diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 74a2d17795..5a33bd65ea 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -58,10 +58,6 @@ packages/rancher-logging @rancher/observation-backup
# Rancher Monitoring
packages/rancher-monitoring @rancher/observation-backup
-# Rancher SRIOV
-packages/rancher-sriov @rancher/rke1-team
-packages/rancher-nfd @rancher/rke1-team
-
# Rancher Provisioning CAPI
packages/rancher-provisioning-capi @rancher/rancher-team-2-hostbusters-dev
diff --git a/.github/workflows/validation-comment.yaml b/.github/workflows/validation-comment.yaml
index 4f71508b34..ce07053106 100644
--- a/.github/workflows/validation-comment.yaml
+++ b/.github/workflows/validation-comment.yaml
@@ -31,9 +31,11 @@ jobs:
- Ensure all container images have repository and tag on the same level to ensure that all container images are included in rancher-images.txt which are used by airgap customers.
Ex:-
- longhorn-controller:
- repository: rancher/hardened-sriov-cni
- tag: v2.6.3-build20230913
+ engine:
+ # -- Repository for the Longhorn Engine image.
+ repository: rancher/mirrored-longhornio-longhorn-engine
+ # -- Specify Longhorn engine image tag
+ tag: v1.6.2
- Add a 👍 (thumbs up) reaction to this comment once done. CI won't pass without this reaction to the github-action bot's latest validation comment.
- Approve the PR to run the CI check.`
diff --git a/assets/sriov-crd/sriov-crd-101.0.1+up0.1.0.tgz b/assets/sriov-crd/sriov-crd-101.0.1+up0.1.0.tgz
deleted file mode 100644
index 79142ff091..0000000000
Binary files a/assets/sriov-crd/sriov-crd-101.0.1+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov-crd/sriov-crd-102.0.0+up0.1.0.tgz b/assets/sriov-crd/sriov-crd-102.0.0+up0.1.0.tgz
deleted file mode 100644
index faf9339a60..0000000000
Binary files a/assets/sriov-crd/sriov-crd-102.0.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov-crd/sriov-crd-102.1.0+up0.1.0.tgz b/assets/sriov-crd/sriov-crd-102.1.0+up0.1.0.tgz
deleted file mode 100644
index 61924f2b7c..0000000000
Binary files a/assets/sriov-crd/sriov-crd-102.1.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov-crd/sriov-crd-102.2.0+up0.1.0.tgz b/assets/sriov-crd/sriov-crd-102.2.0+up0.1.0.tgz
deleted file mode 100644
index dd35cdca49..0000000000
Binary files a/assets/sriov-crd/sriov-crd-102.2.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov-crd/sriov-crd-103.0.0+up0.1.0.tgz b/assets/sriov-crd/sriov-crd-103.0.0+up0.1.0.tgz
deleted file mode 100644
index c99d6302e1..0000000000
Binary files a/assets/sriov-crd/sriov-crd-103.0.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov-crd/sriov-crd-103.1.0+up0.1.0.tgz b/assets/sriov-crd/sriov-crd-103.1.0+up0.1.0.tgz
deleted file mode 100644
index 121101825b..0000000000
Binary files a/assets/sriov-crd/sriov-crd-103.1.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov-crd/sriov-crd-104.0.0+up0.1.0.tgz b/assets/sriov-crd/sriov-crd-104.0.0+up0.1.0.tgz
deleted file mode 100644
index 3f197f4556..0000000000
Binary files a/assets/sriov-crd/sriov-crd-104.0.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov-crd/sriov-crd-104.1.0+up0.1.0.tgz b/assets/sriov-crd/sriov-crd-104.1.0+up0.1.0.tgz
deleted file mode 100644
index 6ff8092d98..0000000000
Binary files a/assets/sriov-crd/sriov-crd-104.1.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov-crd/sriov-crd-104.2.0+up0.1.0.tgz b/assets/sriov-crd/sriov-crd-104.2.0+up0.1.0.tgz
deleted file mode 100644
index 0e9d2585e7..0000000000
Binary files a/assets/sriov-crd/sriov-crd-104.2.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov-crd/sriov-crd-104.3.0+up1.3.0.tgz b/assets/sriov-crd/sriov-crd-104.3.0+up1.3.0.tgz
deleted file mode 100644
index 2379c45672..0000000000
Binary files a/assets/sriov-crd/sriov-crd-104.3.0+up1.3.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-101.0.1+up0.1.0.tgz b/assets/sriov/sriov-101.0.1+up0.1.0.tgz
deleted file mode 100644
index ac94ed2e5e..0000000000
Binary files a/assets/sriov/sriov-101.0.1+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-102.0.0+up0.1.0.tgz b/assets/sriov/sriov-102.0.0+up0.1.0.tgz
deleted file mode 100644
index 9092c735ca..0000000000
Binary files a/assets/sriov/sriov-102.0.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-102.1.0+up0.1.0.tgz b/assets/sriov/sriov-102.1.0+up0.1.0.tgz
deleted file mode 100644
index de491bd1cf..0000000000
Binary files a/assets/sriov/sriov-102.1.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-102.2.0+up0.1.0.tgz b/assets/sriov/sriov-102.2.0+up0.1.0.tgz
deleted file mode 100644
index 2e5e7480b7..0000000000
Binary files a/assets/sriov/sriov-102.2.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-103.0.0+up0.1.0.tgz b/assets/sriov/sriov-103.0.0+up0.1.0.tgz
deleted file mode 100644
index d1b1385316..0000000000
Binary files a/assets/sriov/sriov-103.0.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-103.1.0+up0.1.0.tgz b/assets/sriov/sriov-103.1.0+up0.1.0.tgz
deleted file mode 100644
index 78109553d9..0000000000
Binary files a/assets/sriov/sriov-103.1.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-104.0.0+up0.1.0.tgz b/assets/sriov/sriov-104.0.0+up0.1.0.tgz
deleted file mode 100644
index 3eb476abda..0000000000
Binary files a/assets/sriov/sriov-104.0.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-104.1.0+up0.1.0.tgz b/assets/sriov/sriov-104.1.0+up0.1.0.tgz
deleted file mode 100644
index c18aac737c..0000000000
Binary files a/assets/sriov/sriov-104.1.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-104.2.0+up0.1.0.tgz b/assets/sriov/sriov-104.2.0+up0.1.0.tgz
deleted file mode 100644
index 23afabea75..0000000000
Binary files a/assets/sriov/sriov-104.2.0+up0.1.0.tgz and /dev/null differ
diff --git a/assets/sriov/sriov-104.3.0+up1.3.0.tgz b/assets/sriov/sriov-104.3.0+up1.3.0.tgz
deleted file mode 100644
index 3cc6676df9..0000000000
Binary files a/assets/sriov/sriov-104.3.0+up1.3.0.tgz and /dev/null differ
diff --git a/charts/sriov-crd/101.0.1+up0.1.0/Chart.yaml b/charts/sriov-crd/101.0.1+up0.1.0/Chart.yaml
deleted file mode 100644
index 449e74f52a..0000000000
--- a/charts/sriov-crd/101.0.1+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-description: Installs the CRDs for rke2-sriov.
-name: sriov-crd
-type: application
-version: 101.0.1+up0.1.0
diff --git a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index 6137e52c7b..0000000000
--- a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (infinibandGUID), e.g. ''{"infinibandGUID": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index f9b7ecfdfe..0000000000
--- a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- deviceType:
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index 8ccd4ef294..0000000000
--- a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,159 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- dpConfigVersion:
- type: string
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index 275f23773c..0000000000
--- a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: 'Name is mandatory and must be unique. On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig On OpenShift: Name
- is the name of MachineConfigPool to be enabled with OVS hardware
- offload'
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index b0c84e17a2..0000000000
--- a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (mac|ips), e.g. ''{"mac": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 04f3143cca..0000000000
--- a/charts/sriov-crd/101.0.1+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.0.0+up0.1.0/Chart.yaml b/charts/sriov-crd/102.0.0+up0.1.0/Chart.yaml
deleted file mode 100644
index 8f623bbfaf..0000000000
--- a/charts/sriov-crd/102.0.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-description: Installs the CRDs for rke2-sriov.
-name: sriov-crd
-type: application
-version: 102.0.0+up0.1.0
diff --git a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index 6137e52c7b..0000000000
--- a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (infinibandGUID), e.g. ''{"infinibandGUID": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index f9b7ecfdfe..0000000000
--- a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- deviceType:
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index 8ccd4ef294..0000000000
--- a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,159 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- dpConfigVersion:
- type: string
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index 275f23773c..0000000000
--- a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: 'Name is mandatory and must be unique. On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig On OpenShift: Name
- is the name of MachineConfigPool to be enabled with OVS hardware
- offload'
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index b0c84e17a2..0000000000
--- a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (mac|ips), e.g. ''{"mac": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 04f3143cca..0000000000
--- a/charts/sriov-crd/102.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.1.0+up0.1.0/Chart.yaml b/charts/sriov-crd/102.1.0+up0.1.0/Chart.yaml
deleted file mode 100644
index c3d06dc6c3..0000000000
--- a/charts/sriov-crd/102.1.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-description: Installs the CRDs for rke2-sriov.
-name: sriov-crd
-type: application
-version: 102.1.0+up0.1.0
diff --git a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index 6137e52c7b..0000000000
--- a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (infinibandGUID), e.g. ''{"infinibandGUID": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index f9b7ecfdfe..0000000000
--- a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- deviceType:
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index 8ccd4ef294..0000000000
--- a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,159 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- dpConfigVersion:
- type: string
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index 275f23773c..0000000000
--- a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: 'Name is mandatory and must be unique. On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig On OpenShift: Name
- is the name of MachineConfigPool to be enabled with OVS hardware
- offload'
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index b0c84e17a2..0000000000
--- a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (mac|ips), e.g. ''{"mac": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 04f3143cca..0000000000
--- a/charts/sriov-crd/102.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.2.0+up0.1.0/Chart.yaml b/charts/sriov-crd/102.2.0+up0.1.0/Chart.yaml
deleted file mode 100644
index 31329c8e7b..0000000000
--- a/charts/sriov-crd/102.2.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-description: Installs the CRDs for rke2-sriov.
-name: sriov-crd
-type: application
-version: 102.2.0+up0.1.0
diff --git a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index 6137e52c7b..0000000000
--- a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (infinibandGUID), e.g. ''{"infinibandGUID": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index f9b7ecfdfe..0000000000
--- a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- deviceType:
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index 8ccd4ef294..0000000000
--- a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,159 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- dpConfigVersion:
- type: string
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index 275f23773c..0000000000
--- a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: 'Name is mandatory and must be unique. On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig On OpenShift: Name
- is the name of MachineConfigPool to be enabled with OVS hardware
- offload'
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index b0c84e17a2..0000000000
--- a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (mac|ips), e.g. ''{"mac": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 04f3143cca..0000000000
--- a/charts/sriov-crd/102.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.0.0+up0.1.0/Chart.yaml b/charts/sriov-crd/103.0.0+up0.1.0/Chart.yaml
deleted file mode 100644
index c56ee39620..0000000000
--- a/charts/sriov-crd/103.0.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-description: Installs the CRDs for rke2-sriov.
-name: sriov-crd
-type: application
-version: 103.0.0+up0.1.0
diff --git a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index 6137e52c7b..0000000000
--- a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (infinibandGUID), e.g. ''{"infinibandGUID": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index f9b7ecfdfe..0000000000
--- a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- deviceType:
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index 8ccd4ef294..0000000000
--- a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,159 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- dpConfigVersion:
- type: string
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index 275f23773c..0000000000
--- a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: 'Name is mandatory and must be unique. On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig On OpenShift: Name
- is the name of MachineConfigPool to be enabled with OVS hardware
- offload'
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index b0c84e17a2..0000000000
--- a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (mac|ips), e.g. ''{"mac": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 04f3143cca..0000000000
--- a/charts/sriov-crd/103.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.1.0+up0.1.0/Chart.yaml b/charts/sriov-crd/103.1.0+up0.1.0/Chart.yaml
deleted file mode 100644
index a4b8150414..0000000000
--- a/charts/sriov-crd/103.1.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-description: Installs the CRDs for rke2-sriov.
-name: sriov-crd
-type: application
-version: 103.1.0+up0.1.0
diff --git a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index 6137e52c7b..0000000000
--- a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,79 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (infinibandGUID), e.g. ''{"infinibandGUID": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index f9b7ecfdfe..0000000000
--- a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- deviceType:
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index 8ccd4ef294..0000000000
--- a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,159 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- dpConfigVersion:
- type: string
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index 275f23773c..0000000000
--- a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: 'Name is mandatory and must be unique. On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig On OpenShift: Name
- is the name of MachineConfigPool to be enabled with OVS hardware
- offload'
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index b0c84e17a2..0000000000
--- a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (mac|ips), e.g. ''{"mac": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 04f3143cca..0000000000
--- a/charts/sriov-crd/103.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.4.1
- creationTimestamp: null
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov-crd/104.0.0+up0.1.0/Chart.yaml b/charts/sriov-crd/104.0.0+up0.1.0/Chart.yaml
deleted file mode 100644
index 83bb6443b4..0000000000
--- a/charts/sriov-crd/104.0.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-description: Installs the CRDs for the SR-IOV operator
-name: sriov-crd
-type: application
-version: 104.0.0+up0.1.0
diff --git a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index d619d53628..0000000000
--- a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,72 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (infinibandGUID), e.g. ''{"infinibandGUID": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index 84da2dee3f..0000000000
--- a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,144 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- deviceType:
- default: netdevice
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- excludeTopology:
- description: Exclude device's NUMA node when advertising this resource
- by SRIOV network device plugin. Default to false.
- type: boolean
- externallyManaged:
- description: don't create the virtual function only allocated them
- to the device plugin. Defaults to false.
- type: boolean
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- vdpaType:
- description: VDPA device type. Allowed value "virtio", "vhost"
- enum:
- - virtio
- - vhost
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index 9686248215..0000000000
--- a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,173 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.syncStatus
- name: Sync Status
- type: string
- - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/desired-state
- name: Desired Sync State
- type: string
- - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/current-state
- name: Current Sync State
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- dpConfigVersion:
- type: string
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- externallyManaged:
- type: boolean
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vdpaType:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- vdpaType:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- externallyManaged:
- type: boolean
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index b819999761..0000000000
--- a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,115 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: "maxUnavailable defines either an integer number or percentage
- of nodes in the pool that can go Unavailable during an update. \n
- A value larger than 1 will mean multiple nodes going unavailable
- during the update, which may affect your workload stress on the
- remaining nodes. Drain will respect Pod Disruption Budgets (PDBs)
- such as etcd quorum guards, even if maxUnavailable is greater than
- one."
- x-kubernetes-int-or-string: true
- nodeSelector:
- description: nodeSelector specifies a label selector for Nodes
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: 'Name is mandatory and must be unique. On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig On OpenShift: Name
- is the name of MachineConfigPool to be enabled with OVS hardware
- offload'
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index 15e1bfd3f8..0000000000
--- a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,130 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (mac|ips), e.g. ''{"mac": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- logFile:
- description: LogFile sets the log file of the SRIOV CNI plugin logs.
- If unset (default), this will log to stderr and thus to multus and
- container runtime logs.
- type: string
- logLevel:
- default: info
- description: LogLevel sets the log level of the SRIOV CNI plugin -
- either of panic, error, warning, info, debug. Defaults to info if
- left blank.
- enum:
- - panic
- - error
- - warning
- - info
- - debug
- - ""
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanProto:
- description: VLAN proto to assign for the VF. Defaults to 802.1q.
- enum:
- - 802.1q
- - 802.1Q
- - 802.1ad
- - 802.1AD
- type: string
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 74b7752abc..0000000000
--- a/charts/sriov-crd/104.0.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,110 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- configurationMode:
- description: 'Flag to enable the sriov-network-config-daemon to use
- a systemd service to configure SR-IOV devices on boot Default mode:
- daemon'
- enum:
- - daemon
- - systemd
- type: string
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- disablePlugins:
- description: DisablePlugins is a list of sriov-network-config-daemon
- plugins to disable
- items:
- description: PluginNameValue defines the plugin name
- enum:
- - mellanox
- type: string
- type: array
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates to enable experimental features
- type: object
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- useCDI:
- description: Flag to enable Container Device Interface mode for SR-IOV
- Network Device Plugin
- type: boolean
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.1.0+up0.1.0/Chart.yaml b/charts/sriov-crd/104.1.0+up0.1.0/Chart.yaml
deleted file mode 100644
index be61412dfa..0000000000
--- a/charts/sriov-crd/104.1.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-deprecated: true
-description: Installs the CRDs for the SR-IOV operator
-name: sriov-crd
-type: application
-version: 104.1.0+up0.1.0
diff --git a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index d619d53628..0000000000
--- a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,72 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (infinibandGUID), e.g. ''{"infinibandGUID": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index 84da2dee3f..0000000000
--- a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,144 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- deviceType:
- default: netdevice
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- excludeTopology:
- description: Exclude device's NUMA node when advertising this resource
- by SRIOV network device plugin. Default to false.
- type: boolean
- externallyManaged:
- description: don't create the virtual function only allocated them
- to the device plugin. Defaults to false.
- type: boolean
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- vdpaType:
- description: VDPA device type. Allowed value "virtio", "vhost"
- enum:
- - virtio
- - vhost
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index 9686248215..0000000000
--- a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,173 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.syncStatus
- name: Sync Status
- type: string
- - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/desired-state
- name: Desired Sync State
- type: string
- - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/current-state
- name: Current Sync State
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- dpConfigVersion:
- type: string
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- externallyManaged:
- type: boolean
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vdpaType:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- vdpaType:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- externallyManaged:
- type: boolean
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index b819999761..0000000000
--- a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,115 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: "maxUnavailable defines either an integer number or percentage
- of nodes in the pool that can go Unavailable during an update. \n
- A value larger than 1 will mean multiple nodes going unavailable
- during the update, which may affect your workload stress on the
- remaining nodes. Drain will respect Pod Disruption Budgets (PDBs)
- such as etcd quorum guards, even if maxUnavailable is greater than
- one."
- x-kubernetes-int-or-string: true
- nodeSelector:
- description: nodeSelector specifies a label selector for Nodes
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: 'Name is mandatory and must be unique. On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig On OpenShift: Name
- is the name of MachineConfigPool to be enabled with OVS hardware
- offload'
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index 15e1bfd3f8..0000000000
--- a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,130 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (mac|ips), e.g. ''{"mac": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- logFile:
- description: LogFile sets the log file of the SRIOV CNI plugin logs.
- If unset (default), this will log to stderr and thus to multus and
- container runtime logs.
- type: string
- logLevel:
- default: info
- description: LogLevel sets the log level of the SRIOV CNI plugin -
- either of panic, error, warning, info, debug. Defaults to info if
- left blank.
- enum:
- - panic
- - error
- - warning
- - info
- - debug
- - ""
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanProto:
- description: VLAN proto to assign for the VF. Defaults to 802.1q.
- enum:
- - 802.1q
- - 802.1Q
- - 802.1ad
- - 802.1AD
- type: string
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 74b7752abc..0000000000
--- a/charts/sriov-crd/104.1.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,110 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- configurationMode:
- description: 'Flag to enable the sriov-network-config-daemon to use
- a systemd service to configure SR-IOV devices on boot Default mode:
- daemon'
- enum:
- - daemon
- - systemd
- type: string
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- disablePlugins:
- description: DisablePlugins is a list of sriov-network-config-daemon
- plugins to disable
- items:
- description: PluginNameValue defines the plugin name
- enum:
- - mellanox
- type: string
- type: array
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates to enable experimental features
- type: object
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- useCDI:
- description: Flag to enable Container Device Interface mode for SR-IOV
- Network Device Plugin
- type: boolean
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.2.0+up0.1.0/Chart.yaml b/charts/sriov-crd/104.2.0+up0.1.0/Chart.yaml
deleted file mode 100644
index a68968fbc0..0000000000
--- a/charts/sriov-crd/104.2.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-deprecated: true
-description: Installs the CRDs for the SR-IOV operator
-name: sriov-crd
-type: application
-version: 104.2.0+up0.1.0
diff --git a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index d619d53628..0000000000
--- a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,72 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (infinibandGUID), e.g. ''{"infinibandGUID": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index 84da2dee3f..0000000000
--- a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,144 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- deviceType:
- default: netdevice
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- excludeTopology:
- description: Exclude device's NUMA node when advertising this resource
- by SRIOV network device plugin. Default to false.
- type: boolean
- externallyManaged:
- description: don't create the virtual function only allocated them
- to the device plugin. Defaults to false.
- type: boolean
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- vdpaType:
- description: VDPA device type. Allowed value "virtio", "vhost"
- enum:
- - virtio
- - vhost
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index 9686248215..0000000000
--- a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,173 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.syncStatus
- name: Sync Status
- type: string
- - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/desired-state
- name: Desired Sync State
- type: string
- - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/current-state
- name: Current Sync State
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- dpConfigVersion:
- type: string
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- externallyManaged:
- type: boolean
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vdpaType:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- vdpaType:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- externallyManaged:
- type: boolean
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index b819999761..0000000000
--- a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,115 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: "maxUnavailable defines either an integer number or percentage
- of nodes in the pool that can go Unavailable during an update. \n
- A value larger than 1 will mean multiple nodes going unavailable
- during the update, which may affect your workload stress on the
- remaining nodes. Drain will respect Pod Disruption Budgets (PDBs)
- such as etcd quorum guards, even if maxUnavailable is greater than
- one."
- x-kubernetes-int-or-string: true
- nodeSelector:
- description: nodeSelector specifies a label selector for Nodes
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: 'Name is mandatory and must be unique. On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig On OpenShift: Name
- is the name of MachineConfigPool to be enabled with OVS hardware
- offload'
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index 15e1bfd3f8..0000000000
--- a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,130 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: 'Capabilities to be configured for this network. Capabilities
- supported: (mac|ips), e.g. ''{"mac": true}'''
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- logFile:
- description: LogFile sets the log file of the SRIOV CNI plugin logs.
- If unset (default), this will log to stderr and thus to multus and
- container runtime logs.
- type: string
- logLevel:
- default: info
- description: LogLevel sets the log level of the SRIOV CNI plugin -
- either of panic, error, warning, info, debug. Defaults to info if
- left blank.
- enum:
- - panic
- - error
- - warning
- - info
- - debug
- - ""
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins to the sriov interface returned by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanProto:
- description: VLAN proto to assign for the VF. Defaults to 802.1q.
- enum:
- - 802.1q
- - 802.1Q
- - 802.1ad
- - 802.1AD
- type: string
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 74b7752abc..0000000000
--- a/charts/sriov-crd/104.2.0+up0.1.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,110 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.0
- creationTimestamp: null
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- configurationMode:
- description: 'Flag to enable the sriov-network-config-daemon to use
- a systemd service to configure SR-IOV devices on boot Default mode:
- daemon'
- enum:
- - daemon
- - systemd
- type: string
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- disablePlugins:
- description: DisablePlugins is a list of sriov-network-config-daemon
- plugins to disable
- items:
- description: PluginNameValue defines the plugin name
- enum:
- - mellanox
- type: string
- type: array
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates to enable experimental features
- type: object
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- useCDI:
- description: Flag to enable Container Device Interface mode for SR-IOV
- Network Device Plugin
- type: boolean
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.3.0+up1.3.0/Chart.yaml b/charts/sriov-crd/104.3.0+up1.3.0/Chart.yaml
deleted file mode 100644
index dbaba21f45..0000000000
--- a/charts/sriov-crd/104.3.0+up1.3.0/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
-apiVersion: v2
-deprecated: true
-description: Installs the CRDs for the SR-IOV operator
-name: sriov-crd
-type: application
-version: 104.3.0+up1.3.0
diff --git a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_ovsnetworks.yaml b/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_ovsnetworks.yaml
deleted file mode 100644
index 8c4f8f9678..0000000000
--- a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_ovsnetworks.yaml
+++ /dev/null
@@ -1,105 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
- name: ovsnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: OVSNetwork
- listKind: OVSNetworkList
- plural: ovsnetworks
- singular: ovsnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: OVSNetwork is the Schema for the ovsnetworks API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: OVSNetworkSpec defines the desired state of OVSNetwork
- properties:
- bridge:
- description: |-
- name of the OVS bridge, if not set OVS will automatically select bridge
- based on VF PCI address
- type: string
- capabilities:
- description: |-
- Capabilities to be configured for this network.
- Capabilities supported: (mac|ips), e.g. '{"mac": true}'
- type: string
- interfaceType:
- description: The type of interface on ovs.
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- metaPlugins:
- description: MetaPluginsConfig configuration to be used in order to
- chain metaplugins
- type: string
- mtu:
- description: Mtu for the OVS port
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: OVS Network device plugin endpoint resource name
- type: string
- trunk:
- description: Trunk configuration for the OVS port
- items:
- description: TrunkConfig contains configuration for bridge trunk
- properties:
- id:
- maximum: 4095
- minimum: 0
- type: integer
- maxID:
- maximum: 4095
- minimum: 0
- type: integer
- minID:
- maximum: 4095
- minimum: 0
- type: integer
- type: object
- type: array
- vlan:
- description: Vlan to assign for the OVS port
- maximum: 4095
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: OVSNetworkStatus defines the observed state of OVSNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml b/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
deleted file mode 100644
index 4b4b44d92f..0000000000
--- a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovibnetworks.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
- name: sriovibnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovIBNetwork
- listKind: SriovIBNetworkList
- plural: sriovibnetworks
- singular: sriovibnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovIBNetwork is the Schema for the sriovibnetworks API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: SriovIBNetworkSpec defines the desired state of SriovIBNetwork
- properties:
- capabilities:
- description: |-
- Capabilities to be configured for this network.
- Capabilities supported: (infinibandGUID), e.g. '{"infinibandGUID": true}'
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- metaPlugins:
- description: |-
- MetaPluginsConfig configuration to be used in order to chain metaplugins to the sriov interface returned
- by the operator.
- type: string
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- required:
- - resourceName
- type: object
- status:
- description: SriovIBNetworkStatus defines the observed state of SriovIBNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml b/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
deleted file mode 100644
index 36c1050ead..0000000000
--- a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworknodepolicies.yaml
+++ /dev/null
@@ -1,209 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
- name: sriovnetworknodepolicies.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodePolicy
- listKind: SriovNetworkNodePolicyList
- plural: sriovnetworknodepolicies
- singular: sriovnetworknodepolicy
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodePolicy is the Schema for the sriovnetworknodepolicies
- API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodePolicySpec defines the desired state of SriovNetworkNodePolicy
- properties:
- bridge:
- description: |-
- contains bridge configuration for matching PFs,
- valid only for eSwitchMode==switchdev
- properties:
- ovs:
- description: contains configuration for the OVS bridge,
- properties:
- bridge:
- description: contains bridge level settings
- properties:
- datapathType:
- description: configure datapath_type field in the Bridge
- table in OVSDB
- type: string
- externalIDs:
- additionalProperties:
- type: string
- description: IDs to inject to external_ids field in the
- Bridge table in OVSDB
- type: object
- otherConfig:
- additionalProperties:
- type: string
- description: additional options to inject to other_config
- field in the bridge table in OVSDB
- type: object
- type: object
- uplink:
- description: contains settings for uplink (PF)
- properties:
- interface:
- description: contains settings for PF interface in the
- OVS bridge
- properties:
- externalIDs:
- additionalProperties:
- type: string
- description: external_ids field in the Interface table
- in OVSDB
- type: object
- options:
- additionalProperties:
- type: string
- description: options field in the Interface table
- in OVSDB
- type: object
- otherConfig:
- additionalProperties:
- type: string
- description: other_config field in the Interface table
- in OVSDB
- type: object
- type:
- description: type field in the Interface table in
- OVSDB
- type: string
- type: object
- type: object
- type: object
- type: object
- deviceType:
- default: netdevice
- description: The driver type for configured VFs. Allowed value "netdevice",
- "vfio-pci". Defaults to netdevice.
- enum:
- - netdevice
- - vfio-pci
- type: string
- eSwitchMode:
- description: NIC Device Mode. Allowed value "legacy","switchdev".
- enum:
- - legacy
- - switchdev
- type: string
- excludeTopology:
- description: Exclude device's NUMA node when advertising this resource
- by SRIOV network device plugin. Default to false.
- type: boolean
- externallyManaged:
- description: don't create the virtual function only allocated them
- to the device plugin. Defaults to false.
- type: boolean
- isRdma:
- description: RDMA mode. Defaults to false.
- type: boolean
- linkType:
- description: NIC Link Type. Allowed value "eth", "ETH", "ib", and
- "IB".
- enum:
- - eth
- - ETH
- - ib
- - IB
- type: string
- mtu:
- description: MTU of VF
- minimum: 1
- type: integer
- needVhostNet:
- description: mount vhost-net device. Defaults to false.
- type: boolean
- nicSelector:
- description: NicSelector selects the NICs to be configured
- properties:
- deviceID:
- description: The device hex code of SR-IoV device. Allowed value
- "0d58", "1572", "158b", "1013", "1015", "1017", "101b".
- type: string
- netFilter:
- description: Infrastructure Networking selection filter. Allowed
- value "openstack/NetworkID:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
- type: string
- pfNames:
- description: Name of SR-IoV PF.
- items:
- type: string
- type: array
- rootDevices:
- description: PCI address of SR-IoV PF.
- items:
- type: string
- type: array
- vendor:
- description: The vendor hex code of SR-IoV device. Allowed value
- "8086", "15b3".
- type: string
- type: object
- nodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- numVfs:
- description: Number of VFs for each PF
- minimum: 0
- type: integer
- priority:
- description: Priority of the policy, higher priority policies can
- override lower ones.
- maximum: 99
- minimum: 0
- type: integer
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- vdpaType:
- description: VDPA device type. Allowed value "virtio", "vhost"
- enum:
- - virtio
- - vhost
- type: string
- required:
- - nicSelector
- - nodeSelector
- - numVfs
- - resourceName
- type: object
- status:
- description: SriovNetworkNodePolicyStatus defines the observed state of
- SriovNetworkNodePolicy
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml b/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
deleted file mode 100644
index c5bf230c3a..0000000000
--- a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworknodestates.yaml
+++ /dev/null
@@ -1,343 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
- name: sriovnetworknodestates.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkNodeState
- listKind: SriovNetworkNodeStateList
- plural: sriovnetworknodestates
- singular: sriovnetworknodestate
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.syncStatus
- name: Sync Status
- type: string
- - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/desired-state
- name: Desired Sync State
- type: string
- - jsonPath: .metadata.annotations.sriovnetwork\.openshift\.io/current-state
- name: Current Sync State
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkNodeState is the Schema for the sriovnetworknodestates
- API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkNodeStateSpec defines the desired state of SriovNetworkNodeState
- properties:
- bridges:
- description: Bridges contains list of bridges
- properties:
- ovs:
- items:
- description: OVSConfigExt contains configuration for the concrete
- OVS bridge
- properties:
- bridge:
- description: bridge-level configuration for the bridge
- properties:
- datapathType:
- description: configure datapath_type field in the Bridge
- table in OVSDB
- type: string
- externalIDs:
- additionalProperties:
- type: string
- description: IDs to inject to external_ids field in
- the Bridge table in OVSDB
- type: object
- otherConfig:
- additionalProperties:
- type: string
- description: additional options to inject to other_config
- field in the bridge table in OVSDB
- type: object
- type: object
- name:
- description: name of the bridge
- type: string
- uplinks:
- description: |-
- uplink-level bridge configuration for each uplink(PF).
- currently must contain only one element
- items:
- description: OVSUplinkConfigExt contains configuration
- for the concrete OVS uplink(PF)
- properties:
- interface:
- description: configuration from the Interface OVS
- table for the PF
- properties:
- externalIDs:
- additionalProperties:
- type: string
- description: external_ids field in the Interface
- table in OVSDB
- type: object
- options:
- additionalProperties:
- type: string
- description: options field in the Interface table
- in OVSDB
- type: object
- otherConfig:
- additionalProperties:
- type: string
- description: other_config field in the Interface
- table in OVSDB
- type: object
- type:
- description: type field in the Interface table
- in OVSDB
- type: string
- type: object
- name:
- description: name of the PF interface
- type: string
- pciAddress:
- description: pci address of the PF
- type: string
- required:
- - pciAddress
- type: object
- type: array
- required:
- - name
- type: object
- type: array
- type: object
- interfaces:
- items:
- properties:
- eSwitchMode:
- type: string
- externallyManaged:
- type: boolean
- linkType:
- type: string
- mtu:
- type: integer
- name:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- vfGroups:
- items:
- properties:
- deviceType:
- type: string
- isRdma:
- type: boolean
- mtu:
- type: integer
- policyName:
- type: string
- resourceName:
- type: string
- vdpaType:
- type: string
- vfRange:
- type: string
- type: object
- type: array
- required:
- - pciAddress
- type: object
- type: array
- type: object
- status:
- description: SriovNetworkNodeStateStatus defines the observed state of
- SriovNetworkNodeState
- properties:
- bridges:
- description: Bridges contains list of bridges
- properties:
- ovs:
- items:
- description: OVSConfigExt contains configuration for the concrete
- OVS bridge
- properties:
- bridge:
- description: bridge-level configuration for the bridge
- properties:
- datapathType:
- description: configure datapath_type field in the Bridge
- table in OVSDB
- type: string
- externalIDs:
- additionalProperties:
- type: string
- description: IDs to inject to external_ids field in
- the Bridge table in OVSDB
- type: object
- otherConfig:
- additionalProperties:
- type: string
- description: additional options to inject to other_config
- field in the bridge table in OVSDB
- type: object
- type: object
- name:
- description: name of the bridge
- type: string
- uplinks:
- description: |-
- uplink-level bridge configuration for each uplink(PF).
- currently must contain only one element
- items:
- description: OVSUplinkConfigExt contains configuration
- for the concrete OVS uplink(PF)
- properties:
- interface:
- description: configuration from the Interface OVS
- table for the PF
- properties:
- externalIDs:
- additionalProperties:
- type: string
- description: external_ids field in the Interface
- table in OVSDB
- type: object
- options:
- additionalProperties:
- type: string
- description: options field in the Interface table
- in OVSDB
- type: object
- otherConfig:
- additionalProperties:
- type: string
- description: other_config field in the Interface
- table in OVSDB
- type: object
- type:
- description: type field in the Interface table
- in OVSDB
- type: string
- type: object
- name:
- description: name of the PF interface
- type: string
- pciAddress:
- description: pci address of the PF
- type: string
- required:
- - pciAddress
- type: object
- type: array
- required:
- - name
- type: object
- type: array
- type: object
- interfaces:
- items:
- properties:
- Vfs:
- items:
- properties:
- Vlan:
- type: integer
- assigned:
- type: string
- deviceID:
- type: string
- driver:
- type: string
- guid:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- pciAddress:
- type: string
- representorName:
- type: string
- vdpaType:
- type: string
- vendor:
- type: string
- vfID:
- type: integer
- required:
- - pciAddress
- - vfID
- type: object
- type: array
- deviceID:
- type: string
- driver:
- type: string
- eSwitchMode:
- type: string
- externallyManaged:
- type: boolean
- linkAdminState:
- type: string
- linkSpeed:
- type: string
- linkType:
- type: string
- mac:
- type: string
- mtu:
- type: integer
- name:
- type: string
- netFilter:
- type: string
- numVfs:
- type: integer
- pciAddress:
- type: string
- totalvfs:
- type: integer
- vendor:
- type: string
- required:
- - pciAddress
- type: object
- type: array
- lastSyncError:
- type: string
- syncStatus:
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml b/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
deleted file mode 100644
index 2cb2ece319..0000000000
--- a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworkpoolconfigs.yaml
+++ /dev/null
@@ -1,123 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
- name: sriovnetworkpoolconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetworkPoolConfig
- listKind: SriovNetworkPoolConfigList
- plural: sriovnetworkpoolconfigs
- singular: sriovnetworkpoolconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetworkPoolConfig is the Schema for the sriovnetworkpoolconfigs
- API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkPoolConfigSpec defines the desired state of SriovNetworkPoolConfig
- properties:
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: |-
- maxUnavailable defines either an integer number or percentage
- of nodes in the pool that can go Unavailable during an update.
-
-
- A value larger than 1 will mean multiple nodes going unavailable during
- the update, which may affect your workload stress on the remaining nodes.
- Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards,
- even if maxUnavailable is greater than one.
- x-kubernetes-int-or-string: true
- nodeSelector:
- description: nodeSelector specifies a label selector for Nodes
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: |-
- A label selector requirement is a selector that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: |-
- operator represents a key's relationship to a set of values.
- Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: |-
- values is an array of string values. If the operator is In or NotIn,
- the values array must be non-empty. If the operator is Exists or DoesNotExist,
- the values array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: |-
- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions, whose key field is "key", the
- operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- ovsHardwareOffloadConfig:
- description: OvsHardwareOffloadConfig describes the OVS HWOL configuration
- for selected Nodes
- properties:
- name:
- description: |-
- Name is mandatory and must be unique.
- On Kubernetes:
- Name is the name of OvsHardwareOffloadConfig
- On OpenShift:
- Name is the name of MachineConfigPool to be enabled with OVS hardware offload
- type: string
- type: object
- type: object
- status:
- description: SriovNetworkPoolConfigStatus defines the observed state of
- SriovNetworkPoolConfig
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml b/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
deleted file mode 100644
index e33b9a3ed5..0000000000
--- a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovnetworks.yaml
+++ /dev/null
@@ -1,136 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
- name: sriovnetworks.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovNetwork
- listKind: SriovNetworkList
- plural: sriovnetworks
- singular: sriovnetwork
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovNetwork is the Schema for the sriovnetworks API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: SriovNetworkSpec defines the desired state of SriovNetwork
- properties:
- capabilities:
- description: |-
- Capabilities to be configured for this network.
- Capabilities supported: (mac|ips), e.g. '{"mac": true}'
- type: string
- ipam:
- description: IPAM configuration to be used for this network.
- type: string
- linkState:
- description: VF link state (enable|disable|auto)
- enum:
- - auto
- - enable
- - disable
- type: string
- logFile:
- description: |-
- LogFile sets the log file of the SRIOV CNI plugin logs. If unset (default), this will log to stderr and thus
- to multus and container runtime logs.
- type: string
- logLevel:
- default: info
- description: |-
- LogLevel sets the log level of the SRIOV CNI plugin - either of panic, error, warning, info, debug. Defaults
- to info if left blank.
