From 169a3911d64136719981972df63c2bfd9c3858bd Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 18 Dec 2024 01:48:28 +0000 Subject: [PATCH] Update Helm release metallb to v0.13.12 Signed-off-by: Renovate Bot --- class/defaults.yml | 2 +- .../metallb/templates/controller.yaml | 9 +- .../metallb/templates/exclude-l2-config.yaml | 21 ++ .../metallb/templates/rbac.yaml | 50 ++-- .../metallb/templates/service-accounts.yaml | 10 +- .../metallb/templates/speaker.yaml | 241 +++++++++++++++++- .../metallb/templates/webhooks.yaml | 14 +- .../metallb/templates/controller.yaml | 9 +- .../metallb/templates/exclude-l2-config.yaml | 21 ++ .../metallb/templates/rbac.yaml | 50 ++-- .../metallb/templates/service-accounts.yaml | 10 +- .../metallb/templates/speaker.yaml | 241 +++++++++++++++++- .../metallb/templates/webhooks.yaml | 14 +- .../metallb/templates/controller.yaml | 9 +- .../metallb/templates/exclude-l2-config.yaml | 21 ++ .../metallb/templates/rbac.yaml | 50 ++-- .../metallb/templates/service-accounts.yaml | 10 +- .../metallb/templates/speaker.yaml | 241 +++++++++++++++++- .../metallb/templates/webhooks.yaml | 14 +- 19 files changed, 940 insertions(+), 97 deletions(-) create mode 100644 tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml create mode 100644 tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml create mode 100644 tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml diff --git a/class/defaults.yml b/class/defaults.yml index 7ed14e1..85c7f3b 100644 --- a/class/defaults.yml +++ b/class/defaults.yml @@ -8,7 +8,7 @@ parameters: charts: metallb: source: https://metallb.github.io/metallb - version: 0.13.9 + version: 0.13.12 helm_values: speaker: secretName: ${metallb:speaker:secretname} diff --git a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml index 1391e13..8d1a719 100644 --- a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml +++ b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml @@ -6,9 +6,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb spec: selector: matchLabels: @@ -34,7 +35,9 @@ spec: value: metallb-memberlist - name: METALLB_DEPLOYMENT value: metallb-controller - image: quay.io/metallb/controller:v0.13.9 + - name: METALLB_BGP_TYPE + value: frr + image: quay.io/metallb/controller:v0.13.12 livenessProbe: failureThreshold: 3 httpGet: diff --git a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml new file mode 100644 index 0000000..ec12dd0 --- /dev/null +++ b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +data: + excludel2.yaml: | + announcedInterfacesToExclude: + - ^docker.* + - ^cbr.* + - ^dummy.* + - ^virbr.* + - ^lxcbr.* + - ^veth.* + - ^lo$ + - ^cali.* + - ^tunl.* + - ^flannel.* + - ^kube-ipvs.* + - ^cni.* + - ^nodelocaldns.* +kind: ConfigMap +metadata: + name: metallb-excludel2 + namespace: syn-metallb diff --git a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml index cc119b1..9bbc359 100644 --- a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml +++ b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml @@ -5,8 +5,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:controller rules: - apiGroups: @@ -18,6 +18,12 @@ rules: - get - list - watch + - apiGroups: + - '' + resources: + - nodes + verbs: + - list - apiGroups: - '' resources: @@ -89,8 +95,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:speaker rules: - apiGroups: @@ -127,8 +133,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:controller roleRef: apiGroup: rbac.authorization.k8s.io @@ -146,8 +152,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:speaker roleRef: apiGroup: rbac.authorization.k8s.io @@ -165,9 +171,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-pod-lister + namespace: syn-metallb rules: - apiGroups: - '' @@ -183,6 +190,14 @@ rules: - get - list - watch + - apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - list + - watch - apiGroups: - metallb.io resources: @@ -247,9 +262,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb rules: - apiGroups: - '' @@ -349,9 +365,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-pod-lister + namespace: syn-metallb roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -367,9 +384,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml index fc4d8c3..33c8d36 100644 --- a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml +++ b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml @@ -6,9 +6,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb --- apiVersion: v1 kind: ServiceAccount @@ -18,6 +19,7 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-speaker + namespace: syn-metallb diff --git a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml index bb77aed..8922586 100644 --- a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml +++ b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml @@ -1,3 +1,108 @@ +apiVersion: v1 +data: + daemons: | + # This file tells the frr package which daemons to start. + # + # Sample configurations for these daemons can be found in + # /usr/share/doc/frr/examples/. + # + # ATTENTION: + # + # When activating a daemon for the first time, a config file, even if it is + # empty, has to be present *and* be owned by the user and group "frr", else + # the daemon will not be started by /etc/init.d/frr. The permissions should + # be u=rw,g=r,o=. + # When using "vtysh" such a config file is also needed. It should be owned by + # group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too. + # + # The watchfrr and zebra daemons are always started. + # + bgpd=yes + ospfd=no + ospf6d=no + ripd=no + ripngd=no + isisd=no + pimd=no + ldpd=no + nhrpd=no + eigrpd=no + babeld=no + sharpd=no + pbrd=no + bfdd=yes + fabricd=no + vrrpd=no + + # + # If this option is set the /etc/init.d/frr script automatically loads + # the config via "vtysh -b" when the servers are started. + # Check /etc/pam.d/frr if you intend to use "vtysh"! + # + vtysh_enable=yes + zebra_options=" -A 127.0.0.1 -s 90000000" + bgpd_options=" -A 127.0.0.1 -p 0" + ospfd_options=" -A 127.0.0.1" + ospf6d_options=" -A ::1" + ripd_options=" -A 127.0.0.1" + ripngd_options=" -A ::1" + isisd_options=" -A 127.0.0.1" + pimd_options=" -A 127.0.0.1" + ldpd_options=" -A 127.0.0.1" + nhrpd_options=" -A 127.0.0.1" + eigrpd_options=" -A 127.0.0.1" + babeld_options=" -A 127.0.0.1" + sharpd_options=" -A 127.0.0.1" + pbrd_options=" -A 127.0.0.1" + staticd_options="-A 127.0.0.1" + bfdd_options=" -A 127.0.0.1" + fabricd_options="-A 127.0.0.1" + vrrpd_options=" -A 127.0.0.1" + + # configuration profile + # + #frr_profile="traditional" + #frr_profile="datacenter" + + # + # This is the maximum number of FD's that will be available. + # Upon startup this is read by the control files and ulimit + # is called. Uncomment and use a reasonable value for your + # setup if you are expecting a large number of peers in + # say BGP. + #MAX_FDS=1024 + + # The list of daemons to watch is automatically generated by the init script. + #watchfrr_options="" + + # for debugging purposes, you can specify a "wrap" command to start instead + # of starting the daemon directly, e.g. to use valgrind on ospfd: + # ospfd_wrap="/usr/bin/valgrind" + # or you can use "all_wrap" for all daemons, e.g. to use perf record: + # all_wrap="/usr/bin/perf record --call-graph -" + # the normal daemon command is added to this at the end. + frr.conf: | + ! This file gets overriden the first time the speaker renders a config. + ! So anything configured here is only temporary. + frr version 7.5.1 + frr defaults traditional + hostname Router + line vty + log file /etc/frr/frr.log informational + vtysh.conf: | + service integrated-vtysh-config +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: speaker + app.kubernetes.io/instance: metallb + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: metallb + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 + name: metallb-frr-startup + namespace: syn-metallb +--- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -6,9 +111,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-speaker + namespace: syn-metallb spec: selector: matchLabels: @@ -45,7 +151,13 @@ spec: value: '7946' - name: METALLB_ML_SECRET_KEY_PATH value: /etc/ml_secret_key - image: quay.io/metallb/speaker:v0.13.9 + - name: FRR_CONFIG_FILE + value: /etc/frr_reloader/frr.conf + - name: FRR_RELOADER_PID_FILE + value: /etc/frr_reloader/reloader.pid + - name: METALLB_BGP_TYPE + value: frr + image: quay.io/metallb/speaker:v0.13.12 livenessProbe: failureThreshold: 3 httpGet: @@ -85,10 +197,118 @@ spec: volumeMounts: - mountPath: /etc/ml_secret_key name: memberlist + - mountPath: /etc/frr_reloader + name: reloader + - mountPath: /etc/metallb + name: metallb-excludel2 + - command: + - /bin/sh + - -c + - | + /sbin/tini -- /usr/lib/frr/docker-start & + attempts=0 + until [[ -f /etc/frr/frr.log || $attempts -eq 60 ]]; do + sleep 1 + attempts=$(( $attempts + 1 )) + done + tail -f /etc/frr/frr.log + env: + - name: TINI_SUBREAPER + value: 'true' + image: quay.io/frrouting/frr:8.5.2 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: 7473 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: frr + securityContext: + capabilities: + add: + - NET_ADMIN + - NET_RAW + - SYS_ADMIN + - NET_BIND_SERVICE + startupProbe: + failureThreshold: 30 + httpGet: + path: /livez + port: 7473 + periodSeconds: 5 + volumeMounts: + - mountPath: /var/run/frr + name: frr-sockets + - mountPath: /etc/frr + name: frr-conf + - command: + - /etc/frr_reloader/frr-reloader.sh + image: quay.io/frrouting/frr:8.5.2 + name: reloader + volumeMounts: + - mountPath: /var/run/frr + name: frr-sockets + - mountPath: /etc/frr + name: frr-conf + - mountPath: /etc/frr_reloader + name: reloader + - args: + - --metrics-port=7473 + command: + - /etc/frr_metrics/frr-metrics + image: quay.io/frrouting/frr:8.5.2 + name: frr-metrics + ports: + - containerPort: 7473 + name: monitoring + volumeMounts: + - mountPath: /var/run/frr + name: frr-sockets + - mountPath: /etc/frr + name: frr-conf + - mountPath: /etc/frr_metrics + name: metrics hostNetwork: true + initContainers: + - command: + - /bin/sh + - -c + - cp -rLf /tmp/frr/* /etc/frr/ + image: quay.io/frrouting/frr:8.5.2 + name: cp-frr-files + securityContext: + runAsGroup: 101 + runAsUser: 100 + volumeMounts: + - mountPath: /tmp/frr + name: frr-startup + - mountPath: /etc/frr + name: frr-conf + - command: + - /bin/sh + - -c + - cp -f /frr-reloader.sh /etc/frr_reloader/ + image: quay.io/metallb/speaker:v0.13.12 + name: cp-reloader + volumeMounts: + - mountPath: /etc/frr_reloader + name: reloader + - command: + - /bin/sh + - -c + - cp -f /frr-metrics /etc/frr_metrics/ + image: quay.io/metallb/speaker:v0.13.12 + name: cp-metrics + volumeMounts: + - mountPath: /etc/frr_metrics + name: metrics nodeSelector: kubernetes.io/os: linux serviceAccountName: metallb-speaker + shareProcessNamespace: true terminationGracePeriodSeconds: 0 tolerations: - effect: NoSchedule @@ -102,5 +322,20 @@ spec: secret: defaultMode: 420 secretName: metallb-memberlist + - configMap: + defaultMode: 256 + name: metallb-excludel2 + name: metallb-excludel2 + - emptyDir: {} + name: frr-sockets + - configMap: + name: metallb-frr-startup + name: frr-startup + - emptyDir: {} + name: frr-conf + - emptyDir: {} + name: reloader + - emptyDir: {} + name: metrics updateStrategy: type: RollingUpdate diff --git a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml index 9caf69c..50130b7 100644 --- a/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml +++ b/tests/golden/addresses/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml @@ -5,9 +5,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: webhook-server-cert + namespace: syn-metallb --- apiVersion: v1 kind: Service @@ -16,9 +17,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-webhook-service + namespace: syn-metallb spec: ports: - port: 443 @@ -35,8 +37,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-webhook-configuration webhooks: - admissionReviewVersions: diff --git a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml index 1391e13..8d1a719 100644 --- a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml +++ b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml @@ -6,9 +6,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb spec: selector: matchLabels: @@ -34,7 +35,9 @@ spec: value: metallb-memberlist - name: METALLB_DEPLOYMENT value: metallb-controller - image: quay.io/metallb/controller:v0.13.9 + - name: METALLB_BGP_TYPE + value: frr + image: quay.io/metallb/controller:v0.13.12 livenessProbe: failureThreshold: 3 httpGet: diff --git a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml new file mode 100644 index 0000000..ec12dd0 --- /dev/null +++ b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +data: + excludel2.yaml: | + announcedInterfacesToExclude: + - ^docker.