From 0aad5e0b5aa118eb416bee8354ee40e10730735b Mon Sep 17 00:00:00 2001 From: robot Date: Fri, 7 Feb 2025 20:08:31 +0000 Subject: [PATCH] robot: project metallb chart upgrades from 0.14.8 to 0.14.9 Signed-off-by: robot --- charts/metallb/config | 2 +- charts/metallb/metallb/Chart.yaml | 6 +-- charts/metallb/metallb/README.md | 14 +++---- .../metallb/metallb/charts/metallb/Chart.lock | 8 ++-- .../metallb/metallb/charts/metallb/Chart.yaml | 8 ++-- .../metallb/metallb/charts/metallb/README.md | 12 +++--- .../charts/metallb/charts/crds/Chart.yaml | 4 +- .../metallb/charts/crds/templates/crds.yaml | 40 +++++++++++++------ .../charts/metallb/charts/frr-k8s/Chart.lock | 6 +-- .../charts/metallb/charts/frr-k8s/Chart.yaml | 6 +-- .../charts/metallb/charts/frr-k8s/README.md | 6 +-- .../charts/frr-k8s/charts/crds/Chart.yaml | 4 +- .../frrk8s.metallb.io_frrconfigurations.yaml | 17 ++++++-- .../charts/frr-k8s/templates/controller.yaml | 11 +++-- .../charts/frr-k8s/templates/webhooks.yaml | 13 +++--- .../charts/metallb/charts/frr-k8s/values.yaml | 2 +- .../charts/metallb/templates/controller.yaml | 2 +- .../charts/metallb/templates/podmonitor.yaml | 2 + .../metallb/templates/prometheusrules.yaml | 20 +++++----- .../charts/metallb/templates/rbac.yaml | 12 ++++-- .../metallb/templates/service-accounts.yaml | 2 +- .../metallb/templates/servicemonitor.yaml | 7 +++- .../metallb/charts/metallb/values.yaml | 12 +++--- charts/metallb/metallb/values.yaml | 16 ++++---- 24 files changed, 135 insertions(+), 97 deletions(-) diff --git a/charts/metallb/config b/charts/metallb/config index 40d40bece..b4aa355da 100644 --- a/charts/metallb/config +++ b/charts/metallb/config @@ -4,7 +4,7 @@ export USE_OPENSOURCE_CHART=false export REPO_URL=https://metallb.github.io/metallb export REPO_NAME=metallb export CHART_NAME=metallb -export VERSION=0.14.8 +export VERSION=0.14.9 # pr, issue, none export UPGRADE_METHOD=pr export UPGRADE_REVIWER=cyclinder diff --git a/charts/metallb/metallb/Chart.yaml b/charts/metallb/metallb/Chart.yaml index 559a01c32..b49193d5e 100644 --- a/charts/metallb/metallb/Chart.yaml +++ b/charts/metallb/metallb/Chart.yaml @@ -14,16 +14,16 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.14.8 +version: 0.14.9 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.14.8" +appVersion: "0.14.9" keywords: - networking - loadbalancer dependencies: - name: metallb - version: "0.14.8" + version: "0.14.9" repository: "https://metallb.github.io/metallb" diff --git a/charts/metallb/metallb/README.md b/charts/metallb/metallb/README.md index 7efd513b5..9283834c4 100644 --- a/charts/metallb/metallb/README.md +++ b/charts/metallb/metallb/README.md @@ -1,6 +1,6 @@ # metallb -![Version: 0.14.8](https://img.shields.io/badge/Version-0.14.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.14.8](https://img.shields.io/badge/AppVersion-0.14.8-informational?style=flat-square) +![Version: 0.14.9](https://img.shields.io/badge/Version-0.14.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.14.9](https://img.shields.io/badge/AppVersion-0.14.9-informational?style=flat-square) A network load-balancer implementation for Kubernetes using standard routing protocols @@ -8,7 +8,7 @@ A network load-balancer implementation for Kubernetes using standard routing pro | Repository | Name | Version | |------------|------|---------| -| https://metallb.github.io/metallb | metallb | 0.14.8 | +| https://metallb.github.io/metallb | metallb | 0.14.9 | ## Values @@ -34,7 +34,7 @@ A network load-balancer implementation for Kubernetes using standard routing pro | metallb.controller.image.pullPolicy | string | `nil` | | | metallb.controller.image.registry | string | `"quay.m.daocloud.io"` | | | metallb.controller.image.repository | string | `"metallb/controller"` | | -| metallb.controller.image.tag | string | `"v0.14.8"` | | +| metallb.controller.image.tag | string | `"v0.14.9"` | | | metallb.controller.labels | object | `{}` | | | metallb.controller.livenessProbe.enabled | bool | `true` | | | metallb.controller.livenessProbe.failureThreshold | int | `3` | | @@ -88,17 +88,17 @@ A network load-balancer implementation for Kubernetes using standard routing pro | metallb.prometheus.podMonitor.relabelings | list | `[]` | | | metallb.prometheus.prometheusRule.additionalLabels."operator.insight.io/managed-by" | string | `"insight"` | | | metallb.prometheus.prometheusRule.addressPoolExhausted.enabled | bool | `true` | | -| metallb.prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"alert"` | | +| metallb.prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"critical"` | | | metallb.prometheus.prometheusRule.addressPoolUsage.enabled | bool | `true` | | | metallb.prometheus.prometheusRule.addressPoolUsage.thresholds[0].labels.severity | string | `"warning"` | | | metallb.prometheus.prometheusRule.addressPoolUsage.thresholds[0].percent | int | `75` | | | metallb.prometheus.prometheusRule.addressPoolUsage.thresholds[1].labels.severity | string | `"warning"` | | | metallb.prometheus.prometheusRule.addressPoolUsage.thresholds[1].percent | int | `85` | | -| metallb.prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"alert"` | | +| metallb.prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"critical"` | | | metallb.prometheus.prometheusRule.addressPoolUsage.thresholds[2].percent | int | `95` | | | metallb.prometheus.prometheusRule.annotations | object | `{}` | | | metallb.prometheus.prometheusRule.bgpSessionDown.enabled | bool | `true` | | -| metallb.prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"alert"` | | +| metallb.prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"critical"` | | | metallb.prometheus.prometheusRule.configNotLoaded.enabled | bool | `true` | | | metallb.prometheus.prometheusRule.configNotLoaded.labels.severity | string | `"warning"` | | | metallb.prometheus.prometheusRule.enabled | bool | `false` | | @@ -141,7 +141,7 @@ A network load-balancer implementation for Kubernetes using standard routing pro | metallb.speaker.image.pullPolicy | string | `nil` | | | metallb.speaker.image.registry | string | `"quay.m.daocloud.io"` | | | metallb.speaker.image.repository | string | `"metallb/speaker"` | | -| metallb.speaker.image.tag | string | `"v0.14.8"` | | +| metallb.speaker.image.tag | string | `"v0.14.9"` | | | metallb.speaker.labels | object | `{}` | | | metallb.speaker.livenessProbe.enabled | bool | `true` | | | metallb.speaker.livenessProbe.failureThreshold | int | `3` | | diff --git a/charts/metallb/metallb/charts/metallb/Chart.lock b/charts/metallb/metallb/charts/metallb/Chart.lock index 812473668..79345580f 100644 --- a/charts/metallb/metallb/charts/metallb/Chart.lock +++ b/charts/metallb/metallb/charts/metallb/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: crds repository: "" - version: 0.14.8 + version: 0.14.9 - name: frr-k8s repository: https://metallb.github.io/frr-k8s - version: 0.0.14 -digest: sha256:8dff488902a5b504a491bbd1a9ab0983a877ff214e163ed74106c73c939a9aa3 -generated: "2024-07-23T15:22:40.589621+03:00" + version: 0.0.16 +digest: sha256:20d9a53af12c82d35168e7524ae337341b2c7cb43e2169545185f750a718466e +generated: "2024-12-17T15:39:32.082324414+01:00" diff --git a/charts/metallb/metallb/charts/metallb/Chart.yaml b/charts/metallb/metallb/charts/metallb/Chart.yaml index a7f77b63e..680ac9bab 100644 --- a/charts/metallb/metallb/charts/metallb/Chart.yaml +++ b/charts/metallb/metallb/charts/metallb/Chart.yaml @@ -1,14 +1,14 @@ apiVersion: v2 -appVersion: v0.14.8 +appVersion: v0.14.9 dependencies: - condition: crds.enabled name: crds repository: "" - version: 0.14.8 + version: 0.14.9 - condition: frrk8s.enabled name: frr-k8s repository: https://metallb.github.io/frr-k8s - version: 0.0.14 + version: 0.0.16 description: A network load-balancer implementation for Kubernetes using standard routing protocols home: https://metallb.universe.tf @@ -18,4 +18,4 @@ name: metallb sources: - https://github.com/metallb/metallb type: application -version: 0.14.8 +version: 0.14.9 diff --git a/charts/metallb/metallb/charts/metallb/README.md b/charts/metallb/metallb/charts/metallb/README.md index 8b144aeb5..b9ff4f6ba 100644 --- a/charts/metallb/metallb/charts/metallb/README.md +++ b/charts/metallb/metallb/charts/metallb/README.md @@ -1,6 +1,6 @@ # metallb -![Version: 0.14.8](https://img.shields.io/badge/Version-0.14.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.8](https://img.shields.io/badge/AppVersion-v0.14.8-informational?style=flat-square) +![Version: 0.14.9](https://img.shields.io/badge/Version-0.14.