From f2a53c6a9761255b87ad656de52c46d0ae2f97e6 Mon Sep 17 00:00:00 2001 From: 23t-renovate Date: Tue, 15 Nov 2022 10:02:22 +0000 Subject: [PATCH] chore(deps): update dependency gardener/gardener to v1.59.1 --- .../Chart.yaml | 2 +- .../charts/utils-common/Chart.yaml | 2 +- .../charts/utils-templates/Chart.yaml | 2 +- .../charts/utils-common/values.yaml | 11 +- .../charts/utils-templates/Chart.yaml | 2 +- .../clusterrolebinding-apiserver.yaml | 1 - ...clusterrolebinding-controller-manager.yaml | 1 - .../clusterrolebinding-scheduler.yaml | 1 - ...alidatingwebhook-admission-controller.yaml | 2 +- .../values.yaml | 11 +- .../gardener-controlplane-runtime/Chart.yaml | 2 +- .../charts/utils-common/Chart.yaml | 2 +- .../charts/utils-templates/Chart.yaml | 2 +- .../charts/utils-common/values.yaml | 11 +- .../charts/utils-templates/Chart.yaml | 2 +- .../templates/apiserver/deployment.yaml | 6 +- ...fig.yaml => secret-encryption-config.yaml} | 4 +- .../gardener-controlplane-runtime/values.yaml | 11 +- charts/gardener-controlplane/Chart.yaml | 2 +- .../charts/application/Chart.yaml | 2 +- .../charts/utils-common/Chart.yaml | 2 +- .../charts/utils-templates/Chart.yaml | 2 +- .../charts/utils-common/values.yaml | 11 +- .../charts/utils-templates/Chart.yaml | 2 +- .../clusterrolebinding-apiserver.yaml | 1 - ...clusterrolebinding-controller-manager.yaml | 1 - .../clusterrolebinding-scheduler.yaml | 1 - ...alidatingwebhook-admission-controller.yaml | 2 +- .../charts/application/values.yaml | 11 +- .../charts/runtime/Chart.yaml | 2 +- .../runtime/charts/utils-common/Chart.yaml | 2 +- .../charts/utils-templates/Chart.yaml | 2 +- .../runtime/charts/utils-common/values.yaml | 11 +- .../runtime/charts/utils-templates/Chart.yaml | 2 +- .../templates/apiserver/deployment.yaml | 6 +- ...fig.yaml => secret-encryption-config.yaml} | 4 +- .../charts/runtime/values.yaml | 11 +- .../charts/utils-common/Chart.yaml | 2 +- .../charts/utils-templates/Chart.yaml | 2 +- .../charts/utils-common/values.yaml | 11 +- .../charts/utils-templates/Chart.yaml | 2 +- charts/gardener-controlplane/values.yaml | 11 +- charts/gardenlet/Chart.yaml | 2 +- charts/gardenlet/charts/runtime/Chart.yaml | 4 - .../runtime/charts/utils-templates/Chart.yaml | 4 - .../runtime/charts/utils-templates/README.md | 20 - .../utils-templates/templates/_image.tpl | 7 - .../utils-templates/templates/_resources.tpl | 12 - .../utils-templates/templates/_versions.tpl | 71 --- .../runtime/templates/_feature-gates.tpl | 23 - .../charts/runtime/templates/_helpers.tpl | 270 ----------- .../secret-kubeconfig-garden-bootstrap.yaml | 18 - charts/gardenlet/charts/runtime/values.yaml | 216 --------- .../charts/utils-templates/Chart.yaml | 2 +- charts/gardenlet/templates/_feature-gates.tpl | 23 + charts/gardenlet/templates/_helpers.tpl | 297 ++++++++++++ .../templates/clusterrole-apiserver-sni.yaml | 4 +- .../templates/clusterrole-gardenlet.yaml | 15 +- .../templates/clusterrole-managed-istio.yaml | 4 +- .../clusterrolebinding-apiserver-sni.yaml | 6 +- .../clusterrolebinding-gardenlet.yaml | 6 +- .../clusterrolebinding-managed-istio.yaml | 6 +- .../templates/configmap-componentconfig.yaml | 2 - ...gmap-imagevector-overwrite-components.yaml | 2 +- .../configmap-imagevector-overwrite.yaml | 2 +- .../runtime => }/templates/deployment.yaml | 131 +++--- .../templates/poddisruptionbudget.yaml | 4 +- .../runtime => }/templates/priorityclass.yaml | 2 +- .../templates/role-garden-gardenlet.yaml | 4 +- .../rolebinding-garden-gardenlet.yaml | 6 +- .../secret-kubeconfig-garden-bootstrap.yaml | 18 + .../templates/secret-kubeconfig-garden.yaml | 4 +- .../templates/secret-kubeconfig-seed.yaml | 2 +- .../runtime => }/templates/service.yaml | 6 +- .../templates/serviceaccount.yaml | 6 +- .../{charts/runtime => }/templates/vpa.yaml | 4 +- charts/gardenlet/values.yaml | 427 +++++++++--------- .../import-gardener-charts.py | 2 +- 78 files changed, 754 insertions(+), 1058 deletions(-) rename charts/gardener-controlplane-runtime/templates/apiserver/{secret-gardener-apiserver-encryption-config.yaml => secret-encryption-config.yaml} (65%) rename charts/gardener-controlplane/charts/runtime/templates/apiserver/{secret-gardener-apiserver-encryption-config.yaml => secret-encryption-config.yaml} (65%) delete mode 100644 charts/gardenlet/charts/runtime/Chart.yaml delete mode 100644 charts/gardenlet/charts/runtime/charts/utils-templates/Chart.yaml delete mode 100644 charts/gardenlet/charts/runtime/charts/utils-templates/README.md delete mode 100644 charts/gardenlet/charts/runtime/charts/utils-templates/templates/_image.tpl delete mode 100644 charts/gardenlet/charts/runtime/charts/utils-templates/templates/_resources.tpl delete mode 100644 charts/gardenlet/charts/runtime/charts/utils-templates/templates/_versions.tpl delete mode 100644 charts/gardenlet/charts/runtime/templates/_feature-gates.tpl delete mode 100644 charts/gardenlet/charts/runtime/templates/_helpers.tpl delete mode 100644 charts/gardenlet/charts/runtime/templates/secret-kubeconfig-garden-bootstrap.yaml delete mode 100644 charts/gardenlet/charts/runtime/values.yaml create mode 100644 charts/gardenlet/templates/_feature-gates.tpl create mode 100644 charts/gardenlet/templates/_helpers.tpl rename charts/gardenlet/{charts/runtime => }/templates/clusterrole-apiserver-sni.yaml (92%) rename charts/gardenlet/{charts/runtime => }/templates/clusterrole-gardenlet.yaml (97%) rename charts/gardenlet/{charts/runtime => }/templates/clusterrole-managed-istio.yaml (91%) rename charts/gardenlet/{charts/runtime => }/templates/clusterrolebinding-apiserver-sni.yaml (66%) rename charts/gardenlet/{charts/runtime => }/templates/clusterrolebinding-gardenlet.yaml (64%) rename charts/gardenlet/{charts/runtime => }/templates/clusterrolebinding-managed-istio.yaml (75%) rename charts/gardenlet/{charts/runtime => }/templates/configmap-componentconfig.yaml (88%) rename charts/gardenlet/{charts/runtime => }/templates/configmap-imagevector-overwrite-components.yaml (82%) rename charts/gardenlet/{charts/runtime => }/templates/configmap-imagevector-overwrite.yaml (83%) rename charts/gardenlet/{charts/runtime => }/templates/deployment.yaml (54%) rename charts/gardenlet/{charts/runtime => }/templates/poddisruptionbudget.yaml (79%) rename charts/gardenlet/{charts/runtime => }/templates/priorityclass.yaml (83%) rename charts/gardenlet/{charts/runtime => }/templates/role-garden-gardenlet.yaml (85%) rename charts/gardenlet/{charts/runtime => }/templates/rolebinding-garden-gardenlet.yaml (65%) create mode 100644 charts/gardenlet/templates/secret-kubeconfig-garden-bootstrap.yaml rename charts/gardenlet/{charts/runtime => }/templates/secret-kubeconfig-garden.yaml (78%) rename charts/gardenlet/{charts/runtime => }/templates/secret-kubeconfig-seed.yaml (80%) rename charts/gardenlet/{charts/runtime => }/templates/service.yaml (52%) rename charts/gardenlet/{charts/runtime => }/templates/serviceaccount.yaml (55%) rename charts/gardenlet/{charts/runtime => }/templates/vpa.yaml (79%) diff --git a/charts/gardener-controlplane-application/Chart.yaml b/charts/gardener-controlplane-application/Chart.yaml index 6ada0a00..099bcbb4 100644 --- a/charts/gardener-controlplane-application/Chart.yaml +++ b/charts/gardener-controlplane-application/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy the Gardener application related resources name: gardener-controlplane-application -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane-application/charts/utils-common/Chart.yaml b/charts/gardener-controlplane-application/charts/utils-common/Chart.yaml index d06883b8..fae01f20 100644 --- a/charts/gardener-controlplane-application/charts/utils-common/Chart.yaml +++ b/charts/gardener-controlplane-application/charts/utils-common/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy common resources for the Gardener runtime and application name: utils-common -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane-application/charts/utils-common/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane-application/charts/utils-common/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane-application/charts/utils-common/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane-application/charts/utils-common/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane-application/charts/utils-common/values.yaml b/charts/gardener-controlplane-application/charts/utils-common/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane-application/charts/utils-common/values.yaml +++ b/charts/gardener-controlplane-application/charts/utils-common/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardener-controlplane-application/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane-application/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane-application/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane-application/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane-application/templates/clusterrolebinding-apiserver.yaml b/charts/gardener-controlplane-application/templates/clusterrolebinding-apiserver.yaml index b5526da1..f8bc7c83 100644 --- a/charts/gardener-controlplane-application/templates/clusterrolebinding-apiserver.yaml +++ b/charts/gardener-controlplane-application/templates/clusterrolebinding-apiserver.yaml @@ -6,7 +6,6 @@ metadata: name: gardener.cloud:system:apiserver labels: app: gardener - role: apiserver chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" diff --git a/charts/gardener-controlplane-application/templates/clusterrolebinding-controller-manager.yaml b/charts/gardener-controlplane-application/templates/clusterrolebinding-controller-manager.yaml index 1253f66f..d9f82518 100644 --- a/charts/gardener-controlplane-application/templates/clusterrolebinding-controller-manager.yaml +++ b/charts/gardener-controlplane-application/templates/clusterrolebinding-controller-manager.yaml @@ -6,7 +6,6 @@ metadata: name: gardener.cloud:system:controller-manager labels: app: gardener - role: apiserver chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" diff --git a/charts/gardener-controlplane-application/templates/clusterrolebinding-scheduler.yaml b/charts/gardener-controlplane-application/templates/clusterrolebinding-scheduler.yaml index 86a4eded..212e9fb3 100644 --- a/charts/gardener-controlplane-application/templates/clusterrolebinding-scheduler.yaml +++ b/charts/gardener-controlplane-application/templates/clusterrolebinding-scheduler.yaml @@ -6,7 +6,6 @@ metadata: name: gardener.cloud:system:scheduler labels: app: gardener - role: scheduler chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" diff --git a/charts/gardener-controlplane-application/templates/validatingwebhook-admission-controller.yaml b/charts/gardener-controlplane-application/templates/validatingwebhook-admission-controller.yaml index 2bf0593b..9fc79fed 100644 --- a/charts/gardener-controlplane-application/templates/validatingwebhook-admission-controller.yaml +++ b/charts/gardener-controlplane-application/templates/validatingwebhook-admission-controller.yaml @@ -2,7 +2,7 @@ apiVersion: {{ include "webhookadmissionregistration" . }} kind: ValidatingWebhookConfiguration metadata: - name: validate-namespace-deletion + name: gardener-admission-controller webhooks: - name: validate-namespace-deletion.gardener.cloud admissionReviewVersions: ["v1", "v1beta1"] diff --git a/charts/gardener-controlplane-application/values.yaml b/charts/gardener-controlplane-application/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane-application/values.yaml +++ b/charts/gardener-controlplane-application/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardener-controlplane-runtime/Chart.yaml b/charts/gardener-controlplane-runtime/Chart.yaml index 5a007cc2..b7ec702a 100644 --- a/charts/gardener-controlplane-runtime/Chart.yaml +++ b/charts/gardener-controlplane-runtime/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy the Gardener runtime related resources name: gardener-controlplane-runtime -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane-runtime/charts/utils-common/Chart.yaml b/charts/gardener-controlplane-runtime/charts/utils-common/Chart.yaml index d06883b8..fae01f20 100644 --- a/charts/gardener-controlplane-runtime/charts/utils-common/Chart.yaml +++ b/charts/gardener-controlplane-runtime/charts/utils-common/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy common resources for the Gardener runtime and application name: utils-common -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane-runtime/charts/utils-common/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane-runtime/charts/utils-common/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane-runtime/charts/utils-common/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane-runtime/charts/utils-common/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane-runtime/charts/utils-common/values.yaml b/charts/gardener-controlplane-runtime/charts/utils-common/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane-runtime/charts/utils-common/values.yaml +++ b/charts/gardener-controlplane-runtime/charts/utils-common/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardener-controlplane-runtime/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane-runtime/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane-runtime/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane-runtime/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane-runtime/templates/apiserver/deployment.yaml b/charts/gardener-controlplane-runtime/templates/apiserver/deployment.yaml index 80e61d6a..dadac1d6 100644 --- a/charts/gardener-controlplane-runtime/templates/apiserver/deployment.yaml +++ b/charts/gardener-controlplane-runtime/templates/apiserver/deployment.yaml @@ -32,7 +32,7 @@ spec: {{- end }} checksum/secret-gardener-apiserver-cert: {{ include (print $.Template.BasePath "/apiserver/secret-cert.yaml") . | sha256sum }} {{- if .Values.global.apiserver.encryption.config }} - checksum/secret-gardener-apiserver-encryption-config: {{ include (print $.Template.BasePath "/apiserver/secret-gardener-apiserver-encryption-config.yaml") . | sha256sum }} + checksum/secret-gardener-apiserver-encryption-config: {{ include (print $.Template.BasePath "/apiserver/secret-encryption-config.yaml") . | sha256sum }} {{- end }} checksum/secret-gardener-apiserver-kubeconfig: {{ include (print $.Template.BasePath "/apiserver/secret-kubeconfig.yaml") . | sha256sum }} {{- if (include "gardener-apiserver.hasAdmissionPlugins" .) }} @@ -263,7 +263,9 @@ spec: - --tls-private-key-file=/etc/gardener-apiserver/srv/gardener-apiserver.key {{- end }} {{- include "gardener-apiserver.watchCacheSizes" . | indent 8 }} - - --v=2 + - --log-level={{ .Values.global.apiserver.logLevel | default "info" }} + - --log-format={{ .Values.global.apiserver.logFormat | default "json" }} + - --v={{ .Values.global.apiserver.logVerbosity | default "2" }} livenessProbe: httpGet: scheme: HTTPS diff --git a/charts/gardener-controlplane-runtime/templates/apiserver/secret-gardener-apiserver-encryption-config.yaml b/charts/gardener-controlplane-runtime/templates/apiserver/secret-encryption-config.yaml similarity index 65% rename from charts/gardener-controlplane-runtime/templates/apiserver/secret-gardener-apiserver-encryption-config.yaml rename to charts/gardener-controlplane-runtime/templates/apiserver/secret-encryption-config.yaml index b882607b..bf34cb34 100644 --- a/charts/gardener-controlplane-runtime/templates/apiserver/secret-gardener-apiserver-encryption-config.yaml +++ b/charts/gardener-controlplane-runtime/templates/apiserver/secret-encryption-config.