* + - ^cbr.* + - ^dummy.* + - ^virbr.* + - ^lxcbr.* + - ^veth.* + - ^lo$ + - ^cali.* + - ^tunl.* + - ^flannel.* + - ^kube-ipvs.* + - ^cni.* + - ^nodelocaldns.* +kind: ConfigMap +metadata: + name: metallb-excludel2 + namespace: syn-metallb diff --git a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml index cc119b1..9bbc359 100644 --- a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml +++ b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml @@ -5,8 +5,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:controller rules: - apiGroups: @@ -18,6 +18,12 @@ rules: - get - list - watch + - apiGroups: + - '' + resources: + - nodes + verbs: + - list - apiGroups: - '' resources: @@ -89,8 +95,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:speaker rules: - apiGroups: @@ -127,8 +133,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:controller roleRef: apiGroup: rbac.authorization.k8s.io @@ -146,8 +152,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:speaker roleRef: apiGroup: rbac.authorization.k8s.io @@ -165,9 +171,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-pod-lister + namespace: syn-metallb rules: - apiGroups: - '' @@ -183,6 +190,14 @@ rules: - get - list - watch + - apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - list + - watch - apiGroups: - metallb.io resources: @@ -247,9 +262,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb rules: - apiGroups: - '' @@ -349,9 +365,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-pod-lister + namespace: syn-metallb roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -367,9 +384,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml index fc4d8c3..33c8d36 100644 --- a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml +++ b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml @@ -6,9 +6,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb --- apiVersion: v1 kind: ServiceAccount @@ -18,6 +19,7 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-speaker + namespace: syn-metallb diff --git a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml index bb77aed..8922586 100644 --- a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml +++ b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml @@ -1,3 +1,108 @@ +apiVersion: v1 +data: + daemons: | + # This file tells the frr package which daemons to start. + # + # Sample configurations for these daemons can be found in + # /usr/share/doc/frr/examples/. + # + # ATTENTION: + # + # When activating a daemon for the first time, a config file, even if it is + # empty, has to be present *and* be owned by the user and group "frr", else + # the daemon will not be started by /etc/init.d/frr. The permissions should + # be u=rw,g=r,o=. + # When using "vtysh" such a config file is also needed. It should be owned by + # group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too. + # + # The watchfrr and zebra daemons are always started. + # + bgpd=yes + ospfd=no + ospf6d=no + ripd=no + ripngd=no + isisd=no + pimd=no + ldpd=no + nhrpd=no + eigrpd=no + babeld=no + sharpd=no + pbrd=no + bfdd=yes + fabricd=no + vrrpd=no + + # + # If this option is set the /etc/init.d/frr script automatically loads + # the config via "vtysh -b" when the servers are started. + # Check /etc/pam.d/frr if you intend to use "vtysh"! + # + vtysh_enable=yes + zebra_options=" -A 127.0.0.1 -s 90000000" + bgpd_options=" -A 127.0.0.1 -p 0" + ospfd_options=" -A 127.0.0.1" + ospf6d_options=" -A ::1" + ripd_options=" -A 127.0.0.1" + ripngd_options=" -A ::1" + isisd_options=" -A 127.0.0.1" + pimd_options=" -A 127.0.0.1" + ldpd_options=" -A 