mirror of
https://github.com/kata-containers/kata-containers.git
synced 2026-02-21 22:34:29 +00:00
kata-deploy: Introduce structured configuration format for shims
This commit introduces a new structured configuration format for configuring Kata Containers shims in the Helm chart. The new format provides: - Per-shim configuration with enabled/supportedArches - Per-shim snapshotter, guest pull, and agent proxy settings - Architecture-aware default shim configuration - Root-level debug and snapshotter setup configuration All shims are disabled by default and must be explicitly enabled. This provides better type safety and clearer organization compared to the legacy env.* string-based format. The templates are updated to use the new structure exclusively. Backward compatibility will be added in a follow-up commit. Signed-off-by: Fabiano Fidêncio <ffidencio@nvidia.com>
This commit is contained in:
Fabiano Fidêncio
@@ -56,3 +56,209 @@ Returns the namespace where node-feature-discovery is found, or empty string if
|
||||
{{- $foundNamespace -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get enabled shims for a specific architecture from structured config
|
||||
*/}}
|
||||
{{- define "kata-deploy.getEnabledShimsForArch" -}}
|
||||
{{- $arch := .arch -}}
|
||||
{{- $enabledShims := list -}}
|
||||
{{- range $shimName, $shimConfig := .root.Values.shims -}}
|
||||
{{- if $shimConfig.enabled -}}
|
||||
{{- $archSupported := false -}}
|
||||
{{- range $shimConfig.supportedArches -}}
|
||||
{{- if eq . $arch -}}
|
||||
{{- $archSupported = true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if $archSupported -}}
|
||||
{{- $enabledShims = append $enabledShims $shimName -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- join " " $enabledShims -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get default shim for a specific architecture from structured config
|
||||
*/}}
|
||||
{{- define "kata-deploy.getDefaultShimForArch" -}}
|
||||
{{- $arch := .arch -}}
|
||||
{{- index .root.Values.defaultShim $arch -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get snapshotter handler mapping for a specific architecture from structured config
|
||||
Format: shim1:snapshotter1,shim2:snapshotter2
|
||||
*/}}
|
||||
{{- define "kata-deploy.getSnapshotterHandlerMappingForArch" -}}
|
||||
{{- $arch := .arch -}}
|
||||
{{- $mappings := list -}}
|
||||
{{- range $shimName, $shimConfig := .root.Values.shims -}}
|
||||
{{- if $shimConfig.enabled -}}
|
||||
{{- $archSupported := false -}}
|
||||
{{- range $shimConfig.supportedArches -}}
|
||||
{{- if eq . $arch -}}
|
||||
{{- $archSupported = true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if $archSupported -}}
|
||||
{{- if $shimConfig.containerd -}}
|
||||
{{- $snapshotter := $shimConfig.containerd.snapshotter -}}
|
||||
{{- if $snapshotter -}}
|
||||
{{- $mappings = append $mappings (printf "%s:%s" $shimName $snapshotter) -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- join "," $mappings -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get pull type mapping for a specific architecture from structured config
|
||||
Format: shim1:pullType1,shim2:pullType2
|
||||
*/}}
|
||||
{{- define "kata-deploy.getPullTypeMappingForArch" -}}
|
||||
{{- $arch := .arch -}}
|
||||
{{- $mappings := list -}}
|
||||
{{- range $shimName, $shimConfig := .root.Values.shims -}}
|
||||
{{- if $shimConfig.enabled -}}
|
||||
{{- $archSupported := false -}}
|
||||
{{- range $shimConfig.supportedArches -}}
|
||||
{{- if eq . $arch -}}
|
||||
{{- $archSupported = true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if $archSupported -}}
|
||||
{{- $forceGuestPull := false -}}
|
||||
{{- if and $shimConfig.containerd $shimConfig.containerd.forceGuestPull -}}
|
||||
{{- $forceGuestPull = $shimConfig.containerd.forceGuestPull -}}
|
||||
{{- end -}}
|
||||
{{- if and $shimConfig.crio $shimConfig.crio.guestPull -}}
|
||||
{{- $forceGuestPull = $shimConfig.crio.guestPull -}}
|
||||
{{- end -}}
|
||||
{{- if $forceGuestPull -}}
|
||||
{{- $mappings = append $mappings (printf "%s:guest-pull" $shimName) -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- join "," $mappings -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get allowed hypervisor annotations for a specific architecture from structured config
|
||||
*/}}
|
||||
{{- define "kata-deploy.getAllowedHypervisorAnnotationsForArch" -}}