- enum:
- - panic
- - error
- - warning
- - info
- - debug
- - ""
- type: string
- maxTxRate:
- description: Maximum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting)
- minimum: 0
- type: integer
- metaPlugins:
- description: |-
- MetaPluginsConfig configuration to be used in order to chain metaplugins to the sriov interface returned
- by the operator.
- type: string
- minTxRate:
- description: Minimum tx rate, in Mbps, for the VF. Defaults to 0 (no
- rate limiting). min_tx_rate should be <= max_tx_rate.
- minimum: 0
- type: integer
- networkNamespace:
- description: Namespace of the NetworkAttachmentDefinition custom resource
- type: string
- resourceName:
- description: SRIOV Network device plugin endpoint resource name
- type: string
- spoofChk:
- description: VF spoof check, (on|off)
- enum:
- - "on"
- - "off"
- type: string
- trust:
- description: VF trust mode (on|off)
- enum:
- - "on"
- - "off"
- type: string
- vlan:
- description: VLAN ID to assign for the VF. Defaults to 0.
- maximum: 4096
- minimum: 0
- type: integer
- vlanProto:
- description: VLAN proto to assign for the VF. Defaults to 802.1q.
- enum:
- - 802.1q
- - 802.1Q
- - 802.1ad
- - 802.1AD
- type: string
- vlanQoS:
- description: VLAN QoS ID to assign for the VF. Defaults to 0.
- maximum: 7
- minimum: 0
- type: integer
- required:
- - resourceName
- type: object
- status:
- description: SriovNetworkStatus defines the observed state of SriovNetwork
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml b/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
deleted file mode 100644
index 5d944910d2..0000000000
--- a/charts/sriov-crd/104.3.0+up1.3.0/templates/sriovnetwork.openshift.io_sriovoperatorconfigs.yaml
+++ /dev/null
@@ -1,114 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.14.0
- name: sriovoperatorconfigs.sriovnetwork.openshift.io
-spec:
- group: sriovnetwork.openshift.io
- names:
- kind: SriovOperatorConfig
- listKind: SriovOperatorConfigList
- plural: sriovoperatorconfigs
- singular: sriovoperatorconfig
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: SriovOperatorConfig is the Schema for the sriovoperatorconfigs
- API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: SriovOperatorConfigSpec defines the desired state of SriovOperatorConfig
- properties:
- configDaemonNodeSelector:
- additionalProperties:
- type: string
- description: NodeSelector selects the nodes to be configured
- type: object
- configurationMode:
- description: |-
- Flag to enable the sriov-network-config-daemon to use a systemd service to configure SR-IOV devices on boot
- Default mode: daemon
- enum:
- - daemon
- - systemd
- type: string
- disableDrain:
- description: Flag to disable nodes drain during debugging
- type: boolean
- disablePlugins:
- description: DisablePlugins is a list of sriov-network-config-daemon
- plugins to disable
- items:
- description: PluginNameValue defines the plugin name
- enum:
- - mellanox
- type: string
- type: array
- enableInjector:
- description: Flag to control whether the network resource injector
- webhook shall be deployed
- type: boolean
- enableOperatorWebhook:
- description: Flag to control whether the operator admission controller
- webhook shall be deployed
- type: boolean
- enableOvsOffload:
- description: Flag to enable OVS hardware offload. Set to 'true' to
- provision switchdev-configuration.service and enable OpenvSwitch
- hw-offload on nodes.
- type: boolean
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates to enable experimental features
- type: object
- logLevel:
- description: Flag to control the log verbose level of the operator.
- Set to '0' to show only the basic logs. And set to '2' to show all
- the available logs.
- maximum: 2
- minimum: 0
- type: integer
- useCDI:
- description: Flag to enable Container Device Interface mode for SR-IOV
- Network Device Plugin
- type: boolean
- type: object
- status:
- description: SriovOperatorConfigStatus defines the observed state of SriovOperatorConfig
- properties:
- injector:
- description: Show the runtime status of the network resource injector
- webhook
- type: string
- operatorWebhook:
- description: Show the runtime status of the operator admission controller
- webhook
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/charts/sriov/101.0.1+up0.1.0/.helmignore b/charts/sriov/101.0.1+up0.1.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/101.0.1+up0.1.0/Chart.yaml b/charts/sriov/101.0.1+up0.1.0/Chart.yaml
deleted file mode 100644
index 029a78bb02..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.25.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.6.0-0 < 2.7.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
-apiVersion: v2
-appVersion: 1.2.0
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 101.0.1+up0.1.0
diff --git a/charts/sriov/101.0.1+up0.1.0/README.md b/charts/sriov/101.0.1+up0.1.0/README.md
deleted file mode 100644
index b34d479bd0..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/README.md
+++ /dev/null
@@ -1,73 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.enableAdmissionController` | bool | `false` | Enable SR-IOV network resource injector and operator webhook |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clusterType` | string | `kubernetes` | Cluster environment type |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/101.0.1+up0.1.0/app-README.md b/charts/sriov/101.0.1+up0.1.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/.helmignore b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index 90e1ac51d6..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.11.2
-description: 'Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels. '
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.11.2
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/README.md b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/README.md
deleted file mode 100644
index 6e0db3c37c..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.11/get-started/deployment-and-usage.html#deployment-with-helm)
-for deployment instructions.
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/manifests/nodefeaturerule-crd.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/manifests/nodefeaturerule-crd.yaml
deleted file mode 100644
index cd9b48bf46..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/manifests/nodefeaturerule-crd.yaml
+++ /dev/null
@@ -1,223 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.7.0
- creationTimestamp: null
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against. \n NB: CreateMatchExpression
- or MustCreateMatchExpression() should be used
- for creating new instances. NB: Validate()
- must be called if Op or Value fields are modified
- or if a new instance is created from scratch
- without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of
- MatchExpressions, each of which is evaluated against
- a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against. \n NB: CreateMatchExpression or
- MustCreateMatchExpression() should be used for creating
- new instances. NB: Validate() must be called if Op
- or Value fields are modified or if a new instance
- is created from scratch without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of MatchExpressions,
- each of which is evaluated against a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 08760ea019..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index 9e3a311276..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,64 +0,0 @@
-{{- if .Values.tls.certManager }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ $.Release.Namespace }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ $.Release.Namespace }}.svc.cluster.local
- # localhost needed for grpc_health_probe
- - localhost
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ $.Release.Namespace }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ $.Release.Namespace }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index 0401edd697..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index 36a12ecbe7..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,63 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
-{{- if .Values.master.resourceLabels | empty | not }}
- - nodes/status
-{{- end }}
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-{{- if .Values.topologyUpdater.enable }}
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
-{{- end }}
-
----
-{{- if .Values.topologyUpdater.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-{{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index 40033c64e3..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ $.Release.Namespace }}
-{{- end }}
-
----
-{{- if .Values.topologyUpdater.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ $.Release.Namespace }}
-{{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index ce28646dfe..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,117 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- annotations:
- {{- toYaml .Values.master.deploymentAnnotations | nindent 4 }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- annotations:
- {{- toYaml .Values.master.annotations | nindent 8 }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:8080"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:8080"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: 8080
- name: grpc
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "--instance={{ .Values.master.instance }}"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "--extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "--resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- else }}
- ## By default, disable NodeFeatureRules controller for other than the default instances
- - "-featurerules-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "--ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "--key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "--cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- volumeMounts:
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- volumes:
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- ## /TLS ##
- {{- end }}
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index 93c8d86d0c..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/nodefeaturerule-crd.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/nodefeaturerule-crd.yaml
deleted file mode 100644
index f5d30850a5..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/nodefeaturerule-crd.yaml
+++ /dev/null
@@ -1,3 +0,0 @@
-{{- if .Values.nodeFeatureRule.createCRD }}
-{{ .Files.Get "manifests/nodefeaturerule-crd.yaml" }}
-{{- end}}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index 97d0a58780..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index 025c30a578..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{- if .Values.master.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if .Values.topologyUpdater.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if .Values.worker.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index cf5daf27b8..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.7.0
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index ffddc19033..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- annotations:
- {{- toYaml .Values.topologyUpdater.annotations | nindent 8 }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-topology-updater"
- args:
- - "--server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "--sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "--sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "--watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "--watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "--ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "--key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "--cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- volumeMounts:
- - name: kubelet-config
- mountPath: /host-var/lib/kubelet/config.yaml
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet/pod-resources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: kubelet-config
- hostPath:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- else }}
- path: /var/lib/kubelet/config.yaml
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index 955b6a358e..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,131 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- annotations:
- {{- toYaml .Values.worker.daemonsetAnnotations | nindent 4 }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- annotations:
- {{- toYaml .Values.worker.annotations | nindent 8 }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- - "--server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
-{{- if .Values.tls.enable }}
- - "--ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "--key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "--cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/values.yaml b/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index a4ff836822..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,413 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.11.2-build20220901
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-
-nodeFeatureRule:
- createCRD: true
-
-master:
- instance:
- extraLabelNs: []
- resourceLabels: []
- featureRulesController: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # my-ng-feature: "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # my-ng-feature-2: "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
-###
-
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
-topologyUpdater:
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: false
- annotations: {}
- name:
- rbac:
- create: false
-
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/NOTES.txt b/charts/sriov/101.0.1+up0.1.0/templates/NOTES.txt
deleted file mode 100644
index 44a8bf935a..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/_helpers.tpl b/charts/sriov/101.0.1+up0.1.0/templates/_helpers.tpl
deleted file mode 100644
index dff1d171fe..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/_webhook-certs.tpl b/charts/sriov/101.0.1+up0.1.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/certmanagercerts.yaml b/charts/sriov/101.0.1+up0.1.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/clusterrole.yaml b/charts/sriov/101.0.1+up0.1.0/templates/clusterrole.yaml
deleted file mode 100644
index da327471f0..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,109 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: ["clusterroles", "clusterrolebindings"]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
-
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/clusterrolebinding.yaml b/charts/sriov/101.0.1+up0.1.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/configmap.yaml b/charts/sriov/101.0.1+up0.1.0/templates/configmap.yaml
deleted file mode 100644
index 455bd91ff0..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/configmap.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/operator.yaml b/charts/sriov/101.0.1+up0.1.0/templates/operator.yaml
deleted file mode 100644
index ac3cb4c345..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/operator.yaml
+++ /dev/null
@@ -1,98 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- # Add fields here
- enableInjector: {{ .Values.operator.enableAdmissionController }}
- enableOperatorWebhook: {{ .Values.operator.enableAdmissionController }}
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: "true"}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.operator.nodeSelector }}
-{{ toYaml .Values.operator.nodeSelector | indent 8 }}
-{{- end }}
- tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.operator.tolerations }}
-{{ toYaml .Values.operator.tolerations | indent 8 }}
-{{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.image }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- imagePullPolicy: IfNotPresent
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.image }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.image }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.image }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.image }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.image }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.image }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: ENABLE_ADMISSION_CONTROLLER
- value: {{ .Values.operator.enableAdmissionController | quote }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.enableAdmissionController }}
- {{- if not .Values.cert_manager }}
- - name: WEBHOOK_CA_BUNDLE
- value: "{{ include "sriov_operator_ca_cert" . }}"
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/role.yaml b/charts/sriov/101.0.1+up0.1.0/templates/role.yaml
deleted file mode 100644
index 35a9d50afc..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/role.yaml
+++ /dev/null
@@ -1,125 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/rolebinding.yaml b/charts/sriov/101.0.1+up0.1.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/secrets.yaml b/charts/sriov/101.0.1+up0.1.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/serviceaccount.yaml b/charts/sriov/101.0.1+up0.1.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/101.0.1+up0.1.0/templates/validate-install-crd.yaml b/charts/sriov/101.0.1+up0.1.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 48ffe70751..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/101.0.1+up0.1.0/values.yaml b/charts/sriov/101.0.1+up0.1.0/values.yaml
deleted file mode 100644
index 5e2072221f..0000000000
--- a/charts/sriov/101.0.1+up0.1.0/values.yaml
+++ /dev/null
@@ -1,64 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [ "" ]
- - matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- enableAdmissionController: false
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
-
-# Image URIs for sriov-network-operator components
-images:
- operator:
- image: rancher/hardened-sriov-network-operator
- tag: v1.2.0-build20220816
- sriovConfigDaemon:
- image: rancher/hardened-sriov-network-config-daemon
- tag: v1.2.0-build20220816
- sriovCni:
- image: rancher/hardened-sriov-cni
- tag: v2.6.3-build20220816
- ibSriovCni:
- image: rancher/hardened-ib-sriov-cni
- tag: v1.0.2-build20220419
- sriovDevicePlugin:
- image: rancher/hardened-sriov-network-device-plugin
- tag: v3.5.1-build20220816
- resourcesInjector:
- image: rancher/hardened-sriov-network-resources-injector
- tag: v1.5-build20220816
- webhook:
- image: rancher/hardened-sriov-network-webhook
- tag: v1.2.0-build20220816
-
-# cert_manager enables integration with cert-manager to generate
-# certificates for the operator webhooks. Otherwise the chart will
-# generate ad-hoc certificates with no automated renewal at expiration,
-# not recommended for production clusters.
-cert_manager: false
-
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/charts/sriov/102.0.0+up0.1.0/.helmignore b/charts/sriov/102.0.0+up0.1.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/102.0.0+up0.1.0/Chart.yaml b/charts/sriov/102.0.0+up0.1.0/Chart.yaml
deleted file mode 100644
index 22617946d5..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.26.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
-apiVersion: v2
-appVersion: 1.2.0
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 102.0.0+up0.1.0
diff --git a/charts/sriov/102.0.0+up0.1.0/README.md b/charts/sriov/102.0.0+up0.1.0/README.md
deleted file mode 100644
index b34d479bd0..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/README.md
+++ /dev/null
@@ -1,73 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.enableAdmissionController` | bool | `false` | Enable SR-IOV network resource injector and operator webhook |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clusterType` | string | `kubernetes` | Cluster environment type |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/102.0.0+up0.1.0/app-README.md b/charts/sriov/102.0.0+up0.1.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/.helmignore b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index e4fee20171..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.12.0
-description: 'Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels. '
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.12.0
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/README.md b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/README.md
deleted file mode 100644
index 3061f0f8d1..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.12/get-started/deployment-and-usage.html#deployment-with-helm)
-for deployment instructions.
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
deleted file mode 100644
index ab10f15a9c..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
+++ /dev/null
@@ -1,358 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: nodefeatures.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeature
- listKind: NodeFeatureList
- plural: nodefeatures
- singular: nodefeature
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeature resource holds the features discovered for one node
- in the cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureSpec describes a NodeFeature object.
- properties:
- features:
- description: Features is the full "raw" features data that has been
- discovered.
- properties:
- attributes:
- additionalProperties:
- description: AttributeFeatureSet is a set of features having
- string value.
- properties:
- elements:
- additionalProperties:
- type: string
- type: object
- required:
- - elements
- type: object
- type: object
- flags:
- additionalProperties:
- description: FlagFeatureSet is a set of simple features only
- containing names without values.
- properties:
- elements:
- additionalProperties:
- description: Nil is a dummy empty struct for protobuf
- compatibility
- type: object
- type: object
- required:
- - elements
- type: object
- type: object
- instances:
- additionalProperties:
- description: InstanceFeatureSet is a set of features each of
- which is an instance having multiple attributes.
- properties:
- elements:
- items:
- description: InstanceFeature represents one instance of
- a complex features, e.g. a device.
- properties:
- attributes:
- additionalProperties:
- type: string
- type: object
- required:
- - attributes
- type: object
- type: array
- required:
- - elements
- type: object
- type: object
- required:
- - attributes
- - flags
- - instances
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels is the set of node labels that are requested to
- be created.
- type: object
- required:
- - features
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- shortNames:
- - nfr
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against. \n NB: CreateMatchExpression
- or MustCreateMatchExpression() should be used
- for creating new instances. \n NB: Validate()
- must be called if Op or Value fields are modified
- or if a new instance is created from scratch
- without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of
- MatchExpressions, each of which is evaluated against
- a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against. \n NB: CreateMatchExpression or
- MustCreateMatchExpression() should be used for creating
- new instances. \n NB: Validate() must be called if
- Op or Value fields are modified or if a new instance
- is created from scratch without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of MatchExpressions,
- each of which is evaluated against a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- taints:
- description: Taints to create if the rule matches.
- items:
- description: The node this Taint is attached to has the "effect"
- on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are NoSchedule,
- PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which the
- taint was added. It is only written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 39c1e3df7f..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,96 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Allow the release namespace to be overridden for multi-namespace deployments in combined charts
-*/}}
-{{- define "node-feature-discovery.namespace" -}}
- {{- if .Values.namespaceOverride -}}
- {{- .Values.namespaceOverride -}}
- {{- else -}}
- {{- .Release.Namespace -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index ac2e51fc11..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-{{- if .Values.tls.certManager }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- # localhost needed for grpc_health_probe
- - localhost
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index f3c57acea1..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index 3dd6f6f3b6..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
-{{- if .Values.master.resourceLabels | empty | not }}
- - nodes/status
-{{- end }}
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-{{- end }}
-
----
-{{- if .Values.topologyUpdater.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index 5bceb41e76..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
----
-{{- if .Values.topologyUpdater.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index 26a326cb80..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,124 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- annotations:
- {{- toYaml .Values.master.deploymentAnnotations | nindent 4 }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- annotations:
- {{- toYaml .Values.master.annotations | nindent 8 }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:8080"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:8080"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: 8080
- name: grpc
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "--instance={{ .Values.master.instance }}"
- {{- end }}
- {{- if .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "--extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "--resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.crdController | kindIs "invalid" | not }}
- - "-crd-controller={{ .Values.master.crdController }}"
- {{- else }}
- ## By default, disable crd controller for other than the default instances
- - "-featurerules-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "--ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "--key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "--cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- volumeMounts:
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- volumes:
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- ## /TLS ##
- {{- end }}
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
deleted file mode 100644
index 9867f5089c..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-topology-updater.conf: |-
- {{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index 61d2a481aa..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/role.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
deleted file mode 100644
index f63cb8ff4f..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - create
- - get
- - update
-{{- end }}
-
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
deleted file mode 100644
index 30a00381f0..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "node-feature-discovery.fullname" . }}-worker
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index 6731ca43ae..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- role: master
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index 883e5daabd..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-{{- if .Values.master.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if .Values.topologyUpdater.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if .Values.worker.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index cf5daf27b8..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.7.0
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index 2f28b969f2..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,121 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- annotations:
- {{- toYaml .Values.topologyUpdater.annotations | nindent 8 }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-topology-updater"
- args:
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "--sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "--sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "--watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "--watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "--ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "--key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "--cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- volumeMounts:
- - name: kubelet-config
- mountPath: /host-var/lib/kubelet/config.yaml
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet/pod-resources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-topology-updater-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: kubelet-config
- hostPath:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- else }}
- path: /var/lib/kubelet/config.yaml
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- - name: nfd-topology-updater-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- items:
- - key: nfd-topology-updater.conf
- path: nfd-topology-updater.conf
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index e723cc5cbe..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,138 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- annotations:
- {{- toYaml .Values.worker.daemonsetAnnotations | nindent 4 }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- annotations:
- {{- toYaml .Values.worker.annotations | nindent 8 }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- - "--server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- {{- if .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api"
- {{- end }}
-{{- if .Values.tls.enable }}
- - "--ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "--key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "--cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.priorityClassName }}
- priorityClassName: {{ . | quote }}
- {{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/values.yaml b/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index 456e1ae208..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,432 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.12.1-build20230120
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-namespaceOverride: ""
-
-enableNodeFeatureApi: false
-
-master:
- instance:
- featureApi:
- extraLabelNs: []
- resourceLabels: []
- crdController: null
- featureRulesController: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # local:
- # hooksEnabled: true
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # my-ng-feature: "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # my-ng-feature-2: "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
-###
-
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
- priorityClassName: ""
-
-topologyUpdater:
- config: ###
- ## key = node name, value = list of resources to be excluded.
- ## use * to exclude from all nodes.
- ## an example for how the exclude list should looks like
- #excludeList:
- # node1: [cpu]
- # node2: [memory, example/deviceA]
- # *: [hugepages-2Mi]
-###
-
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: false
- annotations: {}
- name:
- rbac:
- create: false
-
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/NOTES.txt b/charts/sriov/102.0.0+up0.1.0/templates/NOTES.txt
deleted file mode 100644
index 44a8bf935a..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/_helpers.tpl b/charts/sriov/102.0.0+up0.1.0/templates/_helpers.tpl
deleted file mode 100644
index dff1d171fe..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/_webhook-certs.tpl b/charts/sriov/102.0.0+up0.1.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/certmanagercerts.yaml b/charts/sriov/102.0.0+up0.1.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/clusterrole.yaml b/charts/sriov/102.0.0+up0.1.0/templates/clusterrole.yaml
deleted file mode 100644
index da327471f0..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,109 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: ["clusterroles", "clusterrolebindings"]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
-
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/clusterrolebinding.yaml b/charts/sriov/102.0.0+up0.1.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/configmap.yaml b/charts/sriov/102.0.0+up0.1.0/templates/configmap.yaml
deleted file mode 100644
index 455bd91ff0..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/configmap.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/operator.yaml b/charts/sriov/102.0.0+up0.1.0/templates/operator.yaml
deleted file mode 100644
index ac3cb4c345..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/operator.yaml
+++ /dev/null
@@ -1,98 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- # Add fields here
- enableInjector: {{ .Values.operator.enableAdmissionController }}
- enableOperatorWebhook: {{ .Values.operator.enableAdmissionController }}
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: "true"}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.operator.nodeSelector }}
-{{ toYaml .Values.operator.nodeSelector | indent 8 }}
-{{- end }}
- tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.operator.tolerations }}
-{{ toYaml .Values.operator.tolerations | indent 8 }}
-{{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.image }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- imagePullPolicy: IfNotPresent
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.image }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.image }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.image }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.image }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.image }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.image }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: ENABLE_ADMISSION_CONTROLLER
- value: {{ .Values.operator.enableAdmissionController | quote }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.enableAdmissionController }}
- {{- if not .Values.cert_manager }}
- - name: WEBHOOK_CA_BUNDLE
- value: "{{ include "sriov_operator_ca_cert" . }}"
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/role.yaml b/charts/sriov/102.0.0+up0.1.0/templates/role.yaml
deleted file mode 100644
index 35a9d50afc..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/role.yaml
+++ /dev/null
@@ -1,125 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/rolebinding.yaml b/charts/sriov/102.0.0+up0.1.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/secrets.yaml b/charts/sriov/102.0.0+up0.1.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/serviceaccount.yaml b/charts/sriov/102.0.0+up0.1.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/102.0.0+up0.1.0/templates/validate-install-crd.yaml b/charts/sriov/102.0.0+up0.1.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 48ffe70751..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/102.0.0+up0.1.0/values.yaml b/charts/sriov/102.0.0+up0.1.0/values.yaml
deleted file mode 100644
index f1a95e4455..0000000000
--- a/charts/sriov/102.0.0+up0.1.0/values.yaml
+++ /dev/null
@@ -1,64 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [ "" ]
- - matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- enableAdmissionController: false
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
-
-# Image URIs for sriov-network-operator components
-images:
- operator:
- image: rancher/hardened-sriov-network-operator
- tag: v1.2.0-build20221014
- sriovConfigDaemon:
- image: rancher/hardened-sriov-network-config-daemon
- tag: v1.2.0-build20221014
- sriovCni:
- image: rancher/hardened-sriov-cni
- tag: v2.6.3-build20221014
- ibSriovCni:
- image: rancher/hardened-ib-sriov-cni
- tag: v1.0.2-build20221014
- sriovDevicePlugin:
- image: rancher/hardened-sriov-network-device-plugin
- tag: v3.5.1-build20221014
- resourcesInjector:
- image: rancher/hardened-sriov-network-resources-injector
- tag: v1.5-build20221014
- webhook:
- image: rancher/hardened-sriov-network-webhook
- tag: v1.2.0-build20221014
-
-# cert_manager enables integration with cert-manager to generate
-# certificates for the operator webhooks. Otherwise the chart will
-# generate ad-hoc certificates with no automated renewal at expiration,
-# not recommended for production clusters.
-cert_manager: false
-
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/charts/sriov/102.1.0+up0.1.0/.helmignore b/charts/sriov/102.1.0+up0.1.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/102.1.0+up0.1.0/Chart.yaml b/charts/sriov/102.1.0+up0.1.0/Chart.yaml
deleted file mode 100644
index 671ce416ba..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.27.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
-apiVersion: v2
-appVersion: 1.2.0
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 102.1.0+up0.1.0
diff --git a/charts/sriov/102.1.0+up0.1.0/README.md b/charts/sriov/102.1.0+up0.1.0/README.md
deleted file mode 100644
index b34d479bd0..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/README.md
+++ /dev/null
@@ -1,73 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.enableAdmissionController` | bool | `false` | Enable SR-IOV network resource injector and operator webhook |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clusterType` | string | `kubernetes` | Cluster environment type |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/102.1.0+up0.1.0/app-README.md b/charts/sriov/102.1.0+up0.1.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/.helmignore b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index d9d4151d9a..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.13.2
-description: 'Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels. '
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.13.2
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/README.md b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/README.md
deleted file mode 100644
index 628ac6a36d..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.13/deployment/helm.html)
-for deployment instructions.
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
deleted file mode 100644
index 775536f280..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
+++ /dev/null
@@ -1,363 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: nodefeatures.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeature
- listKind: NodeFeatureList
- plural: nodefeatures
- singular: nodefeature
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeature resource holds the features discovered for one node
- in the cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureSpec describes a NodeFeature object.
- properties:
- features:
- description: Features is the full "raw" features data that has been
- discovered.
- properties:
- attributes:
- additionalProperties:
- description: AttributeFeatureSet is a set of features having
- string value.
- properties:
- elements:
- additionalProperties:
- type: string
- type: object
- required:
- - elements
- type: object
- description: Attributes contains all the attribute-type features
- of the node.
- type: object
- flags:
- additionalProperties:
- description: FlagFeatureSet is a set of simple features only
- containing names without values.
- properties:
- elements:
- additionalProperties:
- description: Nil is a dummy empty struct for protobuf
- compatibility
- type: object
- type: object
- required:
- - elements
- type: object
- description: Flags contains all the flag-type features of the
- node.
- type: object
- instances:
- additionalProperties:
- description: InstanceFeatureSet is a set of features each of
- which is an instance having multiple attributes.
- properties:
- elements:
- items:
- description: InstanceFeature represents one instance of
- a complex features, e.g. a device.
- properties:
- attributes:
- additionalProperties:
- type: string
- type: object
- required:
- - attributes
- type: object
- type: array
- required:
- - elements
- type: object
- description: Instances contains all the instance-type features
- of the node.
- type: object
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels is the set of node labels that are requested to
- be created.
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- shortNames:
- - nfr
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- extendedResources:
- additionalProperties:
- type: string
- description: ExtendedResources to create if the rule matches.
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against. \n NB: CreateMatchExpression
- or MustCreateMatchExpression() should be used
- for creating new instances. \n NB: Validate()
- must be called if Op or Value fields are modified
- or if a new instance is created from scratch
- without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of
- MatchExpressions, each of which is evaluated against
- a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against. \n NB: CreateMatchExpression or
- MustCreateMatchExpression() should be used for creating
- new instances. \n NB: Validate() must be called if
- Op or Value fields are modified or if a new instance
- is created from scratch without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of MatchExpressions,
- each of which is evaluated against a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- taints:
- description: Taints to create if the rule matches.
- items:
- description: The node this Taint is attached to has the "effect"
- on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are NoSchedule,
- PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which the
- taint was added. It is only written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 5a0a5c97f7..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,107 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Allow the release namespace to be overridden for multi-namespace deployments in combined charts
-*/}}
-{{- define "node-feature-discovery.namespace" -}}
- {{- if .Values.namespaceOverride -}}
- {{- .Values.namespaceOverride -}}
- {{- else -}}
- {{- .Release.Namespace -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyGC will use
-*/}}
-{{- define "node-feature-discovery.topologyGC.serviceAccountName" -}}
-{{- if .Values.topologyGC.serviceAccount.create -}}
- {{ default (printf "%s-topology-gc" (include "node-feature-discovery.fullname" .)) .Values.topologyGC.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyGC.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index ac2e51fc11..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-{{- if .Values.tls.certManager }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- # localhost needed for grpc_health_probe
- - localhost
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index f3c57acea1..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index 84b32644f5..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,97 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- - nodes/status
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-{{- end }}
-
----
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
-
----
-{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - delete
- - list
-{{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index b0a69012fd..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
----
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
----
-{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
-subjects:
-- kind: ServiceAccount
- name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index 418ac089dd..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- annotations:
- {{- toYaml .Values.master.deploymentAnnotations | nindent 4 }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- annotations:
- {{- toYaml .Values.master.annotations | nindent 8 }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- enableServiceLinks: false
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:{{ .Values.master.port | default "8080" }}"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:{{ .Values.master.port | default "8080" }}"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: {{ .Values.master.port | default "8080" }}
- name: grpc
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "-instance={{ .Values.master.instance }}"
- {{- end }}
- - "-port={{ .Values.master.port | default "8080" }}"
- {{- if .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.denyLabelNs | empty | not }}
- - "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "-resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.enableTaints }}
- - "-enable-taints"
- {{- end }}
- {{- if .Values.master.crdController | kindIs "invalid" | not }}
- - "-crd-controller={{ .Values.master.crdController }}"
- {{- else }}
- ## By default, disable crd controller for other than the default instances
- - "-featurerules-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- volumeMounts:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-master-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
- volumes:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- {{- end }}
- - name: nfd-master-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- items:
- - key: nfd-master.conf
- path: nfd-master.conf
-
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
deleted file mode 100644
index c806a8e5d9..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-master.conf: |-
- {{- .Values.master.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
deleted file mode 100644
index 9867f5089c..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-topology-updater.conf: |-
- {{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index 61d2a481aa..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/role.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
deleted file mode 100644
index f63cb8ff4f..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - create
- - get
- - update
-{{- end }}
-
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
deleted file mode 100644
index 30a00381f0..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "node-feature-discovery.fullname" . }}-worker
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index 0d4789818f..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port | default "8080" }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- role: master
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index 03211e7c49..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
-{{- if .Values.master.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if and .Values.topologyGC.enable .Values.topologyGC.serviceAccount.create .Values.topologyUpdater.enable }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if .Values.worker.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/topology-gc.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/topology-gc.yaml
deleted file mode 100644
index 642fec4559..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/topology-gc.yaml
+++ /dev/null
@@ -1,64 +0,0 @@
-{{- if and .Values.topologyGC.enable .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-gc
-spec:
- replicas: {{ .Values.topologyGC.replicaCount | default 1 }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-gc
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-gc
- annotations:
- {{- toYaml .Values.topologyGC.annotations | nindent 8 }}
- spec:
- serviceAccountName: {{ .Values.topologyGC.serviceAccountName | default "nfd-topology-gc" }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyGC.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-gc
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-topology-gc"
- args:
- {{- if .Values.topologyGC.interval | empty | not }}
- - "-gc-interval={{ .Values.topologyGC.interval }}"
- {{- end }}
- resources:
- {{- toYaml .Values.topologyGC.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyGC.securityContext | nindent 12 }}
-
- {{- with .Values.topologyGC.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyGC.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyGC.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index b6b919689c..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,278 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.11.2
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: false
- - name: v1alpha2
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
- if needed'
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index cd3fca051e..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,142 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- annotations:
- {{- toYaml .Values.topologyUpdater.annotations | nindent 8 }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-topology-updater"
- args:
- - "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "-sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "-watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- {{- if .Values.topologyUpdater.podSetFingerprint }}
- - "-pods-fingerprint"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - "-kubelet-config-uri=file:///host-var/kubelet-config"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty }}
- # Disable kubelet state tracking by giving an empty path
- - "-kubelet-state-dir="
- {{- end }}
- volumeMounts:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- mountPath: /host-var/kubelet-config
- {{- end }}
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- mountPath: /host-var/lib/kubelet
- readOnly: true
- {{- end }}
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-topology-updater-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletStateDir }}
- {{- end }}
- - name: nfd-topology-updater-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- items:
- - key: nfd-topology-updater.conf
- path: nfd-topology-updater.conf
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index c1240bdc93..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,144 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- annotations:
- {{- toYaml .Values.worker.daemonsetAnnotations | nindent 4 }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- annotations:
- {{- toYaml .Values.worker.annotations | nindent 8 }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- - "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- {{- if .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api"
- {{- end }}
-{{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- - name: host-lib
- mountPath: "/host-lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- - name: host-lib
- hostPath:
- path: "/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.priorityClassName }}
- priorityClassName: {{ . | quote }}
- {{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/values.yaml b/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index d16d19d1ff..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,484 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.13.2-build20230605
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-namespaceOverride: ""
-
-enableNodeFeatureApi: false
-
-master:
- config: ###
- # noPublish: false
- # extraLabelNs: ["added.ns.io","added.kubernets.io"]
- # denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
- # resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
- # enableTaints: false
- # labelWhiteList: "foo"
- ###
- # The TCP port that nfd-master listens for incoming requests. Default: 8080
- port: 8080
- instance:
- featureApi:
- denyLabelNs: []
- extraLabelNs: []
- resourceLabels: []
- enableTaints: false
- crdController: null
- featureRulesController: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # local:
- # hooksEnabled: true
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # my-ng-feature: "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # my-ng-feature-2: "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
-###
-
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
- priorityClassName: ""
-
-topologyUpdater:
- config: ###
- ## key = node name, value = list of resources to be excluded.
- ## use * to exclude from all nodes.
- ## an example for how the exclude list should looks like
- #excludeList:
- # node1: [cpu]
- # node2: [memory, example/deviceA]
- # *: [hugepages-2Mi]
-###
-
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
- kubeletStateDir: /var/lib/kubelet
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- affinity: {}
- podSetFingerprint: true
-
-topologyGC:
- enable: true
- replicaCount: 1
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- interval: 1h
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/NOTES.txt b/charts/sriov/102.1.0+up0.1.0/templates/NOTES.txt
deleted file mode 100644
index 44a8bf935a..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/_helpers.tpl b/charts/sriov/102.1.0+up0.1.0/templates/_helpers.tpl
deleted file mode 100644
index dff1d171fe..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/_webhook-certs.tpl b/charts/sriov/102.1.0+up0.1.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/certmanagercerts.yaml b/charts/sriov/102.1.0+up0.1.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/clusterrole.yaml b/charts/sriov/102.1.0+up0.1.0/templates/clusterrole.yaml
deleted file mode 100644
index da327471f0..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,109 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: ["clusterroles", "clusterrolebindings"]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
-
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/clusterrolebinding.yaml b/charts/sriov/102.1.0+up0.1.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/configmap.yaml b/charts/sriov/102.1.0+up0.1.0/templates/configmap.yaml
deleted file mode 100644
index 455bd91ff0..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/configmap.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/operator.yaml b/charts/sriov/102.1.0+up0.1.0/templates/operator.yaml
deleted file mode 100644
index ac3cb4c345..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/operator.yaml
+++ /dev/null
@@ -1,98 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- # Add fields here
- enableInjector: {{ .Values.operator.enableAdmissionController }}
- enableOperatorWebhook: {{ .Values.operator.enableAdmissionController }}
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: "true"}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.operator.nodeSelector }}
-{{ toYaml .Values.operator.nodeSelector | indent 8 }}
-{{- end }}
- tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.operator.tolerations }}
-{{ toYaml .Values.operator.tolerations | indent 8 }}
-{{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.image }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- imagePullPolicy: IfNotPresent
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.image }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.image }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.image }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.image }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.image }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.image }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: ENABLE_ADMISSION_CONTROLLER
- value: {{ .Values.operator.enableAdmissionController | quote }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.enableAdmissionController }}
- {{- if not .Values.cert_manager }}
- - name: WEBHOOK_CA_BUNDLE
- value: "{{ include "sriov_operator_ca_cert" . }}"
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/role.yaml b/charts/sriov/102.1.0+up0.1.0/templates/role.yaml
deleted file mode 100644
index 35a9d50afc..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/role.yaml
+++ /dev/null
@@ -1,125 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/rolebinding.yaml b/charts/sriov/102.1.0+up0.1.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/secrets.yaml b/charts/sriov/102.1.0+up0.1.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/serviceaccount.yaml b/charts/sriov/102.1.0+up0.1.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/102.1.0+up0.1.0/templates/validate-install-crd.yaml b/charts/sriov/102.1.0+up0.1.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 48ffe70751..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/102.1.0+up0.1.0/values.yaml b/charts/sriov/102.1.0+up0.1.0/values.yaml
deleted file mode 100644
index f1a95e4455..0000000000
--- a/charts/sriov/102.1.0+up0.1.0/values.yaml
+++ /dev/null
@@ -1,64 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [ "" ]
- - matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- enableAdmissionController: false
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
-
-# Image URIs for sriov-network-operator components
-images:
- operator:
- image: rancher/hardened-sriov-network-operator
- tag: v1.2.0-build20221014
- sriovConfigDaemon:
- image: rancher/hardened-sriov-network-config-daemon
- tag: v1.2.0-build20221014
- sriovCni:
- image: rancher/hardened-sriov-cni
- tag: v2.6.3-build20221014
- ibSriovCni:
- image: rancher/hardened-ib-sriov-cni
- tag: v1.0.2-build20221014
- sriovDevicePlugin:
- image: rancher/hardened-sriov-network-device-plugin
- tag: v3.5.1-build20221014
- resourcesInjector:
- image: rancher/hardened-sriov-network-resources-injector
- tag: v1.5-build20221014
- webhook:
- image: rancher/hardened-sriov-network-webhook
- tag: v1.2.0-build20221014
-
-# cert_manager enables integration with cert-manager to generate
-# certificates for the operator webhooks. Otherwise the chart will
-# generate ad-hoc certificates with no automated renewal at expiration,
-# not recommended for production clusters.
-cert_manager: false
-
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/charts/sriov/102.2.0+up0.1.0/.helmignore b/charts/sriov/102.2.0+up0.1.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/102.2.0+up0.1.0/Chart.yaml b/charts/sriov/102.2.0+up0.1.0/Chart.yaml
deleted file mode 100644
index 1097444fbb..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.28.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
-apiVersion: v2
-appVersion: 1.2.0
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 102.2.0+up0.1.0
diff --git a/charts/sriov/102.2.0+up0.1.0/README.md b/charts/sriov/102.2.0+up0.1.0/README.md
deleted file mode 100644
index b34d479bd0..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/README.md
+++ /dev/null
@@ -1,73 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.enableAdmissionController` | bool | `false` | Enable SR-IOV network resource injector and operator webhook |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clusterType` | string | `kubernetes` | Cluster environment type |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/102.2.0+up0.1.0/app-README.md b/charts/sriov/102.2.0+up0.1.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/.helmignore b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index d9d4151d9a..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.13.2
-description: 'Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels. '
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.13.2
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/README.md b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/README.md
deleted file mode 100644
index 628ac6a36d..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.13/deployment/helm.html)
-for deployment instructions.
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
deleted file mode 100644
index 775536f280..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
+++ /dev/null
@@ -1,363 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: nodefeatures.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeature
- listKind: NodeFeatureList
- plural: nodefeatures
- singular: nodefeature
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeature resource holds the features discovered for one node
- in the cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureSpec describes a NodeFeature object.
- properties:
- features:
- description: Features is the full "raw" features data that has been
- discovered.
- properties:
- attributes:
- additionalProperties:
- description: AttributeFeatureSet is a set of features having
- string value.
- properties:
- elements:
- additionalProperties:
- type: string
- type: object
- required:
- - elements
- type: object
- description: Attributes contains all the attribute-type features
- of the node.
- type: object
- flags:
- additionalProperties:
- description: FlagFeatureSet is a set of simple features only
- containing names without values.
- properties:
- elements:
- additionalProperties:
- description: Nil is a dummy empty struct for protobuf
- compatibility
- type: object
- type: object
- required:
- - elements
- type: object
- description: Flags contains all the flag-type features of the
- node.
- type: object
- instances:
- additionalProperties:
- description: InstanceFeatureSet is a set of features each of
- which is an instance having multiple attributes.
- properties:
- elements:
- items:
- description: InstanceFeature represents one instance of
- a complex features, e.g. a device.
- properties:
- attributes:
- additionalProperties:
- type: string
- type: object
- required:
- - attributes
- type: object
- type: array
- required:
- - elements
- type: object
- description: Instances contains all the instance-type features
- of the node.
- type: object
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels is the set of node labels that are requested to
- be created.
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- shortNames:
- - nfr
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- extendedResources:
- additionalProperties:
- type: string
- description: ExtendedResources to create if the rule matches.
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against. \n NB: CreateMatchExpression
- or MustCreateMatchExpression() should be used
- for creating new instances. \n NB: Validate()
- must be called if Op or Value fields are modified
- or if a new instance is created from scratch
- without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of
- MatchExpressions, each of which is evaluated against
- a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against. \n NB: CreateMatchExpression or
- MustCreateMatchExpression() should be used for creating
- new instances. \n NB: Validate() must be called if
- Op or Value fields are modified or if a new instance
- is created from scratch without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of MatchExpressions,
- each of which is evaluated against a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- taints:
- description: Taints to create if the rule matches.
- items:
- description: The node this Taint is attached to has the "effect"
- on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are NoSchedule,
- PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which the
- taint was added. It is only written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 5a0a5c97f7..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,107 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Allow the release namespace to be overridden for multi-namespace deployments in combined charts
-*/}}
-{{- define "node-feature-discovery.namespace" -}}
- {{- if .Values.namespaceOverride -}}
- {{- .Values.namespaceOverride -}}
- {{- else -}}
- {{- .Release.Namespace -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyGC will use
-*/}}
-{{- define "node-feature-discovery.topologyGC.serviceAccountName" -}}
-{{- if .Values.topologyGC.serviceAccount.create -}}
- {{ default (printf "%s-topology-gc" (include "node-feature-discovery.fullname" .)) .Values.topologyGC.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyGC.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index ac2e51fc11..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-{{- if .Values.tls.certManager }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- # localhost needed for grpc_health_probe
- - localhost
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index f3c57acea1..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index 84b32644f5..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,97 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- - nodes/status
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-{{- end }}
-
----
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
-
----
-{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - delete
- - list
-{{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index b0a69012fd..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
----
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
----
-{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
-subjects:
-- kind: ServiceAccount
- name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index 418ac089dd..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- annotations:
- {{- toYaml .Values.master.deploymentAnnotations | nindent 4 }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- annotations:
- {{- toYaml .Values.master.annotations | nindent 8 }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- enableServiceLinks: false
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:{{ .Values.master.port | default "8080" }}"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:{{ .Values.master.port | default "8080" }}"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: {{ .Values.master.port | default "8080" }}
- name: grpc
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "-instance={{ .Values.master.instance }}"
- {{- end }}
- - "-port={{ .Values.master.port | default "8080" }}"
- {{- if .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.denyLabelNs | empty | not }}
- - "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "-resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.enableTaints }}
- - "-enable-taints"
- {{- end }}
- {{- if .Values.master.crdController | kindIs "invalid" | not }}
- - "-crd-controller={{ .Values.master.crdController }}"
- {{- else }}
- ## By default, disable crd controller for other than the default instances
- - "-featurerules-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- volumeMounts:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-master-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
- volumes:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- {{- end }}
- - name: nfd-master-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- items:
- - key: nfd-master.conf
- path: nfd-master.conf
-
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
deleted file mode 100644
index c806a8e5d9..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-master.conf: |-
- {{- .Values.master.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
deleted file mode 100644
index 9867f5089c..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-topology-updater.conf: |-
- {{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index 61d2a481aa..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/role.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
deleted file mode 100644
index f63cb8ff4f..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - create
- - get
- - update
-{{- end }}
-
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
deleted file mode 100644
index 30a00381f0..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "node-feature-discovery.fullname" . }}-worker
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index 0d4789818f..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port | default "8080" }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- role: master
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index 03211e7c49..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
-{{- if .Values.master.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if and .Values.topologyGC.enable .Values.topologyGC.serviceAccount.create .Values.topologyUpdater.enable }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
----
-{{- if .Values.worker.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/topology-gc.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/topology-gc.yaml
deleted file mode 100644
index 642fec4559..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/topology-gc.yaml
+++ /dev/null
@@ -1,64 +0,0 @@
-{{- if and .Values.topologyGC.enable .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-gc
-spec:
- replicas: {{ .Values.topologyGC.replicaCount | default 1 }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-gc
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-gc
- annotations:
- {{- toYaml .Values.topologyGC.annotations | nindent 8 }}
- spec:
- serviceAccountName: {{ .Values.topologyGC.serviceAccountName | default "nfd-topology-gc" }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyGC.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-gc
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-topology-gc"
- args:
- {{- if .Values.topologyGC.interval | empty | not }}
- - "-gc-interval={{ .Values.topologyGC.interval }}"
- {{- end }}
- resources:
- {{- toYaml .Values.topologyGC.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyGC.securityContext | nindent 12 }}
-
- {{- with .Values.topologyGC.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyGC.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyGC.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index b6b919689c..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,278 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.11.2
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: false
- - name: v1alpha2
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
- if needed'
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index cd3fca051e..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,142 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- annotations:
- {{- toYaml .Values.topologyUpdater.annotations | nindent 8 }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-topology-updater"
- args:
- - "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "-sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "-watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- {{- if .Values.topologyUpdater.podSetFingerprint }}
- - "-pods-fingerprint"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - "-kubelet-config-uri=file:///host-var/kubelet-config"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty }}
- # Disable kubelet state tracking by giving an empty path
- - "-kubelet-state-dir="
- {{- end }}
- volumeMounts:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- mountPath: /host-var/kubelet-config
- {{- end }}
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- mountPath: /host-var/lib/kubelet
- readOnly: true
- {{- end }}
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-topology-updater-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletStateDir }}
- {{- end }}
- - name: nfd-topology-updater-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- items:
- - key: nfd-topology-updater.conf
- path: nfd-topology-updater.conf
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index c1240bdc93..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,144 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- annotations:
- {{- toYaml .Values.worker.daemonsetAnnotations | nindent 4 }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- annotations:
- {{- toYaml .Values.worker.annotations | nindent 8 }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- - "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- {{- if .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api"
- {{- end }}
-{{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- - name: host-lib
- mountPath: "/host-lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- - name: host-lib
- hostPath:
- path: "/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.priorityClassName }}
- priorityClassName: {{ . | quote }}
- {{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/values.yaml b/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index d16d19d1ff..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,484 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.13.2-build20230605
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-namespaceOverride: ""
-
-enableNodeFeatureApi: false
-
-master:
- config: ###
- # noPublish: false
- # extraLabelNs: ["added.ns.io","added.kubernets.io"]
- # denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
- # resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
- # enableTaints: false
- # labelWhiteList: "foo"
- ###
- # The TCP port that nfd-master listens for incoming requests. Default: 8080
- port: 8080
- instance:
- featureApi:
- denyLabelNs: []
- extraLabelNs: []
- resourceLabels: []
- enableTaints: false
- crdController: null
- featureRulesController: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # local:
- # hooksEnabled: true
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # my-ng-feature: "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # my-ng-feature-2: "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
-###
-
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
- priorityClassName: ""
-
-topologyUpdater:
- config: ###
- ## key = node name, value = list of resources to be excluded.
- ## use * to exclude from all nodes.
- ## an example for how the exclude list should looks like
- #excludeList:
- # node1: [cpu]
- # node2: [memory, example/deviceA]
- # *: [hugepages-2Mi]
-###
-
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
- kubeletStateDir: /var/lib/kubelet
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- affinity: {}
- podSetFingerprint: true
-
-topologyGC:
- enable: true
- replicaCount: 1
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- interval: 1h
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/NOTES.txt b/charts/sriov/102.2.0+up0.1.0/templates/NOTES.txt
deleted file mode 100644
index 44a8bf935a..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/_helpers.tpl b/charts/sriov/102.2.0+up0.1.0/templates/_helpers.tpl
deleted file mode 100644
index dff1d171fe..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/_webhook-certs.tpl b/charts/sriov/102.2.0+up0.1.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/certmanagercerts.yaml b/charts/sriov/102.2.0+up0.1.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/clusterrole.yaml b/charts/sriov/102.2.0+up0.1.0/templates/clusterrole.yaml
deleted file mode 100644
index da327471f0..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,109 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: ["clusterroles", "clusterrolebindings"]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
-
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/clusterrolebinding.yaml b/charts/sriov/102.2.0+up0.1.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/configmap.yaml b/charts/sriov/102.2.0+up0.1.0/templates/configmap.yaml
deleted file mode 100644
index 455bd91ff0..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/configmap.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/operator.yaml b/charts/sriov/102.2.0+up0.1.0/templates/operator.yaml
deleted file mode 100644
index 0d39480e10..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/operator.yaml
+++ /dev/null
@@ -1,98 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- # Add fields here
- enableInjector: {{ .Values.operator.enableAdmissionController }}
- enableOperatorWebhook: {{ .Values.operator.enableAdmissionController }}
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: "true"}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.operator.nodeSelector }}
-{{ toYaml .Values.operator.nodeSelector | indent 8 }}
-{{- end }}
- tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.operator.tolerations }}
-{{ toYaml .Values.operator.tolerations | indent 8 }}
-{{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.repository }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- imagePullPolicy: IfNotPresent
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.repository }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.repository }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.repository }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.repository }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.repository }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.repository }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: ENABLE_ADMISSION_CONTROLLER
- value: {{ .Values.operator.enableAdmissionController | quote }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.enableAdmissionController }}
- {{- if not .Values.cert_manager }}
- - name: WEBHOOK_CA_BUNDLE
- value: "{{ include "sriov_operator_ca_cert" . }}"
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/role.yaml b/charts/sriov/102.2.0+up0.1.0/templates/role.yaml
deleted file mode 100644
index 35a9d50afc..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/role.yaml
+++ /dev/null
@@ -1,125 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/rolebinding.yaml b/charts/sriov/102.2.0+up0.1.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/secrets.yaml b/charts/sriov/102.2.0+up0.1.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/serviceaccount.yaml b/charts/sriov/102.2.0+up0.1.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/102.2.0+up0.1.0/templates/validate-install-crd.yaml b/charts/sriov/102.2.0+up0.1.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 48ffe70751..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/102.2.0+up0.1.0/values.yaml b/charts/sriov/102.2.0+up0.1.0/values.yaml
deleted file mode 100644
index 386c57e8a5..0000000000
--- a/charts/sriov/102.2.0+up0.1.0/values.yaml
+++ /dev/null
@@ -1,64 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [ "" ]
- - matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- enableAdmissionController: false
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
-
-# Image URIs for sriov-network-operator components
-images:
- operator:
- repository: rancher/hardened-sriov-network-operator
- tag: v1.2.0-build20221014
- sriovConfigDaemon:
- repository: rancher/hardened-sriov-network-config-daemon
- tag: v1.2.0-build20221014
- sriovCni:
- repository: rancher/hardened-sriov-cni
- tag: v2.6.3-build20221014
- ibSriovCni:
- repository: rancher/hardened-ib-sriov-cni
- tag: v1.0.2-build20221014
- sriovDevicePlugin:
- repository: rancher/hardened-sriov-network-device-plugin
- tag: v3.5.1-build20221014
- resourcesInjector:
- repository: rancher/hardened-sriov-network-resources-injector
- tag: v1.5-build20221014
- webhook:
- repository: rancher/hardened-sriov-network-webhook
- tag: v1.2.0-build20221014
-
-# cert_manager enables integration with cert-manager to generate
-# certificates for the operator webhooks. Otherwise the chart will
-# generate ad-hoc certificates with no automated renewal at expiration,
-# not recommended for production clusters.
-cert_manager: false
-
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/charts/sriov/103.0.0+up0.1.0/.helmignore b/charts/sriov/103.0.0+up0.1.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/103.0.0+up0.1.0/Chart.yaml b/charts/sriov/103.0.0+up0.1.0/Chart.yaml
deleted file mode 100644
index 5b57cfbfa0..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.28.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
-apiVersion: v2
-appVersion: 1.2.0
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 103.0.0+up0.1.0
diff --git a/charts/sriov/103.0.0+up0.1.0/README.md b/charts/sriov/103.0.0+up0.1.0/README.md
deleted file mode 100644
index b34d479bd0..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/README.md
+++ /dev/null
@@ -1,73 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.enableAdmissionController` | bool | `false` | Enable SR-IOV network resource injector and operator webhook |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clusterType` | string | `kubernetes` | Cluster environment type |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/103.0.0+up0.1.0/app-README.md b/charts/sriov/103.0.0+up0.1.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/.helmignore b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index a45c4dc393..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.14.1
-description: 'Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels. '
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.14.1
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/README.md b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/README.md
deleted file mode 100644
index 16b5254d53..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.14/deployment/helm.html)
-for deployment instructions.
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
deleted file mode 100644
index 6866c7ffe9..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
+++ /dev/null
@@ -1,361 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeatures.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeature
- listKind: NodeFeatureList
- plural: nodefeatures
- singular: nodefeature
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeature resource holds the features discovered for one node
- in the cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureSpec describes a NodeFeature object.
- properties:
- features:
- description: Features is the full "raw" features data that has been
- discovered.
- properties:
- attributes:
- additionalProperties:
- description: AttributeFeatureSet is a set of features having
- string value.
- properties:
- elements:
- additionalProperties:
- type: string
- type: object
- required:
- - elements
- type: object
- description: Attributes contains all the attribute-type features
- of the node.
- type: object
- flags:
- additionalProperties:
- description: FlagFeatureSet is a set of simple features only
- containing names without values.
- properties:
- elements:
- additionalProperties:
- description: Nil is a dummy empty struct for protobuf
- compatibility
- type: object
- type: object
- required:
- - elements
- type: object
- description: Flags contains all the flag-type features of the
- node.
- type: object
- instances:
- additionalProperties:
- description: InstanceFeatureSet is a set of features each of
- which is an instance having multiple attributes.
- properties:
- elements:
- items:
- description: InstanceFeature represents one instance of
- a complex features, e.g. a device.
- properties:
- attributes:
- additionalProperties:
- type: string
- type: object
- required:
- - attributes
- type: object
- type: array
- required:
- - elements
- type: object
- description: Instances contains all the instance-type features
- of the node.
- type: object
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels is the set of node labels that are requested to
- be created.
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- shortNames:
- - nfr
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- extendedResources:
- additionalProperties:
- type: string
- description: ExtendedResources to create if the rule matches.
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against. \n NB: CreateMatchExpression
- or MustCreateMatchExpression() should be used
- for creating new instances. \n NB: Validate()
- must be called if Op or Value fields are modified
- or if a new instance is created from scratch
- without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of
- MatchExpressions, each of which is evaluated against
- a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against. \n NB: CreateMatchExpression or
- MustCreateMatchExpression() should be used for creating
- new instances. \n NB: Validate() must be called if
- Op or Value fields are modified or if a new instance
- is created from scratch without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of MatchExpressions,
- each of which is evaluated against a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- taints:
- description: Taints to create if the rule matches.
- items:
- description: The node this Taint is attached to has the "effect"
- on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are NoSchedule,
- PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which the
- taint was added. It is only written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 928ece78f8..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,107 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Allow the release namespace to be overridden for multi-namespace deployments in combined charts
-*/}}
-{{- define "node-feature-discovery.namespace" -}}
- {{- if .Values.namespaceOverride -}}
- {{- .Values.namespaceOverride -}}
- {{- else -}}
- {{- .Release.Namespace -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which nfd-gc will use
-*/}}
-{{- define "node-feature-discovery.gc.serviceAccountName" -}}
-{{- if .Values.gc.serviceAccount.create -}}
- {{ default (printf "%s-gc" (include "node-feature-discovery.fullname" .)) .Values.gc.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.gc.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index ac2e51fc11..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-{{- if .Values.tls.certManager }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- # localhost needed for grpc_health_probe
- - localhost
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index f3c57acea1..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index d4329338be..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,119 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- - nodes/status
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- resourceNames:
- - "nfd-master.nfd.kubernetes.io"
- verbs:
- - get
- - update
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - delete
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - delete
- - list
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index 8e3aef83e1..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-gc
-subjects:
-- kind: ServiceAccount
- name: {{ .Values.gc.serviceAccount.name | default "nfd-gc" }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index e77ca136c0..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,159 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- {{- with .Values.master.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- {{- with .Values.master.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- enableServiceLinks: false
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:{{ .Values.master.port | default "8080" }}"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:{{ .Values.master.port | default "8080" }}"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: {{ .Values.master.port | default "8080" }}
- name: grpc
- - containerPort: {{ .Values.master.metricsPort | default "8081" }}
- name: metrics
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "-instance={{ .Values.master.instance }}"
- {{- end }}
- - "-port={{ .Values.master.port | default "8080" }}"
- {{- if not .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api=false"
- {{- else if gt (int .Values.master.replicaCount) 1 }}
- - "-enable-leader-election"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.denyLabelNs | empty | not }}
- - "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "-resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.enableTaints }}
- - "-enable-taints"
- {{- end }}
- {{- if .Values.master.crdController | kindIs "invalid" | not }}
- - "-crd-controller={{ .Values.master.crdController }}"
- {{- else }}
- ## By default, disable crd controller for other than the default instances
- - "-crd-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- end }}
- {{- if .Values.master.resyncPeriod }}
- - "-resync-period={{ .Values.master.resyncPeriod }}"
- {{- end }}
- {{- if .Values.master.nfdApiParallelism | empty | not }}
- - "-nfd-api-parallelism={{ .Values.master.nfdApiParallelism }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- - "-metrics={{ .Values.master.metricsPort | default "8081" }}"
- volumeMounts:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-master-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
- volumes:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- {{- end }}
- - name: nfd-master-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- items:
- - key: nfd-master.conf
- path: nfd-master.conf
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
deleted file mode 100644
index ec67a114e5..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-{{- if and .Values.gc.enable (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: gc
- {{- with .Values.gc.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.gc.replicaCount | default 1 }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: gc
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: gc
- {{- with .Values.gc.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ .Values.gc.serviceAccountName | default "nfd-gc" }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.gc.podSecurityContext | nindent 8 }}
- containers:
- - name: gc
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-gc"
- args:
- {{- if .Values.gc.interval | empty | not }}
- - "-gc-interval={{ .Values.gc.interval }}"
- {{- end }}
- resources:
- {{- toYaml .Values.gc.resources | nindent 12 }}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
-
- {{- with .Values.gc.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
deleted file mode 100644
index c806a8e5d9..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-master.conf: |-
- {{- .Values.master.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
deleted file mode 100644
index 9867f5089c..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-topology-updater.conf: |-
- {{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index 61d2a481aa..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
deleted file mode 100644
index b9f4b46405..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- if .Values.prometheus.enable }}
-# Prometheus Monitor Service (Metrics)
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- {{- with .Values.prometheus.labels }}
- {{ toYaml . | nindent 4 }}
- {{- end }}
-spec:
- podMetricsEndpoints:
- - honorLabels: true
- interval: 10s
- path: /metrics
- port: metrics
- scheme: http
- namespaceSelector:
- matchNames:
- - {{ include "node-feature-discovery.namespace" . }}
- selector:
- matchExpressions:
- - {key: app.kubernetes.io/instance, operator: In, values: ["{{ .Release.Name }}"]}
- - {key: app.kubernetes.io/name, operator: In, values: ["{{ include "node-feature-discovery.name" . }}"]}
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/role.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
deleted file mode 100644
index c71ede442b..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - create
- - get
- - update
-{{- end }}
-
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
deleted file mode 100644
index d8025be9bb..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "node-feature-discovery.fullname" . }}-worker
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index 0d4789818f..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port | default "8080" }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- role: master
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index dae09503e4..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
-{{- if .Values.master.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ .Values.gc.serviceAccount.name | default "nfd-gc" }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.gc.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if .Values.worker.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index b6b919689c..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,278 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.11.2
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: false
- - name: v1alpha2
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
- if needed'
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index f51c10e6dc..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,156 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: NODE_ADDRESS
- valueFrom:
- fieldRef:
- fieldPath: status.hostIP
- command:
- - "nfd-topology-updater"
- args:
- - "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "-sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "-watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- {{- if .Values.topologyUpdater.podSetFingerprint }}
- - "-pods-fingerprint"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - "-kubelet-config-uri=file:///host-var/kubelet-config"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty }}
- # Disable kubelet state tracking by giving an empty path
- - "-kubelet-state-dir="
- {{- end }}
- - -metrics={{ .Values.topologyUpdater.metricsPort | default "8081"}}
- ports:
- - name: metrics
- containerPort: {{ .Values.topologyUpdater.metricsPort | default "8081"}}
- volumeMounts:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- mountPath: /host-var/kubelet-config
- {{- end }}
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- mountPath: /host-var/lib/kubelet
- readOnly: true
- {{- end }}
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-topology-updater-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletStateDir }}
- {{- end }}
- - name: nfd-topology-updater-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- items:
- - key: nfd-topology-updater.conf
- path: nfd-topology-updater.conf
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index 0e56eb5d1d..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,152 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- {{- with .Values.worker.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- {{- with .Values.worker.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- - "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- {{- if not .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api=false"
- {{- end }}
-{{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- - "-metrics={{ .Values.worker.metricsPort | default "8081"}}"
- ports:
- - name: metrics
- containerPort: {{ .Values.worker.metricsPort | default "8081"}}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- - name: host-lib
- mountPath: "/host-lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- - name: host-lib
- hostPath:
- path: "/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.priorityClassName }}
- priorityClassName: {{ . | quote }}
- {{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/values.yaml b/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index c3f372c798..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,513 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.14.1-build20230926
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-namespaceOverride: ""
-
-enableNodeFeatureApi: true
-
-master:
- config: ###
- # noPublish: false
- # extraLabelNs: ["added.ns.io","added.kubernets.io"]
- # denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
- # resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
- # enableTaints: false
- # labelWhiteList: "foo"
- # resyncPeriod: "2h"
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-master restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- # leaderElection:
- # leaseDuration: 15s
- # # this value has to be lower than leaseDuration and greater than retryPeriod*1.2
- # renewDeadline: 10s
- # # this value has to be greater than 0
- # retryPeriod: 2s
- # nfdApiParallelism: 10
- ###
- # The TCP port that nfd-master listens for incoming requests. Default: 8080
- port: 8080
- metricsPort: 8081
- instance:
- featureApi:
- resyncPeriod:
- denyLabelNs: []
- extraLabelNs: []
- resourceLabels: []
- enableTaints: false
- crdController: null
- featureRulesController: null
- nfdApiParallelism: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # - "TDX_GUEST"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # local:
- # hooksEnabled: false
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # my-ng-feature: "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # my-ng-feature-2: "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
-###
-
- metricsPort: 8081
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
- priorityClassName: ""
-
-topologyUpdater:
- config: ###
- ## key = node name, value = list of resources to be excluded.
- ## use * to exclude from all nodes.
- ## an example for how the exclude list should looks like
- #excludeList:
- # node1: [cpu]
- # node2: [memory, example/deviceA]
- # *: [hugepages-2Mi]
-###
-
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- metricsPort: 8081
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
- kubeletStateDir: /var/lib/kubelet
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- daemonsetAnnotations: {}
- affinity: {}
- podSetFingerprint: true
-
-gc:
- enable: true
- replicaCount: 1
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- interval: 1h
-
- podSecurityContext: {}
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- deploymentAnnotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
-
-prometheus:
- enable: false
- labels: {}
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/NOTES.txt b/charts/sriov/103.0.0+up0.1.0/templates/NOTES.txt
deleted file mode 100644
index 44a8bf935a..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/_helpers.tpl b/charts/sriov/103.0.0+up0.1.0/templates/_helpers.tpl
deleted file mode 100644
index dff1d171fe..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/_webhook-certs.tpl b/charts/sriov/103.0.0+up0.1.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/certmanagercerts.yaml b/charts/sriov/103.0.0+up0.1.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/clusterrole.yaml b/charts/sriov/103.0.0+up0.1.0/templates/clusterrole.yaml
deleted file mode 100644
index da327471f0..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,109 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: ["clusterroles", "clusterrolebindings"]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
-
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/clusterrolebinding.yaml b/charts/sriov/103.0.0+up0.1.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/configmap.yaml b/charts/sriov/103.0.0+up0.1.0/templates/configmap.yaml
deleted file mode 100644
index 455bd91ff0..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/configmap.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/operator.yaml b/charts/sriov/103.0.0+up0.1.0/templates/operator.yaml
deleted file mode 100644
index 0d39480e10..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/operator.yaml
+++ /dev/null
@@ -1,98 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- # Add fields here
- enableInjector: {{ .Values.operator.enableAdmissionController }}
- enableOperatorWebhook: {{ .Values.operator.enableAdmissionController }}
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: "true"}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.operator.nodeSelector }}
-{{ toYaml .Values.operator.nodeSelector | indent 8 }}
-{{- end }}
- tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.operator.tolerations }}
-{{ toYaml .Values.operator.tolerations | indent 8 }}
-{{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.repository }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- imagePullPolicy: IfNotPresent
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.repository }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.repository }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.repository }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.repository }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.repository }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.repository }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: ENABLE_ADMISSION_CONTROLLER
- value: {{ .Values.operator.enableAdmissionController | quote }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.enableAdmissionController }}
- {{- if not .Values.cert_manager }}
- - name: WEBHOOK_CA_BUNDLE
- value: "{{ include "sriov_operator_ca_cert" . }}"
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/role.yaml b/charts/sriov/103.0.0+up0.1.0/templates/role.yaml
deleted file mode 100644
index 35a9d50afc..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/role.yaml
+++ /dev/null
@@ -1,125 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/rolebinding.yaml b/charts/sriov/103.0.0+up0.1.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/secrets.yaml b/charts/sriov/103.0.0+up0.1.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/serviceaccount.yaml b/charts/sriov/103.0.0+up0.1.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/103.0.0+up0.1.0/templates/validate-install-crd.yaml b/charts/sriov/103.0.0+up0.1.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 48ffe70751..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/103.0.0+up0.1.0/values.yaml b/charts/sriov/103.0.0+up0.1.0/values.yaml
deleted file mode 100644
index a112839565..0000000000
--- a/charts/sriov/103.0.0+up0.1.0/values.yaml
+++ /dev/null
@@ -1,64 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [ "" ]
- - matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- enableAdmissionController: false
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
-
-# Image URIs for sriov-network-operator components
-images:
- operator:
- repository: rancher/hardened-sriov-network-operator
- tag: v1.2.0-build20230912
- sriovConfigDaemon:
- repository: rancher/hardened-sriov-network-config-daemon
- tag: v1.2.0-build20230912
- sriovCni:
- repository: rancher/hardened-sriov-cni
- tag: v2.6.3-build20230913
- ibSriovCni:
- repository: rancher/hardened-ib-sriov-cni
- tag: v1.0.2-build20230911
- sriovDevicePlugin:
- repository: rancher/hardened-sriov-network-device-plugin
- tag: v3.5.1-build20230911
- resourcesInjector:
- repository: rancher/hardened-sriov-network-resources-injector
- tag: v1.5-build20230911
- webhook:
- repository: rancher/hardened-sriov-network-webhook
- tag: v1.2.0-build20230912
-
-# cert_manager enables integration with cert-manager to generate
-# certificates for the operator webhooks. Otherwise the chart will
-# generate ad-hoc certificates with no automated renewal at expiration,
-# not recommended for production clusters.
-cert_manager: false
-
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/charts/sriov/103.1.0+up0.1.0/.helmignore b/charts/sriov/103.1.0+up0.1.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/103.1.0+up0.1.0/Chart.yaml b/charts/sriov/103.1.0+up0.1.0/Chart.yaml
deleted file mode 100644
index d56e63daf0..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.29.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
-apiVersion: v2
-appVersion: 1.2.0
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 103.1.0+up0.1.0
diff --git a/charts/sriov/103.1.0+up0.1.0/README.md b/charts/sriov/103.1.0+up0.1.0/README.md
deleted file mode 100644
index b34d479bd0..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/README.md
+++ /dev/null
@@ -1,73 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.enableAdmissionController` | bool | `false` | Enable SR-IOV network resource injector and operator webhook |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clusterType` | string | `kubernetes` | Cluster environment type |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/103.1.0+up0.1.0/app-README.md b/charts/sriov/103.1.0+up0.1.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/.helmignore b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index a45c4dc393..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.14.1
-description: 'Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels. '
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.14.1
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/README.md b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/README.md
deleted file mode 100644
index 16b5254d53..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.14/deployment/helm.html)
-for deployment instructions.
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
deleted file mode 100644
index 6866c7ffe9..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
+++ /dev/null
@@ -1,361 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeatures.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeature
- listKind: NodeFeatureList
- plural: nodefeatures
- singular: nodefeature
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeature resource holds the features discovered for one node
- in the cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureSpec describes a NodeFeature object.
- properties:
- features:
- description: Features is the full "raw" features data that has been
- discovered.
- properties:
- attributes:
- additionalProperties:
- description: AttributeFeatureSet is a set of features having
- string value.
- properties:
- elements:
- additionalProperties:
- type: string
- type: object
- required:
- - elements
- type: object
- description: Attributes contains all the attribute-type features
- of the node.
- type: object
- flags:
- additionalProperties:
- description: FlagFeatureSet is a set of simple features only
- containing names without values.
- properties:
- elements:
- additionalProperties:
- description: Nil is a dummy empty struct for protobuf
- compatibility
- type: object
- type: object
- required:
- - elements
- type: object
- description: Flags contains all the flag-type features of the
- node.
- type: object
- instances:
- additionalProperties:
- description: InstanceFeatureSet is a set of features each of
- which is an instance having multiple attributes.
- properties:
- elements:
- items:
- description: InstanceFeature represents one instance of
- a complex features, e.g. a device.
- properties:
- attributes:
- additionalProperties:
- type: string
- type: object
- required:
- - attributes
- type: object
- type: array
- required:
- - elements
- type: object
- description: Instances contains all the instance-type features
- of the node.
- type: object
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels is the set of node labels that are requested to
- be created.
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- shortNames:
- - nfr
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- extendedResources:
- additionalProperties:
- type: string
- description: ExtendedResources to create if the rule matches.
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against. \n NB: CreateMatchExpression
- or MustCreateMatchExpression() should be used
- for creating new instances. \n NB: Validate()
- must be called if Op or Value fields are modified
- or if a new instance is created from scratch
- without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of
- MatchExpressions, each of which is evaluated against
- a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- type: string
- matchExpressions:
- additionalProperties:
- description: "MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against. \n NB: CreateMatchExpression or
- MustCreateMatchExpression() should be used for creating
- new instances. \n NB: Validate() must be called if
- Op or Value fields are modified or if a new instance
- is created from scratch without using the helper functions."
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressionSet contains a set of MatchExpressions,
- each of which is evaluated against a set of input values.
- type: object
- required:
- - feature
- - matchExpressions
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- taints:
- description: Taints to create if the rule matches.
- items:
- description: The node this Taint is attached to has the "effect"
- on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are NoSchedule,
- PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which the
- taint was added. It is only written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 928ece78f8..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,107 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Allow the release namespace to be overridden for multi-namespace deployments in combined charts
-*/}}
-{{- define "node-feature-discovery.namespace" -}}
- {{- if .Values.namespaceOverride -}}
- {{- .Values.namespaceOverride -}}
- {{- else -}}
- {{- .Release.Namespace -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which nfd-gc will use
-*/}}
-{{- define "node-feature-discovery.gc.serviceAccountName" -}}
-{{- if .Values.gc.serviceAccount.create -}}
- {{ default (printf "%s-gc" (include "node-feature-discovery.fullname" .)) .Values.gc.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.gc.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index ac2e51fc11..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-{{- if .Values.tls.certManager }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- # localhost needed for grpc_health_probe
- - localhost
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index f3c57acea1..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index d4329338be..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,119 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- - nodes/status
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- resourceNames:
- - "nfd-master.nfd.kubernetes.io"
- verbs:
- - get
- - update
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - delete
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - delete
- - list
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index 8e3aef83e1..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-gc
-subjects:
-- kind: ServiceAccount
- name: {{ .Values.gc.serviceAccount.name | default "nfd-gc" }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index e77ca136c0..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,159 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- {{- with .Values.master.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- {{- with .Values.master.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- enableServiceLinks: false
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:{{ .Values.master.port | default "8080" }}"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- exec:
- command:
- - "/usr/bin/grpc_health_probe"
- - "-addr=:{{ .Values.master.port | default "8080" }}"
- {{- if .Values.tls.enable }}
- - "-tls"
- - "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: {{ .Values.master.port | default "8080" }}
- name: grpc
- - containerPort: {{ .Values.master.metricsPort | default "8081" }}
- name: metrics
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "-instance={{ .Values.master.instance }}"
- {{- end }}
- - "-port={{ .Values.master.port | default "8080" }}"
- {{- if not .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api=false"
- {{- else if gt (int .Values.master.replicaCount) 1 }}
- - "-enable-leader-election"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.denyLabelNs | empty | not }}
- - "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "-resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.enableTaints }}
- - "-enable-taints"
- {{- end }}
- {{- if .Values.master.crdController | kindIs "invalid" | not }}
- - "-crd-controller={{ .Values.master.crdController }}"
- {{- else }}
- ## By default, disable crd controller for other than the default instances
- - "-crd-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- end }}
- {{- if .Values.master.resyncPeriod }}
- - "-resync-period={{ .Values.master.resyncPeriod }}"
- {{- end }}
- {{- if .Values.master.nfdApiParallelism | empty | not }}
- - "-nfd-api-parallelism={{ .Values.master.nfdApiParallelism }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- - "-metrics={{ .Values.master.metricsPort | default "8081" }}"
- volumeMounts:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-master-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
- volumes:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- {{- end }}
- - name: nfd-master-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- items:
- - key: nfd-master.conf
- path: nfd-master.conf
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
deleted file mode 100644
index ec67a114e5..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
+++ /dev/null
@@ -1,74 +0,0 @@
-{{- if and .Values.gc.enable (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: gc
- {{- with .Values.gc.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.gc.replicaCount | default 1 }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: gc
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: gc
- {{- with .Values.gc.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ .Values.gc.serviceAccountName | default "nfd-gc" }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.gc.podSecurityContext | nindent 8 }}
- containers:
- - name: gc
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-gc"
- args:
- {{- if .Values.gc.interval | empty | not }}
- - "-gc-interval={{ .Values.gc.interval }}"
- {{- end }}
- resources:
- {{- toYaml .Values.gc.resources | nindent 12 }}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
-
- {{- with .Values.gc.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
deleted file mode 100644
index c806a8e5d9..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-master.conf: |-
- {{- .Values.master.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
deleted file mode 100644
index 9867f5089c..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-topology-updater.conf: |-
- {{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index 61d2a481aa..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
deleted file mode 100644
index b9f4b46405..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- if .Values.prometheus.enable }}
-# Prometheus Monitor Service (Metrics)
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- {{- with .Values.prometheus.labels }}
- {{ toYaml . | nindent 4 }}
- {{- end }}
-spec:
- podMetricsEndpoints:
- - honorLabels: true
- interval: 10s
- path: /metrics
- port: metrics
- scheme: http
- namespaceSelector:
- matchNames:
- - {{ include "node-feature-discovery.namespace" . }}
- selector:
- matchExpressions:
- - {key: app.kubernetes.io/instance, operator: In, values: ["{{ .Release.Name }}"]}
- - {key: app.kubernetes.io/name, operator: In, values: ["{{ include "node-feature-discovery.name" . }}"]}
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/role.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
deleted file mode 100644
index c71ede442b..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - create
- - get
- - update
-{{- end }}
-
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
deleted file mode 100644
index d8025be9bb..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "node-feature-discovery.fullname" . }}-worker
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index 0d4789818f..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port | default "8080" }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- role: master
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index dae09503e4..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
-{{- if .Values.master.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ .Values.gc.serviceAccount.name | default "nfd-gc" }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.gc.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if .Values.worker.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index b6b919689c..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,278 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.11.2
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: false
- - name: v1alpha2
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
- if needed'
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index f51c10e6dc..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,156 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: NODE_ADDRESS
- valueFrom:
- fieldRef:
- fieldPath: status.hostIP
- command:
- - "nfd-topology-updater"
- args:
- - "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "-sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "-watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- {{- if .Values.topologyUpdater.podSetFingerprint }}
- - "-pods-fingerprint"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - "-kubelet-config-uri=file:///host-var/kubelet-config"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty }}
- # Disable kubelet state tracking by giving an empty path
- - "-kubelet-state-dir="
- {{- end }}
- - -metrics={{ .Values.topologyUpdater.metricsPort | default "8081"}}
- ports:
- - name: metrics
- containerPort: {{ .Values.topologyUpdater.metricsPort | default "8081"}}
- volumeMounts:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- mountPath: /host-var/kubelet-config
- {{- end }}
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- mountPath: /host-var/lib/kubelet
- readOnly: true
- {{- end }}
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-topology-updater-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletStateDir }}
- {{- end }}
- - name: nfd-topology-updater-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- items:
- - key: nfd-topology-updater.conf
- path: nfd-topology-updater.conf
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index 0e56eb5d1d..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,152 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- {{- with .Values.worker.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- {{- with .Values.worker.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- - "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- {{- if not .Values.enableNodeFeatureApi }}
- - "-enable-nodefeature-api=false"
- {{- end }}
-{{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- - "-metrics={{ .Values.worker.metricsPort | default "8081"}}"
- ports:
- - name: metrics
- containerPort: {{ .Values.worker.metricsPort | default "8081"}}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- - name: host-lib
- mountPath: "/host-lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- - name: host-lib
- hostPath:
- path: "/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.priorityClassName }}
- priorityClassName: {{ . | quote }}
- {{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/values.yaml b/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index c3f372c798..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,513 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.14.1-build20230926
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-namespaceOverride: ""
-
-enableNodeFeatureApi: true
-
-master:
- config: ###
- # noPublish: false
- # extraLabelNs: ["added.ns.io","added.kubernets.io"]
- # denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
- # resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
- # enableTaints: false
- # labelWhiteList: "foo"
- # resyncPeriod: "2h"
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-master restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- # leaderElection:
- # leaseDuration: 15s
- # # this value has to be lower than leaseDuration and greater than retryPeriod*1.2
- # renewDeadline: 10s
- # # this value has to be greater than 0
- # retryPeriod: 2s
- # nfdApiParallelism: 10
- ###
- # The TCP port that nfd-master listens for incoming requests. Default: 8080
- port: 8080
- metricsPort: 8081
- instance:
- featureApi:
- resyncPeriod:
- denyLabelNs: []
- extraLabelNs: []
- resourceLabels: []
- enableTaints: false
- crdController: null
- featureRulesController: null
- nfdApiParallelism: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # - "TDX_GUEST"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # local:
- # hooksEnabled: false
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # my-ng-feature: "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # my-ng-feature-2: "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
-###
-
- metricsPort: 8081
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
- priorityClassName: ""
-
-topologyUpdater:
- config: ###
- ## key = node name, value = list of resources to be excluded.
- ## use * to exclude from all nodes.
- ## an example for how the exclude list should looks like
- #excludeList:
- # node1: [cpu]
- # node2: [memory, example/deviceA]
- # *: [hugepages-2Mi]
-###
-
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- metricsPort: 8081
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
- kubeletStateDir: /var/lib/kubelet
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- daemonsetAnnotations: {}
- affinity: {}
- podSetFingerprint: true
-
-gc:
- enable: true
- replicaCount: 1
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- interval: 1h
-
- podSecurityContext: {}
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- deploymentAnnotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
-
-prometheus:
- enable: false
- labels: {}
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/NOTES.txt b/charts/sriov/103.1.0+up0.1.0/templates/NOTES.txt
deleted file mode 100644
index 44a8bf935a..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/_helpers.tpl b/charts/sriov/103.1.0+up0.1.0/templates/_helpers.tpl
deleted file mode 100644
index dff1d171fe..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/_webhook-certs.tpl b/charts/sriov/103.1.0+up0.1.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/certmanagercerts.yaml b/charts/sriov/103.1.0+up0.1.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/clusterrole.yaml b/charts/sriov/103.1.0+up0.1.0/templates/clusterrole.yaml
deleted file mode 100644
index da327471f0..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,109 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: ["clusterroles", "clusterrolebindings"]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
-
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/clusterrolebinding.yaml b/charts/sriov/103.1.0+up0.1.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/configmap.yaml b/charts/sriov/103.1.0+up0.1.0/templates/configmap.yaml
deleted file mode 100644
index 455bd91ff0..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/configmap.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/operator.yaml b/charts/sriov/103.1.0+up0.1.0/templates/operator.yaml
deleted file mode 100644
index 0d39480e10..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/operator.yaml
+++ /dev/null
@@ -1,98 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- # Add fields here
- enableInjector: {{ .Values.operator.enableAdmissionController }}
- enableOperatorWebhook: {{ .Values.operator.enableAdmissionController }}
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: "true"}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.operator.nodeSelector }}
-{{ toYaml .Values.operator.nodeSelector | indent 8 }}
-{{- end }}
- tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.operator.tolerations }}
-{{ toYaml .Values.operator.tolerations | indent 8 }}
-{{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.repository }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- imagePullPolicy: IfNotPresent
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.repository }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.repository }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.repository }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.repository }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.repository }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.repository }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: ENABLE_ADMISSION_CONTROLLER
- value: {{ .Values.operator.enableAdmissionController | quote }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.enableAdmissionController }}
- {{- if not .Values.cert_manager }}
- - name: WEBHOOK_CA_BUNDLE
- value: "{{ include "sriov_operator_ca_cert" . }}"
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/role.yaml b/charts/sriov/103.1.0+up0.1.0/templates/role.yaml
deleted file mode 100644
index 35a9d50afc..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/role.yaml
+++ /dev/null
@@ -1,125 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/rolebinding.yaml b/charts/sriov/103.1.0+up0.1.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/secrets.yaml b/charts/sriov/103.1.0+up0.1.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/serviceaccount.yaml b/charts/sriov/103.1.0+up0.1.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/103.1.0+up0.1.0/templates/validate-install-crd.yaml b/charts/sriov/103.1.0+up0.1.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 48ffe70751..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/103.1.0+up0.1.0/values.yaml b/charts/sriov/103.1.0+up0.1.0/values.yaml
deleted file mode 100644
index a112839565..0000000000
--- a/charts/sriov/103.1.0+up0.1.0/values.yaml
+++ /dev/null
@@ -1,64 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [ "" ]
- - matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- enableAdmissionController: false
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
-
-# Image URIs for sriov-network-operator components
-images:
- operator:
- repository: rancher/hardened-sriov-network-operator
- tag: v1.2.0-build20230912
- sriovConfigDaemon:
- repository: rancher/hardened-sriov-network-config-daemon
- tag: v1.2.0-build20230912
- sriovCni:
- repository: rancher/hardened-sriov-cni
- tag: v2.6.3-build20230913
- ibSriovCni:
- repository: rancher/hardened-ib-sriov-cni
- tag: v1.0.2-build20230911
- sriovDevicePlugin:
- repository: rancher/hardened-sriov-network-device-plugin
- tag: v3.5.1-build20230911
- resourcesInjector:
- repository: rancher/hardened-sriov-network-resources-injector
- tag: v1.5-build20230911
- webhook:
- repository: rancher/hardened-sriov-network-webhook
- tag: v1.2.0-build20230912
-
-# cert_manager enables integration with cert-manager to generate
-# certificates for the operator webhooks. Otherwise the chart will
-# generate ad-hoc certificates with no automated renewal at expiration,
-# not recommended for production clusters.
-cert_manager: false
-
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/charts/sriov/104.0.0+up0.1.0/.helmignore b/charts/sriov/104.0.0+up0.1.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/104.0.0+up0.1.0/Chart.yaml b/charts/sriov/104.0.0+up0.1.0/Chart.yaml
deleted file mode 100644
index f9d7ecd233..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.30.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
-apiVersion: v2
-appVersion: 1.2.0
-dependencies:
-- condition: rancher-nfd.enabled
- name: rancher-nfd
- repository: file://./charts/rancher-nfd
- version: 0.15.4
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0-0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 104.0.0+up0.1.0
diff --git a/charts/sriov/104.0.0+up0.1.0/README.md b/charts/sriov/104.0.0+up0.1.0/README.md
deleted file mode 100644
index b2a57c4185..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/README.md
+++ /dev/null
@@ -1,129 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-In the case that [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) is enabled, the sriov network operator namespace will require a security level of 'privileged'
-```
-$ kubectl label ns sriov-network-operator pod-security.kubernetes.io/enforce=privileged
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-| Name | Type | Default | description |
-| ---- |------|---------|-------------|
-| `imagePullSecrets` | list | `[]` | An optional list of references to secrets to use for pulling any of the SR-IOV Network Operator image |
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.tolerations` | list | `[{"key":"node-role.kubernetes.io/master","operator":"Exists","effect":"NoSchedule"},{"key":"node-role.kubernetes.io/control-plane","operator":"Exists","effect":"NoSchedule"}]` | Operator's tolerations |
-| `operator.nodeSelector` | object | {} | Operator's node selector |
-| `operator.affinity` | object | `{"nodeAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"weight":1,"preference":{"matchExpressions":[{"key":"node-role.kubernetes.io/master","operator":"In","values":[""]}]}},{"weight":1,"preference":{"matchExpressions":[{"key":"node-role.kubernetes.io/control-plane","operator":"In","values":[""]}]}}]}}` | Operator's afffinity configuration |
-| `operator.nameOverride` | string | `` | Operator's resource name override |
-| `operator.fullnameOverride` | string | `` | Operator's resource full name override |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clustertype` | string | `kubernetes` | Cluster environment type |
-
-#### Admission Controllers parameters
-
-The admission controllers can be enabled by switching on a single parameter `operator.admissionControllers.enabled`. By
-default, the user needs to pre-create Kubernetes Secrets that match the names provided in
-`operator.admissionControllers.certificates.secretNames`. The secrets should have 3 fields populated with the relevant
-content:
-* `ca.crt` (value needs to be base64 encoded twice)
-* `tls.crt`
-* `tls.key`
-
-Aside from the aforementioned mode, the chart supports 3 more modes for certificate consumption by the admission
-controllers, which can be found in the table below. In a nutshell, the modes that are supported are:
-* Consume pre-created Certificates managed by cert-manager
-* Generate self signed Certificates managed by cert-manager
-* Specify the content of the certificates as Helm values
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.admissionControllers.enabled` | bool | false | Flag that switches on the admission controllers |
-| `operator.admissionControllers.certificates.secretNames.operator` | string | `operator-webhook-cert` | Secret that stores the certificate for the Operator's admission controller |
-| `operator.admissionControllers.certificates.secretNames.injector` | string | `network-resources-injector-cert` | Secret that stores the certificate for the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.certManager.enabled` | bool | false | Flag that switches on consumption of certificates managed by cert-manager |
-| `operator.admissionControllers.certificates.certManager.generateSelfSigned` | bool | false | Flag that switches on generation of self signed certificates managed by cert-manager. The secrets in which the certificates are stored will have the names provided in `operator.admissionControllers.certificates.secretNames` |
-| `operator.admissionControllers.certificates.custom.enabled` | bool | false | Flag that switches on consumption of user provided certificates that are part of `operator.admissionControllers.certificates.custom.operator` and `operator.admissionControllers.certificates.custom.injector` objects |
-| `operator.admissionControllers.certificates.custom.operator.caCrt` | string | `` | The CA certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.operator.tlsCrt` | string | `` | The public part of the certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.operator.tlsKey` | string | `` | The private part of the certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.caCrt` | string | `` | The CA certificate to be used by the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.tlsCrt` | string | `` | The public part of the certificate to be used by the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.tlsKey` | string | `` | The private part of the certificate to be used by the Network Resources Injector's admission controller |
-
-### SR-IOV Operator Configuration Parameters
-
-This section contains general parameters that apply to both the operator and daemon componets of SR-IOV Network Operator.
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `sriovOperatorConfig.deploy` | bool | `false` | deploy SriovOperatorConfig custom resource |
-| `sriovOperatorConfig.configDaemonNodeSelector` | map[string]string | `{}` | node slectors for sriov-network-config-daemon |
-| `sriovOperatorConfig.logLevel` | int | `2` | log level for both operator and sriov-network-config-daemon |
-| `sriovOperatorConfig.disableDrain` | bool | `false` | disable node draining when configuring SR-IOV, set to true in case of a single node cluster or any other justifiable reason |
-| `sriovOperatorConfig.configurationMode` | string | `daemon` | sriov-network-config-daemon configuration mode. either `daemon` or `systemd` |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/104.0.0+up0.1.0/app-README.md b/charts/sriov/104.0.0+up0.1.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/.helmignore b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index 1c4c2093ff..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.15.4
-description: Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.15.4
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/README.md b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/README.md
deleted file mode 100644
index b8b7d90caf..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.15/deployment/helm.html)
-for deployment instructions.
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
deleted file mode 100644
index 4e63041630..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
+++ /dev/null
@@ -1,426 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeatures.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeature
- listKind: NodeFeatureList
- plural: nodefeatures
- singular: nodefeature
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeature resource holds the features discovered for one node
- in the cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureSpec describes a NodeFeature object.
- properties:
- features:
- description: Features is the full "raw" features data that has been
- discovered.
- properties:
- attributes:
- additionalProperties:
- description: AttributeFeatureSet is a set of features having
- string value.
- properties:
- elements:
- additionalProperties:
- type: string
- type: object
- required:
- - elements
- type: object
- description: Attributes contains all the attribute-type features
- of the node.
- type: object
- flags:
- additionalProperties:
- description: FlagFeatureSet is a set of simple features only
- containing names without values.
- properties:
- elements:
- additionalProperties:
- description: Nil is a dummy empty struct for protobuf
- compatibility
- type: object
- type: object
- required:
- - elements
- type: object
- description: Flags contains all the flag-type features of the
- node.
- type: object
- instances:
- additionalProperties:
- description: InstanceFeatureSet is a set of features each of
- which is an instance having multiple attributes.
- properties:
- elements:
- items:
- description: InstanceFeature represents one instance of
- a complex features, e.g. a device.
- properties:
- attributes:
- additionalProperties:
- type: string
- type: object
- required:
- - attributes
- type: object
- type: array
- required:
- - elements
- type: object
- description: Instances contains all the instance-type features
- of the node.
- type: object
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels is the set of node labels that are requested to
- be created.
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- shortNames:
- - nfr
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotations to create if the rule matches.
- type: object
- extendedResources:
- additionalProperties:
- type: string
- description: ExtendedResources to create if the rule matches.
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- description: Feature is the name of the feature
- set to match against.
- type: string
- matchExpressions:
- additionalProperties:
- description: MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressions is the set of per-element
- expressions evaluated. These match against the
- value of the specified elements.
- type: object
- matchName:
- description: MatchName in an expression that is
- matched against the name of each element in the
- feature set.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against. Value
- should be empty if the operator is Exists,
- DoesNotExist, IsTrue or IsFalse. Value should
- contain exactly one element if the operator
- is Gt or Lt and exactly two elements if the
- operator is GtLt. In other cases Value should
- contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- required:
- - feature
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- description: Feature is the name of the feature set to
- match against.
- type: string
- matchExpressions:
- additionalProperties:
- description: MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressions is the set of per-element
- expressions evaluated. These match against the value
- of the specified elements.
- type: object
- matchName:
- description: MatchName in an expression that is matched
- against the name of each element in the feature set.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other cases
- Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- required:
- - feature
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- taints:
- description: Taints to create if the rule matches.
- items:
- description: The node this Taint is attached to has the "effect"
- on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are NoSchedule,
- PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which the
- taint was added. It is only written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 928ece78f8..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,107 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Allow the release namespace to be overridden for multi-namespace deployments in combined charts
-*/}}
-{{- define "node-feature-discovery.namespace" -}}
- {{- if .Values.namespaceOverride -}}
- {{- .Values.namespaceOverride -}}
- {{- else -}}
- {{- .Release.Namespace -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which nfd-gc will use
-*/}}
-{{- define "node-feature-discovery.gc.serviceAccountName" -}}
-{{- if .Values.gc.serviceAccount.create -}}
- {{ default (printf "%s-gc" (include "node-feature-discovery.fullname" .)) .Values.gc.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.gc.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index 8af115316b..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-{{- if .Values.tls.certManager }}
-{{- if .Values.master.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
----
-{{- if .Values.worker.enable }}
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index f3c57acea1..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index e652e1df8c..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,119 +0,0 @@
-{{- if and .Values.master.enable .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- - nodes/status
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- resourceNames:
- - "nfd-master.nfd.kubernetes.io"
- verbs:
- - get
- - update
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - delete
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - delete
- - list
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index 99134a1c54..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if and .Values.master.enable .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-gc
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index 53a291e0f7..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-{{- if .Values.master.enable }}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- {{- with .Values.master.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- {{- with .Values.master.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- enableServiceLinks: false
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- grpc:
- port: 8080
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- grpc:
- port: 8080
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: {{ .Values.master.port | default "8080" }}
- name: grpc
- - containerPort: {{ .Values.master.metricsPort | default "8081" }}
- name: metrics
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "-instance={{ .Values.master.instance }}"
- {{- end }}
- {{- if not .Values.enableNodeFeatureApi }}
- - "-port={{ .Values.master.port | default "8080" }}"
- - "-enable-nodefeature-api=false"
- {{- else if gt (int .Values.master.replicaCount) 1 }}
- - "-enable-leader-election"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.denyLabelNs | empty | not }}
- - "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "-resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.enableTaints }}
- - "-enable-taints"
- {{- end }}
- {{- if .Values.master.crdController | kindIs "invalid" | not }}
- - "-crd-controller={{ .Values.master.crdController }}"
- {{- else }}
- ## By default, disable crd controller for other than the default instances
- - "-crd-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- end }}
- {{- if .Values.master.resyncPeriod }}
- - "-resync-period={{ .Values.master.resyncPeriod }}"
- {{- end }}
- {{- if .Values.master.nfdApiParallelism | empty | not }}
- - "-nfd-api-parallelism={{ .Values.master.nfdApiParallelism }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- - "-metrics={{ .Values.master.metricsPort | default "8081" }}"
- volumeMounts:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-master-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
- volumes:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- {{- end }}
- - name: nfd-master-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- items:
- - key: nfd-master.conf
- path: nfd-master.conf
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
deleted file mode 100644
index 1e0e12327a..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{- if and .Values.gc.enable (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: gc
- {{- with .Values.gc.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.gc.replicaCount | default 1 }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: gc
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: gc
- {{- with .Values.gc.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.gc.podSecurityContext | nindent 8 }}
- containers:
- - name: gc
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-gc"
- args:
- {{- if .Values.gc.interval | empty | not }}
- - "-gc-interval={{ .Values.gc.interval }}"
- {{- end }}
- resources:
- {{- toYaml .Values.gc.resources | nindent 12 }}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- ports:
- - name: metrics
- containerPort: {{ .Values.gc.metricsPort | default "8081"}}
-
- {{- with .Values.gc.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
deleted file mode 100644
index 9c6e01cde4..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.master.enable }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-master.conf: |-
- {{- .Values.master.config | toYaml | nindent 4 }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
deleted file mode 100644
index 9867f5089c..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-topology-updater.conf: |-
- {{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index a2299dea13..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.worker.enable }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
deleted file mode 100644
index b9f4b46405..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- if .Values.prometheus.enable }}
-# Prometheus Monitor Service (Metrics)
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- {{- with .Values.prometheus.labels }}
- {{ toYaml . | nindent 4 }}
- {{- end }}
-spec:
- podMetricsEndpoints:
- - honorLabels: true
- interval: 10s
- path: /metrics
- port: metrics
- scheme: http
- namespaceSelector:
- matchNames:
- - {{ include "node-feature-discovery.namespace" . }}
- selector:
- matchExpressions:
- - {key: app.kubernetes.io/instance, operator: In, values: ["{{ .Release.Name }}"]}
- - {key: app.kubernetes.io/name, operator: In, values: ["{{ include "node-feature-discovery.name" . }}"]}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/role.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
deleted file mode 100644
index 3a872e5723..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- if and .Values.worker.enable .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - create
- - get
- - update
-{{- end }}
-
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
deleted file mode 100644
index a640d5f8bc..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if and .Values.worker.enable .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "node-feature-discovery.fullname" . }}-worker
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index d71d1555f7..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if and (not .Values.enableNodeFeatureApi) .Values.master.enable }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port | default "8080" }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- role: master
-{{- end}}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index 7da2c877e9..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
-{{- if and .Values.master.enable .Values.master.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.serviceAccount.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.gc.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.worker.enable .Values.worker.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index b6b919689c..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,278 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.11.2
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: false
- - name: v1alpha2
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
- if needed'
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index f51c10e6dc..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,156 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: NODE_ADDRESS
- valueFrom:
- fieldRef:
- fieldPath: status.hostIP
- command:
- - "nfd-topology-updater"
- args:
- - "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "-sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "-watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- {{- if .Values.topologyUpdater.podSetFingerprint }}
- - "-pods-fingerprint"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - "-kubelet-config-uri=file:///host-var/kubelet-config"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty }}
- # Disable kubelet state tracking by giving an empty path
- - "-kubelet-state-dir="
- {{- end }}
- - -metrics={{ .Values.topologyUpdater.metricsPort | default "8081"}}
- ports:
- - name: metrics
- containerPort: {{ .Values.topologyUpdater.metricsPort | default "8081"}}
- volumeMounts:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- mountPath: /host-var/kubelet-config
- {{- end }}
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- mountPath: /host-var/lib/kubelet
- readOnly: true
- {{- end }}
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-topology-updater-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletStateDir }}
- {{- end }}
- - name: nfd-topology-updater-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- items:
- - key: nfd-topology-updater.conf
- path: nfd-topology-updater.conf
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index f49f9bd644..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,162 +0,0 @@
-{{- if .Values.worker.enable }}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- {{- with .Values.worker.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- {{- with .Values.worker.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_UID
- valueFrom:
- fieldRef:
- fieldPath: metadata.uid
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- {{- if not .Values.enableNodeFeatureApi }}
- - "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- - "-enable-nodefeature-api=false"
- {{- end }}
-{{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- - "-metrics={{ .Values.worker.metricsPort | default "8081"}}"
- ports:
- - name: metrics
- containerPort: {{ .Values.worker.metricsPort | default "8081"}}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- - name: host-lib
- mountPath: "/host-lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- - name: host-lib
- hostPath:
- path: "/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.priorityClassName }}
- priorityClassName: {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/values.yaml b/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index 6b780ae6c5..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,534 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.15.4-build20240423
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-namespaceOverride: ""
-
-enableNodeFeatureApi: true
-
-master:
- enable: true
- config: ###
- # noPublish: false
- # autoDefaultNs: true
- # extraLabelNs: ["added.ns.io","added.kubernets.io"]
- # denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
- # resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
- # enableTaints: false
- # labelWhiteList: "foo"
- # resyncPeriod: "2h"
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-master restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- # leaderElection:
- # leaseDuration: 15s
- # # this value has to be lower than leaseDuration and greater than retryPeriod*1.2
- # renewDeadline: 10s
- # # this value has to be greater than 0
- # retryPeriod: 2s
- # nfdApiParallelism: 10
- ###
- # The TCP port that nfd-master listens for incoming requests. Default: 8080
- # Deprecated this parameter is related to the deprecated gRPC API and will
- # be removed with it in a future release
- port: 8080
- metricsPort: 8081
- instance:
- featureApi:
- resyncPeriod:
- denyLabelNs: []
- extraLabelNs: []
- resourceLabels: []
- enableTaints: false
- crdController: null
- featureRulesController: null
- nfdApiParallelism: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- enable: true
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # - "TDX_GUEST"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # local:
- # hooksEnabled: false
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # "vendor.io/my-ng-feature": "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # "vendor.io/my-ng-feature-2": "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # - name: "avx wildcard rule"
- # labels:
- # "my-avx-feature": "true"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchName: {op: InRegexp, value: ["^AVX512"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}vendor.io/my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}vendor.io/my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "vendor.io/my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "vendor.io/my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # vendor.io/my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
- # - name: "kconfig template rule"
- # labelsTemplate: |
- # {{ range .kernel.config }}kconfig-{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: kernel.config
- # matchName: {op: In, value: ["SWAP", "X86", "ARM"]}
-###
-
- metricsPort: 8081
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
- priorityClassName: ""
-
-topologyUpdater:
- config: ###
- ## key = node name, value = list of resources to be excluded.
- ## use * to exclude from all nodes.
- ## an example for how the exclude list should looks like
- #excludeList:
- # node1: [cpu]
- # node2: [memory, example/deviceA]
- # *: [hugepages-2Mi]
-###
-
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- metricsPort: 8081
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
- kubeletStateDir: /var/lib/kubelet
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- daemonsetAnnotations: {}
- affinity: {}
- podSetFingerprint: true
-
-gc:
- enable: true
- replicaCount: 1
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- interval: 1h
-
- podSecurityContext: {}
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- metricsPort: 8081
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- deploymentAnnotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
-
-prometheus:
- enable: false
- labels: {}
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/NOTES.txt b/charts/sriov/104.0.0+up0.1.0/templates/NOTES.txt
deleted file mode 100644
index 44a8bf935a..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/_helpers.tpl b/charts/sriov/104.0.0+up0.1.0/templates/_helpers.tpl
deleted file mode 100644
index dff1d171fe..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/_webhook-certs.tpl b/charts/sriov/104.0.0+up0.1.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/certificate.yaml b/charts/sriov/104.0.0+up0.1.0/templates/certificate.yaml
deleted file mode 100644
index add29a9bec..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/certificate.yaml
+++ /dev/null
@@ -1,71 +0,0 @@
-{{- if .Values.operator.admissionControllers.enabled }}
-{{- if and (.Values.operator.admissionControllers.certificates.certManager.enabled) (.Values.operator.admissionControllers.certificates.certManager.generateSelfSigned) }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- namespace: {{ .Release.Namespace }}
-spec:
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- - operator-webhook-service.{{ .Release.Namespace }}.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: operator-webhook-selfsigned-issuer
- secretName: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: operator-webhook-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- namespace: {{ .Release.Namespace }}
-spec:
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- - network-resources-injector-service.{{ .Release.Namespace }}.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: network-resources-injector-selfsigned-issuer
- secretName: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: network-resources-injector-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
-{{- else if and (not .Values.operator.admissionControllers.certificates.certManager.enabled) (.Values.operator.admissionControllers.certificates.custom.enabled) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- namespace: {{ .Release.Namespace }}
-type: Opaque
-data:
- ca.crt: {{ .Values.operator.admissionControllers.certificates.custom.operator.caCrt | b64enc | b64enc | quote }}
- tls.crt: {{ .Values.operator.admissionControllers.certificates.custom.operator.tlsCrt | b64enc | quote }}
- tls.key: {{ .Values.operator.admissionControllers.certificates.custom.operator.tlsKey | b64enc | quote }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- namespace: {{ .Release.Namespace }}
-type: Opaque
-data:
- ca.crt: {{ .Values.operator.admissionControllers.certificates.custom.injector.caCrt | b64enc | b64enc | quote }}
- tls.crt: {{ .Values.operator.admissionControllers.certificates.custom.injector.tlsCrt | b64enc | quote }}
- tls.key: {{ .Values.operator.admissionControllers.certificates.custom.injector.tlsKey | b64enc | quote }}
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/certmanagercerts.yaml b/charts/sriov/104.0.0+up0.1.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/clusterrole.yaml b/charts/sriov/104.0.0+up0.1.0/templates/clusterrole.yaml
deleted file mode 100644
index 0edf69c338..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: [clusterroles, clusterrolebindings]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [ "config.openshift.io" ]
- resources: [ "infrastructures" ]
- verbs: [ "get", "list", "watch" ]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/clusterrolebinding.yaml b/charts/sriov/104.0.0+up0.1.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/configmap.yaml b/charts/sriov/104.0.0+up0.1.0/templates/configmap.yaml
deleted file mode 100644
index de53e8e369..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/configmap.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_ixgbe_10G_X550: "8086 1563 1565"
- Intel_ixgbe_82576: "8086 10c9 10ca"
- Intel_i40e_X710_X557_AT_10G: "8086 1589 154c"
- Intel_i40e_10G_X710_BACKPLANE: "8086 1581 154c"
- Intel_i40e_10G_X710_BASE_T: "8086 15ff 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_i40e_X550T: "8086 1563 1565"
- Intel_i40e_X722: "8086 37d2 37cd"
- Intel_i40e_X722_SFP: "8086 37d0 37cd"
- Intel_i40e_X722_SFPP: "8086 37d3 37cd"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Intel_ice_Columbiapark_E823C: "8086 188a 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_ConnectX-6_Lx: "15b3 101f 101e"
- Nvidia_mlx5_ConnectX-7: "15b3 1021 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Nvidia_mlx5_MT43244_BlueField-3_integrated_ConnectX-7_Dx: "15b3 a2dc 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
- Red_Hat_Virtio_1_0_network_device: "1af4 1041 1041"
- Marvell_OCTEON_TX2_CN96XX: "177d b200 b203"
- Marvell_OCTEON_TX2_CN98XX: "177d b100 b103"
- Marvell_OCTEON_Fusion_CNF95XX: "177d b600 b603"
- Marvell_OCTEON10_CN10XXX: "177d b900 b903"
- Marvell_OCTEON_Fusion_CNF105XX: "177d ba00 ba03"
- {{- range .Values.supportedExtraNICs }}
- {{ . }}
- {{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/operator.yaml b/charts/sriov/104.0.0+up0.1.0/templates/operator.yaml
deleted file mode 100644
index 70f1cb65c1..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/operator.yaml
+++ /dev/null
@@ -1,116 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- {{- with .Values.operator.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.operator.affinity }}
- affinity:
- {{- toYaml . | nindent 8}}
- {{- end }}
- {{- with .Values.operator.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- {{- if .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- range .Values.imagePullSecrets }}
- - name: {{ . }}
- {{- end }}
- {{- end }}
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.repository }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.repository }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.repository }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.repository }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.repository }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.repository }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.repository }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: IMAGE_PULL_SECRETS
- value: {{ join "," .Values.imagePullSecrets }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.admissionControllers.enabled }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_OPERATOR_SECRET_NAME
- value: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_INJECTOR_SECRET_NAME
- value: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- {{- if .Values.operator.admissionControllers.certificates.certManager.enabled }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_CERT_MANAGER_ENABLED
- value: {{ .Values.operator.admissionControllers.certificates.certManager.enabled | quote }}
- {{- else }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_OPERATOR_CA_CRT
- valueFrom:
- secretKeyRef:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- key: ca.crt
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_INJECTOR_CA_CRT
- valueFrom:
- secretKeyRef:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- key: ca.crt
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/role.yaml b/charts/sriov/104.0.0+up0.1.0/templates/role.yaml
deleted file mode 100644
index 6058a86e1b..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/role.yaml
+++ /dev/null
@@ -1,132 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
- - apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/rolebinding.yaml b/charts/sriov/104.0.0+up0.1.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/secrets.yaml b/charts/sriov/104.0.0+up0.1.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/serviceaccount.yaml b/charts/sriov/104.0.0+up0.1.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/sriovoperatorconfig.yaml b/charts/sriov/104.0.0+up0.1.0/templates/sriovoperatorconfig.yaml
deleted file mode 100644
index 41877365ad..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/sriovoperatorconfig.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{ if .Values.sriovOperatorConfig.deploy }}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- enableInjector: {{ .Values.operator.admissionControllers.enabled }}
- enableOperatorWebhook: {{ .Values.operator.admissionControllers.enabled }}
- {{- with .Values.sriovOperatorConfig.configDaemonNodeSelector }}
- configDaemonNodeSelector:
- {{- range $k, $v := .}}{{printf "%s: '%s'" $k $v | nindent 4 }}{{ end }}
- {{- end }}
- logLevel: {{ .Values.sriovOperatorConfig.logLevel }}
- disableDrain: {{ .Values.sriovOperatorConfig.disableDrain }}
- configurationMode: {{ .Values.sriovOperatorConfig.configurationMode }}
-{{ end }}
diff --git a/charts/sriov/104.0.0+up0.1.0/templates/validate-install-crd.yaml b/charts/sriov/104.0.0+up0.1.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 48ffe70751..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/104.0.0+up0.1.0/values.yaml b/charts/sriov/104.0.0+up0.1.0/values.yaml
deleted file mode 100644
index 656e375ad0..0000000000
--- a/charts/sriov/104.0.0+up0.1.0/values.yaml
+++ /dev/null
@@ -1,129 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Exists"
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
- admissionControllers:
- enabled: false
- certificates:
- secretNames:
- operator: "operator-webhook-cert"
- injector: "network-resources-injector-cert"
- certManager:
- # When enabled, makes use of certificates managed by cert-manager.
- enabled: false
- # When enabled, certificates are generated via cert-manager and then name will match the name of the secrets
- # defined above
- generateSelfSigned: false
- # If not specified, no secret is created and secrets with the names defined above are expected to exist in the
- # cluster. In that case, the ca.crt must be base64 encoded twice since it ends up being an env variable.
- custom:
- enabled: false
- # operator:
- # caCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsKey: |
- # -----BEGIN EC PRIVATE KEY-----
- # MHcl4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo=
- # ...
- # -----END EC PRIVATE KEY-----
- # injector:
- # caCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsKey: |
- # -----BEGIN EC PRIVATE KEY-----
- # MHcl4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo=
- # ...
- # -----END EC PRIVATE KEY-----
-
-sriovOperatorConfig:
- # deploy sriovOperatorConfig CR with the below values
- deploy: true
- # node slectors for sriov-network-config-daemon
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: 'true'}
- # log level for both operator and sriov-network-config-daemon
- logLevel: 2
- # disable node draining when configuring SR-IOV, set to true in case of a single node
- # cluster or any other justifiable reason
- disableDrain: false
- # sriov-network-config-daemon configuration mode. either "daemon" or "systemd"
- configurationMode: daemon
-
-# Image URIs for sriov-network-operator components
-images:
- operator:
- repository: rancher/hardened-sriov-network-operator
- tag: v1.2.0-build20240327
- sriovConfigDaemon:
- repository: rancher/hardened-sriov-network-config-daemon
- tag: v1.2.0-build20240327
- sriovCni:
- repository: rancher/hardened-sriov-cni
- tag: v2.7.0-build20240327
- ibSriovCni:
- repository: rancher/hardened-ib-sriov-cni
- tag: v1.0.3-build20240327
- sriovDevicePlugin:
- repository: rancher/hardened-sriov-network-device-plugin
- tag: v3.6.2-build20240327
- resourcesInjector:
- repository: rancher/hardened-sriov-network-resources-injector
- tag: v1.5-build20240327
- webhook:
- repository: rancher/hardened-sriov-network-webhook
- tag: v1.2.0-build20240327
-
-imagePullSecrets: []
-
-# Example for supportedExtraNICs values ['MyNIC: "8086 1521 1520"']
-supportedExtraNICs: []
-
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/charts/sriov/104.1.0+up0.1.0/.helmignore b/charts/sriov/104.1.0+up0.1.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/104.1.0+up0.1.0/Chart.yaml b/charts/sriov/104.1.0+up0.1.0/Chart.yaml
deleted file mode 100644
index bebfc5745f..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.30.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
-apiVersion: v2
-appVersion: 1.2.0
-dependencies:
-- condition: rancher-nfd.enabled
- name: rancher-nfd
- repository: file://./charts/rancher-nfd
- version: 0.15.4
-deprecated: true
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0-0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 104.1.0+up0.1.0
diff --git a/charts/sriov/104.1.0+up0.1.0/README.md b/charts/sriov/104.1.0+up0.1.0/README.md
deleted file mode 100644
index b2a57c4185..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/README.md
+++ /dev/null
@@ -1,129 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-In the case that [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) is enabled, the sriov network operator namespace will require a security level of 'privileged'
-```
-$ kubectl label ns sriov-network-operator pod-security.kubernetes.io/enforce=privileged
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-| Name | Type | Default | description |
-| ---- |------|---------|-------------|
-| `imagePullSecrets` | list | `[]` | An optional list of references to secrets to use for pulling any of the SR-IOV Network Operator image |
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.tolerations` | list | `[{"key":"node-role.kubernetes.io/master","operator":"Exists","effect":"NoSchedule"},{"key":"node-role.kubernetes.io/control-plane","operator":"Exists","effect":"NoSchedule"}]` | Operator's tolerations |
-| `operator.nodeSelector` | object | {} | Operator's node selector |
-| `operator.affinity` | object | `{"nodeAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"weight":1,"preference":{"matchExpressions":[{"key":"node-role.kubernetes.io/master","operator":"In","values":[""]}]}},{"weight":1,"preference":{"matchExpressions":[{"key":"node-role.kubernetes.io/control-plane","operator":"In","values":[""]}]}}]}}` | Operator's afffinity configuration |
-| `operator.nameOverride` | string | `` | Operator's resource name override |
-| `operator.fullnameOverride` | string | `` | Operator's resource full name override |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clustertype` | string | `kubernetes` | Cluster environment type |
-
-#### Admission Controllers parameters
-
-The admission controllers can be enabled by switching on a single parameter `operator.admissionControllers.enabled`. By
-default, the user needs to pre-create Kubernetes Secrets that match the names provided in
-`operator.admissionControllers.certificates.secretNames`. The secrets should have 3 fields populated with the relevant
-content:
-* `ca.crt` (value needs to be base64 encoded twice)
-* `tls.crt`
-* `tls.key`
-
-Aside from the aforementioned mode, the chart supports 3 more modes for certificate consumption by the admission
-controllers, which can be found in the table below. In a nutshell, the modes that are supported are:
-* Consume pre-created Certificates managed by cert-manager
-* Generate self signed Certificates managed by cert-manager
-* Specify the content of the certificates as Helm values
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.admissionControllers.enabled` | bool | false | Flag that switches on the admission controllers |
-| `operator.admissionControllers.certificates.secretNames.operator` | string | `operator-webhook-cert` | Secret that stores the certificate for the Operator's admission controller |
-| `operator.admissionControllers.certificates.secretNames.injector` | string | `network-resources-injector-cert` | Secret that stores the certificate for the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.certManager.enabled` | bool | false | Flag that switches on consumption of certificates managed by cert-manager |
-| `operator.admissionControllers.certificates.certManager.generateSelfSigned` | bool | false | Flag that switches on generation of self signed certificates managed by cert-manager. The secrets in which the certificates are stored will have the names provided in `operator.admissionControllers.certificates.secretNames` |
-| `operator.admissionControllers.certificates.custom.enabled` | bool | false | Flag that switches on consumption of user provided certificates that are part of `operator.admissionControllers.certificates.custom.operator` and `operator.admissionControllers.certificates.custom.injector` objects |
-| `operator.admissionControllers.certificates.custom.operator.caCrt` | string | `` | The CA certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.operator.tlsCrt` | string | `` | The public part of the certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.operator.tlsKey` | string | `` | The private part of the certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.caCrt` | string | `` | The CA certificate to be used by the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.tlsCrt` | string | `` | The public part of the certificate to be used by the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.tlsKey` | string | `` | The private part of the certificate to be used by the Network Resources Injector's admission controller |
-
-### SR-IOV Operator Configuration Parameters
-
-This section contains general parameters that apply to both the operator and daemon componets of SR-IOV Network Operator.
