feat: Upgrade components
This commit is contained in:
@@ -56,44 +56,50 @@ components:
|
||||
|
||||
argo-cd:
|
||||
helm:
|
||||
version: 5.27.4 # (= ArgoCD v2.6.7)
|
||||
version: 6.7.7 # (=ArgoCD v.2.10.5)
|
||||
chart: argo/argo-cd
|
||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||
chart_values: !unsafe |
|
||||
configs:
|
||||
cm:
|
||||
resource.compareoptions: |
|
||||
ignoreAggregatedRoles: true
|
||||
resource.customizations.ignoreDifferences.all: |
|
||||
jsonPointers:
|
||||
- /spec/conversion/webhook/clientConfig/caBundle
|
||||
params:
|
||||
server.insecure: true
|
||||
secret:
|
||||
argocdServerAdminPassword: "{{ vapp['metacluster.password'] | password_hash('bcrypt') }}"
|
||||
global:
|
||||
domain: gitops.{{ vapp['metacluster.fqdn'] | lower }}
|
||||
server:
|
||||
extraArgs:
|
||||
- --insecure
|
||||
ingress:
|
||||
enabled: true
|
||||
hosts:
|
||||
- gitops.{{ vapp['metacluster.fqdn'] }}
|
||||
|
||||
cert-manager:
|
||||
helm:
|
||||
version: 1.13.1
|
||||
version: 1.14.4
|
||||
chart: jetstack/cert-manager
|
||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||
# chart_values: !unsafe |
|
||||
# installCRDs: true
|
||||
chart_values: !unsafe |
|
||||
installCRDs: true
|
||||
|
||||
clusterapi:
|
||||
management:
|
||||
version:
|
||||
# Must match the version referenced at `dependencies.static_binaries[.filename==clusterctl].url`
|
||||
base: v1.5.1
|
||||
base: v1.6.3
|
||||
# Must match the version referenced at `components.cert-manager.helm.version`
|
||||
cert_manager: v1.13.1
|
||||
infrastructure_vsphere: v1.8.1
|
||||
ipam_incluster: v0.1.0-alpha.3
|
||||
cert_manager: v1.14.4
|
||||
infrastructure_vsphere: v1.9.2
|
||||
ipam_incluster: v0.1.0
|
||||
# Refer to `https://console.cloud.google.com/gcr/images/cloud-provider-vsphere/GLOBAL/cpi/release/manager` for available tags
|
||||
cpi_vsphere: v1.27.0
|
||||
cpi_vsphere: v1.30.1
|
||||
workload:
|
||||
version:
|
||||
calico: v3.26.2
|
||||
k8s: v1.27.1
|
||||
calico: v3.27.3
|
||||
k8s: v1.30.1
|
||||
node_template:
|
||||
url: https://{{ repo_username }}:{{ repo_password }}@sn.itch.fyi/Repository/rel/ubuntu-2204-kube-v1.27.1.ova
|
||||
|
||||
@@ -131,7 +137,7 @@ components:
|
||||
|
||||
gitea:
|
||||
helm:
|
||||
version: v7.0.2 # (= Gitea v1.18.3)
|
||||
version: v10.1.3 # (= Gitea v1.21.7)
|
||||
chart: gitea-charts/gitea
|
||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | sed '/:/!s/$/:latest/'
|
||||
chart_values: !unsafe |
|
||||
@@ -149,21 +155,33 @@ components:
|
||||
admin:
|
||||
username: administrator
|
||||
password: "{{ vapp['metacluster.password'] }}"
|
||||
email: admin@{{ vapp['metacluster.fqdn'] }}
|
||||
email: administrator@{{ vapp['metacluster.fqdn'] | lower }}
|
||||
config:
|
||||
cache:
|
||||
ADAPTER: memory
|
||||
server:
|
||||
OFFLINE_MODE: true
|
||||
PROTOCOL: http
|
||||
ROOT_URL: https://git.{{ vapp['metacluster.fqdn'] }}/
|
||||
ROOT_URL: https://git.{{ vapp['metacluster.fqdn'] | lower }}/
|
||||
session:
|
||||
PROVIDER: db
|
||||
image:
|
||||
pullPolicy: IfNotPresent
|
||||
ingress:
|
||||
enabled: true
|
||||
hosts:
|
||||
- host: git.{{ vapp['metacluster.fqdn'] }}
|
||||
- host: git.{{ vapp['metacluster.fqdn'] | lower }}
