Merge pull request #75 from apoorva-05/master

Release of CIC-1.14.17, CNC-2.2.3, IPAM-1.0.3

citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: "1.13.20"
+appVersion: "1.14.17"
 description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running as sidecar.
 name: citrix-cpx-with-ingress-controller
-version: 1.13.20
+version: 1.14.17
 icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png
 home: https://www.citrix.com
 sources:

citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/README.md

@@ -11,6 +11,11 @@ In a [Kubernetes](https://kubernetes.io/) or [OpenShift](https://www.openshift.c
   helm install citrix-cpx-with-ingress-controller citrix/citrix-cloud-native --set cpx.enabled=true,cpx.license.accept=yes
   ```
 
+   To install Citrix Provided Custom Resource Definition(CRDs) along with Citrix Ingress Controller
+   ```
+   helm install citrix-cpx-with-ingress-controller citrix/citrix-cloud-native --set cpx.enabled=true,cpx.license.accept=yes,cpx.crds.install=true
+   ```
+
 ### For OpenShift
 
   ```
@@ -19,6 +24,11 @@ In a [Kubernetes](https://kubernetes.io/) or [OpenShift](https://www.openshift.c
   helm install citrix-cpx-with-ingress-controller citrix/citrix-cloud-native --set cpx.enabled=true,cpx.license.accept=yes,cpx.openshift=true
   ```
 
+  To install Citrix Provided Custom Resource Definition(CRDs) along with Citrix Ingress Controller
+  ```
+  helm install citrix-cpx-with-ingress-controller citrix/citrix-cloud-native --set cpx.enabled=true,cpx.license.accept=yes,cpx.openshift=true,cpx.crds.install=true
+  ```
+
 > **Important:**
 >
 > The "cpx.license.accept" is a mandatory argument and should be set to "yes" to accept the terms of the Citrix license.
@@ -366,7 +376,7 @@ The following table lists the configurable parameters of the Citrix ADC CPX with
 | cpx.license.accept | Mandatory | no | Set `yes` to accept the Citrix ingress controller end user license agreement. |
 | cpx.image | Mandatory | `quay.io/citrix/citrix-k8s-cpx-ingress:13.0-76.29` | The Citrix ADC CPX image. |
 | cpx.pullPolicy | Mandatory | IfNotPresent | The Citrix ADC CPX image pull policy. |
-| cpx.cic.image | Mandatory | `quay.io/citrix/citrix-k8s-ingress-controller:1.13.20` | The Citrix ingress controller image. |
+| cpx.cic.image | Mandatory | `quay.io/citrix/citrix-k8s-ingress-controller:1.14.17` | The Citrix ingress controller image. |
 | cpx.cic.pullPolicy | Mandatory | IfNotPresent | The Citrix ingress controller image pull policy. |
 | cpx.cic.required | Mandatory | true | CIC to be run as sidecar with Citrix ADC CPX |
 | cpx.logLevel | Optional | DEBUG | The loglevel to control the logs generated by CIC. The supported loglevels are: CRITICAL, ERROR, WARNING, INFO, DEBUG and TRACE. For more information, see [Logging](https://github.com/citrix/citrix-k8s-ingress-controller/blob/master/docs/configure/log-levels.md).|

citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/values.yaml

@@ -66,7 +66,7 @@ serviceAnnotations:
 
 # Citrix Ingress Controller config details
 cic:
-  image: quay.io/citrix/citrix-k8s-ingress-controller:1.13.20
+  image: quay.io/citrix/citrix-k8s-ingress-controller:1.14.17
   pullPolicy: IfNotPresent
   required: true
 entityPrefix:

citrix-cloud-native/charts/citrix-ingress-controller/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: "1.13.20"
+appVersion: "1.14.17"
 description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX.
 name: citrix-ingress-controller
-version: 1.13.20
+version: 1.14.17
 icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png
 home: https://www.citrix.com
 sources:

citrix-cloud-native/charts/citrix-ingress-controller/README.md

@@ -12,6 +12,11 @@
   helm install cic citrix/citrix-cloud-native --set cic.enabled=true,cic.nsIP=<NSIP>,cic.adcCredentialSecret=<Secret-of-Citrix-ADC-credentials>,cic.license.accept=yes
   ```
 
+  To install Citrix Provided Custom Resource Definition(CRDs) along with Citrix Ingress Controller
+  ```
+  helm install cic citrix/citrix-cloud-native --set cic.enabled=true,cic.nsIP=<NSIP>,cic.adcCredentialSecret=<Secret-of-Citrix-ADC-credentials>,cic.license.accept=yes,cic.crds.install=true
+  ```
+
 ### For OpenShift
 
   ```
@@ -20,6 +25,11 @@
   helm install cic citrix/citrix-cloud-native --set cic.enabled=true,cic.nsIP=<NSIP>,cic.adcCredentialSecret=<Secret-of-Citrix-ADC-credentials>,cic.license.accept=yes,cic.openshift=true
   ```
 
+  To install Citrix Provided Custom Resource Definition(CRDs) along with Citrix Ingress Controller
+  ```
+  helm install cic citrix/citrix-cloud-native --set cic.enabled=true,cic.nsIP=<NSIP>,cic.adcCredentialSecret=<Secret-of-Citrix-ADC-credentials>,cic.license.accept=yes,cic.openshift=true,cic.crds.install=true
+  ```
+
 > **Important:**
 >
 > The `cic.license.accept` argument is mandatory. Ensure that you set the value as `yes` to accept the terms and conditions of the Citrix license.
@@ -266,7 +276,7 @@ The following table lists the mandatory and optional parameters that you can con
 | --------- | --------------------- | ------------- | ----------- |
 | cic.enabled | Mandatory | False | Set to "True" for deploying Citrix Ingress Controller for Citrix ADC VPX/MPX. |
 | cic.license.accept | Mandatory | no | Set `yes` to accept the CIC end user license agreement. |
-| cic.image | Mandatory | `quay.io/citrix/citrix-k8s-ingress-controller:1.13.20` | The CIC image. |
+| cic.image | Mandatory | `quay.io/citrix/citrix-k8s-ingress-controller:1.14.17` | The CIC image. |
 | cic.pullPolicy | Mandatory | IfNotPresent | The CIC image pull policy. |
 | cic.adcCredentialSecret | Mandatory | N/A | The secret key to log on to the Citrix ADC VPX or MPX. For information on how to create the secret keys, see [Prerequisites](#prerequistes). |
 | cic.nsIP | Mandatory | N/A | The IP address of the Citrix ADC device. For details, see [Prerequisites](#prerequistes). |
@@ -276,10 +286,12 @@ The following table lists the mandatory and optional parameters that you can con
 | cic.nsProtocol | Optional | HTTPS | The protocol used by CIC to communicate with Citrix ADC. You can also use HTTP on port 80. |
 | cic.logLevel | Optional | DEBUG | The loglevel to control the logs generated by CIC. The supported loglevels are: CRITICAL, ERROR, WARNING, INFO, DEBUG and TRACE. For more information, see [Logging](https://github.com/citrix/citrix-k8s-ingress-controller/blob/master/docs/configure/log-levels.md).|
 | cic.kubernetesURL | Optional | N/A | The kube-apiserver url that CIC uses to register the events. If the value is not specified, CIC uses the [internal kube-apiserver IP address](https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-the-api-from-a-pod). |
+| cic.clusterName | Optional | N/A | The unique identifier of the kubernetes cluster on which the CIC is deployed. Used in multi-cluster deployments. |
 | cic.ingressClass | Optional | N/A | If multiple ingress load balancers are used to load balance different ingress resources. You can use this parameter to specify CIC to configure Citrix ADC associated with specific ingress class. For more information on Ingress class, see [Ingress class support](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/configure/ingress-classes/). For Kubernetes version >= 1.19, this will create an IngressClass object with the name specified here |
 | cic.setAsDefaultIngressClass | Optional | False | Set the IngressClass object as default ingress class. New Ingresses without an "ingressClassName" field specified will be assigned the class specified in ingressClass. Applicable only for kubernetes versions >= 1.19 |
 | cic.serviceClass | Optional | N/A | By Default ingress controller configures all TypeLB Service on the ADC. You can use this parameter to finetune this behavior by specifing CIC to only configure TypeLB Service with specific service class. For more information on Service class, see [Service class support](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/configure/service-classes/). |
 | cic.nodeWatch | Optional | false | Use the argument if you want to automatically configure network route from the Ingress Citrix ADC VPX or MPX to the pods in the Kubernetes cluster. For more information, see [Automatically configure route on the Citrix ADC instance](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/network/staticrouting/#automatically-configure-route-on-the-citrix-adc-instance). |
+| cic.cncPbr | Optional | False | Use this argument to inform CIC that Citrix Node Controller(CNC) is configuring Policy Based Routes(PBR) on the Citrix ADC. For more information, see [CNC-PBR-SUPPORT](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/docs/how-to/pbr.md#configure-pbr-using-the-citrix-node-controller) |
 | cic.defaultSSLCertSecret | Optional | N/A | Provide Kubernetes secret name that needs to be used as a default non-SNI certificate in Citrix ADC. |
 | cic.podIPsforServiceGroupMembers | Optional | False |  By default Citrix Ingress Controller will add NodeIP and NodePort as service group members while configuring type LoadBalancer Services and NodePort services. This variable if set to `True` will change the behaviour to add pod IP and Pod port instead of nodeIP and nodePort. Users can set this to 'True' if there is a route between ADC and K8s clusters internal pods either using feature-node-watch argument or using Citrix Node Controller. |
 | cic.ignoreNodeExternalIP | Optional | False | While adding NodeIP, as Service group members for type LoadBalancer services or NodePort services, Citrix Ingress Controller has a selection criteria whereas it choose Node ExternalIP if available and Node InternalIP, if Node ExternalIP is not present. But some users may want to use Node InternalIP over Node ExternalIP even if Node ExternalIP is present. If this variable is set to `True`, then it prioritises the Node Internal IP to be used for service group members even if node ExternalIP is present |
@@ -344,6 +356,14 @@ If your deployment uses one single Citrix ADC Device to loadbalance between mult
    helm install cic citrix/citrix-cloud-native --set cic.enabled=true,cic.nsIP=<NSIP>,cic.adcCredentialSecret=<Secret-of-Citrix-ADC-credentials>,cic.license.accept=yes,cic.nsSNIPS='[<NS_SNIP1>\, <NS_SNIP2>\, ...]'
    ```
 
+   [Citrix Node Controller](https://github.com/citrix/citrix-k8s-node-controller) by default also adds static routes while creating the VXLAN tunnel. To use [Policy Based Routing(PBR)] (https://docs.citrix.com/en-us/citrix-adc/current-release/networking/ip-routing/configuring-policy-based-routes/configuring-policy-based-routes-pbrs-for-ipv4-traffic.html) to avoid static route clash, both Citrix Node Controller and Citrix Ingress Controller has to work in conjunction and has to be started with specific arguments. For more details refer [CNC-PBR-SUPPORT](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/docs/how-to/pbr.md#configure-pbr-using-the-citrix-node-controller).
+
+   Use the following command to inform Citrix Ingress Controller that Citrix Node Controller is configuring Policy Based Routes(PBR) on the Citrix ADC
+ 
+   ```
+   helm install cic citrix/citrix-cloud-native --set cic.enabled=true,cic.nsIP=<NSIP>,cic.adcCredentialSecret=<Secret-of-Citrix-ADC-credentials>,cic.license.accept=yes,cic.clusterName=<unique-cluster-identifier>,cic.cncPbr=<True/False>
+   ```
+
 For configuring static routes manually on Citrix ADC VPX or MPX to reach the pods inside the cluster follow:
 ### For Kubernetes:
 1. Obtain podCIDR using below options:

citrix-cloud-native/charts/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml

@@ -63,6 +63,8 @@ spec:
 {{- end }}
           - --feature-node-watch
             {{ .Values.nodeWatch }}
+          - --enable-cnc-pbr
+            {{ .Values.cncPbr }}
 {{- if .Values.ipam }}
           - --ipam
             citrix-ipam-controller
@@ -104,6 +106,10 @@ spec:
         - name: "kubernetes_url"
           value: "{{ .Values.kubernetesURL }}"
 {{- end }}
+{{- if .Values.clusterName }}
+        - name: "CLUSTER_NAME"
+          value: "{{ .Values.clusterName }}"
+{{- end }}
 {{- if .Values.logProxy }}
         - name: "NS_LOGPROXY"
           value: "{{ .Values.logProxy }}"

citrix-cloud-native/charts/citrix-ingress-controller/values.yaml

@@ -3,7 +3,7 @@
 # Declare variables to be passed into your templates.
 
 # Citrix Ingress Controller config details
-image: quay.io/citrix/citrix-k8s-ingress-controller:1.13.20
+image: quay.io/citrix/citrix-k8s-ingress-controller:1.14.17
 pullPolicy: IfNotPresent
 openshift: false
 adcCredentialSecret:
@@ -17,6 +17,7 @@ nsProtocol: HTTPS
 logLevel: INFO
 entityPrefix:
 kubernetesURL:
+clusterName:
 ingressClass:
 setAsDefaultIngressClass: False
 serviceClass:
@@ -26,6 +27,7 @@ ignoreNodeExternalIP: False
 ipam: False
 logProxy:
 nodeWatch: false
+cncPbr: False
 nodeSelector:
   key:
   value:

citrix-cloud-native/charts/citrix-ipam-controller/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v2
 name: citrix-ipam-controller
 description: A Helm chart for Citrix IPAM Controller which automatically allocate an IP address to the service of type LoadBalancer.
-version: 0.0.1
-appVersion: "0.0.1"
+version: 1.0.3
+appVersion: "1.0.3"
 type: application
 icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png
 home: https://www.citrix.com

citrix-cloud-native/charts/citrix-ipam-controller/README.md

@@ -47,7 +47,7 @@ The following table lists the configurable parameters of the Citrix ADC CPX with
 
 | Parameters | Mandatory or Optional | Default value | Description |
 | ---------- | --------------------- | ------------- | ----------- |
-| ipam.image | Mandatory | `quay.io/citrix/citrix-ipam-controller:0.0.1` | The Citrix IPAM Contoller image. |
+| ipam.image | Mandatory | `quay.io/citrix/citrix-ipam-controller:1.0.3` | The Citrix IPAM Contoller image. |
 | ipam.pullPolicy | Mandatory | `IfNotPresent` | The Citrix IPAM Contoller image pull policy. |
 | ipam.vipRange | Mandatory | N/A | This variable allows you to define the IP address range. You can either define IP address range or an IP address range associated with a unique name. Citrix IPAM controller assigns the IP address from this IP address range to the service of type LoadBalancer. |
 

citrix-cloud-native/charts/citrix-ipam-controller/values.yaml

@@ -2,7 +2,7 @@
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
 
-image: quay.io/citrix/citrix-ipam-controller:0.0.1
+image: quay.io/citrix/citrix-ipam-controller:1.0.3
 pullPolicy: IfNotPresent
 
 vipRange:

citrix-cloud-native/charts/citrix-multi-cluster-ingress-controller/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v1
-appVersion: "1.13.20"
+appVersion: "1.14.17"
 description: A Helm chart for Citrix Multi-Cluster Ingress Controller configuring MPX/VPX.
 name: citrix-multi-cluster-ingress-controller
-version: 1.13.20
+version: 1.14.17
 icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png
 home: https://www.citrix.com
 maintainers:

citrix-cloud-native/charts/citrix-multi-cluster-ingress-controller/README.md

@@ -11,6 +11,11 @@
    helm install multi-cluster citrix/citrix-cloud-native --set mcIngress.localRegion=<local-cluster-region>,mcIngress.localCluster=<local-cluster-name>,mcIngress.sitedata[0].siteName=<site1-name>,mcIngress.sitedata[0].siteIp=<site1-ip-address>,mcIngress.sitedata[0].secretName=<site1-login-file>,mcIngress.sitedata[1].siteName=<site2-name>,mcIngress.sitedata[1].siteIp=<site2-ip-address>,mcIngress.sitedata[1].secretName=<site2-login-file>,mcIngress.license.accept=yes
    ```
 
+   To install Citrix Provided Custom Resource Definition(CRDs) along with Citrix Ingress Controller
+   ```
+   helm install multi-cluster citrix/citrix-cloud-native --set mcIngress.localRegion=<local-cluster-region>,mcIngress.localCluster=<local-cluster-name>,mcIngress.sitedata[0].siteName=<site1-name>,mcIngress.sitedata[0].siteIp=<site1-ip-address>,mcIngress.sitedata[0].secretName=<site1-login-file>,mcIngress.sitedata[1].siteName=<site2-name>,mcIngress.sitedata[1].siteIp=<site2-ip-address>,mcIngress.sitedata[1].secretName=<site2-login-file>,mcIngress.license.accept=yes,mcIngress.crds.install=true
+   ```
+
 ### For OpenShift
 
    ```
@@ -19,6 +24,10 @@
    helm install multi-cluster citrix/citrix-cloud-native --set mcIngress.localRegion=<local-cluster-region>,mcIngress.localCluster=<local-cluster-name>,mcIngress.sitedata[0].siteName=<site1-name>,mcIngress.sitedata[0].siteIp=<site1-ip-address>,mcIngress.sitedata[0].secretName=<site1-login-file>,mcIngress.sitedata[1].siteName=<site2-name>,mcIngress.sitedata[1].siteIp=<site2-ip-address>,mcIngress.sitedata[1].secretName=<site2-login-file>,mcIngress.license.accept=yes,mcIngress.openshift=true
    ```
 
+  To install Citrix Provided Custom Resource Definition(CRDs) along with Citrix Ingress Controller
+  ```
+   helm install multi-cluster citrix/citrix-cloud-native --set mcIngress.localRegion=<local-cluster-region>,mcIngress.localCluster=<local-cluster-name>,mcIngress.sitedata[0].siteName=<site1-name>,mcIngress.sitedata[0].siteIp=<site1-ip-address>,mcIngress.sitedata[0].secretName=<site1-login-file>,mcIngress.sitedata[1].siteName=<site2-name>,mcIngress.sitedata[1].siteIp=<site2-ip-address>,mcIngress.sitedata[1].secretName=<site2-login-file>,mcIngress.license.accept=yes,mcIngress.openshift=true,mcIngress.crds.install=true
+  ```
 > **Important:**
 >
 > The `license.accept` argument is mandatory. Ensure that you set the value as `yes` to accept the terms and conditions of the Citrix license.
@@ -161,7 +170,7 @@ The following table lists the mandatory and optional parameters that you can con
 | Parameters | Mandatory or Optional | Default value | Description |
 | --------- | --------------------- | ------------- | ----------- |
 | mcIngress.license.accept | Mandatory | no | Set `yes` to accept the CIC end user license agreement. |
-| mcIngress.image | Optional | `quay.io/citrix/citrix-k8s-ingress-controller:1.13.20` | The CIC image. |
+| mcIngress.image | Optional | `quay.io/citrix/citrix-k8s-ingress-controller:1.14.17` | The CIC image. |
 | mcIngress.pullPolicy | Optional | Always | The CIC image pull policy. |
 | mcIngress.nsPort | Optional | 443 | The port used by CIC to communicate with Citrix ADC. You can use port 80 for HTTP. |
 | mcIngress.nsProtocol | Optional | HTTPS | The protocol used by CIC to communicate with Citrix ADC. You can also use HTTP on port 80. |

citrix-cloud-native/charts/citrix-multi-cluster-ingress-controller/values.yaml

@@ -3,7 +3,7 @@
 # Declare variables to be passed into your templates.
 
 # image contains information needed to fetch CIC image
-image: quay.io/citrix/citrix-k8s-ingress-controller:1.13.20
+image: quay.io/citrix/citrix-k8s-ingress-controller:1.14.17
 pullPolicy: IfNotPresent
 # openshift is set to true if charts are being deployed in OpenShift environment.
 openshift: false

citrix-cloud-native/charts/citrix-node-controller/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: "2.2.2"
+appVersion: "2.2.3"
 description: A Helm chart for Citrix k8s node controller
 home: https://www.citrix.com
 icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png 
@@ -9,4 +9,4 @@ maintainers:
 name: citrix-node-controller
 sources:
 - https://github.com/citrix/citrix-k8s-node-controller
-version: 2.2.2
+version: 2.2.3