127.0.0.1" + nhrpd_options=" -A 127.0.0.1" + eigrpd_options=" -A 127.0.0.1" + babeld_options=" -A 127.0.0.1" + sharpd_options=" -A 127.0.0.1" + pbrd_options=" -A 127.0.0.1" + staticd_options="-A 127.0.0.1" + bfdd_options=" -A 127.0.0.1" + fabricd_options="-A 127.0.0.1" + vrrpd_options=" -A 127.0.0.1" + + # configuration profile + # + #frr_profile="traditional" + #frr_profile="datacenter" + + # + # This is the maximum number of FD's that will be available. + # Upon startup this is read by the control files and ulimit + # is called. Uncomment and use a reasonable value for your + # setup if you are expecting a large number of peers in + # say BGP. + #MAX_FDS=1024 + + # The list of daemons to watch is automatically generated by the init script. + #watchfrr_options="" + + # for debugging purposes, you can specify a "wrap" command to start instead + # of starting the daemon directly, e.g. to use valgrind on ospfd: + # ospfd_wrap="/usr/bin/valgrind" + # or you can use "all_wrap" for all daemons, e.g. to use perf record: + # all_wrap="/usr/bin/perf record --call-graph -" + # the normal daemon command is added to this at the end. + frr.conf: | + ! This file gets overriden the first time the speaker renders a config. + ! So anything configured here is only temporary. + frr version 7.5.1 + frr defaults traditional + hostname Router + line vty + log file /etc/frr/frr.log informational + vtysh.conf: | + service integrated-vtysh-config +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: speaker + app.kubernetes.io/instance: metallb + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: metallb + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 + name: metallb-frr-startup + namespace: syn-metallb +--- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -6,9 +111,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-speaker + namespace: syn-metallb spec: selector: matchLabels: @@ -45,7 +151,13 @@ spec: value: '7946' - name: METALLB_ML_SECRET_KEY_PATH value: /etc/ml_secret_key - image: quay.io/metallb/speaker:v0.13.9 + - name: FRR_CONFIG_FILE + value: /etc/frr_reloader/frr.conf + - name: FRR_RELOADER_PID_FILE + value: /etc/frr_reloader/reloader.pid + - name: METALLB_BGP_TYPE + value: frr + image: quay.io/metallb/speaker:v0.13.12 livenessProbe: failureThreshold: 3 httpGet: @@ -85,10 +197,118 @@ spec: volumeMounts: - mountPath: /etc/ml_secret_key name: memberlist + - mountPath: /etc/frr_reloader + name: reloader + - mountPath: /etc/metallb + name: metallb-excludel2 + - command: + - /bin/sh + - -c + - | + /sbin/tini -- /usr/lib/frr/docker-start & + attempts=0 + until [[ -f /etc/frr/frr.log || $attempts -eq 60 ]]; do + sleep 1 + attempts=$(( $attempts + 1 )) + done + tail -f /etc/frr/frr.log + env: + - name: TINI_SUBREAPER + value: 'true' + image: quay.io/frrouting/frr:8.5.2 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: 7473 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: frr + securityContext: + capabilities: + add: + - NET_ADMIN + - NET_RAW + - SYS_ADMIN + - NET_BIND_SERVICE + startupProbe: + failureThreshold: 30 + httpGet: + path: /livez + port: 7473 + periodSeconds: 5 + volumeMounts: + - mountPath: /var/run/frr + name: frr-sockets + - mountPath: /etc/frr + name: frr-conf + - command: + - /etc/frr_reloader/frr-reloader.sh + image: quay.io/frrouting/frr:8.5.2 + name: reloader + volumeMounts: + - mountPath: /var/run/frr + name: frr-sockets + - mountPath: /etc/frr + name: frr-conf + - mountPath: /etc/frr_reloader + name: reloader + - args: + - --metrics-port=7473 + command: + - /etc/frr_metrics/frr-metrics + image: quay.io/frrouting/frr:8.5.2 + name: frr-metrics + ports: + - containerPort: 7473 + name: monitoring + volumeMounts: + - mountPath: /var/run/frr + name: frr-sockets + - mountPath: /etc/frr + name: frr-conf + - mountPath: /etc/frr_metrics + name: metrics hostNetwork: true + initContainers: + - command: + - /bin/sh + - -c + - cp -rLf /tmp/frr/* /etc/frr/ + image: quay.io/frrouting/frr:8.5.2 + name: cp-frr-files + securityContext: + runAsGroup: 101 + runAsUser: 100 + volumeMounts: + - mountPath: /tmp/frr + name: frr-startup + - mountPath: /etc/frr + name: frr-conf + - command: + - /bin/sh + - -c + - cp -f /frr-reloader.sh /etc/frr_reloader/ + image: quay.io/metallb/speaker:v0.13.12 + name: cp-reloader + volumeMounts: + - mountPath: /etc/frr_reloader + name: reloader + - command: + - /bin/sh + - -c + - cp -f /frr-metrics /etc/frr_metrics/ + image: quay.io/metallb/speaker:v0.13.12 + name: cp-metrics + volumeMounts: + - mountPath: /etc/frr_metrics + name: metrics nodeSelector: kubernetes.io/os: linux serviceAccountName: metallb-speaker + shareProcessNamespace: true terminationGracePeriodSeconds: 0 tolerations: - effect: NoSchedule @@ -102,5 +322,20 @@ spec: secret: defaultMode: 420 secretName: metallb-memberlist + - configMap: + defaultMode: 256 + name: metallb-excludel2 + name: metallb-excludel2 + - emptyDir: {} + name: frr-sockets + - configMap: + name: metallb-frr-startup + name: frr-startup + - emptyDir: {} + name: frr-conf + - emptyDir: {} + name: reloader + - emptyDir: {} + name: metrics updateStrategy: type: RollingUpdate diff --git a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml index 9caf69c..50130b7 100644 --- a/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml +++ b/tests/golden/defaults/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml @@ -5,9 +5,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: webhook-server-cert + namespace: syn-metallb --- apiVersion: v1 kind: Service @@ -16,9 +17,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-webhook-service + namespace: syn-metallb spec: ports: - port: 443 @@ -35,8 +37,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-webhook-configuration webhooks: - admissionReviewVersions: diff --git a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml index 1391e13..8d1a719 100644 --- a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml +++ b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/controller.yaml @@ -6,9 +6,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb spec: selector: matchLabels: @@ -34,7 +35,9 @@ spec: value: metallb-memberlist - name: METALLB_DEPLOYMENT value: metallb-controller - image: quay.io/metallb/controller:v0.13.9 + - name: METALLB_BGP_TYPE + value: frr + image: quay.io/metallb/controller:v0.13.12 livenessProbe: failureThreshold: 3 httpGet: diff --git a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml new file mode 100644 index 0000000..ec12dd0 --- /dev/null +++ b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/exclude-l2-config.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +data: + excludel2.yaml: | + announcedInterfacesToExclude: + - ^docker.* + - ^cbr.* + - ^dummy.* + - ^virbr.* + - ^lxcbr.* + - ^veth.* + - ^lo$ + - ^cali.* + - ^tunl.* + - ^flannel.* + - ^kube-ipvs.* + - ^cni.* + - ^nodelocaldns.* +kind: ConfigMap +metadata: + name: metallb-excludel2 + namespace: syn-metallb diff --git a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml index cc119b1..9bbc359 100644 --- a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml +++ b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/rbac.yaml @@ -5,8 +5,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:controller rules: - apiGroups: @@ -18,6 +18,12 @@ rules: - get - list - watch + - apiGroups: + - '' + resources: + - nodes + verbs: + - list - apiGroups: - '' resources: @@ -89,8 +95,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:speaker rules: - apiGroups: @@ -127,8 +133,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:controller roleRef: apiGroup: rbac.authorization.k8s.io @@ -146,8 +152,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb:speaker roleRef: apiGroup: rbac.authorization.k8s.io @@ -165,9 +171,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-pod-lister + namespace: syn-metallb rules: - apiGroups: - '' @@ -183,6 +190,14 @@ rules: - get - list - watch + - apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - list + - watch - apiGroups: - metallb.io resources: @@ -247,9 +262,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb rules: - apiGroups: - '' @@ -349,9 +365,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-pod-lister + namespace: syn-metallb roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -367,9 +384,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml index fc4d8c3..33c8d36 100644 --- a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml +++ b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/service-accounts.yaml @@ -6,9 +6,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-controller + namespace: syn-metallb --- apiVersion: v1 kind: ServiceAccount @@ -18,6 +19,7 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-speaker + namespace: syn-metallb diff --git a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml index bb77aed..8922586 100644 --- a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml +++ b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/speaker.yaml @@ -1,3 +1,108 @@ +apiVersion: v1 +data: + daemons: | + # This file tells the frr package which daemons to start. + # + # Sample configurations for these daemons can be found in + # /usr/share/doc/frr/examples/. + # + # ATTENTION: + # + # When activating a daemon for the first time, a config file, even if it is + # empty, has to be present *and* be owned by the user and group "frr", else + # the daemon will not be started by /etc/init.d/frr. The permissions should + # be u=rw,g=r,o=. + # When using "vtysh" such a config file is also needed. It should be owned by + # group "frrvty" and set to ug=rw,o= though. Check /etc/pam.d/frr, too. + # + # The watchfrr and zebra daemons are always started. + # + bgpd=yes + ospfd=no + ospf6d=no + ripd=no + ripngd=no + isisd=no + pimd=no + ldpd=no + nhrpd=no + eigrpd=no + babeld=no + sharpd=no + pbrd=no + bfdd=yes + fabricd=no + vrrpd=no + + # + # If this option is set the /etc/init.d/frr script automatically loads + # the config via "vtysh -b" when the servers are started. + # Check /etc/pam.d/frr if you intend to use "vtysh"! + # + vtysh_enable=yes + zebra_options=" -A 127.0.0.1 -s 90000000" + bgpd_options=" -A 127.0.0.1 -p 0" + ospfd_options=" -A 127.0.0.1" + ospf6d_options=" -A ::1" + ripd_options=" -A 127.0.0.1" + ripngd_options=" -A ::1" + isisd_options=" -A 127.0.0.1" + pimd_options=" -A 127.0.0.1" + ldpd_options=" -A 127.0.0.1" + nhrpd_options=" -A 127.0.0.1" + eigrpd_options=" -A 127.0.0.1" + babeld_options=" -A 127.0.0.1" + sharpd_options=" -A 127.0.0.1" + pbrd_options=" -A 127.0.0.1" + staticd_options="-A 127.0.0.1" + bfdd_options=" -A 127.0.0.1" + fabricd_options="-A 127.0.0.1" + vrrpd_options=" -A 127.0.0.1" + + # configuration profile + # + #frr_profile="traditional" + #frr_profile="datacenter" + + # + # This is the maximum number of FD's that will be available. + # Upon startup this is read by the control files and ulimit + # is called. Uncomment and use a reasonable value for your + # setup if you are expecting a large number of peers in + # say BGP. + #MAX_FDS=1024 + + # The list of daemons to watch is automatically generated by the init script. + #watchfrr_options="" + + # for debugging purposes, you can specify a "wrap" command to start instead + # of starting the daemon directly, e.g. to use valgrind on ospfd: + # ospfd_wrap="/usr/bin/valgrind" + # or you can use "all_wrap" for all daemons, e.g. to use perf record: + # all_wrap="/usr/bin/perf record --call-graph -" + # the normal daemon command is added to this at the end. + frr.conf: | + ! This file gets overriden the first time the speaker renders a config. + ! So anything configured here is only temporary. + frr version 7.5.1 + frr defaults traditional + hostname Router + line vty + log file /etc/frr/frr.log informational + vtysh.conf: | + service integrated-vtysh-config +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/component: speaker + app.kubernetes.io/instance: metallb + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: metallb + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 + name: metallb-frr-startup + namespace: syn-metallb +--- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -6,9 +111,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-speaker + namespace: syn-metallb spec: selector: matchLabels: @@ -45,7 +151,13 @@ spec: value: '7946' - name: METALLB_ML_SECRET_KEY_PATH value: /etc/ml_secret_key - image: quay.io/metallb/speaker:v0.13.9 + - name: FRR_CONFIG_FILE + value: /etc/frr_reloader/frr.conf + - name: FRR_RELOADER_PID_FILE + value: /etc/frr_reloader/reloader.pid + - name: METALLB_BGP_TYPE + value: frr + image: quay.io/metallb/speaker:v0.13.12 livenessProbe: failureThreshold: 3 httpGet: @@ -85,10 +197,118 @@ spec: volumeMounts: - mountPath: /etc/ml_secret_key name: memberlist + - mountPath: /etc/frr_reloader + name: reloader + - mountPath: /etc/metallb + name: metallb-excludel2 + - command: + - /bin/sh + - -c + - | + /sbin/tini -- /usr/lib/frr/docker-start & + attempts=0 + until [[ -f /etc/frr/frr.log || $attempts -eq 60 ]]; do + sleep 1 + attempts=$(( $attempts + 1 )) + done + tail -f /etc/frr/frr.log + env: + - name: TINI_SUBREAPER + value: 'true' + image: quay.io/frrouting/frr:8.5.2 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: 7473 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: frr + securityContext: + capabilities: + add: + - NET_ADMIN + - NET_RAW + - SYS_ADMIN + - NET_BIND_SERVICE + startupProbe: + failureThreshold: 30 + httpGet: + path: /livez + port: 7473 + periodSeconds: 5 + volumeMounts: + - mountPath: /var/run/frr + name: frr-sockets + - mountPath: /etc/frr + name: frr-conf + - command: + - /etc/frr_reloader/frr-reloader.sh + image: quay.io/frrouting/frr:8.5.2 + name: reloader + volumeMounts: + - mountPath: /var/run/frr + name: frr-sockets + - mountPath: /etc/frr + name: frr-conf + - mountPath: /etc/frr_reloader + name: reloader + - args: + - --metrics-port=7473 + command: + - /etc/frr_metrics/frr-metrics + image: quay.io/frrouting/frr:8.5.2 + name: frr-metrics + ports: + - containerPort: 7473 + name: monitoring + volumeMounts: + - mountPath: /var/run/frr + name: frr-sockets + - mountPath: /etc/frr + name: frr-conf + - mountPath: /etc/frr_metrics + name: metrics hostNetwork: true + initContainers: + - command: + - /bin/sh + - -c + - cp -rLf /tmp/frr/* /etc/frr/ + image: quay.io/frrouting/frr:8.5.2 + name: cp-frr-files + securityContext: + runAsGroup: 101 + runAsUser: 100 + volumeMounts: + - mountPath: /tmp/frr + name: frr-startup + - mountPath: /etc/frr + name: frr-conf + - command: + - /bin/sh + - -c + - cp -f /frr-reloader.sh /etc/frr_reloader/ + image: quay.io/metallb/speaker:v0.13.12 + name: cp-reloader + volumeMounts: + - mountPath: /etc/frr_reloader + name: reloader + - command: + - /bin/sh + - -c + - cp -f /frr-metrics /etc/frr_metrics/ + image: quay.io/metallb/speaker:v0.13.12 + name: cp-metrics + volumeMounts: + - mountPath: /etc/frr_metrics + name: metrics nodeSelector: kubernetes.io/os: linux serviceAccountName: metallb-speaker + shareProcessNamespace: true terminationGracePeriodSeconds: 0 tolerations: - effect: NoSchedule @@ -102,5 +322,20 @@ spec: secret: defaultMode: 420 secretName: metallb-memberlist + - configMap: + defaultMode: 256 + name: metallb-excludel2 + name: metallb-excludel2 + - emptyDir: {} + name: frr-sockets + - configMap: + name: metallb-frr-startup + name: frr-startup + - emptyDir: {} + name: frr-conf + - emptyDir: {} + name: reloader + - emptyDir: {} + name: metrics updateStrategy: type: RollingUpdate diff --git a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml index 9caf69c..50130b7 100644 --- a/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml +++ b/tests/golden/legacy/metallb/metallb/10_metallb_helmchart/metallb/templates/webhooks.yaml @@ -5,9 +5,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: webhook-server-cert + namespace: syn-metallb --- apiVersion: v1 kind: Service @@ -16,9 +17,10 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-webhook-service + namespace: syn-metallb spec: ports: - port: 443 @@ -35,8 +37,8 @@ metadata: app.kubernetes.io/instance: metallb app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: metallb - app.kubernetes.io/version: v0.13.9 - helm.sh/chart: metallb-0.13.9 + app.kubernetes.io/version: v0.13.12 + helm.sh/chart: metallb-0.13.12 name: metallb-webhook-configuration webhooks: - admissionReviewVersions: