diff --git a/Documentation/helm-values.rst b/Documentation/helm-values.rst index d44066e9c50a..a875c4979b96 100644 --- a/Documentation/helm-values.rst +++ b/Documentation/helm-values.rst @@ -275,7 +275,7 @@ * - certgen - Configure certificate generation for Hubble integration. If hubble.tls.auto.method=cronJob, these values are used for the Kubernetes CronJob which will be scheduled regularly to (re)generate any certificates not provided manually. - object - - ``{"annotations":{"cronJob":{},"job":{}},"extraVolumeMounts":[],"extraVolumes":[],"image":{"digest":"sha256:4a456552a5f192992a6edcec2febb1c54870d665173a33dc7d876129b199ddbd","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/certgen","tag":"v0.1.8","useDigest":true},"podLabels":{},"tolerations":[],"ttlSecondsAfterFinished":1800}`` + - ``{"annotations":{"cronJob":{},"job":{}},"extraVolumeMounts":[],"extraVolumes":[],"image":{"digest":"sha256:4a456552a5f192992a6edcec2febb1c54870d665173a33dc7d876129b199ddbd","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/certgen","tag":"v0.1.8","useDigest":true},"podLabels":{},"tolerations":[],"ttlSecondsAfterFinished":1800}`` * - certgen.annotations - Annotations to be added to the hubble-certgen initial Job and CronJob - object @@ -339,7 +339,7 @@ * - clustermesh.apiserver.etcd.image - Clustermesh API server etcd image. - object - - ``{"digest":"sha256:795d8660c48c439a7c3764c2330ed9222ab5db5bb524d8d0607cac76f7ba82a3","override":null,"pullPolicy":"Always","repository":"quay.io/coreos/etcd","tag":"v3.5.4","useDigest":true}`` + - ``{"digest":"sha256:795d8660c48c439a7c3764c2330ed9222ab5db5bb524d8d0607cac76f7ba82a3","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/coreos/etcd","tag":"v3.5.4","useDigest":true}`` * - clustermesh.apiserver.etcd.init.resources - Specifies the resources for etcd init container in the apiserver - object @@ -367,7 +367,7 @@ * - clustermesh.apiserver.image - Clustermesh API server image. - object - - ``{"digest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/clustermesh-apiserver-ci","tag":"latest","useDigest":false}`` + - ``{"digest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/clustermesh-apiserver","tag":"v1.14.0-snapshot.2","useDigest":false}`` * - clustermesh.apiserver.nodeSelector - Node labels for pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - object @@ -843,7 +843,7 @@ * - etcd.image - cilium-etcd-operator image. - object - - ``{"digest":"sha256:04b8327f7f992693c2cb483b999041ed8f92efc8e14f2a5f3ab95574a65ea2dc","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/cilium-etcd-operator","tag":"v2.0.7","useDigest":true}`` + - ``{"digest":"sha256:04b8327f7f992693c2cb483b999041ed8f92efc8e14f2a5f3ab95574a65ea2dc","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium-etcd-operator","tag":"v2.0.7","useDigest":true}`` * - etcd.k8sService - If etcd is behind a k8s service set this option to true so that Cilium does the service translation automatically without requiring a DNS to be running. - bool @@ -1083,7 +1083,7 @@ * - hubble.relay.image - Hubble-relay container image. - object - - ``{"digest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/hubble-relay-ci","tag":"latest","useDigest":false}`` + - ``{"digest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-relay","tag":"v1.14.0-snapshot.2","useDigest":false}`` * - hubble.relay.listenHost - Host to listen to. Specify an empty string to bind to all the interfaces. - string @@ -1311,7 +1311,7 @@ * - hubble.ui.backend.image - Hubble-ui backend image. - object - - ``{"digest":"sha256:14c04d11f78da5c363f88592abae8d2ecee3cbe009f443ef11df6ac5f692d839","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/hubble-ui-backend","tag":"v0.11.0","useDigest":true}`` + - ``{"digest":"sha256:14c04d11f78da5c363f88592abae8d2ecee3cbe009f443ef11df6ac5f692d839","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-ui-backend","tag":"v0.11.0","useDigest":true}`` * - hubble.ui.backend.resources - Resource requests and limits for the 'backend' container of the 'hubble-ui' deployment. - object @@ -1343,7 +1343,7 @@ * - hubble.ui.frontend.image - Hubble-ui frontend image. - object - - ``{"digest":"sha256:bcb369c47cada2d4257d63d3749f7f87c91dde32e010b223597306de95d1ecc8","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/hubble-ui","tag":"v0.11.0","useDigest":true}`` + - ``{"digest":"sha256:bcb369c47cada2d4257d63d3749f7f87c91dde32e010b223597306de95d1ecc8","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-ui","tag":"v0.11.0","useDigest":true}`` * - hubble.ui.frontend.resources - Resource requests and limits for the 'frontend' container of the 'hubble-ui' deployment. - object @@ -1451,7 +1451,7 @@ * - image - Agent container image. - object - - ``{"digest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/cilium-ci","tag":"latest","useDigest":false}`` + - ``{"digest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.14.0-snapshot.2","useDigest":false}`` * - imagePullSecrets - Configure image pull secrets for pulling container images - string @@ -1739,7 +1739,7 @@ * - nodeinit.image - node-init image. - object - - ``{"override":null,"pullPolicy":"Always","repository":"quay.io/cilium/startup-script","tag":"d69851597ea019af980891a4628fb36b7880ec26"}`` + - ``{"override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/startup-script","tag":"d69851597ea019af980891a4628fb36b7880ec26"}`` * - nodeinit.nodeSelector - Node labels for nodeinit pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - object @@ -1831,7 +1831,7 @@ * - operator.image - cilium-operator image. - object - - ``{"alibabacloudDigest":"","awsDigest":"","azureDigest":"","genericDigest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/operator","suffix":"-ci","tag":"latest","useDigest":false}`` + - ``{"alibabacloudDigest":"","awsDigest":"","azureDigest":"","genericDigest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/operator","suffix":"","tag":"v1.14.0-snapshot.2","useDigest":false}`` * - operator.nodeGCInterval - Interval for cilium node garbage collection. - string @@ -2019,7 +2019,7 @@ * - preflight.image - Cilium pre-flight image. - object - - ``{"digest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/cilium-ci","tag":"latest","useDigest":false}`` + - ``{"digest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.14.0-snapshot.2","useDigest":false}`` * - preflight.nodeSelector - Node labels for preflight pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector - object diff --git a/Documentation/network/kubernetes/compatibility-table.rst b/Documentation/network/kubernetes/compatibility-table.rst index 608413c96ca0..4f2e1be19c94 100644 --- a/Documentation/network/kubernetes/compatibility-table.rst +++ b/Documentation/network/kubernetes/compatibility-table.rst @@ -1,98 +1,62 @@ -+-----------------+----------------+ -| Cilium | CNP and CCNP | -| Version | Schema Version | -+-----------------+----------------+ -| v1.11.0-rc0 | 1.24.1 | -+-----------------+----------------+ -| v1.11.0-rc1 | 1.24.1 | -+-----------------+----------------+ -| v1.11.0-rc2 | 1.24.2 | -+-----------------+----------------+ -| v1.11.0-rc3 | 1.24.2 | -+-----------------+----------------+ -| v1.11.0 | 1.24.2 | -+-----------------+----------------+ -| v1.11.1 | 1.24.3 | -+-----------------+----------------+ -| v1.11.2 | 1.24.3 | -+-----------------+----------------+ -| v1.11.3 | 1.24.3 | -+-----------------+----------------+ -| v1.11.4 | 1.24.3 | -+-----------------+----------------+ -| v1.11.5 | 1.24.3 | -+-----------------+----------------+ -| v1.11.6 | 1.24.3 | -+-----------------+----------------+ -| v1.11.7 | 1.24.3 | -+-----------------+----------------+ -| v1.11.8 | 1.24.4 | -+-----------------+----------------+ -| v1.11.9 | 1.24.4 | -+-----------------+----------------+ -| v1.11.10 | 1.24.4 | -+-----------------+----------------+ -| v1.11.11 | 1.24.4 | -+-----------------+----------------+ -| v1.11.12 | 1.24.4 | -+-----------------+----------------+ -| v1.11.13 | 1.24.4 | -+-----------------+----------------+ -| v1.11.14 | 1.24.4 | -+-----------------+----------------+ -| v1.11.15 | 1.24.4 | -+-----------------+----------------+ -| v1.11 | 1.24.4 | -+-----------------+----------------+ -| v1.12.0-rc0 | 1.25.1 | -+-----------------+----------------+ -| v1.12.0-rc1 | 1.26.0 | -+-----------------+----------------+ -| v1.12.0-rc2 | 1.25.2 | -+-----------------+----------------+ -| v1.12.0-rc3 | 1.25.3 | -+-----------------+----------------+ -| v1.12.0 | 1.25.4 | -+-----------------+----------------+ -| v1.12.1 | 1.25.5 | -+-----------------+----------------+ -| v1.12.2 | 1.25.6 | -+-----------------+----------------+ -| v1.12.3 | 1.25.6 | -+-----------------+----------------+ -| v1.12.4 | 1.25.6 | -+-----------------+----------------+ -| v1.12.5 | 1.25.6 | -+-----------------+----------------+ -| v1.12.6 | 1.25.6 | -+-----------------+----------------+ -| v1.12.7 | 1.25.7 | -+-----------------+----------------+ -| v1.12.8 | 1.25.7 | -+-----------------+----------------+ -| v1.12.9 | 1.25.7 | -+-----------------+----------------+ -| v1.12 | 1.25.7 | -+-----------------+----------------+ -| v1.13.0-rc0 | 1.26.0 | -+-----------------+----------------+ -| v1.13.0-rc1 | 1.26.1 | -+-----------------+----------------+ -| v1.13.0-rc2 | 1.26.2 | -+-----------------+----------------+ -| v1.13.0-rc3 | 1.26.3 | -+-----------------+----------------+ -| v1.13.0-rc4 | 1.26.6 | -+-----------------+----------------+ -| v1.13.0-rc5 | 1.26.7 | -+-----------------+----------------+ -| v1.13.0 | 1.26.7 | -+-----------------+----------------+ -| v1.13.1 | 1.26.7 | -+-----------------+----------------+ -| v1.13.2 | 1.26.7 | -+-----------------+----------------+ -| v1.13 | 1.26.7 | -+-----------------+----------------+ -| latest / main | 1.26.7 | -+-----------------+----------------+ ++--------------------+----------------+ +| Cilium | CNP and CCNP | +| Version | Schema Version | ++--------------------+----------------+ +| v1.12.0-rc0 | 1.25.1 | ++--------------------+----------------+ +| v1.12.0-rc1 | 1.26.0 | ++--------------------+----------------+ +| v1.12.0-rc2 | 1.25.2 | ++--------------------+----------------+ +| v1.12.0-rc3 | 1.25.3 | ++--------------------+----------------+ +| v1.12.0 | 1.25.4 | ++--------------------+----------------+ +| v1.12.1 | 1.25.5 | ++--------------------+----------------+ +| v1.12.2 | 1.25.6 | ++--------------------+----------------+ +| v1.12.3 | 1.25.6 | ++--------------------+----------------+ +| v1.12.4 | 1.25.6 | ++--------------------+----------------+ +| v1.12.5 | 1.25.6 | ++--------------------+----------------+ +| v1.12.6 | 1.25.6 | ++--------------------+----------------+ +| v1.12.7 | 1.25.7 | ++--------------------+----------------+ +| v1.12.8 | 1.25.7 | ++--------------------+----------------+ +| v1.12.9 | 1.25.7 | ++--------------------+----------------+ +| v1.12 | 1.25.7 | ++--------------------+----------------+ +| v1.13.0-rc0 | 1.26.0 | ++--------------------+----------------+ +| v1.13.0-rc1 | 1.26.1 | ++--------------------+----------------+ +| v1.13.0-rc2 | 1.26.2 | ++--------------------+----------------+ +| v1.13.0-rc3 | 1.26.3 | ++--------------------+----------------+ +| v1.13.0-rc4 | 1.26.6 | ++--------------------+----------------+ +| v1.13.0-rc5 | 1.26.7 | ++--------------------+----------------+ +| v1.13.0 | 1.26.7 | ++--------------------+----------------+ +| v1.13.1 | 1.26.7 | ++--------------------+----------------+ +| v1.13.2 | 1.26.7 | ++--------------------+----------------+ +| v1.13 | 1.26.7 | ++--------------------+----------------+ +| v1.14.0-snapshot.0 | 1.26.7 | ++--------------------+----------------+ +| v1.14.0-snapshot.1 | 1.26.7 | ++--------------------+----------------+ +| v1.14.0-snapshot.2 | 1.26.7 | ++--------------------+----------------+ +| latest / main | 1.26.7 | ++--------------------+----------------+ diff --git