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.14.9](https://img.shields.io/badge/AppVersion-v0.14.9-informational?style=flat-square) A network load-balancer implementation for Kubernetes using standard routing protocols @@ -16,8 +16,8 @@ Kubernetes: `>= 1.19.0-0` | Repository | Name | Version | |------------|------|---------| -| | crds | 0.14.8 | -| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.14 | +| | crds | 0.14.9 | +| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.16 | ## Values @@ -79,17 +79,17 @@ Kubernetes: `>= 1.19.0-0` | prometheus.podMonitor.relabelings | list | `[]` | | | prometheus.prometheusRule.additionalLabels | object | `{}` | | | prometheus.prometheusRule.addressPoolExhausted.enabled | bool | `true` | | -| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"critical"` | | | prometheus.prometheusRule.addressPoolUsage.enabled | bool | `true` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[0].labels.severity | string | `"warning"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[0].percent | int | `75` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[1].labels.severity | string | `"warning"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[1].percent | int | `85` | | -| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"critical"` | | | prometheus.prometheusRule.addressPoolUsage.thresholds[2].percent | int | `95` | | | prometheus.prometheusRule.annotations | object | `{}` | | | prometheus.prometheusRule.bgpSessionDown.enabled | bool | `true` | | -| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"alert"` | | +| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"critical"` | | | prometheus.prometheusRule.configNotLoaded.enabled | bool | `true` | | | prometheus.prometheusRule.configNotLoaded.labels.severity | string | `"warning"` | | | prometheus.prometheusRule.enabled | bool | `false` | | diff --git a/charts/metallb/metallb/charts/metallb/charts/crds/Chart.yaml b/charts/metallb/metallb/charts/metallb/charts/crds/Chart.yaml index 613d3182a..e9fec846d 100644 --- a/charts/metallb/metallb/charts/metallb/charts/crds/Chart.yaml +++ b/charts/metallb/metallb/charts/metallb/charts/crds/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: v0.14.8 +appVersion: v0.14.9 description: MetalLB CRDs home: https://metallb.universe.tf icon: https://metallb.universe.tf/images/logo/metallb-white.png @@ -7,4 +7,4 @@ name: crds sources: - https://github.com/metallb/metallb type: application -version: 0.14.8 +version: 0.14.9 diff --git a/charts/metallb/metallb/charts/metallb/charts/crds/templates/crds.yaml b/charts/metallb/metallb/charts/metallb/charts/crds/templates/crds.yaml index 61f100ed4..8f2414772 100644 --- a/charts/metallb/metallb/charts/metallb/charts/crds/templates/crds.yaml +++ b/charts/metallb/metallb/charts/metallb/charts/crds/templates/crds.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bfdprofiles.metallb.io spec: group: metallb.io @@ -123,7 +123,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bgpadvertisements.metallb.io spec: group: metallb.io @@ -329,7 +329,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: bgppeers.metallb.io spec: conversion: @@ -365,6 +365,8 @@ spec: - jsonPath: .spec.ebgpMultiHop name: Multi Hops type: string + deprecated: true + deprecationWarning: v1beta1 is deprecated, please use v1beta2 name: v1beta1 schema: openAPIV3Schema: @@ -526,15 +528,26 @@ spec: default: false description: To set if we want to disable MP BGP that will separate IPv4 and IPv6 route exchanges into distinct BGP sessions. type: boolean + dynamicASN: + description: |- + DynamicASN detects the AS number to use for the remote end of the session + without explicitly setting it via the ASN field. Limited to: + internal - if the neighbor's ASN is different than MyASN connection is denied. + external - if the neighbor's ASN is the same as MyASN the connection is denied. + ASN and DynamicASN are mutually exclusive and one of them must be specified. + enum: + - internal + - external + type: string ebgpMultiHop: description: To set if the BGPPeer is multi-hops away. Needed for FRR mode only. type: boolean enableGracefulRestart: description: |- - EnableGracefulRestart allows BGP peer to continue to forward data packets along - known routes while the routing protocol information is being restored. - This field is immutable because it requires restart of the BGP session - Supported for FRR mode only. + EnableGracefulRestart allows BGP peer to continue to forward data packets + along known routes while the routing protocol information is being + restored. This field is immutable because it requires restart of the