diff --git a/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.1.0+up1.10.1.tgz b/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.1.0+up1.10.1.tgz new file mode 100644 index 0000000000..505806c8e8 Binary files /dev/null and b/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.1.0+up1.10.1.tgz differ diff --git a/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.2.0+up1.10.2.tgz b/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.2.0+up1.10.2.tgz new file mode 100644 index 0000000000..e04ca39f01 Binary files /dev/null and b/assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.2.0+up1.10.2.tgz differ diff --git a/assets/rancher-aks-operator/rancher-aks-operator-105.1.0+up1.10.1.tgz b/assets/rancher-aks-operator/rancher-aks-operator-105.1.0+up1.10.1.tgz new file mode 100644 index 0000000000..1ea67087d4 Binary files /dev/null and b/assets/rancher-aks-operator/rancher-aks-operator-105.1.0+up1.10.1.tgz differ diff --git a/assets/rancher-aks-operator/rancher-aks-operator-105.2.0+up1.10.2.tgz b/assets/rancher-aks-operator/rancher-aks-operator-105.2.0+up1.10.2.tgz new file mode 100644 index 0000000000..019078ea5b Binary files /dev/null and b/assets/rancher-aks-operator/rancher-aks-operator-105.2.0+up1.10.2.tgz differ diff --git a/charts/rancher-aks-operator-crd/105.1.0+up1.10.1/Chart.yaml b/charts/rancher-aks-operator-crd/105.1.0+up1.10.1/Chart.yaml new file mode 100644 index 0000000000..a797915ddb --- /dev/null +++ b/charts/rancher-aks-operator-crd/105.1.0+up1.10.1/Chart.yaml @@ -0,0 +1,12 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/release-name: rancher-aks-operator-crd +apiVersion: v2 +appVersion: 1.10.1 +description: AKS Operator CustomResourceDefinitions +name: rancher-aks-operator-crd +version: 105.1.0+up1.10.1 diff --git a/charts/rancher-aks-operator-crd/105.1.0+up1.10.1/templates/crds.yaml b/charts/rancher-aks-operator-crd/105.1.0+up1.10.1/templates/crds.yaml new file mode 100644 index 0000000000..c4fcdfac05 --- /dev/null +++ b/charts/rancher-aks-operator-crd/105.1.0+up1.10.1/templates/crds.yaml @@ -0,0 +1,211 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + helm.sh/resource-policy: keep + name: aksclusterconfigs.aks.cattle.io +spec: + group: aks.cattle.io + names: + kind: AKSClusterConfig + plural: aksclusterconfigs + shortNames: + - akscc + singular: aksclusterconfig + preserveUnknownFields: false + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + authBaseUrl: + nullable: true + type: string + authorizedIpRanges: + items: + nullable: true + type: string + nullable: true + type: array + azureCredentialSecret: + nullable: true + type: string + baseUrl: + nullable: true + type: string + clusterName: + nullable: true + type: string + dnsPrefix: + nullable: true + type: string + dnsServiceIp: + nullable: true + type: string + dockerBridgeCidr: + nullable: true + type: string + httpApplicationRouting: + nullable: true + type: boolean + imported: + type: boolean + kubernetesVersion: + nullable: true + type: string + linuxAdminUsername: + nullable: true + type: string + loadBalancerSku: + nullable: true + type: string + logAnalyticsWorkspaceGroup: + nullable: true + type: string + logAnalyticsWorkspaceName: + nullable: true + type: string + managedIdentity: + nullable: true + type: boolean + monitoring: + nullable: true + type: boolean + networkPlugin: + nullable: true + type: string + networkPolicy: + nullable: true + type: string + nodePools: + items: + properties: + availabilityZones: + items: + nullable: true + type: string + nullable: true + type: array + count: + nullable: true + type: integer + enableAutoScaling: + nullable: true + type: boolean + maxCount: + nullable: true + type: integer + maxPods: + nullable: true + type: integer + maxSurge: + nullable: true + type: string + minCount: + nullable: true + type: integer + mode: + nullable: true + type: string + name: + nullable: true + type: string + nodeLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + nodeTaints: + items: + nullable: true + type: string + nullable: true + type: array + orchestratorVersion: + nullable: true + type: string + osDiskSizeGB: + nullable: true + type: integer + osDiskType: + nullable: true + type: string + osType: + nullable: true + type: string + vmSize: + nullable: true + type: string + vnetSubnetID: + nullable: true + type: string + type: object + nullable: true + type: array + nodeResourceGroup: + nullable: true + type: string + outboundType: + nullable: true + type: string + podCidr: + nullable: true + type: string + privateCluster: + nullable: true + type: boolean + privateDnsZone: + nullable: true + type: string + resourceGroup: + nullable: true + type: string + resourceLocation: + nullable: true + type: string + serviceCidr: + nullable: true + type: string + sshPublicKey: + nullable: true + type: string + subnet: + nullable: true + type: string + tags: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + userAssignedIdentity: + nullable: true + type: string + virtualNetwork: + nullable: true + type: string + virtualNetworkResourceGroup: + nullable: true + type: string + type: object + status: + properties: + failureMessage: + nullable: true + type: string + phase: + nullable: true + type: string + rbacEnabled: + nullable: true + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/rancher-aks-operator-crd/105.2.0+up1.10.2/Chart.yaml b/charts/rancher-aks-operator-crd/105.2.0+up1.10.2/Chart.yaml new file mode 100644 index 0000000000..8b6f015bf4 --- /dev/null +++ b/charts/rancher-aks-operator-crd/105.2.0+up1.10.2/Chart.yaml @@ -0,0 +1,12 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/release-name: rancher-aks-operator-crd +apiVersion: v2 +appVersion: 1.10.2 +description: AKS Operator CustomResourceDefinitions +name: rancher-aks-operator-crd +version: 105.2.0+up1.10.2 diff --git a/charts/rancher-aks-operator-crd/105.2.0+up1.10.2/templates/crds.yaml b/charts/rancher-aks-operator-crd/105.2.0+up1.10.2/templates/crds.yaml new file mode 100644 index 0000000000..c4fcdfac05 --- /dev/null +++ b/charts/rancher-aks-operator-crd/105.2.0+up1.10.2/templates/crds.yaml @@ -0,0 +1,211 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + helm.sh/resource-policy: keep + name: aksclusterconfigs.aks.cattle.io +spec: + group: aks.cattle.io + names: + kind: AKSClusterConfig + plural: aksclusterconfigs + shortNames: + - akscc + singular: aksclusterconfig + preserveUnknownFields: false + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + authBaseUrl: + nullable: true + type: string + authorizedIpRanges: + items: + nullable: true + type: string + nullable: true + type: array + azureCredentialSecret: + nullable: true + type: string + baseUrl: + nullable: true + type: string + clusterName: + nullable: true + type: string + dnsPrefix: + nullable: true + type: string + dnsServiceIp: + nullable: true + type: string + dockerBridgeCidr: + nullable: true + type: string + httpApplicationRouting: + nullable: true + type: boolean + imported: + type: boolean + kubernetesVersion: + nullable: true + type: string + linuxAdminUsername: + nullable: true + type: string + loadBalancerSku: + nullable: true + type: string + logAnalyticsWorkspaceGroup: + nullable: true + type: string + logAnalyticsWorkspaceName: + nullable: true + type: string + managedIdentity: + nullable: true + type: boolean + monitoring: + nullable: true + type: boolean + networkPlugin: + nullable: true + type: string + networkPolicy: + nullable: true + type: string + nodePools: + items: + properties: + availabilityZones: + items: + nullable: true + type: string + nullable: true + type: array + count: + nullable: true + type: integer + enableAutoScaling: + nullable: true + type: boolean + maxCount: + nullable: true + type: integer + maxPods: + nullable: true + type: integer + maxSurge: + nullable: true + type: string + minCount: + nullable: true + type: integer + mode: + nullable: true + type: string + name: + nullable: true + type: string + nodeLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + nodeTaints: + items: + nullable: true + type: string + nullable: true + type: array + orchestratorVersion: + nullable: true + type: string + osDiskSizeGB: + nullable: true + type: integer + osDiskType: + nullable: true + type: string + osType: + nullable: true + type: string + vmSize: + nullable: true + type: string + vnetSubnetID: + nullable: true + type: string + type: object + nullable: true + type: array + nodeResourceGroup: + nullable: true + type: string + outboundType: + nullable: true + type: string + podCidr: + nullable: true + type: string + privateCluster: + nullable: true + type: boolean + privateDnsZone: + nullable: true + type: string + resourceGroup: + nullable: true + type: string + resourceLocation: + nullable: true + type: string + serviceCidr: + nullable: true + type: string + sshPublicKey: + nullable: true + type: string + subnet: + nullable: true + type: string + tags: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + userAssignedIdentity: + nullable: true + type: string + virtualNetwork: + nullable: true + type: string + virtualNetworkResourceGroup: + nullable: true + type: string + type: object + status: + properties: + failureMessage: + nullable: true + type: string + phase: + nullable: true + type: string + rbacEnabled: + nullable: true + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/rancher-aks-operator/105.1.0+up1.10.1/Chart.yaml b/charts/rancher-aks-operator/105.1.0+up1.10.1/Chart.yaml new file mode 100644 index 0000000000..507288abcc --- /dev/null +++ b/charts/rancher-aks-operator/105.1.0+up1.10.1/Chart.yaml @@ -0,0 +1,20 @@ +annotations: + catalog.cattle.io/auto-install: rancher-aks-operator-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0' + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/provides-gvr: aksclusterconfigs.aks.cattle.io/v1 + catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0' + catalog.cattle.io/release-name: rancher-aks-operator + catalog.cattle.io/scope: management +apiVersion: v2 +appVersion: 1.10.1 +description: A Helm chart for provisioning AKS clusters +home: https://github.com/rancher/aks-operator +name: rancher-aks-operator +sources: +- https://github.com/rancher/aks-operator +version: 105.1.0+up1.10.1 diff --git a/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/NOTES.txt b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/NOTES.txt new file mode 100644 index 0000000000..5ba05b482c --- /dev/null +++ b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/NOTES.txt @@ -0,0 +1,4 @@ +You have deployed the Rancher AKS operator +Version: {{ .Chart.AppVersion }} +Description: This operator provisions AKS clusters +from AKSClusterConfig CRs. diff --git a/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/_helpers.tpl b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/_helpers.tpl new file mode 100644 index 0000000000..de3b332f6a --- /dev/null +++ b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/_helpers.tpl @@ -0,0 +1,25 @@ +{{/* vim: set filetype=mustache: */}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +kubernetes.io/os: linux +{{- end -}} + diff --git a/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/clusterrole.yaml b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/clusterrole.yaml new file mode 100644 index 0000000000..5e2ce97567 --- /dev/null +++ b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/clusterrole.yaml @@ -0,0 +1,15 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aks-operator + namespace: cattle-system +rules: + - apiGroups: [''] + resources: ['secrets'] + verbs: ['get', 'list', 'create', 'watch', 'update'] + - apiGroups: ['aks.cattle.io'] + resources: ['aksclusterconfigs'] + verbs: ['get', 'list', 'update', 'watch'] + - apiGroups: ['aks.cattle.io'] + resources: ['aksclusterconfigs/status'] + verbs: ['update'] diff --git a/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/clusterrolebinding.yaml b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/clusterrolebinding.yaml new file mode 100644 index 0000000000..7aa7e785a4 --- /dev/null +++ b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/clusterrolebinding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: aks-operator + namespace: cattle-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aks-operator +subjects: +- kind: ServiceAccount + name: aks-operator + namespace: cattle-system diff --git a/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/deployment.yaml b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/deployment.yaml new file mode 100644 index 0000000000..e929a85cdc --- /dev/null +++ b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/deployment.