Add helm NOTES file #10641
Add helm NOTES file #10641
Conversation
|
Please set the appropriate release note label. |
There was a problem hiding this comment.
Thanks for working on this.
Could you show a full example of how the helm output looks when you use install with these notes files in place? In particular I'm wondering how the multiple copies of the notes file interact with the user as they won't be manually installing different subcharts from each of these directories.
Some more minor notes below.
| @@ -0,0 +1,6 @@ | |||
| You have successfully installed Cilium {{ .Chart.name }} | |||
There was a problem hiding this comment.
Do we need all of the different copies of this? Surely when a user runs helm install cilium ... they only need to see this message once, and that's pulled from a single location...? (I'm not sure, but would be good to know).
If so, can we symlink them to one common copy to simplify making changes in future?
There was a problem hiding this comment.
My thought was to add the notes for each and every template directory and calling these directory depends on the global configuration.
We can even restrict to the high level chart instead of the sub charts level. What do you think.
There was a problem hiding this comment.
At a high level from user perspective, I assume the user installs via helm install ... and we print this nice message telling them what just happened and how to find help. Achieving that is the main goal of the issue #10070.
From a maintainer perspective, I don't like adding the same content to the repo multiple times. If we ever need to change it, we have to manually go through and make the change to all these different files, I'd like to avoid this. If we avoid it by having a single copy in a more appropriate location, great. If we avoid it by creating one copy of the file and symlinking, that's fine too.
There was a problem hiding this comment.
Make sense. For now when I try to install through HELM.
This is what I see, even though the NOTE.txt is there in place.
NAME: cilium
LAST DEPLOYED: Thu Mar 19 22:18:52 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
For some reason it is not picking up the contents from the NOTES.txt file. Let me add it to the cilium folder and see if it reflects.
There was a problem hiding this comment.
@soumynathan Where are we at with this?
- Can we use something like symlinks to ensure we have exactly one copy of the notice that's easy to update?
- Does the output work now?
There was a problem hiding this comment.
Running individual charts, pulls in the notes.txt file, as shown below.
master-node:~/go/src/github.com/cilium/install/kubernetes$ helm install --dry-run --namespace kube-system -f ./cilium/values.yaml cilium ./cilium/charts/agent
NAME: cilium
LAST DEPLOYED: Wed Apr 8 18:21:48 2020
NAMESPACE: kube-system
STATUS: pending-install
REVISION: 1
TEST SUITE: None
HOOKS:
MANIFEST:
---
# Source: agent/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: cilium
namespace: kube-system
---
# Source: agent/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cilium
rules:
- apiGroups:
- networking.k8s.io
resources:
- networkpolicies
verbs:
- get
- list
- watch
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- namespaces
- services
- nodes
- endpoints
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods
- nodes
verbs:
- get
- list
- watch
- update
- apiGroups:
- ""
resources:
- nodes
- nodes/status
verbs:
- patch
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- create
- get
- list
- watch
- update
- apiGroups:
- cilium.io
resources:
- ciliumnetworkpolicies
- ciliumnetworkpolicies/status
- ciliumclusterwidenetworkpolicies
- ciliumclusterwidenetworkpolicies/status
- ciliumendpoints
- ciliumendpoints/status
- ciliumnodes
- ciliumnodes/status
- ciliumidentities
- ciliumidentities/status
verbs:
- '*'
---
# Source: agent/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cilium
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cilium
subjects:
- kind: ServiceAccount
name: cilium
namespace: kube-system
---
# Source: agent/templates/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
k8s-app: cilium
name: cilium
namespace: kube-system
spec:
selector:
matchLabels:
k8s-app: cilium
template:
metadata:
annotations:
# This annotation plus the CriticalAddonsOnly toleration makes
# cilium to be a critical pod in the cluster, which ensures cilium
# gets priority scheduling.
# https://kubernetes.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/
scheduler.alpha.kubernetes.io/critical-pod: ""
labels:
k8s-app: cilium
spec:
containers:
- args:
- --config-dir=/tmp/cilium/config-map
command:
- cilium-agent
livenessProbe:
exec:
command:
- cilium
- status
- --brief
failureThreshold: 10
# The initial delay for the liveness probe is intentionally large to
# avoid an endless kill & restart cycle if in the event that the initial
# bootstrapping takes longer than expected.
initialDelaySeconds: 120
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
exec:
command:
- cilium
- status
- --brief
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 5
env:
- name: K8S_NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: CILIUM_K8S_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: CILIUM_FLANNEL_MASTER_DEVICE
valueFrom:
configMapKeyRef:
key: flannel-master-device
name: cilium-config
optional: true
- name: CILIUM_FLANNEL_UNINSTALL_ON_EXIT
valueFrom:
configMapKeyRef:
key: flannel-uninstall-on-exit
name: cilium-config
optional: true
- name: CILIUM_CLUSTERMESH_CONFIG
value: /var/lib/cilium/clustermesh/
- name: CILIUM_CNI_CHAINING_MODE
valueFrom:
configMapKeyRef:
key: cni-chaining-mode
name: cilium-config
optional: true
- name: CILIUM_CUSTOM_CNI_CONF
valueFrom:
configMapKeyRef:
key: custom-cni-conf
name: cilium-config
optional: true
image: "docker.io/cilium/cilium:latest"
imagePullPolicy: Always
lifecycle:
postStart:
exec:
command:
- "/cni-install.sh"
- "--enable-debug=false"
preStop:
exec:
command:
- /cni-uninstall.sh
name: cilium-agent
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_MODULE
privileged: true
volumeMounts:
- mountPath: /sys/fs/bpf
name: bpf-maps
- mountPath: /var/run/cilium
name: cilium-run
- mountPath: /host/opt/cni/bin
name: cni-path
- mountPath: /host/etc/cni/net.d
name: etc-cni-netd
- mountPath: /var/lib/cilium/clustermesh
name: clustermesh-secrets
readOnly: true
- mountPath: /tmp/cilium/config-map
name: cilium-config-path
readOnly: true
# Needed to be able to load kernel modules
- mountPath: /lib/modules
name: lib-modules
readOnly: true
- mountPath: /run/xtables.lock
name: xtables-lock
hostNetwork: true
initContainers:
- command:
- /init-container.sh
env:
- name: CILIUM_ALL_STATE
valueFrom:
configMapKeyRef:
key: clean-cilium-state
name: cilium-config
optional: true
- name: CILIUM_BPF_STATE
valueFrom:
configMapKeyRef:
key: clean-cilium-bpf-state
name: cilium-config
optional: true
- name: CILIUM_WAIT_BPF_MOUNT
valueFrom:
configMapKeyRef:
key: wait-bpf-mount
name: cilium-config
optional: true
image: "docker.io/cilium/cilium:latest"
imagePullPolicy: Always
name: clean-cilium-state
securityContext:
capabilities:
add:
- NET_ADMIN
privileged: true
volumeMounts:
- mountPath: /sys/fs/bpf
name: bpf-maps
mountPropagation: HostToContainer
- mountPath: /var/run/cilium
name: cilium-run
resources:
requests:
cpu: 100m
memory: 100Mi
restartPolicy: Always
priorityClassName: system-node-critical
serviceAccount: cilium
serviceAccountName: cilium
terminationGracePeriodSeconds: 1
tolerations:
- operator: Exists
volumes:
# To keep state between restarts / upgrades
- hostPath:
path: /var/run/cilium
type: DirectoryOrCreate
name: cilium-run
# To keep state between restarts / upgrades for bpf maps
- hostPath:
path: /sys/fs/bpf
type: DirectoryOrCreate
name: bpf-maps
# To install cilium cni plugin in the host
- hostPath:
path: /opt/cni/bin
type: DirectoryOrCreate
name: cni-path
# To install cilium cni configuration in the host
- hostPath:
path: /etc/cni/net.d
type: DirectoryOrCreate
name: etc-cni-netd
# To be able to load kernel modules
- hostPath:
path: /lib/modules
name: lib-modules
# To access iptables concurrently with other processes (e.g. kube-proxy)
- hostPath:
path: /run/xtables.lock
type: FileOrCreate
name: xtables-lock
# To read the clustermesh configuration
- name: clustermesh-secrets
secret:
defaultMode: 420
optional: true
secretName: cilium-clustermesh
# To read the configuration from the config map
- configMap:
name: cilium-config
name: cilium-config-path
updateStrategy:
rollingUpdate:
maxUnavailable: 2
type: RollingUpdate
NOTES:
You have successfully installed Cilium agent
Your release version is 1.7.90
For any further help, visit https://docs.cilium.io/en/v1.7/gettinghelp
| @@ -0,0 +1,6 @@ | |||
| You have successfully installed Cilium {{ .Chart.name }} | |||
There was a problem hiding this comment.
For preflight, I think the notes page might need to be a bit different if there's an option, because preflight is only pulling the cilium images to all the nodes, it's not installing them yet.
Sure I can post the output. |
soumynathan
force-pushed
the
add-helm-notes-for-cilium
branch
from
b439ded
to
5674af4
Compare
aanm
added
pending-review
release-note/minor
soumynathan
force-pushed
the
add-helm-notes-for-cilium
branch
from
5674af4
to
c320346
Compare
This patch adds helm NOTES.txt file to the respective template folders. Fixes: cilium#10070 Signed-off-by: Swaminathan Vasudevan <svasudevan@suse.com>
soumynathan
force-pushed
the
add-helm-notes-for-cilium
branch
from
c320346
to
5f80e5f
Compare
|
test-me-please |
|
Backporting to v1.7 seems low-risk and easy enough. |
maintainer-s-little-helper
bot
moved this from Needs backport from master
to Backport pending to v1.7
in 1.7.2
This patch adds helm NOTES file to the respective template folders.
Fixes: #10070
Signed-off-by: Swaminathan Vasudevan svasudevan@suse.com