diff --git a/assets/rancher-macvlan/rancher-macvlan-0.10.3.tgz b/assets/rancher-macvlan/rancher-macvlan-0.10.3.tgz new file mode 100644 index 00000000..d09cee11 Binary files /dev/null and b/assets/rancher-macvlan/rancher-macvlan-0.10.3.tgz differ diff --git a/packages/rancher-macvlan/0.10.0/.helmignore b/charts/rancher-macvlan/0.10.3/.helmignore similarity index 100% rename from packages/rancher-macvlan/0.10.0/.helmignore rename to charts/rancher-macvlan/0.10.3/.helmignore diff --git a/charts/rancher-macvlan/0.10.3/Chart.yaml b/charts/rancher-macvlan/0.10.3/Chart.yaml new file mode 100644 index 00000000..77a13e29 --- /dev/null +++ b/charts/rancher-macvlan/0.10.3/Chart.yaml @@ -0,0 +1,24 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Rancher Macvlan + catalog.cattle.io/kube-version: '>=1.27.0-0' + catalog.cattle.io/namespace: kube-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0' + catalog.cattle.io/release-name: rancher-macvlan + catalog.cattle.io/type: cluster-tool +apiVersion: v2 +appVersion: 0.10.0 +description: The Macvlan Networking For Rancher2.x +home: https://github.com/cnrancher +keywords: +- networking +kubeVersion: '>=1.27.0-0' +maintainers: +- email: starry.wang@suse.com + name: StarryWang +name: rancher-macvlan +sources: +- https://github.com/cnrancher +version: 0.10.3 diff --git a/packages/rancher-macvlan/0.10.0/README.md b/charts/rancher-macvlan/0.10.3/README.md similarity index 100% rename from packages/rancher-macvlan/0.10.0/README.md rename to charts/rancher-macvlan/0.10.3/README.md diff --git a/packages/rancher-macvlan/0.10.0/questions.yaml b/charts/rancher-macvlan/0.10.3/questions.yaml similarity index 100% rename from packages/rancher-macvlan/0.10.0/questions.yaml rename to charts/rancher-macvlan/0.10.3/questions.yaml diff --git a/packages/rancher-macvlan/0.10.0/templates/_helpers.tpl b/charts/rancher-macvlan/0.10.3/templates/_helpers.tpl similarity index 96% rename from packages/rancher-macvlan/0.10.0/templates/_helpers.tpl rename to charts/rancher-macvlan/0.10.3/templates/_helpers.tpl index 565cdb1e..e5ff42f0 100644 --- a/packages/rancher-macvlan/0.10.0/templates/_helpers.tpl +++ b/charts/rancher-macvlan/0.10.3/templates/_helpers.tpl @@ -38,7 +38,7 @@ Expand the name of the chart. {{- define "multus_cnibin_host_path" -}} {{- if eq .Values.clusterType "K3s" -}} -/var/lib/rancher/k3s/data/current/bin +/var/lib/rancher/k3s/data/cni {{- else -}} /opt/cni/bin {{- end -}} diff --git a/packages/rancher-macvlan/0.10.0/templates/multus-macvlan.yml b/charts/rancher-macvlan/0.10.3/templates/multus-macvlan.yml similarity index 98% rename from packages/rancher-macvlan/0.10.0/templates/multus-macvlan.yml rename to charts/rancher-macvlan/0.10.3/templates/multus-macvlan.yml index e5e7e232..d2f6524a 100644 --- a/packages/rancher-macvlan/0.10.0/templates/multus-macvlan.yml +++ b/charts/rancher-macvlan/0.10.3/templates/multus-macvlan.yml @@ -111,14 +111,14 @@ spec: lifecycle: preStop: exec: - command: ["/bin/sh", "-c", "rm -f /host/etc/cni/net.d/00-multus.conf"] + command: ["/bin/sh", "-c", "rm -f /host/etc/cni/net.d/00-multus.con*"] resources: requests: cpu: "100m" - memory: "50Mi" + memory: "64Mi" limits: cpu: "100m" - memory: "50Mi" + memory: "64Mi" securityContext: privileged: true volumeMounts: @@ -168,10 +168,10 @@ spec: resources: requests: cpu: "100m" - memory: "50Mi" + memory: "64Mi" limits: cpu: "100m" - memory: "50Mi" + memory: "64Mi" securityContext: privileged: true volumeMounts: diff --git a/packages/rancher-macvlan/0.10.0/values.yaml b/charts/rancher-macvlan/0.10.3/values.yaml similarity