From e7e05b5571a371018007232616f3d0f7bbff1afe Mon Sep 17 00:00:00 2001 From: Jay Deokar Date: Wed, 30 Nov 2022 20:39:52 -0500 Subject: [PATCH] [HELM]: Move CRD resources to a separate folder as per helm standard --- charts/aws-vpc-cni/.helmignore | 1 + charts/aws-vpc-cni/Chart.yaml | 2 +- charts/aws-vpc-cni/README.md | 11 ++++--- .../customresourcedefinition.yaml | 4 --- charts/aws-vpc-cni/crds/kustomization.yaml | 4 +++ charts/aws-vpc-cni/test.yaml | 3 -- charts/aws-vpc-cni/values.yaml | 3 -- config/master/aws-k8s-cni-cn.yaml | 32 ++++++++----------- config/master/aws-k8s-cni-us-gov-east-1.yaml | 32 ++++++++----------- config/master/aws-k8s-cni-us-gov-west-1.yaml | 32 ++++++++----------- config/master/aws-k8s-cni.yaml | 32 ++++++++----------- scripts/generate-cni-yaml.sh | 3 +- 12 files changed, 71 insertions(+), 88 deletions(-) rename charts/aws-vpc-cni/{templates => crds}/customresourcedefinition.yaml (82%) create mode 100644 charts/aws-vpc-cni/crds/kustomization.yaml diff --git a/charts/aws-vpc-cni/.helmignore b/charts/aws-vpc-cni/.helmignore index 50af031725..ec56e8b13f 100644 --- a/charts/aws-vpc-cni/.helmignore +++ b/charts/aws-vpc-cni/.helmignore @@ -20,3 +20,4 @@ .idea/ *.tmproj .vscode/ +crds/kustomization.yaml \ No newline at end of file diff --git a/charts/aws-vpc-cni/Chart.yaml b/charts/aws-vpc-cni/Chart.yaml index 17f2e9b789..5a9cb6920b 100644 --- a/charts/aws-vpc-cni/Chart.yaml +++ b/charts/aws-vpc-cni/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: aws-vpc-cni -version: 1.2.0 +version: 1.2.1 appVersion: "v1.12.0" description: A Helm chart for the AWS VPC CNI icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png diff --git a/charts/aws-vpc-cni/README.md b/charts/aws-vpc-cni/README.md index 2fcb5668f3..f52912e69a 100644 --- a/charts/aws-vpc-cni/README.md +++ b/charts/aws-vpc-cni/README.md @@ -5,6 +5,7 @@ This chart installs the AWS CNI Daemonset: https://github.com/aws/amazon-vpc-cni ## Prerequisites - Kubernetes 1.11+ running on AWS +- Helm v3 ## Installing the Chart @@ -22,6 +23,8 @@ $ helm install --name aws-vpc-cni --namespace kube-system eks/aws-vpc-cni To install into an EKS cluster where the CNI is already installed, see [this section below](#adopting-the-existing-aws-node-resources-in-an-eks-cluster) +To migrate helm release for aws-vpc-cni chart from v2 to v3, see [ Migrate from helm v2 to helm v3 ](#migrate-from-helm-v2-to-helm-v3) + ## Configuration The following table lists the configurable parameters for this chart and their default values. @@ -69,7 +72,6 @@ The following table lists the configurable parameters for this chart and their d | `serviceAccount.annotations` | Specifies the annotations for ServiceAccount | `{}` | | `livenessProbe` | Livenness probe settings for daemonset | (see `values.yaml`) | | `readinessProbe` | Readiness probe settings for daemonset | (see `values.yaml`) | -| `crd.create` | Specifies whether to create the VPC-CNI CRD | `true` | | `tolerations` | Optional deployment tolerations | `[]` | | `updateStrategy` | Optional update strategy | `type: RollingUpdate` | @@ -81,9 +83,7 @@ $ helm install --name aws-vpc-cni --namespace kube-system eks/aws-vpc-cni --valu ## Adopting the existing aws-node resources in an EKS cluster -If you do not want to delete the existing aws-node resources in your cluster that run the aws-vpc-cni and then install this helm chart, you can adopt the resources into a release instead. This process is highlighted in this [PR comment](https://github.com/aws/eks-charts/issues/57#issuecomment-628403245). Once you have annotated and labeled all the resources this chart specifies, enable the `originalMatchLabels` flag, and also set `crd.create` to false on the helm release and run an update. If you have been careful this should not diff and leave all the resources unmodified and now under management of helm. - -Here is an example script to modify the existing resources: +If you do not want to delete the existing aws-node resources in your cluster that run the aws-vpc-cni and then install this helm chart, you can adopt the resources into a release instead. Refer to the script below to import existing resources into helm. Once you have annotated and labeled all the resources this chart specifies, enable the `originalMatchLabels` flag. If