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.apiserver.encryption.config }} +{{- if and .Values.global.apiserver.enabled .Values.global.apiserver.encryption.config }} apiVersion: v1 kind: Secret metadata: @@ -6,4 +6,4 @@ metadata: namespace: garden data: encryption-config.yaml: {{ .Values.global.apiserver.encryption.config | b64enc }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/gardener-controlplane-runtime/values.yaml b/charts/gardener-controlplane-runtime/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane-runtime/values.yaml +++ b/charts/gardener-controlplane-runtime/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardener-controlplane/Chart.yaml b/charts/gardener-controlplane/Chart.yaml index 4c0ffdcc..2690ba71 100644 --- a/charts/gardener-controlplane/Chart.yaml +++ b/charts/gardener-controlplane/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy the Gardener controlplane (API server, controller-manager, scheduler, admission-controller) name: gardener-controlplane -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/application/Chart.yaml b/charts/gardener-controlplane/charts/application/Chart.yaml index 2ef38778..68af83c1 100644 --- a/charts/gardener-controlplane/charts/application/Chart.yaml +++ b/charts/gardener-controlplane/charts/application/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy the Gardener application related resources name: application -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/application/charts/utils-common/Chart.yaml b/charts/gardener-controlplane/charts/application/charts/utils-common/Chart.yaml index d06883b8..fae01f20 100644 --- a/charts/gardener-controlplane/charts/application/charts/utils-common/Chart.yaml +++ b/charts/gardener-controlplane/charts/application/charts/utils-common/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy common resources for the Gardener runtime and application name: utils-common -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/application/charts/utils-common/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane/charts/application/charts/utils-common/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane/charts/application/charts/utils-common/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane/charts/application/charts/utils-common/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/application/charts/utils-common/values.yaml b/charts/gardener-controlplane/charts/application/charts/utils-common/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane/charts/application/charts/utils-common/values.yaml +++ b/charts/gardener-controlplane/charts/application/charts/utils-common/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardener-controlplane/charts/application/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane/charts/application/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane/charts/application/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane/charts/application/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-apiserver.yaml b/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-apiserver.yaml index b5526da1..f8bc7c83 100644 --- a/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-apiserver.yaml +++ b/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-apiserver.yaml @@ -6,7 +6,6 @@ metadata: name: gardener.cloud:system:apiserver labels: app: gardener - role: apiserver chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" diff --git a/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-controller-manager.yaml b/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-controller-manager.yaml index 1253f66f..d9f82518 100644 --- a/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-controller-manager.yaml +++ b/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-controller-manager.yaml @@ -6,7 +6,6 @@ metadata: name: gardener.cloud:system:controller-manager labels: app: gardener - role: apiserver chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" diff --git a/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-scheduler.yaml b/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-scheduler.yaml index 86a4eded..212e9fb3 100644 --- a/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-scheduler.yaml +++ b/charts/gardener-controlplane/charts/application/templates/clusterrolebinding-scheduler.yaml @@ -6,7 +6,6 @@ metadata: name: gardener.cloud:system:scheduler labels: app: gardener - role: scheduler chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" diff --git a/charts/gardener-controlplane/charts/application/templates/validatingwebhook-admission-controller.yaml b/charts/gardener-controlplane/charts/application/templates/validatingwebhook-admission-controller.yaml index 2bf0593b..9fc79fed 100644 --- a/charts/gardener-controlplane/charts/application/templates/validatingwebhook-admission-controller.yaml +++ b/charts/gardener-controlplane/charts/application/templates/validatingwebhook-admission-controller.yaml @@ -2,7 +2,7 @@ apiVersion: {{ include "webhookadmissionregistration" . }} kind: ValidatingWebhookConfiguration metadata: - name: validate-namespace-deletion + name: gardener-admission-controller webhooks: - name: validate-namespace-deletion.gardener.cloud admissionReviewVersions: ["v1", "v1beta1"] diff --git a/charts/gardener-controlplane/charts/application/values.yaml b/charts/gardener-controlplane/charts/application/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane/charts/application/values.yaml +++ b/charts/gardener-controlplane/charts/application/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardener-controlplane/charts/runtime/Chart.yaml b/charts/gardener-controlplane/charts/runtime/Chart.yaml index 71268d89..f0853b27 100644 --- a/charts/gardener-controlplane/charts/runtime/Chart.yaml +++ b/charts/gardener-controlplane/charts/runtime/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy the Gardener runtime related resources name: runtime -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/runtime/charts/utils-common/Chart.yaml b/charts/gardener-controlplane/charts/runtime/charts/utils-common/Chart.yaml index d06883b8..fae01f20 100644 --- a/charts/gardener-controlplane/charts/runtime/charts/utils-common/Chart.yaml +++ b/charts/gardener-controlplane/charts/runtime/charts/utils-common/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy common resources for the Gardener runtime and application name: utils-common -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/runtime/charts/utils-common/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane/charts/runtime/charts/utils-common/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane/charts/runtime/charts/utils-common/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane/charts/runtime/charts/utils-common/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/runtime/charts/utils-common/values.yaml b/charts/gardener-controlplane/charts/runtime/charts/utils-common/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane/charts/runtime/charts/utils-common/values.yaml +++ b/charts/gardener-controlplane/charts/runtime/charts/utils-common/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardener-controlplane/charts/runtime/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane/charts/runtime/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane/charts/runtime/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane/charts/runtime/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/runtime/templates/apiserver/deployment.yaml b/charts/gardener-controlplane/charts/runtime/templates/apiserver/deployment.yaml index 80e61d6a..dadac1d6 100644 --- a/charts/gardener-controlplane/charts/runtime/templates/apiserver/deployment.yaml +++ b/charts/gardener-controlplane/charts/runtime/templates/apiserver/deployment.yaml @@ -32,7 +32,7 @@ spec: {{- end }} checksum/secret-gardener-apiserver-cert: {{ include (print $.Template.BasePath "/apiserver/secret-cert.yaml") . | sha256sum }} {{- if .Values.global.apiserver.encryption.config }} - checksum/secret-gardener-apiserver-encryption-config: {{ include (print $.Template.BasePath "/apiserver/secret-gardener-apiserver-encryption-config.yaml") . | sha256sum }} + checksum/secret-gardener-apiserver-encryption-config: {{ include (print $.Template.BasePath "/apiserver/secret-encryption-config.yaml") . | sha256sum }} {{- end }} checksum/secret-gardener-apiserver-kubeconfig: {{ include (print $.Template.BasePath "/apiserver/secret-kubeconfig.yaml") . | sha256sum }} {{- if (include "gardener-apiserver.hasAdmissionPlugins" .) }} @@ -263,7 +263,9 @@ spec: - --tls-private-key-file=/etc/gardener-apiserver/srv/gardener-apiserver.key {{- end }} {{- include "gardener-apiserver.watchCacheSizes" . | indent 8 }} - - --v=2 + - --log-level={{ .Values.global.apiserver.logLevel | default "info" }} + - --log-format={{ .Values.global.apiserver.logFormat | default "json" }} + - --v={{ .Values.global.apiserver.logVerbosity | default "2" }} livenessProbe: httpGet: scheme: HTTPS diff --git a/charts/gardener-controlplane/charts/runtime/templates/apiserver/secret-gardener-apiserver-encryption-config.yaml b/charts/gardener-controlplane/charts/runtime/templates/apiserver/secret-encryption-config.yaml similarity index 65% rename from charts/gardener-controlplane/charts/runtime/templates/apiserver/secret-gardener-apiserver-encryption-config.yaml rename to charts/gardener-controlplane/charts/runtime/templates/apiserver/secret-encryption-config.yaml index b882607b..bf34cb34 100644 --- a/charts/gardener-controlplane/charts/runtime/templates/apiserver/secret-gardener-apiserver-encryption-config.yaml +++ b/charts/gardener-controlplane/charts/runtime/templates/apiserver/secret-encryption-config.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.apiserver.encryption.config }} +{{- if and .Values.global.apiserver.enabled .Values.global.apiserver.encryption.config }} apiVersion: v1 kind: Secret metadata: @@ -6,4 +6,4 @@ metadata: namespace: garden data: encryption-config.yaml: {{ .Values.global.apiserver.encryption.config | b64enc }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/gardener-controlplane/charts/runtime/values.yaml b/charts/gardener-controlplane/charts/runtime/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane/charts/runtime/values.yaml +++ b/charts/gardener-controlplane/charts/runtime/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardener-controlplane/charts/utils-common/Chart.yaml b/charts/gardener-controlplane/charts/utils-common/Chart.yaml index d06883b8..fae01f20 100644 --- a/charts/gardener-controlplane/charts/utils-common/Chart.yaml +++ b/charts/gardener-controlplane/charts/utils-common/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy common resources for the Gardener runtime and application name: utils-common -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/utils-common/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane/charts/utils-common/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane/charts/utils-common/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane/charts/utils-common/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/charts/utils-common/values.yaml b/charts/gardener-controlplane/charts/utils-common/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane/charts/utils-common/values.yaml +++ b/charts/gardener-controlplane/charts/utils-common/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardener-controlplane/charts/utils-templates/Chart.yaml b/charts/gardener-controlplane/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardener-controlplane/charts/utils-templates/Chart.yaml +++ b/charts/gardener-controlplane/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardener-controlplane/values.yaml b/charts/gardener-controlplane/values.yaml index 3b68c257..f41bb0c4 100644 --- a/charts/gardener-controlplane/values.yaml +++ b/charts/gardener-controlplane/values.yaml @@ -6,9 +6,12 @@ global: replicaCount: 1 securePort: 8443 serviceAccountName: gardener-apiserver + logLevel: info + logFormat: json + logVerbosity: "2" image: repository: eu.gcr.io/gardener-project/gardener/apiserver - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent livenessProbe: initialDelaySeconds: 15 @@ -268,7 +271,7 @@ global: serviceAccountName: gardener-admission-controller image: repository: eu.gcr.io/gardener-project/gardener/admission-controller - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -342,7 +345,7 @@ global: serviceAccountName: gardener-controller-manager image: repository: eu.gcr.io/gardener-project/gardener/controller-manager - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: @@ -454,7 +457,7 @@ global: serviceAccountName: gardener-scheduler image: repository: eu.gcr.io/gardener-project/gardener/scheduler - tag: v1.57.1 + tag: v1.59.1 pullPolicy: IfNotPresent resources: requests: diff --git a/charts/gardenlet/Chart.yaml b/charts/gardenlet/Chart.yaml index 83b4d73c..bab53b18 100644 --- a/charts/gardenlet/Chart.yaml +++ b/charts/gardenlet/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy the Gardenlet (primary "seed" agent) name: gardenlet -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardenlet/charts/runtime/Chart.yaml b/charts/gardenlet/charts/runtime/Chart.yaml deleted file mode 100644 index a39fa2a1..00000000 --- a/charts/gardenlet/charts/runtime/Chart.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -description: A Helm chart to deploy the Gardenlet runtime related resources -name: runtime -version: 1.57.1 diff --git a/charts/gardenlet/charts/runtime/charts/utils-templates/Chart.yaml b/charts/gardenlet/charts/runtime/charts/utils-templates/Chart.yaml deleted file mode 100644 index 97915f60..00000000 --- a/charts/gardenlet/charts/runtime/charts/utils-templates/Chart.