index 92% rename from packages/rancher-macvlan/0.10.0/values.yaml rename to charts/rancher-macvlan/0.10.3/values.yaml index 61814e53..cc577fe5 100644 --- a/packages/rancher-macvlan/0.10.0/values.yaml +++ b/charts/rancher-macvlan/0.10.3/values.yaml @@ -21,13 +21,13 @@ nadcResources: image: multus: repository: cnrancher/hardened-multus-cni - tag: v4.1.0 + tag: v4.1.3 networkController: repository: cnrancher/network-controller - tag: v0.10.0 + tag: v0.10.3 admission: repository: cnrancher/network-admission-deploy - tag: v0.10.0 + tag: v0.10.3 nadController: repository: cnrancher/k8s-net-attach-def-controller tag: v0.5.1 diff --git a/index.yaml b/index.yaml index 58e23c0e..14d55076 100755 --- a/index.yaml +++ b/index.yaml @@ -1231,6 +1231,34 @@ entries: - assets/rancher-k8s-auditlog-collector/rancher-k8s-auditlog-collector-0.0.1.tgz version: 0.0.1 rancher-macvlan: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Rancher Macvlan + catalog.cattle.io/kube-version: '>=1.27.0-0' + catalog.cattle.io/namespace: kube-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0' + catalog.cattle.io/release-name: rancher-macvlan + catalog.cattle.io/type: cluster-tool + apiVersion: v2 + appVersion: 0.10.0 + created: "2025-01-17T17:49:39.294065468+08:00" + description: The Macvlan Networking For Rancher2.x + digest: 7a26ac8b742d1b15414ce6062b9aaa2c48c296af039a74e8fd0d316b0472e6f2 + home: https://github.com/cnrancher + keywords: + - networking + kubeVersion: '>=1.27.0-0' + maintainers: + - email: starry.wang@suse.com + name: StarryWang + name: rancher-macvlan + sources: + - https://github.com/cnrancher + urls: + - assets/rancher-macvlan/rancher-macvlan-0.10.3.tgz + version: 0.10.3 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/display-name: Rancher Macvlan diff --git a/packages/rancher-macvlan/0.10.3/.helmignore b/packages/rancher-macvlan/0.10.3/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/packages/rancher-macvlan/0.10.3/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/packages/rancher-macvlan/0.10.0/Chart.yaml b/packages/rancher-macvlan/0.10.3/Chart.yaml similarity index 100% rename from packages/rancher-macvlan/0.10.0/Chart.yaml rename to packages/rancher-macvlan/0.10.3/Chart.yaml diff --git a/packages/rancher-macvlan/0.10.3/README.md b/packages/rancher-macvlan/0.10.3/README.md new file mode 100644 index 00000000..567afcfb --- /dev/null +++ b/packages/rancher-macvlan/0.10.3/README.md @@ -0,0 +1,3 @@ +# rancher-macvlan + +> **Important**: Please install the chart in the `kube-system` namespace only. diff --git a/packages/rancher-macvlan/0.10.3/questions.yaml b/packages/rancher-macvlan/0.10.3/questions.yaml new file mode 100644 index 00000000..567e17b3 --- /dev/null +++ b/packages/rancher-macvlan/0.10.3/questions.yaml @@ -0,0 +1,69 @@ +rancher_min_version: 2.9.0-0 +categories: +- Networking +namespace: kube-system +questions: +- variable: privateRegistry.registryUrl + label: Private registry URL + description: "URL of private registry. Leave blank to apply system default registry." + group: "Basic Setup" + type: string + default: "" +- variable: clusterType + description: "Please choose K3s when using K3s built-in flannel" + default: "Default" + type: enum + label: "Cluster Type" + group: "Basic Setup" + options: + - "Default" + - "K3s" +- variable: multus.cniVersion + description: "CNI Version for multus" + default: "0.3.1" + type: enum + label: "CNI Version" + group: "CNI Plugin" + options: + - "1.0.0" + - "0.4.0" + - "0.3.1" +- variable: iface + description: "Automatic detection by default" + default: "" + type: string + label: "Networking Iface" + group: "CNI Plugin" +- variable: podCIDR + default: "10.42.0.0/16" + description: "Same value with the Kubernetes config" + type: string + label: "Pod Networking CIDR" + group: "CNI Plugin" +- variable: arpPolicy + default: "arping" + description: "The policy of sending Gratuitous ARP" + type: enum + label: "ARP Refresh Policy" + group: "CNI Plugin" + options: + - "arping" + - "arp_notify" +- variable: proxyARP + default: "false" + description: "Enable or disable Proxy ARP on Pod nic" + type: boolean + label: "Proxy ARP" + group: "CNI Plugin" +- variable: ncResources.limits.memory + default: "512Mi" + description: "Maximum amount of memory to allocate per network-controller pod" + type: string + label: Network Controller + group: "Resource Limits" +- variable: nadcResources.limits.memory + default: "512Mi" + description: "Maximum amount of memory to allocate per kube-net-attach-def-controller pod" + type: string + label: Kube-net-attach-def Controller + group: "Resource Limits" diff --git a/packages/rancher-macvlan/0.10.3/templates/_helpers.tpl b/packages/rancher-macvlan/0.10.3/templates/_helpers.tpl new file mode 100644 index 00000000..e5ff42f0 --- /dev/null +++ b/packages/rancher-macvlan/0.10.3/templates/_helpers.tpl @@ -0,0 +1,45 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{- define "registry_url" -}} +{{- if .Values.privateRegistry.registryUrl -}} +{{- printf "%s/" .Values.privateRegistry.registryUrl -}} +{{- else -}} +{{ include "system_default_registry" . }} +{{- end -}} +{{- end -}} + +{{- define "multus_cniconf_kubeconfig" -}} +{{- if eq .Values.clusterType "K3s" -}} +/var/lib/rancher/k3s/agent/etc/cni/net.d/multus.d/multus.kubeconfig +{{- else -}} +/etc/cni/net.d/multus.d/multus.kubeconfig +{{- end -}} +{{- end -}} + +{{- define "multus_cniconf_host_path" -}} +{{- if eq .Values.clusterType "K3s" -}} +/var/lib/rancher/k3s/agent/etc/cni/net.d +{{- else -}} +/etc/cni/net.d +{{- end -}} +{{- end -}} + + +{{- define "multus_cnibin_host_path" -}} +{{- if eq .Values.clusterType "K3s" -}} +/var/lib/rancher/k3s/data/cni +{{- else -}} +/opt/cni/bin +{{- end -}} +{{- end -}} diff --git a/packages/rancher-macvlan/0.10.3/templates/multus-macvlan.yml b/packages/rancher-macvlan/0.10.3/templates/multus-macvlan.yml new file mode 100644 index 00000000..d2f6524a --- /dev/null +++ b/packages/rancher-macvlan/0.10.3/templates/multus-macvlan.yml @@ -0,0 +1,284 @@ +# +# https://github.com/k8snetworkplumbingwg/multus-cni/blob/v3.9.2/deployments/multus-daemonset.yml +# +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: network-attachment-definitions.k8s.cni.cncf.io +spec: + group: k8s.cni.cncf.io + scope: Namespaced + names: + plural: network-attachment-definitions + singular: network-attachment-definition + kind: NetworkAttachmentDefinition + shortNames: + - net-attach-def + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + description: 'NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing + Working Group to express the intent for attaching pods to one or more logical or physical + networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec' + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this represen + tation of an object. Servers should convert recognized schemas to the + latest internal value, and may reject unrecognized values. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'NetworkAttachmentDefinition spec defines the desired state of a network attachment' + type: object + properties: + config: + description: 'NetworkAttachmentDefinition config is a JSON-formatted CNI configuration' + type: string +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: multus + annotations: + "helm.sh/resource-policy": keep +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: multus + namespace: kube-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: multus + namespace: kube-system + annotations: + "helm.sh/resource-policy": keep +--- +# +# https://github.com/k8snetworkplumbingwg/multus-cni/blob/v3.9.2/deployments/multus-daemonset.yml +# +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: kube-multus-ds + namespace: kube-system +spec: + updateStrategy: + type: RollingUpdate + selector: + matchLabels: + name: multus + template: + metadata: + labels: + name: multus + annotations: + release/revision: "{{ .Release.Revision }}" + spec: + hostNetwork: true + tolerations: + - operator: Exists + effect: NoSchedule + - operator: Exists + effect: NoExecute + serviceAccountName: multus + containers: + - name: kube-multus + image: {{ template "registry_url" . }}{{ .Values.image.multus.repository }}:{{ .Values.image.multus.tag }} + imagePullPolicy: IfNotPresent + command: ["/thin_entrypoint"] + args: + - --multus-conf-file=auto + - --cni-version={{ .Values.multus.cniVersion }} + - --multus-kubeconfig-file-host={{ template "multus_cniconf_kubeconfig" . }} + lifecycle: + preStop: + exec: + command: ["/bin/sh", "-c", "rm -f /host/etc/cni/net.d/00-multus.con*"] + resources: + requests: + cpu: "100m" + memory: "64Mi" + limits: + cpu: "100m" + memory: "64Mi" + securityContext: + privileged: true + volumeMounts: + - name: cni + mountPath: /host/etc/cni/net.d + - name: cnibin + mountPath: /host/opt/cni/bin + terminationGracePeriodSeconds: 10 + volumes: + - name: cni + hostPath: + path: {{ template "multus_cniconf_host_path" . }} + - name: cnibin + hostPath: + path: {{ template "multus_cnibin_host_path" . }} + nodeSelector: + kubernetes.io/os: linux +--- +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: network-cni-ds + namespace: kube-system + labels: + name: network-cni-ds +spec: + selector: + matchLabels: + name: network-cni-ds + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + name: network-cni-ds + spec: + hostNetwork: true + tolerations: + - operator: Exists + serviceAccountName: multus + containers: + - name: kube-macvlan-cni + image: {{ template "registry_url" . }}{{ .Values.image.staticMacvlan.repository }}:{{ .Values.image.staticMacvlan.tag }} + imagePullPolicy: IfNotPresent + command: ["/entrypoint.sh"] + resources: + requests: + cpu: "100m" + memory: "64Mi" + limits: + cpu: "100m" + memory: "64Mi" + securityContext: + privileged: true + volumeMounts: + - name: cni + mountPath: /host/etc/cni/net.d + - name: cnibin + mountPath: /host/opt/cni/bin + volumes: + - name: cni + hostPath: + path: {{ template "multus_cniconf_host_path" . }} + - name: cnibin + hostPath: + path: {{ template "multus_cnibin_host_path" . }} +--- +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: network-admission-deploy + namespace: kube-system +spec: + strategy: + type: Recreate + selector: + matchLabels: + app: network-admission-deploy + template: + metadata: + labels: + app: network-admission-deploy + spec: + containers: + - image: {{ template "registry_url" . }}{{ .Values.image.admission.repository }}:{{ .Values.image.admission.tag }} + name: network-admission-deploy + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: ["/bin/bash","-c","/pre-stop-hook.sh"] + serviceAccountName: multus +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: network-controller + namespace: kube-system + labels: + app: network-controller +spec: + strategy: + type: Recreate + selector: + matchLabels: + app: network-controller + template: + metadata: + namespace: kube-system + labels: + app: network-controller + spec: + serviceAccountName: multus + containers: + - image: {{ template "registry_url" . }}{{ .Values.image.networkController.repository }}:{{ .Values.image.networkController.tag }} + name: network-controller + env: + - name: PANDARIA_MACVLAN_CNI_ARP_POLICY + value: "{{ .Values.arpPolicy }}" + - name: PANDARIA_MACVLAN_CNI_PROXY_ARP + value: "{{ .Values.proxyARP }}" + imagePullPolicy: IfNotPresent + resources: + limits: + memory: {{ .Values.ncResources.limits.memory | quote }} + volumeMounts: + - name: webhook-certs + mountPath: /etc/webhook/certs + volumes: + - name: webhook-certs + secret: + secretName: network-controller-webhook-certs +--- +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kube-net-attach-def-controller + namespace: kube-system + labels: + app: kube-net-attach-def-controller +spec: + selector: + matchLabels: + app: kube-net-attach-def-controller + template: + metadata: + namespace: kube-system + labels: + app: kube-net-attach-def-controller + spec: + serviceAccountName: multus + containers: + - image: {{ template "registry_url" . }}{{ .Values.image.nadController.repository }}:{{ .Values.image.nadController.tag }} + name: kube-net-attach-def-controller + resources: + limits: + memory: {{ .Values.nadcResources.limits.memory | quote }} + imagePullPolicy: IfNotPresent + command: [ "k8s-net-attach-def-controller" ] +--- diff --git a/packages/rancher-macvlan/0.10.3/values.yaml b/packages/rancher-macvlan/0.10.3/values.yaml new file mode 100644 index 00000000..cc577fe5 --- /dev/null +++ b/packages/rancher-macvlan/0.10.3/values.yaml @@ -0,0 +1,43 @@ +iface: "" + +podCIDR: "10.42.0.0/16" + +arpPolicy: "arping" + +proxyARP: false + +clusterType: "Default" + +multus: + cniVersion: "0.3.1" + +ncResources: + limits: + memory: 512Mi +nadcResources: + limits: + memory: 512Mi + +image: + multus: + repository: cnrancher/hardened-multus-cni + tag: v4.1.3 + networkController: + repository: cnrancher/network-controller + tag: v0.10.3 + admission: + repository: cnrancher/network-admission-deploy + tag: v0.10.3 + nadController: + repository: cnrancher/k8s-net-attach-def-controller + tag: v0.5.1 + staticMacvlan: + repository: cnrancher/static-macvlan-cni + tag: v0.7.0 + +global: + cattle: + systemDefaultRegistry: "" + +privateRegistry: + registryUrl: ~ diff --git a/packages/rancher-macvlan/package.yaml b/packages/rancher-macvlan/package.yaml index 18e5d46a..6338399d 100644 --- a/packages/rancher-macvlan/package.yaml +++ b/packages/rancher-macvlan/package.yaml @@ -1,3 +1,3 @@ url: local -workingDir: "0.10.0" -version: 0.10.0 +workingDir: "0.10.3" +version: 0.10.3 diff --git a/release.yaml b/release.yaml new file mode 100644 index 00000000..6cf64e2e --- /dev/null +++ b/release.yaml @@ -0,0 +1,2 @@ +rancher-macvlan: + - 0.10.2 diff --git a/tests/rancher-macvlan/rancher_macvlan.go b/tests/rancher-macvlan/rancher_macvlan.go index 697f9daf..7d2bc70c 100644 --- a/tests/rancher-macvlan/rancher_macvlan.go +++ b/tests/rancher-macvlan/rancher_macvlan.go @@ -221,7 +221,7 @@ var suite = test.Suite{ var ( MultusCniconfHostPathK3s = "/var/lib/rancher/k3s/agent/etc/cni/net.d" MultusCniconfHostPathDefault = "/etc/cni/net.d" - MultusCnibinHostPathK3s = "/var/lib/rancher/k3s/data/current/bin" + MultusCnibinHostPathK3s = "/var/lib/rancher/k3s/data/cni" MultusCnibinHostPathDefault = "/opt/cni/bin" ) for _, v := range podTemplateSpec.Spec.Volumes {