diff --git a/multus/Chart.yaml b/multus/Chart.yaml index 67355b6..9fa12ed 100644 --- a/multus/Chart.yaml +++ b/multus/Chart.yaml @@ -16,10 +16,10 @@ name: multus description: Multus Helm chart for Kubernetes type: application version: 0.1.3 -home: https://github.com/intel/multus-cni -icon: https://raw.githubusercontent.com/intel/multus-cni/master/doc/images/Multus.png +home: https://github.com/k8snetworkplumbingwg/helm-charts +icon: https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/doc/images/Multus.png sources: - - https://github.com/intel/multus-cni + - https://github.com/k8snetworkplumbingwg/multus-cni maintainers: - name: Network Plumbing Group -appVersion: 2.8.0 +appVersion: v4.1.0 diff --git a/multus/README.md b/multus/README.md new file mode 100644 index 0000000..6666fc2 --- /dev/null +++ b/multus/README.md @@ -0,0 +1,44 @@ +# multus + +Multus Helm chart for Kubernetes + +![Version: 0.1.3](https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v4.1.0](https://img.shields.io/badge/AppVersion-v4.1.0-informational?style=flat-square) + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| args.additionalBinDir | string | `""` | Additional directory to include in the CNI binDir option. | +| args.cleanupConfigOnExit | bool | `false` | Cleanup configuration files on exit. | +| args.cniBinDir | string | `"/host/opt/cni/bin"` | The directory where CNI binaries are installed. | +| args.cniConfDir | string | `"/host/etc/cni/net.d"` | The directory where CNI configurations are stored. | +| args.cniVersion | string | `""` | Version of the CNI to use. | +| args.forceCNIVersion | bool | `false` | Force the use of a specific CNI version. | +| args.globalNamespaces | string | `""` | Comma-separated list of global namespaces for use with namespace isolation. | +| args.multusAutoconfigDir | string | `"/host/etc/cni/net.d"` | Directory for the Multus auto-configuration. | +| args.multusBinFile | string | `"/usr/src/multus-cni/bin/multus"` | Path to the Multus binary file. | +| args.multusCNIConfDir | string | `"/host/etc/cni/multus/net.d"` | Directory for Multus-specific CNI configurations. | +| args.multusConfFile | string | `"auto"` | The configuration file for Multus. | +| args.multusKubeConfigFileHost | string | `"/etc/cni/net.d/multus.d/multus.kubeconfig"` | Path to the kubeconfig file for Multus. | +| args.multusLogFile | string | `""` | Path to the Multus log file. | +| args.multusLogLevel | string | `""` | Log level for Multus. | +| args.multusLogToStderr | bool | `true` | Whether to log to stderr. | +| args.multusMasterCNIFileName | string | `""` | Name of the master CNI file in the Multus auto-configuration directory. | +| args.namespaceIsolation | bool | `false` | Enable namespace isolation. | +| args.overrideNetworkName | bool | `false` | Override the network name from the master CNI file. | +| args.readinessIndicatorFile | string | `""` | File used to indicate readiness. | +| args.renameConfFile | bool | `false` | Rename the master configuration file to invalidate it. | +| args.skipConfigWatch | bool | `false` | Skip watching for configuration changes. | +| args.skipMultusBinaryCopy | bool | `false` | Whether to skip copying the Multus binary file. | +| args.skipTLSVerify | bool | `false` | Skip TLS verification. | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"ghcr.io/k8snetworkplumbingwg/multus-cni"` | Repository for the Multus image. | +| image.tag | string | `"v4.1.0"` | Tag of the Multus image. | +| nodeSelector | object | `{}` | Node selector for pod assignment. | +| resources | object | `{"limits":{"cpu":"500m","memory":"128Mi"},"requests":{"cpu":"250m","memory":"128Mi"}}` | Resources for the Multus pod. | +| securityContext | object | `{"privileged":true}` | securityContext for the pod. | +| serviceAccount.name | string | `"multus"` | | +| tolerations | list | `[{"effect":"NoSchedule","operator":"Exists"}]` | Tolerations for pod assignment. | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/multus/README.md.gotmpl b/multus/README.md.gotmpl new file mode 100644 index 0000000..e7768ec --- /dev/null +++ b/multus/README.md.gotmpl @@ -0,0 +1,10 @@ +{{ template "chart.header" . }} +{{ template "chart.description" . }} + +{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} diff --git a/multus/templates/NOTES.txt b/multus/templates/NOTES.txt index db7ecc5..5d108ab 100644 --- a/multus/templates/NOTES.txt +++ b/multus/templates/NOTES.txt @@ -1,25 +1,11 @@ ====== {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} 1. The following components have been deployed as part of this helm chart: -{{- if .Values.manifests.clusterRole }} Cluster Role: {{ .Values.serviceAccount.name }} -{{- end}} -{{- if .Values.manifests.clusterRoleBinding }} Cluster Role Binding: {{ .Chart.Name }} -{{- end }} -{{- if .Values.manifests.configMap }} -Config Map: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config -{{- end }} -{{- if .Values.manifests.customResourceDefinition }} Custom Resource Definition: network-attachment-definitions.k8s.cni.cncf.io -{{- end }} -{{- if .Values.manifests.daemonSet }} Daemon Set: {{ .Release.Name }}-{{ .Chart.Name }}-ds -{{- end }} -{{- if .Values.manifests.serviceAccount }} Service Account: {{ .Values.serviceAccount.name }} -{{- end }} - You can now deploy any other CNI and create its Network Attachment Defintion. --------- diff --git a/multus/templates/clusterRole.yaml b/multus/templates/clusterRole.yaml index 9615bff..3c2a2ee 100644 --- a/multus/templates/clusterRole.yaml +++ b/multus/templates/clusterRole.yaml @@ -12,7 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.clusterRole }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -40,4 +39,3 @@ rules: - patch - update {{- end }} -{{- end }} diff --git a/multus/templates/clusterRoleBinding.yaml b/multus/templates/clusterRoleBinding.yaml index 3095588..aff29b3 100644 --- a/multus/templates/clusterRoleBinding.yaml +++ b/multus/templates/clusterRoleBinding.yaml @@ -12,7 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.clusterRoleBinding }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -26,4 +25,3 @@ subjects: name: {{ .Values.serviceAccount.name }} namespace: kube-system {{- end }} -{{- end }} diff --git a/multus/templates/configMap.yaml b/multus/templates/configMap.yaml deleted file mode 100644 index c95e82b..0000000 --- a/multus/templates/configMap.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2020 K8s Network Plumbing Group -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.configMap }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config - namespace: kube-system - labels: -{{- include "multus.labels" . | indent 4 }} -data: - cni-conf.json: |- -{{ toJson .Values.config.cni_conf | indent 4 }} -{{- end }} -{{- end }} diff --git a/multus/templates/daemonSet.yaml b/multus/templates/daemonSet.yaml index 5d882a7..b9ab5d7 100644 --- a/multus/templates/daemonSet.yaml +++ b/multus/templates/daemonSet.yaml @@ -12,7 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.daemonSet }} apiVersion: apps/v1 kind: DaemonSet metadata: @@ -32,8 +31,6 @@ spec: metadata: labels: {{- include "multus.labels" . | indent 8 }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configMap.yaml") . | sha256sum }} spec: priorityClassName: system-node-critical hostNetwork: true @@ -41,10 +38,13 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - nodeSelector: {{- toYaml .Values.labels.nodeSelector | nindent 8 }} + {{- with .Values.nodeSelector }} + nodeSelector: {{ . }} + {{- end }} + {{- with .Values.tolerations }} tolerations: - - operator: Exists - effect: NoSchedule + {{- toYaml . | nindent 8 }} + {{- end }} serviceAccountName: {{ .Values.serviceAccount.name }} containers: - name: multus @@ -57,21 +57,88 @@ spec: fieldPath: spec.nodeName command: ["/thin_entrypoint"] args: - - "--multus-conf-file=auto" - - "--multus-autoconfig-dir=/host/etc/cni/net.d" - - "--cni-conf-dir=/host/etc/cni/net.d" - {{- if .Values.pod.resources.multus }} - resources: {{- toYaml .Values.pod.resources.multus | nindent 10 }} + {{- with .Values.args.cniBinDir }} + - --cni-bin-dir={{ . }} + {{- end }} + {{- with .Values.args.cniConfDir }} + - --cni-conf-dir={{ . }} + {{- end }} + {{- with .Values.args.cniVersion }} + - --cni-version={{ . }} + {{- end }} + {{- with .Values.args.multusConfFile }} + - --multus-conf-file={{ . }} + {{- end }} + {{- with .Values.args.multusBinFile }} + - --multus-bin-file={{ . }} + {{- end }} + {{- with .Values.args.multusCNIConfDir }} + - --multus-cni-conf-dir={{ . }} + {{- end }} + {{- with .Values.args.skipMultusBinaryCopy }} + - --skip-multus-binary-copy={{ . }} + {{- end }} + {{- with .Values.args.multusKubeConfigFileHost }} + - --multus-kubeconfig-file-host={{ . }} + {{- end }} + {{- with .Values.args.multusMasterCNIFileName }} + - --multus-master-cni-file-name={{ . }} + {{- end }} + {{- with .Values.args.namespaceIsolation }} + - --namespace-isolation={{ . }} + {{- end }} + {{- with .Values.args.globalNamespaces }} + - --global-namespaces={{ . }} + {{- end }} + {{- with .Values.args.multusAutoconfigDir }} + - --multus-autoconfig-dir={{ . }} + {{- end }} + {{- with .Values.args.multusLogToStderr }} + - --multus-log-to-stderr={{ . }} + {{- end }} + {{- with .Values.args.multusLogLevel }} + - --multus-log-level={{ . }} + {{- end }} + {{- with .Values.args.multusLogFile }} + - --multus-log-file={{ . }} + {{- end }} + {{- with .Values.args.overrideNetworkName }} + - --override-network-name={{ . }} + {{- end }} + {{- with .Values.args.cleanupConfigOnExit }} + - --cleanup-config-on-exit={{ . }} + {{- end }} + {{- with .Values.args.skipConfigWatch }} + - --skip-config-watch={{ . }} + {{- end }} + {{- with .Values.args.renameConfFile }} + - --rename-conf-file={{ . }} + {{- end }} + {{- with .Values.args.readinessIndicatorFile }} + - --readiness-indicator-file={{ . }} + {{- end }} + {{- with .Values.args.additionalBinDir }} + - --additional-bin-dir={{ . }} + {{- end }} + {{- with .Values.args.skipTLSVerify }} + - --skip-tls-verify={{ . }} + {{- end }} + {{- with .Values.forceCNIVersion }} + - --force-cni-version={{ . }} + {{- end }} + {{- with .Values.resources}} + resources: + {{- toYaml . | nindent 10 }} {{- end }} + {{- with .Values.securityContext}} securityContext: - privileged: true + {{- toYaml . | nindent 10 }} + {{- end }} volumeMounts: - name: cni mountPath: /host/etc/cni/net.d - name: cnibin mountPath: /host/opt/cni/bin - - name: multus-cfg - mountPath: /tmp/multus-conf initContainers: - name: install-multus-binary image: {{ .Values.image.repository }}:{{ .Values.image.tag }} @@ -97,8 +164,5 @@ spec: - name: cnibin hostPath: path: /opt/cni/bin - - name: multus-cfg - configMap: - name: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config -{{- end }} {{- end }} + diff --git a/multus/templates/serviceAccount.yaml b/multus/templates/serviceAccount.yaml index 01feee9..7ab3809 100644 --- a/multus/templates/serviceAccount.yaml +++ b/multus/templates/serviceAccount.yaml @@ -12,11 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.serviceAccount }} apiVersion: v1 kind: ServiceAccount metadata: name: {{ .Values.serviceAccount.name }} namespace: kube-system {{- end }} -{{- end }} + diff --git a/multus/values.yaml b/multus/values.yaml index c5fa920..85c95e7 100644 --- a/multus/values.yaml +++ b/multus/values.yaml @@ -16,10 +16,10 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -#replicaCount: 1 - image: + # -- Repository for the Multus image. repository: ghcr.io/k8snetworkplumbingwg/multus-cni + # -- Tag of the Multus image. tag: v4.1.0 pullPolicy: IfNotPresent @@ -35,78 +35,68 @@ serviceAccount: # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: multus +# -- Resources for the Multus pod. +resources: + requests: + memory: "128Mi" + cpu: "250m" + limits: + memory: "128Mi" + cpu: "500m" -pod: - resources: - enabled: false - multus: - requests: - memory: "128Mi" - cpu: "250m" - limits: - memory: "1024Mi" - cpu: "2000m" - -#podSecurityContext: {} - # fsGroup: 2000 - -#securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -#service: - #type: ClusterIP - #port: 80 - -#ingress: - #enabled: false - #annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - #hosts: - #- host: chart-example.local - # paths: [] - #tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -labels: - nodeSelector: - kubernetes.io/arch: amd64 - -config: - cni_conf: - name: multus-cni-network - type: multus - kubeconfig: /etc/cni/net.d/multus.d/multus.kubeconfig - cniVersion: 0.3.1 - confDir: /etc/cni/net.d - cniDir: /var/lib/cni/multus - binDir: /opt/cni/bin - logFile: /var/log/multus.log - logLevel: panic - capabilities: - portMappings: true - readinessindicatorfile: "" - namespaceIsolation: false - clusterNetwork: k8s-pod-network - defaultNetwork: [] - delegates: [] - systemNamespaces: ["kube-system"] - -manifests: - serviceAccount: true - clusterRole: true - clusterRoleBinding: true - configMap: true - daemonSet: true - customResourceDefinition: true - -#tolerations: [] - -#affinity: {} +args: + # -- The directory where CNI binaries are installed. + cniBinDir: "/host/opt/cni/bin" + # -- The directory where CNI configurations are stored. + cniConfDir: "/host/etc/cni/net.d" + # -- Version of the CNI to use. + cniVersion: "" + # -- The configuration file for Multus. + multusConfFile: "auto" + # -- Path to the Multus binary file. + multusBinFile: "/usr/src/multus-cni/bin/multus" + # -- Directory for Multus-specific CNI configurations. + multusCNIConfDir: "/host/etc/cni/multus/net.d" + # -- Whether to skip copying the Multus binary file. + skipMultusBinaryCopy: false + # -- Path to the kubeconfig file for Multus. + multusKubeConfigFileHost: "/etc/cni/net.d/multus.d/multus.kubeconfig" + # -- Name of the master CNI file in the Multus auto-configuration directory. + multusMasterCNIFileName: "" + # -- Enable namespace isolation. + namespaceIsolation: false + # -- Comma-separated list of global namespaces for use with namespace isolation. + globalNamespaces: "" + # -- Directory for the Multus auto-configuration. + multusAutoconfigDir: "/host/etc/cni/net.d" + # -- Whether to log to stderr. + multusLogToStderr: true + # -- Log level for Multus. + multusLogLevel: "" + # -- Path to the Multus log file. + multusLogFile: "" + # -- Override the network name from the master CNI file. + overrideNetworkName: false + # -- Cleanup configuration files on exit. + cleanupConfigOnExit: false + # -- Skip watching for configuration changes. + skipConfigWatch: false + # -- Rename the master configuration file to invalidate it. + renameConfFile: false + # -- File used to indicate readiness. + readinessIndicatorFile: "" + # -- Additional directory to include in the CNI binDir option. + additionalBinDir: "" + # -- Skip TLS verification. + skipTLSVerify: false + # -- Force the use of a specific CNI version. + forceCNIVersion: false +# -- Node selector for pod assignment. +nodeSelector: {} +# -- Tolerations for pod assignment. +tolerations: + - operator: Exists + effect: NoSchedule +# -- securityContext for the pod. +securityContext: + privileged: true