From 469554ccd8cf89a2da1a9ec4f378d87dba57318e Mon Sep 17 00:00:00 2001 From: Huanyu He <552483776@qq.com> Date: Tue, 12 Apr 2022 20:45:05 +0800 Subject: [PATCH] charts: update to 0.2.0 (#216) * init webhook configuration * change names of some fields and add skipValidation flag * add replicas parameter for manager and webhook pods * update changelog of charts * move remove the global section * remove skipValidation variable and wehbook objectSelector for Network/Subnet * only create init Network/Subnet once * remove exceptPodLabels and use additionalPodMatchExpressions * add enableNetworkPolicy variable * move preferInterfaces to daemon section * update changelog of charts --- charts/hybridnet/Chart.yaml | 9 +++- charts/hybridnet/README.md | 4 +- charts/hybridnet/templates/daemonsets.yaml | 16 +++--- charts/hybridnet/templates/deployments.yaml | 16 +++--- .../templates/networkinitialization.yaml | 8 +-- .../templates/webhookconfigurations.yaml | 7 +-- charts/hybridnet/values.yaml | 49 +++++++++++++------ 7 files changed, 67 insertions(+), 42 deletions(-) diff --git a/charts/hybridnet/Chart.yaml b/charts/hybridnet/Chart.yaml index dfd15126..a7d7d38c 100644 --- a/charts/hybridnet/Chart.yaml +++ b/charts/hybridnet/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: hybridnet # When the version is modified, make sure the artifacthub.io/changes list is updated # Also update CHANGELOG.md -version: 0.1.2 +version: 0.2.0 appVersion: 0.4.2 home: https://github.com/alibaba/hybridnet description: A container networking solution aiming at hybrid clouds. @@ -22,4 +22,9 @@ annotations: artifacthub.io/prerelease: "false" # List of changes for the release in artifacthub.io artifacthub.io/changes: | - - "add defualtIPRetain parameter" + - "adjust names of some fields" + - "make the pod creating validation of webhook configurable, to avoid block the creation of other components" + - "make the init Subnet/Network be created only once while install the helm chart" + - "add enableNetworkPolicy variable for daemon" + - "add replicas parameter for manager and webhook pods" + - "remove badges in README" diff --git a/charts/hybridnet/README.md b/charts/hybridnet/README.md index 904aa7ce..f275ba6b 100644 --- a/charts/hybridnet/README.md +++ b/charts/hybridnet/README.md @@ -2,8 +2,6 @@ hybridnet is an open source container networking solution designed for hybrid clouds. -![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.4.2](https://img.shields.io/badge/AppVersion-0.4.2-informational?style=flat-square) - ## Prerequisites - Kubernetes v1.16+ @@ -52,7 +50,7 @@ time with these commands: ```shell # Change default network type to Underlay -helm upgrade hybridnet hybridnet/hybridnet -n kube-system --set advancedSettings.defualtNetworkType=Underlay +helm upgrade hybridnet hybridnet/hybridnet -n kube-system --set defualtNetworkType=Underlay ``` Of course, if you want to change your container network to use Underlay as default network type, you should diff --git a/charts/hybridnet/templates/daemonsets.yaml b/charts/hybridnet/templates/daemonsets.yaml index e9bd44ea..c284d25c 100644 --- a/charts/hybridnet/templates/daemonsets.yaml +++ b/charts/hybridnet/templates/daemonsets.yaml @@ -41,16 +41,16 @@ spec: - sh - /hybridnet/start-daemon.sh args: - {{ if (ne .Values.initNetworkConfig.preferVxlanInterfaces "") }} - - --prefer-vxlan-interfaces={{ .Values.initNetworkConfig.preferVxlanInterfaces }} + {{ if (ne .Values.daemon.preferVxlanInterfaces "") }} + - --prefer-vxlan-interfaces={{ .Values.daemon.preferVxlanInterfaces }} {{ end }} - {{ if ne .Values.initNetworkConfig.preferVlanInterfaces "" }} - - --prefer-vlan-interfaces={{ .Values.initNetworkConfig.preferVlanInterfaces }} + {{ if ne .Values.daemon.preferVlanInterfaces "" }} + - --prefer-vlan-interfaces={{ .Values.daemon.preferVlanInterfaces }} {{ end }} - {{ if ne .Values.initNetworkConfig.preferBGPInterfaces "" }} - - --prefer-bgp-interfaces={{ .Values.initNetworkConfig.preferBGPInterfaces }} + {{ if ne .Values.daemon.preferBGPInterfaces "" }} + - --prefer-bgp-interfaces={{ .Values.daemon.preferBGPInterfaces }} {{ end }} - - --feature-gates=MultiCluster={{ .Values.advancedSettings.multiCluster }},DualStack={{ .Values.advancedSettings.dualStack }} + - --feature-gates=MultiCluster={{ .Values.multiCluster }},DualStack={{ .Values.dualStack }} securityContext: runAsUser: 0 privileged: true @@ -93,6 +93,7 @@ spec: mountPropagation: HostToContainer name: host-docker-netns # TODO: add liveness probe + {{ if .Values.daemon.enableNetworkPolicy }} - name: policy image: "{{ .Values.images.registryURL }}/{{ .Values.images.hybridnet.image }}:{{ .Values.images.hybridnet.tag }}" imagePullPolicy: IfNotPresent @@ -110,6 +111,7 @@ spec: securityContext: privileged: true runAsUser: 0 + {{ end }} nodeSelector: kubernetes.io/os: "linux" volumes: diff --git a/charts/hybridnet/templates/deployments.yaml b/charts/hybridnet/templates/deployments.yaml index 2f232ab6..6ab9f312 100644 --- a/charts/hybridnet/templates/deployments.yaml +++ b/charts/hybridnet/templates/deployments.yaml @@ -4,7 +4,7 @@ metadata: name: hybridnet-manager namespace: kube-system spec: - replicas: 3 + replicas: {{ .Values.manager.replicas }} selector: matchLabels: app: hybridnet-manager @@ -34,11 +34,11 @@ spec: imagePullPolicy: IfNotPresent command: - /hybridnet/hybridnet-manager - - --default-ip-retain={{ .Values.advancedSettings.defualtIPRetain }} - - --feature-gates=MultiCluster={{ .Values.advancedSettings.multiCluster }},DualStack={{ .Values.advancedSettings.dualStack }} + - --default-ip-retain={{ .Values.defualtIPRetain }} + - --feature-gates=MultiCluster={{ .Values.multiCluster }},DualStack={{ .Values.dualStack }} env: - name: DEFAULT_NETWORK_TYPE - value: {{ .Values.advancedSettings.defualtNetworkType }} + value: {{ .Values.defualtNetworkType }} - name: NAMESPACE valueFrom: fieldRef: @@ -53,7 +53,7 @@ metadata: name: hybridnet-webhook namespace: kube-system spec: - replicas: 3 + replicas: {{ .Values.webhook.replicas }} selector: matchLabels: app: hybridnet-webhook @@ -79,13 +79,13 @@ spec: imagePullPolicy: IfNotPresent command: - /hybridnet/hybridnet-webhook - - --default-ip-retain={{ .Values.advancedSettings.defualtIPRetain }} - - --feature-gates=MultiCluster={{ .Values.advancedSettings.multiCluster }},DualStack={{ .Values.advancedSettings.dualStack }} + - --default-ip-retain={{ .Values.defualtIPRetain }} + - --feature-gates=MultiCluster={{ .Values.multiCluster }},DualStack={{ .Values.dualStack }} args: - --port=9898 env: - name: DEFAULT_NETWORK_TYPE - value: {{ .Values.advancedSettings.defualtNetworkType }} + value: {{ .Values.defualtNetworkType }} ports: - containerPort: 9898 name: webhook-port diff --git a/charts/hybridnet/templates/networkinitialization.yaml b/charts/hybridnet/templates/networkinitialization.yaml index 0ce1c5e6..9addc27d 100644 --- a/charts/hybridnet/templates/networkinitialization.yaml +++ b/charts/hybridnet/templates/networkinitialization.yaml @@ -1,9 +1,10 @@ +{{ if .Release.IsInstall }} apiVersion: networking.alibaba.com/v1 kind: Network metadata: name: init spec: - netID: {{ .Values.initNetworkConfig.vxlanID }} + netID: {{ .Values.init.vxlanID }} type: Overlay --- @@ -16,6 +17,7 @@ spec: autoNatOutgoing: true network: init range: - cidr: {{ .Values.initNetworkConfig.cidr }} - version: "{{ .Values.initNetworkConfig.ipVersion }}" + cidr: {{ .Values.init.cidr }} + version: "{{ .Values.init.ipVersion }}" +{{ end }} diff --git a/charts/hybridnet/templates/webhookconfigurations.yaml b/charts/hybridnet/templates/webhookconfigurations.yaml index 681df905..900513a6 