Skip to content

Commit

Permalink
aws-vpc-cni: v1.18.3 (#1138)
Browse files Browse the repository at this point in the history 
Co-authored-by: eks-bot <[email protected]>
  • Loading branch information
@eks-networking-bot @eks-bot
eks-networking-bot and eks-bot authored Jul 31, 2024
1 parent 828ae8d commit e461dc8
Show file tree
Hide file tree
Showing 6 changed files with 66 additions and 11 deletions.
4 changes: 2 additions & 2 deletions stable/aws-vpc-cni/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v1
name: aws-vpc-cni
version: 1.18.2
appVersion: "v1.18.2"
version: 1.18.3
appVersion: "v1.18.3"
description: A Helm chart for the AWS VPC CNI
icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
home: https://github.com/aws/amazon-vpc-cni-k8s
Expand Down
8 changes: 3 additions & 5 deletions stable/aws-vpc-cni/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,15 +48,15 @@ The following table lists the configurable parameters for this chart and their d
| `minimumWindowsIPTarget`| Minimum IP target value for Windows prefix delegation | `3` |
| `branchENICooldown` | Number of seconds that branch ENIs remain in cooldown | `60` |
| `fullnameOverride` | Override the fullname of the chart | `aws-node` |
| `image.tag` | Image tag | `v1.18.2` |
| `image.tag` | Image tag | `v1.18.3` |
| `image.domain` | ECR repository domain | `amazonaws.com` |
| `image.region` | ECR repository region to use. Should match your cluster | `us-west-2` |
| `image.endpoint` | ECR repository endpoint to use. | `ecr` |
| `image.account` | ECR repository account number | `602401143452` |
| `image.pullPolicy` | Container pull policy | `IfNotPresent` |
| `image.override` | A custom docker image to use | `nil` |
| `imagePullSecrets` | Docker registry pull secret | `[]` |
| `init.image.tag` | Image tag | `v1.18.2` |
| `init.image.tag` | Image tag | `v1.18.3` |
| `init.image.domain` | ECR repository domain | `amazonaws.com` |
| `init.image.region` | ECR repository region to use. Should match your cluster | `us-west-2` |
| `init.image.endpoint` | ECR repository endpoint to use. | `ecr` |
Expand All @@ -77,6 +77,7 @@ The following table lists the configurable parameters for this chart and their d
| `nodeAgent.image.pullPolicy` | Container pull policy | `IfNotPresent` |
| `nodeAgent.securityContext` | Node Agent container Security context | `capabilities: add: - "NET_ADMIN" privileged: true` |
| `nodeAgent.enableCloudWatchLogs` | Enable CW logging for Node Agent | `false` |
`nodeAgent.networkPolicyAgentLogFileLocation` | Log File location of Network Policy Agent | `/var/log/aws-routed-eni/network-policy-agent.log` |
| `nodeAgent.enablePolicyEventLogs` | Enable policy decision logs for Node Agent | `false` |
| `nodeAgent.metricsBindAddr` | Node Agent port for metrics | `8162` |
| `nodeAgent.healthProbeBindAddr` | Node Agent port for health probes | `8163` |
Expand Down Expand Up @@ -125,14 +126,11 @@ done
kubectl -n kube-system annotate --overwrite configmap amazon-vpc-cni meta.helm.sh/release-name=aws-vpc-cni
kubectl -n kube-system annotate --overwrite configmap amazon-vpc-cni meta.helm.sh/release-namespace=kube-system
kubectl -n kube-system label --overwrite configmap amazon-vpc-cni app.kubernetes.io/managed-by=Helm
```
Kubernetes recommends using server-side apply for more control over the field manager. After adopting the chart resources, you can run the following command to apply the chart:

```
helm template aws-vpc-cni --include-crds --namespace kube-system eks/aws-vpc-cni --set originalMatchLabels=true | kubectl apply --server-side --force-conflicts --field-manager Helm -f -
```
## Migrate from Helm v2 to Helm v3

You can use the [Helm 2to3 plugin](https://github.com/helm/helm-2to3) to migrate releases from Helm v2 to Helm v3. For a more detailed explanation with some examples about this migration plugin, refer to Helm blog post: [How to migrate from Helm v2 to Helm v3](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/).
34 changes: 34 additions & 0 deletions stable/aws-vpc-cni/crds/customresourcedefinition.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,40 @@ spec:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
description: ENIConfig is the Schema for the eniconfigs API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ENIConfigSpec defines the desired state of ENIConfig
properties:
securityGroups:
items:
type: string
type: array
subnet:
type: string
required:
- subnet
type: object
status:
description: ENIConfigStatus defines the observed state of ENIConfig
type: object
names:
plural: eniconfigs
singular: eniconfig
Expand Down
2 changes: 1 addition & 1 deletion stable/aws-vpc-cni/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
{{ include "aws-vpc-cni.labels" . | indent 4 }}
binaryData:
10-aws.conflist: {{ .Values.cniConfig.fileContents | b64enc }}
{{- end -}}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
Expand Down
3 changes: 3 additions & 0 deletions stable/aws-vpc-cni/templates/daemonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,9 @@ spec:
{{- range $key, $value := .Values.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- with .Values.extraEnv }}
{{- toYaml .| nindent 12 }}
{{- end }}
- name: MY_NODE_NAME
valueFrom:
Expand Down
26 changes: 23 additions & 3 deletions stable/aws-vpc-cni/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ nameOverride: aws-node

init:
image:
tag: v1.18.2
tag: v1.18.3
domain: amazonaws.com
region: us-west-2
endpoint: ecr
Expand Down Expand Up @@ -51,7 +51,7 @@ nodeAgent:
resources: {}

image:
tag: v1.18.2
tag: v1.18.3
domain: amazonaws.com
region: us-west-2
endpoint: ecr
Expand All @@ -65,6 +65,7 @@ image:
# See https://github.com/aws/amazon-vpc-cni-k8s#cni-configuration-variables
env:
ADDITIONAL_ENI_TAGS: "{}"
ANNOTATE_POD_IP: "false"
AWS_VPC_CNI_NODE_PORT_SUPPORT: "true"
AWS_VPC_ENI_MTU: "9001"
AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG: "false"
Expand All @@ -85,9 +86,28 @@ env:
ENABLE_IPv4: "true"
ENABLE_IPv6: "false"
ENABLE_SUBNET_DISCOVERY: "true"
VPC_CNI_VERSION: "v1.18.2"
VPC_CNI_VERSION: "v1.18.3"
NETWORK_POLICY_ENFORCING_MODE: "standard"

# Add env from configMap or from secrets
# - name: ENV_VAR1
# valueFrom:
# configMapKeyRef:
# name: example-config
# key: ENV_VAR1
# - name: ENV_VAR2
# valueFrom:
# configMapKeyRef:
# name: example-config
# key: ENV_VAR2
# - name: SECRET_VAR1
# valueFrom:
# secretKeyRef:
# name: example-secret
# key: SECRET_VAR1
extraEnv: []


# this flag enables you to use the match label that was present in the original daemonset deployed by EKS
# You can then annotate and label the original aws-node resources and 'adopt' them into a helm release
originalMatchLabels: false
Expand Down

0 comments on commit e461dc8

Please sign in to comment.