diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml index deae1982..603783d1 100644 --- a/.github/workflows/e2e-tests.yml +++ b/.github/workflows/e2e-tests.yml @@ -22,6 +22,47 @@ jobs: docker build -f Dockerfile.varnishd -t ibmcom/varnish:local . docker build -f Dockerfile.controller -t ibmcom/varnish-controller:local . docker build -f Dockerfile.exporter -t ibmcom/varnish-metrics-exporter:local . + - name: Create k8s Kind Cluster v1.22.0 + uses: helm/kind-action@v1.2.0 + with: + version: v0.11.1 + cluster_name: e2e-tests + node_image: kindest/node:v1.22.0@sha256:b8bda84bb3a190e6e028b1760d277454a72267a5454b57db34437c34a588d047 + - name: create namespace + run: kubectl create namespace varnish-operator + - name: load images + run: | + kind load --name e2e-tests docker-image ibmcom/varnish-operator:local + kind load --name e2e-tests docker-image ibmcom/varnish:local + kind load --name e2e-tests docker-image ibmcom/varnish-controller:local + kind load --name e2e-tests docker-image ibmcom/varnish-metrics-exporter:local + - name: install operator + id: helm + run: helm install varnish-operator --debug --namespace=varnish-operator varnish-operator --wait --set container.imagePullPolicy=Never --set container.image=ibmcom/varnish-operator:local + - name: run tests + run: go test -count=1 ./tests #-count=1 is to disable tests caching. + - name: delete cluster + run: kind delete cluster --name=e2e-tests + - name: Create k8s Kind Cluster v1.21.1 + uses: helm/kind-action@v1.2.0 + with: + version: v0.11.1 + cluster_name: e2e-tests + node_image: kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6 + - name: create namespace + run: kubectl create namespace varnish-operator + - name: load images + run: | + kind load --name e2e-tests docker-image ibmcom/varnish-operator:local + kind load --name e2e-tests docker-image ibmcom/varnish:local + kind load --name e2e-tests docker-image ibmcom/varnish-controller:local + kind load --name e2e-tests docker-image ibmcom/varnish-metrics-exporter:local + - name: install operator + run: helm install varnish-operator --debug --namespace=varnish-operator varnish-operator --wait --set container.imagePullPolicy=Never --set container.image=ibmcom/varnish-operator:local + - name: run tests + run: go test -count=1 ./tests #-count=1 is to disable tests caching. + - name: delete cluster + run: kind delete cluster --name=e2e-tests - name: Create k8s Kind Cluster v1.20.0 uses: helm/kind-action@v1.2.0 with: @@ -37,7 +78,6 @@ jobs: kind load --name e2e-tests docker-image ibmcom/varnish-controller:local kind load --name e2e-tests docker-image ibmcom/varnish-metrics-exporter:local - name: install operator - id: helm run: helm install varnish-operator --debug --namespace=varnish-operator varnish-operator --wait --set container.imagePullPolicy=Never --set container.image=ibmcom/varnish-operator:local - name: run tests run: go test -count=1 ./tests #-count=1 is to disable tests caching. diff --git a/Makefile b/Makefile index 92db31d3..255bcc10 100644 --- a/Makefile +++ b/Makefile @@ -10,7 +10,7 @@ VARNISH_CONTROLLER_IMG ?= ${VARNISH_CONTROLLER_PUBLISH_IMG}-dev VARNISH_METRICS_PUBLISH_IMG ?= varnish-metrics-exporter:${VERSION} VARNISH_METRICS_IMG ?= ${VARNISH_METRICS_PUBLISH_IMG}-dev NAMESPACE ?= "default" -CRD_OPTIONS ?= "crd:crdVersions=v1,trivialVersions=false" +CRD_OPTIONS ?= "crd:crdVersions=v1" # all: test varnish-operator all: test varnish-operator varnish-controller diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index a15fba26..e7455fa6 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -6,7 +6,7 @@ package v1alpha1 import ( appsv1 "k8s.io/api/apps/v1" - "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/api/policy/v1beta1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/config/crd/bases/caching.ibm.com_varnishclusters.yaml b/config/crd/bases/caching.ibm.com_varnishclusters.yaml index b47b26c9..b4f82256 100644 --- a/config/crd/bases/caching.ibm.com_varnishclusters.yaml +++ b/config/crd/bases/caching.ibm.com_varnishclusters.yaml @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.6.1 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: varnishclusters.caching.ibm.com spec: @@ -320,10 +320,71 @@ spec: The requirements are ANDed. type: object type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. This field is alpha-level + and is only honored when PodAffinityNamespaceSelector + feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace" items: type: string type: array @@ -415,10 +476,66 @@ spec: requirements are ANDed. type: object type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + This field is alpha-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object namespaces: - description: namespaces specifies which namespaces the - labelSelector applies to (matches against); null or - empty list means "this pod's