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -description: Util chart for various templates. -name: utils-templates -version: 1.57.1 diff --git a/charts/gardenlet/charts/runtime/charts/utils-templates/README.md b/charts/gardenlet/charts/runtime/charts/utils-templates/README.md deleted file mode 100644 index 40abe941..00000000 --- a/charts/gardenlet/charts/runtime/charts/utils-templates/README.md +++ /dev/null @@ -1,20 +0,0 @@ -# Important - -To add this chart to another as dependency, execute - -```bash -mkdir -p ./charts/PATH-TO-MY-CHART/charts -ln -sr ./charts/utils-templates ./charts/PATH-TO-MY-CHART/charts/utils-templates -``` - -Then check for broken links with - -``` -find -L charts -type l -``` - -or - -``` -make verify -``` diff --git a/charts/gardenlet/charts/runtime/charts/utils-templates/templates/_image.tpl b/charts/gardenlet/charts/runtime/charts/utils-templates/templates/_image.tpl deleted file mode 100644 index fefcf963..00000000 --- a/charts/gardenlet/charts/runtime/charts/utils-templates/templates/_image.tpl +++ /dev/null @@ -1,7 +0,0 @@ -{{- define "utils-templates.image" -}} -{{- if hasPrefix "sha256:" (required "$.tag is required" $.tag) -}} -{{ required "$.repository is required" $.repository }}@{{ required "$.tag is required" $.tag }} -{{- else -}} -{{ required "$.repository is required" $.repository }}:{{ required "$.tag is required" $.tag }} -{{- end -}} -{{- end -}} diff --git a/charts/gardenlet/charts/runtime/charts/utils-templates/templates/_resources.tpl b/charts/gardenlet/charts/runtime/charts/utils-templates/templates/_resources.tpl deleted file mode 100644 index 72c8ee79..00000000 --- a/charts/gardenlet/charts/runtime/charts/utils-templates/templates/_resources.tpl +++ /dev/null @@ -1,12 +0,0 @@ -{{/* -util-templates.resource-quantity returns resource quantity based on number of objects (such as nodes, pods etc..), -resource per object, object weight and base resource quantity. -*/}} -{{- define "utils-templates.resource-quantity" -}} -{{- range $resourceKey, $resourceValue := (required "$.resource is required" $.resources) }} -{{ $resourceKey }}: -{{- range $unit, $r := $resourceValue }} - {{ $unit }}: {{ printf "%d%s" ( add $r.base ( mul ( div $.objectCount $r.weight ) $r.perObject $r.weight ) ) $r.unit }} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/charts/gardenlet/charts/runtime/charts/utils-templates/templates/_versions.tpl b/charts/gardenlet/charts/runtime/charts/utils-templates/templates/_versions.tpl deleted file mode 100644 index db961879..00000000 --- a/charts/gardenlet/charts/runtime/charts/utils-templates/templates/_versions.tpl +++ /dev/null @@ -1,71 +0,0 @@ -{{- define "apiserverversion" -}} -apiserver.k8s.io/v1alpha1 -{{- end -}} - -{{- define "auditkubernetesversion" -}} -audit.k8s.io/v1 -{{- end -}} - -{{- define "rbacversion" -}} -rbac.authorization.k8s.io/v1 -{{- end -}} - -{{- define "deploymentversion" -}} -apps/v1 -{{- end -}} - -{{- define "daemonsetversion" -}} -apps/v1 -{{- end -}} - -{{- define "statefulsetversion" -}} -apps/v1 -{{- end -}} - -{{- define "apiserviceversion" -}} -apiregistration.k8s.io/v1 -{{- end -}} - -{{- define "networkpolicyversion" -}} -networking.k8s.io/v1 -{{- end -}} - -{{- define "priorityclassversion" -}} -scheduling.k8s.io/v1 -{{- end -}} - -{{- define "cronjobversion" -}} -{{- if semverCompare ">= 1.21-0" .Capabilities.KubeVersion.GitVersion -}} -batch/v1 -{{- else -}} -batch/v1beta1 -{{- end -}} -{{- end -}} - -{{- define "hpaversion" -}} -{{- if semverCompare ">= 1.23-0" .Capabilities.KubeVersion.GitVersion -}} -autoscaling/v2 -{{- else -}} -autoscaling/v2beta1 -{{- end -}} -{{- end -}} - -{{- define "webhookadmissionregistration" -}} -admissionregistration.k8s.io/v1 -{{- end -}} - -{{- define "poddisruptionbudgetversion" -}} -{{- if semverCompare ">= 1.21-0" .Capabilities.KubeVersion.GitVersion -}} -policy/v1 -{{- else -}} -policy/v1beta1 -{{- end -}} -{{- end -}} - -{{- define "podsecuritypolicyversion" -}} -policy/v1beta1 -{{- end -}} - -{{- define "ingressversion" -}} -networking.k8s.io/v1 -{{- end -}} diff --git a/charts/gardenlet/charts/runtime/templates/_feature-gates.tpl b/charts/gardenlet/charts/runtime/templates/_feature-gates.tpl deleted file mode 100644 index c6cf82b4..00000000 --- a/charts/gardenlet/charts/runtime/templates/_feature-gates.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{- define "gardenlet.apiserver-sni-enabled" -}} -{{- if .Values.global.gardenlet.config.featureGates -}} -{{- if hasKey .Values.global.gardenlet.config.featureGates "APIServerSNI" -}} -{{- .Values.global.gardenlet.config.featureGates.APIServerSNI -}} -{{- else -}} -true -{{- end -}} -{{- else -}} -true -{{- end -}} -{{- end -}} - -{{- define "gardenlet.managed-istio-enabled" -}} -{{- if .Values.global.gardenlet.config.featureGates -}} -{{- if hasKey .Values.global.gardenlet.config.featureGates "ManagedIstio" -}} -{{- .Values.global.gardenlet.config.featureGates.ManagedIstio -}} -{{- else -}} -true -{{- end -}} -{{- else -}} -true -{{- end -}} -{{- end -}} diff --git a/charts/gardenlet/charts/runtime/templates/_helpers.tpl b/charts/gardenlet/charts/runtime/templates/_helpers.tpl deleted file mode 100644 index 197adcff..00000000 --- a/charts/gardenlet/charts/runtime/templates/_helpers.tpl +++ /dev/null @@ -1,270 +0,0 @@ -{{- define "gardenlet.kubeconfig-garden.data" -}} -kubeconfig: {{ .Values.global.gardenlet.config.gardenClientConnection.kubeconfig | b64enc }} -{{- end -}} - -{{- define "gardenlet.kubeconfig-garden.name" -}} -gardenlet-kubeconfig-garden-{{ include "gardenlet.kubeconfig-garden.data" . | sha256sum | trunc 8 }} -{{- end -}} - -{{- define "gardenlet.kubeconfig-seed.data" -}} -kubeconfig: {{ .Values.global.gardenlet.config.seedClientConnection.kubeconfig | b64enc }} -{{- end -}} - -{{- define "gardenlet.kubeconfig-seed.name" -}} -gardenlet-kubeconfig-seed-{{ include "gardenlet.kubeconfig-seed.data" . | sha256sum | trunc 8 }} -{{- end -}} - -{{- define "gardenlet.imagevector-overwrite.data" -}} -images_overwrite.yaml: | -{{ .Values.global.gardenlet.imageVectorOverwrite | indent 2 }} -{{- end -}} - -{{- define "gardenlet.imagevector-overwrite.name" -}} -gardenlet-imagevector-overwrite-{{ include "gardenlet.imagevector-overwrite.data" . | sha256sum | trunc 8 }} -{{- end -}} - -{{- define "gardenlet.imagevector-overwrite-components.data" -}} -components.yaml: | -{{ .Values.global.gardenlet.componentImageVectorOverwrites | indent 2 }} -{{- end -}} - -{{- define "gardenlet.imagevector-overwrite-components.name" -}} -gardenlet-imagevector-overwrite-components-{{ include "gardenlet.imagevector-overwrite-components.data" . | sha256sum | trunc 8 }} -{{- end -}} - -{{- define "gardenlet.cert.name" -}} -gardenlet-cert-{{ include "gardenlet.cert.data" . | sha256sum | trunc 8 }} -{{- end -}} - -{{- define "gardenlet.config.data" -}} -config.yaml: | - --- - apiVersion: gardenlet.config.gardener.cloud/v1alpha1 - kind: GardenletConfiguration - gardenClientConnection: - {{- with .Values.global.gardenlet.config.gardenClientConnection.acceptContentTypes }} - acceptContentTypes: {{ . | quote }} - {{- end }} - {{- with .Values.global.gardenlet.config.gardenClientConnection.contentType }} - contentType: {{ . | quote }} - {{- end }} - qps: {{ required ".Values.global.gardenlet.config.gardenClientConnection.qps is required" .Values.global.gardenlet.config.gardenClientConnection.qps }} - burst: {{ required ".Values.global.gardenlet.config.gardenClientConnection.burst is required" .Values.global.gardenlet.config.gardenClientConnection.burst }} - {{- if .Values.global.gardenlet.config.gardenClientConnection.gardenClusterAddress }} - gardenClusterAddress: {{ .Values.global.gardenlet.config.gardenClientConnection.gardenClusterAddress }} - {{- end }} - {{- if .Values.global.gardenlet.config.gardenClientConnection.gardenClusterCACert }} - gardenClusterCACert: {{ .Values.global.gardenlet.config.gardenClientConnection.gardenClusterCACert }} - {{- end }} - {{- if .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig }} - bootstrapKubeconfig: - {{- if .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.secretRef }} - name: {{ required ".Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.secretRef.name is required" .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.secretRef.name }} - namespace: {{ required ".Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.secretRef.namespace is required" .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.secretRef.namespace }} - {{- else }} - name: {{ required ".Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.name is required" .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.name }} - namespace: {{ required ".Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.namespace is required" .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.namespace }} - {{- end }} - {{- end }} - {{- if .Values.global.gardenlet.config.gardenClientConnection.kubeconfigSecret }} - kubeconfigSecret: - name: {{ required ".Values.global.gardenlet.config.gardenClientConnection.kubeconfigSecret.name is required" .Values.global.gardenlet.config.gardenClientConnection.kubeconfigSecret.name }} - namespace: {{ required ".Values.global.gardenlet.config.gardenClientConnection.kubeconfigSecret.namespace is required" .Values.global.gardenlet.config.gardenClientConnection.kubeconfigSecret.namespace }} - {{- end }} -{{- if .Values.global.gardenlet.config.gardenClientConnection.kubeconfigValidity }} - kubeconfigValidity: -{{ toYaml .Values.global.gardenlet.config.gardenClientConnection.kubeconfigValidity | indent 6 }} - {{- end }} - {{- if .Values.global.gardenlet.config.gardenClientConnection.kubeconfig }} - kubeconfig: /etc/gardenlet/kubeconfig-garden/kubeconfig - {{- end }} - seedClientConnection: - {{- with .Values.global.gardenlet.config.seedClientConnection.acceptContentTypes }} - acceptContentTypes: {{ . | quote }} - {{- end }} - {{- with .Values.global.gardenlet.config.seedClientConnection.contentType }} - contentType: {{ . | quote }} - {{- end }} - qps: {{ required ".Values.global.gardenlet.config.seedClientConnection.qps is required" .Values.global.gardenlet.config.seedClientConnection.qps }} - burst: {{ required ".Values.global.gardenlet.config.seedClientConnection.burst is required" .Values.global.gardenlet.config.seedClientConnection.burst }} - {{- if .Values.global.gardenlet.config.seedClientConnection.kubeconfig }} - kubeconfig: /etc/gardenlet/kubeconfig-seed/kubeconfig - {{- end }} - shootClientConnection: - {{- with .Values.global.gardenlet.config.shootClientConnection.acceptContentTypes }} - acceptContentTypes: {{ . | quote }} - {{- end }} - {{- with .Values.global.gardenlet.config.shootClientConnection.contentType }} - contentType: {{ . | quote }} - {{- end }} - qps: {{ required ".Values.global.gardenlet.config.shootClientConnection.qps is required" .Values.global.gardenlet.config.shootClientConnection.qps }} - burst: {{ required ".Values.global.gardenlet.config.shootClientConnection.burst is required" .Values.global.gardenlet.config.shootClientConnection.burst }} - controllers: - backupBucket: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.backupBucket.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.backupBucket.concurrentSyncs }} - backupEntry: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.backupEntry.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.backupEntry.concurrentSyncs }} - {{- if .Values.global.gardenlet.config.controllers.backupEntry.deletionGracePeriodHours }} - deletionGracePeriodHours: {{ .Values.global.gardenlet.config.controllers.backupEntry.deletionGracePeriodHours }} - {{- end }} - {{- if .Values.global.gardenlet.config.controllers.backupEntry.deletionGracePeriodShootPurposes }} - deletionGracePeriodShootPurposes: -{{ toYaml .Values.global.gardenlet.config.controllers.backupEntry.deletionGracePeriodShootPurposes | indent 6 }} - {{- end }} - bastion: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.bastion.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.bastion.concurrentSyncs }} - {{- if .Values.global.gardenlet.config.controllers.controllerInstallation }} - controllerInstallation: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.controllerInstallation.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.controllerInstallation.concurrentSyncs }} - {{- end }} - {{- if .Values.global.gardenlet.config.controllers.controllerInstallationCare }} - controllerInstallationCare: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.controllerInstallationCare.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.controllerInstallationCare.concurrentSyncs }} - syncPeriod: {{ required ".Values.global.gardenlet.config.controllers.controllerInstallationCare.syncPeriod is required" .Values.global.gardenlet.config.controllers.controllerInstallationCare.syncPeriod }} - {{- end }} - {{- if .Values.global.gardenlet.config.controllers.controllerInstallationRequired }} - controllerInstallationRequired: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.controllerInstallationRequired.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.controllerInstallationRequired.concurrentSyncs }} - {{- end }} - {{- if .Values.global.gardenlet.config.controllers.seed }} - seed: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.seed.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.seed.concurrentSyncs }} - syncPeriod: {{ required ".Values.global.gardenlet.config.controllers.seed.syncPeriod is required" .Values.global.gardenlet.config.controllers.seed.syncPeriod }} - {{- if .Values.global.gardenlet.config.controllers.seed.leaseResyncSeconds }} - leaseResyncSeconds: {{ .Values.global.gardenlet.config.controllers.seed.leaseResyncSeconds }} - {{- end }} - {{- if .Values.global.gardenlet.config.controllers.seed.leaseResyncMissThreshold }} - leaseResyncMissThreshold: {{ .Values.global.gardenlet.config.controllers.seed.leaseResyncMissThreshold }} - {{- end }} - {{- end }} - shoot: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.shoot.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.shoot.concurrentSyncs }} - {{- if .Values.global.gardenlet.config.controllers.shoot.progressReportPeriod }} - progressReportPeriod: {{ .Values.global.gardenlet.config.controllers.shoot.progressReportPeriod }} - {{- end }} - {{- if .Values.global.gardenlet.config.controllers.shoot.respectSyncPeriodOverwrite }} - respectSyncPeriodOverwrite: {{ .Values.global.gardenlet.config.controllers.shoot.respectSyncPeriodOverwrite }} - {{- end }} - {{- if .Values.global.gardenlet.config.controllers.shoot.reconcileInMaintenanceOnly }} - reconcileInMaintenanceOnly: {{ .Values.global.gardenlet.config.controllers.shoot.reconcileInMaintenanceOnly }} - {{- end }} - syncPeriod: {{ required ".Values.global.gardenlet.config.controllers.shoot.syncPeriod is required" .Values.global.gardenlet.config.controllers.shoot.syncPeriod }} - retryDuration: {{ required ".Values.global.gardenlet.config.controllers.shoot.retryDuration is required" .Values.global.gardenlet.config.controllers.shoot.retryDuration }} - {{- if .Values.global.gardenlet.config.controllers.shoot.dnsEntryTTLSeconds }} - dnsEntryTTLSeconds: {{ .Values.global.gardenlet.config.controllers.shoot.dnsEntryTTLSeconds }} - {{- end }} - shootCare: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.shootCare.