|
||||
{{- $arch := .arch -}}
|
||||
{{- /* Use new structured config - output per-shim format */ -}}
|
||||
{{- /* Output format: "shim:annotation1,annotation2" (space-separated entries, each with shim:annotations where annotations are comma-separated) */ -}}
|
||||
{{- $perShimAnnotations := list -}}
|
||||
{{- range $shimName, $shimConfig := .root.Values.shims -}}
|
||||
{{- if $shimConfig.enabled -}}
|
||||
{{- $archSupported := false -}}
|
||||
{{- range $shimConfig.supportedArches -}}
|
||||
{{- if eq . $arch -}}
|
||||
{{- $archSupported = true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if $archSupported -}}
|
||||
{{- $shimAnnotations := list -}}
|
||||
{{- range $annotation := $shimConfig.allowedHypervisorAnnotations -}}
|
||||
{{- $shimAnnotations = append $shimAnnotations $annotation -}}
|
||||
{{- end -}}
|
||||
{{- if gt (len $shimAnnotations) 0 -}}
|
||||
{{- $annotationsComma := join "," $shimAnnotations -}}
|
||||
{{- $perShimEntry := printf "%s:%s" $shimName $annotationsComma -}}
|
||||
{{- $perShimAnnotations = append $perShimAnnotations $perShimEntry -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- join " " $perShimAnnotations -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get agent HTTPS proxy from structured config
|
||||
Builds per-shim semicolon-separated list: "shim1=value1;shim2=value2"
|
||||
Supports backward compatibility with old env.agentHttpsProxy value
|
||||
*/}}
|
||||
{{- define "kata-deploy.getAgentHttpsProxy" -}}
|
||||
{{- /* Check for legacy env value first */ -}}
|
||||
{{- if .Values.env.agentHttpsProxy -}}
|
||||
{{- .Values.env.agentHttpsProxy -}}
|
||||
{{- else -}}
|
||||
{{- /* Use new structured config: build per-shim semicolon-separated list */ -}}
|
||||
{{- $proxies := list -}}
|
||||
{{- range $shimName, $shimConfig := .Values.shims -}}
|
||||
{{- if and $shimConfig.enabled $shimConfig.agent $shimConfig.agent.httpsProxy -}}
|
||||
{{- $entry := printf "%s=%s" $shimName $shimConfig.agent.httpsProxy -}}
|
||||
{{- $proxies = append $proxies $entry -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- join ";" $proxies -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get agent NO_PROXY from structured config
|
||||
Returns the first non-empty noProxy found in enabled shims
|
||||
*/}}
|
||||
{{- define "kata-deploy.getAgentNoProxy" -}}
|
||||
{{- /* Check for legacy env value first */ -}}
|
||||
{{- if .Values.env.agentNoProxy -}}
|
||||
{{- .Values.env.agentNoProxy -}}
|
||||
{{- else -}}
|
||||
{{- /* Use new structured config: build per-shim semicolon-separated list */ -}}
|
||||
{{- $proxies := list -}}
|
||||
{{- range $shimName, $shimConfig := .Values.shims -}}
|
||||
{{- if and $shimConfig.enabled $shimConfig.agent $shimConfig.agent.noProxy -}}
|
||||
{{- $entry := printf "%s=%s" $shimName $shimConfig.agent.noProxy -}}
|
||||
{{- $proxies = append $proxies $entry -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- join ";" $proxies -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get snapshotter setup list from structured config
|
||||
*/}}
|
||||
{{- define "kata-deploy.getSnapshotterSetup" -}}
|
||||
{{- join "," .Values.snapshotter.setup -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get debug value from structured config
|
||||
*/}}
|
||||
{{- define "kata-deploy.getDebug" -}}
|
||||
{{- if .Values.debug -}}
|
||||
{{- "true" -}}
|
||||
{{- else -}}
|
||||
{{- "false" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get EXPERIMENTAL_FORCE_GUEST_PULL for a specific architecture from structured config
|
||||
*/}}
|
||||
{{- define "kata-deploy.getForceGuestPullForArch" -}}
|
||||
{{- $arch := .arch -}}
|
||||
{{- /* Return comma-separated list of shim names that have forceGuestPull enabled */ -}}
|
||||
{{- /* Note: EXPERIMENTAL_FORCE_GUEST_PULL only checks containerd.forceGuestPull, not crio.guestPull */ -}}
|
||||
{{- $shimNames := list -}}
|
||||
{{- range $shimName, $shimConfig := .root.Values.shims -}}
|
||||
{{- if $shimConfig.enabled -}}
|
||||
{{- $archSupported := false -}}
|
||||
{{- range $shimConfig.supportedArches -}}
|
||||
{{- if eq . $arch -}}
|
||||
{{- $archSupported = true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if $archSupported -}}
|
||||
{{- if and $shimConfig.containerd $shimConfig.containerd.forceGuestPull -}}
|
||||
