From ef9765fed8d22b28f13566c31ca29e09fa9a8ca5 Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Sun, 12 Mar 2023 02:57:18 +0300 Subject: [PATCH 01/10] fix existing ns issue Signed-off-by: Aleksey Sviridkin --- chart/kube-flannel/templates/config.yaml | 2 +- chart/kube-flannel/templates/daemonset.yaml | 2 +- chart/kube-flannel/templates/namespace.yaml | 4 +++- chart/kube-flannel/templates/rbac.yaml | 2 +- chart/kube-flannel/templates/serviceaccount.yaml | 2 +- 5 files changed, 7 insertions(+), 5 deletions(-) diff --git a/chart/kube-flannel/templates/config.yaml b/chart/kube-flannel/templates/config.yaml index 6ddf9f59c5..e147c9ddb9 100644 --- a/chart/kube-flannel/templates/config.yaml +++ b/chart/kube-flannel/templates/config.yaml @@ -2,7 +2,7 @@ kind: ConfigMap apiVersion: v1 metadata: name: kube-flannel-cfg - namespace: kube-flannel + namespace: {{ .Release.Namespace }} labels: tier: node app: flannel diff --git a/chart/kube-flannel/templates/daemonset.yaml b/chart/kube-flannel/templates/daemonset.yaml index 372cd8ed30..af7226db2e 100644 --- a/chart/kube-flannel/templates/daemonset.yaml +++ b/chart/kube-flannel/templates/daemonset.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: DaemonSet metadata: name: kube-flannel-ds - namespace: kube-flannel + namespace: {{ .Release.Namespace }} labels: tier: node app: flannel diff --git a/chart/kube-flannel/templates/namespace.yaml b/chart/kube-flannel/templates/namespace.yaml index 81e7faeed9..177b8904cc 100644 --- a/chart/kube-flannel/templates/namespace.yaml +++ b/chart/kube-flannel/templates/namespace.yaml @@ -1,6 +1,8 @@ kind: Namespace apiVersion: v1 metadata: - name: kube-flannel + name: {{ .Release.Namespace }} labels: pod-security.kubernetes.io/enforce: privileged + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/release-name: {{ .Release.Name }} diff --git a/chart/kube-flannel/templates/rbac.yaml b/chart/kube-flannel/templates/rbac.yaml index 5fdf3372bf..d08b37fcc5 100644 --- a/chart/kube-flannel/templates/rbac.yaml +++ b/chart/kube-flannel/templates/rbac.yaml @@ -42,4 +42,4 @@ roleRef: subjects: - kind: ServiceAccount name: flannel - namespace: kube-flannel + namespace: {{ .Release.Namespace }} diff --git a/chart/kube-flannel/templates/serviceaccount.yaml b/chart/kube-flannel/templates/serviceaccount.yaml index 186e59c691..c37316af1a 100644 --- a/chart/kube-flannel/templates/serviceaccount.yaml +++ b/chart/kube-flannel/templates/serviceaccount.yaml @@ -2,4 +2,4 @@ apiVersion: v1 kind: ServiceAccount metadata: name: flannel - namespace: kube-flannel + namespace: {{ .Release.Namespace }} From ef91c0cf11c77b0879dd7e84ba3398e01078b193 Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Mon, 13 Mar 2023 01:26:25 +0300 Subject: [PATCH 02/10] update readme Signed-off-by: Aleksey Sviridkin --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index bf5dec947b..c93b1de8aa 100644 --- a/README.md +++ b/README.md @@ -41,8 +41,9 @@ kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/ If you use custom `podCIDR` (not `10.244.0.0/16`) you first need to download the above manifest and modify the network to match your one. #### Deploying Flannel with helm -``` -helm install flannel --set podCidr="10.244.0.0/16" https://github.com/flannel-io/flannel/releases/latest/download/flannel.tgz + +```bash +helm install flannel --set podCidr="10.244.0.0/16" --create-namespace --namespace kube-flannel https://github.com/flannel-io/flannel/releases/latest/download/flannel.tgz ``` See [Kubernetes](Documentation/kubernetes.md) for more details. From ab52411c1dc2cb2f0e3ef6c520d8143f93e20252 Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Wed, 15 Mar 2023 16:12:21 +0300 Subject: [PATCH 03/10] update helm installation section, cleanup, format added manual ns creation to helm section code marked as bash now unused links deleted formatted with best practices Signed-off-by: Aleksey Sviridkin --- README.md | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index