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.shootCare.concurrentSyncs }} - syncPeriod: {{ required ".Values.global.gardenlet.config.controllers.shootCare.syncPeriod is required" .Values.global.gardenlet.config.controllers.shootCare.syncPeriod }} - {{- if .Values.global.gardenlet.config.controllers.shootCare.staleExtensionHealthChecks }} - staleExtensionHealthChecks: - enabled: {{ required ".Values.global.gardenlet.config.controllers.shootCare.staleExtensionHealthChecks.enabled is required" .Values.global.gardenlet.config.controllers.shootCare.staleExtensionHealthChecks.enabled }} - {{- if .Values.global.gardenlet.config.controllers.shootCare.staleExtensionHealthChecks.threshold }} - threshold: {{ .Values.global.gardenlet.config.controllers.shootCare.staleExtensionHealthChecks.threshold }} - {{- end }} - {{- end }} - conditionThresholds: - {{- if .Values.global.gardenlet.config.controllers.shootCare.conditionThresholds }} -{{ toYaml .Values.global.gardenlet.config.controllers.shootCare.conditionThresholds | indent 6 }} - {{- end }} - webhookRemediatorEnabled: {{ required ".Values.global.gardenlet.config.controllers.shootCare.webhookRemediatorEnabled is required" .Values.global.gardenlet.config.controllers.shootCare.webhookRemediatorEnabled }} - seedCare: - syncPeriod: {{ required ".Values.global.gardenlet.config.controllers.seedCare.syncPeriod is required" .Values.global.gardenlet.config.controllers.seedCare.syncPeriod }} - conditionThresholds: - {{- if .Values.global.gardenlet.config.controllers.seedCare.conditionThresholds }} -{{ toYaml .Values.global.gardenlet.config.controllers.seedCare.conditionThresholds | indent 6 }} - {{- end }} - {{- if .Values.global.gardenlet.config.controllers.shootSecret }} - shootSecret: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.shootSecret.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.shootSecret.concurrentSyncs }} - {{- end }} - shootStateSync: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.shootStateSync.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.shootStateSync.concurrentSyncs }} - syncPeriod: {{ required ".Values.global.gardenlet.config.controllers.shootStateSync.syncPeriod is required" .Values.global.gardenlet.config.controllers.shootStateSync.syncPeriod }} - {{- if .Values.global.gardenlet.config.controllers.managedSeed }} - managedSeed: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.managedSeed.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.managedSeed.concurrentSyncs }} - syncPeriod: {{ required ".Values.global.gardenlet.config.controllers.managedSeed.syncPeriod is required" .Values.global.gardenlet.config.controllers.managedSeed.syncPeriod }} - waitSyncPeriod: {{ required ".Values.global.gardenlet.config.controllers.managedSeed.waitSyncPeriod is required" .Values.global.gardenlet.config.controllers.managedSeed.waitSyncPeriod }} - {{- if .Values.global.gardenlet.config.controllers.managedSeed.syncJitterPeriod }} - syncJitterPeriod: {{ .Values.global.gardenlet.config.controllers.managedSeed.syncJitterPeriod }} - {{- end }} - {{- if .Values.global.gardenlet.config.controllers.managedSeed.jitterUpdates }} - jitterUpdates: {{ .Values.global.gardenlet.config.controllers.managedSeed.jitterUpdates }} - {{- end }} - {{- end }} - shootMigration: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.shootMigration.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.shootMigration.concurrentSyncs }} - syncPeriod: {{ required ".Values.global.gardenlet.config.controllers.shootMigration.syncPeriod is required" .Values.global.gardenlet.config.controllers.shootMigration.syncPeriod }} - gracePeriod: {{ required ".Values.global.gardenlet.config.controllers.shootMigration.gracePeriod is required" .Values.global.gardenlet.config.controllers.shootMigration.gracePeriod }} - lastOperationStaleDuration: {{ required ".Values.global.gardenlet.config.controllers.shootMigration.lastOperationStaleDuration is required" .Values.global.gardenlet.config.controllers.shootMigration.lastOperationStaleDuration }} - backupEntryMigration: - concurrentSyncs: {{ required ".Values.global.gardenlet.config.controllers.backupEntryMigration.concurrentSyncs is required" .Values.global.gardenlet.config.controllers.backupEntryMigration.concurrentSyncs }} - syncPeriod: {{ required ".Values.global.gardenlet.config.controllers.backupEntryMigration.syncPeriod is required" .Values.global.gardenlet.config.controllers.backupEntryMigration.syncPeriod }} - gracePeriod: {{ required ".Values.global.gardenlet.config.controllers.backupEntryMigration.gracePeriod is required" .Values.global.gardenlet.config.controllers.backupEntryMigration.gracePeriod }} - lastOperationStaleDuration: {{ required ".Values.global.gardenlet.config.controllers.backupEntryMigration.lastOperationStaleDuration is required" .Values.global.gardenlet.config.controllers.backupEntryMigration.lastOperationStaleDuration }} - resources: - capacity: - shoots: {{ required ".Values.global.gardenlet.config.resources.capacity.shoots is required" .Values.global.gardenlet.config.resources.capacity.shoots }} - leaderElection: - leaderElect: {{ required ".Values.global.gardenlet.config.leaderElection.leaderElect is required" .Values.global.gardenlet.config.leaderElection.leaderElect }} - leaseDuration: {{ required ".Values.global.gardenlet.config.leaderElection.leaseDuration is required" .Values.global.gardenlet.config.leaderElection.leaseDuration }} - renewDeadline: {{ required ".Values.global.gardenlet.config.leaderElection.renewDeadline is required" .Values.global.gardenlet.config.leaderElection.renewDeadline }} - retryPeriod: {{ required ".Values.global.gardenlet.config.leaderElection.retryPeriod is required" .Values.global.gardenlet.config.leaderElection.retryPeriod }} - resourceLock: {{ required ".Values.global.gardenlet.config.leaderElection.resourceLock is required" .Values.global.gardenlet.config.leaderElection.resourceLock }} - {{- if .Values.global.gardenlet.config.leaderElection.resourceName }} - resourceName: {{ .Values.global.gardenlet.config.leaderElection.resourceName }} - {{- end }} - {{- if .Values.global.gardenlet.config.leaderElection.resourceNamespace }} - resourceNamespace: {{ .Values.global.gardenlet.config.leaderElection.resourceNamespace }} - {{- end }} - logLevel: {{ .Values.global.gardenlet.config.logLevel }} - logFormat: {{ .Values.global.gardenlet.config.logFormat }} - server: - healthProbes: - bindAddress: {{ required ".Values.global.gardenlet.config.server.healthProbes.bindAddress is required" .Values.global.gardenlet.config.server.healthProbes.bindAddress }} - port: {{ required ".Values.global.gardenlet.config.server.healthProbes.port is required" .Values.global.gardenlet.config.server.healthProbes.port }} - {{- if .Values.global.gardenlet.config.server.metrics }} - metrics: - bindAddress: {{ required ".Values.global.gardenlet.config.server.metrics.bindAddress is required" .Values.global.gardenlet.config.server.metrics.bindAddress }} - port: {{ required ".Values.global.gardenlet.config.server.metrics.port is required" .Values.global.gardenlet.config.server.metrics.port }} - {{- end }} - {{- if .Values.global.gardenlet.config.debugging }} - debugging: - enableProfiling: {{ .Values.global.gardenlet.config.debugging.enableProfiling | default false }} - enableContentionProfiling: {{ .Values.global.gardenlet.config.debugging.enableContentionProfiling | default false }} - {{- end }} - {{- if .Values.global.gardenlet.config.featureGates }} - featureGates: -{{ toYaml .Values.global.gardenlet.config.featureGates | indent 4 }} - {{- end }} - {{- if .Values.global.gardenlet.config.seedConfig }} - seedConfig: -{{ toYaml .Values.global.gardenlet.config.seedConfig | indent 4 }} - {{- end }} - {{- if .Values.global.gardenlet.config.logging }} - logging: -{{ toYaml .Values.global.gardenlet.config.logging | indent 4 }} - {{- end }} - {{- if .Values.global.gardenlet.config.monitoring }} - monitoring: -{{ toYaml .Values.global.gardenlet.config.monitoring | indent 4 }} - {{- end }} - {{- if .Values.global.gardenlet.config.sni }} - sni: -{{ toYaml .Values.global.gardenlet.config.sni | trim | indent 4 }} - {{- end }} - {{- if .Values.global.gardenlet.config.etcdConfig }} - etcdConfig: -{{ toYaml .Values.global.gardenlet.config.etcdConfig | indent 4}} - {{- end}} - {{- if .Values.global.gardenlet.config.exposureClassHandlers }} - exposureClassHandlers: -{{ toYaml .Values.global.gardenlet.config.exposureClassHandlers | indent 2 }} - {{- end }} -{{- end -}} - -{{- define "gardenlet.config.name" -}} -gardenlet-configmap-{{ include "gardenlet.config.data" . | sha256sum | trunc 8 }} -{{- end -}} - diff --git a/charts/gardenlet/charts/runtime/templates/secret-kubeconfig-garden-bootstrap.yaml b/charts/gardenlet/charts/runtime/templates/secret-kubeconfig-garden-bootstrap.yaml deleted file mode 100644 index 46990456..00000000 --- a/charts/gardenlet/charts/runtime/templates/secret-kubeconfig-garden-bootstrap.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if and .Values.global.gardenlet.enabled .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig }} -{{- if not .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.secretRef }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ required ".Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.name is required" .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.name }} - namespace: {{ required ".Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.namespace is required" .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.namespace }} - labels: - app: gardener - role: gardenlet - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -type: Opaque -data: - kubeconfig: {{ required ".Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.kubeconfig is required" .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.kubeconfig | b64enc }} -{{- end }} -{{- end }} diff --git a/charts/gardenlet/charts/runtime/values.yaml b/charts/gardenlet/charts/runtime/values.yaml deleted file mode 100644 index 434bace3..00000000 --- a/charts/gardenlet/charts/runtime/values.yaml +++ /dev/null @@ -1,216 +0,0 @@ -global: - # Gardenlet configuration values - gardenlet: - enabled: true - replicaCount: 1 - revisionHistoryLimit: 10 - serviceAccountName: gardenlet - invalidateServiceAccountToken: true - image: - repository: eu.gcr.io/gardener-project/gardener/gardenlet - tag: v1.57.1 - pullPolicy: IfNotPresent - resources: - requests: - cpu: 100m - memory: 100Mi - # podAnnotations: # YAML formated annotations used for pod template - # podLabels: # YAML formated labels used for pod template - additionalVolumes: [] - additionalVolumeMounts: [] - env: [] - vpa: false - # imageVectorOverwrite: | - # Please find documentation in docs/deployment/image_vector.md - # componentImageVectorOverwrites: | - # Please find documentation in docs/deployment/image_vector.md - config: - gardenClientConnection: - # acceptContentTypes: application/json - # contentType: application/json - qps: 100 - burst: 130 - # gardenClusterAddress: https://some-external-ip-address-to-garden-cluster - # gardenClusterCACert: - # bootstrapKubeconfig: # bootstrapKubeconfig contains the kubeconfig that is used to initiate the bootstrap process, i.e., - # that is used to request a client certificate for the garden cluster. - # If the kubeconfig is provided inline, the name and namespace fields - # are a reference to a secret that will store this bootstrap kubeconfig. If `kubeconfig` is given - # then only this kubeconfig will be considered. - # If you already have a boostrap kubeconfig you can reference it with - # secretRef.name and secretRef.namespace. - # name: gardenlet-kubeconfig-bootstrap - # namespace: garden - # secretRef: - # name: secretName - # namespace: secretNamespace - # kubeconfig: | - # some-kubeconfig-for-bootstrapping - # kubeconfigSecret: # kubeconfigSecret is the reference to a secret object that stores the gardenlet's kubeconfig that - # is used to communicate with the garden cluster. This kubeconfig is derived out of the bootstrap - # process. If `kubeconfig` is given then only this kubeconfig will be considered. - # name: gardenlet-kubeconfig - # namespace: garden - # kubeconfigValidity: - # validity: 24h - # autoRotationJitterPercentageMin: 70 - # autoRotationJitterPercentageMax: 90 - # kubeconfig: | - # Specify a kubeconfig here if you don't want the Gardenlet to use TLS bootstrapping (if you provide - # `bootstrapKubeconfig` and `kubeconfigSecret` then it will try to create a CertificateSigningRequest - # and to procure a client certificate. - seedClientConnection: - # acceptContentTypes: application/json - # contentType: application/json - qps: 100 - burst: 130 - # kubeconfig: | - # Specify a kubeconfig for the seed cluster here if you don't want to use the Gardenlet's service account. - shootClientConnection: - # acceptContentTypes: application/json - # contentType: application/json - qps: 25 - burst: 50 - controllers: - backupBucket: - concurrentSyncs: 20 - backupEntry: - concurrentSyncs: 20 - bastion: - concurrentSyncs: 20 - # deletionGracePeriodHours: 24 - # deletionGracePeriodShootPurposes: - # - production - seed: - concurrentSyncs: 5 - syncPeriod: 1h - # leaseResyncSeconds: 2 - # leaseResyncMissThreshold: 10 - shoot: - concurrentSyncs: 20 - syncPeriod: 1h - retryDuration: 12h - respectSyncPeriodOverwrite: false - reconcileInMaintenanceOnly: false - # progressReportPeriod: 5s - # dnsEntryTTLSeconds: 120 - shootCare: - concurrentSyncs: 5 - syncPeriod: 30s - staleExtensionHealthChecks: - enabled: true - # threshold: 5m - conditionThresholds: - - type: APIServerAvailable - duration: 1m - - type: ControlPlaneHealthy - duration: 1m - - type: SystemComponentsHealthy - duration: 1m - - type: EveryNodeReady - duration: 5m - webhookRemediatorEnabled: false - seedCare: - syncPeriod: 30s - conditionThresholds: - - type: SeedSystemComponentsHealthy - duration: 1m - shootSecret: - concurrentSyncs: 5 - shootStateSync: - concurrentSyncs: 5 - syncPeriod: 30s - managedSeed: - concurrentSyncs: 5 - syncPeriod: 1h - waitSyncPeriod: 15s - syncJitterPeriod: 5m - jitterUpdates: false - shootMigration: - concurrentSyncs: 5 - syncPeriod: 1m - gracePeriod: 2h - lastOperationStaleDuration: 10m - backupEntryMigration: - concurrentSyncs: 5 - syncPeriod: 1m - gracePeriod: 10m - lastOperationStaleDuration: 2m - resources: - capacity: - shoots: 250 - leaderElection: - leaderElect: true - leaseDuration: 15s - renewDeadline: 10s - retryPeriod: 2s - resourceLock: leases - # resourceName: gardenlet-leader-election - # resourceNamespace: garden - logLevel: info - logFormat: json - server: - healthProbes: - bindAddress: 0.0.0.0 - port: 2728 - metrics: - bindAddress: 0.0.0.0 - port: 2729 - debugging: - enableProfiling: false - enableContentionProfiling: false - featureGates: {} - # sni: # SNI configuration used for APIServerSNI and ManagedIstio feature gates. - # ingress: - # serviceName: istio-ingress - # namespace: istio-ingress - # labels: - # istio: ingressgateway - # exposureClassHandlers: - # - name: handler-1 - # loadBalancerService: - # annotations: - # test: handler-1 - # - name: handler-2 - # loadBalancerService: - # annotations: - # test: handler-2 - # sni: - # ingress: - # serviceName: istio-ingress - # namespace: istio-ingress-handler-2 - # labels: - # istio: ingressgateway-handler-2 - # etcdConfig: - # etcdController: - # workers: 3 - # custodianController: - # workers: 3 - # backupCompactionController: - # workers: 3 - # enableBackupCompaction: false - # eventsThreshold: 1000000 - # activeDeadlineDuration: "3h" - # backupLeaderElection: - # reelectionPeriod: 5s - # etcdConnectionTimeout: 5s - # seedConfig: {} - # logging: - # enabled: false - # fluentBit: - # output: |- - # [Output] - # ... - # monitoring: - # shoot: - # remoteWrite: - # url: https://remoteWriteUrl # remote write URL - # keep: # metrics that should be forwarded to the external write endpoint. If empty all metrics get forwarded - # - kube_pod_container_info - # queueConfig: | # queue_config of prometheus remote write as multiline string - # max_shards: 100 - # batch_send_deadline: 20s - # min_backoff: 500ms - # max_backoff: 60s - # externalLabels: # add additional labels to metrics to identify it on the central instance - # additional: label diff --git a/charts/gardenlet/charts/utils-templates/Chart.yaml b/charts/gardenlet/charts/utils-templates/Chart.yaml index 97915f60..e8807ddc 100644 --- a/charts/gardenlet/charts/utils-templates/Chart.yaml +++ b/charts/gardenlet/charts/utils-templates/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Util chart for various templates. name: utils-templates -version: 1.57.1 +version: 1.59.1 diff --git a/charts/gardenlet/templates/_feature-gates.tpl b/charts/gardenlet/templates/_feature-gates.tpl new file mode 100644 index 00000000..4ddd3296 --- /dev/null +++ b/charts/gardenlet/templates/_feature-gates.tpl @@ -0,0 +1,23 @@ +{{- define "gardenlet.apiserver-sni-enabled" -}} +{{- if .Values.config.featureGates -}} +{{- if hasKey .Values.config.featureGates "APIServerSNI" -}} +{{- .Values.config.featureGates.APIServerSNI -}} +{{- else -}} +true +{{- end -}} +{{- else -}} +true +{{- end -}} +{{- end -}} + +{{- define "gardenlet.managed-istio-enabled" -}} +{{- if .Values.config.featureGates -}} +{{- if hasKey .Values.config.featureGates "ManagedIstio" -}} +{{- .Values.config.featureGates.ManagedIstio -}} +{{- else -}} +true +{{- end -}} +{{- else -}} +true +{{- end -}} +{{- end -}} diff --git a/charts/gardenlet/templates/_helpers.tpl b/charts/gardenlet/templates/_helpers.tpl new file mode 100644 index 00000000..05908e58 --- /dev/null +++ b/charts/gardenlet/templates/_helpers.tpl @@ -0,0 +1,297 @@ +{{- define "gardenlet.kubeconfig-garden.data" -}} +kubeconfig: {{ .Values.config.gardenClientConnection.kubeconfig | b64enc }} +{{- end -}} + +{{- define "gardenlet.kubeconfig-garden.name" -}} +gardenlet-kubeconfig-garden-{{ include "gardenlet.kubeconfig-garden.data" . | sha256sum | trunc 8 }} +{{- end -}} + +{{- define "gardenlet.kubeconfig-seed.data" -}} +kubeconfig: {{ .Values.config.seedClientConnection.kubeconfig | b64enc }} +{{- end -}} + +{{- define "gardenlet.kubeconfig-seed.name" -}} +gardenlet-kubeconfig-seed-{{ include "gardenlet.kubeconfig-seed.data" . | sha256sum | trunc 8 }} +{{- end -}} + +{{- define "gardenlet.imagevector-overwrite.data" -}} +images_overwrite.yaml: | +{{ .Values.imageVectorOverwrite | indent 2 }} +{{- end -}} + +{{- define "gardenlet.imagevector-overwrite.name" -}} +gardenlet-imagevector-overwrite-{{ include "gardenlet.imagevector-overwrite.data" . | sha256sum | trunc 8 }} +{{- end -}} + +{{- define "gardenlet.imagevector-overwrite-components.data" -}} +components.yaml: | +{{ .Values.componentImageVectorOverwrites | indent 2 }} +{{- end -}} + +{{- define "gardenlet.imagevector-overwrite-components.name" -}} +gardenlet-imagevector-overwrite-components-{{ include "gardenlet.imagevector-overwrite-components.data" . | sha256sum | trunc 8 }} +{{- end -}} + +{{- define "gardenlet.cert.name" -}} +gardenlet-cert-{{ include "gardenlet.cert.data" . | sha256sum | trunc 8 }} +{{- end -}} + +{{- define "gardenlet.deployment.topologySpreadConstraints" -}} +{{- if gt (int .Values.replicaCount) 1 -}} +topologySpreadConstraints: +{{- if or (eq .Values.failureToleranceType "node") (eq .Values.failureToleranceType "zone") }} +- maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: +{{ include "gardenlet.deployment.matchLabels" . | indent 6 }} +{{- if eq .Values.failureToleranceType "zone" }} +- maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: +{{ include "gardenlet.deployment.matchLabels" . | indent 6 }} +{{- end }} +{{- else }} +- maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + labelSelector: + matchLabels: +{{ include "gardenlet.deployment.matchLabels" . | indent 6 }} +{{- end }} +{{- end }} +{{- end -}} + +{{- define "gardenlet.config.data" -}} +config.yaml: | + --- + apiVersion: gardenlet.config.gardener.cloud/v1alpha1 + kind: GardenletConfiguration + gardenClientConnection: + {{- with .Values.config.gardenClientConnection.acceptContentTypes }} + acceptContentTypes: {{ . | quote }} + {{- end }} + {{- with .Values.config.gardenClientConnection.contentType }} + contentType: {{ . | quote }} + {{- end }} + qps: {{ required ".Values.config.gardenClientConnection.qps is required" .Values.config.gardenClientConnection.qps }} + burst: {{ required ".Values.config.gardenClientConnection.burst is required" .Values.config.gardenClientConnection.burst }} + {{- if .Values.config.gardenClientConnection.gardenClusterAddress }} + gardenClusterAddress: {{ .Values.config.gardenClientConnection.gardenClusterAddress }} + {{- end }} + {{- if .Values.config.gardenClientConnection.gardenClusterCACert }} + gardenClusterCACert: {{ .Values.config.gardenClientConnection.gardenClusterCACert }} + {{- end }} + {{- if .Values.config.gardenClientConnection.bootstrapKubeconfig }} + bootstrapKubeconfig: + {{- if .Values.config.gardenClientConnection.bootstrapKubeconfig.secretRef }} + name: {{ required ".Values.config.gardenClientConnection.bootstrapKubeconfig.secretRef.name is required" .Values.config.gardenClientConnection.bootstrapKubeconfig.secretRef.name }} + namespace: {{ required ".Values.config.gardenClientConnection.bootstrapKubeconfig.secretRef.namespace is required" .Values.config.gardenClientConnection.bootstrapKubeconfig.secretRef.namespace }} + {{- else }} + name: {{ required ".Values.config.gardenClientConnection.bootstrapKubeconfig.name is required" .Values.config.gardenClientConnection.bootstrapKubeconfig.name }} + namespace: {{ required ".Values.config.gardenClientConnection.bootstrapKubeconfig.namespace is required" .Values.config.gardenClientConnection.bootstrapKubeconfig.namespace }} + {{- end }} + {{- end }} + {{- if .Values.config.gardenClientConnection.kubeconfigSecret }} + kubeconfigSecret: + name: {{ required ".Values.config.gardenClientConnection.kubeconfigSecret.name is required" .Values.config.gardenClientConnection.kubeconfigSecret.name }} + namespace: {{ required ".Values.config.gardenClientConnection.kubeconfigSecret.namespace is required" .Values.config.gardenClientConnection.kubeconfigSecret.namespace }} + {{- end }} +{{- if .Values.config.gardenClientConnection.kubeconfigValidity }} + kubeconfigValidity: +{{ toYaml .Values.config.gardenClientConnection.kubeconfigValidity | indent 6 }} + {{- end }} + {{- if .Values.config.gardenClientConnection.kubeconfig }} + kubeconfig: /etc/gardenlet/kubeconfig-garden/kubeconfig + {{- end }} + seedClientConnection: + {{- with .Values.config.seedClientConnection.acceptContentTypes }} + acceptContentTypes: {{ . | quote }} + {{- end }} + {{- with .Values.config.seedClientConnection.contentType }} + contentType: {{ . | quote }} + {{- end }} + qps: {{ required ".Values.config.seedClientConnection.qps is required" .Values.config.seedClientConnection.qps }} + burst: {{ required ".Values.config.seedClientConnection.burst is required" .Values.config.seedClientConnection.burst }} + {{- if .Values.config.seedClientConnection.kubeconfig }} + kubeconfig: /etc/gardenlet/kubeconfig-seed/kubeconfig + {{- end }} + shootClientConnection: + {{- with .Values.config.shootClientConnection.acceptContentTypes }} + acceptContentTypes: {{ . | quote }} + {{- end }} + {{- with .Values.config.shootClientConnection.contentType }} + contentType: {{ . | quote }} + {{- end }} + qps: {{ required ".Values.config.shootClientConnection.qps is required" .Values.config.shootClientConnection.qps }} + burst: {{ required ".Values.config.shootClientConnection.burst is required" .Values.config.shootClientConnection.burst }} + controllers: + backupBucket: + concurrentSyncs: {{ required ".Values.config.controllers.backupBucket.concurrentSyncs is required" .Values.config.controllers.backupBucket.concurrentSyncs }} + backupEntry: + concurrentSyncs: {{ required ".Values.config.controllers.backupEntry.concurrentSyncs is required" .Values.config.controllers.backupEntry.concurrentSyncs }} + {{- if .Values.config.controllers.backupEntry.deletionGracePeriodHours }} + deletionGracePeriodHours: {{ .Values.config.controllers.backupEntry.deletionGracePeriodHours }} + {{- end }} + {{- if .Values.config.controllers.backupEntry.deletionGracePeriodShootPurposes }} + deletionGracePeriodShootPurposes: +{{ toYaml .Values.config.controllers.backupEntry.deletionGracePeriodShootPurposes | indent 6 }} + {{- end }} + bastion: + concurrentSyncs: {{ required ".Values.config.controllers.bastion.concurrentSyncs is required" .Values.config.controllers.bastion.concurrentSyncs }} + {{- if .Values.config.controllers.controllerInstallation }} + controllerInstallation: + concurrentSyncs: {{ required ".Values.config.controllers.controllerInstallation.concurrentSyncs is required" .Values.config.controllers.controllerInstallation.concurrentSyncs }} + {{- end }} + {{- if .Values.config.controllers.controllerInstallationCare }} + controllerInstallationCare: + concurrentSyncs: {{ required ".Values.config.controllers.controllerInstallationCare.concurrentSyncs is required" .Values.config.controllers.controllerInstallationCare.concurrentSyncs }} + syncPeriod: {{ required ".Values.config.controllers.controllerInstallationCare.syncPeriod is required" .Values.config.controllers.controllerInstallationCare.syncPeriod }} + {{- end }} + {{- if .Values.config.controllers.controllerInstallationRequired }} + controllerInstallationRequired: + concurrentSyncs: {{ required ".Values.config.controllers.controllerInstallationRequired.concurrentSyncs is required" .Values.config.controllers.controllerInstallationRequired.concurrentSyncs }} + {{- end }} + {{- if .Values.config.controllers.seed }} + seed: + syncPeriod: {{ required ".Values.config.controllers.seed.syncPeriod is required" .Values.config.controllers.seed.syncPeriod }} + {{- if .Values.config.controllers.seed.leaseResyncSeconds }} + leaseResyncSeconds: {{ .Values.config.controllers.seed.leaseResyncSeconds }} + {{- end }} + {{- if .Values.config.controllers.seed.leaseResyncMissThreshold }} + leaseResyncMissThreshold: {{ .Values.config.controllers.seed.leaseResyncMissThreshold }} + {{- end }} + {{- end }} + shoot: + concurrentSyncs: {{ required ".Values.config.controllers.shoot.concurrentSyncs is required" .Values.config.controllers.shoot.concurrentSyncs }} + {{- if .Values.config.controllers.shoot.progressReportPeriod }} + progressReportPeriod: {{ .Values.config.controllers.shoot.progressReportPeriod }} + {{- end }} + {{- if .Values.config.controllers.shoot.respectSyncPeriodOverwrite }} + respectSyncPeriodOverwrite: {{ .Values.config.controllers.shoot.respectSyncPeriodOverwrite }} + {{- end }} + {{- if .Values.config.controllers.shoot.reconcileInMaintenanceOnly }} + reconcileInMaintenanceOnly: {{ .Values.config.controllers.shoot.reconcileInMaintenanceOnly }} + {{- end }} + syncPeriod: {{ required ".Values.config.controllers.shoot.syncPeriod is required" .Values.config.controllers.shoot.syncPeriod }} + retryDuration: {{ required ".Values.config.controllers.shoot.retryDuration is required" .Values.config.controllers.shoot.retryDuration }} + {{- if .Values.config.controllers.shoot.dnsEntryTTLSeconds }} + dnsEntryTTLSeconds: {{ .Values.config.controllers.shoot.dnsEntryTTLSeconds }} + {{- end }} + shootCare: + concurrentSyncs: {{ required ".Values.config.controllers.shootCare.concurrentSyncs is required" .Values.config.controllers.shootCare.concurrentSyncs }} + syncPeriod: {{ required ".Values.config.controllers.shootCare.syncPeriod is required" .Values.config.controllers.shootCare.syncPeriod }} + {{- if .Values.config.controllers.shootCare.staleExtensionHealthChecks }} + staleExtensionHealthChecks: + enabled: {{ required ".Values.config.controllers.shootCare.staleExtensionHealthChecks.enabled is required" .Values.config.controllers.shootCare.staleExtensionHealthChecks.enabled }} + {{- if .Values.config.controllers.shootCare.staleExtensionHealthChecks.threshold }} + threshold: {{ .Values.config.controllers.shootCare.staleExtensionHealthChecks.threshold }} + {{- end }} + {{- end }} + conditionThresholds: + {{- if .Values.config.controllers.shootCare.conditionThresholds }} +{{ toYaml .Values.config.controllers.shootCare.conditionThresholds | indent 6 }} + {{- end }} + webhookRemediatorEnabled: {{ required ".Values.config.controllers.shootCare.webhookRemediatorEnabled is required" .Values.config.controllers.shootCare.webhookRemediatorEnabled }} + seedCare: + syncPeriod: {{ required ".Values.config.controllers.seedCare.syncPeriod is required" .Values.config.controllers.seedCare.syncPeriod }} + conditionThresholds: + {{- if .Values.config.controllers.seedCare.conditionThresholds }} +{{ toYaml .Values.config.controllers.seedCare.conditionThresholds | indent 6 }} + {{- end }} + {{- if .Values.config.controllers.shootSecret }} + shootSecret: + concurrentSyncs: {{ required ".Values.config.controllers.shootSecret.concurrentSyncs is required" .Values.config.controllers.shootSecret.concurrentSyncs }} + {{- end }} + shootStateSync: + concurrentSyncs: {{ required ".Values.config.controllers.shootStateSync.concurrentSyncs is required" .Values.config.controllers.shootStateSync.concurrentSyncs }} + {{- if .Values.config.controllers.managedSeed }} + managedSeed: + concurrentSyncs: {{ required ".Values.config.controllers.managedSeed.concurrentSyncs is required" .Values.config.controllers.managedSeed.concurrentSyncs }} + syncPeriod: {{ required ".Values.config.controllers.managedSeed.syncPeriod is required" .Values.config.controllers.managedSeed.syncPeriod }} + waitSyncPeriod: {{ required ".Values.config.controllers.managedSeed.waitSyncPeriod is required" .Values.config.controllers.managedSeed.waitSyncPeriod }} + {{- if .Values.config.controllers.managedSeed.syncJitterPeriod }} + syncJitterPeriod: {{ .Values.config.controllers.managedSeed.syncJitterPeriod }} + {{- end }} + {{- if .Values.config.controllers.managedSeed.jitterUpdates }} + jitterUpdates: {{ .Values.config.controllers.managedSeed.jitterUpdates }} + {{- end }} + {{- end }} + shootMigration: + concurrentSyncs: {{ required ".Values.config.controllers.shootMigration.concurrentSyncs is required" .Values.config.controllers.shootMigration.concurrentSyncs }} + syncPeriod: {{ required ".Values.config.controllers.shootMigration.syncPeriod is required" .Values.config.controllers.shootMigration.syncPeriod }} + gracePeriod: {{ required ".Values.config.controllers.shootMigration.gracePeriod is required" .Values.config.controllers.shootMigration.gracePeriod }} + lastOperationStaleDuration: {{ required ".Values.config.controllers.shootMigration.lastOperationStaleDuration is required" .Values.config.controllers.shootMigration.lastOperationStaleDuration }} + backupEntryMigration: + concurrentSyncs: {{ required ".Values.config.controllers.backupEntryMigration.concurrentSyncs is required" .Values.config.controllers.backupEntryMigration.concurrentSyncs }} + syncPeriod: {{ required ".Values.config.controllers.backupEntryMigration.syncPeriod is required" .Values.config.controllers.backupEntryMigration.syncPeriod }} + gracePeriod: {{ required ".Values.config.controllers.backupEntryMigration.gracePeriod is required" .Values.config.controllers.backupEntryMigration.gracePeriod }} + lastOperationStaleDuration: {{ required ".Values.config.controllers.backupEntryMigration.lastOperationStaleDuration is required" .Values.config.controllers.backupEntryMigration.lastOperationStaleDuration }} + resources: + capacity: + shoots: {{ required ".Values.config.resources.capacity.shoots is required" .Values.config.resources.capacity.shoots }} + leaderElection: + leaderElect: {{ required ".Values.config.leaderElection.leaderElect is required" .Values.config.leaderElection.leaderElect }} + leaseDuration: {{ required ".Values.config.leaderElection.leaseDuration is required" .Values.config.leaderElection.leaseDuration }} + renewDeadline: {{ required ".Values.config.leaderElection.renewDeadline is required" .Values.config.leaderElection.renewDeadline }} + retryPeriod: {{ required ".Values.config.leaderElection.retryPeriod is required" .Values.config.leaderElection.retryPeriod }} + resourceLock: {{ required ".Values.config.leaderElection.resourceLock is required" .Values.config.leaderElection.resourceLock }} + {{- if .Values.config.leaderElection.resourceName }} + resourceName: {{ .Values.config.leaderElection.resourceName }} + {{- end }} + {{- if .Values.config.leaderElection.resourceNamespace }} + resourceNamespace: {{ .Values.config.leaderElection.resourceNamespace }} + {{- end }} + logLevel: {{ .Values.config.logLevel }} + logFormat: {{ .Values.config.logFormat }} + server: + healthProbes: + bindAddress: {{ required ".Values.config.server.healthProbes.bindAddress is required" .Values.config.server.healthProbes.bindAddress }} + port: {{ required ".Values.config.server.healthProbes.port is required" .Values.config.server.healthProbes.port }} + {{- if .Values.config.server.metrics }} + metrics: + bindAddress: {{ required ".Values.config.server.metrics.bindAddress is required" .Values.config.server.metrics.bindAddress }} + port: {{ required ".Values.config.server.metrics.port is required" .Values.config.server.metrics.port }} + {{- end }} + {{- if .Values.config.debugging }} + debugging: + enableProfiling: {{ .Values.config.debugging.enableProfiling | default false }} + enableContentionProfiling: {{ .Values.config.debugging.enableContentionProfiling | default false }} + {{- end }} + {{- if .Values.config.featureGates }} + featureGates: +{{ toYaml .Values.config.featureGates | indent 4 }} + {{- end }} + {{- if .Values.config.seedConfig }} + seedConfig: +{{ toYaml .Values.config.seedConfig | indent 4 }} + {{- end }} + {{- if .Values.config.logging }} + logging: +{{ toYaml .Values.config.logging | indent 4 }} + {{- end }} + {{- if .Values.config.monitoring }} + monitoring: +{{ toYaml .Values.config.monitoring | indent 4 }} + {{- end }} + {{- if .Values.config.sni }} + sni: +{{ toYaml .Values.config.sni | trim | indent 4 }} + {{- end }} + {{- if .Values.config.etcdConfig }} + etcdConfig: +{{ toYaml .Values.config.etcdConfig | indent 4}} + {{- end}} + {{- if .Values.config.exposureClassHandlers }} + exposureClassHandlers: +{{ toYaml .Values.config.exposureClassHandlers | indent 2 }} + {{- end }} +{{- end -}} + +{{- define "gardenlet.config.name" -}} +gardenlet-configmap-{{ include "gardenlet.config.data" . | sha256sum | trunc 8 }} +{{- end -}} + diff --git a/charts/gardenlet/charts/runtime/templates/clusterrole-apiserver-sni.yaml b/charts/gardenlet/templates/clusterrole-apiserver-sni.yaml similarity index 92% rename from charts/gardenlet/charts/runtime/templates/clusterrole-apiserver-sni.yaml rename to charts/gardenlet/templates/clusterrole-apiserver-sni.yaml index d3bcab3d..7ca14deb 100644 --- a/charts/gardenlet/charts/runtime/templates/clusterrole-apiserver-sni.yaml +++ b/charts/gardenlet/templates/clusterrole-apiserver-sni.yaml @@ -1,6 +1,5 @@ -{{- if .Values.global.gardenlet.enabled }} --- -apiVersion: {{ include "rbacversion" . }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: gardener.cloud:system:gardenlet:apiserver-sni @@ -62,4 +61,3 @@ rules: verbs: - delete {{- end }} -{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/clusterrole-gardenlet.yaml b/charts/gardenlet/templates/clusterrole-gardenlet.yaml similarity index 97% rename from charts/gardenlet/charts/runtime/templates/clusterrole-gardenlet.yaml rename to charts/gardenlet/templates/clusterrole-gardenlet.yaml index 1b0e3bb7..ca42f295 100644 --- a/charts/gardenlet/charts/runtime/templates/clusterrole-gardenlet.yaml +++ b/charts/gardenlet/templates/clusterrole-gardenlet.yaml @@ -1,8 +1,7 @@ -{{- if .Values.global.gardenlet.enabled }} # ClusterRole defines the required permissions for the gardenlet in the seed. # For now, we provide escalation privileges required by gardener-resource-manager. --- -apiVersion: {{ include "rbacversion" . }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: gardener.cloud:system:gardenlet @@ -357,6 +356,8 @@ rules: - leases verbs: - create + - list + - watch - apiGroups: - coordination.k8s.io resources: @@ -365,8 +366,15 @@ rules: - gardenlet-leader-election verbs: - get - - watch - update +- apiGroups: + - coordination.k8s.io + resources: + - leases + resourceNames: + - gardener-extension-heartbeat + verbs: + - get # Istio related rules that are required even when ManagedIstio and APIServerSNI feature gates are not enabled due to clean up logic. - apiGroups: - networking.istio.io @@ -385,4 +393,3 @@ rules: - envoyfilters verbs: - delete -{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/clusterrole-managed-istio.yaml b/charts/gardenlet/templates/clusterrole-managed-istio.yaml similarity index 91% rename from charts/gardenlet/charts/runtime/templates/clusterrole-managed-istio.yaml rename to charts/gardenlet/templates/clusterrole-managed-istio.yaml index 50b0d50c..c4860b19 100644 --- a/charts/gardenlet/charts/runtime/templates/clusterrole-managed-istio.yaml +++ b/charts/gardenlet/templates/clusterrole-managed-istio.yaml @@ -1,6 +1,5 @@ -{{- if .Values.global.gardenlet.enabled }} --- -apiVersion: {{ include "rbacversion" . }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: gardener.cloud:system:gardenlet:managed-istio @@ -55,4 +54,3 @@ rules: - patch - update {{- end }} -{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/clusterrolebinding-apiserver-sni.yaml b/charts/gardenlet/templates/clusterrolebinding-apiserver-sni.yaml similarity index 66% rename from charts/gardenlet/charts/runtime/templates/clusterrolebinding-apiserver-sni.yaml rename to charts/gardenlet/templates/clusterrolebinding-apiserver-sni.yaml index 5ed1f97e..38016677 100644 --- a/charts/gardenlet/charts/runtime/templates/clusterrolebinding-apiserver-sni.yaml +++ b/charts/gardenlet/templates/clusterrolebinding-apiserver-sni.yaml @@ -1,6 +1,5 @@ -{{- if .Values.global.gardenlet.enabled }} --- -apiVersion: {{ include "rbacversion" . }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: gardener.cloud:system:gardenlet:apiserver-sni @@ -16,6 +15,5 @@ roleRef: name: gardener.cloud:system:gardenlet:apiserver-sni subjects: - kind: ServiceAccount - name: "{{ required ".Values.global.gardenlet.serviceAccountName is required" .Values.global.gardenlet.serviceAccountName }}" + name: "{{ required ".Values.serviceAccountName is required" .Values.serviceAccountName }}" namespace: garden -{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/clusterrolebinding-gardenlet.yaml b/charts/gardenlet/templates/clusterrolebinding-gardenlet.yaml similarity index 64% rename from charts/gardenlet/charts/runtime/templates/clusterrolebinding-gardenlet.yaml rename to charts/gardenlet/templates/clusterrolebinding-gardenlet.yaml index 51b2d3ec..7710ce22 100644 --- a/charts/gardenlet/charts/runtime/templates/clusterrolebinding-gardenlet.yaml +++ b/charts/gardenlet/templates/clusterrolebinding-gardenlet.yaml @@ -1,6 +1,5 @@ -{{- if .Values.global.gardenlet.enabled }} --- -apiVersion: {{ include "rbacversion" . }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: gardener.cloud:system:gardenlet @@ -16,6 +15,5 @@ roleRef: name: gardener.cloud:system:gardenlet subjects: - kind: ServiceAccount - name: "{{ required ".Values.global.gardenlet.serviceAccountName is required" .Values.global.gardenlet.serviceAccountName }}" + name: "{{ required ".Values.serviceAccountName is required" .Values.serviceAccountName }}" namespace: garden -{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/clusterrolebinding-managed-istio.yaml b/charts/gardenlet/templates/clusterrolebinding-managed-istio.yaml similarity index 75% rename from charts/gardenlet/charts/runtime/templates/clusterrolebinding-managed-istio.yaml rename to charts/gardenlet/templates/clusterrolebinding-managed-istio.yaml index 874fd368..19804747 100644 --- a/charts/gardenlet/charts/runtime/templates/clusterrolebinding-managed-istio.yaml +++ b/charts/gardenlet/templates/clusterrolebinding-managed-istio.yaml @@ -1,9 +1,8 @@ -{{- if .Values.global.gardenlet.enabled }} # ManagedIstio feature gate related ClusterRoleBinding. # It is nice to have the binding even when the feature gate is disabled. # In this case the clusterrole is having no rules and the gardenlet is granted with no permissions. --- -apiVersion: {{ include "rbacversion" . }} +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: gardener.cloud:system:gardenlet:managed-istio @@ -19,6 +18,5 @@ roleRef: name: gardener.cloud:system:gardenlet:managed-istio subjects: - kind: ServiceAccount - name: "{{ required ".Values.global.gardenlet.serviceAccountName is required" .Values.global.gardenlet.serviceAccountName }}" + name: "{{ required ".Values.serviceAccountName is required" .Values.serviceAccountName }}" namespace: garden -{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/configmap-componentconfig.yaml b/charts/gardenlet/templates/configmap-componentconfig.yaml similarity index 88% rename from charts/gardenlet/charts/runtime/templates/configmap-componentconfig.yaml rename to charts/gardenlet/templates/configmap-componentconfig.yaml index eef275dc..25e16d76 100644 --- a/charts/gardenlet/charts/runtime/templates/configmap-componentconfig.yaml +++ b/charts/gardenlet/templates/configmap-componentconfig.yaml @@ -1,4 +1,3 @@ -{{- if .Values.global.gardenlet.enabled }} apiVersion: v1 kind: ConfigMap metadata: @@ -14,4 +13,3 @@ metadata: immutable: true data: {{ include "gardenlet.config.data" . | indent 2 }} -{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/configmap-imagevector-overwrite-components.yaml b/charts/gardenlet/templates/configmap-imagevector-overwrite-components.yaml similarity index 82% rename from charts/gardenlet/charts/runtime/templates/configmap-imagevector-overwrite-components.yaml rename to charts/gardenlet/templates/configmap-imagevector-overwrite-components.yaml index 07263de8..83658dba 100644 --- a/charts/gardenlet/charts/runtime/templates/configmap-imagevector-overwrite-components.yaml +++ b/charts/gardenlet/templates/configmap-imagevector-overwrite-components.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.global.gardenlet.enabled .Values.global.gardenlet.componentImageVectorOverwrites }} +{{- if .Values.componentImageVectorOverwrites }} apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/gardenlet/charts/runtime/templates/configmap-imagevector-overwrite.yaml b/charts/gardenlet/templates/configmap-imagevector-overwrite.yaml similarity index 83% rename from charts/gardenlet/charts/runtime/templates/configmap-imagevector-overwrite.yaml rename to charts/gardenlet/templates/configmap-imagevector-overwrite.yaml index e1accfe0..81b1c21a 100644 --- a/charts/gardenlet/charts/runtime/templates/configmap-imagevector-overwrite.yaml +++ b/charts/gardenlet/templates/configmap-imagevector-overwrite.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.global.gardenlet.enabled .Values.global.gardenlet.imageVectorOverwrite }} +{{- if .Values.imageVectorOverwrite }} apiVersion: v1 kind: ConfigMap metadata: diff --git a/charts/gardenlet/charts/runtime/templates/deployment.yaml b/charts/gardenlet/templates/deployment.yaml similarity index 54% rename from charts/gardenlet/charts/runtime/templates/deployment.yaml rename to charts/gardenlet/templates/deployment.yaml index 7a470380..fef43a43 100644 --- a/charts/gardenlet/charts/runtime/templates/deployment.yaml +++ b/charts/gardenlet/templates/deployment.yaml @@ -1,104 +1,96 @@ {{- define "gardenlet.deployment.annotations" -}} reference.resources.gardener.cloud/configmap-{{ include "gardenlet.config.name" . | sha256sum | trunc 8 }}: {{ include "gardenlet.config.name" . }} -{{- if .Values.global.gardenlet.imageVectorOverwrite }} +{{- if .Values.imageVectorOverwrite }} reference.resources.gardener.cloud/configmap-{{ include "gardenlet.imagevector-overwrite.name" . | sha256sum | trunc 8 }}: {{ include "gardenlet.imagevector-overwrite.name" . }} {{- end }} -{{- if .Values.global.gardenlet.componentImageVectorOverwrites }} +{{- if .Values.componentImageVectorOverwrites }} reference.resources.gardener.cloud/configmap-{{ include "gardenlet.imagevector-overwrite-components.name" . | sha256sum | trunc 8 }}: {{ include "gardenlet.imagevector-overwrite-components.name" . }} {{- end }} -{{- if .Values.global.gardenlet.config.gardenClientConnection.kubeconfig }} +{{- if .Values.config.gardenClientConnection.kubeconfig }} reference.resources.gardener.cloud/secret-{{ include "gardenlet.kubeconfig-garden.name" . | sha256sum | trunc 8 }}: {{ include "gardenlet.kubeconfig-garden.name" . }} {{- end }} -{{- if .Values.global.gardenlet.config.seedClientConnection.kubeconfig }} +{{- if .Values.config.seedClientConnection.kubeconfig }} reference.resources.gardener.cloud/secret-{{ include "gardenlet.kubeconfig-seed.name" . | sha256sum | trunc 8 }}: {{ include "gardenlet.kubeconfig-seed.name" . }} {{- end }} {{- end -}} -{{- if .Values.global.gardenlet.enabled }} + +{{- define "gardenlet.deployment.matchLabels" -}} +app: gardener +role: gardenlet +{{- end -}} + +{{- define "gardenlet.deployment.labels" -}} +{{- include "gardenlet.deployment.matchLabels" . }} +chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" +release: "{{ .Release.Name }}" +heritage: "{{ .Release.Service }}" +{{- end -}} + --- -apiVersion: {{ include "deploymentversion" . }} +apiVersion: apps/v1 kind: Deployment metadata: name: gardenlet namespace: garden labels: - app: gardener - role: gardenlet - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" +{{ include "gardenlet.deployment.labels" . | indent 4 }} annotations: {{ include "gardenlet.deployment.annotations" . | indent 4 }} spec: - revisionHistoryLimit: {{ required ".Values.global.gardenlet.revisionHistoryLimit is required" .Values.global.gardenlet.revisionHistoryLimit }} - replicas: {{ required ".Values.global.gardenlet.replicaCount is required" .Values.global.gardenlet.replicaCount }} + revisionHistoryLimit: {{ required ".Values.revisionHistoryLimit is required" .Values.revisionHistoryLimit }} + replicas: {{ required ".Values.replicaCount is required" .Values.replicaCount }} selector: matchLabels: - app: gardener - role: gardenlet +{{ include "gardenlet.deployment.matchLabels" . | indent 6 }} template: metadata: annotations: prometheus.io/scrape: 'true' - prometheus.io/port: {{ required ".Values.global.gardenlet.config.server.metrics.port is required" .Values.global.gardenlet.config.server.metrics.port | quote }} - {{- if .