From 0079d25d22f0d31eb9fd10e8a07977b0bd83271c Mon Sep 17 00:00:00 2001 From: Roman Hros Date: Thu, 28 Nov 2024 12:49:27 +0100 Subject: [PATCH 1/2] :bug: Fix kube-vip apiserver load balancer (#175) * Add managedSubnets only for non-kube-vip apiserver_loadbalancer Signed-off-by: Roman Hros * Enable apiServerLoadBalancer only for octavia LB Signed-off-by: Roman Hros --------- Signed-off-by: Roman Hros --- .../scs/cluster-class/templates/cluster-class.yaml | 6 +++--- .../cluster-class/templates/openstack-cluster-template.yaml | 6 ------ providers/openstack/scs/cluster-class/values.yaml | 6 +----- 3 files changed, 4 insertions(+), 14 deletions(-) diff --git a/providers/openstack/scs/cluster-class/templates/cluster-class.yaml b/providers/openstack/scs/cluster-class/templates/cluster-class.yaml index 65303efa..342a4c63 100644 --- a/providers/openstack/scs/cluster-class/templates/cluster-class.yaml +++ b/providers/openstack/scs/cluster-class/templates/cluster-class.yaml @@ -356,7 +356,7 @@ cre ate group names like oidc:engineering and oidc:infra." matchResources: infrastructureCluster: true jsonPatches: - - op: add + - op: replace path: "/spec/template/spec/apiServerLoadBalancer/enabled" value: true - op: add @@ -372,7 +372,7 @@ cre ate group names like oidc:engineering and oidc:infra." matchResources: infrastructureCluster: true jsonPatches: - - op: add + - op: replace path: "/spec/template/spec/apiServerLoadBalancer/enabled" value: true - op: add @@ -812,7 +812,7 @@ cre ate group names like oidc:engineering and oidc:infra." matchResources: infrastructureCluster: true jsonPatches: - - op: replace + - op: add path: "/spec/template/spec/managedSubnets" valueFrom: template: | diff --git a/providers/openstack/scs/cluster-class/templates/openstack-cluster-template.yaml b/providers/openstack/scs/cluster-class/templates/openstack-cluster-template.yaml index cb9b3e60..ce689a2a 100644 --- a/providers/openstack/scs/cluster-class/templates/openstack-cluster-template.yaml +++ b/providers/openstack/scs/cluster-class/templates/openstack-cluster-template.yaml @@ -45,9 +45,3 @@ spec: portRangeMax: 4244 protocol: tcp description: "Allow Hubble traffic for Cilium" - managedSubnets: - - cidr: {{ .Values.node_cidr }} - dnsNameservers: - {{- range .Values.dns_nameservers }} - - {{ . }} - {{- end }} diff --git a/providers/openstack/scs/cluster-class/values.yaml b/providers/openstack/scs/cluster-class/values.yaml index 530ae151..d1650e66 100644 --- a/providers/openstack/scs/cluster-class/values.yaml +++ b/providers/openstack/scs/cluster-class/values.yaml @@ -1,14 +1,10 @@ # mirrored from variables.tf -dns_nameservers: - - 5.1.66.255 - - 185.150.99.255 controller_flavor: SCS-2V-4-20 worker_flavor: SCS-2V-4-20 -node_cidr: 10.8.0.0/20 restrict_kubeapi: [] # newly introduced: -openstack_loadbalancer_apiserver: true +openstack_loadbalancer_apiserver: false # TBD, currently needed: images: From ab31416e36bbe8d1dde2de4edd1861636421d135 Mon Sep 17 00:00:00 2001 From: Roman Hros Date: Tue, 3 Dec 2024 09:47:24 +0100 Subject: [PATCH 2/2] Update kubevirt csi-driver image (#187) Replace registry.dnation.cloud image with the latest official one Signed-off-by: Roman Hros --- .../cluster-addon/templates/csi-driver-tenant-template.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/providers/kubevirt/alpha/1-29/cluster-addon/templates/csi-driver-tenant-template.yaml b/providers/kubevirt/alpha/1-29/cluster-addon/templates/csi-driver-tenant-template.yaml index 15c480c0..c7cde17a 100644 --- a/providers/kubevirt/alpha/1-29/cluster-addon/templates/csi-driver-tenant-template.yaml +++ b/providers/kubevirt/alpha/1-29/cluster-addon/templates/csi-driver-tenant-template.yaml @@ -206,7 +206,7 @@ spec: privileged: true allowPrivilegeEscalation: true imagePullPolicy: Always - image: registry.dnation.cloud/test-mg/kubevirt-csi-driver:latest + image: quay.io/kubevirt/kubevirt-csi-driver:latest args: - "--endpoint=unix:/csi/csi.sock" - "--node-name=$(KUBE_NODE_NAME)"