100644 --- a/charts/hybridnet/templates/webhookconfigurations.yaml +++ b/charts/hybridnet/templates/webhookconfigurations.yaml @@ -14,11 +14,6 @@ webhooks: failurePolicy: Fail matchPolicy: Equivalent name: hybridnet-v1.validating.hybridnet - objectSelector: - matchExpressions: - - key: webhook.hybridnet.io/ignore - operator: NotIn - values: ["TRUE", "true"] rules: - apiGroups: ["networking.alibaba.com"] apiVersions: ["v1"] @@ -46,6 +41,7 @@ webhooks: - key: webhook.hybridnet.io/ignore operator: NotIn values: ["TRUE", "true"] + {{ toYaml .Values.webhook.additionalPodMatchExpressions | nindent 8 }} rules: - apiGroups: [""] apiVersions: ["v1"] @@ -76,6 +72,7 @@ webhooks: - key: webhook.hybridnet.io/ignore operator: NotIn values: ["TRUE", "true"] + {{ toYaml .Values.webhook.additionalPodMatchExpressions | nindent 8 }} reinvocationPolicy: Never rules: - apiGroups: [""] diff --git a/charts/hybridnet/values.yaml b/charts/hybridnet/values.yaml index a41f2a15..e7171b29 100644 --- a/charts/hybridnet/values.yaml +++ b/charts/hybridnet/values.yaml @@ -5,8 +5,9 @@ images: registryURL: "docker.io" # -- It's always encouraged to use an overlay network to finish some general jobs in hybridnet. This -# chart will always create an "init" overlay Network/Subnet to initialize the K8s cluster. -initNetworkConfig: +# chart will always create an "init" overlay Network/Subnet to initialize the K8s cluster. "init" Network/Subnet +# will only be created once. +init: # -- CIDR of "init" Subnet. cidr: 100.64.0.0/16 @@ -16,23 +17,43 @@ initNetworkConfig: # -- VNI of the default overlay vxlan Network. vxlanID: 4 - # -- The physical interfaces on node to transmit vlan/vxlan/bgp packets, which should be confirmed +manager: + # -- The number of manager pods + replicas: 3 + +webhook: + # -- Only the pods match the additionalPodMatchExpressions will be validate by hybridnet webhook. + additionalPodMatchExpressions: + - key: app + operator: NotIn + values: [ "kube-proxy" ] + + # -- The number of webhook pods + replicas: 3 + +daemon: + # -- Whether enable the NetworkPolicy functions of hybridnet. + enableNetworkPolicy: true + + # -- The physical interfaces on each node to transmit vlan/vxlan/bgp packets, which should be confirmed # before network config is actually applied, or you might have to face the risk of rebooting the machine. - # An interface name list string using commons as separator is valid, daemon will always use the first - # available interface. + # + ## Each one of them is an interface name string list, using commons as separator. Daemon will always use + ## the first available interface name in each list. If empty, daemon will choose interface by default route. preferVxlanInterfaces: "" preferVlanInterfaces: "" preferBGPInterfaces: "" -advancedSettings: - # -- Whether pod IP of stateful workloads will be retained by default. true or false - defualtIPRetain: true +# -- Whether pod IP of stateful workloads will be retained by default. true or false +## Ref: https://github.com/alibaba/hybridnet/wiki/Static-pod-ip-addresses-for-StatefulSet +defualtIPRetain: true - # -- The default value when pod's network type is unspecified. Overlay or Underlay - defualtNetworkType: Overlay +# -- The default value when pod's network type is unspecified. Overlay or Underlay +## Ref: https://github.com/alibaba/hybridnet/wiki/Change-default-network-type +defualtNetworkType: Overlay - # -- Enable the MultiCluster feature. true or false - multiCluster: false +# -- Enable the MultiCluster feature. true or false +multiCluster: false - # -- Enable the DualStack feature. IPv6 is disabled when is dualStack is not enable. true or false - dualStack: false +# -- Enable the DualStack feature. IPv6 is disabled when is dualStack is not enable. true or false +dualStack: false