BGP + session. Supported for FRR mode only. type: boolean x-kubernetes-validations: - message: EnableGracefulRestart cannot be changed after creation @@ -622,7 +635,9 @@ spec: type: object x-kubernetes-map-type: atomic peerASN: - description: AS number to expect from the remote end of the session. + description: |- + AS number to expect from the remote end of the session. + ASN and DynamicASN are mutually exclusive and one of them must be specified. format: int32 maximum: 4294967295 minimum: 0 @@ -649,7 +664,6 @@ spec: type: string required: - myASN - - peerASN - peerAddress type: object status: @@ -665,7 +679,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: communities.metallb.io spec: group: metallb.io @@ -730,7 +744,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: ipaddresspools.metallb.io spec: group: metallb.io @@ -940,7 +954,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: l2advertisements.metallb.io spec: group: metallb.io @@ -1120,7 +1134,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: servicel2statuses.metallb.io spec: group: metallb.io diff --git a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/Chart.lock b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/Chart.lock index dafe16503..913833f7d 100644 --- a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/Chart.lock +++ b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: crds repository: "" - version: 0.0.14 -digest: sha256:b8b8aa510f86db5713e75b0bc5a03df88737a5f6868aab77c513eb0bbed3b8b7 -generated: "2024-07-19T12:07:59.737645816+02:00" + version: 0.0.16 +digest: sha256:b54ee64c5e61f1dd38e89efc87ebd1e36cdb7c4dd7c897d9985040dccd713dba +generated: "2024-11-22T11:40:47.152053909+01:00" diff --git a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/Chart.yaml b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/Chart.yaml index 228115b4f..385a95a34 100644 --- a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/Chart.yaml +++ b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/Chart.yaml @@ -1,10 +1,10 @@ apiVersion: v2 -appVersion: v0.0.14 +appVersion: v0.0.16 dependencies: - condition: crds.enabled name: crds repository: "" - version: 0.0.14 + version: 0.0.16 description: A cloud native wrapper of FRR home: https://metallb.universe.tf icon: https://metallb.universe.tf/images/logo/metallb-white.png @@ -13,4 +13,4 @@ name: frr-k8s sources: - https://github.com/metallb/frr-k8s type: application -version: 0.0.14 +version: 0.0.16 diff --git a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/README.md b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/README.md index dd469036b..474fcae53 100644 --- a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/README.md +++ b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/README.md @@ -1,6 +1,6 @@ # frr-k8s -![Version: 0.0.14](https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.14](https://img.shields.io/badge/AppVersion-v0.0.14-informational?style=flat-square) +![Version: 0.0.16](https://img.shields.io/badge/Version-0.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.0.16](https://img.shields.io/badge/AppVersion-v0.0.16-informational?style=flat-square) A cloud native wrapper of FRR @@ -16,7 +16,7 @@ Kubernetes: `>= 1.19.0-0` | Repository | Name | Version | |------------|------|---------| -| | crds | 0.0.14 | +| | crds | 0.0.16 | ## Values @@ -27,6 +27,7 @@ Kubernetes: `>= 1.19.0-0` | frrk8s.affinity | object | `{}` | | | frrk8s.alwaysBlock | string | `""` | | | frrk8s.disableCertRotation | bool | `false` | | +| frrk8s.frr.acceptIncomingBGPConnections | bool | `false` | | | frrk8s.frr.image.pullPolicy | string | `nil` | | | frrk8s.frr.image.repository | string | `"quay.io/frrouting/frr"` | | | frrk8s.frr.image.tag | string | `"9.1.0"` | | @@ -35,7 +36,6 @@ Kubernetes: `>= 1.19.0-0` | frrk8s.frr.resources | object | `{}` | | | frrk8s.frr.secureMetricsPort | int | `9141` | | | frrk8s.frrMetrics.resources | object | `{}` | | -| frrk8s.healthPort | int | `8081` | | | frrk8s.image.pullPolicy | string | `nil` | | | frrk8s.image.repository | string | `"quay.io/metallb/frr-k8s"` | | | frrk8s.image.tag | string | `nil` | | diff --git a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/charts/crds/Chart.yaml b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/charts/crds/Chart.yaml index 22e07a9d2..f5af05a9c 100644 --- a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/charts/crds/Chart.yaml +++ b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/charts/crds/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: v0.0.14 +appVersion: v0.0.16 description: FRR K8s CRDs home: https://metallb.universe.tf icon: https://metallb.universe.tf/images/logo/metallb-white.png @@ -7,4 +7,4 @@ name: crds sources: - https://github.com/metallb/frr-k8s type: application -version: 0.0.14 +version: 0.0.16 diff --git a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml index b68676512..251143d3b 100644 --- a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml +++ b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml @@ -156,8 +156,9 @@ spec: the session with. type: string asn: - description: ASN is the AS number to use for the local - end of the session. + description: |- + ASN is the AS number to use for the local end of the session. + ASN and DynamicASN are mutually exclusive and one of them must be specified. format: int32 maximum: 4294967295 minimum: 0 @@ -187,6 +188,17 @@ spec: will separate IPv4 and IPv6 route exchanges into distinct BGP sessions. type: boolean + dynamicASN: + description: |- + DynamicASN detects the AS number to use for the local end of the session + without explicitly setting it via the ASN field. Limited to: + internal - if the neighbor's ASN is different than the router's the connection is denied. + external - if the neighbor's ASN is the same as the router's the connection is denied. + ASN and DynamicASN are mutually exclusive and one of them must be specified. + enum: + - internal + - external + type: string ebgpMultiHop: description: EBGPMultiHop indicates if the BGPPeer is multi-hops away. @@ -366,7 +378,6 @@ spec: type: object required: - address - - asn type: object type: array prefixes: diff --git a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/templates/controller.yaml b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/templates/controller.yaml index e4a78d7a4..1dedcf2e5 100644 --- a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/templates/controller.yaml +++ b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/templates/controller.yaml @@ -50,7 +50,7 @@ data: # vtysh_enable=yes zebra_options=" -A 127.0.0.1 -s 90000000" - bgpd_options=" -A 127.0.0.1" + bgpd_options=" -A 127.0.0.1 {{ if not .Values.frrk8s.frr.acceptIncomingBGPConnections }} -p 0 {{- end }}" ospfd_options=" -A 127.0.0.1" ospf6d_options=" -A ::1" ripd_options=" -A 127.0.0.1" @@ -199,7 +199,6 @@ spec: {{- with .Values.frrk8s.logLevel }} - --log-level={{ . }} {{- end }} - - --health-probe-bind-address={{.Values.prometheus.metricsBindAddress}}:{{ .Values.frrk8s.healthPort }} {{- if .Values.frrk8s.alwaysBlock }} - --always-block={{ .Values.frrk8s.alwaysBlock }} {{- end }} @@ -222,8 +221,8 @@ spec: {{- if .Values.frrk8s.livenessProbe.enabled }} livenessProbe: httpGet: - path: /healthz - port: {{ .Values.frrk8s.healthPort }} + path: /metrics + port: monitoring host: {{ .Values.prometheus.metricsBindAddress }} initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }} @@ -234,8 +233,8 @@ spec: {{- if .Values.frrk8s.readinessProbe.enabled }} readinessProbe: httpGet: - path: /healthz - port: {{ .Values.frrk8s.healthPort }} + path: /metrics + port: monitoring host: {{ .Values.prometheus.metricsBindAddress }} initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }} diff --git a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/templates/webhooks.yaml b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/templates/webhooks.yaml index 3a4b9cd14..2549837d2 100644 --- a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/templates/webhooks.yaml +++ b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/templates/webhooks.yaml @@ -42,7 +42,7 @@ spec: - "--restart-on-rotator-secret-refresh=true" {{- end }} - "--namespace=$(NAMESPACE)" - - --health-probe-bind-address=:8081 + - "--metrics-bind-address=:{{ .Values.prometheus.metricsPort }}" env: - name: NAMESPACE valueFrom: @@ -59,11 +59,14 @@ spec: drop: - ALL readOnlyRootFilesystem: true + ports: + - containerPort: {{ .Values.prometheus.metricsPort }} + name: monitoring {{- if .Values.frrk8s.livenessProbe.enabled }} livenessProbe: httpGet: - path: /healthz - port: 8081 + path: /metrics + port: monitoring initialDelaySeconds: {{ .Values.frrk8s.