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `sriovOperatorConfig.deploy` | bool | `false` | deploy SriovOperatorConfig custom resource |
-| `sriovOperatorConfig.configDaemonNodeSelector` | map[string]string | `{}` | node slectors for sriov-network-config-daemon |
-| `sriovOperatorConfig.logLevel` | int | `2` | log level for both operator and sriov-network-config-daemon |
-| `sriovOperatorConfig.disableDrain` | bool | `false` | disable node draining when configuring SR-IOV, set to true in case of a single node cluster or any other justifiable reason |
-| `sriovOperatorConfig.configurationMode` | string | `daemon` | sriov-network-config-daemon configuration mode. either `daemon` or `systemd` |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/104.1.0+up0.1.0/app-README.md b/charts/sriov/104.1.0+up0.1.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/.helmignore b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index 1c4c2093ff..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.15.4
-description: Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.15.4
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/README.md b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/README.md
deleted file mode 100644
index b8b7d90caf..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.15/deployment/helm.html)
-for deployment instructions.
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
deleted file mode 100644
index 4e63041630..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
+++ /dev/null
@@ -1,426 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeatures.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeature
- listKind: NodeFeatureList
- plural: nodefeatures
- singular: nodefeature
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeature resource holds the features discovered for one node
- in the cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureSpec describes a NodeFeature object.
- properties:
- features:
- description: Features is the full "raw" features data that has been
- discovered.
- properties:
- attributes:
- additionalProperties:
- description: AttributeFeatureSet is a set of features having
- string value.
- properties:
- elements:
- additionalProperties:
- type: string
- type: object
- required:
- - elements
- type: object
- description: Attributes contains all the attribute-type features
- of the node.
- type: object
- flags:
- additionalProperties:
- description: FlagFeatureSet is a set of simple features only
- containing names without values.
- properties:
- elements:
- additionalProperties:
- description: Nil is a dummy empty struct for protobuf
- compatibility
- type: object
- type: object
- required:
- - elements
- type: object
- description: Flags contains all the flag-type features of the
- node.
- type: object
- instances:
- additionalProperties:
- description: InstanceFeatureSet is a set of features each of
- which is an instance having multiple attributes.
- properties:
- elements:
- items:
- description: InstanceFeature represents one instance of
- a complex features, e.g. a device.
- properties:
- attributes:
- additionalProperties:
- type: string
- type: object
- required:
- - attributes
- type: object
- type: array
- required:
- - elements
- type: object
- description: Instances contains all the instance-type features
- of the node.
- type: object
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels is the set of node labels that are requested to
- be created.
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- shortNames:
- - nfr
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotations to create if the rule matches.
- type: object
- extendedResources:
- additionalProperties:
- type: string
- description: ExtendedResources to create if the rule matches.
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- description: Feature is the name of the feature
- set to match against.
- type: string
- matchExpressions:
- additionalProperties:
- description: MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressions is the set of per-element
- expressions evaluated. These match against the
- value of the specified elements.
- type: object
- matchName:
- description: MatchName in an expression that is
- matched against the name of each element in the
- feature set.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against. Value
- should be empty if the operator is Exists,
- DoesNotExist, IsTrue or IsFalse. Value should
- contain exactly one element if the operator
- is Gt or Lt and exactly two elements if the
- operator is GtLt. In other cases Value should
- contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- required:
- - feature
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- description: Feature is the name of the feature set to
- match against.
- type: string
- matchExpressions:
- additionalProperties:
- description: MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressions is the set of per-element
- expressions evaluated. These match against the value
- of the specified elements.
- type: object
- matchName:
- description: MatchName in an expression that is matched
- against the name of each element in the feature set.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other cases
- Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- required:
- - feature
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- taints:
- description: Taints to create if the rule matches.
- items:
- description: The node this Taint is attached to has the "effect"
- on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are NoSchedule,
- PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which the
- taint was added. It is only written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 928ece78f8..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,107 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Allow the release namespace to be overridden for multi-namespace deployments in combined charts
-*/}}
-{{- define "node-feature-discovery.namespace" -}}
- {{- if .Values.namespaceOverride -}}
- {{- .Values.namespaceOverride -}}
- {{- else -}}
- {{- .Release.Namespace -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which nfd-gc will use
-*/}}
-{{- define "node-feature-discovery.gc.serviceAccountName" -}}
-{{- if .Values.gc.serviceAccount.create -}}
- {{ default (printf "%s-gc" (include "node-feature-discovery.fullname" .)) .Values.gc.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.gc.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index 8af115316b..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-{{- if .Values.tls.certManager }}
-{{- if .Values.master.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
----
-{{- if .Values.worker.enable }}
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index f3c57acea1..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index e652e1df8c..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,119 +0,0 @@
-{{- if and .Values.master.enable .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- - nodes/status
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- resourceNames:
- - "nfd-master.nfd.kubernetes.io"
- verbs:
- - get
- - update
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - delete
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - delete
- - list
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index 99134a1c54..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if and .Values.master.enable .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-gc
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index 53a291e0f7..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-{{- if .Values.master.enable }}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- {{- with .Values.master.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- {{- with .Values.master.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- enableServiceLinks: false
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- grpc:
- port: 8080
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- grpc:
- port: 8080
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: {{ .Values.master.port | default "8080" }}
- name: grpc
- - containerPort: {{ .Values.master.metricsPort | default "8081" }}
- name: metrics
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "-instance={{ .Values.master.instance }}"
- {{- end }}
- {{- if not .Values.enableNodeFeatureApi }}
- - "-port={{ .Values.master.port | default "8080" }}"
- - "-enable-nodefeature-api=false"
- {{- else if gt (int .Values.master.replicaCount) 1 }}
- - "-enable-leader-election"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.denyLabelNs | empty | not }}
- - "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "-resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.enableTaints }}
- - "-enable-taints"
- {{- end }}
- {{- if .Values.master.crdController | kindIs "invalid" | not }}
- - "-crd-controller={{ .Values.master.crdController }}"
- {{- else }}
- ## By default, disable crd controller for other than the default instances
- - "-crd-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- end }}
- {{- if .Values.master.resyncPeriod }}
- - "-resync-period={{ .Values.master.resyncPeriod }}"
- {{- end }}
- {{- if .Values.master.nfdApiParallelism | empty | not }}
- - "-nfd-api-parallelism={{ .Values.master.nfdApiParallelism }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- - "-metrics={{ .Values.master.metricsPort | default "8081" }}"
- volumeMounts:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-master-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
- volumes:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- {{- end }}
- - name: nfd-master-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- items:
- - key: nfd-master.conf
- path: nfd-master.conf
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
deleted file mode 100644
index 1e0e12327a..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{- if and .Values.gc.enable (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: gc
- {{- with .Values.gc.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.gc.replicaCount | default 1 }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: gc
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: gc
- {{- with .Values.gc.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.gc.podSecurityContext | nindent 8 }}
- containers:
- - name: gc
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-gc"
- args:
- {{- if .Values.gc.interval | empty | not }}
- - "-gc-interval={{ .Values.gc.interval }}"
- {{- end }}
- resources:
- {{- toYaml .Values.gc.resources | nindent 12 }}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- ports:
- - name: metrics
- containerPort: {{ .Values.gc.metricsPort | default "8081"}}
-
- {{- with .Values.gc.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
deleted file mode 100644
index 9c6e01cde4..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.master.enable }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-master.conf: |-
- {{- .Values.master.config | toYaml | nindent 4 }}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
deleted file mode 100644
index 9867f5089c..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-topology-updater.conf: |-
- {{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index a2299dea13..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.worker.enable }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
deleted file mode 100644
index b9f4b46405..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- if .Values.prometheus.enable }}
-# Prometheus Monitor Service (Metrics)
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- {{- with .Values.prometheus.labels }}
- {{ toYaml . | nindent 4 }}
- {{- end }}
-spec:
- podMetricsEndpoints:
- - honorLabels: true
- interval: 10s
- path: /metrics
- port: metrics
- scheme: http
- namespaceSelector:
- matchNames:
- - {{ include "node-feature-discovery.namespace" . }}
- selector:
- matchExpressions:
- - {key: app.kubernetes.io/instance, operator: In, values: ["{{ .Release.Name }}"]}
- - {key: app.kubernetes.io/name, operator: In, values: ["{{ include "node-feature-discovery.name" . }}"]}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/role.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
deleted file mode 100644
index 3a872e5723..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- if and .Values.worker.enable .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - create
- - get
- - update
-{{- end }}
-
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
deleted file mode 100644
index a640d5f8bc..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if and .Values.worker.enable .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "node-feature-discovery.fullname" . }}-worker
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index d71d1555f7..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if and (not .Values.enableNodeFeatureApi) .Values.master.enable }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port | default "8080" }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- role: master
-{{- end}}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index 7da2c877e9..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
-{{- if and .Values.master.enable .Values.master.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.serviceAccount.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.gc.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.worker.enable .Values.worker.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index b6b919689c..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,278 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.11.2
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: false
- - name: v1alpha2
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
- if needed'
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index f51c10e6dc..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,156 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: NODE_ADDRESS
- valueFrom:
- fieldRef:
- fieldPath: status.hostIP
- command:
- - "nfd-topology-updater"
- args:
- - "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "-sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "-watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- {{- if .Values.topologyUpdater.podSetFingerprint }}
- - "-pods-fingerprint"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - "-kubelet-config-uri=file:///host-var/kubelet-config"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty }}
- # Disable kubelet state tracking by giving an empty path
- - "-kubelet-state-dir="
- {{- end }}
- - -metrics={{ .Values.topologyUpdater.metricsPort | default "8081"}}
- ports:
- - name: metrics
- containerPort: {{ .Values.topologyUpdater.metricsPort | default "8081"}}
- volumeMounts:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- mountPath: /host-var/kubelet-config
- {{- end }}
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- mountPath: /host-var/lib/kubelet
- readOnly: true
- {{- end }}
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-topology-updater-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletStateDir }}
- {{- end }}
- - name: nfd-topology-updater-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- items:
- - key: nfd-topology-updater.conf
- path: nfd-topology-updater.conf
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index f49f9bd644..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,162 +0,0 @@
-{{- if .Values.worker.enable }}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- {{- with .Values.worker.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- {{- with .Values.worker.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_UID
- valueFrom:
- fieldRef:
- fieldPath: metadata.uid
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- {{- if not .Values.enableNodeFeatureApi }}
- - "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- - "-enable-nodefeature-api=false"
- {{- end }}
-{{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- - "-metrics={{ .Values.worker.metricsPort | default "8081"}}"
- ports:
- - name: metrics
- containerPort: {{ .Values.worker.metricsPort | default "8081"}}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- - name: host-lib
- mountPath: "/host-lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- - name: host-lib
- hostPath:
- path: "/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.priorityClassName }}
- priorityClassName: {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/values.yaml b/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index 1753e757c7..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,534 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.15.4-build20240513
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-namespaceOverride: ""
-
-enableNodeFeatureApi: true
-
-master:
- enable: true
- config: ###
- # noPublish: false
- # autoDefaultNs: true
- # extraLabelNs: ["added.ns.io","added.kubernets.io"]
- # denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
- # resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
- # enableTaints: false
- # labelWhiteList: "foo"
- # resyncPeriod: "2h"
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-master restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- # leaderElection:
- # leaseDuration: 15s
- # # this value has to be lower than leaseDuration and greater than retryPeriod*1.2
- # renewDeadline: 10s
- # # this value has to be greater than 0
- # retryPeriod: 2s
- # nfdApiParallelism: 10
- ###
- # The TCP port that nfd-master listens for incoming requests. Default: 8080
- # Deprecated this parameter is related to the deprecated gRPC API and will
- # be removed with it in a future release
- port: 8080
- metricsPort: 8081
- instance:
- featureApi:
- resyncPeriod:
- denyLabelNs: []
- extraLabelNs: []
- resourceLabels: []
- enableTaints: false
- crdController: null
- featureRulesController: null
- nfdApiParallelism: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- enable: true
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # - "TDX_GUEST"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # local:
- # hooksEnabled: false
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # "vendor.io/my-ng-feature": "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # "vendor.io/my-ng-feature-2": "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # - name: "avx wildcard rule"
- # labels:
- # "my-avx-feature": "true"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchName: {op: InRegexp, value: ["^AVX512"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}vendor.io/my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}vendor.io/my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "vendor.io/my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "vendor.io/my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # vendor.io/my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
- # - name: "kconfig template rule"
- # labelsTemplate: |
- # {{ range .kernel.config }}kconfig-{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: kernel.config
- # matchName: {op: In, value: ["SWAP", "X86", "ARM"]}
-###
-
- metricsPort: 8081
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
- priorityClassName: ""
-
-topologyUpdater:
- config: ###
- ## key = node name, value = list of resources to be excluded.
- ## use * to exclude from all nodes.
- ## an example for how the exclude list should looks like
- #excludeList:
- # node1: [cpu]
- # node2: [memory, example/deviceA]
- # *: [hugepages-2Mi]
-###
-
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- metricsPort: 8081
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
- kubeletStateDir: /var/lib/kubelet
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- daemonsetAnnotations: {}
- affinity: {}
- podSetFingerprint: true
-
-gc:
- enable: true
- replicaCount: 1
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- interval: 1h
-
- podSecurityContext: {}
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- metricsPort: 8081
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- deploymentAnnotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
-
-prometheus:
- enable: false
- labels: {}
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/NOTES.txt b/charts/sriov/104.1.0+up0.1.0/templates/NOTES.txt
deleted file mode 100644
index ea9a6ebc9b..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1,29 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
-
-{{- if .Chart.Deprecated }}
-
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! !!
-!! WARNING: This chart is deprecated and will be removed! !!
-!! !!
-!! Future updates can be obtained from following chart repository: !!
-!! https://suse-edge.github.io/charts/ !!
-!! !!
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/_helpers.tpl b/charts/sriov/104.1.0+up0.1.0/templates/_helpers.tpl
deleted file mode 100644
index dff1d171fe..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/_webhook-certs.tpl b/charts/sriov/104.1.0+up0.1.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/certificate.yaml b/charts/sriov/104.1.0+up0.1.0/templates/certificate.yaml
deleted file mode 100644
index add29a9bec..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/certificate.yaml
+++ /dev/null
@@ -1,71 +0,0 @@
-{{- if .Values.operator.admissionControllers.enabled }}
-{{- if and (.Values.operator.admissionControllers.certificates.certManager.enabled) (.Values.operator.admissionControllers.certificates.certManager.generateSelfSigned) }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- namespace: {{ .Release.Namespace }}
-spec:
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- - operator-webhook-service.{{ .Release.Namespace }}.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: operator-webhook-selfsigned-issuer
- secretName: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: operator-webhook-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- namespace: {{ .Release.Namespace }}
-spec:
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- - network-resources-injector-service.{{ .Release.Namespace }}.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: network-resources-injector-selfsigned-issuer
- secretName: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: network-resources-injector-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
-{{- else if and (not .Values.operator.admissionControllers.certificates.certManager.enabled) (.Values.operator.admissionControllers.certificates.custom.enabled) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- namespace: {{ .Release.Namespace }}
-type: Opaque
-data:
- ca.crt: {{ .Values.operator.admissionControllers.certificates.custom.operator.caCrt | b64enc | b64enc | quote }}
- tls.crt: {{ .Values.operator.admissionControllers.certificates.custom.operator.tlsCrt | b64enc | quote }}
- tls.key: {{ .Values.operator.admissionControllers.certificates.custom.operator.tlsKey | b64enc | quote }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- namespace: {{ .Release.Namespace }}
-type: Opaque
-data:
- ca.crt: {{ .Values.operator.admissionControllers.certificates.custom.injector.caCrt | b64enc | b64enc | quote }}
- tls.crt: {{ .Values.operator.admissionControllers.certificates.custom.injector.tlsCrt | b64enc | quote }}
- tls.key: {{ .Values.operator.admissionControllers.certificates.custom.injector.tlsKey | b64enc | quote }}
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/certmanagercerts.yaml b/charts/sriov/104.1.0+up0.1.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/clusterrole.yaml b/charts/sriov/104.1.0+up0.1.0/templates/clusterrole.yaml
deleted file mode 100644
index 0edf69c338..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: [clusterroles, clusterrolebindings]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [ "config.openshift.io" ]
- resources: [ "infrastructures" ]
- verbs: [ "get", "list", "watch" ]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/clusterrolebinding.yaml b/charts/sriov/104.1.0+up0.1.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/configmap.yaml b/charts/sriov/104.1.0+up0.1.0/templates/configmap.yaml
deleted file mode 100644
index de53e8e369..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/configmap.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_ixgbe_10G_X550: "8086 1563 1565"
- Intel_ixgbe_82576: "8086 10c9 10ca"
- Intel_i40e_X710_X557_AT_10G: "8086 1589 154c"
- Intel_i40e_10G_X710_BACKPLANE: "8086 1581 154c"
- Intel_i40e_10G_X710_BASE_T: "8086 15ff 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_i40e_X550T: "8086 1563 1565"
- Intel_i40e_X722: "8086 37d2 37cd"
- Intel_i40e_X722_SFP: "8086 37d0 37cd"
- Intel_i40e_X722_SFPP: "8086 37d3 37cd"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Intel_ice_Columbiapark_E823C: "8086 188a 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_ConnectX-6_Lx: "15b3 101f 101e"
- Nvidia_mlx5_ConnectX-7: "15b3 1021 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Nvidia_mlx5_MT43244_BlueField-3_integrated_ConnectX-7_Dx: "15b3 a2dc 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
- Red_Hat_Virtio_1_0_network_device: "1af4 1041 1041"
- Marvell_OCTEON_TX2_CN96XX: "177d b200 b203"
- Marvell_OCTEON_TX2_CN98XX: "177d b100 b103"
- Marvell_OCTEON_Fusion_CNF95XX: "177d b600 b603"
- Marvell_OCTEON10_CN10XXX: "177d b900 b903"
- Marvell_OCTEON_Fusion_CNF105XX: "177d ba00 ba03"
- {{- range .Values.supportedExtraNICs }}
- {{ . }}
- {{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/operator.yaml b/charts/sriov/104.1.0+up0.1.0/templates/operator.yaml
deleted file mode 100644
index 70f1cb65c1..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/operator.yaml
+++ /dev/null
@@ -1,116 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- {{- with .Values.operator.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.operator.affinity }}
- affinity:
- {{- toYaml . | nindent 8}}
- {{- end }}
- {{- with .Values.operator.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- {{- if .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- range .Values.imagePullSecrets }}
- - name: {{ . }}
- {{- end }}
- {{- end }}
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.repository }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.repository }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.repository }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.repository }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.repository }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.repository }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.repository }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: IMAGE_PULL_SECRETS
- value: {{ join "," .Values.imagePullSecrets }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.admissionControllers.enabled }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_OPERATOR_SECRET_NAME
- value: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_INJECTOR_SECRET_NAME
- value: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- {{- if .Values.operator.admissionControllers.certificates.certManager.enabled }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_CERT_MANAGER_ENABLED
- value: {{ .Values.operator.admissionControllers.certificates.certManager.enabled | quote }}
- {{- else }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_OPERATOR_CA_CRT
- valueFrom:
- secretKeyRef:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- key: ca.crt
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_INJECTOR_CA_CRT
- valueFrom:
- secretKeyRef:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- key: ca.crt
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/role.yaml b/charts/sriov/104.1.0+up0.1.0/templates/role.yaml
deleted file mode 100644
index 6058a86e1b..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/role.yaml
+++ /dev/null
@@ -1,132 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
- - apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/rolebinding.yaml b/charts/sriov/104.1.0+up0.1.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/secrets.yaml b/charts/sriov/104.1.0+up0.1.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/serviceaccount.yaml b/charts/sriov/104.1.0+up0.1.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/sriovoperatorconfig.yaml b/charts/sriov/104.1.0+up0.1.0/templates/sriovoperatorconfig.yaml
deleted file mode 100644
index 41877365ad..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/sriovoperatorconfig.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{ if .Values.sriovOperatorConfig.deploy }}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- enableInjector: {{ .Values.operator.admissionControllers.enabled }}
- enableOperatorWebhook: {{ .Values.operator.admissionControllers.enabled }}
- {{- with .Values.sriovOperatorConfig.configDaemonNodeSelector }}
- configDaemonNodeSelector:
- {{- range $k, $v := .}}{{printf "%s: '%s'" $k $v | nindent 4 }}{{ end }}
- {{- end }}
- logLevel: {{ .Values.sriovOperatorConfig.logLevel }}
- disableDrain: {{ .Values.sriovOperatorConfig.disableDrain }}
- configurationMode: {{ .Values.sriovOperatorConfig.configurationMode }}
-{{ end }}
diff --git a/charts/sriov/104.1.0+up0.1.0/templates/validate-install-crd.yaml b/charts/sriov/104.1.0+up0.1.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 48ffe70751..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/104.1.0+up0.1.0/values.yaml b/charts/sriov/104.1.0+up0.1.0/values.yaml
deleted file mode 100644
index 656e375ad0..0000000000
--- a/charts/sriov/104.1.0+up0.1.0/values.yaml
+++ /dev/null
@@ -1,129 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Exists"
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
- admissionControllers:
- enabled: false
- certificates:
- secretNames:
- operator: "operator-webhook-cert"
- injector: "network-resources-injector-cert"
- certManager:
- # When enabled, makes use of certificates managed by cert-manager.
- enabled: false
- # When enabled, certificates are generated via cert-manager and then name will match the name of the secrets
- # defined above
- generateSelfSigned: false
- # If not specified, no secret is created and secrets with the names defined above are expected to exist in the
- # cluster. In that case, the ca.crt must be base64 encoded twice since it ends up being an env variable.
- custom:
- enabled: false
- # operator:
- # caCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsKey: |
- # -----BEGIN EC PRIVATE KEY-----
- # MHcl4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo=
- # ...
- # -----END EC PRIVATE KEY-----
- # injector:
- # caCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsKey: |
- # -----BEGIN EC PRIVATE KEY-----
- # MHcl4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo=
- # ...
- # -----END EC PRIVATE KEY-----
-
-sriovOperatorConfig:
- # deploy sriovOperatorConfig CR with the below values
- deploy: true
- # node slectors for sriov-network-config-daemon
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: 'true'}
- # log level for both operator and sriov-network-config-daemon
- logLevel: 2
- # disable node draining when configuring SR-IOV, set to true in case of a single node
- # cluster or any other justifiable reason
- disableDrain: false
- # sriov-network-config-daemon configuration mode. either "daemon" or "systemd"
- configurationMode: daemon
-
-# Image URIs for sriov-network-operator components
-images:
- operator:
- repository: rancher/hardened-sriov-network-operator
- tag: v1.2.0-build20240327
- sriovConfigDaemon:
- repository: rancher/hardened-sriov-network-config-daemon
- tag: v1.2.0-build20240327
- sriovCni:
- repository: rancher/hardened-sriov-cni
- tag: v2.7.0-build20240327
- ibSriovCni:
- repository: rancher/hardened-ib-sriov-cni
- tag: v1.0.3-build20240327
- sriovDevicePlugin:
- repository: rancher/hardened-sriov-network-device-plugin
- tag: v3.6.2-build20240327
- resourcesInjector:
- repository: rancher/hardened-sriov-network-resources-injector
- tag: v1.5-build20240327
- webhook:
- repository: rancher/hardened-sriov-network-webhook
- tag: v1.2.0-build20240327
-
-imagePullSecrets: []
-
-# Example for supportedExtraNICs values ['MyNIC: "8086 1521 1520"']
-supportedExtraNICs: []
-
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/charts/sriov/104.2.0+up0.1.0/.helmignore b/charts/sriov/104.2.0+up0.1.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/104.2.0+up0.1.0/Chart.yaml b/charts/sriov/104.2.0+up0.1.0/Chart.yaml
deleted file mode 100644
index cb77a0cf24..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/Chart.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.31.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
-apiVersion: v2
-appVersion: 1.2.0
-dependencies:
-- condition: rancher-nfd.enabled
- name: rancher-nfd
- repository: file://./charts/rancher-nfd
- version: 0.15.4
-deprecated: true
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0-0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 104.2.0+up0.1.0
diff --git a/charts/sriov/104.2.0+up0.1.0/README.md b/charts/sriov/104.2.0+up0.1.0/README.md
deleted file mode 100644
index b2a57c4185..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/README.md
+++ /dev/null
@@ -1,129 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-In the case that [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) is enabled, the sriov network operator namespace will require a security level of 'privileged'
-```
-$ kubectl label ns sriov-network-operator pod-security.kubernetes.io/enforce=privileged
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-| Name | Type | Default | description |
-| ---- |------|---------|-------------|
-| `imagePullSecrets` | list | `[]` | An optional list of references to secrets to use for pulling any of the SR-IOV Network Operator image |
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.tolerations` | list | `[{"key":"node-role.kubernetes.io/master","operator":"Exists","effect":"NoSchedule"},{"key":"node-role.kubernetes.io/control-plane","operator":"Exists","effect":"NoSchedule"}]` | Operator's tolerations |
-| `operator.nodeSelector` | object | {} | Operator's node selector |
-| `operator.affinity` | object | `{"nodeAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"weight":1,"preference":{"matchExpressions":[{"key":"node-role.kubernetes.io/master","operator":"In","values":[""]}]}},{"weight":1,"preference":{"matchExpressions":[{"key":"node-role.kubernetes.io/control-plane","operator":"In","values":[""]}]}}]}}` | Operator's afffinity configuration |
-| `operator.nameOverride` | string | `` | Operator's resource name override |
-| `operator.fullnameOverride` | string | `` | Operator's resource full name override |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clustertype` | string | `kubernetes` | Cluster environment type |
-
-#### Admission Controllers parameters
-
-The admission controllers can be enabled by switching on a single parameter `operator.admissionControllers.enabled`. By
-default, the user needs to pre-create Kubernetes Secrets that match the names provided in
-`operator.admissionControllers.certificates.secretNames`. The secrets should have 3 fields populated with the relevant
-content:
-* `ca.crt` (value needs to be base64 encoded twice)
-* `tls.crt`
-* `tls.key`
-
-Aside from the aforementioned mode, the chart supports 3 more modes for certificate consumption by the admission
-controllers, which can be found in the table below. In a nutshell, the modes that are supported are:
-* Consume pre-created Certificates managed by cert-manager
-* Generate self signed Certificates managed by cert-manager
-* Specify the content of the certificates as Helm values
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.admissionControllers.enabled` | bool | false | Flag that switches on the admission controllers |
-| `operator.admissionControllers.certificates.secretNames.operator` | string | `operator-webhook-cert` | Secret that stores the certificate for the Operator's admission controller |
-| `operator.admissionControllers.certificates.secretNames.injector` | string | `network-resources-injector-cert` | Secret that stores the certificate for the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.certManager.enabled` | bool | false | Flag that switches on consumption of certificates managed by cert-manager |
-| `operator.admissionControllers.certificates.certManager.generateSelfSigned` | bool | false | Flag that switches on generation of self signed certificates managed by cert-manager. The secrets in which the certificates are stored will have the names provided in `operator.admissionControllers.certificates.secretNames` |
-| `operator.admissionControllers.certificates.custom.enabled` | bool | false | Flag that switches on consumption of user provided certificates that are part of `operator.admissionControllers.certificates.custom.operator` and `operator.admissionControllers.certificates.custom.injector` objects |
-| `operator.admissionControllers.certificates.custom.operator.caCrt` | string | `` | The CA certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.operator.tlsCrt` | string | `` | The public part of the certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.operator.tlsKey` | string | `` | The private part of the certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.caCrt` | string | `` | The CA certificate to be used by the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.tlsCrt` | string | `` | The public part of the certificate to be used by the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.tlsKey` | string | `` | The private part of the certificate to be used by the Network Resources Injector's admission controller |
-
-### SR-IOV Operator Configuration Parameters
-
-This section contains general parameters that apply to both the operator and daemon componets of SR-IOV Network Operator.
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `sriovOperatorConfig.deploy` | bool | `false` | deploy SriovOperatorConfig custom resource |
-| `sriovOperatorConfig.configDaemonNodeSelector` | map[string]string | `{}` | node slectors for sriov-network-config-daemon |
-| `sriovOperatorConfig.logLevel` | int | `2` | log level for both operator and sriov-network-config-daemon |
-| `sriovOperatorConfig.disableDrain` | bool | `false` | disable node draining when configuring SR-IOV, set to true in case of a single node cluster or any other justifiable reason |
-| `sriovOperatorConfig.configurationMode` | string | `daemon` | sriov-network-config-daemon configuration mode. either `daemon` or `systemd` |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/104.2.0+up0.1.0/app-README.md b/charts/sriov/104.2.0+up0.1.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/.helmignore b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index 1c4c2093ff..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.15.4
-description: Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.15.4
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/README.md b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/README.md
deleted file mode 100644
index b8b7d90caf..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.15/deployment/helm.html)
-for deployment instructions.
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
deleted file mode 100644
index 4e63041630..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
+++ /dev/null
@@ -1,426 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeatures.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeature
- listKind: NodeFeatureList
- plural: nodefeatures
- singular: nodefeature
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeature resource holds the features discovered for one node
- in the cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureSpec describes a NodeFeature object.
- properties:
- features:
- description: Features is the full "raw" features data that has been
- discovered.
- properties:
- attributes:
- additionalProperties:
- description: AttributeFeatureSet is a set of features having
- string value.
- properties:
- elements:
- additionalProperties:
- type: string
- type: object
- required:
- - elements
- type: object
- description: Attributes contains all the attribute-type features
- of the node.
- type: object
- flags:
- additionalProperties:
- description: FlagFeatureSet is a set of simple features only
- containing names without values.
- properties:
- elements:
- additionalProperties:
- description: Nil is a dummy empty struct for protobuf
- compatibility
- type: object
- type: object
- required:
- - elements
- type: object
- description: Flags contains all the flag-type features of the
- node.
- type: object
- instances:
- additionalProperties:
- description: InstanceFeatureSet is a set of features each of
- which is an instance having multiple attributes.
- properties:
- elements:
- items:
- description: InstanceFeature represents one instance of
- a complex features, e.g. a device.
- properties:
- attributes:
- additionalProperties:
- type: string
- type: object
- required:
- - attributes
- type: object
- type: array
- required:
- - elements
- type: object
- description: Instances contains all the instance-type features
- of the node.
- type: object
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels is the set of node labels that are requested to
- be created.
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- shortNames:
- - nfr
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotations to create if the rule matches.
- type: object
- extendedResources:
- additionalProperties:
- type: string
- description: ExtendedResources to create if the rule matches.
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- description: Feature is the name of the feature
- set to match against.
- type: string
- matchExpressions:
- additionalProperties:
- description: MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressions is the set of per-element
- expressions evaluated. These match against the
- value of the specified elements.
- type: object
- matchName:
- description: MatchName in an expression that is
- matched against the name of each element in the
- feature set.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against. Value
- should be empty if the operator is Exists,
- DoesNotExist, IsTrue or IsFalse. Value should
- contain exactly one element if the operator
- is Gt or Lt and exactly two elements if the
- operator is GtLt. In other cases Value should
- contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- required:
- - feature
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- description: Feature is the name of the feature set to
- match against.
- type: string
- matchExpressions:
- additionalProperties:
- description: MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressions is the set of per-element
- expressions evaluated. These match against the value
- of the specified elements.
- type: object
- matchName:
- description: MatchName in an expression that is matched
- against the name of each element in the feature set.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other cases
- Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- required:
- - feature
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- taints:
- description: Taints to create if the rule matches.
- items:
- description: The node this Taint is attached to has the "effect"
- on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are NoSchedule,
- PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which the
- taint was added. It is only written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 928ece78f8..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,107 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Allow the release namespace to be overridden for multi-namespace deployments in combined charts
-*/}}
-{{- define "node-feature-discovery.namespace" -}}
- {{- if .Values.namespaceOverride -}}
- {{- .Values.namespaceOverride -}}
- {{- else -}}
- {{- .Release.Namespace -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which nfd-gc will use
-*/}}
-{{- define "node-feature-discovery.gc.serviceAccountName" -}}
-{{- if .Values.gc.serviceAccount.create -}}
- {{ default (printf "%s-gc" (include "node-feature-discovery.fullname" .)) .Values.gc.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.gc.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index 8af115316b..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-{{- if .Values.tls.certManager }}
-{{- if .Values.master.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
----
-{{- if .Values.worker.enable }}
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index f3c57acea1..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index e652e1df8c..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,119 +0,0 @@
-{{- if and .Values.master.enable .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- - nodes/status
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- resourceNames:
- - "nfd-master.nfd.kubernetes.io"
- verbs:
- - get
- - update
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - delete
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - delete
- - list
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index 99134a1c54..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if and .Values.master.enable .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-gc
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index 53a291e0f7..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-{{- if .Values.master.enable }}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- {{- with .Values.master.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- {{- with .Values.master.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- enableServiceLinks: false
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- grpc:
- port: 8080
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- grpc:
- port: 8080
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: {{ .Values.master.port | default "8080" }}
- name: grpc
- - containerPort: {{ .Values.master.metricsPort | default "8081" }}
- name: metrics
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "-instance={{ .Values.master.instance }}"
- {{- end }}
- {{- if not .Values.enableNodeFeatureApi }}
- - "-port={{ .Values.master.port | default "8080" }}"
- - "-enable-nodefeature-api=false"
- {{- else if gt (int .Values.master.replicaCount) 1 }}
- - "-enable-leader-election"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.denyLabelNs | empty | not }}
- - "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "-resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.enableTaints }}
- - "-enable-taints"
- {{- end }}
- {{- if .Values.master.crdController | kindIs "invalid" | not }}
- - "-crd-controller={{ .Values.master.crdController }}"
- {{- else }}
- ## By default, disable crd controller for other than the default instances
- - "-crd-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- end }}
- {{- if .Values.master.resyncPeriod }}
- - "-resync-period={{ .Values.master.resyncPeriod }}"
- {{- end }}
- {{- if .Values.master.nfdApiParallelism | empty | not }}
- - "-nfd-api-parallelism={{ .Values.master.nfdApiParallelism }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- - "-metrics={{ .Values.master.metricsPort | default "8081" }}"
- volumeMounts:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-master-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
- volumes:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- {{- end }}
- - name: nfd-master-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- items:
- - key: nfd-master.conf
- path: nfd-master.conf
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
deleted file mode 100644
index 1e0e12327a..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-gc.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{- if and .Values.gc.enable (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: gc
- {{- with .Values.gc.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.gc.replicaCount | default 1 }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: gc
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: gc
- {{- with .Values.gc.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.gc.podSecurityContext | nindent 8 }}
- containers:
- - name: gc
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-gc"
- args:
- {{- if .Values.gc.interval | empty | not }}
- - "-gc-interval={{ .Values.gc.interval }}"
- {{- end }}
- resources:
- {{- toYaml .Values.gc.resources | nindent 12 }}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- ports:
- - name: metrics
- containerPort: {{ .Values.gc.metricsPort | default "8081"}}
-
- {{- with .Values.gc.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
deleted file mode 100644
index 9c6e01cde4..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.master.enable }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-master.conf: |-
- {{- .Values.master.config | toYaml | nindent 4 }}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
deleted file mode 100644
index 9867f5089c..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-topology-updater.conf: |-
- {{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index a2299dea13..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.worker.enable }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
deleted file mode 100644
index b9f4b46405..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/prometheus.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- if .Values.prometheus.enable }}
-# Prometheus Monitor Service (Metrics)
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- {{- with .Values.prometheus.labels }}
- {{ toYaml . | nindent 4 }}
- {{- end }}
-spec:
- podMetricsEndpoints:
- - honorLabels: true
- interval: 10s
- path: /metrics
- port: metrics
- scheme: http
- namespaceSelector:
- matchNames:
- - {{ include "node-feature-discovery.namespace" . }}
- selector:
- matchExpressions:
- - {key: app.kubernetes.io/instance, operator: In, values: ["{{ .Release.Name }}"]}
- - {key: app.kubernetes.io/name, operator: In, values: ["{{ include "node-feature-discovery.name" . }}"]}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/role.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
deleted file mode 100644
index 3a872e5723..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/role.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- if and .Values.worker.enable .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - create
- - get
- - update
-{{- end }}
-
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
deleted file mode 100644
index a640d5f8bc..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/rolebinding.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if and .Values.worker.enable .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "node-feature-discovery.fullname" . }}-worker
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index d71d1555f7..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if and (not .Values.enableNodeFeatureApi) .Values.master.enable }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port | default "8080" }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- role: master
-{{- end}}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index 7da2c877e9..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
-{{- if and .Values.master.enable .Values.master.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.serviceAccount.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.gc.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.worker.enable .Values.worker.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index b6b919689c..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,278 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.11.2
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: false
- - name: v1alpha2
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
- if needed'
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index f51c10e6dc..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,156 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: NODE_ADDRESS
- valueFrom:
- fieldRef:
- fieldPath: status.hostIP
- command:
- - "nfd-topology-updater"
- args:
- - "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "-sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "-watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- {{- if .Values.topologyUpdater.podSetFingerprint }}
- - "-pods-fingerprint"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - "-kubelet-config-uri=file:///host-var/kubelet-config"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty }}
- # Disable kubelet state tracking by giving an empty path
- - "-kubelet-state-dir="
- {{- end }}
- - -metrics={{ .Values.topologyUpdater.metricsPort | default "8081"}}
- ports:
- - name: metrics
- containerPort: {{ .Values.topologyUpdater.metricsPort | default "8081"}}
- volumeMounts:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- mountPath: /host-var/kubelet-config
- {{- end }}
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- mountPath: /host-var/lib/kubelet
- readOnly: true
- {{- end }}
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-topology-updater-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletStateDir }}
- {{- end }}
- - name: nfd-topology-updater-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- items:
- - key: nfd-topology-updater.conf
- path: nfd-topology-updater.conf
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index f49f9bd644..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,162 +0,0 @@
-{{- if .Values.worker.enable }}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- {{- with .Values.worker.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- {{- with .Values.worker.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_UID
- valueFrom:
- fieldRef:
- fieldPath: metadata.uid
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- {{- if not .Values.enableNodeFeatureApi }}
- - "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- - "-enable-nodefeature-api=false"
- {{- end }}
-{{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- - "-metrics={{ .Values.worker.metricsPort | default "8081"}}"
- ports:
- - name: metrics
- containerPort: {{ .Values.worker.metricsPort | default "8081"}}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- - name: host-lib
- mountPath: "/host-lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- - name: host-lib
- hostPath:
- path: "/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.priorityClassName }}
- priorityClassName: {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/values.yaml b/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index 1753e757c7..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,534 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.15.4-build20240513
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-namespaceOverride: ""
-
-enableNodeFeatureApi: true
-
-master:
- enable: true
- config: ###
- # noPublish: false
- # autoDefaultNs: true
- # extraLabelNs: ["added.ns.io","added.kubernets.io"]
- # denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
- # resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
- # enableTaints: false
- # labelWhiteList: "foo"
- # resyncPeriod: "2h"
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-master restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- # leaderElection:
- # leaseDuration: 15s
- # # this value has to be lower than leaseDuration and greater than retryPeriod*1.2
- # renewDeadline: 10s
- # # this value has to be greater than 0
- # retryPeriod: 2s
- # nfdApiParallelism: 10
- ###
- # The TCP port that nfd-master listens for incoming requests. Default: 8080
- # Deprecated this parameter is related to the deprecated gRPC API and will
- # be removed with it in a future release
- port: 8080
- metricsPort: 8081
- instance:
- featureApi:
- resyncPeriod:
- denyLabelNs: []
- extraLabelNs: []
- resourceLabels: []
- enableTaints: false
- crdController: null
- featureRulesController: null
- nfdApiParallelism: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- enable: true
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # - "TDX_GUEST"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # local:
- # hooksEnabled: false
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # "vendor.io/my-ng-feature": "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # "vendor.io/my-ng-feature-2": "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # - name: "avx wildcard rule"
- # labels:
- # "my-avx-feature": "true"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchName: {op: InRegexp, value: ["^AVX512"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}vendor.io/my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}vendor.io/my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "vendor.io/my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "vendor.io/my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # vendor.io/my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
- # - name: "kconfig template rule"
- # labelsTemplate: |
- # {{ range .kernel.config }}kconfig-{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: kernel.config
- # matchName: {op: In, value: ["SWAP", "X86", "ARM"]}
-###
-
- metricsPort: 8081
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
- priorityClassName: ""
-
-topologyUpdater:
- config: ###
- ## key = node name, value = list of resources to be excluded.