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig }} - {{- if not .Values.global.gardenlet.config.gardenClientConnection.bootstrapKubeconfig.secretRef }} + prometheus.io/port: {{ required ".Values.config.server.metrics.port is required" .Values.config.server.metrics.port | quote }} + {{- if .Values.config.gardenClientConnection.bootstrapKubeconfig }} + {{- if not .Values.config.gardenClientConnection.bootstrapKubeconfig.secretRef }} checksum/secret-gardenlet-kubeconfig-garden-bootstrap: {{ include (print $.Template.BasePath "/secret-kubeconfig-garden-bootstrap.yaml") . | sha256sum }} {{- end }} {{- end }} {{ include "gardenlet.deployment.annotations" . | indent 8 }} - {{- if .Values.global.gardenlet.podAnnotations }} -{{ toYaml .Values.global.gardenlet.podAnnotations | indent 8 }} + {{- if .Values.podAnnotations }} +{{ toYaml .Values.podAnnotations | indent 8 }} {{- end }} labels: - app: gardener - role: gardenlet - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" +{{ include "gardenlet.deployment.labels" . | indent 8 }} projected-token-mount.resources.gardener.cloud/skip: "true" - {{- if .Values.global.gardenlet.podLabels }} -{{ toYaml .Values.global.gardenlet.podLabels | indent 8 }} + seccompprofile.resources.gardener.cloud/skip: "true" + {{- if .Values.podLabels }} +{{ toYaml .Values.podLabels | indent 8 }} {{- end }} spec: +{{ include "gardenlet.deployment.topologySpreadConstraints" . | indent 6 }} priorityClassName: gardener-system-critical - {{- if not .Values.global.gardenlet.config.seedClientConnection.kubeconfig }} - serviceAccountName: {{ required ".Values.global.gardenlet.serviceAccountName is required" .Values.global.gardenlet.serviceAccountName }} + {{- if not .Values.config.seedClientConnection.kubeconfig }} + serviceAccountName: {{ required ".Values.serviceAccountName is required" .Values.serviceAccountName }} {{- else }} automountServiceAccountToken: false {{- end }} - {{- if gt (int .Values.global.gardenlet.replicaCount) 1 }} - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - gardener - - key: role - operator: In - values: - - gardenlet - topologyKey: kubernetes.io/hostname - {{- end }} + securityContext: + seccompProfile: + type: RuntimeDefault containers: - name: gardenlet - image: {{ include "utils-templates.image" .Values.global.gardenlet.image }} - imagePullPolicy: {{ .Values.global.gardenlet.image.pullPolicy }} + image: {{ include "utils-templates.image" .Values.image }} + imagePullPolicy: {{ .Values.image.pullPolicy }} args: - --config=/etc/gardenlet/config/config.yaml - {{- if or .Values.global.gardenlet.env .Values.global.gardenlet.imageVectorOverwrite .Values.global.gardenlet.componentImageVectorOverwrites }} + {{- if or .Values.env .Values.imageVectorOverwrite .Values.componentImageVectorOverwrites }} env: - {{- if .Values.global.gardenlet.imageVectorOverwrite }} + {{- if .Values.imageVectorOverwrite }} - name: IMAGEVECTOR_OVERWRITE value: /charts_overwrite/images_overwrite.yaml {{- end }} - {{- if .Values.global.gardenlet.componentImageVectorOverwrites }} + {{- if .Values.componentImageVectorOverwrites }} - name: IMAGEVECTOR_OVERWRITE_COMPONENTS value: /charts_overwrite_components/components.yaml {{- end }} - {{- range $index, $value := .Values.global.gardenlet.env }} + {{- range $index, $value := .Values.env }} {{- if not (empty $value) }} - name: {{ index $value "name" | quote }} value: {{ index $value "value" | quote }} @@ -108,24 +100,24 @@ spec: livenessProbe: httpGet: path: /healthz - port: {{ required ".Values.global.gardenlet.config.server.healthProbes.port is required" .Values.global.gardenlet.config.server.healthProbes.port }} + port: {{ required ".Values.config.server.healthProbes.port is required" .Values.config.server.healthProbes.port }} scheme: HTTP initialDelaySeconds: 15 timeoutSeconds: 5 readinessProbe: httpGet: path: /readyz - port: {{ required ".Values.global.gardenlet.config.server.healthProbes.port is required" .Values.global.gardenlet.config.server.healthProbes.port }} + port: {{ required ".Values.config.server.healthProbes.port is required" .Values.config.server.healthProbes.port }} scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 5 - {{- if .Values.global.gardenlet.resources }} + {{- if .Values.resources }} resources: -{{ toYaml .Values.global.gardenlet.resources | indent 10 }} +{{ toYaml .Values.resources | indent 10 }} {{- end }} - {{- if .Values.global.gardenlet.dnsConfig }} + {{- if .Values.dnsConfig }} dnsConfig: -{{ toYaml .Values.global.gardenlet.dnsConfig | indent 10 }} +{{ toYaml .Values.dnsConfig | indent 10 }} {{- end }} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File @@ -135,30 +127,30 @@ spec: mountPath: /var/run/secrets/kubernetes.io/serviceaccount readOnly: true {{- end }} - {{- if .Values.global.gardenlet.config.gardenClientConnection.kubeconfig }} + {{- if .Values.config.gardenClientConnection.kubeconfig }} - name: gardenlet-kubeconfig-garden mountPath: /etc/gardenlet/kubeconfig-garden readOnly: true {{- end }} - {{- if .Values.global.gardenlet.config.seedClientConnection.kubeconfig }} + {{- if .Values.config.seedClientConnection.kubeconfig }} - name: gardenlet-kubeconfig-seed mountPath: /etc/gardenlet/kubeconfig-seed readOnly: true {{- end }} - {{- if .Values.global.gardenlet.imageVectorOverwrite }} + {{- if .Values.imageVectorOverwrite }} - name: gardenlet-imagevector-overwrite mountPath: /charts_overwrite readOnly: true {{- end }} - {{- if .Values.global.gardenlet.componentImageVectorOverwrites }} + {{- if .Values.componentImageVectorOverwrites }} - name: gardenlet-imagevector-overwrite-components mountPath: /charts_overwrite_components readOnly: true {{- end }} - name: gardenlet-config mountPath: /etc/gardenlet/config -{{- if .Values.global.gardenlet.additionalVolumeMounts }} -{{ toYaml .Values.global.gardenlet.additionalVolumeMounts | indent 8 }} +{{- if .Values.additionalVolumeMounts }} +{{ toYaml .Values.additionalVolumeMounts | indent 8 }} {{- end }} volumes: {{- if semverCompare ">= 1.20-0" .Capabilities.KubeVersion.GitVersion }} @@ -181,22 +173,22 @@ spec: apiVersion: v1 fieldPath: metadata.namespace {{- end }} - {{- if .Values.global.gardenlet.config.gardenClientConnection.kubeconfig }} + {{- if .Values.config.gardenClientConnection.kubeconfig }} - name: gardenlet-kubeconfig-garden secret: secretName: {{ include "gardenlet.kubeconfig-garden.name" . }} {{- end }} - {{- if .Values.global.gardenlet.config.seedClientConnection.kubeconfig }} + {{- if .Values.config.seedClientConnection.kubeconfig }} - name: gardenlet-kubeconfig-seed secret: secretName: {{ include "gardenlet.kubeconfig-seed.name" . }} {{- end }} - {{- if .Values.global.gardenlet.imageVectorOverwrite }} + {{- if .Values.imageVectorOverwrite }} - name: gardenlet-imagevector-overwrite configMap: name: {{ include "gardenlet.imagevector-overwrite.name" . }} {{- end }} - {{- if .Values.global.gardenlet.componentImageVectorOverwrites }} + {{- if .Values.componentImageVectorOverwrites }} - name: gardenlet-imagevector-overwrite-components configMap: name: {{ include "gardenlet.imagevector-overwrite-components.name" . }} @@ -204,7 +196,6 @@ spec: - name: gardenlet-config configMap: name: {{ include "gardenlet.config.name" . }} -{{- if .Values.global.gardenlet.additionalVolumes }} -{{ toYaml .Values.global.gardenlet.additionalVolumes | indent 6 }} +{{- if .Values.additionalVolumes }} +{{ toYaml .Values.additionalVolumes | indent 6 }} {{- end }} -{{- end}} diff --git a/charts/gardenlet/charts/runtime/templates/poddisruptionbudget.yaml b/charts/gardenlet/templates/poddisruptionbudget.yaml similarity index 79% rename from charts/gardenlet/charts/runtime/templates/poddisruptionbudget.yaml rename to charts/gardenlet/templates/poddisruptionbudget.yaml index 6a6241fc..1ece2331 100644 --- a/charts/gardenlet/charts/runtime/templates/poddisruptionbudget.yaml +++ b/charts/gardenlet/templates/poddisruptionbudget.yaml @@ -1,4 +1,4 @@ -{{- if gt (int .Values.global.gardenlet.replicaCount) 1 }} +{{- if gt (int .Values.replicaCount) 1 }} apiVersion: {{ include "poddisruptionbudgetversion" .}} kind: PodDisruptionBudget metadata: @@ -11,7 +11,7 @@ metadata: release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" spec: - maxUnavailable: {{ sub (int .Values.global.gardenlet.replicaCount) 1 }} + maxUnavailable: {{ sub (int .Values.replicaCount) 1 }} selector: matchLabels: app: gardener diff --git a/charts/gardenlet/charts/runtime/templates/priorityclass.yaml b/charts/gardenlet/templates/priorityclass.yaml similarity index 83% rename from charts/gardenlet/charts/runtime/templates/priorityclass.yaml rename to charts/gardenlet/templates/priorityclass.yaml index 832f8166..38fc746d 100644 --- a/charts/gardenlet/charts/runtime/templates/priorityclass.yaml +++ b/charts/gardenlet/templates/priorityclass.yaml @@ -1,4 +1,4 @@ -apiVersion: {{ include "priorityclassversion" . }} +apiVersion: scheduling.k8s.io/v1 kind: PriorityClass metadata: name: gardener-system-critical diff --git a/charts/gardenlet/charts/runtime/templates/role-garden-gardenlet.yaml b/charts/gardenlet/templates/role-garden-gardenlet.yaml similarity index 85% rename from charts/gardenlet/charts/runtime/templates/role-garden-gardenlet.yaml rename to charts/gardenlet/templates/role-garden-gardenlet.yaml index 748bf6b7..86da8ce5 100644 --- a/charts/gardenlet/charts/runtime/templates/role-garden-gardenlet.yaml +++ b/charts/gardenlet/templates/role-garden-gardenlet.yaml @@ -1,6 +1,5 @@ -{{- if .Values.global.gardenlet.enabled }} --- -apiVersion: {{ include "rbacversion" . }} +apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: gardener.cloud:system:gardenlet @@ -39,4 +38,3 @@ rules: - daemonsets verbs: - create -{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/rolebinding-garden-gardenlet.yaml b/charts/gardenlet/templates/rolebinding-garden-gardenlet.yaml similarity index 65% rename from charts/gardenlet/charts/runtime/templates/rolebinding-garden-gardenlet.yaml rename to charts/gardenlet/templates/rolebinding-garden-gardenlet.yaml index 798c40a8..593d3397 100644 --- a/charts/gardenlet/charts/runtime/templates/rolebinding-garden-gardenlet.yaml +++ b/charts/gardenlet/templates/rolebinding-garden-gardenlet.yaml @@ -1,6 +1,5 @@ -{{- if .Values.global.gardenlet.enabled }} --- -apiVersion: {{ include "rbacversion" . }} +apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: gardener.cloud:system:gardenlet @@ -17,6 +16,5 @@ roleRef: name: gardener.cloud:system:gardenlet subjects: - kind: ServiceAccount - name: "{{ required ".Values.global.gardenlet.serviceAccountName is required" .Values.global.gardenlet.serviceAccountName }}" + name: "{{ required ".Values.serviceAccountName is required" .Values.serviceAccountName }}" namespace: garden -{{- end }} diff --git a/charts/gardenlet/templates/secret-kubeconfig-garden-bootstrap.yaml b/charts/gardenlet/templates/secret-kubeconfig-garden-bootstrap.yaml new file mode 100644 index 00000000..fe346681 --- /dev/null +++ b/charts/gardenlet/templates/secret-kubeconfig-garden-bootstrap.yaml @@ -0,0 +1,18 @@ +{{- if .Values.config.gardenClientConnection.bootstrapKubeconfig }} +{{- if not .Values.config.gardenClientConnection.bootstrapKubeconfig.secretRef }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ required ".Values.config.gardenClientConnection.bootstrapKubeconfig.name is required" .Values.config.gardenClientConnection.bootstrapKubeconfig.name }} + namespace: {{ required ".Values.config.gardenClientConnection.bootstrapKubeconfig.namespace is required" .Values.config.gardenClientConnection.bootstrapKubeconfig.namespace }} + labels: + app: gardener + role: gardenlet + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + kubeconfig: {{ required ".Values.config.gardenClientConnection.bootstrapKubeconfig.kubeconfig is required" .Values.config.gardenClientConnection.bootstrapKubeconfig.kubeconfig | b64enc }} +{{- end }} +{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/secret-kubeconfig-garden.yaml b/charts/gardenlet/templates/secret-kubeconfig-garden.yaml similarity index 78% rename from charts/gardenlet/charts/runtime/templates/secret-kubeconfig-garden.yaml rename to charts/gardenlet/templates/secret-kubeconfig-garden.yaml index 8e93a56b..cde151da 100644 --- a/charts/gardenlet/charts/runtime/templates/secret-kubeconfig-garden.yaml +++ b/charts/gardenlet/templates/secret-kubeconfig-garden.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.global.gardenlet.enabled .Values.global.gardenlet.config.gardenClientConnection.kubeconfig }} +{{- if .Values.config.gardenClientConnection.kubeconfig }} apiVersion: v1 kind: Secret metadata: @@ -15,4 +15,4 @@ immutable: true type: Opaque data: {{ include "gardenlet.kubeconfig-garden.data" . | indent 2 }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/secret-kubeconfig-seed.yaml b/charts/gardenlet/templates/secret-kubeconfig-seed.yaml similarity index 80% rename from charts/gardenlet/charts/runtime/templates/secret-kubeconfig-seed.yaml rename to charts/gardenlet/templates/secret-kubeconfig-seed.yaml index 116d53d6..3da53097 100644 --- a/charts/gardenlet/charts/runtime/templates/secret-kubeconfig-seed.yaml +++ b/charts/gardenlet/templates/secret-kubeconfig-seed.