namespace" + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace" items: type: string type: array @@ -512,10 +629,71 @@ spec: The requirements are ANDed. type: object type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. This field is alpha-level + and is only honored when PodAffinityNamespaceSelector + feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace" items: type: string type: array @@ -607,10 +785,66 @@ spec: requirements are ANDed. type: object type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + This field is alpha-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object namespaces: - description: namespaces specifies which namespaces the - labelSelector applies to (matches against); null or - empty list means "this pod's namespace" + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace" items: type: string type: array @@ -745,7 +979,10 @@ spec: x-kubernetes-int-or-string: true selector: description: Label query over pods whose evictions are managed - by the disruption budget. + by the disruption budget. A null selector selects no pods. An + empty selector ({}) also selects no pods, which differs from + standard behavior of selecting all pods. In policy/v1, an empty + selector will select all pods in the namespace. properties: matchExpressions: description: matchExpressions is a list of label selector @@ -921,7 +1158,7 @@ spec: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -934,7 +1171,7 @@ spec: compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object type: object @@ -1007,7 +1244,7 @@ spec: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1020,7 +1257,7 @@ spec: compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object type: object @@ -1036,7 +1273,7 @@ spec: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1048,7 +1285,7 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object type: object diff --git a/docs/development.md b/docs/development.md index be7c8a55..0c88358e 100644 --- a/docs/development.md +++ b/docs/development.md @@ -91,7 +91,7 @@ This can be done using the helm template configured to use your custom image: docker build -t -f Dockerfile . docker push make manifests #make sure your helm charts are in sync with current CRD and RBAC definitions -helm install --name varnish-operator --namespace varnish-operator-system --set container.image= ./varnish-operator +helm install varnish-operator --namespace varnish-operator-system --set container.image= ./varnish-operator ``` Check the operator pod logs to make sure all works as expected: diff --git a/docs/installation.md b/docs/installation.md index 8b1ec679..3b51e2bc 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -25,7 +25,7 @@ $ kubectl create ns varnish-operator Install the operator: ```bash -$ helm install --name varnish-operator --namespace varnish-operator varnish-operator/varnish-operator +$ helm install varnish-operator --namespace varnish-operator varnish-operator/varnish-operator ``` You should see your operator pod up and running: diff --git a/docs/quick-start.md b/docs/quick-start.md index d85c1481..a1ef7820 100644 --- a/docs/quick-start.md +++ b/docs/quick-start.md @@ -15,7 +15,7 @@ $ helm repo update ### Install Varnish Operator ```bash -$ helm install --name varnish-operator --namespace varnish-operator varnish-operator/varnish-operator +$ helm install varnish-operator --namespace varnish-operator varnish-operator/varnish-operator ``` You should see your operator pod up and running: diff --git a/pkg/varnishcluster/controller/varnishcluster_headless_service.go b/pkg/varnishcluster/controller/varnishcluster_headless_service.go index c544860d..73332b3c 100644 --- a/pkg/varnishcluster/controller/varnishcluster_headless_service.go +++ b/pkg/varnishcluster/controller/varnishcluster_headless_service.go @@ -70,13 +70,18 @@ func (r *ReconcileVarnishCluster) reconcileHeadlessService(ctx context.Context, } } else if err != nil { return errors.Wrap(err, "could not get current state of Headless Service") - } else if !compare.EqualService(found, desired) { - logr.Infoc("Updating Headless Service", "diff", compare.DiffService(found, desired)) - if err = r.Update(ctx, found); err != nil { - return errors.Wrap(err, "could not update Headless Service") - } } else { - logr.Debugw("No updates for Headless Service") + desired.Spec.InternalTrafficPolicy = found.Spec.InternalTrafficPolicy + desired.Spec.IPFamilyPolicy = found.Spec.IPFamilyPolicy + desired.Spec.IPFamilies = found.Spec.IPFamilies + if !compare.EqualService(found, desired) { + logr.Infoc("Updating Headless Service", "diff", compare.DiffService(found, desired)) + if err = r.Update(ctx, found); err != nil { + return errors.Wrap(err, "could not update Headless Service") + } + } else { + logr.Debugw("No updates for Headless Service") + } } return nil diff --git a/pkg/varnishcluster/controller/varnishcluster_service.go