- ## use * to exclude from all nodes.
- ## an example for how the exclude list should looks like
- #excludeList:
- # node1: [cpu]
- # node2: [memory, example/deviceA]
- # *: [hugepages-2Mi]
-###
-
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- metricsPort: 8081
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
- kubeletStateDir: /var/lib/kubelet
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- daemonsetAnnotations: {}
- affinity: {}
- podSetFingerprint: true
-
-gc:
- enable: true
- replicaCount: 1
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- interval: 1h
-
- podSecurityContext: {}
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- metricsPort: 8081
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- deploymentAnnotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
-
-prometheus:
- enable: false
- labels: {}
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/NOTES.txt b/charts/sriov/104.2.0+up0.1.0/templates/NOTES.txt
deleted file mode 100644
index ea9a6ebc9b..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/NOTES.txt
+++ /dev/null
@@ -1,29 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
-
-{{- if .Chart.Deprecated }}
-
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! !!
-!! WARNING: This chart is deprecated and will be removed! !!
-!! !!
-!! Future updates can be obtained from following chart repository: !!
-!! https://suse-edge.github.io/charts/ !!
-!! !!
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/_helpers.tpl b/charts/sriov/104.2.0+up0.1.0/templates/_helpers.tpl
deleted file mode 100644
index dff1d171fe..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default .Chart.Name .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/_webhook-certs.tpl b/charts/sriov/104.2.0+up0.1.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/certificate.yaml b/charts/sriov/104.2.0+up0.1.0/templates/certificate.yaml
deleted file mode 100644
index add29a9bec..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/certificate.yaml
+++ /dev/null
@@ -1,71 +0,0 @@
-{{- if .Values.operator.admissionControllers.enabled }}
-{{- if and (.Values.operator.admissionControllers.certificates.certManager.enabled) (.Values.operator.admissionControllers.certificates.certManager.generateSelfSigned) }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- namespace: {{ .Release.Namespace }}
-spec:
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- - operator-webhook-service.{{ .Release.Namespace }}.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: operator-webhook-selfsigned-issuer
- secretName: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: operator-webhook-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- namespace: {{ .Release.Namespace }}
-spec:
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- - network-resources-injector-service.{{ .Release.Namespace }}.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: network-resources-injector-selfsigned-issuer
- secretName: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: network-resources-injector-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
-{{- else if and (not .Values.operator.admissionControllers.certificates.certManager.enabled) (.Values.operator.admissionControllers.certificates.custom.enabled) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- namespace: {{ .Release.Namespace }}
-type: Opaque
-data:
- ca.crt: {{ .Values.operator.admissionControllers.certificates.custom.operator.caCrt | b64enc | b64enc | quote }}
- tls.crt: {{ .Values.operator.admissionControllers.certificates.custom.operator.tlsCrt | b64enc | quote }}
- tls.key: {{ .Values.operator.admissionControllers.certificates.custom.operator.tlsKey | b64enc | quote }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- namespace: {{ .Release.Namespace }}
-type: Opaque
-data:
- ca.crt: {{ .Values.operator.admissionControllers.certificates.custom.injector.caCrt | b64enc | b64enc | quote }}
- tls.crt: {{ .Values.operator.admissionControllers.certificates.custom.injector.tlsCrt | b64enc | quote }}
- tls.key: {{ .Values.operator.admissionControllers.certificates.custom.injector.tlsKey | b64enc | quote }}
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/certmanagercerts.yaml b/charts/sriov/104.2.0+up0.1.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/clusterrole.yaml b/charts/sriov/104.2.0+up0.1.0/templates/clusterrole.yaml
deleted file mode 100644
index 0edf69c338..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: [clusterroles, clusterrolebindings]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [ "config.openshift.io" ]
- resources: [ "infrastructures" ]
- verbs: [ "get", "list", "watch" ]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/clusterrolebinding.yaml b/charts/sriov/104.2.0+up0.1.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/configmap.yaml b/charts/sriov/104.2.0+up0.1.0/templates/configmap.yaml
deleted file mode 100644
index de53e8e369..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/configmap.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_ixgbe_10G_X550: "8086 1563 1565"
- Intel_ixgbe_82576: "8086 10c9 10ca"
- Intel_i40e_X710_X557_AT_10G: "8086 1589 154c"
- Intel_i40e_10G_X710_BACKPLANE: "8086 1581 154c"
- Intel_i40e_10G_X710_BASE_T: "8086 15ff 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_i40e_X550T: "8086 1563 1565"
- Intel_i40e_X722: "8086 37d2 37cd"
- Intel_i40e_X722_SFP: "8086 37d0 37cd"
- Intel_i40e_X722_SFPP: "8086 37d3 37cd"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Intel_ice_Columbiapark_E823C: "8086 188a 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_ConnectX-6_Lx: "15b3 101f 101e"
- Nvidia_mlx5_ConnectX-7: "15b3 1021 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Nvidia_mlx5_MT43244_BlueField-3_integrated_ConnectX-7_Dx: "15b3 a2dc 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
- Red_Hat_Virtio_1_0_network_device: "1af4 1041 1041"
- Marvell_OCTEON_TX2_CN96XX: "177d b200 b203"
- Marvell_OCTEON_TX2_CN98XX: "177d b100 b103"
- Marvell_OCTEON_Fusion_CNF95XX: "177d b600 b603"
- Marvell_OCTEON10_CN10XXX: "177d b900 b903"
- Marvell_OCTEON_Fusion_CNF105XX: "177d ba00 ba03"
- {{- range .Values.supportedExtraNICs }}
- {{ . }}
- {{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/operator.yaml b/charts/sriov/104.2.0+up0.1.0/templates/operator.yaml
deleted file mode 100644
index 70f1cb65c1..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/operator.yaml
+++ /dev/null
@@ -1,116 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- {{- with .Values.operator.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.operator.affinity }}
- affinity:
- {{- toYaml . | nindent 8}}
- {{- end }}
- {{- with .Values.operator.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- {{- if .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- range .Values.imagePullSecrets }}
- - name: {{ . }}
- {{- end }}
- {{- end }}
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.repository }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.repository }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.repository }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.repository }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.repository }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.repository }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.repository }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: IMAGE_PULL_SECRETS
- value: {{ join "," .Values.imagePullSecrets }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.admissionControllers.enabled }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_OPERATOR_SECRET_NAME
- value: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_INJECTOR_SECRET_NAME
- value: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- {{- if .Values.operator.admissionControllers.certificates.certManager.enabled }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_CERT_MANAGER_ENABLED
- value: {{ .Values.operator.admissionControllers.certificates.certManager.enabled | quote }}
- {{- else }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_OPERATOR_CA_CRT
- valueFrom:
- secretKeyRef:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- key: ca.crt
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_INJECTOR_CA_CRT
- valueFrom:
- secretKeyRef:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- key: ca.crt
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/role.yaml b/charts/sriov/104.2.0+up0.1.0/templates/role.yaml
deleted file mode 100644
index 6058a86e1b..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/role.yaml
+++ /dev/null
@@ -1,132 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
- - apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/rolebinding.yaml b/charts/sriov/104.2.0+up0.1.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/secrets.yaml b/charts/sriov/104.2.0+up0.1.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/serviceaccount.yaml b/charts/sriov/104.2.0+up0.1.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/sriovoperatorconfig.yaml b/charts/sriov/104.2.0+up0.1.0/templates/sriovoperatorconfig.yaml
deleted file mode 100644
index 41877365ad..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/sriovoperatorconfig.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{ if .Values.sriovOperatorConfig.deploy }}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- enableInjector: {{ .Values.operator.admissionControllers.enabled }}
- enableOperatorWebhook: {{ .Values.operator.admissionControllers.enabled }}
- {{- with .Values.sriovOperatorConfig.configDaemonNodeSelector }}
- configDaemonNodeSelector:
- {{- range $k, $v := .}}{{printf "%s: '%s'" $k $v | nindent 4 }}{{ end }}
- {{- end }}
- logLevel: {{ .Values.sriovOperatorConfig.logLevel }}
- disableDrain: {{ .Values.sriovOperatorConfig.disableDrain }}
- configurationMode: {{ .Values.sriovOperatorConfig.configurationMode }}
-{{ end }}
diff --git a/charts/sriov/104.2.0+up0.1.0/templates/validate-install-crd.yaml b/charts/sriov/104.2.0+up0.1.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 48ffe70751..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/104.2.0+up0.1.0/values.yaml b/charts/sriov/104.2.0+up0.1.0/values.yaml
deleted file mode 100644
index 656e375ad0..0000000000
--- a/charts/sriov/104.2.0+up0.1.0/values.yaml
+++ /dev/null
@@ -1,129 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Exists"
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
- admissionControllers:
- enabled: false
- certificates:
- secretNames:
- operator: "operator-webhook-cert"
- injector: "network-resources-injector-cert"
- certManager:
- # When enabled, makes use of certificates managed by cert-manager.
- enabled: false
- # When enabled, certificates are generated via cert-manager and then name will match the name of the secrets
- # defined above
- generateSelfSigned: false
- # If not specified, no secret is created and secrets with the names defined above are expected to exist in the
- # cluster. In that case, the ca.crt must be base64 encoded twice since it ends up being an env variable.
- custom:
- enabled: false
- # operator:
- # caCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsKey: |
- # -----BEGIN EC PRIVATE KEY-----
- # MHcl4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo=
- # ...
- # -----END EC PRIVATE KEY-----
- # injector:
- # caCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsKey: |
- # -----BEGIN EC PRIVATE KEY-----
- # MHcl4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo=
- # ...
- # -----END EC PRIVATE KEY-----
-
-sriovOperatorConfig:
- # deploy sriovOperatorConfig CR with the below values
- deploy: true
- # node slectors for sriov-network-config-daemon
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: 'true'}
- # log level for both operator and sriov-network-config-daemon
- logLevel: 2
- # disable node draining when configuring SR-IOV, set to true in case of a single node
- # cluster or any other justifiable reason
- disableDrain: false
- # sriov-network-config-daemon configuration mode. either "daemon" or "systemd"
- configurationMode: daemon
-
-# Image URIs for sriov-network-operator components
-images:
- operator:
- repository: rancher/hardened-sriov-network-operator
- tag: v1.2.0-build20240327
- sriovConfigDaemon:
- repository: rancher/hardened-sriov-network-config-daemon
- tag: v1.2.0-build20240327
- sriovCni:
- repository: rancher/hardened-sriov-cni
- tag: v2.7.0-build20240327
- ibSriovCni:
- repository: rancher/hardened-ib-sriov-cni
- tag: v1.0.3-build20240327
- sriovDevicePlugin:
- repository: rancher/hardened-sriov-network-device-plugin
- tag: v3.6.2-build20240327
- resourcesInjector:
- repository: rancher/hardened-sriov-network-resources-injector
- tag: v1.5-build20240327
- webhook:
- repository: rancher/hardened-sriov-network-webhook
- tag: v1.2.0-build20240327
-
-imagePullSecrets: []
-
-# Example for supportedExtraNICs values ['MyNIC: "8086 1521 1520"']
-supportedExtraNICs: []
-
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/charts/sriov/104.3.0+up1.3.0/.helmignore b/charts/sriov/104.3.0+up1.3.0/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/104.3.0+up1.3.0/Chart.yaml b/charts/sriov/104.3.0+up1.3.0/Chart.yaml
deleted file mode 100644
index cd01819c2b..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/Chart.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.31.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.3.0
-apiVersion: v2
-appVersion: v1.3.0
-dependencies:
-- condition: rancher-nfd.enabled
- name: rancher-nfd
- repository: file://./charts/rancher-nfd
- version: 0.15.6
-deprecated: true
-description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
-home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-icon: https://charts.rancher.io/assets/logos/sr-iov.svg
-keywords:
-- sriov
-- Networking
-kubeVersion: '>= 1.16.0-0'
-maintainers:
-- email: charts@rancher.com
- name: Rancher Labs
-name: sriov
-sources:
-- https://github.com/rancher/charts
-type: application
-version: 104.3.0+up1.3.0
diff --git a/charts/sriov/104.3.0+up1.3.0/README.md b/charts/sriov/104.3.0+up1.3.0/README.md
deleted file mode 100644
index c4274f78af..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/README.md
+++ /dev/null
@@ -1,130 +0,0 @@
-# SR-IOV Network Operator Helm Chart
-
-SR-IOV Network Operator Helm Chart provides an easy way to install, configure and manage
-the lifecycle of SR-IOV network operator.
-
-## SR-IOV Network Operator
-SR-IOV Network Operator leverages [Kubernetes CRDs](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
-and [Operator SDK](https://github.com/operator-framework/operator-sdk) to configure and manage SR-IOV networks in a Kubernetes cluster.
-
-SR-IOV Network Operator features:
-- Initialize the supported SR-IOV NIC types on selected nodes.
-- Provision/upgrade SR-IOV device plugin executable on selected node.
-- Provision/upgrade SR-IOV CNI plugin executable on selected nodes.
-- Manage configuration of SR-IOV device plugin on host.
-- Generate net-att-def CRs for SR-IOV CNI plugin
-- Supports operation in a virtualized Kubernetes deployment
- - Discovers VFs attached to the Virtual Machine (VM)
- - Does not require attached of associated PFs
- - VFs can be associated to SriovNetworks by selecting the appropriate PciAddress as the RootDevice in the SriovNetworkNodePolicy
-
-## QuickStart
-
-### Prerequisites
-
-- Kubernetes v1.17+
-- Helm v3
-
-### Install Helm
-
-Helm provides an install script to copy helm binary to your system:
-```
-$ curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
-$ chmod 500 get_helm.sh
-$ ./get_helm.sh
-```
-
-For additional information and methods for installing Helm, refer to the official [helm website](https://helm.sh/)
-
-### Deploy SR-IOV Network Operator
-
-```
-# Install Operator
-$ helm install -n sriov-network-operator --create-namespace --wait sriov-network-operator ./
-
-# View deployed resources
-$ kubectl -n sriov-network-operator get pods
-```
-
-In the case that [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) is enabled, the sriov network operator namespace will require a security level of 'privileged'
-```
-$ kubectl label ns sriov-network-operator pod-security.kubernetes.io/enforce=privileged
-```
-
-## Chart parameters
-
-In order to tailor the deployment of the network operator to your cluster needs
-We have introduced the following Chart parameters.
-
-| Name | Type | Default | description |
-| ---- |------|---------|-------------|
-| `imagePullSecrets` | list | `[]` | An optional list of references to secrets to use for pulling any of the SR-IOV Network Operator image |
-| `supportedExtraNICs` | list | `[]` | An optional list of whitelisted NICs |
-
-### Operator parameters
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.tolerations` | list | `[{"key":"node-role.kubernetes.io/master","operator":"Exists","effect":"NoSchedule"},{"key":"node-role.kubernetes.io/control-plane","operator":"Exists","effect":"NoSchedule"}]` | Operator's tolerations |
-| `operator.nodeSelector` | object | {} | Operator's node selector |
-| `operator.affinity` | object | `{"nodeAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"weight":1,"preference":{"matchExpressions":[{"key":"node-role.kubernetes.io/master","operator":"In","values":[""]}]}},{"weight":1,"preference":{"matchExpressions":[{"key":"node-role.kubernetes.io/control-plane","operator":"In","values":[""]}]}}]}}` | Operator's afffinity configuration |
-| `operator.nameOverride` | string | `` | Operator's resource name override |
-| `operator.fullnameOverride` | string | `` | Operator's resource full name override |
-| `operator.resourcePrefix` | string | `openshift.io` | Device plugin resource prefix |
-| `operator.cniBinPath` | string | `/opt/cni/bin` | Path for CNI binary |
-| `operator.clustertype` | string | `kubernetes` | Cluster environment type |
-
-#### Admission Controllers parameters
-
-The admission controllers can be enabled by switching on a single parameter `operator.admissionControllers.enabled`. By
-default, the user needs to pre-create Kubernetes Secrets that match the names provided in
-`operator.admissionControllers.certificates.secretNames`. The secrets should have 3 fields populated with the relevant
-content:
-* `ca.crt` (value needs to be base64 encoded twice)
-* `tls.crt`
-* `tls.key`
-
-Aside from the aforementioned mode, the chart supports 3 more modes for certificate consumption by the admission
-controllers, which can be found in the table below. In a nutshell, the modes that are supported are:
-* Consume pre-created Certificates managed by cert-manager
-* Generate self signed Certificates managed by cert-manager
-* Specify the content of the certificates as Helm values
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `operator.admissionControllers.enabled` | bool | false | Flag that switches on the admission controllers |
-| `operator.admissionControllers.certificates.secretNames.operator` | string | `operator-webhook-cert` | Secret that stores the certificate for the Operator's admission controller |
-| `operator.admissionControllers.certificates.secretNames.injector` | string | `network-resources-injector-cert` | Secret that stores the certificate for the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.certManager.enabled` | bool | false | Flag that switches on consumption of certificates managed by cert-manager |
-| `operator.admissionControllers.certificates.certManager.generateSelfSigned` | bool | false | Flag that switches on generation of self signed certificates managed by cert-manager. The secrets in which the certificates are stored will have the names provided in `operator.admissionControllers.certificates.secretNames` |
-| `operator.admissionControllers.certificates.custom.enabled` | bool | false | Flag that switches on consumption of user provided certificates that are part of `operator.admissionControllers.certificates.custom.operator` and `operator.admissionControllers.certificates.custom.injector` objects |
-| `operator.admissionControllers.certificates.custom.operator.caCrt` | string | `` | The CA certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.operator.tlsCrt` | string | `` | The public part of the certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.operator.tlsKey` | string | `` | The private part of the certificate to be used by the Operator's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.caCrt` | string | `` | The CA certificate to be used by the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.tlsCrt` | string | `` | The public part of the certificate to be used by the Network Resources Injector's admission controller |
-| `operator.admissionControllers.certificates.custom.injector.tlsKey` | string | `` | The private part of the certificate to be used by the Network Resources Injector's admission controller |
-
-### SR-IOV Operator Configuration Parameters
-
-This section contains general parameters that apply to both the operator and daemon componets of SR-IOV Network Operator.
-
-| Name | Type | Default | description |
-| ---- | ---- | ------- | ----------- |
-| `sriovOperatorConfig.deploy` | bool | `false` | deploy SriovOperatorConfig custom resource |
-| `sriovOperatorConfig.configDaemonNodeSelector` | map[string]string | `{}` | node slectors for sriov-network-config-daemon |
-| `sriovOperatorConfig.logLevel` | int | `2` | log level for both operator and sriov-network-config-daemon |
-| `sriovOperatorConfig.disableDrain` | bool | `false` | disable node draining when configuring SR-IOV, set to true in case of a single node cluster or any other justifiable reason |
-| `sriovOperatorConfig.configurationMode` | string | `daemon` | sriov-network-config-daemon configuration mode. either `daemon` or `systemd` |
-
-### Images parameters
-
-| Name | description |
-| ---- | ----------- |
-| `images.operator` | Operator controller image |
-| `images.sriovConfigDaemon` | Daemon node agent image |
-| `images.sriovCni` | SR-IOV CNI image |
-| `images.ibSriovCni` | InfiniBand SR-IOV CNI image |
-| `images.sriovDevicePlugin` | SR-IOV device plugin image |
-| `images.resourcesInjector` | Resources Injector image |
-| `images.webhook` | Operator Webhook image |
diff --git a/charts/sriov/104.3.0+up1.3.0/app-README.md b/charts/sriov/104.3.0+up1.3.0/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/.helmignore b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/.helmignore
deleted file mode 100644
index 0e8a0eb36f..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/Chart.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/Chart.yaml
deleted file mode 100644
index 57dced8d09..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-appVersion: v0.15.6
-description: Detects hardware features available on each node in a Kubernetes cluster,
- and advertises those features using node labels
-home: https://github.com/kubernetes-sigs/node-feature-discovery
-keywords:
-- feature-discovery
-- feature-detection
-- node-labels
-name: rancher-nfd
-sources:
-- https://github.com/kubernetes-sigs/node-feature-discovery
-type: application
-version: 0.15.6
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/README.md b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/README.md
deleted file mode 100644
index b8b7d90caf..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/README.md
+++ /dev/null
@@ -1,10 +0,0 @@
-# Node Feature Discovery
-
-Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
-features and system configuration. Detected features are advertised as node
-labels. NFD provides flexible configuration and extension points for a wide
-range of vendor and application specific node labeling needs.
-
-See
-[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.15/deployment/helm.html)
-for deployment instructions.
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/crds/nfd-api-crds.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
deleted file mode 100644
index 4e63041630..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/crds/nfd-api-crds.yaml
+++ /dev/null
@@ -1,426 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeatures.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeature
- listKind: NodeFeatureList
- plural: nodefeatures
- singular: nodefeature
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeature resource holds the features discovered for one node
- in the cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureSpec describes a NodeFeature object.
- properties:
- features:
- description: Features is the full "raw" features data that has been
- discovered.
- properties:
- attributes:
- additionalProperties:
- description: AttributeFeatureSet is a set of features having
- string value.
- properties:
- elements:
- additionalProperties:
- type: string
- type: object
- required:
- - elements
- type: object
- description: Attributes contains all the attribute-type features
- of the node.
- type: object
- flags:
- additionalProperties:
- description: FlagFeatureSet is a set of simple features only
- containing names without values.
- properties:
- elements:
- additionalProperties:
- description: Nil is a dummy empty struct for protobuf
- compatibility
- type: object
- type: object
- required:
- - elements
- type: object
- description: Flags contains all the flag-type features of the
- node.
- type: object
- instances:
- additionalProperties:
- description: InstanceFeatureSet is a set of features each of
- which is an instance having multiple attributes.
- properties:
- elements:
- items:
- description: InstanceFeature represents one instance of
- a complex features, e.g. a device.
- properties:
- attributes:
- additionalProperties:
- type: string
- type: object
- required:
- - attributes
- type: object
- type: array
- required:
- - elements
- type: object
- description: Instances contains all the instance-type features
- of the node.
- type: object
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels is the set of node labels that are requested to
- be created.
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.12.1
- name: nodefeaturerules.nfd.k8s-sigs.io
-spec:
- group: nfd.k8s-sigs.io
- names:
- kind: NodeFeatureRule
- listKind: NodeFeatureRuleList
- plural: nodefeaturerules
- shortNames:
- - nfr
- singular: nodefeaturerule
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeFeatureRule resource specifies a configuration for feature-based
- customization of node objects, such as node labeling.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: NodeFeatureRuleSpec describes a NodeFeatureRule.
- properties:
- rules:
- description: Rules is a list of node customization rules.
- items:
- description: Rule defines a rule for node customization such as
- labeling.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: Annotations to create if the rule matches.
- type: object
- extendedResources:
- additionalProperties:
- type: string
- description: ExtendedResources to create if the rule matches.
- type: object
- labels:
- additionalProperties:
- type: string
- description: Labels to create if the rule matches.
- type: object
- labelsTemplate:
- description: LabelsTemplate specifies a template to expand for
- dynamically generating multiple labels. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- matchAny:
- description: MatchAny specifies a list of matchers one of which
- must match.
- items:
- description: MatchAnyElem specifies one sub-matcher of MatchAny.
- properties:
- matchFeatures:
- description: MatchFeatures specifies a set of matcher
- terms all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements
- against one feature set. All requirements (specified
- as MatchExpressions) are evaluated against each element
- in the feature set.
- properties:
- feature:
- description: Feature is the name of the feature
- set to match against.
- type: string
- matchExpressions:
- additionalProperties:
- description: MatchExpression specifies an expression
- to evaluate against a set of input values. It
- contains an operator that is applied when matching
- the input and an array of values that the operator
- evaluates the input against.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against.
- Value should be empty if the operator is
- Exists, DoesNotExist, IsTrue or IsFalse.
- Value should contain exactly one element
- if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In
- other cases Value should contain at least
- one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressions is the set of per-element
- expressions evaluated. These match against the
- value of the specified elements.
- type: object
- matchName:
- description: MatchName in an expression that is
- matched against the name of each element in the
- feature set.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that
- the operand evaluates the input against. Value
- should be empty if the operator is Exists,
- DoesNotExist, IsTrue or IsFalse. Value should
- contain exactly one element if the operator
- is Gt or Lt and exactly two elements if the
- operator is GtLt. In other cases Value should
- contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- required:
- - feature
- type: object
- type: array
- required:
- - matchFeatures
- type: object
- type: array
- matchFeatures:
- description: MatchFeatures specifies a set of matcher terms
- all of which must match.
- items:
- description: FeatureMatcherTerm defines requirements against
- one feature set. All requirements (specified as MatchExpressions)
- are evaluated against each element in the feature set.
- properties:
- feature:
- description: Feature is the name of the feature set to
- match against.
- type: string
- matchExpressions:
- additionalProperties:
- description: MatchExpression specifies an expression
- to evaluate against a set of input values. It contains
- an operator that is applied when matching the input
- and an array of values that the operator evaluates
- the input against.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other
- cases Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- description: MatchExpressions is the set of per-element
- expressions evaluated. These match against the value
- of the specified elements.
- type: object
- matchName:
- description: MatchName in an expression that is matched
- against the name of each element in the feature set.
- properties:
- op:
- description: Op is the operator to be applied.
- enum:
- - In
- - NotIn
- - InRegexp
- - Exists
- - DoesNotExist
- - Gt
- - Lt
- - GtLt
- - IsTrue
- - IsFalse
- type: string
- value:
- description: Value is the list of values that the
- operand evaluates the input against. Value should
- be empty if the operator is Exists, DoesNotExist,
- IsTrue or IsFalse. Value should contain exactly
- one element if the operator is Gt or Lt and exactly
- two elements if the operator is GtLt. In other cases
- Value should contain at least one element.
- items:
- type: string
- type: array
- required:
- - op
- type: object
- required:
- - feature
- type: object
- type: array
- name:
- description: Name of the rule.
- type: string
- taints:
- description: Taints to create if the rule matches.
- items:
- description: The node this Taint is attached to has the "effect"
- on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are NoSchedule,
- PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which the
- taint was added. It is only written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- vars:
- additionalProperties:
- type: string
- description: Vars is the variables to store if the rule matches.
- Variables do not directly inflict any changes in the node
- object. However, they can be referenced from other rules enabling
- more complex rule hierarchies, without exposing intermediary
- output values as labels.
- type: object
- varsTemplate:
- description: VarsTemplate specifies a template to expand for
- dynamically generating multiple variables. Data (after template
- expansion) must be keys with an optional value ([=])
- separated by newlines.
- type: string
- required:
- - name
- type: object
- type: array
- required:
- - rules
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/_helpers.tpl b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/_helpers.tpl
deleted file mode 100644
index 928ece78f8..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/_helpers.tpl
+++ /dev/null
@@ -1,107 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "node-feature-discovery.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "node-feature-discovery.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Allow the release namespace to be overridden for multi-namespace deployments in combined charts
-*/}}
-{{- define "node-feature-discovery.namespace" -}}
- {{- if .Values.namespaceOverride -}}
- {{- .Values.namespaceOverride -}}
- {{- else -}}
- {{- .Release.Namespace -}}
- {{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "node-feature-discovery.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "node-feature-discovery.labels" -}}
-helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
-{{ include "node-feature-discovery.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end -}}
-
-{{/*
-Selector labels
-*/}}
-{{- define "node-feature-discovery.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd master will use
-*/}}
-{{- define "node-feature-discovery.master.serviceAccountName" -}}
-{{- if .Values.master.serviceAccount.create -}}
- {{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.master.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which the nfd worker will use
-*/}}
-{{- define "node-feature-discovery.worker.serviceAccountName" -}}
-{{- if .Values.worker.serviceAccount.create -}}
- {{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.worker.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which topologyUpdater will use
-*/}}
-{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
-{{- if .Values.topologyUpdater.serviceAccount.create -}}
- {{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.topologyUpdater.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account which nfd-gc will use
-*/}}
-{{- define "node-feature-discovery.gc.serviceAccountName" -}}
-{{- if .Values.gc.serviceAccount.create -}}
- {{ default (printf "%s-gc" (include "node-feature-discovery.fullname" .)) .Values.gc.serviceAccount.name }}
-{{- else -}}
- {{ default "default" .Values.gc.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/cert-manager-certs.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
deleted file mode 100644
index 8af115316b..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/cert-manager-certs.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-{{- if .Values.tls.certManager }}
-{{- if .Values.master.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-master-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-master-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-master
- dnsNames:
- # must match the service name
- - {{ include "node-feature-discovery.fullname" . }}-master
- # first one is configured for use by the worker; below are for completeness
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- - {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
----
-{{- if .Values.worker.enable }}
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-worker-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-worker-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-worker
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- if .Values.topologyUpdater.enable }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-topology-updater-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- secretName: nfd-topology-updater-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-topology-updater
- dnsNames:
- - {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
- issuerRef:
- name: nfd-ca-issuer
- kind: Issuer
- group: cert-manager.io
-{{- end }}
-
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
deleted file mode 100644
index f3c57acea1..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/cert-manager-issuer.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-{{- if .Values.tls.certManager }}
-# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
-# - Create a self signed issuer
-# - Use this to create a CA cert
-# - Use this to now create a CA issuer
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-bootstrap
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- selfSigned: {}
-
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: nfd-ca-cert
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- isCA: true
- secretName: nfd-ca-cert
- subject:
- organizations:
- - node-feature-discovery
- commonName: nfd-ca-cert
- issuerRef:
- name: nfd-ca-bootstrap
- kind: Issuer
- group: cert-manager.io
-
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: nfd-ca-issuer
- namespace: {{ include "node-feature-discovery.namespace" . }}
-spec:
- ca:
- secretName: nfd-ca-cert
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/clusterrole.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/clusterrole.yaml
deleted file mode 100644
index e652e1df8c..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/clusterrole.yaml
+++ /dev/null
@@ -1,119 +0,0 @@
-{{- if and .Values.master.enable .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- - nodes/status
- verbs:
- - get
- - patch
- - update
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- - nodefeaturerules
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- resourceNames:
- - "nfd-master.nfd.kubernetes.io"
- verbs:
- - get
- - update
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - get
- - list
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - create
- - get
- - update
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes/proxy
- verbs:
- - get
-- apiGroups:
- - topology.node.k8s.io
- resources:
- - noderesourcetopologies
- verbs:
- - delete
- - list
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - delete
- - list
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/clusterrolebinding.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
deleted file mode 100644
index 99134a1c54..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,52 +0,0 @@
-{{- if and .Values.master.enable .Values.master.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.rbac.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "node-feature-discovery.fullname" . }}-gc
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/master.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/master.yaml
deleted file mode 100644
index 53a291e0f7..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/master.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-{{- if .Values.master.enable }}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
- {{- with .Values.master.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.master.replicaCount }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: master
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: master
- {{- with .Values.master.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- enableServiceLinks: false
- securityContext:
- {{- toYaml .Values.master.podSecurityContext | nindent 8 }}
- containers:
- - name: master
- securityContext:
- {{- toYaml .Values.master.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- livenessProbe:
- grpc:
- port: 8080
- initialDelaySeconds: 10
- periodSeconds: 10
- readinessProbe:
- grpc:
- port: 8080
- initialDelaySeconds: 5
- periodSeconds: 10
- failureThreshold: 10
- ports:
- - containerPort: {{ .Values.master.port | default "8080" }}
- name: grpc
- - containerPort: {{ .Values.master.metricsPort | default "8081" }}
- name: metrics
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-master"
- resources:
- {{- toYaml .Values.master.resources | nindent 12 }}
- args:
- {{- if .Values.master.instance | empty | not }}
- - "-instance={{ .Values.master.instance }}"
- {{- end }}
- {{- if not .Values.enableNodeFeatureApi }}
- - "-port={{ .Values.master.port | default "8080" }}"
- - "-enable-nodefeature-api=false"
- {{- else if gt (int .Values.master.replicaCount) 1 }}
- - "-enable-leader-election"
- {{- end }}
- {{- if .Values.master.extraLabelNs | empty | not }}
- - "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
- {{- end }}
- {{- if .Values.master.denyLabelNs | empty | not }}
- - "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
- {{- end }}
- {{- if .Values.master.resourceLabels | empty | not }}
- - "-resource-labels={{- join "," .Values.master.resourceLabels }}"
- {{- end }}
- {{- if .Values.master.enableTaints }}
- - "-enable-taints"
- {{- end }}
- {{- if .Values.master.crdController | kindIs "invalid" | not }}
- - "-crd-controller={{ .Values.master.crdController }}"
- {{- else }}
- ## By default, disable crd controller for other than the default instances
- - "-crd-controller={{ .Values.master.instance | empty }}"
- {{- end }}
- {{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- - "-featurerules-controller={{ .Values.master.featureRulesController }}"
- {{- end }}
- {{- if .Values.master.resyncPeriod }}
- - "-resync-period={{ .Values.master.resyncPeriod }}"
- {{- end }}
- {{- if .Values.master.nfdApiParallelism | empty | not }}
- - "-nfd-api-parallelism={{ .Values.master.nfdApiParallelism }}"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- - "-metrics={{ .Values.master.metricsPort | default "8081" }}"
- volumeMounts:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-master-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
- volumes:
- {{- if .Values.tls.enable }}
- - name: nfd-master-cert
- secret:
- secretName: nfd-master-cert
- {{- end }}
- - name: nfd-master-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- items:
- - key: nfd-master.conf
- path: nfd-master.conf
- {{- with .Values.master.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.master.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-gc.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-gc.yaml
deleted file mode 100644
index 1e0e12327a..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-gc.yaml
+++ /dev/null
@@ -1,77 +0,0 @@
-{{- if and .Values.gc.enable (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-gc
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: gc
- {{- with .Values.gc.deploymentAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- replicas: {{ .Values.gc.replicaCount | default 1 }}
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: gc
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: gc
- {{- with .Values.gc.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.gc.podSecurityContext | nindent 8 }}
- containers:
- - name: gc
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- command:
- - "nfd-gc"
- args:
- {{- if .Values.gc.interval | empty | not }}
- - "-gc-interval={{ .Values.gc.interval }}"
- {{- end }}
- resources:
- {{- toYaml .Values.gc.resources | nindent 12 }}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- ports:
- - name: metrics
- containerPort: {{ .Values.gc.metricsPort | default "8081"}}
-
- {{- with .Values.gc.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.gc.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-master-conf.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
deleted file mode 100644
index 9c6e01cde4..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-master-conf.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.master.enable }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-master.conf: |-
- {{- .Values.master.config | toYaml | nindent 4 }}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
deleted file mode 100644
index 9867f5089c..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-topologyupdater-conf.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-topology-updater.conf: |-
- {{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
deleted file mode 100644
index a2299dea13..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/nfd-worker-conf.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-{{- if .Values.worker.enable }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-data:
- nfd-worker.conf: |-
- {{- .Values.worker.config | toYaml | nindent 4 }}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/prometheus.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/prometheus.yaml
deleted file mode 100644
index b9f4b46405..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/prometheus.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{- if .Values.prometheus.enable }}
-# Prometheus Monitor Service (Metrics)
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- {{- with .Values.prometheus.labels }}
- {{ toYaml . | nindent 4 }}
- {{- end }}
-spec:
- podMetricsEndpoints:
- - honorLabels: true
- interval: 10s
- path: /metrics
- port: metrics
- scheme: http
- namespaceSelector:
- matchNames:
- - {{ include "node-feature-discovery.namespace" . }}
- selector:
- matchExpressions:
- - {key: app.kubernetes.io/instance, operator: In, values: ["{{ .Release.Name }}"]}
- - {key: app.kubernetes.io/name, operator: In, values: ["{{ include "node-feature-discovery.name" . }}"]}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/role.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/role.yaml
deleted file mode 100644
index 52c69eb197..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/role.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-{{- if and .Values.worker.enable .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-rules:
-- apiGroups:
- - nfd.k8s-sigs.io
- resources:
- - nodefeatures
- verbs:
- - create
- - get
- - update
-- apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - get
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/rolebinding.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/rolebinding.yaml
deleted file mode 100644
index a640d5f8bc..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/rolebinding.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{- if and .Values.worker.enable .Values.worker.rbac.create }}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: {{ include "node-feature-discovery.fullname" . }}-worker
-subjects:
-- kind: ServiceAccount
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
-{{- end }}
-
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/service.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/service.yaml
deleted file mode 100644
index d71d1555f7..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/service.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if and (not .Values.enableNodeFeatureApi) .Values.master.enable }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-master
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: master
-spec:
- type: {{ .Values.master.service.type }}
- ports:
- - port: {{ .Values.master.service.port | default "8080" }}
- targetPort: grpc
- protocol: TCP
- name: grpc
- selector:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
- role: master
-{{- end}}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/serviceaccount.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/serviceaccount.yaml
deleted file mode 100644
index 7da2c877e9..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,58 +0,0 @@
-{{- if and .Values.master.enable .Values.master.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.master.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.topologyUpdater.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.gc.enable .Values.gc.serviceAccount.create (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.gc.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.gc.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
-
-{{- if and .Values.worker.enable .Values.worker.serviceAccount.create }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- {{- with .Values.worker.serviceAccount.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
deleted file mode 100644
index b6b919689c..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/topologyupdater-crds.yaml
+++ /dev/null
@@ -1,278 +0,0 @@
-{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
- controller-gen.kubebuilder.io/version: v0.11.2
- creationTimestamp: null
- name: noderesourcetopologies.topology.node.k8s.io
-spec:
- group: topology.node.k8s.io
- names:
- kind: NodeResourceTopology
- listKind: NodeResourceTopologyList
- plural: noderesourcetopologies
- shortNames:
- - node-res-topo
- singular: noderesourcetopology
- scope: Cluster
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - topologyPolicies
- - zones
- type: object
- served: true
- storage: false
- - name: v1alpha2
- schema:
- openAPIV3Schema:
- description: NodeResourceTopology describes node resources and their topology.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- topologyPolicies:
- description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
- if needed'
- items:
- type: string
- type: array
- zones:
- description: ZoneList contains an array of Zone objects.