c93b1de8aa..632d8ef66f 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,8 @@ Flannel can be added to any existing Kubernetes cluster though it's simplest to For Kubernetes v1.17+ #### Deploying Flannel with kubectl -``` + +```bash kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml ``` @@ -43,7 +44,9 @@ If you use custom `podCIDR` (not `10.244.0.0/16`) you first need to download the #### Deploying Flannel with helm ```bash -helm install flannel --set podCidr="10.244.0.0/16" --create-namespace --namespace kube-flannel https://github.com/flannel-io/flannel/releases/latest/download/flannel.tgz +kubectl create ns kube-flannel +kubectl label ns kube-flannel pod-security.kubernetes.io/enforce=privileged +helm install flannel --set podCidr="10.244.0.0/16" --namespace kube-flannel https://github.com/flannel-io/flannel/releases/latest/download/flannel.tgz ``` See [Kubernetes](Documentation/kubernetes.md) for more details. @@ -51,7 +54,8 @@ See [Kubernetes](Documentation/kubernetes.md) for more details. In case a firewall is configured ensure to enable the right port used by the configured [backend][backends]. Flannel uses `portmap` as CNI network plugin by default; when deploying Flannel ensure that the [CNI Network plugins][Network-plugins] are installed in `/opt/cni/bin` the latest binaries can be downloaded with the following commands: -``` + +```bash mkdir -p /opt/cni/bin curl -O -L https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-amd64-v1.2.0.tgz tar -C /opt/cni/bin -xzf cni-plugins-linux-amd64-v1.2.0.tgz @@ -62,6 +66,7 @@ tar -C /opt/cni/bin -xzf cni-plugins-linux-amd64-v1.2.0.tgz flannel is also widely used outside of kubernetes. When deployed outside of kubernetes, etcd is always used as the datastore. For more details integrating flannel with Docker see [Running](Documentation/running.md) ## Documentation + - [Building (and releasing)](Documentation/building.md) - [Configuration](Documentation/configuration.md) - [Backends](Documentation/backends.md) @@ -72,11 +77,11 @@ flannel is also widely used outside of kubernetes. When deployed outside of kube ## Contact -* Slack: - * #k3s on [Rancher Users Slack](https://slack.rancher.io) - * #flannel-users on [Calico Users Slack](https://slack.projectcalico.org) -* Planning/Roadmap: [milestones][milestones], [roadmap][roadmap] -* Bugs: [issues][flannel-issues] +- Slack: + - #k3s on [Rancher Users Slack](https://slack.rancher.io) + - #flannel-users on [Calico Users Slack](https://slack.projectcalico.org) +- Planning/Roadmap: [milestones][milestones], [roadmap][roadmap] +- Bugs: [issues][flannel-issues] ## Community Meeting @@ -97,7 +102,6 @@ See [reporting bugs][reporting] for details about reporting any issues. Flannel is under the Apache 2.0 license. See the [LICENSE][license] file for details. [calico]: http://www.projectcalico.org -[pod-cidr]: https://kubernetes.io/docs/admin/kubelet/ [etcd]: https://go.etcd.io/etcd/v3 [contributing]: CONTRIBUTING.md [license]: https://github.com/flannel-io/flannel/blob/master/LICENSE @@ -107,6 +111,5 @@ Flannel is under the Apache 2.0 license. See the [LICENSE][license] file for det [roadmap]: https://github.com/kubernetes/kubernetes/milestones [reporting]: Documentation/reporting_bugs.md [k3s-installer]: https://github.com/k3s-io/k3s/#quick-start---install-script -[installing-with-kubeadm]: https://kubernetes.io/docs/getting-started-guides/kubeadm/ [k3s]: https://k3s.io/ [Network-plugins]: https://github.com/containernetworking/plugins From cce7e3a81b7fab15a6555a6e3c192d409c125374 Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Wed, 15 Mar 2023 16:12:37 +0300 Subject: [PATCH 04/10] remove ns template from the chart Signed-off-by: Aleksey Sviridkin --- chart/kube-flannel/templates/namespace.yaml | 8 -------- 1 file changed, 8 deletions(-) delete mode 100644 chart/kube-flannel/templates/namespace.yaml diff --git a/chart/kube-flannel/templates/namespace.yaml