b/pkg/varnishcluster/controller/varnishcluster_service.go index c827bea4..71025278 100644 --- a/pkg/varnishcluster/controller/varnishcluster_service.go +++ b/pkg/varnishcluster/controller/varnishcluster_service.go @@ -141,7 +141,9 @@ func (r *ReconcileVarnishCluster) reconcileServiceGeneric(ctx context.Context, i // ClusterIP is immutable once created, so always enforce the same as existing desired.Spec.ClusterIP = found.Spec.ClusterIP desired.Spec.ClusterIPs = found.Spec.ClusterIPs - + desired.Spec.IPFamilies = found.Spec.IPFamilies + desired.Spec.IPFamilyPolicy = found.Spec.IPFamilyPolicy + desired.Spec.InternalTrafficPolicy = found.Spec.InternalTrafficPolicy // use nodePort from the spec or the one allocated by Kubernetes if desired.Spec.Type == v1.ServiceTypeLoadBalancer || desired.Spec.Type == v1.ServiceTypeNodePort { inheritNodePorts(desired.Spec.Ports, found.Spec.Ports) diff --git a/varnish-operator/crds/varnishcluster.yaml b/varnish-operator/crds/varnishcluster.yaml index 1ebaa933..5e13de55 100644 --- a/varnish-operator/crds/varnishcluster.yaml +++ b/varnish-operator/crds/varnishcluster.yaml @@ -2,7 +2,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.6.1 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: varnishclusters.caching.ibm.com spec: @@ -322,10 +322,71 @@ spec: The requirements are ANDed. type: object type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. This field is alpha-level + and is only honored when PodAffinityNamespaceSelector + feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace" items: type: string type: array @@ -417,10 +478,66 @@ spec: requirements are ANDed. type: object type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + This field is alpha-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object namespaces: - description: namespaces specifies which namespaces the - labelSelector applies to (matches against); null or - empty list means "this pod's namespace" + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace" items: type: string type: array @@ -514,10 +631,71 @@ spec: The requirements are ANDed. type: object type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. This field is alpha-level + and is only honored when PodAffinityNamespaceSelector + feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace" items: type: string type: array @@ -609,10 +787,66 @@ spec: requirements are ANDed. type: object type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + This field is alpha-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object namespaces: - description: namespaces specifies which namespaces the - labelSelector applies to (matches against); null or - empty list means "this pod's namespace" + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace" items: type: string type: array @@ -747,7 +981,10 @@ spec: x-kubernetes-int-or-string: true selector: description: Label query over pods whose evictions are managed - by the disruption budget. + by the disruption budget. A null selector selects no pods. An + empty selector ({}) also selects no pods, which differs from + standard behavior of selecting all pods. In policy/v1, an empty + selector will select all pods in the namespace. properties: matchExpressions: description: matchExpressions is a list of label selector @@ -923,7 +1160,7 @@ spec: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -936,7 +1173,7 @@ spec: compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object type: object @@ -1009,7 +1246,7 @@ spec: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1022,7 +1259,7 @@ spec: compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object type: object @@ -1038,7 +1275,7 @@ spec: pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -1050,7 +1287,7 @@ spec: description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object type: object diff --git a/varnish-operator/templates/job-cert-patch/job-createSecret.yaml b/varnish-operator/templates/job-cert-patch/job-createSecret.yaml index c33049aa..04836fa0 100644 --- a/varnish-operator/templates/job-cert-patch/job-createSecret.yaml +++ b/varnish-operator/templates/job-cert-patch/job-createSecret.yaml @@ -16,7 +16,7 @@ spec: spec: containers: - name: create - image: jettech/kube-webhook-certgen:v1.5.0 + image: k8s.gcr.io/ingress-nginx/kube-webhook-certgen:v1.1.1 imagePullPolicy: Always args: - create diff --git a/varnish-operator/templates/job-cert-patch/job-patchWebhook.yaml b/varnish-operator/templates/job-cert-patch/job-patchWebhook.yaml index 77ea522f..8c10b020 100644 --- a/varnish-operator/templates/job-cert-patch/job-patchWebhook.yaml +++ b/varnish-operator/templates/job-cert-patch/job-patchWebhook.yaml @@ -16,7 +16,7 @@ spec: spec: containers: - name: patch - image: jettech/kube-webhook-certgen:v1.5.0 + image: k8s.gcr.io/ingress-nginx/kube-webhook-certgen:v1.1.1 imagePullPolicy: Always args: - patch