a/VERSION b/VERSION index 48930ada340f..fc3ab35c9b9f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.13.90 +1.14.0-snapshot.2 diff --git a/install/kubernetes/cilium/Chart.yaml b/install/kubernetes/cilium/Chart.yaml index a7e8dede683e..abb9982bee1b 100644 --- a/install/kubernetes/cilium/Chart.yaml +++ b/install/kubernetes/cilium/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: cilium displayName: Cilium home: https://cilium.io/ -version: 1.13.90 -appVersion: 1.13.90 +version: 1.14.0-snapshot.2 +appVersion: 1.14.0-snapshot.2 kubeVersion: ">= 1.16.0-0" icon: https://cdn.jsdelivr.net/gh/cilium/cilium@main/Documentation/images/logo-solo.svg description: eBPF-based Networking, Security, and Observability diff --git a/install/kubernetes/cilium/README.md b/install/kubernetes/cilium/README.md index 4e639174833e..178db5d1e10f 100644 --- a/install/kubernetes/cilium/README.md +++ b/install/kubernetes/cilium/README.md @@ -1,6 +1,6 @@ # cilium -![Version: 1.13.90](https://img.shields.io/badge/Version-1.13.90-informational?style=flat-square) ![AppVersion: 1.13.90](https://img.shields.io/badge/AppVersion-1.13.90-informational?style=flat-square) +![Version: 1.14.0-snapshot.2](https://img.shields.io/badge/Version-1.14.0--snapshot.2-informational?style=flat-square) ![AppVersion: 1.14.0-snapshot.2](https://img.shields.io/badge/AppVersion-1.14.0--snapshot.2-informational?style=flat-square) Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application workloads such as @@ -118,7 +118,7 @@ contributors across the globe, there is almost always someone available to help. | bpf.root | string | `"/sys/fs/bpf"` | Configure the mount point for the BPF filesystem | | bpf.tproxy | bool | `false` | Configure the eBPF-based TPROXY to reduce reliance on iptables rules for implementing Layer 7 policy. | | bpf.vlanBypass | list | `[]` | Configure explicitly allowed VLAN id's for bpf logic bypass. [0] will allow all VLAN id's without any filtering. | -| certgen | object | `{"annotations":{"cronJob":{},"job":{}},"extraVolumeMounts":[],"extraVolumes":[],"image":{"digest":"sha256:4a456552a5f192992a6edcec2febb1c54870d665173a33dc7d876129b199ddbd","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/certgen","tag":"v0.1.8","useDigest":true},"podLabels":{},"tolerations":[],"ttlSecondsAfterFinished":1800}` | Configure certificate generation for Hubble integration. If hubble.tls.auto.method=cronJob, these values are used for the Kubernetes CronJob which will be scheduled regularly to (re)generate any certificates not provided manually. | +| certgen | object | `{"annotations":{"cronJob":{},"job":{}},"extraVolumeMounts":[],"extraVolumes":[],"image":{"digest":"sha256:4a456552a5f192992a6edcec2febb1c54870d665173a33dc7d876129b199ddbd","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/certgen","tag":"v0.1.8","useDigest":true},"podLabels":{},"tolerations":[],"ttlSecondsAfterFinished":1800}` | Configure certificate generation for Hubble integration. If hubble.tls.auto.method=cronJob, these values are used for the Kubernetes CronJob which will be scheduled regularly to (re)generate any certificates not provided manually. | | certgen.annotations | object | `{"cronJob":{},"job":{}}` | Annotations to be added to the hubble-certgen initial Job and CronJob | | certgen.extraVolumeMounts | list | `[]` | Additional certgen volumeMounts. | | certgen.extraVolumes | list | `[]` | Additional certgen volumes. | @@ -134,14 +134,14 @@ contributors across the globe, there is almost always someone available to help. | cluster.id | int | `0` | Unique ID of the cluster. Must be unique across all connected clusters and in the range of 1 to 255. Only required for Cluster Mesh, may be 0 if Cluster Mesh is not used. | | cluster.name | string | `"default"` | Name of the cluster. Only required for Cluster Mesh and mTLS auth with SPIRE. | | clustermesh.apiserver.affinity | object | `{"podAntiAffinity":{"requiredDuringSchedulingIgnoredDuringExecution":[{"labelSelector":{"matchLabels":{"k8s-app":"clustermesh-apiserver"}},"topologyKey":"kubernetes.io/hostname"}]}}` | Affinity for clustermesh.apiserver | -| clustermesh.apiserver.etcd.image | object | `{"digest":"sha256:795d8660c48c439a7c3764c2330ed9222ab5db5bb524d8d0607cac76f7ba82a3","override":null,"pullPolicy":"Always","repository":"quay.io/coreos/etcd","tag":"v3.5.4","useDigest":true}` | Clustermesh API server etcd image. | +| clustermesh.apiserver.etcd.image | object | `{"digest":"sha256:795d8660c48c439a7c3764c2330ed9222ab5db5bb524d8d0607cac76f7ba82a3","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/coreos/etcd","tag":"v3.5.4","useDigest":true}` | Clustermesh API server etcd image. | | clustermesh.apiserver.etcd.init.resources | object | `{}` | Specifies the resources for etcd init container in the apiserver | | clustermesh.apiserver.etcd.resources | object | `{}` | Specifies the resources for etcd container in the apiserver | | clustermesh.apiserver.etcd.securityContext | object | `{}` | Security context to be added to clustermesh-apiserver etcd containers | | clustermesh.apiserver.extraEnv | list | `[]` | Additional clustermesh-apiserver environment variables. | | clustermesh.apiserver.extraVolumeMounts | list | `[]` | Additional clustermesh-apiserver volumeMounts. | | clustermesh.apiserver.extraVolumes | list | `[]` | Additional clustermesh-apiserver volumes. | -| clustermesh.apiserver.image | object | `{"digest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/clustermesh-apiserver-ci","tag":"latest","useDigest":false}` | Clustermesh API server image. | +| clustermesh.apiserver.image | object | `{"digest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/clustermesh-apiserver","tag":"v1.14.0-snapshot.2","useDigest":false}` | Clustermesh API server image. | | clustermesh.apiserver.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | | clustermesh.apiserver.podAnnotations | object | `{}` | Annotations to be added to clustermesh-apiserver pods | | clustermesh.apiserver.podDisruptionBudget.enabled | bool | `false` | enable PodDisruptionBudget ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ | @@ -260,7 +260,7 @@ contributors across the globe, there is almost always someone available to help. | etcd.extraArgs | list | `[]` | Additional cilium-etcd-operator container arguments. | | etcd.extraVolumeMounts | list | `[]` | Additional cilium-etcd-operator volumeMounts. | | etcd.extraVolumes | list | `[]` | Additional cilium-etcd-operator volumes. | -| etcd.image | object | `{"digest":"sha256:04b8327f7f992693c2cb483b999041ed8f92efc8e14f2a5f3ab95574a65ea2dc","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/cilium-etcd-operator","tag":"v2.0.7","useDigest":true}` | cilium-etcd-operator image. | +| etcd.image | object | `{"digest":"sha256:04b8327f7f992693c2cb483b999041ed8f92efc8e14f2a5f3ab95574a65ea2dc","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium-etcd-operator","tag":"v2.0.7","useDigest":true}` | cilium-etcd-operator image. | | etcd.k8sService | bool | `false` | If etcd is behind a k8s service set this option to true so that Cilium does the service translation automatically without requiring a DNS to be running. | | etcd.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for cilium-etcd-operator pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | | etcd.podAnnotations | object | `{}` | Annotations to be added to cilium-etcd-operator pods | @@ -320,7 +320,7 @@ contributors across the globe, there is almost always someone available to help. | hubble.relay.extraEnv | list | `[]` | Additional hubble-relay environment variables. | | hubble.relay.gops.enabled | bool | `true` | Enable gops for hubble-relay | | hubble.relay.gops.port | int | `9893` | Configure gops listen port for hubble-relay | -| hubble.relay.image | object | `{"digest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/hubble-relay-ci","tag":"latest","useDigest":false}` | Hubble-relay container image. | +| hubble.relay.image | object | `{"digest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-relay","tag":"v1.14.0-snapshot.2","useDigest":false}` | Hubble-relay container image. | | hubble.relay.listenHost | string | `""` | Host to listen to. Specify an empty string to bind to all the interfaces. | | hubble.relay.listenPort | string | `"4245"` | Port to listen to. | | hubble.relay.