- items:
- description: Zone represents a resource topology zone, e.g. socket,
- node, die or core.
- properties:
- attributes:
- description: AttributeList contains an array of AttributeInfo objects.
- items:
- description: AttributeInfo contains one attribute of a Zone.
- properties:
- name:
- type: string
- value:
- type: string
- required:
- - name
- - value
- type: object
- type: array
- costs:
- description: CostList contains an array of CostInfo objects.
- items:
- description: CostInfo describes the cost (or distance) between
- two Zones.
- properties:
- name:
- type: string
- value:
- format: int64
- type: integer
- required:
- - name
- - value
- type: object
- type: array
- name:
- type: string
- parent:
- type: string
- resources:
- description: ResourceInfoList contains an array of ResourceInfo
- objects.
- items:
- description: ResourceInfo contains information about one resource
- type.
- properties:
- allocatable:
- anyOf:
- - type: integer
- - type: string
- description: Allocatable quantity of the resource, corresponding
- to allocatable in node status, i.e. total amount of this
- resource available to be used by pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- available:
- anyOf:
- - type: integer
- - type: string
- description: Available is the amount of this resource currently
- available for new (to be scheduled) pods, i.e. Allocatable
- minus the resources reserved by currently running pods.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- capacity:
- anyOf:
- - type: integer
- - type: string
- description: Capacity of the resource, corresponding to capacity
- in node status, i.e. total amount of this resource that
- the node has.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- name:
- description: Name of the resource.
- type: string
- required:
- - allocatable
- - available
- - capacity
- - name
- type: object
- type: array
- type:
- type: string
- required:
- - name
- - type
- type: object
- type: array
- required:
- - zones
- type: object
- served: true
- storage: true
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/topologyupdater.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/topologyupdater.yaml
deleted file mode 100644
index f51c10e6dc..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/topologyupdater.yaml
+++ /dev/null
@@ -1,156 +0,0 @@
-{{- if .Values.topologyUpdater.enable -}}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: topology-updater
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: topology-updater
- {{- with .Values.topologyUpdater.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
- containers:
- - name: topology-updater
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: "{{ .Values.image.pullPolicy }}"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: NODE_ADDRESS
- valueFrom:
- fieldRef:
- fieldPath: status.hostIP
- command:
- - "nfd-topology-updater"
- args:
- - "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
- {{- if .Values.topologyUpdater.updateInterval | empty | not }}
- - "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
- {{- else }}
- - "-sleep-interval=3s"
- {{- end }}
- {{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- - "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
- {{- else }}
- - "-watch-namespace=*"
- {{- end }}
- {{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
- {{- end }}
- {{- if .Values.topologyUpdater.podSetFingerprint }}
- - "-pods-fingerprint"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - "-kubelet-config-uri=file:///host-var/kubelet-config"
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty }}
- # Disable kubelet state tracking by giving an empty path
- - "-kubelet-state-dir="
- {{- end }}
- - -metrics={{ .Values.topologyUpdater.metricsPort | default "8081"}}
- ports:
- - name: metrics
- containerPort: {{ .Values.topologyUpdater.metricsPort | default "8081"}}
- volumeMounts:
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- mountPath: /host-var/kubelet-config
- {{- end }}
- - name: kubelet-podresources-sock
- mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
- - name: host-sys
- mountPath: /host-sys
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- mountPath: /host-var/lib/kubelet
- readOnly: true
- {{- end }}
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
- {{- end }}
- - name: nfd-topology-updater-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-
- resources:
- {{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
- securityContext:
- {{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
- volumes:
- - name: host-sys
- hostPath:
- path: "/sys"
- {{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- - name: kubelet-config
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletConfigPath }}
- {{- end }}
- - name: kubelet-podresources-sock
- hostPath:
- {{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
- path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
- {{- else }}
- path: /var/lib/kubelet/pod-resources/kubelet.sock
- {{- end }}
- {{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- - name: kubelet-state-files
- hostPath:
- path: {{ .Values.topologyUpdater.kubeletStateDir }}
- {{- end }}
- - name: nfd-topology-updater-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
- items:
- - key: nfd-topology-updater.conf
- path: nfd-topology-updater.conf
- {{- if .Values.tls.enable }}
- - name: nfd-topology-updater-cert
- secret:
- secretName: nfd-topology-updater-cert
- {{- end }}
-
-
- {{- with .Values.topologyUpdater.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.topologyUpdater.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/worker.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/worker.yaml
deleted file mode 100644
index f49f9bd644..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/templates/worker.yaml
+++ /dev/null
@@ -1,162 +0,0 @@
-{{- if .Values.worker.enable }}
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ include "node-feature-discovery.fullname" . }}-worker
- namespace: {{ include "node-feature-discovery.namespace" . }}
- labels:
- {{- include "node-feature-discovery.labels" . | nindent 4 }}
- role: worker
- {{- with .Values.worker.daemonsetAnnotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
- role: worker
- template:
- metadata:
- labels:
- {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
- role: worker
- {{- with .Values.worker.annotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- spec:
- dnsPolicy: ClusterFirstWithHostNet
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
- securityContext:
- {{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
- containers:
- - name: worker
- securityContext:
- {{- toYaml .Values.worker.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_UID
- valueFrom:
- fieldRef:
- fieldPath: metadata.uid
- resources:
- {{- toYaml .Values.worker.resources | nindent 12 }}
- command:
- - "nfd-worker"
- args:
- {{- if not .Values.enableNodeFeatureApi }}
- - "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
- - "-enable-nodefeature-api=false"
- {{- end }}
-{{- if .Values.tls.enable }}
- - "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- - "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- - "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
-{{- end }}
- - "-metrics={{ .Values.worker.metricsPort | default "8081"}}"
- ports:
- - name: metrics
- containerPort: {{ .Values.worker.metricsPort | default "8081"}}
- volumeMounts:
- - name: host-boot
- mountPath: "/host-boot"
- readOnly: true
- - name: host-os-release
- mountPath: "/host-etc/os-release"
- readOnly: true
- - name: host-sys
- mountPath: "/host-sys"
- readOnly: true
- - name: host-usr-lib
- mountPath: "/host-usr/lib"
- readOnly: true
- - name: host-lib
- mountPath: "/host-lib"
- readOnly: true
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- mountPath: "/host-usr/src"
- readOnly: true
- {{- end }}
- - name: source-d
- mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
- readOnly: true
- - name: features-d
- mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
- readOnly: true
- - name: nfd-worker-conf
- mountPath: "/etc/kubernetes/node-feature-discovery"
- readOnly: true
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- mountPath: "/etc/kubernetes/node-feature-discovery/certs"
- readOnly: true
-{{- end }}
- volumes:
- - name: host-boot
- hostPath:
- path: "/boot"
- - name: host-os-release
- hostPath:
- path: "/etc/os-release"
- - name: host-sys
- hostPath:
- path: "/sys"
- - name: host-usr-lib
- hostPath:
- path: "/usr/lib"
- - name: host-lib
- hostPath:
- path: "/lib"
- {{- if .Values.worker.mountUsrSrc }}
- - name: host-usr-src
- hostPath:
- path: "/usr/src"
- {{- end }}
- - name: source-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/source.d/"
- - name: features-d
- hostPath:
- path: "/etc/kubernetes/node-feature-discovery/features.d/"
- - name: nfd-worker-conf
- configMap:
- name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
- items:
- - key: nfd-worker.conf
- path: nfd-worker.conf
-{{- if .Values.tls.enable }}
- - name: nfd-worker-cert
- secret:
- secretName: nfd-worker-cert
-{{- end }}
- {{- with .Values.worker.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.worker.priorityClassName }}
- priorityClassName: {{ . | quote }}
- {{- end }}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/values.yaml b/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/values.yaml
deleted file mode 100644
index aab4abc126..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/charts/rancher-nfd/values.yaml
+++ /dev/null
@@ -1,534 +0,0 @@
-image:
- repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
- tag: v0.15.6-build20240822
-imagePullSecrets: []
-
-nameOverride: ""
-fullnameOverride: ""
-namespaceOverride: ""
-
-enableNodeFeatureApi: true
-
-master:
- enable: true
- config: ###
- # noPublish: false
- # autoDefaultNs: true
- # extraLabelNs: ["added.ns.io","added.kubernets.io"]
- # denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
- # resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
- # enableTaints: false
- # labelWhiteList: "foo"
- # resyncPeriod: "2h"
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-master restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- # leaderElection:
- # leaseDuration: 15s
- # # this value has to be lower than leaseDuration and greater than retryPeriod*1.2
- # renewDeadline: 10s
- # # this value has to be greater than 0
- # retryPeriod: 2s
- # nfdApiParallelism: 10
- ###
- # The TCP port that nfd-master listens for incoming requests. Default: 8080
- # Deprecated this parameter is related to the deprecated gRPC API and will
- # be removed with it in a future release
- port: 8080
- metricsPort: 8081
- instance:
- featureApi:
- resyncPeriod:
- denyLabelNs: []
- extraLabelNs: []
- resourceLabels: []
- enableTaints: false
- crdController: null
- featureRulesController: null
- nfdApiParallelism: null
- deploymentAnnotations: {}
- replicaCount: 1
-
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- service:
- type: ClusterIP
- port: 8080
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Equal"
- value: ""
- effect: "NoSchedule"
-
- annotations: {}
-
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
-
-worker:
- enable: true
- config: ###
- #core:
- # labelWhiteList:
- # noPublish: false
- # sleepInterval: 60s
- # featureSources: [all]
- # labelSources: [all]
- # klog:
- # addDirHeader: false
- # alsologtostderr: false
- # logBacktraceAt:
- # logtostderr: true
- # skipHeaders: false
- # stderrthreshold: 2
- # v: 0
- # vmodule:
- ## NOTE: the following options are not dynamically run-time configurable
- ## and require a nfd-worker restart to take effect after being changed
- # logDir:
- # logFile:
- # logFileMaxSize: 1800
- # skipLogHeaders: false
- #sources:
- # cpu:
- # cpuid:
- ## NOTE: whitelist has priority over blacklist
- # attributeBlacklist:
- # - "BMI1"
- # - "BMI2"
- # - "CLMUL"
- # - "CMOV"
- # - "CX16"
- # - "ERMS"
- # - "F16C"
- # - "HTT"
- # - "LZCNT"
- # - "MMX"
- # - "MMXEXT"
- # - "NX"
- # - "POPCNT"
- # - "RDRAND"
- # - "RDSEED"
- # - "RDTSCP"
- # - "SGX"
- # - "SSE"
- # - "SSE2"
- # - "SSE3"
- # - "SSE4"
- # - "SSE42"
- # - "SSSE3"
- # - "TDX_GUEST"
- # attributeWhitelist:
- # kernel:
- # kconfigFile: "/path/to/kconfig"
- # configOpts:
- # - "NO_HZ"
- # - "X86"
- # - "DMI"
- # pci:
- # deviceClassWhitelist:
- # - "0200"
- # - "03"
- # - "12"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # - "subsystem_vendor"
- # - "subsystem_device"
- # usb:
- # deviceClassWhitelist:
- # - "0e"
- # - "ef"
- # - "fe"
- # - "ff"
- # deviceLabelFields:
- # - "class"
- # - "vendor"
- # - "device"
- # local:
- # hooksEnabled: false
- # custom:
- # # The following feature demonstrates the capabilities of the matchFeatures
- # - name: "my custom rule"
- # labels:
- # "vendor.io/my-ng-feature": "true"
- # # matchFeatures implements a logical AND over all matcher terms in the
- # # list (i.e. all of the terms, or per-feature matchers, must match)
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX512F: {op: Exists}
- # - feature: cpu.cstate
- # matchExpressions:
- # enabled: {op: IsTrue}
- # - feature: cpu.pstate
- # matchExpressions:
- # no_turbo: {op: IsFalse}
- # scaling_governor: {op: In, value: ["performance"]}
- # - feature: cpu.rdt
- # matchExpressions:
- # RDTL3CA: {op: Exists}
- # - feature: cpu.sst
- # matchExpressions:
- # bf.enabled: {op: IsTrue}
- # - feature: cpu.topology
- # matchExpressions:
- # hardware_multithreading: {op: IsFalse}
- #
- # - feature: kernel.config
- # matchExpressions:
- # X86: {op: Exists}
- # LSM: {op: InRegexp, value: ["apparmor"]}
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # e1000e: {op: Exists}
- # - feature: kernel.selinux
- # matchExpressions:
- # enabled: {op: IsFalse}
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: In, value: ["5"]}
- # minor: {op: Gt, value: ["10"]}
- #
- # - feature: storage.block
- # matchExpressions:
- # rotational: {op: In, value: ["0"]}
- # dax: {op: In, value: ["0"]}
- #
- # - feature: network.device
- # matchExpressions:
- # operstate: {op: In, value: ["up"]}
- # speed: {op: Gt, value: ["100"]}
- #
- # - feature: memory.numa
- # matchExpressions:
- # node_count: {op: Gt, value: ["2"]}
- # - feature: memory.nv
- # matchExpressions:
- # devtype: {op: In, value: ["nd_dax"]}
- # mode: {op: In, value: ["memory"]}
- #
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: In, value: ["fedora", "centos"]}
- # - feature: system.name
- # matchExpressions:
- # nodename: {op: InRegexp, value: ["^worker-X"]}
- #
- # - feature: local.label
- # matchExpressions:
- # custom-feature-knob: {op: Gt, value: ["100"]}
- #
- # # The following feature demonstrates the capabilities of the matchAny
- # - name: "my matchAny rule"
- # labels:
- # "vendor.io/my-ng-feature-2": "my-value"
- # # matchAny implements a logical IF over all elements (sub-matchers) in
- # # the list (i.e. at least one feature matcher must match)
- # matchAny:
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-X: {op: Exists}
- # - feature: pci.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["0200"]}
- # - matchFeatures:
- # - feature: kernel.loadedmodule
- # matchExpressions:
- # driver-module-Y: {op: Exists}
- # - feature: usb.device
- # matchExpressions:
- # vendor: {op: In, value: ["8086"]}
- # class: {op: In, value: ["02"]}
- #
- # - name: "avx wildcard rule"
- # labels:
- # "my-avx-feature": "true"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchName: {op: InRegexp, value: ["^AVX512"]}
- #
- # # The following features demonstreate label templating capabilities
- # - name: "my template rule"
- # labelsTemplate: |
- # {{ range .system.osrelease }}vendor.io/my-system-feature.{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: system.osrelease
- # matchExpressions:
- # ID: {op: InRegexp, value: ["^open.*"]}
- # VERSION_ID.major: {op: In, value: ["13", "15"]}
- #
- # - name: "my template rule 2"
- # labelsTemplate: |
- # {{ range .pci.device }}vendor.io/my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
- # {{ end }}
- # matchFeatures:
- # - feature: pci.device
- # matchExpressions:
- # class: {op: InRegexp, value: ["^06"]}
- # vendor: ["8086"]
- # - feature: cpu.cpuid
- # matchExpressions:
- # AVX: {op: Exists}
- #
- # # The following examples demonstrate vars field and back-referencing
- # # previous labels and vars
- # - name: "my dummy kernel rule"
- # labels:
- # "vendor.io/my.kernel.feature": "true"
- # matchFeatures:
- # - feature: kernel.version
- # matchExpressions:
- # major: {op: Gt, value: ["2"]}
- #
- # - name: "my dummy rule with no labels"
- # vars:
- # "my.dummy.var": "1"
- # matchFeatures:
- # - feature: cpu.cpuid
- # matchExpressions: {}
- #
- # - name: "my rule using backrefs"
- # labels:
- # "vendor.io/my.backref.feature": "true"
- # matchFeatures:
- # - feature: rule.matched
- # matchExpressions:
- # vendor.io/my.kernel.feature: {op: IsTrue}
- # my.dummy.var: {op: Gt, value: ["0"]}
- #
- # - name: "kconfig template rule"
- # labelsTemplate: |
- # {{ range .kernel.config }}kconfig-{{ .Name }}={{ .Value }}
- # {{ end }}
- # matchFeatures:
- # - feature: kernel.config
- # matchName: {op: In, value: ["SWAP", "X86", "ARM"]}
-###
-
- metricsPort: 8081
- daemonsetAnnotations: {}
- podSecurityContext: {}
- # fsGroup: 2000
-
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsNonRoot: true
- # runAsUser: 1000
-
- serviceAccount:
- # Specifies whether a service account should be created.
- # We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name:
-
- rbac:
- create: true
-
- # Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
- # Does not work on systems without /usr/src AND a read-only /usr, such as Talos
- mountUsrSrc: false
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
-
- tolerations: []
-
- annotations: {}
-
- affinity: {}
-
- priorityClassName: ""
-
-topologyUpdater:
- config: ###
- ## key = node name, value = list of resources to be excluded.
- ## use * to exclude from all nodes.
- ## an example for how the exclude list should looks like
- #excludeList:
- # node1: [cpu]
- # node2: [memory, example/deviceA]
- # *: [hugepages-2Mi]
-###
-
- enable: false
- createCRDs: false
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- metricsPort: 8081
- kubeletConfigPath:
- kubeletPodResourcesSockPath:
- updateInterval: 60s
- watchNamespace: "*"
- kubeletStateDir: /var/lib/kubelet
-
- podSecurityContext: {}
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop: [ "ALL" ]
- readOnlyRootFilesystem: true
- runAsUser: 0
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- daemonsetAnnotations: {}
- affinity: {}
- podSetFingerprint: true
-
-gc:
- enable: true
- replicaCount: 1
-
- serviceAccount:
- create: true
- annotations: {}
- name:
- rbac:
- create: true
-
- interval: 1h
-
- podSecurityContext: {}
-
- resources: {}
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
-
- metricsPort: 8081
-
- nodeSelector: {}
- tolerations: []
- annotations: {}
- deploymentAnnotations: {}
- affinity: {}
-
-# Optionally use encryption for worker <--> master comms
-# TODO: verify hostname is not yet supported
-#
-# If you do not enable certManager (and have it installed) you will
-# need to manually, or otherwise, provision the TLS certs as secrets
-tls:
- enable: false
- certManager: false
-
-prometheus:
- enable: false
- labels: {}
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/NOTES.txt b/charts/sriov/104.3.0+up1.3.0/templates/NOTES.txt
deleted file mode 100644
index ea9a6ebc9b..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/NOTES.txt
+++ /dev/null
@@ -1,29 +0,0 @@
-Get Network Operator deployed resources by running the following commands:
-
-$ kubectl -n {{ .Release.Namespace }} get pods
-
-For additional instructions on how to use SR-IOV network operator,
-refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-
-{{- if .Values.operator.enableAdmissionController }}
-{{- if not .Values.cert_manager }}
-Thank you for installing {{ .Chart.Name }}.
-
-WARNING! Self signed certificates have been generated for webhooks.
-These certificates have a one-year validity and will not be rotated
-automatically. This should not be a production cluster. Please deploy
-and use cert-manager for production clusters.
-{{- end }}
-{{- end }}
-
-{{- if .Chart.Deprecated }}
-
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! !!
-!! WARNING: This chart is deprecated and will be removed! !!
-!! !!
-!! Future updates can be obtained from following chart repository: !!
-!! https://suse-edge.github.io/charts/ !!
-!! !!
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/_helpers.tpl b/charts/sriov/104.3.0+up1.3.0/templates/_helpers.tpl
deleted file mode 100644
index 88ad9709cf..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/_helpers.tpl
+++ /dev/null
@@ -1,85 +0,0 @@
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "sriov-network-operator.name" -}}
-{{- default "sriov-network-operator" .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "sriov-network-operator.fullname" -}}
-{{- if .Values.fullnameOverride }}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- $name := default "sriov-network-operator" .Values.nameOverride }}
-{{- if contains $name .Release.Name }}
-{{- .Release.Name | trunc 63 | trimSuffix "-" }}
-{{- else }}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
-{{- end }}
-{{- end }}
-{{- end }}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "sriov-network-operator.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "sriov-network-operator.labels" -}}
-helm.sh/chart: {{ include "sriov-network-operator.chart" . }}
-{{ include "sriov-network-operator.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "sriov-network-operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "sriov-network-operator.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "sriov-network-operator.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create }}
-{{- default (include "sriov-network-operator.fullname" .) .Values.serviceAccount.name }}
-{{- else }}
-{{- default "default" .Values.serviceAccount.name }}
-{{- end }}
-{{- end }}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
- value: "linux"
- effect: "NoSchedule"
- operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/_webhook-certs.tpl b/charts/sriov/104.3.0+up1.3.0/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/certificate.yaml b/charts/sriov/104.3.0+up1.3.0/templates/certificate.yaml
deleted file mode 100644
index add29a9bec..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/certificate.yaml
+++ /dev/null
@@ -1,71 +0,0 @@
-{{- if .Values.operator.admissionControllers.enabled }}
-{{- if and (.Values.operator.admissionControllers.certificates.certManager.enabled) (.Values.operator.admissionControllers.certificates.certManager.generateSelfSigned) }}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- namespace: {{ .Release.Namespace }}
-spec:
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- - operator-webhook-service.{{ .Release.Namespace }}.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: operator-webhook-selfsigned-issuer
- secretName: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: operator-webhook-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- namespace: {{ .Release.Namespace }}
-spec:
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- - network-resources-injector-service.{{ .Release.Namespace }}.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: network-resources-injector-selfsigned-issuer
- secretName: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: network-resources-injector-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
-{{- else if and (not .Values.operator.admissionControllers.certificates.certManager.enabled) (.Values.operator.admissionControllers.certificates.custom.enabled) }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- namespace: {{ .Release.Namespace }}
-type: Opaque
-data:
- ca.crt: {{ .Values.operator.admissionControllers.certificates.custom.operator.caCrt | b64enc | b64enc | quote }}
- tls.crt: {{ .Values.operator.admissionControllers.certificates.custom.operator.tlsCrt | b64enc | quote }}
- tls.key: {{ .Values.operator.admissionControllers.certificates.custom.operator.tlsKey | b64enc | quote }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- namespace: {{ .Release.Namespace }}
-type: Opaque
-data:
- ca.crt: {{ .Values.operator.admissionControllers.certificates.custom.injector.caCrt | b64enc | b64enc | quote }}
- tls.crt: {{ .Values.operator.admissionControllers.certificates.custom.injector.tlsCrt | b64enc | quote }}
- tls.key: {{ .Values.operator.admissionControllers.certificates.custom.injector.tlsKey | b64enc | quote }}
-{{- end }}
-{{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/certmanagercerts.yaml b/charts/sriov/104.3.0+up1.3.0/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/clusterrole.yaml b/charts/sriov/104.3.0+up1.3.0/templates/clusterrole.yaml
deleted file mode 100644
index 0edf69c338..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/clusterrole.yaml
+++ /dev/null
@@ -1,111 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: [""]
- resources: ["pods/eviction"]
- verbs: ["create"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [""]
- resources: ["namespaces", "serviceaccounts"]
- verbs: ["*"]
- - apiGroups: ["k8s.cni.cncf.io"]
- resources: ["network-attachment-definitions"]
- verbs: ["*"]
- - apiGroups: ["rbac.authorization.k8s.io"]
- resources: [clusterroles, clusterrolebindings]
- verbs: ["*"]
- - apiGroups: ["admissionregistration.k8s.io"]
- resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
- verbs: ["*"]
- - apiGroups: ["sriovnetwork.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["machineconfiguration.openshift.io"]
- resources: ["*"]
- verbs: ["*"]
- - apiGroups: ["config.openshift.io"]
- resources: ["infrastructures"]
- verbs: ["get", "list", "watch"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch", "patch", "update"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["*"]
- - apiGroups: ["apps"]
- resources: ["daemonsets"]
- verbs: ["get"]
- - apiGroups: [ "config.openshift.io" ]
- resources: [ "infrastructures" ]
- verbs: [ "get", "list", "watch" ]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-admin
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-admin: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-edit
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-edit: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: sriov-view
- {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
- rbac.authorization.k8s.io/aggregate-to-view: "true"
- {{- end }}
-rules:
-- apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- verbs:
- - "get"
- - "watch"
- - "list"
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/clusterrolebinding.yaml b/charts/sriov/104.3.0+up1.3.0/templates/clusterrolebinding.yaml
deleted file mode 100644
index c10aa9be73..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/clusterrolebinding.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: {{ include "sriov-network-operator.fullname" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: sriov-network-config-daemon
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-roleRef:
- kind: ClusterRole
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-subjects:
- - kind: ServiceAccount
- namespace: {{ .Release.Namespace }}
- name: sriov-network-config-daemon
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/configmap.yaml b/charts/sriov/104.3.0+up1.3.0/templates/configmap.yaml
deleted file mode 100644
index de53e8e369..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/configmap.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: supported-nic-ids
-data:
- Intel_i40e_XXV710: "8086 158a 154c"
- Intel_i40e_25G_SFP28: "8086 158b 154c"
- Intel_i40e_10G_X710_SFP: "8086 1572 154c"
- Intel_ixgbe_10G_X550: "8086 1563 1565"
- Intel_ixgbe_82576: "8086 10c9 10ca"
- Intel_i40e_X710_X557_AT_10G: "8086 1589 154c"
- Intel_i40e_10G_X710_BACKPLANE: "8086 1581 154c"
- Intel_i40e_10G_X710_BASE_T: "8086 15ff 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
- Intel_i40e_X550T: "8086 1563 1565"
- Intel_i40e_X722: "8086 37d2 37cd"
- Intel_i40e_X722_SFP: "8086 37d0 37cd"
- Intel_i40e_X722_SFPP: "8086 37d3 37cd"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
- Intel_ice_Columbiaville_E810: "8086 1591 1889"
- Intel_ice_Columbiapark_E823C: "8086 188a 1889"
- Nvidia_mlx5_ConnectX-4: "15b3 1013 1014"
- Nvidia_mlx5_ConnectX-4LX: "15b3 1015 1016"
- Nvidia_mlx5_ConnectX-5: "15b3 1017 1018"
- Nvidia_mlx5_ConnectX-5_Ex: "15b3 1019 101a"
- Nvidia_mlx5_ConnectX-6: "15b3 101b 101c"
- Nvidia_mlx5_ConnectX-6_Dx: "15b3 101d 101e"
- Nvidia_mlx5_ConnectX-6_Lx: "15b3 101f 101e"
- Nvidia_mlx5_ConnectX-7: "15b3 1021 101e"
- Nvidia_mlx5_MT42822_BlueField-2_integrated_ConnectX-6_Dx: "15b3 a2d6 101e"
- Nvidia_mlx5_MT43244_BlueField-3_integrated_ConnectX-7_Dx: "15b3 a2dc 101e"
- Broadcom_bnxt_BCM57414_2x25G: "14e4 16d7 16dc"
- Broadcom_bnxt_BCM75508_2x100G: "14e4 1750 1806"
- Qlogic_qede_QL45000_50G: "1077 1654 1664"
- Red_Hat_Virtio_network_device: "1af4 1000 1000"
- Red_Hat_Virtio_1_0_network_device: "1af4 1041 1041"
- Marvell_OCTEON_TX2_CN96XX: "177d b200 b203"
- Marvell_OCTEON_TX2_CN98XX: "177d b100 b103"
- Marvell_OCTEON_Fusion_CNF95XX: "177d b600 b603"
- Marvell_OCTEON10_CN10XXX: "177d b900 b903"
- Marvell_OCTEON_Fusion_CNF105XX: "177d ba00 ba03"
- {{- range .Values.supportedExtraNICs }}
- {{ . }}
- {{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/operator.yaml b/charts/sriov/104.3.0+up1.3.0/templates/operator.yaml
deleted file mode 100644
index 70f1cb65c1..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/operator.yaml
+++ /dev/null
@@ -1,116 +0,0 @@
-{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-{{- required "rke2-multus is required but not found" "" -}}
-{{- end -}}
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-spec:
- replicas: 1
- selector:
- matchLabels:
- name: sriov-network-operator
- strategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 33%
- template:
- metadata:
- labels:
- name: sriov-network-operator
- spec:
- {{- with .Values.operator.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.operator.affinity }}
- affinity:
- {{- toYaml . | nindent 8}}
- {{- end }}
- {{- with .Values.operator.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "sriov-network-operator.fullname" . }}
- priorityClassName: "system-node-critical"
- {{- if .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- range .Values.imagePullSecrets }}
- - name: {{ . }}
- {{- end }}
- {{- end }}
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
- image: {{ include "system_default_registry" . }}{{ .Values.images.operator.repository }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- resources:
- requests:
- cpu: 100m
- memory: 100Mi
- env:
- - name: WATCH_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.repository }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.repository }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.repository }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.repository }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.repository }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
- value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.repository }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: IMAGE_PULL_SECRETS
- value: {{ join "," .Values.imagePullSecrets }}
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: RELEASE_VERSION
- value: {{ .Release.AppVersion }}
- - name: SRIOV_CNI_BIN_PATH
- value: {{ .Values.operator.cniBinPath }}
- - name: CLUSTER_TYPE
- value: {{ .Values.operator.clusterType }}
- {{- if .Values.operator.admissionControllers.enabled }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_OPERATOR_SECRET_NAME
- value: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_INJECTOR_SECRET_NAME
- value: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- {{- if .Values.operator.admissionControllers.certificates.certManager.enabled }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_CERT_MANAGER_ENABLED
- value: {{ .Values.operator.admissionControllers.certificates.certManager.enabled | quote }}
- {{- else }}
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_OPERATOR_CA_CRT
- valueFrom:
- secretKeyRef:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.operator }}
- key: ca.crt
- - name: ADMISSION_CONTROLLERS_CERTIFICATES_INJECTOR_CA_CRT
- valueFrom:
- secretKeyRef:
- name: {{ .Values.operator.admissionControllers.certificates.secretNames.injector }}
- key: ca.crt
- {{- end }}
- {{- end }}
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/role.yaml b/charts/sriov/104.3.0+up1.3.0/templates/role.yaml
deleted file mode 100644
index 29cf80cce4..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/role.yaml
+++ /dev/null
@@ -1,138 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- creationTimestamp: null
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- - services
- - endpoints
- - persistentvolumeclaims
- - events
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - deployments
- - daemonsets
- - replicasets
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - servicemonitors
- verbs:
- - get
- - create
- - apiGroups:
- - apps
- resourceNames:
- - sriov-network-operator
- resources:
- - deployments/finalizers
- verbs:
- - update
- - apiGroups:
- - rbac.authorization.k8s.io
- resources:
- - serviceaccounts
- - roles
- - rolebindings
- verbs:
- - '*'
- - apiGroups:
- - config.openshift.io
- resources:
- - infrastructures
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - daemonsets
- verbs:
- - '*'
- - apiGroups:
- - sriovnetwork.openshift.io
- resources:
- - '*'
- - sriovnetworknodestates
- verbs:
- - '*'
- - apiGroups:
- - security.openshift.io
- resourceNames:
- - privileged
- resources:
- - securitycontextconstraints
- verbs:
- - use
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - update
- - apiGroups:
- - 'coordination.k8s.io'
- resources:
- - 'leases'
- verbs:
- - '*'
- - apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/rolebinding.yaml b/charts/sriov/104.3.0+up1.3.0/templates/rolebinding.yaml
deleted file mode 100644
index d2cf1849a7..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/rolebinding.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: {{ include "sriov-network-operator.fullname" . }}
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
-subjects:
- - kind: ServiceAccount
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
-roleRef:
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: operator-webhook-sa
- namespace: {{ .Release.Namespace }}
-subjects:
-- kind: ServiceAccount
- name: operator-webhook-sa
-roleRef:
- kind: Role
- name: operator-webhook-sa
- apiGroup: rbac.authorization.k8s.io
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/secrets.yaml b/charts/sriov/104.3.0+up1.3.0/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/serviceaccount.yaml b/charts/sriov/104.3.0+up1.3.0/templates/serviceaccount.yaml
deleted file mode 100644
index fc0bb57056..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: sriov-network-config-daemon
- namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/sriovoperatorconfig.yaml b/charts/sriov/104.3.0+up1.3.0/templates/sriovoperatorconfig.yaml
deleted file mode 100644
index f18e1ff4ad..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/sriovoperatorconfig.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{ if .Values.sriovOperatorConfig.deploy }}
-apiVersion: sriovnetwork.openshift.io/v1
-kind: SriovOperatorConfig
-metadata:
- name: default
- namespace: {{ .Release.Namespace }}
-spec:
- enableInjector: {{ .Values.operator.admissionControllers.enabled }}
- enableOperatorWebhook: {{ .Values.operator.admissionControllers.enabled }}
- {{- with .Values.sriovOperatorConfig.configDaemonNodeSelector }}
- configDaemonNodeSelector:
- {{- range $k, $v := .}}{{printf "%s: \"%s\"" $k $v | nindent 4 }}{{ end }}
- {{- end }}
- logLevel: {{ .Values.sriovOperatorConfig.logLevel }}
- disableDrain: {{ .Values.sriovOperatorConfig.disableDrain }}
- configurationMode: {{ .Values.sriovOperatorConfig.configurationMode }}
-{{ end }}
\ No newline at end of file
diff --git a/charts/sriov/104.3.0+up1.3.0/templates/validate-install-crd.yaml b/charts/sriov/104.3.0+up1.3.0/templates/validate-install-crd.yaml
deleted file mode 100644
index 8c7e6f8db5..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/OVSNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovIBNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodePolicy" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkNodeState" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetworkPoolConfig" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovNetwork" false -}}
-# {{- set $found "sriovnetwork.openshift.io/v1/SriovOperatorConfig" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# {{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/sriov/104.3.0+up1.3.0/values.yaml b/charts/sriov/104.3.0+up1.3.0/values.yaml
deleted file mode 100644
index 2cb71ac3f7..0000000000
--- a/charts/sriov/104.3.0+up1.3.0/values.yaml
+++ /dev/null
@@ -1,124 +0,0 @@
-operator:
- tolerations:
- - key: "node-role.kubernetes.io/master"
- operator: "Exists"
- effect: "NoSchedule"
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
- - effect: NoExecute
- key: node-role.kubernetes.io/etcd
- operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/master"
- operator: In
- values: [""]
- - weight: 1
- preference:
- matchExpressions:
- - key: "node-role.kubernetes.io/control-plane"
- operator: In
- values: [""]
- nameOverride: ""
- fullnameOverride: ""
- resourcePrefix: "rancher.io"
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
- admissionControllers:
- enabled: false
- certificates:
- secretNames:
- operator: "operator-webhook-cert"
- injector: "network-resources-injector-cert"
- certManager:
- # When enabled, makes use of certificates managed by cert-manager.
- enabled: false
- # When enabled, certificates are generated via cert-manager and then name will match the name of the secrets
- # defined above
- generateSelfSigned: false
- # If not specified, no secret is created and secrets with the names defined above are expected to exist in the
- # cluster. In that case, the ca.crt must be base64 encoded twice since it ends up being an env variable.
- custom:
- enabled: false
- # operator:
- # caCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsKey: |
- # -----BEGIN EC PRIVATE KEY-----
- # MHcl4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo=
- # ...
- # -----END EC PRIVATE KEY-----
- # injector:
- # caCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsCrt: |
- # -----BEGIN CERTIFICATE-----
- # MIIMIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0G
- # ...
- # -----END CERTIFICATE-----
- # tlsKey: |
- # -----BEGIN EC PRIVATE KEY-----
- # MHcl4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo=
- # ...
