
+{{- end }}
+{{- if .Values.flannel.macPrefix }}
+        "MacPrefix": {{ .Values.flannel.macPrefix }},
+{{- end }}
+        "Type": {{ .Values.flannel.backend | quote }}
+{{- else if eq .Values.flannel.backend "wireguard" }}
+{{- if .Values.flannel.backendPort }}
+        "ListenPort": {{ .Values.flannel.backendPort }},
+{{- end }}
+{{- if .Values.flannel.backendPortv6 }}
+        "ListenPortV6": {{ .Values.flannel.backendPortv6 }},
+{{- end }}
+{{- if .Values.flannel.psk }}
+        "PSK": {{ .Values.flannel.psk | quote }},
+{{- end }}
+{{- if .Values.flannel.mtu }}
+        "MTU": {{ .Values.flannel.mtu }},
+{{- end }}
+{{- if .Values.flannel.tunnelMode }}
+        "Mode": {{ .Values.flannel.tunnelMode }},
+{{- end }}
+{{- if .Values.flannel.keepaliveInterval }}
+        "PersistentKeepaliveInterval": {{ .Values.flannel.keepaliveInterval }},
+{{- end }}
+        "Type": {{ .Values.flannel.backend | quote }}
+{{- else if eq .Values.flannel.backend "udp" }}
+{{- if .Values.flannel.backendPort }}
+        "Port": {{ .Values.flannel.backendPort }},
+{{- end }}
+        "Type": {{ .Values.flannel.backend | quote }}
+{{- else }}
+        "Type": {{ .Values.flannel.backend | quote }}
+{{- end }}
+      }
+    }
diff --git a/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/daemonset.yaml b/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/daemonset.yaml
@@ -0,0 +1,107 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: kube-flannel-ds
+  namespace: {{ .Release.Namespace }}
+  labels:
+    tier: node
+    app: flannel
+spec:
+  selector:
+    matchLabels:
+      app: flannel
+  template:
+    metadata:
+      labels:
+        tier: node
+        app: flannel
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: kubernetes.io/os
+                operator: In
+                values:
+                - linux
+      hostNetwork: true
+      priorityClassName: system-node-critical
+      tolerations:
+      - operator: Exists
+        effect: NoSchedule
+      serviceAccountName: flannel
+      initContainers:
+      - name: install-cni-plugins
+        image: {{ template "system_default_registry" . }}{{ .Values.flannel.image_cni.repository }}:{{ .Values.flannel.image_cni.tag }}
+        volumeMounts:
+        - name: cni-plugin
+          mountPath: /host/opt/cni/bin
+      - name: install-cni
+        image: {{ template "system_default_registry" . }}{{ .Values.flannel.image.repository }}:{{ .Values.flannel.image.tag }}
+        command:
+        - cp
+        args:
+        - -f
+        - /etc/kube-flannel/cni-conf.json
+        - /etc/cni/net.d/10-flannel.conflist
+        volumeMounts:
+        - name: cni
+          mountPath: /etc/cni/net.d
+        - name: flannel-cfg
+          mountPath: /etc/kube-flannel/
+      containers:
+      - name: kube-flannel
+        image: {{ template "system_default_registry" . }}{{ .Values.flannel.image.repository }}:{{ .Values.flannel.image.tag }}
+        command:
+        - "/opt/bin/flanneld"
+        {{- range .Values.flannel.args }}
+        - {{ . | quote }}
+        {{- end }}
+        resources:
+          requests:
+            cpu: "100m"
+            memory: "50Mi"
+        securityContext:
+          privileged: false
+          capabilities:
+            add: ["NET_ADMIN", "NET_RAW"]
+        env:
+        - name: POD_NAME
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: POD_NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        - name: EVENT_QUEUE_DEPTH
+          value: "5000"
+        volumeMounts:
+        - name: run
+          mountPath: /run/flannel
+        - name: flannel-cfg
+          mountPath: /etc/kube-flannel/
+        - name: xtables-lock
+          mountPath: /run/xtables.lock
+      volumes:
+      - name: run
+        hostPath:
+          path: /run/flannel
+      - name: cni-plugin
+        hostPath:
+          path: /opt/cni/bin
+          type: DirectoryOrCreate
+      - name: cni
+        hostPath:
+          path: /etc/cni/net.d
+      - name: flannel-cfg
+        configMap:
+          name: kube-flannel-cfg
+      - name: xtables-lock
+        hostPath:
+          path: /run/xtables.lock
+          type: FileOrCreate
+      {{- if .Values.global.imagePullSecrets }}
+      imagePullSecrets: {{ toYaml .Values.global.imagePullSecrets | nindent 6 }}
+      {{- end }}
diff --git a/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/rbac.yaml b/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/rbac.yaml
@@ -0,0 +1,45 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: flannel
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - nodes/status
+  verbs:
+  - patch
+- apiGroups:
+  - "networking.k8s.io"
+  resources:
+  - clustercidrs
+  verbs:
+  - list
+  - watch
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: flannel
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: flannel
+subjects:
+- kind: ServiceAccount
+  name: flannel
+  namespace: {{ .Release.Namespace }}
diff --git a/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/serviceaccount.yaml b/charts/rke2-flannel/rke2-flannel/v0.24.100/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: flannel
+  namespace: {{ .Release.Namespace }}
diff --git a/charts/rke2-flannel/rke2-flannel/v0.24.100/values.yaml b/charts/rke2-flannel/rke2-flannel/v0.24.100/values.yaml
@@ -0,0 +1,51 @@
+---
+
+flannel:
+  # kube-flannel image
+  image:
+    repository: rancher/hardened-flannel
+    tag: v0.24.1-build20240117
+  image_cni:
+    repository: rancher/hardened-cni-plugins
+    tag: v1.2.0-build20240108
+  # flannel command arguments
+  args:
+  - "--ip-masq"
+  - "--kube-subnet-mgr"
+  # Backend for kube-flannel. Backend should not be changed
+  # at runtime. (vxlan, host-gw, wireguard, udp)
+  # Documentation at https://github.com/flannel-io/flannel/blob/master/Documentation/backends.md
+  backend: "vxlan"
+  # Port used by the backend 0 means default value (VXLAN: 8472, Wireguard: 51821, UDP: 8285)
+  backendPort: 0
+  # MTU to use for outgoing packets (VXLAN and Wiregurad) if not defined the MTU of the external interface is used.
+  mtu: 1500 
+  #
+  # VXLAN Configs:
+  #
+  # VXLAN Identifier to be used. On Linux default is 1.
+  vni: 1
+  # Enable VXLAN Group Based Policy (Default false)
+  GBP: false
+  # Enable direct routes (default is false)
+  directRouting: false
+  # MAC prefix to be used on Windows. (Defaults is 0E-2A)
+  macPrefix: "0E-2A"
+  #
+  # Wireguard Configs:
+  #
+  # UDP listen port used with IPv6
+  backendPortv6: 51821
+  # Pre shared key to use
+  psk: 0
+  # IP version to use on Wireguard
+  tunnelMode: "separate"
+  # Persistent keep interval to use
+  keepaliveInterval: 0
+  #
+
+global:
+  systemDefaultRegistry: ""
+  clusterCIDRv4: ""
+  clusterCIDRv6: ""
+
diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023081108/.helmignore b/charts/rke2-multus/rke2-multus/v4.0.2-build2023081108/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023081108/Chart.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023081108/Chart.yaml
@@ -0,0 +1,17 @@
+apiVersion: v2
+appVersion: 4.0.2
+dependencies:
+- condition: rke2-whereabouts.enabled
+  name: rke2-whereabouts
+  repository: file://./charts/rke2-whereabouts
+description: Multus Helm chart for Kubernetes
+home: https://github.com/k8snetworkplumbingwg/multus-cni
+icon: https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/doc/images/Multus.png
+maintainers:
+- email: [email protected]
+  name: Rancher Labs
+name: rke2-multus
+sources:
+- https://github.com/intel/multus-cni
+type: application
+version: v4.0.2-build2023081108
diff --git a/charts/rke2-multus/rke2-multus/v4.0.2-build2023081108/charts/rke2-whereabouts/Chart.yaml b/charts/rke2-multus/rke2-multus/v4.0.2-build2023081108/charts/rke2-whereabouts/Chart.yaml
@@ -0,0 +1,10 @@
+apiVersion: v2
+appVersion: 0.6.3
+description: A Helm chart to deploy the whereabouts CNI
+home: https://github.com/k8snetworkplumbingwg/whereabouts
+maintainers:
+- email: [email protected]
+  name: Rancher Labs
+name: rke2-whereabouts
+type: application
+version: 0.1.1