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: aks-config-operator + namespace: cattle-system +spec: + replicas: 1 + selector: + matchLabels: + ke.cattle.io/operator: aks + template: + metadata: + labels: + ke.cattle.io/operator: aks + spec: + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} +{{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} +{{- if .Values.tolerations }} +{{ toYaml .Values.tolerations | indent 8 }} +{{- end }} + serviceAccountName: aks-operator + {{- if .Values.priorityClassName }} + priorityClassName: "{{.Values.priorityClassName}}" + {{- end }} + securityContext: + fsGroup: 1007 + runAsUser: 1007 + containers: + - name: aks-operator + image: '{{ template "system_default_registry" $ }}{{ $.Values.aksOperator.image.repository }}:{{ $.Values.aksOperator.image.tag }}' + imagePullPolicy: IfNotPresent + env: + - name: HTTP_PROXY + value: {{ .Values.httpProxy }} + - name: HTTPS_PROXY + value: {{ .Values.httpsProxy }} + - name: NO_PROXY + value: {{ .Values.noProxy }} + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + privileged: false + capabilities: + drop: + - ALL +{{- if .Values.additionalTrustedCAs }} + # aks-operator mounts the additional CAs in two places: + volumeMounts: + # This directory is owned by the aks-operator user so c_rehash works here. + - mountPath: /etc/rancher/ssl/ca-additional.pem + name: tls-ca-additional-volume + subPath: ca-additional.pem + readOnly: true + # This directory is root-owned so c_rehash doesn't work here, + # but the cert is here in case update-ca-certificates is called in the future or by the OS. + - mountPath: /etc/pki/trust/anchors/ca-additional.pem + name: tls-ca-additional-volume + subPath: ca-additional.pem + readOnly: true + volumes: + - name: tls-ca-additional-volume + secret: + defaultMode: 0400 + secretName: tls-ca-additional + {{- end }} diff --git a/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/serviceaccount.yaml b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/serviceaccount.yaml new file mode 100644 index 0000000000..9c40a152f5 --- /dev/null +++ b/charts/rancher-aks-operator/105.1.0+up1.10.1/templates/serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + namespace: cattle-system + name: aks-operator diff --git a/charts/rancher-aks-operator/105.1.0+up1.10.1/values.yaml b/charts/rancher-aks-operator/105.1.0+up1.10.1/values.yaml new file mode 100644 index 0000000000..0448bbc004 --- /dev/null +++ b/charts/rancher-aks-operator/105.1.0+up1.10.1/values.yaml @@ -0,0 +1,23 @@ +global: + cattle: + systemDefaultRegistry: "" + +aksOperator: + image: + repository: rancher/aks-operator + tag: v1.10.1 + +httpProxy: "" +httpsProxy: "" +noProxy: "" +additionalTrustedCAs: false + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} +## List of node taints to tolerate (requires Kubernetes >= 1.6) +tolerations: [] + +## PriorityClassName assigned to deployment. +priorityClassName: "" diff --git a/charts/rancher-aks-operator/105.2.0+up1.10.2/Chart.yaml b/charts/rancher-aks-operator/105.2.0+up1.10.2/Chart.yaml new file mode 100644 index 0000000000..7fa30023ed --- /dev/null +++ b/charts/rancher-aks-operator/105.2.0+up1.10.2/Chart.yaml @@ -0,0 +1,20 @@ +annotations: + catalog.cattle.io/auto-install: rancher-aks-operator-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0' + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/provides-gvr: aksclusterconfigs.aks.cattle.io/v1 + catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0' + catalog.cattle.io/release-name: rancher-aks-operator + catalog.cattle.io/scope: management +apiVersion: v2 +appVersion: 1.10.2 +description: A Helm chart for provisioning AKS clusters +home: https://github.com/rancher/aks-operator +name: rancher-aks-operator +sources: +- https://github.com/rancher/aks-operator +version: 105.2.0+up1.10.2 diff --git a/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/NOTES.txt b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/NOTES.txt new file mode 100644 index 0000000000..5ba05b482c --- /dev/null +++ b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/NOTES.txt @@ -0,0 +1,4 @@ +You have deployed the Rancher AKS operator +Version: {{ .Chart.AppVersion }} +Description: This operator provisions AKS clusters +from