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | @@ -377,7 +377,7 @@ contributors across the globe, there is almost always someone available to help. | hubble.ui.backend.extraEnv | list | `[]` | Additional hubble-ui backend environment variables. | | hubble.ui.backend.extraVolumeMounts | list | `[]` | Additional hubble-ui backend volumeMounts. | | hubble.ui.backend.extraVolumes | list | `[]` | Additional hubble-ui backend volumes. | -| hubble.ui.backend.image | object | `{"digest":"sha256:14c04d11f78da5c363f88592abae8d2ecee3cbe009f443ef11df6ac5f692d839","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/hubble-ui-backend","tag":"v0.11.0","useDigest":true}` | Hubble-ui backend image. | +| hubble.ui.backend.image | object | `{"digest":"sha256:14c04d11f78da5c363f88592abae8d2ecee3cbe009f443ef11df6ac5f692d839","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-ui-backend","tag":"v0.11.0","useDigest":true}` | Hubble-ui backend image. | | hubble.ui.backend.resources | object | `{}` | Resource requests and limits for the 'backend' container of the 'hubble-ui' deployment. | | hubble.ui.backend.securityContext | object | `{}` | Hubble-ui backend security context. | | hubble.ui.baseUrl | string | `"/"` | Defines base url prefix for all hubble-ui http requests. It needs to be changed in case if ingress for hubble-ui is configured under some sub-path. Trailing `/` is required for custom path, ex. `/service-map/` | @@ -385,7 +385,7 @@ contributors across the globe, there is almost always someone available to help. | hubble.ui.frontend.extraEnv | list | `[]` | Additional hubble-ui frontend environment variables. | | hubble.ui.frontend.extraVolumeMounts | list | `[]` | Additional hubble-ui frontend volumeMounts. | | hubble.ui.frontend.extraVolumes | list | `[]` | Additional hubble-ui frontend volumes. | -| hubble.ui.frontend.image | object | `{"digest":"sha256:bcb369c47cada2d4257d63d3749f7f87c91dde32e010b223597306de95d1ecc8","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/hubble-ui","tag":"v0.11.0","useDigest":true}` | Hubble-ui frontend image. | +| hubble.ui.frontend.image | object | `{"digest":"sha256:bcb369c47cada2d4257d63d3749f7f87c91dde32e010b223597306de95d1ecc8","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-ui","tag":"v0.11.0","useDigest":true}` | Hubble-ui frontend image. | | hubble.ui.frontend.resources | object | `{}` | Resource requests and limits for the 'frontend' container of the 'hubble-ui' deployment. | | hubble.ui.frontend.securityContext | object | `{}` | Hubble-ui frontend security context. | | hubble.ui.frontend.server.ipv6 | object | `{"enabled":true}` | Controls server listener for ipv6 | @@ -412,7 +412,7 @@ contributors across the globe, there is almost always someone available to help. | hubble.ui.updateStrategy | object | `{"rollingUpdate":{"maxUnavailable":1},"type":"RollingUpdate"}` | hubble-ui update strategy. | | identityAllocationMode | string | `"crd"` | Method to use for identity allocation (`crd` or `kvstore`). | | identityChangeGracePeriod | string | `"5s"` | Time to wait before using new identity on endpoint identity change. | -| image | object | `{"digest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/cilium-ci","tag":"latest","useDigest":false}` | Agent container image. | +| image | object | `{"digest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.14.0-snapshot.2","useDigest":false}` | Agent container image. | | imagePullSecrets | string | `nil` | Configure image pull secrets for pulling container