b/chart/kube-flannel/templates/namespace.yaml deleted file mode 100644 index 177b8904cc..0000000000 --- a/chart/kube-flannel/templates/namespace.yaml +++ /dev/null @@ -1,8 +0,0 @@ -kind: Namespace -apiVersion: v1 -metadata: - name: {{ .Release.Namespace }} - labels: - pod-security.kubernetes.io/enforce: privileged - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/release-name: {{ .Release.Name }} From 158480fe00323758749f63c947460603f5c3809d Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Wed, 15 Mar 2023 16:37:59 +0300 Subject: [PATCH 05/10] add example tests for ds Signed-off-by: Aleksey Sviridkin --- chart/kube-flannel/tests/daemonset_test.yaml | 52 ++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 chart/kube-flannel/tests/daemonset_test.yaml diff --git a/chart/kube-flannel/tests/daemonset_test.yaml b/chart/kube-flannel/tests/daemonset_test.yaml new file mode 100644 index 0000000000..92b2ed45f2 --- /dev/null +++ b/chart/kube-flannel/tests/daemonset_test.yaml @@ -0,0 +1,52 @@ +suite: test daemonset +templates: + - daemonset.yaml +release: + namespace: kube-flannel-example-namespace +tests: + - it: should have the correct api version + asserts: + - isKind: + of: DaemonSet + - isAPIVersion: + of: apps/v1 + - equal: + path: metadata.name + value: kube-flannel-ds + - equal: + path: metadata.namespace + value: kube-flannel-example-namespace + + - it: should have the correct image + set: + flannel.image.repository: cicker.io/flannel/flannel + flannel.image.tag: v555.44.3 + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: cicker.io/flannel/flannel:v555.44.3 + - equal: + path: spec.template.spec.initContainers[1].image + value: cicker.io/flannel/flannel:v555.44.3 + + - it: should have the correct cni image + set: + flannel.image_cni.repository: cicker.io/flannel/flannel-cni-plugin + flannel.image_cni.tag: v777.66.5 + asserts: + - equal: + path: spec.template.spec.initContainers[0].image + value: cicker.io/flannel/flannel-cni-plugin:v777.66.5 + + - it: should have the correct args + set: + flannel.args: + - "--ip-masq" + - "--kube-subnet-mgr" + asserts: + - equal: + path: spec.template.spec.containers[0].command + value: + - "/opt/bin/flanneld" + - "--ip-masq" + - "--kube-subnet-mgr" From ede92033b36aafe675d0be5fdf1e7f19ab3f0acd Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Wed, 15 Mar 2023 16:49:22 +0300 Subject: [PATCH 06/10] delete unnecessary namespace filds in templates Signed-off-by: Aleksey Sviridkin --- chart/kube-flannel/templates/config.yaml | 1 - chart/kube-flannel/templates/daemonset.yaml | 1 - chart/kube-flannel/templates/serviceaccount.yaml | 1 - chart/kube-flannel/tests/daemonset_test.yaml | 5 ----- 4 files changed, 8 deletions(-) diff --git a/chart/kube-flannel/templates/config.yaml b/chart/kube-flannel/templates/config.yaml index e147c9ddb9..6391cc9eaa 100644 --- a/chart/kube-flannel/templates/config.yaml +++ b/chart/kube-flannel/templates/config.yaml @@ -2,7 +2,6 @@ kind: ConfigMap apiVersion: v1 metadata: name: kube-flannel-cfg - namespace: {{ .Release.Namespace }} labels: tier: node app: flannel diff --git a/chart/kube-flannel/templates/daemonset.yaml b/chart/kube-flannel/templates/daemonset.yaml index af7226db2e..0ac153d66d 100644 --- a/chart/kube-flannel/templates/daemonset.yaml +++ b/chart/kube-flannel/templates/daemonset.yaml @@ -2,7 +2,6 @@ apiVersion: apps/v1 kind: DaemonSet metadata: name: kube-flannel-ds - namespace: {{ .Release.Namespace }} labels: tier: node app: flannel diff --git a/chart/kube-flannel/templates/serviceaccount.yaml b/chart/kube-flannel/templates/serviceaccount.yaml index c37316af1a..05c1d200a2 100644 --- a/chart/kube-flannel/templates/serviceaccount.yaml +++ b/chart/kube-flannel/templates/serviceaccount.yaml @@ -2,4 +2,3 @@ apiVersion: v1 kind: ServiceAccount metadata: name: flannel - namespace: {{ .Release.Namespace }} diff --git a/chart/kube-flannel/tests/daemonset_test.yaml b/chart/kube-flannel/tests/daemonset_test.yaml index 