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
postgresql:
|
||||
enabled: true
|
||||
image:
|
||||
tag: 16.1.0-debian-11-r25
|
||||
postgresql-ha:
|
||||
enabled: false
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
service:
|
||||
ssh:
|
||||
type: ClusterIP
|
||||
@@ -172,7 +190,7 @@ components:
|
||||
|
||||
harbor:
|
||||
helm:
|
||||
version: 1.11.0 # (= Harbor v2.7.0)
|
||||
version: 1.14.1 # (= Harbor v2.10.1)
|
||||
chart: harbor/harbor
|
||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||
chart_values: !unsafe |
|
||||
@@ -180,11 +198,11 @@ components:
|
||||
ingress:
|
||||
annotations: {}
|
||||
hosts:
|
||||
core: registry.{{ vapp['metacluster.fqdn'] }}
|
||||
core: registry.{{ vapp['metacluster.fqdn'] | lower }}
|
||||
tls:
|
||||
certSource: none
|
||||
enabled: false
|
||||
externalURL: https://registry.{{ vapp['metacluster.fqdn'] }}
|
||||
externalURL: https://registry.{{ vapp['metacluster.fqdn'] | lower }}
|
||||
harborAdminPassword: "{{ vapp['metacluster.password'] }}"
|
||||
notary:
|
||||
enabled: false
|
||||
@@ -229,23 +247,30 @@ components:
|
||||
|
||||
kubevip:
|
||||
# Must match the version referenced at `dependencies.container_images`
|
||||
version: v0.5.8
|
||||
version: v0.6.3
|
||||
|
||||
longhorn:
|
||||
helm:
|
||||
version: 1.4.1
|
||||
version: 1.5.4
|
||||
chart: longhorn/longhorn
|
||||
parse_logic: cat values.yaml | yq eval '.. | select(has("repository")) | .repository + ":" + .tag'
|
||||
chart_values: !unsafe |
|
||||
defaultSettings:
|
||||
allowNodeDrainWithLastHealthyReplica: true
|
||||
concurrentReplicaRebuildPerNodeLimit: 10
|
||||
defaultDataPath: /mnt/blockstorage
|
||||
defaultReplicaCount: 1
|
||||
logLevel: Info
|
||||
nodeDrainPolicy: block-for-eviction-if-contains-last-replica
|
||||
replicaSoftAntiAffinity: true
|
||||
priorityClass: system-node-critical
|
||||
storageOverProvisioningPercentage: 200
|
||||
storageReservedPercentageForDefaultDisk: 0
|
||||
ingress:
|
||||
enabled: true
|
||||
host: storage.{{ vapp['metacluster.fqdn'] }}
|
||||
persistence:
|
||||
defaultClassReplicaCount: 1
|
||||
host: storage.{{ vapp['metacluster.fqdn'] | lower }}
|
||||
longhornManager:
|
||||
priorityClass: system-node-critical
|
||||
longhornDriver:
|
||||
priorityClass: system-node-critical
|
||||
|
||||
pinniped:
|
||||
helm:
|
||||
@@ -270,22 +295,14 @@ components:
|
||||
|
||||
step-certificates:
|
||||
helm:
|
||||
version: 1.23.0
|
||||
version: 1.25.2 # (= step-ca v0.25.2)
|
||||
chart: smallstep/step-certificates
|
||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sed '/:/!s/$/:latest/' | sort -u
|
||||
chart_values: !unsafe |
|
||||
ca:
|
||||
dns: ca.{{ vapp['metacluster.fqdn'] }},step-certificates.step-ca.svc.cluster.local,127.0.0.1
|
||||
password: "{{ vapp['metacluster.password'] }}"
|
||||
provisioner:
|
||||
name: admin
|
||||
password: "{{ vapp['metacluster.password'] }}"
|
||||
inject:
|
||||
secrets:
|
||||
ca_password: "{{ vapp['metacluster.password'] | b64encode }}"
|
||||
provisioner_password: "{{ vapp['metacluster.password'] | b64encode }}"
|
||||
service:
|
||||
targetPort: 9000
|
||||
|
||||
dependencies:
|
||||
|
||||
@@ -301,41 +318,43 @@ dependencies:
|
||||
container_images:
|
||||
# This should match the image tag referenced at `platform.packaged_components[.name==traefik].config`
|
||||
- busybox:1
|
||||
- ghcr.io/kube-vip/kube-vip:v0.5.8
|
||||
- ghcr.io/kube-vip/kube-vip:v0.6.3
|
||||
# The following list is generated by running the following commands:
|
||||
# $ clusterctl init -i vsphere:<version> [...]
|
||||
# $ clusterctl generate cluster <name> [...] | yq eval '.data.data' | yq --no-doc eval '.. | .image? | select(.)' | sort -u
|
||||
- gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.27.0
|
||||
- gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0
|
||||
- gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.1.0
|
||||
- quay.io/k8scsi/csi-attacher:v3.0.0
|
||||
- quay.io/k8scsi/csi-node-driver-registrar:v2.0.1
|
||||
- quay.io/k8scsi/csi-provisioner:v2.0.0
|
||||
- quay.io/k8scsi/livenessprobe:v2.1.0
|
||||
- gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0
|
||||
- gcr.io/cloud-provider-vsphere/csi/release/syncer:v3.1.0
|
||||
- registry.k8s.io/sig-storage/csi-attacher:v4.3.0
|
||||
- registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0
|
||||
- registry.k8s.io/sig-storage/csi-provisioner:v3.5.0
|
||||
- registry.k8s.io/sig-storage/csi-resizer:v1.8.0
|
||||
- registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2
|
||||
- registry.k8s.io/sig-storage/livenessprobe:v2.10.0
|
||||
|
||||
static_binaries:
|
||||
- filename: clusterctl
|
||||
url: https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.5.1/clusterctl-linux-amd64
|
||||
url: https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.6.3/clusterctl-linux-amd64
|
||||
- filename: govc
|
||||
url: https://github.com/vmware/govmomi/releases/download/v0.29.0/govc_Linux_x86_64.tar.gz
|
||||
url: https://github.com/vmware/govmomi/releases/download/v0.36.3/govc_Linux_x86_64.tar.gz
|
||||
archive: compressed
|
||||
- filename: helm
|
||||
url: https://get.helm.sh/helm-v3.10.2-linux-amd64.tar.gz
|
||||
url: https://get.helm.sh/helm-v3.14.3-linux-amd64.tar.gz
|
||||
archive: compressed
|
||||
extra_opts: --strip-components=1
|
||||
- filename: kubectl-slice
|
||||
url: https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.2.5/kubectl-slice_linux_x86_64.tar.gz
|
||||
url: https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.2.9/kubectl-slice_linux_x86_64.tar.gz
|
||||
archive: compressed
|
||||
- filename: pinniped
|
||||
url: https://github.com/vmware-tanzu/pinniped/releases/download/v0.25.0/pinniped-cli-linux-amd64
|
||||
- filename: skopeo
|
||||
url: https://code.spamasaurus.com/api/packages/djpbessems/generic/skopeo/v1.12.0/skopeo_linux_amd64
|
||||
- filename: step
|
||||
url: https://dl.step.sm/gh-release/cli/gh-release-header/v0.23.0/step_linux_0.23.0_amd64.tar.gz
|
||||
url: https://dl.step.sm/gh-release/cli/gh-release-header/v0.25.2/step_linux_0.25.2_amd64.tar.gz
|
||||
archive: compressed
|
||||
extra_opts: --strip-components=2
|
||||
- filename: yq
|
||||
url: http://github.com/mikefarah/yq/releases/download/v4.30.5/yq_linux_amd64
|
||||
url: https://github.com/mikefarah/yq/releases/download/v4.43.1/yq_linux_amd64
|
||||
|
||||
packages:
|
||||
apt:
|
||||
|
||||
Reference in New Issue
Block a user