you have been careful this should not diff and leave all the resources unmodified and now under management of helm. WARNING: Substitute YOUR_HELM_RELEASE_NAME_HERE with the name of your helm release. ``` @@ -99,3 +99,6 @@ for kind in daemonSet clusterRole clusterRoleBinding serviceAccount; do kubectl -n kube-system label --overwrite $kind aws-node app.kubernetes.io/managed-by=Helm done ``` + +## Migrate from Helm v2 to Helm v3 +You can use the [Helm 2to3 plugin](https://github.com/helm/helm-2to3) to migrate releases from Helm v2 to Helm v3. For a more detailed explanation with some examples about this migration plugin, refer to Helm blog post: [How to migrate from Helm v2 to Helm v3](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/). \ No newline at end of file diff --git a/charts/aws-vpc-cni/templates/customresourcedefinition.yaml b/charts/aws-vpc-cni/crds/customresourcedefinition.yaml similarity index 82% rename from charts/aws-vpc-cni/templates/customresourcedefinition.yaml rename to charts/aws-vpc-cni/crds/customresourcedefinition.yaml index bda35b9edc..306066449b 100644 --- a/charts/aws-vpc-cni/templates/customresourcedefinition.yaml +++ b/charts/aws-vpc-cni/crds/customresourcedefinition.yaml @@ -1,10 +1,7 @@ -{{- if .Values.crd.create -}} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: eniconfigs.crd.k8s.amazonaws.com - labels: -{{ include "aws-vpc-cni.labels" . | indent 4 }} spec: scope: Cluster group: crd.k8s.amazonaws.com @@ -21,4 +18,3 @@ spec: plural: eniconfigs singular: eniconfig kind: ENIConfig -{{- end -}} diff --git a/charts/aws-vpc-cni/crds/kustomization.yaml b/charts/aws-vpc-cni/crds/kustomization.yaml new file mode 100644 index 0000000000..a3d6867b79 --- /dev/null +++ b/charts/aws-vpc-cni/crds/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- customresourcedefinition.yaml diff --git a/charts/aws-vpc-cni/test.yaml b/charts/aws-vpc-cni/test.yaml index 9a1df7f43a..7a5057c002 100644 --- a/charts/aws-vpc-cni/test.yaml +++ b/charts/aws-vpc-cni/test.yaml @@ -69,9 +69,6 @@ securityContext: - "NET_ADMIN" - "NET_RAW" -crd: - create: true - serviceAccount: # Specifies whether a service account should be created create: true diff --git a/charts/aws-vpc-cni/values.yaml b/charts/aws-vpc-cni/values.yaml index 6b27e94555..d5a01642de 100644 --- a/charts/aws-vpc-cni/values.yaml +++ b/charts/aws-vpc-cni/values.yaml @@ -81,9 +81,6 @@ securityContext: - "NET_ADMIN" - "NET_RAW" -crd: - create: true - serviceAccount: # Specifies whether a service account should be created create: true diff --git a/config/master/aws-k8s-cni-cn.yaml b/config/master/aws-k8s-cni-cn.yaml index e79d355b01..42eb6d597a 100644 --- a/config/master/aws-k8s-cni-cn.yaml +++ b/config/master/aws-k8s-cni-cn.yaml @@ -1,26 +1,9 @@ --- -# Source: aws-vpc-cni/templates/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: aws-node - namespace: kube-system - labels: - app.kubernetes.io/name: aws-node - app.kubernetes.io/instance: aws-vpc-cni - k8s-app: aws-node - app.kubernetes.io/version: "v1.12.0" ---- -# Source: aws-vpc-cni/templates/customresourcedefinition.yaml +# Source: crds/customresourcedefinition.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: eniconfigs.crd.k8s.amazonaws.com - labels: - app.kubernetes.io/name: aws-node - app.kubernetes.io/instance: aws-vpc-cni - k8s-app: aws-node - app.kubernetes.io/version: "v1.12.0" spec: scope: Cluster group: crd.k8s.amazonaws.com @@ -37,6 +20,19 @@ spec: plural: eniconfigs singular: eniconfig kind: ENIConfig + +--- +# Source: aws-vpc-cni/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: aws-node + namespace: kube-system + labels: + app.kubernetes.io/name: aws-node + app.kubernetes.io/instance: aws-vpc-cni + k8s-app: aws-node + app.kubernetes.io/version: "v1.12.0" --- # Source: aws-vpc-cni/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 diff --git a/config/master/aws-k8s-cni-us-gov-east-1.yaml b/config/master/aws-k8s-cni-us-gov-east-1.yaml index 662d350fc2..e718cfebc1 100644 --- a/config/master/aws-k8s-cni-us-gov-east-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-east-1.yaml @@ -1,26 +1,9 @@ --- -# Source: aws-vpc-cni/templates/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: aws-node - namespace: kube-system - labels: - app.kubernetes.io/name: aws-node - app.kubernetes.io/instance: aws-vpc-cni - k8s-app: aws-node - app.kubernetes.io/version: "v1.12.0" ---- -# Source: aws-vpc-cni/templates/customresourcedefinition.yaml +# Source: crds/customresourcedefinition.