- # -----END EC PRIVATE KEY-----
-sriovOperatorConfig:
- # deploy sriovOperatorConfig CR with the below values
- deploy: true
- # node slectors for sriov-network-config-daemon
- configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: 'true'}
- # log level for both operator and sriov-network-config-daemon
- logLevel: 2
- # disable node draining when configuring SR-IOV, set to true in case of a single node
- # cluster or any other justifiable reason
- disableDrain: false
- # sriov-network-config-daemon configuration mode. either "daemon" or "systemd"
- configurationMode: daemon
-# Example for supportedExtraNICs values ['MyNIC: "8086 1521 1520"']
-supportedExtraNICs: []
-# Image URIs for sriov-network-operator components
-images:
- operator:
- repository: rancher/hardened-sriov-network-operator
- tag: v1.3.0-build20240816
- sriovConfigDaemon:
- repository: rancher/hardened-sriov-network-config-daemon
- tag: v1.3.0-build20240816
- sriovCni:
- repository: rancher/hardened-sriov-cni
- tag: v2.8.1-build20240820
- ibSriovCni:
- repository: rancher/hardened-ib-sriov-cni
- tag: v1.1.1-build20240816
- sriovDevicePlugin:
- repository: rancher/hardened-sriov-network-device-plugin
- tag: v3.7.0-build20240816
- resourcesInjector:
- repository: rancher/hardened-sriov-network-resources-injector
- tag: v1.6.0-build20240816
- webhook:
- repository: rancher/hardened-sriov-network-webhook
- tag: v1.3.0-build20240816
-imagePullSecrets: []
-global:
- cattle:
- systemDefaultRegistry: ""
- rbac:
- userRoles:
- aggregateToDefaultRoles: false
diff --git a/index.yaml b/index.yaml
index b573e62be1..f0bd9f4115 100755
--- a/index.yaml
+++ b/index.yaml
@@ -18742,530 +18742,6 @@ entries:
urls:
- assets/rancher-wins-upgrader/rancher-wins-upgrader-0.0.100.tgz
version: 0.0.100
- sriov:
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.31.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.3.0
- apiVersion: v2
- appVersion: v1.3.0
- created: "2024-10-24T17:25:02.219343266-03:00"
- dependencies:
- - condition: rancher-nfd.enabled
- name: rancher-nfd
- repository: file://./charts/rancher-nfd
- version: 0.15.6
- deprecated: true
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: 8ba2440560a15bc96c7eb2f85abcbb9af29f6e2c428ace939a98570a8ec1a87f
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0-0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-104.3.0+up1.3.0.tgz
- version: 104.3.0+up1.3.0
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.31.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- created: "2024-07-22T16:07:43.951629641-06:00"
- dependencies:
- - condition: rancher-nfd.enabled
- name: rancher-nfd
- repository: file://./charts/rancher-nfd
- version: 0.15.4
- deprecated: true
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: 829b972b46611d6c343781dd8d2a964be617afc0a7d396ed62344bb2489d0849
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0-0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-104.2.0+up0.1.0.tgz
- version: 104.2.0+up0.1.0
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.30.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- created: "2024-06-05T21:16:52.997910694-06:00"
- dependencies:
- - condition: rancher-nfd.enabled
- name: rancher-nfd
- repository: file://./charts/rancher-nfd
- version: 0.15.4
- deprecated: true
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: 72e0382dff3231bd1fcbcb93a0f5e8238df0c083767a99ff1b2192a518f099af
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0-0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-104.1.0+up0.1.0.tgz
- version: 104.1.0+up0.1.0
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.30.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- created: "2024-04-25T21:59:38.120046902-06:00"
- dependencies:
- - condition: rancher-nfd.enabled
- name: rancher-nfd
- repository: file://./charts/rancher-nfd
- version: 0.15.4
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: 76f89e3171e5e8ec206c4f19f0c143e36d8e287c33139b31bcde7f6a073b4edf
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0-0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-104.0.0+up0.1.0.tgz
- version: 104.0.0+up0.1.0
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.29.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- created: "2024-04-03T17:01:20.437619-03:00"
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: fb069897a7e6bc132d28783c74bec35b23aac681cf2806f3c69f67bfeb1e7285
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-103.1.0+up0.1.0.tgz
- version: 103.1.0+up0.1.0
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.28.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- created: "2023-09-26T17:49:37.736425794-06:00"
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: 1a92ec793b0af6b747de0fba82221c5dad5d91dbf4c0571e396d32c12802c989
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-103.0.0+up0.1.0.tgz
- version: 103.0.0+up0.1.0
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.28.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- created: "2024-03-14T11:35:27.168579-03:00"
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: 8ed88b0f25500f5db87eba4e36f1d0eb993b424179cc29bbc262a2b31b497789
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-102.2.0+up0.1.0.tgz
- version: 102.2.0+up0.1.0
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.27.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- created: "2023-06-12T07:34:52.805394653Z"
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: 71df6a94f6b5cbf9213073395464f2df11a05ed352ddeb4bed79e69d2c11e70d
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-102.1.0+up0.1.0.tgz
- version: 102.1.0+up0.1.0
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.26.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- created: "2023-02-15T09:02:00.910172801Z"
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: cb1dd338b3a271427012a71c51aa8dd2fa79af60bccb3ebccf65fb60c49995a0
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-102.0.0+up0.1.0.tgz
- version: 102.0.0+up0.1.0
- - annotations:
- catalog.cattle.io/auto-install: sriov-crd=match
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.25.0-0'
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/os: linux
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/rancher-version: '>= 2.6.0-0 < 2.7.0-0'
- catalog.cattle.io/release-name: sriov
- catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- created: "2022-09-22T14:48:41.812970799Z"
- description: SR-IOV network operator configures and manages SR-IOV networks in
- the kubernetes cluster
- digest: 146df00c5b76743cf6fe7044ea0c3a3932c48f8e3fd59dffd2e73ccf3b450588
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
- icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
- - Networking
- kubeVersion: '>= 1.16.0'
- maintainers:
- - email: charts@rancher.com
- name: Rancher Labs
- name: sriov
- sources:
- - https://github.com/rancher/charts
- type: application
- urls:
- - assets/sriov/sriov-101.0.1+up0.1.0.tgz
- version: 101.0.1+up0.1.0
- sriov-crd:
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2024-10-24T17:24:58.537420827-03:00"
- deprecated: true
- description: Installs the CRDs for the SR-IOV operator
- digest: e16619ec3fee2642cca6b3ce9dd246dc444d4f2d937a9efc4767acf782e7b9e4
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-104.3.0+up1.3.0.tgz
- version: 104.3.0+up1.3.0
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2024-07-22T16:07:43.956361942-06:00"
- deprecated: true
- description: Installs the CRDs for the SR-IOV operator
- digest: ac64c6ce2acca5f18a9db2e20bc877465e90cae16562b32781e535bb2fa06965
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-104.2.0+up0.1.0.tgz
- version: 104.2.0+up0.1.0
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2024-06-05T16:38:25.002672448-06:00"
- deprecated: true
- description: Installs the CRDs for the SR-IOV operator
- digest: e3838f11c4e719fe6d4549e839c8a8ce08d1c86bfd252501f3465dc86526e406
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-104.1.0+up0.1.0.tgz
- version: 104.1.0+up0.1.0
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2024-04-25T21:59:38.124134326-06:00"
- description: Installs the CRDs for the SR-IOV operator
- digest: 47eb02e596317800f111f6554c55eda185428d18520d6b0be5efe7547751c588
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-104.0.0+up0.1.0.tgz
- version: 104.0.0+up0.1.0
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2024-04-03T17:01:53.480673-03:00"
- description: Installs the CRDs for rke2-sriov.
- digest: 23611c47f7ee9c83ab52c11238ea2eea1742d2cce1097d0686390cd9f52066c5
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-103.1.0+up0.1.0.tgz
- version: 103.1.0+up0.1.0
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2023-09-26T17:13:13.63307864-06:00"
- description: Installs the CRDs for rke2-sriov.
- digest: 98b506e305ff4fc48aa0015c1876fd86aa6cca3f6b1e0b416f18f3d0bd865138
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-103.0.0+up0.1.0.tgz
- version: 103.0.0+up0.1.0
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2024-03-14T11:35:32.91545-03:00"
- description: Installs the CRDs for rke2-sriov.
- digest: 454b9d57ad3065e4ebfd41534e375559264219b00a9e65e40aacebb4dd301730
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-102.2.0+up0.1.0.tgz
- version: 102.2.0+up0.1.0
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2023-04-24T13:20:58.786392518Z"
- description: Installs the CRDs for rke2-sriov.
- digest: c9cd03423f131972d98b736005ffb1d478949fd8297e57c94b5cef6f201f98c1
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-102.1.0+up0.1.0.tgz
- version: 102.1.0+up0.1.0
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2023-02-15T09:02:00.929677725Z"
- description: Installs the CRDs for rke2-sriov.
- digest: 0209ab03d8438bd28c0da82d1037b1067c05dc6bc7200cdb2ff42b5301c612b8
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-102.0.0+up0.1.0.tgz
- version: 102.0.0+up0.1.0
- - annotations:
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/permits-os: linux
- catalog.cattle.io/release-name: sriov-crd
- apiVersion: v2
- created: "2022-09-22T14:48:41.814679315Z"
- description: Installs the CRDs for rke2-sriov.
- digest: 4e8d12a2e4097c0ccda0d108b14ba7577d09c42fecb4622993e7573f423099a6
- name: sriov-crd
- type: application
- urls:
- - assets/sriov-crd/sriov-crd-101.0.1+up0.1.0.tgz
- version: 101.0.1+up0.1.0
system-upgrade-controller:
- annotations:
catalog.cattle.io/certified: rancher
diff --git a/packages/rancher-nfd/package.yaml b/packages/rancher-nfd/package.yaml
deleted file mode 100644
index d9e9805b94..0000000000
--- a/packages/rancher-nfd/package.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-url: https://github.com/kubernetes-sigs/node-feature-discovery/releases/download/v0.15.4/node-feature-discovery-chart-0.15.4.tgz
-version: 104.0.0
-# node-feature-discovery is only used as a dependency of sriov
-doNotRelease: true
diff --git a/packages/rancher-sriov/generated-changes/dependencies/rancher-nfd/dependency.yaml b/packages/rancher-sriov/generated-changes/dependencies/rancher-nfd/dependency.yaml
deleted file mode 100644
index 65c349ed23..0000000000
--- a/packages/rancher-sriov/generated-changes/dependencies/rancher-nfd/dependency.yaml
+++ /dev/null
@@ -1 +0,0 @@
-url: packages/rancher-nfd
diff --git a/packages/rancher-sriov/generated-changes/exclude/crds/k8s.cni.cncf.io_networkattachmentdefinitions_crd.yaml b/packages/rancher-sriov/generated-changes/exclude/crds/k8s.cni.cncf.io_networkattachmentdefinitions_crd.yaml
deleted file mode 100644
index 5916055f0e..0000000000
--- a/packages/rancher-sriov/generated-changes/exclude/crds/k8s.cni.cncf.io_networkattachmentdefinitions_crd.yaml
+++ /dev/null
@@ -1,57 +0,0 @@
-# Copyright 2020 NVIDIA
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- name: network-attachment-definitions.k8s.cni.cncf.io
-spec:
- group: k8s.cni.cncf.io
- scope: Namespaced
- names:
- plural: network-attachment-definitions
- singular: network-attachment-definition
- kind: NetworkAttachmentDefinition
- shortNames:
- - net-attach-def
- versions:
- - name: v1
- served: true
- storage: true
- schema:
- openAPIV3Schema:
- description: 'NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing
- Working Group to express the intent for attaching pods to one or more logical or physical
- networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec'
- type: object
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this represen
- tation of an object. Servers should convert recognized schemas to the
- latest internal value, and may reject unrecognized values. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: 'NetworkAttachmentDefinition spec defines the desired state of a network attachment'
- type: object
- properties:
- config:
- description: 'NetworkAttachmentDefinition config is a JSON-formatted CNI configuration'
- type: string
diff --git a/packages/rancher-sriov/generated-changes/overlay/app-README.md b/packages/rancher-sriov/generated-changes/overlay/app-README.md
deleted file mode 100644
index 4dda94a833..0000000000
--- a/packages/rancher-sriov/generated-changes/overlay/app-README.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Rancher SR-IOV Network Operator
-
-This chart is based on the upstream [k8snetworkplumbingwg/sriov-network-operator](https://github.com/k8snetworkplumbingwg/sriov-network-operator) project. The chart deploys the SR-IOV Operator and its CRDs, which are designed to help the user provision and configure the SR-IOV CNI in a cluster that uses [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni), to provide high performing extra network interfaces to pods. This chart is expected to be deployed on an RKE2 cluster and only meant for advanced use cases where multiple CNI plugins and high performing network interfaces on pods are required. Users who do not need these features are not advised to install this chart.
-
-The chart installs the following components:
-
- - SR-IOV Operator - An operator that helps provision and configure the SR-IOV CNI plugin and SR-IOV Device plugin
- - SR-IOV Network Config Daemon - A Daemon deployed by the Operator that discovers SR-IOV NICs on each node
-
-Note that SR-IOV requires NICs that support SR-IOV and the activation of specific configuration options in the operating system. Nodes that fulfill these requirements should be labeled with: `feature.node.kubernetes.io/network-sriov.capable=true`.
-
-The SR-IOV Network Config Daemon will be deployed on such capable nodes. For more information on how to use this feature, refer to our RKE2 networking docs.
-
diff --git a/packages/rancher-sriov/generated-changes/overlay/templates/_webhook-certs.tpl b/packages/rancher-sriov/generated-changes/overlay/templates/_webhook-certs.tpl
deleted file mode 100644
index f1448968b2..0000000000
--- a/packages/rancher-sriov/generated-changes/overlay/templates/_webhook-certs.tpl
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-Generate TLS certificates for webhooks.
-Note: these 2 lines, that are repeated several times below, are a trick to
-ensure the CA certs are generated only once:
- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365)
- $_ := set . "ca" $ca
-Please, don't try to "simplify" them as without this trick, every generated
-certificate would be signed by a different CA.
-*/}}
-{{- define "sriov_operator_ca_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- printf "%s" $ca.Cert | b64enc -}}
-{{- end }}
-{{- define "sriov_operator_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "operator-webhook-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-{{- define "sriov_resource_injector_cert" }}
-{{- $ca := .ca | default (genCA "sriov-network-operator.k8s.cni.cncf.io" 365) -}}
-{{- $_ := set . "ca" $ca -}}
-{{- $cn := printf "network-resources-injector-service.%s.svc" .Release.Namespace -}}
-{{- $cert := genSignedCert $cn nil (list $cn) 365 $ca -}}
-tls.crt: {{ $cert.Cert | b64enc }}
-tls.key: {{ $cert.Key | b64enc }}
-{{- end }}
-
diff --git a/packages/rancher-sriov/generated-changes/overlay/templates/certmanagercerts.yaml b/packages/rancher-sriov/generated-changes/overlay/templates/certmanagercerts.yaml
deleted file mode 100644
index e3575aa565..0000000000
--- a/packages/rancher-sriov/generated-changes/overlay/templates/certmanagercerts.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{- if and (.Values.operator.enableAdmissionController) (.Values.cert_manager) -}}
-{{- if not (.Capabilities.APIVersions.Has "cert-manager.io/v1") -}}
-{{- required "cert-manager is required but not found" "" -}}
-{{- end -}}
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- name: sriov-network-operator-selfsigned-issuer
- namespace: {{ .Release.Namespace }}
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: operator-webhook-service
- dnsNames:
- - operator-webhook-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: network-resources-injector-service
- namespace: {{ .Release.Namespace }}
-spec:
- secretName: network-resources-injector-secret
- dnsNames:
- - network-resources-injector-service.{{ .Release.Namespace }}.svc
- issuerRef:
- name: sriov-network-operator-selfsigned-issuer
- privateKey:
- rotationPolicy: Always
-{{- end -}}
-
diff --git a/packages/rancher-sriov/generated-changes/overlay/templates/secrets.yaml b/packages/rancher-sriov/generated-changes/overlay/templates/secrets.yaml
deleted file mode 100644
index 3d345be460..0000000000
--- a/packages/rancher-sriov/generated-changes/overlay/templates/secrets.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-{{- if not .Values.cert_manager -}}
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: operator-webhook-service
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_operator_cert" . | nindent 2 }}
-{{- end }}
----
-{{- if .Values.operator.enableAdmissionController }}
-apiVersion: v1
-kind: Secret
-metadata:
- name: network-resources-injector-secret
- namespace: {{ .Release.Namespace }}
-data: {{ include "sriov_resource_injector_cert" . | nindent 2 }}
-{{- end }}
-{{- end }}
-
diff --git a/packages/rancher-sriov/generated-changes/patch/Chart.yaml.patch b/packages/rancher-sriov/generated-changes/patch/Chart.yaml.patch
deleted file mode 100644
index 3bbee363bb..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/Chart.yaml.patch
+++ /dev/null
@@ -1,41 +0,0 @@
---- charts-original/Chart.yaml
-+++ charts/Chart.yaml
-@@ -1,3 +1,15 @@
-+annotations:
-+ catalog.cattle.io/auto-install: sriov-crd=match
-+ catalog.cattle.io/certified: rancher
-+ catalog.cattle.io/deprecated: "true"
-+ catalog.cattle.io/experimental: "true"
-+ catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.31.0-0'
-+ catalog.cattle.io/namespace: cattle-sriov-system
-+ catalog.cattle.io/os: linux
-+ catalog.cattle.io/permits-os: linux
-+ catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.10.0-0'
-+ catalog.cattle.io/release-name: sriov
-+ catalog.cattle.io/upstream-version: 1.2.0
- apiVersion: v2
- appVersion: 1.2.0
- dependencies:
-@@ -5,14 +17,20 @@
- name: rancher-nfd
- repository: file://./charts/rancher-nfd
- version: 0.15.4
-+deprecated: true
- description: SR-IOV network operator configures and manages SR-IOV networks in the
- kubernetes cluster
- home: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-+icon: https://charts.rancher.io/assets/logos/sr-iov.svg
- keywords:
- - sriov
-+- Networking
- kubeVersion: '>= 1.16.0-0'
--name: sriov-network-operator
-+maintainers:
-+- email: charts@rancher.com
-+ name: Rancher Labs
-+name: sriov
- sources:
--- https://github.com/k8snetworkplumbingwg/sriov-network-operator
-+- https://github.com/rancher/charts
- type: application
- version: 0.1.0
diff --git a/packages/rancher-sriov/generated-changes/patch/charts/rancher-nfd/Chart.yaml.patch b/packages/rancher-sriov/generated-changes/patch/charts/rancher-nfd/Chart.yaml.patch
deleted file mode 100644
index 3be08cb5b9..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/charts/rancher-nfd/Chart.yaml.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- charts-original/charts/rancher-nfd/Chart.yaml
-+++ charts/charts/rancher-nfd/Chart.yaml
-@@ -1,7 +1,7 @@
- apiVersion: v2
- appVersion: v0.15.4
- description: 'Detects hardware features available on each node in a Kubernetes cluster,
-- and advertises those features using node labels. '
-+ and advertises those features using node labels'
- home: https://github.com/kubernetes-sigs/node-feature-discovery
- keywords:
- - feature-discovery
diff --git a/packages/rancher-sriov/generated-changes/patch/charts/rancher-nfd/values.yaml.patch b/packages/rancher-sriov/generated-changes/patch/charts/rancher-nfd/values.yaml.patch
deleted file mode 100644
index 10667f8991..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/charts/rancher-nfd/values.yaml.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- charts-original/charts/rancher-nfd/values.yaml
-+++ charts/charts/rancher-nfd/values.yaml
-@@ -1,9 +1,9 @@
- image:
-- repository: registry.k8s.io/nfd/node-feature-discovery
-+ repository: rancher/hardened-node-feature-discovery
- # This should be set to 'IfNotPresent' for released version
- pullPolicy: IfNotPresent
- # tag, if defined will use the given image tag, else Chart.AppVersion will be used
-- # tag
-+ tag: v0.15.4-build20240513
- imagePullSecrets: []
-
- nameOverride: ""
diff --git a/packages/rancher-sriov/generated-changes/patch/templates/NOTES.txt.patch b/packages/rancher-sriov/generated-changes/patch/templates/NOTES.txt.patch
deleted file mode 100644
index 533b92609c..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/templates/NOTES.txt.patch
+++ /dev/null
@@ -1,32 +0,0 @@
---- charts-original/templates/NOTES.txt
-+++ charts/templates/NOTES.txt
-@@ -3,4 +3,27 @@
- $ kubectl -n {{ .Release.Namespace }} get pods
-
- For additional instructions on how to use SR-IOV network operator,
--refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-\ No newline at end of file
-+refer to: https://github.com/k8snetworkplumbingwg/sriov-network-operator
-+
-+{{- if .Values.operator.enableAdmissionController }}
-+{{- if not .Values.cert_manager }}
-+Thank you for installing {{ .Chart.Name }}.
-+
-+WARNING! Self signed certificates have been generated for webhooks.
-+These certificates have a one-year validity and will not be rotated
-+automatically. This should not be a production cluster. Please deploy
-+and use cert-manager for production clusters.
-+{{- end }}
-+{{- end }}
-+
-+{{- if .Chart.Deprecated }}
-+
-+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-+!! !!
-+!! WARNING: This chart is deprecated and will be removed! !!
-+!! !!
-+!! Future updates can be obtained from following chart repository: !!
-+!! https://suse-edge.github.io/charts/ !!
-+!! !!
-+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-+{{- end }}
diff --git a/packages/rancher-sriov/generated-changes/patch/templates/_helpers.tpl.patch b/packages/rancher-sriov/generated-changes/patch/templates/_helpers.tpl.patch
deleted file mode 100644
index e51bbd9077..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/templates/_helpers.tpl.patch
+++ /dev/null
@@ -1,29 +0,0 @@
---- charts-original/templates/_helpers.tpl
-+++ charts/templates/_helpers.tpl
-@@ -60,3 +60,26 @@
- {{- default "default" .Values.serviceAccount.name }}
- {{- end }}
- {{- end }}
-+
-+{{- define "system_default_registry" -}}
-+{{- if .Values.global.cattle.systemDefaultRegistry -}}
-+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-+{{- else -}}
-+{{- "" -}}
-+{{- end -}}
-+{{- end -}}
-+
-+{{/*
-+Windows cluster will add default taint for linux nodes,
-+add below linux tolerations to workloads could be scheduled to those linux nodes
-+*/}}
-+{{- define "linux-node-tolerations" -}}
-+- key: "cattle.io/os"
-+ value: "linux"
-+ effect: "NoSchedule"
-+ operator: "Equal"
-+{{- end -}}
-+
-+{{- define "linux-node-selector" -}}
-+kubernetes.io/os: linux
-+{{- end -}}
diff --git a/packages/rancher-sriov/generated-changes/patch/templates/clusterrole.yaml.patch b/packages/rancher-sriov/generated-changes/patch/templates/clusterrole.yaml.patch
deleted file mode 100644
index 15c4bfc6d3..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/templates/clusterrole.yaml.patch
+++ /dev/null
@@ -1,57 +0,0 @@
---- charts-original/templates/clusterrole.yaml
-+++ charts/templates/clusterrole.yaml
-@@ -58,3 +58,54 @@
- - apiGroups: [ "config.openshift.io" ]
- resources: [ "infrastructures" ]
- verbs: [ "get", "list", "watch" ]
-+---
-+apiVersion: rbac.authorization.k8s.io/v1
-+kind: ClusterRole
-+metadata:
-+ name: sriov-admin
-+ {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
-+ rbac.authorization.k8s.io/aggregate-to-admin: "true"
-+ {{- end }}
-+rules:
-+- apiGroups:
-+ - sriovnetwork.openshift.io
-+ resources:
-+ - '*'
-+ verbs:
-+ - "get"
-+ - "watch"
-+ - "list"
-+---
-+apiVersion: rbac.authorization.k8s.io/v1
-+kind: ClusterRole
-+metadata:
-+ name: sriov-edit
-+ {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
-+ rbac.authorization.k8s.io/aggregate-to-edit: "true"
-+ {{- end }}
-+rules:
-+- apiGroups:
-+ - sriovnetwork.openshift.io
-+ resources:
-+ - '*'
-+ verbs:
-+ - "get"
-+ - "watch"
-+ - "list"
-+---
-+apiVersion: rbac.authorization.k8s.io/v1
-+kind: ClusterRole
-+metadata:
-+ name: sriov-view
-+ {{- if .Values.global.rbac.userRoles.aggregateToDefaultRoles }}
-+ rbac.authorization.k8s.io/aggregate-to-view: "true"
-+ {{- end }}
-+rules:
-+- apiGroups:
-+ - sriovnetwork.openshift.io
-+ resources:
-+ - '*'
-+ verbs:
-+ - "get"
-+ - "watch"
-+ - "list"
diff --git a/packages/rancher-sriov/generated-changes/patch/templates/configmap.yaml.patch b/packages/rancher-sriov/generated-changes/patch/templates/configmap.yaml.patch
deleted file mode 100644
index b9cb9b8e3b..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/templates/configmap.yaml.patch
+++ /dev/null
@@ -1,20 +0,0 @@
---- charts-original/templates/configmap.yaml
-+++ charts/templates/configmap.yaml
-@@ -13,6 +13,10 @@
- Intel_i40e_10G_X710_BASE_T: "8086 15ff 154c"
- Intel_i40e_XXV710_N3000: "8086 0d58 154c"
- Intel_i40e_40G_XL710_QSFP: "8086 1583 154c"
-+ Intel_i40e_X550T: "8086 1563 1565"
-+ Intel_i40e_X722: "8086 37d2 37cd"
-+ Intel_i40e_X722_SFP: "8086 37d0 37cd"
-+ Intel_i40e_X722_SFPP: "8086 37d3 37cd"
- Intel_ice_Columbiaville_E810-CQDA2_2CQDA2: "8086 1592 1889"
- Intel_ice_Columbiaville_E810-XXVDA4: "8086 1593 1889"
- Intel_ice_Columbiaville_E810-XXVDA2: "8086 159b 1889"
-@@ -38,3 +42,6 @@
- Marvell_OCTEON_Fusion_CNF95XX: "177d b600 b603"
- Marvell_OCTEON10_CN10XXX: "177d b900 b903"
- Marvell_OCTEON_Fusion_CNF105XX: "177d ba00 ba03"
-+ {{- range .Values.supportedExtraNICs }}
-+ {{ . }}
-+ {{- end }}
diff --git a/packages/rancher-sriov/generated-changes/patch/templates/operator.yaml.patch b/packages/rancher-sriov/generated-changes/patch/templates/operator.yaml.patch
deleted file mode 100644
index fdde3ce5e8..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/templates/operator.yaml.patch
+++ /dev/null
@@ -1,50 +0,0 @@
---- charts-original/templates/operator.yaml
-+++ charts/templates/operator.yaml
-@@ -1,7 +1,12 @@
-+{{- if not (.Capabilities.APIVersions.Has "k8s.cni.cncf.io/v1/NetworkAttachmentDefinition") -}}
-+{{- required "rke2-multus is required but not found" "" -}}
-+{{- end -}}
-+---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: {{ include "sriov-network-operator.fullname" . }}
-+ namespace: {{ .Release.Namespace }}
- labels:
- {{- include "sriov-network-operator.labels" . | nindent 4 }}
- spec:
-@@ -40,7 +45,7 @@
- {{- end }}
- containers:
- - name: {{ include "sriov-network-operator.fullname" . }}
-- image: {{ .Values.images.operator }}
-+ image: {{ include "system_default_registry" . }}{{ .Values.images.operator.repository }}:{{ .Values.images.operator.tag }}
- command:
- - sriov-network-operator
- resources:
-@@ -53,19 +58,19 @@
- fieldRef:
- fieldPath: metadata.namespace
- - name: SRIOV_CNI_IMAGE
-- value: {{ .Values.images.sriovCni }}
-+ value: {{ include "system_default_registry" . }}{{ .Values.images.sriovCni.repository }}:{{ .Values.images.sriovCni.tag }}
- - name: SRIOV_INFINIBAND_CNI_IMAGE
-- value: {{ .Values.images.ibSriovCni }}
-+ value: {{ include "system_default_registry" . }}{{ .Values.images.ibSriovCni.repository }}:{{ .Values.images.ibSriovCni.tag }}
- - name: SRIOV_DEVICE_PLUGIN_IMAGE
-- value: {{ .Values.images.sriovDevicePlugin }}
-+ value: {{ include "system_default_registry" . }}{{ .Values.images.sriovDevicePlugin.repository }}:{{ .Values.images.sriovDevicePlugin.tag }}
- - name: NETWORK_RESOURCES_INJECTOR_IMAGE
-- value: {{ .Values.images.resourcesInjector }}
-+ value: {{ include "system_default_registry" . }}{{ .Values.images.resourcesInjector.repository }}:{{ .Values.images.resourcesInjector.tag }}
- - name: OPERATOR_NAME
- value: sriov-network-operator
- - name: SRIOV_NETWORK_CONFIG_DAEMON_IMAGE
-- value: {{ .Values.images.sriovConfigDaemon }}
-+ value: {{ include "system_default_registry" . }}{{ .Values.images.sriovConfigDaemon.repository }}:{{ .Values.images.sriovConfigDaemon.tag }}
- - name: SRIOV_NETWORK_WEBHOOK_IMAGE
-- value: {{ .Values.images.webhook }}
-+ value: {{ include "system_default_registry" . }}{{ .Values.images.webhook.repository }}:{{ .Values.images.webhook.tag }}
- - name: RESOURCE_PREFIX
- value: {{ .Values.operator.resourcePrefix }}
- - name: IMAGE_PULL_SECRETS
diff --git a/packages/rancher-sriov/generated-changes/patch/templates/rolebinding.yaml.patch b/packages/rancher-sriov/generated-changes/patch/templates/rolebinding.yaml.patch
deleted file mode 100644
index daa1f4ccfa..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/templates/rolebinding.yaml.patch
+++ /dev/null
@@ -1,19 +0,0 @@
---- charts-original/templates/rolebinding.yaml
-+++ charts/templates/rolebinding.yaml
-@@ -29,3 +29,16 @@
- kind: Role
- name: sriov-network-config-daemon
- apiGroup: rbac.authorization.k8s.io
-+---
-+kind: RoleBinding
-+apiVersion: rbac.authorization.k8s.io/v1
-+metadata:
-+ name: operator-webhook-sa
-+ namespace: {{ .Release.Namespace }}
-+subjects:
-+- kind: ServiceAccount
-+ name: operator-webhook-sa
-+roleRef:
-+ kind: Role
-+ name: operator-webhook-sa
-+ apiGroup: rbac.authorization.k8s.io
diff --git a/packages/rancher-sriov/generated-changes/patch/templates/sriovoperatorconfig.yaml.patch b/packages/rancher-sriov/generated-changes/patch/templates/sriovoperatorconfig.yaml.patch
deleted file mode 100644
index e88efe4b49..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/templates/sriovoperatorconfig.yaml.patch
+++ /dev/null
@@ -1,15 +0,0 @@
---- charts-original/templates/sriovoperatorconfig.yaml
-+++ charts/templates/sriovoperatorconfig.yaml
-@@ -9,9 +9,9 @@
- enableOperatorWebhook: {{ .Values.operator.admissionControllers.enabled }}
- {{- with .Values.sriovOperatorConfig.configDaemonNodeSelector }}
- configDaemonNodeSelector:
-- {{- range $k, $v := .}}{{printf "%s: %s" $k $v | nindent 4 }}{{ end }}
-+ {{- range $k, $v := .}}{{printf "%s: '%s'" $k $v | nindent 4 }}{{ end }}
- {{- end }}
- logLevel: {{ .Values.sriovOperatorConfig.logLevel }}
- disableDrain: {{ .Values.sriovOperatorConfig.disableDrain }}
- configurationMode: {{ .Values.sriovOperatorConfig.configurationMode }}
--{{ end }}
-\ No newline at end of file
-+{{ end }}
diff --git a/packages/rancher-sriov/generated-changes/patch/values.yaml.patch b/packages/rancher-sriov/generated-changes/patch/values.yaml.patch
deleted file mode 100644
index 064142be64..0000000000
--- a/packages/rancher-sriov/generated-changes/patch/values.yaml.patch
+++ /dev/null
@@ -1,77 +0,0 @@
---- charts-original/values.yaml
-+++ charts/values.yaml
-@@ -6,6 +6,9 @@
- - key: "node-role.kubernetes.io/control-plane"
- operator: "Exists"
- effect: "NoSchedule"
-+ - effect: NoExecute
-+ key: node-role.kubernetes.io/etcd
-+ operator: Exists
- nodeSelector: {}
- affinity:
- nodeAffinity:
-@@ -24,7 +27,7 @@
- values: [ "" ]
- nameOverride: ""
- fullnameOverride: ""
-- resourcePrefix: "openshift.io"
-+ resourcePrefix: "rancher.io"
- cniBinPath: "/opt/cni/bin"
- clusterType: "kubernetes"
- admissionControllers:
-@@ -78,9 +81,9 @@
-
- sriovOperatorConfig:
- # deploy sriovOperatorConfig CR with the below values
-- deploy: false
-+ deploy: true
- # node slectors for sriov-network-config-daemon
-- configDaemonNodeSelector: {}
-+ configDaemonNodeSelector: {feature.node.kubernetes.io/network-sriov.capable: 'true'}
- # log level for both operator and sriov-network-config-daemon
- logLevel: 2
- # disable node draining when configuring SR-IOV, set to true in case of a single node
-@@ -91,12 +94,36 @@
-
- # Image URIs for sriov-network-operator components
- images:
-- operator: ghcr.io/k8snetworkplumbingwg/sriov-network-operator
-- sriovConfigDaemon: ghcr.io/k8snetworkplumbingwg/sriov-network-operator-config-daemon
-- sriovCni: ghcr.io/k8snetworkplumbingwg/sriov-cni
-- ibSriovCni: ghcr.io/k8snetworkplumbingwg/ib-sriov-cni
-- sriovDevicePlugin: ghcr.io/k8snetworkplumbingwg/sriov-network-device-plugin
-- resourcesInjector: ghcr.io/k8snetworkplumbingwg/network-resources-injector
-- webhook: ghcr.io/k8snetworkplumbingwg/sriov-network-operator-webhook
-+ operator:
-+ repository: rancher/hardened-sriov-network-operator
-+ tag: v1.2.0-build20240327
-+ sriovConfigDaemon:
-+ repository: rancher/hardened-sriov-network-config-daemon
-+ tag: v1.2.0-build20240327
-+ sriovCni:
-+ repository: rancher/hardened-sriov-cni
-+ tag: v2.7.0-build20240327
-+ ibSriovCni:
-+ repository: rancher/hardened-ib-sriov-cni
-+ tag: v1.0.3-build20240327
-+ sriovDevicePlugin:
-+ repository: rancher/hardened-sriov-network-device-plugin
-+ tag: v3.6.2-build20240327
-+ resourcesInjector:
-+ repository: rancher/hardened-sriov-network-resources-injector
-+ tag: v1.5-build20240327
-+ webhook:
-+ repository: rancher/hardened-sriov-network-webhook
-+ tag: v1.2.0-build20240327
-
- imagePullSecrets: []
-+
-+# Example for supportedExtraNICs values ['MyNIC: "8086 1521 1520"']
-+supportedExtraNICs: []
-+
-+global:
-+ cattle:
-+ systemDefaultRegistry: ""
-+ rbac:
-+ userRoles:
-+ aggregateToDefaultRoles: false
diff --git a/packages/rancher-sriov/package.yaml b/packages/rancher-sriov/package.yaml
deleted file mode 100644
index 1e90f77884..0000000000
--- a/packages/rancher-sriov/package.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-url: https://github.com/k8snetworkplumbingwg/sriov-network-operator.git
-subdirectory: deployment/sriov-network-operator
-commit: f2ca88418036a7836ea2c0bd1f648a47774997c4 # March 2024
-version: 104.2.0
-additionalCharts:
- - workingDir: charts-crd
- crdOptions:
- templateDirectory: crd-template
- crdDirectory: templates
- addCRDValidationToMainChart: true
diff --git a/packages/rancher-sriov/templates/crd-template/Chart.yaml b/packages/rancher-sriov/templates/crd-template/Chart.yaml
deleted file mode 100644
index 5b7537d683..0000000000
--- a/packages/rancher-sriov/templates/crd-template/Chart.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v2
-deprecated: true
-description: Installs the CRDs for the SR-IOV operator
-name: sriov-crd
-type: application
-version: 104.0.0
-annotations:
- catalog.cattle.io/deprecated: "true"
- catalog.cattle.io/experimental: "true"
- catalog.cattle.io/release-name: sriov-crd
- catalog.cattle.io/namespace: cattle-sriov-system
- catalog.cattle.io/certified: rancher
- catalog.cattle.io/hidden: "true"
- catalog.cattle.io/permits-os: linux
diff --git a/regsync.yaml b/regsync.yaml
index 2bae848349..dea8a3d0fd 100644
--- a/regsync.yaml
+++ b/regsync.yaml
@@ -272,57 +272,6 @@ sync:
tags:
allow:
- 7.1.5
-- source: docker.io/rancher/hardened-ib-sriov-cni
- target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/hardened-ib-sriov-cni'
- type: repository
- tags:
- allow:
- - v1.0.2-build20230911
-- source: docker.io/rancher/hardened-node-feature-discovery
- target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/hardened-node-feature-discovery'
- type: repository
- tags:
- allow:
- - v0.11.2-build20220901
- - v0.12.1-build20230120
- - v0.13.2-build20230605
- - v0.14.1-build20230926
-- source: docker.io/rancher/hardened-sriov-cni
- target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/hardened-sriov-cni'
- type: repository
- tags:
- allow:
- - v2.6.3-build20230913
-- source: docker.io/rancher/hardened-sriov-network-config-daemon
- target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/hardened-sriov-network-config-daemon'
- type: repository
- tags:
- allow:
- - v1.2.0-build20230912
-- source: docker.io/rancher/hardened-sriov-network-device-plugin
- target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/hardened-sriov-network-device-plugin'
- type: repository
- tags:
- allow:
- - v3.5.1-build20230911
-- source: docker.io/rancher/hardened-sriov-network-operator
- target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/hardened-sriov-network-operator'
- type: repository
- tags:
- allow:
- - v1.2.0-build20230912
-- source: docker.io/rancher/hardened-sriov-network-resources-injector
- target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/hardened-sriov-network-resources-injector'
- type: repository
- tags:
- allow:
- - v1.5-build20230911
-- source: docker.io/rancher/hardened-sriov-network-webhook
- target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/hardened-sriov-network-webhook'
- type: repository
- tags:
- allow:
- - v1.2.0-build20230912
- source: docker.io/rancher/harvester-cloud-provider
target: '{{ env "REGISTRY_ENDPOINT" }}/rancher/harvester-cloud-provider'
type: repository
diff --git a/release.yaml b/release.yaml
index 41d791e5d8..fa6d5cba10 100644
--- a/release.yaml
+++ b/release.yaml
@@ -63,3 +63,25 @@ rancher-istio:
- 105.2.0+up1.21.1
- 105.3.0+up1.22.1
- 105.4.0+up1.23.2
+sriov:
+ - 101.0.1+up0.1.0
+ - 102.0.0+up0.1.0
+ - 102.1.0+up0.1.0
+ - 102.2.0+up0.1.0
+ - 103.0.0+up0.1.0
+ - 103.1.0+up0.1.0
+ - 104.0.0+up0.1.0
+ - 104.1.0+up0.1.0
+ - 104.2.0+up0.1.0
+ - 104.3.0+up1.3.0
+sriov-crd:
+ - 101.0.1+up0.1.0
+ - 102.0.0+up0.1.0
+ - 102.1.0+up0.1.0
+ - 102.2.0+up0.1.0
+ - 103.0.0+up0.1.0
+ - 103.1.0+up0.1.0
+ - 104.0.0+up0.1.0
+ - 104.1.0+up0.1.0
+ - 104.2.0+up0.1.0
+ - 104.3.0+up1.3.0