92b2ed45f2..561e8f9cae 100644 --- a/chart/kube-flannel/tests/daemonset_test.yaml +++ b/chart/kube-flannel/tests/daemonset_test.yaml @@ -1,8 +1,6 @@ suite: test daemonset templates: - daemonset.yaml -release: - namespace: kube-flannel-example-namespace tests: - it: should have the correct api version asserts: @@ -13,9 +11,6 @@ tests: - equal: path: metadata.name value: kube-flannel-ds - - equal: - path: metadata.namespace - value: kube-flannel-example-namespace - it: should have the correct image set: From 1215021de00c75cd91330f9a9b20e2ebb6f133af Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Tue, 21 Mar 2023 16:19:52 +0300 Subject: [PATCH 07/10] add namespace templating Signed-off-by: Aleksey Sviridkin --- chart/kube-flannel/templates/config.yaml | 1 + chart/kube-flannel/templates/daemonset.yaml | 1 + chart/kube-flannel/templates/serviceaccount.yaml | 1 + 3 files changed, 3 insertions(+) diff --git a/chart/kube-flannel/templates/config.yaml b/chart/kube-flannel/templates/config.yaml index 6391cc9eaa..e147c9ddb9 100644 --- a/chart/kube-flannel/templates/config.yaml +++ b/chart/kube-flannel/templates/config.yaml @@ -2,6 +2,7 @@ kind: ConfigMap apiVersion: v1 metadata: name: kube-flannel-cfg + namespace: {{ .Release.Namespace }} labels: tier: node app: flannel diff --git a/chart/kube-flannel/templates/daemonset.yaml b/chart/kube-flannel/templates/daemonset.yaml index 0ac153d66d..af7226db2e 100644 --- a/chart/kube-flannel/templates/daemonset.yaml +++ b/chart/kube-flannel/templates/daemonset.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: DaemonSet metadata: name: kube-flannel-ds + namespace: {{ .Release.Namespace }} labels: tier: node app: flannel diff --git a/chart/kube-flannel/templates/serviceaccount.yaml b/chart/kube-flannel/templates/serviceaccount.yaml index 05c1d200a2..c37316af1a 100644 --- a/chart/kube-flannel/templates/serviceaccount.yaml +++ b/chart/kube-flannel/templates/serviceaccount.yaml @@ -2,3 +2,4 @@ apiVersion: v1 kind: ServiceAccount metadata: name: flannel + namespace: {{ .Release.Namespace }} From 56de39037dfe4829a7217d19d78712805c9e9286 Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Tue, 21 Mar 2023 16:20:05 +0300 Subject: [PATCH 08/10] update helm install in readme Signed-off-by: Aleksey Sviridkin --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 632d8ef66f..fbe974855a 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,7 @@ If you use custom `podCIDR` (not `10.244.0.0/16`) you first need to download the ```bash kubectl create ns kube-flannel -kubectl label ns kube-flannel pod-security.kubernetes.io/enforce=privileged +kubectl label --overwrite ns kube-flannel pod-security.kubernetes.io/enforce=privileged helm install flannel --set podCidr="10.244.0.0/16" --namespace kube-flannel https://github.com/flannel-io/flannel/releases/latest/download/flannel.tgz ``` From ca4521f53fd357e5fb28dda91215ca34074ddef8 Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Tue, 21 Mar 2023 16:20:17 +0300 Subject: [PATCH 09/10] exclude tests from chart package Signed-off-by: Aleksey Sviridkin --- chart/kube-flannel/.helmignore | 1 + 1 file changed, 1 insertion(+) create mode 100644 chart/kube-flannel/.helmignore diff --git a/chart/kube-flannel/.helmignore b/chart/kube-flannel/.helmignore new file mode 100644 index 0000000000..3d0dbe4467 --- /dev/null +++ b/chart/kube-flannel/.helmignore @@ -0,0 +1 @@ +tests/ \ No newline at end of file From 87d16b25e3ec0474fc982bf89b526f29a4bfef73 Mon Sep 17 00:00:00 2001 From: Aleksey Sviridkin Date: Wed, 22 Mar 2023 14:15:07 +0300 Subject: [PATCH 10/10] add .helmignore to .helmignore Signed-off-by: Aleksey Sviridkin --- chart/kube-flannel/.helmignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/chart/kube-flannel/.helmignore b/chart/kube-flannel/.helmignore index 3d0dbe4467..1ae9e848d8 100644 --- a/chart/kube-flannel/.helmignore +++ b/chart/kube-flannel/.helmignore @@ -1 +1,2 @@ -tests/ \ No newline at end of file +tests/ +.helmignore