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: eniconfigs.crd.k8s.amazonaws.com - labels: - app.kubernetes.io/name: aws-node - app.kubernetes.io/instance: aws-vpc-cni - k8s-app: aws-node - app.kubernetes.io/version: "v1.12.0" spec: scope: Cluster group: crd.k8s.amazonaws.com @@ -37,6 +20,19 @@ spec: plural: eniconfigs singular: eniconfig kind: ENIConfig + +--- +# Source: aws-vpc-cni/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: aws-node + namespace: kube-system + labels: + app.kubernetes.io/name: aws-node + app.kubernetes.io/instance: aws-vpc-cni + k8s-app: aws-node + app.kubernetes.io/version: "v1.12.0" --- # Source: aws-vpc-cni/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 diff --git a/config/master/aws-k8s-cni-us-gov-west-1.yaml b/config/master/aws-k8s-cni-us-gov-west-1.yaml index 70468bce16..17a6447feb 100644 --- a/config/master/aws-k8s-cni-us-gov-west-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-west-1.yaml @@ -1,26 +1,9 @@ --- -# Source: aws-vpc-cni/templates/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: aws-node - namespace: kube-system - labels: - app.kubernetes.io/name: aws-node - app.kubernetes.io/instance: aws-vpc-cni - k8s-app: aws-node - app.kubernetes.io/version: "v1.12.0" ---- -# Source: aws-vpc-cni/templates/customresourcedefinition.yaml +# Source: crds/customresourcedefinition.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: eniconfigs.crd.k8s.amazonaws.com - labels: - app.kubernetes.io/name: aws-node - app.kubernetes.io/instance: aws-vpc-cni - k8s-app: aws-node - app.kubernetes.io/version: "v1.12.0" spec: scope: Cluster group: crd.k8s.amazonaws.com @@ -37,6 +20,19 @@ spec: plural: eniconfigs singular: eniconfig kind: ENIConfig + +--- +# Source: aws-vpc-cni/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: aws-node + namespace: kube-system + labels: + app.kubernetes.io/name: aws-node + app.kubernetes.io/instance: aws-vpc-cni + k8s-app: aws-node + app.kubernetes.io/version: "v1.12.0" --- # Source: aws-vpc-cni/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 diff --git a/config/master/aws-k8s-cni.yaml b/config/master/aws-k8s-cni.yaml index 229ead57b3..246920d422 100644 --- a/config/master/aws-k8s-cni.yaml +++ b/config/master/aws-k8s-cni.yaml @@ -1,26 +1,9 @@ --- -# Source: aws-vpc-cni/templates/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: aws-node - namespace: kube-system - labels: - app.kubernetes.io/name: aws-node - app.kubernetes.io/instance: aws-vpc-cni - k8s-app: aws-node - app.kubernetes.io/version: "v1.12.0" ---- -# Source: aws-vpc-cni/templates/customresourcedefinition.yaml +# Source: crds/customresourcedefinition.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: eniconfigs.crd.k8s.amazonaws.com - labels: - app.kubernetes.io/name: aws-node - app.kubernetes.io/instance: aws-vpc-cni - k8s-app: aws-node - app.kubernetes.io/version: "v1.12.0" spec: scope: Cluster group: crd.k8s.amazonaws.com @@ -37,6 +20,19 @@ spec: plural: eniconfigs singular: eniconfig kind: ENIConfig + +--- +# Source: aws-vpc-cni/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: aws-node + namespace: kube-system + labels: + app.kubernetes.io/name: aws-node + app.kubernetes.io/instance: aws-vpc-cni + k8s-app: aws-node + app.kubernetes.io/version: "v1.12.0" --- # Source: aws-vpc-cni/templates/clusterrole.yaml apiVersion: rbac.authorization.k8s.io/v1 diff --git a/scripts/generate-cni-yaml.sh b/scripts/generate-cni-yaml.sh index e3a77dd91a..5ee261a01c 100755 --- a/scripts/generate-cni-yaml.sh +++ b/scripts/generate-cni-yaml.sh @@ -68,6 +68,7 @@ jq -c '.[]' $REGIONS_FILE | while read i; do fi $BUILD_DIR/helm template aws-vpc-cni \ + --include-crds \ --set originalMatchLabels=true,\ --set init.image.region=$ecrRegion,\ --set init.image.account=$ecrAccount,\ @@ -93,7 +94,7 @@ jq -c '.[]' $REGIONS_FILE | while read i; do mv $BUILD_DIR/helm_annotations_removed.yaml $NEW_METRICS_RESOURCES_YAML done -$BUILD_DIR/helm template \ +$BUILD_DIR/helm template --include-crds \ --namespace $NAMESPACE \ --output-dir $INDV_RESOURCES_DIR/ \ $SCRIPTPATH/../charts/aws-vpc-cni/