images | | ingressController.default | bool | `false` | Set cilium ingress controller to be the default ingress controller This will let cilium ingress controller route entries without ingress class set | | ingressController.enabled | bool | `false` | Enable cilium ingress controller This will automatically set enable-envoy-config as well. | @@ -484,7 +484,7 @@ contributors across the globe, there is almost always someone available to help. | nodeinit.extraEnv | list | `[]` | Additional nodeinit environment variables. | | nodeinit.extraVolumeMounts | list | `[]` | Additional nodeinit volumeMounts. | | nodeinit.extraVolumes | list | `[]` | Additional nodeinit volumes. | -| nodeinit.image | object | `{"override":null,"pullPolicy":"Always","repository":"quay.io/cilium/startup-script","tag":"d69851597ea019af980891a4628fb36b7880ec26"}` | node-init image. | +| nodeinit.image | object | `{"override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/startup-script","tag":"d69851597ea019af980891a4628fb36b7880ec26"}` | node-init image. | | nodeinit.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for nodeinit pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | | nodeinit.podAnnotations | object | `{}` | Annotations to be added to node-init pods. | | nodeinit.podLabels | object | `{}` | Labels to be added to node-init pods. | @@ -507,7 +507,7 @@ contributors across the globe, there is almost always someone available to help. | operator.extraVolumes | list | `[]` | Additional cilium-operator volumes. | | operator.identityGCInterval | string | `"15m0s"` | Interval for identity garbage collection. | | operator.identityHeartbeatTimeout | string | `"30m0s"` | Timeout for identity heartbeats. | -| operator.image | object | `{"alibabacloudDigest":"","awsDigest":"","azureDigest":"","genericDigest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/operator","suffix":"-ci","tag":"latest","useDigest":false}` | cilium-operator image. | +| operator.image | object | `{"alibabacloudDigest":"","awsDigest":"","azureDigest":"","genericDigest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/operator","suffix":"","tag":"v1.14.0-snapshot.2","useDigest":false}` | cilium-operator image. | | operator.nodeGCInterval | string | `"5m0s"` | Interval for cilium node garbage collection. | | operator.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for cilium-operator pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | | operator.podAnnotations | object | `{}` | Annotations to be added to cilium-operator pods | @@ -554,7 +554,7 @@ contributors across the globe, there is almost always someone available to help. | preflight.extraEnv | list | `[]` | Additional preflight environment variables. | | preflight.extraVolumeMounts | list | `[]` | Additional preflight volumeMounts. | | preflight.extraVolumes | list | `[]` | Additional preflight volumes. | -| preflight.image | object | `{"digest":"","override":null,"pullPolicy":"Always","repository":"quay.io/cilium/cilium-ci","tag":"latest","useDigest":false}` | Cilium pre-flight image. | +| preflight.image | object | `{"digest":"","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.14.0-snapshot.2","useDigest":false}` | Cilium pre-flight image. | | preflight.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for preflight pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | | preflight.podAnnotations | object | `{}` | Annotations to be added to preflight pods | | preflight.podDisruptionBudget.enabled | bool | `false` | enable PodDisruptionBudget ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ | diff --git a/install/kubernetes/cilium/values.yaml b/install/kubernetes/cilium/values.yaml index d631c1aaae01..d6434a8a5677 100644 --- a/install/kubernetes/cilium/values.yaml +++ b/install/kubernetes/cilium/values.yaml @@ -124,9 +124,9 @@ rollOutCiliumPods: false # -- Agent container image. image: override: ~ - repository: "quay.io/cilium/cilium-ci" - tag: "latest" - pullPolicy: "Always" + repository: "quay.io/cilium/cilium" + tag: "v1.14.0-snapshot.2" + pullPolicy: "IfNotPresent" # cilium-digest digest: "" useDigest: false @@ -851,7 +851,7 @@ certgen: tag: "v0.1.8" digest: "sha256:4a456552a5f192992a6edcec2febb1c54870d665173a33dc7d876129b199ddbd" useDigest: true - pullPolicy: "Always" + pullPolicy: "IfNotPresent" # -- Seconds after which the completed job pod will be deleted ttlSecondsAfterFinished: 1800 # -- Labels to be added to hubble-certgen pods @@ -1023,12 +1023,12 @@ hubble: # -- Hubble-relay container image. image: override: ~ - repository: "quay.io/cilium/hubble-relay-ci" - tag: "latest" + repository: "quay.io/cilium/hubble-relay" + tag: "v1.14.0-snapshot.2" # hubble-relay-digest digest: "" useDigest: false - pullPolicy: "Always" + pullPolicy: "IfNotPresent" # -- Specifies the resources for the hubble-relay pods resources: {} @@ -1245,7 +1245,7 @@ hubble: tag: "v0.11.0" digest: "sha256:14c04d11f78da5c363f88592abae8d2ecee3cbe009f443ef11df6ac5f692d839" useDigest: true - pullPolicy: "Always" + pullPolicy: "IfNotPresent" # -- Hubble-ui backend security context. securityContext: {} @@ -1276,7 +1276,7 @@ hubble: tag: "v0.11.0" digest: "sha256:bcb369c47cada2d4257d63d3749f7f87c91dde32e010b223597306de95d1ecc8" useDigest: true - pullPolicy: "Always" + pullPolicy: "IfNotPresent" # -- Hubble-ui frontend security context. securityContext: {} @@ -1828,7 +1828,7 @@ etcd: tag: "v2.0.7" digest: "sha256:04b8327f7f992693c2cb483b999041ed8f92efc8e14f2a5f3ab95574a65ea2dc" useDigest: true - pullPolicy: "Always" + pullPolicy: "IfNotPresent" # -- The priority class to use for cilium-etcd-operator priorityClassName: "" @@ -1930,7 +1930,7 @@ operator: image: override: ~ repository: "quay.io/cilium/operator" - tag: "latest" + tag: "v1.14.0-snapshot.2" # operator-generic-digest genericDigest: "" # operator-azure-digest @@ -1940,8 +1940,8 @@ operator: # operator-alibabacloud-digest alibabacloudDigest: "" useDigest: false - pullPolicy: "Always" - suffix: "-ci" + pullPolicy: "IfNotPresent" + suffix: "" # -- Number of replicas to run for the cilium-operator deployment replicas: 2 @@ -2129,7 +2129,7 @@ nodeinit: override: ~ repository: "quay.io/cilium/startup-script" tag: "d69851597ea019af980891a4628fb36b7880ec26" - pullPolicy: "Always" + pullPolicy: "IfNotPresent" # -- The priority class to use for the nodeinit pod. priorityClassName: "" @@ -2216,12 +2216,12 @@ preflight: # -- Cilium pre-flight image. image: override: ~ - repository: "quay.io/cilium/cilium-ci" - tag: "latest" + repository: "quay.io/cilium/cilium" + tag: "v1.14.0-snapshot.2" # cilium-digest digest: "" useDigest: false - pullPolicy: "Always" + pullPolicy: "IfNotPresent" # -- The priority class to use for the preflight pod. priorityClassName: "" @@ -2366,12 +2366,12 @@ clustermesh: # -- Clustermesh API server image. image: override: ~ - repository: "quay.io/cilium/clustermesh-apiserver-ci" - tag: "latest" + repository: "quay.io/cilium/clustermesh-apiserver" + tag: "v1.14.0-snapshot.2" # clustermesh-apiserver-digest digest: "" useDigest: false - pullPolicy: "Always" + pullPolicy: "IfNotPresent" etcd: # -- Clustermesh API server etcd image. @@ -2381,7 +2381,7 @@ clustermesh: tag: "v3.5.4" digest: "sha256:795d8660c48c439a7c3764c2330ed9222ab5db5bb524d8d0607cac76f7ba82a3" useDigest: true - pullPolicy: "Always" + pullPolicy: "IfNotPresent" # -- Specifies the resources for etcd container in the apiserver resources: {} diff --git a/pkg/k8s/apis/cilium.io/register.go b/pkg/k8s/apis/cilium.io/register.go index 8c64781bb639..7f0721c31b7c 100644 --- a/pkg/k8s/apis/cilium.io/register.go +++ b/pkg/k8s/apis/cilium.io/register.go @@ -15,5 +15,5 @@ const ( // // Maintainers: Run ./Documentation/check-crd-compat-table.sh for each release // Developers: Bump patch for each change in the CRD schema. - CustomResourceDefinitionSchemaVersion = "1.26.7" + CustomResourceDefinitionSchemaVersion = "1.26.8" )