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.frrk8s.livenessProbe.periodSeconds }} failureThreshold: {{ .Values.frrk8s.livenessProbe.failureThreshold }} @@ -71,8 +74,8 @@ spec: {{- if .Values.frrk8s.readinessProbe.enabled }} readinessProbe: httpGet: - path: /readyz - port: 8081 + path: /metrics + port: monitoring initialDelaySeconds: {{ .Values.frrk8s.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.frrk8s.readinessProbe.periodSeconds }} failureThreshold: {{ .Values.frrk8s.readinessProbe.failureThreshold }} diff --git a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/values.yaml b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/values.yaml index 2cefcaa22..9b5d4b1fd 100644 --- a/charts/metallb/metallb/charts/metallb/charts/frr-k8s/values.yaml +++ b/charts/metallb/metallb/charts/metallb/charts/frr-k8s/values.yaml @@ -128,7 +128,6 @@ frrk8s: podAnnotations: {} labels: app: frr-k8s - healthPort: 8081 livenessProbe: enabled: true failureThreshold: 3 @@ -164,6 +163,7 @@ frrk8s: metricsPort: 7573 resources: {} secureMetricsPort: 9141 + acceptIncomingBGPConnections: false reloader: resources: {} frrMetrics: diff --git a/charts/metallb/metallb/charts/metallb/templates/controller.yaml b/charts/metallb/metallb/charts/metallb/templates/controller.yaml index 5b97c0102..41adbd63a 100644 --- a/charts/metallb/metallb/charts/metallb/templates/controller.yaml +++ b/charts/metallb/metallb/charts/metallb/templates/controller.yaml @@ -84,7 +84,7 @@ spec: - name: METALLB_DEPLOYMENT value: {{ template "metallb.fullname" . }}-controller {{- end }} - {{- if .Values.speaker.frr.enabled }} + {{- if and .Values.speaker.enabled .Values.speaker.frr.enabled }} - name: METALLB_BGP_TYPE value: frr {{- end }} diff --git a/charts/metallb/metallb/charts/metallb/templates/podmonitor.yaml b/charts/metallb/metallb/charts/metallb/templates/podmonitor.yaml index 93a7fd699..42de88189 100644 --- a/charts/metallb/metallb/charts/metallb/templates/podmonitor.yaml +++ b/charts/metallb/metallb/charts/metallb/templates/podmonitor.yaml @@ -36,6 +36,7 @@ spec: relabelings: {{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }} {{- end }} +{{- if .Values.speaker.enabled }} --- apiVersion: monitoring.coreos.com/v1 kind: PodMonitor @@ -74,6 +75,7 @@ spec: relabelings: {{- toYaml .Values.prometheus.podMonitor.relabelings | nindent 4 }} {{- end }} +{{- end }} --- {{- if .Values.prometheus.rbacPrometheus }} apiVersion: rbac.authorization.k8s.io/v1 diff --git a/charts/metallb/metallb/charts/metallb/templates/prometheusrules.yaml b/charts/metallb/metallb/charts/metallb/templates/prometheusrules.yaml index e811ef134..64e44c607 100644 --- a/charts/metallb/metallb/charts/metallb/templates/prometheusrules.yaml +++ b/charts/metallb/metallb/charts/metallb/templates/prometheusrules.yaml @@ -19,8 +19,8 @@ spec: {{- if .Values.prometheus.prometheusRule.staleConfig.enabled }} - alert: MetalLBStaleConfig annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has a stale config for > 1 minute'`}} + summary: {{`'Stale config on {{ $labels.pod }}'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has a stale config for > 1 minute'`}} expr: metallb_k8s_client_config_stale_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 1 for: 1m {{- with .Values.prometheus.prometheusRule.staleConfig.labels }} @@ -31,8 +31,8 @@ spec: {{- if .Values.prometheus.prometheusRule.configNotLoaded.enabled }} - alert: MetalLBConfigNotLoaded annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has not loaded for > 1 minute'`}} + summary: {{`'Config on {{ $labels.pod }} has not been loaded'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has not loaded for > 1 minute'`}} expr: metallb_k8s_client_config_loaded_bool{job=~"{{ template "metallb.fullname" . }}.*"} == 0 for: 1m {{- with .Values.prometheus.prometheusRule.configNotLoaded.labels }} @@ -43,8 +43,8 @@ spec: {{- if .Values.prometheus.prometheusRule.addressPoolExhausted.enabled }} - alert: MetalLBAddressPoolExhausted annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}} + summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}} + description: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has exhausted address pool {{ $labels.pool }} for > 1 minute'`}} expr: metallb_allocator_addresses_in_use_total >= on(pool) metallb_allocator_addresses_total for: 1m {{- with .Values.prometheus.prometheusRule.addressPoolExhausted.labels }} @@ -57,8 +57,8 @@ spec: {{- range .Values.prometheus.prometheusRule.addressPoolUsage.thresholds }} - alert: MetalLBAddressPoolUsage{{ .percent }}Percent annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}} + summary: {{`'Exhausted address pool on {{ $labels.pod }}'`}} + message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has address pool {{ $labels.pool }} past `}}{{ .percent }}{{`% usage for > 1 minute'`}} expr: ( metallb_allocator_addresses_in_use_total / on(pool) metallb_allocator_addresses_total ) * 100 > {{ .percent }} {{- with .labels }} labels: @@ -69,8 +69,8 @@ spec: {{- if .Values.prometheus.prometheusRule.bgpSessionDown.enabled }} - alert: MetalLBBGPSessionDown annotations: - message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod - }} has BGP session {{ $labels.peer }} down for > 1 minute'`}} + summary: {{`'BGP session down on {{ $labels.pod }}'`}} + message: {{`'{{ $labels.job }} - MetalLB {{ $labels.container }} on {{ $labels.pod }} has BGP session {{ $labels.peer }} down for > 1 minute'`}} expr: metallb_bgp_session_up{job=~"{{ template "metallb.fullname" . }}.*"} == 0 for: 1m {{- with .Values.prometheus.prometheusRule.bgpSessionDown.labels }} diff --git a/charts/metallb/metallb/charts/metallb/templates/rbac.yaml b/charts/metallb/metallb/charts/metallb/templates/rbac.yaml index e7fc5d979..10ffbd8a6 100644 --- a/charts/metallb/metallb/charts/metallb/templates/rbac.yaml +++ b/charts/metallb/metallb/charts/metallb/templates/rbac.yaml @@ -19,11 +19,11 @@ rules: resources: ["events"] verbs: ["create", "patch"] - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + resources: ["validatingwebhookconfigurations"] resourceNames: ["metallb-webhook-configuration"] verbs: ["create", "delete", "get", "list", "patch", "update", "watch"] - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + resources: ["validatingwebhookconfigurations"] verbs: ["list", "watch"] - apiGroups: ["apiextensions.k8s.io"] resources: ["customresourcedefinitions"] @@ -41,6 +41,7 @@ rules: resources: ["subjectaccessreviews"] verbs: ["create"] {{- end }} +{{- if .Values.speaker.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -72,7 +73,7 @@ rules: {{- if or .Values.frrk8s.enabled .Values.frrk8s.external }} - apiGroups: ["frrk8s.metallb.io"] resources: ["frrconfigurations"] - verbs: ["get", "list", "watch","create","update"] + verbs: ["get", "list", "watch","create","update","delete"] {{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 @@ -109,6 +110,7 @@ rules: - apiGroups: ["metallb.io"] resources: ["communities"] verbs: ["get", "list", "watch"] +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -117,7 +119,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "metallb.labels" . | nindent 4 }} rules: -{{- if .Values.speaker.memberlist.enabled }} +{{- if and .Values.speaker.enabled .Values.speaker.memberlist.enabled }} - apiGroups: [""] resources: ["secrets"] verbs: ["create", "get", "list", "watch"] @@ -166,6 +168,7 @@ roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: {{ template "metallb.fullname" . }}:controller +{{- if .Values.speaker.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -195,6 +198,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "metallb.speaker.serviceAccountName" . }} +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/charts/metallb/metallb/charts/metallb/templates/service-accounts.yaml b/charts/metallb/metallb/charts/metallb/templates/service-accounts.yaml index 9615acf34..8d92a0401 100644 --- a/charts/metallb/metallb/charts/metallb/templates/service-accounts.yaml +++ b/charts/metallb/metallb/charts/metallb/templates/service-accounts.yaml @@ -13,7 +13,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} {{- end }} -{{- if .Values.speaker.serviceAccount.create }} +{{- if and .Values.speaker.enabled .Values.speaker.serviceAccount.create }} --- apiVersion: v1 kind: ServiceAccount diff --git a/charts/metallb/metallb/charts/metallb/templates/servicemonitor.yaml b/charts/metallb/metallb/charts/metallb/templates/servicemonitor.yaml index 8be88dd33..2a92e48a8 100644 --- a/charts/metallb/metallb/charts/metallb/templates/servicemonitor.yaml +++ b/charts/metallb/metallb/charts/metallb/templates/servicemonitor.yaml @@ -1,4 +1,9 @@ +{{- if and .Values.prometheus.serviceMonitor.enabled .Values.prometheus.podMonitor.enabled }} +{{- fail "prometheus.serviceMonitor.enabled and prometheus.podMonitor.enabled cannot both be set" }} +{{- end }} + {{- if .Values.prometheus.serviceMonitor.enabled }} +{{- if .Values.speaker.