AKSClusterConfig CRs. diff --git a/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/_helpers.tpl b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/_helpers.tpl new file mode 100644 index 0000000000..de3b332f6a --- /dev/null +++ b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/_helpers.tpl @@ -0,0 +1,25 @@ +{{/* vim: set filetype=mustache: */}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +kubernetes.io/os: linux +{{- end -}} + diff --git a/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/clusterrole.yaml b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/clusterrole.yaml new file mode 100644 index 0000000000..5e2ce97567 --- /dev/null +++ b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/clusterrole.yaml @@ -0,0 +1,15 @@ +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: aks-operator + namespace: cattle-system +rules: + - apiGroups: [''] + resources: ['secrets'] + verbs: ['get', 'list', 'create', 'watch', 'update'] + - apiGroups: ['aks.cattle.io'] + resources: ['aksclusterconfigs'] + verbs: ['get', 'list', 'update', 'watch'] + - apiGroups: ['aks.cattle.io'] + resources: ['aksclusterconfigs/status'] + verbs: ['update'] diff --git a/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/clusterrolebinding.yaml b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/clusterrolebinding.yaml new file mode 100644 index 0000000000..7aa7e785a4 --- /dev/null +++ b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/clusterrolebinding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: aks-operator + namespace: cattle-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aks-operator +subjects: +- kind: ServiceAccount + name: aks-operator + namespace: cattle-system diff --git a/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/deployment.yaml b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/deployment.yaml new file mode 100644 index 0000000000..e929a85cdc --- /dev/null +++ b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/deployment.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: aks-config-operator + namespace: cattle-system +spec: + replicas: 1 + selector: + matchLabels: + ke.cattle.io/operator: aks + template: + metadata: + labels: + ke.cattle.io/operator: aks + spec: + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} +{{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} +{{- if .Values.tolerations }} +{{ toYaml .Values.tolerations | indent 8 }} +{{- end }} + serviceAccountName: aks-operator + {{- if .Values.priorityClassName }} + priorityClassName: "{{.Values.priorityClassName}}" + {{- end }} + securityContext: + fsGroup: 1007 + runAsUser: 1007 + containers: + - name: aks-operator + image: '{{ template "system_default_registry" $ }}{{ $.Values.aksOperator.image.repository }}:{{ $.Values.aksOperator.image.tag }}' + imagePullPolicy: IfNotPresent + env: + - name: HTTP_PROXY + value: {{ .Values.httpProxy }} + - name: HTTPS_PROXY + value: {{ .Values.httpsProxy }} + - name: NO_PROXY + value: {{ .Values.noProxy }} + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + privileged: false + capabilities: + drop: + - ALL +{{- if .Values.additionalTrustedCAs }} + # aks-operator mounts the additional CAs in two places: + volumeMounts: + # This directory is owned by the aks-operator user so c_rehash works here. + - mountPath: /etc/rancher/ssl/ca-additional.pem + name: tls-ca-additional-volume + subPath: ca-additional.pem + readOnly: true + # This directory is root-owned so c_rehash doesn't work here, + # but the cert is here in case update-ca-certificates is called in the future or by the OS. + - mountPath: /etc/pki/trust/anchors/ca-additional.pem + name: tls-ca-additional-volume + subPath: ca-additional.pem + readOnly: true + volumes: + - name: tls-ca-additional-volume + secret: + defaultMode: 0400 + secretName: tls-ca-additional + {{- end }} diff --git a/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/serviceaccount.yaml b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/serviceaccount.yaml new file mode 100644 index 0000000000..9c40a152f5 --- /dev/null +++ b/charts/rancher-aks-operator/105.2.0+up1.10.2/templates/serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + namespace: cattle-system + name: aks-operator diff --git a/charts/rancher-aks-operator/105.2.0+up1.10.2/values.yaml b/charts/rancher-aks-operator/105.2.0+up1.10.2/values.yaml new file mode 100644 index 0000000000..e6fc6433d6 --- /dev/null +++ b/charts/rancher-aks-operator/105.2.0+up1.10.2/values.yaml @@ -0,0 +1,23 @@ +global: + cattle: + systemDefaultRegistry: "" + +aksOperator: + image: + repository: rancher/aks-operator + tag: v1.10.2 + +httpProxy: "" +httpsProxy: "" +noProxy: "" +additionalTrustedCAs: false + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} +## List of node taints to tolerate (requires Kubernetes >= 1.6) +tolerations: [] + +## PriorityClassName assigned to deployment. +priorityClassName: "" diff --git a/index.yaml b/index.yaml index 3e624e89ea..624f69620f 100755 --- a/index.yaml +++ b/index.yaml @@ -9503,6 +9503,54 @@ entries: - assets/prometheus-federator/prometheus-federator-0.1.0.tgz version: 0.1.0 rancher-aks-operator: + - annotations: + catalog.cattle.io/auto-install: rancher-aks-operator-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0' + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/provides-gvr: aksclusterconfigs.aks.cattle.io/v1 + catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0' + catalog.cattle.io/release-name: rancher-aks-operator + catalog.cattle.io/scope: management + apiVersion: v2 + appVersion: 1.10.2 + created: "2025-03-02T13:07:28.163645915-03:00" + description: A Helm chart for provisioning AKS clusters + digest: c60b163c052642dc89d325f654299684438edc7bf1962cc27dccabf6c18acfee + home: https://github.com/rancher/aks-operator + name: rancher-aks-operator + sources: + - https://github.com/rancher/aks-operator + urls: + - assets/rancher-aks-operator/rancher-aks-operator-105.2.0+up1.10.2.tgz + version: 105.2.0+up1.10.2 + - annotations: + catalog.cattle.io/auto-install: rancher-aks-operator-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/kube-version: '>= 1.28.0-0 < 1.32.0-0' + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/provides-gvr: aksclusterconfigs.aks.cattle.io/v1 + catalog.cattle.io/rancher-version: '>= 2.9.0-0 < 2.11.0-0' + catalog.cattle.io/release-name: rancher-aks-operator + catalog.cattle.io/scope: management + apiVersion: v2 + appVersion: 1.10.1 + created: "2025-03-02T13:07:35.114973567-03:00" + description: A Helm chart for provisioning AKS clusters + digest: f2f3bff3452aebe305fe02809bf445ec69590fe18d30cc12eff0b50f14a35612 + home: https://github.com/rancher/aks-operator + name: rancher-aks-operator + sources: + - https://github.com/rancher/aks-operator + urls: + - assets/rancher-aks-operator/rancher-aks-operator-105.1.0+up1.10.1.tgz + version: 105.1.0+up1.10.1 - annotations: catalog.cattle.io/auto-install: rancher-aks-operator-crd=match catalog.cattle.io/certified: rancher @@ -10080,6 +10128,38 @@ entries: - assets/rancher-aks-operator/rancher-aks-operator-101.0.0+up1.0.7.tgz version: 101.0.0+up1.0.7 rancher-aks-operator-crd: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/release-name: rancher-aks-operator-crd + apiVersion: v2 + appVersion: 1.10.2 + created: "2025-03-02T13:07:14.709991602-03:00" + description: AKS Operator CustomResourceDefinitions + digest: cbc449566d2f22c9533e1a4fd7db8df41a2f9abe77f390579dff536ed648135d + name: rancher-aks-operator-crd + urls: + - assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.2.0+up1.10.2.tgz + version: 105.2.0+up1.10.2 + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/release-name: rancher-aks-operator-crd + apiVersion: v2 + appVersion: 1.10.1 + created: "2025-03-02T13:07:21.489835072-03:00" + description: AKS Operator CustomResourceDefinitions + digest: 4d84429d2feef23c8d52a3902e7e232fcb73ee8c73a962178a91a99ac312a2c9 + name: rancher-aks-operator-crd + urls: + - assets/rancher-aks-operator-crd/rancher-aks-operator-crd-105.1.0+up1.10.1.tgz + version: 105.1.0+up1.10.1 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/hidden: "true" diff --git a/release.yaml b/release.yaml index 4b903fbc0d..b32c34ff93 100644 --- a/release.yaml +++ b/release.yaml @@ -1,2 +1,6 @@ -prometheus-federator: - - 105.1.0+up0.4.5 +rancher-aks-operator: + - 105.2.0+up1.10.2 + - 105.1.0+up1.10.1 +rancher-aks-operator-crd: + - 105.2.0+up1.10.2 + - 105.1.0+up1.10.1