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.global.gardenlet.enabled .Values.global.gardenlet.config.seedClientConnection.kubeconfig }} +{{- if .Values.config.seedClientConnection.kubeconfig }} apiVersion: v1 kind: Secret metadata: diff --git a/charts/gardenlet/charts/runtime/templates/service.yaml b/charts/gardenlet/templates/service.yaml similarity index 52% rename from charts/gardenlet/charts/runtime/templates/service.yaml rename to charts/gardenlet/templates/service.yaml index 79a5be0b..f22f7b2b 100644 --- a/charts/gardenlet/charts/runtime/templates/service.yaml +++ b/charts/gardenlet/templates/service.yaml @@ -1,4 +1,3 @@ -{{- if .Values.global.gardenlet.enabled }} apiVersion: v1 kind: Service metadata: @@ -18,6 +17,5 @@ spec: ports: - name: metrics protocol: TCP - port: {{ required ".Values.global.gardenlet.config.server.metrics.port is required" .Values.global.gardenlet.config.server.metrics.port }} - targetPort: {{ required ".Values.global.gardenlet.config.server.metrics.port is required" .Values.global.gardenlet.config.server.metrics.port }} -{{- end }} + port: {{ required ".Values.config.server.metrics.port is required" .Values.config.server.metrics.port }} + targetPort: {{ required ".Values.config.server.metrics.port is required" .Values.config.server.metrics.port }} diff --git a/charts/gardenlet/charts/runtime/templates/serviceaccount.yaml b/charts/gardenlet/templates/serviceaccount.yaml similarity index 55% rename from charts/gardenlet/charts/runtime/templates/serviceaccount.yaml rename to charts/gardenlet/templates/serviceaccount.yaml index cb67bb46..d63e71c8 100644 --- a/charts/gardenlet/charts/runtime/templates/serviceaccount.yaml +++ b/charts/gardenlet/templates/serviceaccount.yaml @@ -1,8 +1,8 @@ -{{- if and .Values.global.gardenlet.enabled (not .Values.global.gardenlet.config.seedClientConnection.kubeconfig) }} +{{- if not .Values.config.seedClientConnection.kubeconfig }} apiVersion: v1 kind: ServiceAccount metadata: - name: {{ required ".Values.global.gardenlet.serviceAccountName is required" .Values.global.gardenlet.serviceAccountName }} + name: {{ required ".Values.serviceAccountName is required" .Values.serviceAccountName }} namespace: garden labels: app: gardener @@ -10,7 +10,7 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" -{{- if .Values.global.gardenlet.invalidateServiceAccountToken }} +{{- if .Values.invalidateServiceAccountToken }} {{- if semverCompare ">= 1.20-0" .Capabilities.KubeVersion.GitVersion }} automountServiceAccountToken: false {{- end }} diff --git a/charts/gardenlet/charts/runtime/templates/vpa.yaml b/charts/gardenlet/templates/vpa.yaml similarity index 79% rename from charts/gardenlet/charts/runtime/templates/vpa.yaml rename to charts/gardenlet/templates/vpa.yaml index 78f94af0..aa0682e6 100644 --- a/charts/gardenlet/charts/runtime/templates/vpa.yaml +++ b/charts/gardenlet/templates/vpa.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.gardenlet.vpa }} +{{- if .Values.vpa }} apiVersion: autoscaling.k8s.io/v1 kind: VerticalPodAutoscaler metadata: @@ -6,7 +6,7 @@ metadata: namespace: garden spec: targetRef: - apiVersion: {{ include "deploymentversion" . }} + apiVersion: apps/v1 kind: Deployment name: gardenlet updatePolicy: diff --git a/charts/gardenlet/values.yaml b/charts/gardenlet/values.yaml index 434bace3..697995f9 100644 --- a/charts/gardenlet/values.yaml +++ b/charts/gardenlet/values.yaml @@ -1,216 +1,211 @@ -global: - # Gardenlet configuration values - gardenlet: - enabled: true - replicaCount: 1 - revisionHistoryLimit: 10 - serviceAccountName: gardenlet - invalidateServiceAccountToken: true - image: - repository: eu.gcr.io/gardener-project/gardener/gardenlet - tag: v1.57.1 - pullPolicy: IfNotPresent - resources: - requests: - cpu: 100m - memory: 100Mi - # podAnnotations: # YAML formated annotations used for pod template - # podLabels: # YAML formated labels used for pod template - additionalVolumes: [] - additionalVolumeMounts: [] - env: [] - vpa: false - # imageVectorOverwrite: | - # Please find documentation in docs/deployment/image_vector.md - # componentImageVectorOverwrites: | - # Please find documentation in docs/deployment/image_vector.md - config: - gardenClientConnection: - # acceptContentTypes: application/json - # contentType: application/json - qps: 100 - burst: 130 - # gardenClusterAddress: https://some-external-ip-address-to-garden-cluster - # gardenClusterCACert: - # bootstrapKubeconfig: # bootstrapKubeconfig contains the kubeconfig that is used to initiate the bootstrap process, i.e., - # that is used to request a client certificate for the garden cluster. - # If the kubeconfig is provided inline, the name and namespace fields - # are a reference to a secret that will store this bootstrap kubeconfig. If `kubeconfig` is given - # then only this kubeconfig will be considered. - # If you already have a boostrap kubeconfig you can reference it with - # secretRef.name and secretRef.namespace. - # name: gardenlet-kubeconfig-bootstrap - # namespace: garden - # secretRef: - # name: secretName - # namespace: secretNamespace - # kubeconfig: | - # some-kubeconfig-for-bootstrapping - # kubeconfigSecret: # kubeconfigSecret is the reference to a secret object that stores the gardenlet's kubeconfig that - # is used to communicate with the garden cluster. This kubeconfig is derived out of the bootstrap - # process. If `kubeconfig` is given then only this kubeconfig will be considered. - # name: gardenlet-kubeconfig - # namespace: garden - # kubeconfigValidity: - # validity: 24h - # autoRotationJitterPercentageMin: 70 - # autoRotationJitterPercentageMax: 90 - # kubeconfig: | - # Specify a kubeconfig here if you don't want the Gardenlet to use TLS bootstrapping (if you provide - # `bootstrapKubeconfig` and `kubeconfigSecret` then it will try to create a CertificateSigningRequest - # and to procure a client certificate. - seedClientConnection: - # acceptContentTypes: application/json - # contentType: application/json - qps: 100 - burst: 130 - # kubeconfig: | - # Specify a kubeconfig for the seed cluster here if you don't want to use the Gardenlet's service account. - shootClientConnection: - # acceptContentTypes: application/json - # contentType: application/json - qps: 25 - burst: 50 - controllers: - backupBucket: - concurrentSyncs: 20 - backupEntry: - concurrentSyncs: 20 - bastion: - concurrentSyncs: 20 - # deletionGracePeriodHours: 24 - # deletionGracePeriodShootPurposes: - # - production - seed: - concurrentSyncs: 5 - syncPeriod: 1h - # leaseResyncSeconds: 2 - # leaseResyncMissThreshold: 10 - shoot: - concurrentSyncs: 20 - syncPeriod: 1h - retryDuration: 12h - respectSyncPeriodOverwrite: false - reconcileInMaintenanceOnly: false - # progressReportPeriod: 5s - # dnsEntryTTLSeconds: 120 - shootCare: - concurrentSyncs: 5 - syncPeriod: 30s - staleExtensionHealthChecks: - enabled: true - # threshold: 5m - conditionThresholds: - - type: APIServerAvailable - duration: 1m - - type: ControlPlaneHealthy - duration: 1m - - type: SystemComponentsHealthy - duration: 1m - - type: EveryNodeReady - duration: 5m - webhookRemediatorEnabled: false - seedCare: - syncPeriod: 30s - conditionThresholds: - - type: SeedSystemComponentsHealthy - duration: 1m - shootSecret: - concurrentSyncs: 5 - shootStateSync: - concurrentSyncs: 5 - syncPeriod: 30s - managedSeed: - concurrentSyncs: 5 - syncPeriod: 1h - waitSyncPeriod: 15s - syncJitterPeriod: 5m - jitterUpdates: false - shootMigration: - concurrentSyncs: 5 - syncPeriod: 1m - gracePeriod: 2h - lastOperationStaleDuration: 10m - backupEntryMigration: - concurrentSyncs: 5 - syncPeriod: 1m - gracePeriod: 10m - lastOperationStaleDuration: 2m - resources: - capacity: - shoots: 250 - leaderElection: - leaderElect: true - leaseDuration: 15s - renewDeadline: 10s - retryPeriod: 2s - resourceLock: leases - # resourceName: gardenlet-leader-election - # resourceNamespace: garden - logLevel: info - logFormat: json - server: - healthProbes: - bindAddress: 0.0.0.0 - port: 2728 - metrics: - bindAddress: 0.0.0.0 - port: 2729 - debugging: - enableProfiling: false - enableContentionProfiling: false - featureGates: {} - # sni: # SNI configuration used for APIServerSNI and ManagedIstio feature gates. - # ingress: - # serviceName: istio-ingress - # namespace: istio-ingress - # labels: - # istio: ingressgateway - # exposureClassHandlers: - # - name: handler-1 - # loadBalancerService: - # annotations: - # test: handler-1 - # - name: handler-2 - # loadBalancerService: - # annotations: - # test: handler-2 - # sni: - # ingress: - # serviceName: istio-ingress - # namespace: istio-ingress-handler-2 - # labels: - # istio: ingressgateway-handler-2 - # etcdConfig: - # etcdController: - # workers: 3 - # custodianController: - # workers: 3 - # backupCompactionController: - # workers: 3 - # enableBackupCompaction: false - # eventsThreshold: 1000000 - # activeDeadlineDuration: "3h" - # backupLeaderElection: - # reelectionPeriod: 5s - # etcdConnectionTimeout: 5s - # seedConfig: {} - # logging: - # enabled: false - # fluentBit: - # output: |- - # [Output] - # ... - # monitoring: - # shoot: - # remoteWrite: - # url: https://remoteWriteUrl # remote write URL - # keep: # metrics that should be forwarded to the external write endpoint. If empty all metrics get forwarded - # - kube_pod_container_info - # queueConfig: | # queue_config of prometheus remote write as multiline string - # max_shards: 100 - # batch_send_deadline: 20s - # min_backoff: 500ms - # max_backoff: 60s - # externalLabels: # add additional labels to metrics to identify it on the central instance - # additional: label +replicaCount: 1 +# failureToleranceType: node|zone +revisionHistoryLimit: 10 +serviceAccountName: gardenlet +invalidateServiceAccountToken: true +image: + repository: eu.gcr.io/gardener-project/gardener/gardenlet + tag: v1.59.1 + pullPolicy: IfNotPresent +resources: + requests: + cpu: 100m + memory: 100Mi +# podAnnotations: # YAML formated annotations used for pod template +# podLabels: # YAML formated labels used for pod template +additionalVolumes: [] +additionalVolumeMounts: [] +env: [] +vpa: false +# imageVectorOverwrite: | +# Please find documentation in docs/deployment/image_vector.md +# componentImageVectorOverwrites: | +# Please find documentation in docs/deployment/image_vector.md +config: + gardenClientConnection: + # acceptContentTypes: application/json + # contentType: application/json + qps: 100 + burst: 130 + # gardenClusterAddress: https://some-external-ip-address-to-garden-cluster + # gardenClusterCACert: + # bootstrapKubeconfig: # bootstrapKubeconfig contains the kubeconfig that is used to initiate the bootstrap process, i.e., + # that is used to request a client certificate for the garden cluster. + # If the kubeconfig is provided inline, the name and namespace fields + # are a reference to a secret that will store this bootstrap kubeconfig. If `kubeconfig` is given + # then only this kubeconfig will be considered. + # If you already have a boostrap kubeconfig you can reference it with + # secretRef.name and secretRef.namespace. + # name: gardenlet-kubeconfig-bootstrap + # namespace: garden + # secretRef: + # name: secretName + # namespace: secretNamespace + # kubeconfig: | + # some-kubeconfig-for-bootstrapping + # kubeconfigSecret: # kubeconfigSecret is the reference to a secret object that stores the gardenlet's kubeconfig that + # is used to communicate with the garden cluster. This kubeconfig is derived out of the bootstrap + # process. If `kubeconfig` is given then only this kubeconfig will be considered. + # name: gardenlet-kubeconfig + # namespace: garden + # kubeconfigValidity: + # validity: 24h + # autoRotationJitterPercentageMin: 70 + # autoRotationJitterPercentageMax: 90 + # kubeconfig: | + # Specify a kubeconfig here if you don't want the Gardenlet to use TLS bootstrapping (if you provide + # `bootstrapKubeconfig` and `kubeconfigSecret` then it will try to create a CertificateSigningRequest + # and to procure a client certificate. + seedClientConnection: + # acceptContentTypes: application/json + # contentType: application/json + qps: 100 + burst: 130 + # kubeconfig: | + # Specify a kubeconfig for the seed cluster here if you don't want to use the Gardenlet's service account. + shootClientConnection: + # acceptContentTypes: application/json + # contentType: application/json + qps: 25 + burst: 50 + controllers: + backupBucket: + concurrentSyncs: 20 + backupEntry: + concurrentSyncs: 20 + bastion: + concurrentSyncs: 20 + # deletionGracePeriodHours: 24 + # deletionGracePeriodShootPurposes: + # - production + seed: + syncPeriod: 1h + # leaseResyncSeconds: 2 + # leaseResyncMissThreshold: 10 + seedCare: + syncPeriod: 30s + conditionThresholds: + - type: SeedSystemComponentsHealthy + duration: 1m + shoot: + concurrentSyncs: 20 + syncPeriod: 1h + retryDuration: 12h + respectSyncPeriodOverwrite: false + reconcileInMaintenanceOnly: false + # progressReportPeriod: 5s + # dnsEntryTTLSeconds: 120 + shootCare: + concurrentSyncs: 5 + syncPeriod: 30s + staleExtensionHealthChecks: + enabled: true + # threshold: 5m + conditionThresholds: + - type: APIServerAvailable + duration: 1m + - type: ControlPlaneHealthy + duration: 1m + - type: SystemComponentsHealthy + duration: 1m + - type: EveryNodeReady + duration: 5m + webhookRemediatorEnabled: false + shootSecret: + concurrentSyncs: 5 + shootStateSync: + concurrentSyncs: 5 + managedSeed: + concurrentSyncs: 5 + syncPeriod: 1h + waitSyncPeriod: 15s + syncJitterPeriod: 5m + jitterUpdates: false + shootMigration: + concurrentSyncs: 5 + syncPeriod: 1m + gracePeriod: 2h + lastOperationStaleDuration: 10m + backupEntryMigration: + concurrentSyncs: 5 + syncPeriod: 1m + gracePeriod: 10m + lastOperationStaleDuration: 2m + resources: + capacity: + shoots: 250 + leaderElection: + leaderElect: true + leaseDuration: 15s + renewDeadline: 10s + retryPeriod: 2s + resourceLock: leases + # resourceName: gardenlet-leader-election + # resourceNamespace: garden + logLevel: info + logFormat: json + server: + healthProbes: + bindAddress: 0.0.0.0 + port: 2728 + metrics: + bindAddress: 0.0.0.0 + port: 2729 + debugging: + enableProfiling: false + enableContentionProfiling: false + featureGates: {} + # sni: # SNI configuration used for APIServerSNI and ManagedIstio feature gates. + # ingress: + # serviceName: istio-ingress + # namespace: istio-ingress + # labels: + # istio: ingressgateway + # exposureClassHandlers: + # - name: handler-1 + # loadBalancerService: + # annotations: + # test: handler-1 + # - name: handler-2 + # loadBalancerService: + # annotations: + # test: handler-2 + # sni: + # ingress: + # serviceName: istio-ingress + # namespace: istio-ingress-handler-2 + # labels: + # istio: ingressgateway-handler-2 +# etcdConfig: +# etcdController: +# workers: 3 +# custodianController: +# workers: 3 +# backupCompactionController: +# workers: 3 +# enableBackupCompaction: false +# eventsThreshold: 1000000 +# activeDeadlineDuration: "3h" +# backupLeaderElection: +# reelectionPeriod: 5s +# etcdConnectionTimeout: 5s +# seedConfig: {} +# logging: +# enabled: false +# fluentBit: +# output: |- +# [Output] +# ... +# monitoring: +# shoot: +# remoteWrite: +# url: https://remoteWriteUrl # remote write URL +# keep: # metrics that should be forwarded to the external write endpoint. If empty all metrics get forwarded +# - kube_pod_container_info +# queueConfig: | # queue_config of prometheus remote write as multiline string +# max_shards: 100 +# batch_send_deadline: 20s +# min_backoff: 500ms +# max_backoff: 60s +# externalLabels: # add additional labels to metrics to identify it on the central instance +# additional: label diff --git a/hack/helmchart-import/import-gardener-charts.py b/hack/helmchart-import/import-gardener-charts.py index 24fd1d7b..7d376b0e 100644 --- a/hack/helmchart-import/import-gardener-charts.py +++ b/hack/helmchart-import/import-gardener-charts.py @@ -15,7 +15,7 @@ config = [ { "package": "gardener/gardener", - "version": "v1.57.1", + "version": "v1.59.1", "dirs": [ { "src": "charts/gardener/controlplane",