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -89,6 +94,7 @@ spec: {{- end }} sessionAffinity: None type: ClusterIP +{{- end }} --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor @@ -97,7 +103,6 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "metallb.labels" . | nindent 4 }} - app.kubernetes.io/component: speaker {{- if .Values.prometheus.serviceMonitor.controller.additionalLabels }} {{ toYaml .Values.prometheus.serviceMonitor.controller.additionalLabels | indent 4 }} {{- end }} diff --git a/charts/metallb/metallb/charts/metallb/values.yaml b/charts/metallb/metallb/charts/metallb/values.yaml index bc96d3550..50d26bcad 100644 --- a/charts/metallb/metallb/charts/metallb/values.yaml +++ b/charts/metallb/metallb/charts/metallb/values.yaml @@ -42,7 +42,7 @@ prometheus: # certificate to be used. controllerMetricsTLSSecret: "" - # prometheus doens't have the permission to scrape all namespaces so we give it permission to scrape metallb's one + # prometheus doesn't have the permission to scrape all namespaces so we give it permission to scrape metallb's one rbacPrometheus: true # the service account used by prometheus @@ -64,7 +64,7 @@ prometheus: # enable support for Prometheus Operator enabled: false - # optional additionnal labels for podMonitors + # optional additional labels for podMonitors additionalLabels: {} # optional annotations for podMonitors @@ -143,7 +143,7 @@ prometheus: # enable alertmanager alerts enabled: false - # optional additionnal labels for prometheusRules + # optional additional labels for prometheusRules additionalLabels: {} # optional annotations for prometheusRules @@ -165,7 +165,7 @@ prometheus: addressPoolExhausted: enabled: true labels: - severity: alert + severity: critical addressPoolUsage: enabled: true @@ -178,13 +178,13 @@ prometheus: severity: warning - percent: 95 labels: - severity: alert + severity: critical # MetalLBBGPSessionDown bgpSessionDown: enabled: true labels: - severity: alert + severity: critical extraAlerts: [] diff --git a/charts/metallb/metallb/values.yaml b/charts/metallb/metallb/values.yaml index 50e4ad234..a6c72f0ca 100644 --- a/charts/metallb/metallb/values.yaml +++ b/charts/metallb/metallb/values.yaml @@ -36,7 +36,7 @@ metallb: # to expose the metrics securely. If not present, a self signed # certificate to be used. controllerMetricsTLSSecret: "" - # prometheus doens't have the permission to scrape all namespaces so we give it permission to scrape metallb's one + # prometheus doesn't have the permission to scrape all namespaces so we give it permission to scrape metallb's one rbacPrometheus: false # the service account used by prometheus # required when " .Values.prometheus.rbacPrometheus == true " and " .Values.prometheus.podMonitor.enabled=true or prometheus.serviceMonitor.enabled=true " @@ -54,7 +54,7 @@ metallb: podMonitor: # enable support for Prometheus Operator enabled: false - # optional additionnal labels for podMonitors + # optional additional labels for podMonitors additionalLabels: {} # optional annotations for podMonitors annotations: {} @@ -123,7 +123,7 @@ metallb: prometheusRule: # enable alertmanager alerts enabled: false - # optional additionnal labels for prometheusRules + # optional additional labels for prometheusRules additionalLabels: operator.insight.io/managed-by: insight # optional annotations for prometheusRules @@ -142,7 +142,7 @@ metallb: addressPoolExhausted: enabled: true labels: - severity: alert + severity: critical addressPoolUsage: enabled: true thresholds: @@ -154,12 +154,12 @@ metallb: severity: warning - percent: 95 labels: - severity: alert + severity: critical # MetalLBBGPSessionDown bgpSessionDown: enabled: true labels: - severity: alert + severity: critical extraAlerts: [] # controller contains configuration specific to the MetalLB cluster # controller. @@ -171,7 +171,7 @@ metallb: # webhookMode: enabled image: repository: metallb/controller - tag: v0.14.8 + tag: v0.14.9 pullPolicy: registry: quay.m.daocloud.io ## @param controller.updateStrategy.type Metallb controller deployment strategy type. @@ -250,7 +250,7 @@ metallb: ignoreExcludeLB: false image: repository: metallb/speaker - tag: v0.14.8 + tag: v0.14.9 pullPolicy: registry: quay.m.daocloud.io ## @param speaker.updateStrategy.type Speaker daemonset strategy type