{{- $shimNames = append $shimNames $shimName -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- join "," $shimNames -}}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
@@ -136,73 +136,150 @@ spec:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
- name: DEBUG
|
||||
value: {{ .Values.env.debug | quote }}
|
||||
- name: SHIMS
|
||||
value: {{ .Values.env.shims | quote }}
|
||||
value: {{ include "kata-deploy.getDebug" . | quote }}
|
||||
{{- $shimsAmd64 := include "kata-deploy.getEnabledShimsForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $shimsAmd64 }}
|
||||
- name: SHIMS_X86_64
|
||||
value: {{ .Values.env.shims_x86_64 | quote }}
|
||||
value: {{ $shimsAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $shimsArm64 := include "kata-deploy.getEnabledShimsForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $shimsArm64 }}
|
||||
- name: SHIMS_AARCH64
|
||||
value: {{ .Values.env.shims_aarch64 | quote }}
|
||||
value: {{ $shimsArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $shimsS390x := include "kata-deploy.getEnabledShimsForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $shimsS390x }}
|
||||
- name: SHIMS_S390X
|
||||
value: {{ .Values.env.shims_s390x | quote }}
|
||||
value: {{ $shimsS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $shimsPpc64le := include "kata-deploy.getEnabledShimsForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $shimsPpc64le }}
|
||||
- name: SHIMS_PPC64LE
|
||||
value: {{ .Values.env.shims_ppc64le | quote }}
|
||||
- name: DEFAULT_SHIM
|
||||
value: {{ .Values.env.defaultShim | quote }}
|
||||
value: {{ $shimsPpc64le | quote }}
|
||||
{{- end }}
|
||||
{{- $defaultShimAmd64 := include "kata-deploy.getDefaultShimForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $defaultShimAmd64 }}
|
||||
- name: DEFAULT_SHIM_X86_64
|
||||
value: {{ .Values.env.defaultShim_x86_64 | quote }}
|
||||
value: {{ $defaultShimAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $defaultShimArm64 := include "kata-deploy.getDefaultShimForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $defaultShimArm64 }}
|
||||
- name: DEFAULT_SHIM_AARCH64
|
||||
value: {{ .Values.env.defaultShim_aarch64 | quote }}
|
||||
value: {{ $defaultShimArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $defaultShimS390x := include "kata-deploy.getDefaultShimForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $defaultShimS390x }}
|
||||
- name: DEFAULT_SHIM_S390X
|
||||
value: {{ .Values.env.defaultShim_s390x | quote }}
|
||||
value: {{ $defaultShimS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $defaultShimPpc64le := include "kata-deploy.getDefaultShimForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $defaultShimPpc64le }}
|
||||
- name: DEFAULT_SHIM_PPC64LE
|
||||
value: {{ .Values.env.defaultShim_ppc64le | quote }}
|
||||
value: {{ $defaultShimPpc64le | quote }}
|
||||
{{- end }}
|
||||
- name: CREATE_RUNTIMECLASSES
|
||||
value: {{ .Values.env.createRuntimeClasses | quote }}
|
||||
- name: CREATE_DEFAULT_RUNTIMECLASS
|
||||
value: {{ .Values.env.createDefaultRuntimeClass | quote }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS
|
||||
value: {{ .Values.env.allowedHypervisorAnnotations | quote }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING
|
||||
value: {{ .Values.env.snapshotterHandlerMapping | quote }}
|
||||
{{- $allowedHypervisorAnnotationsAmd64 := include "kata-deploy.getAllowedHypervisorAnnotationsForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $allowedHypervisorAnnotationsAmd64 }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS_X86_64
|
||||
value: {{ $allowedHypervisorAnnotationsAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $allowedHypervisorAnnotationsArm64 := include "kata-deploy.getAllowedHypervisorAnnotationsForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $allowedHypervisorAnnotationsArm64 }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS_AARCH64
|
||||
value: {{ $allowedHypervisorAnnotationsArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $allowedHypervisorAnnotationsS390x := include "kata-deploy.getAllowedHypervisorAnnotationsForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $allowedHypervisorAnnotationsS390x }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS_S390X
|
||||
value: {{ $allowedHypervisorAnnotationsS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $allowedHypervisorAnnotationsPpc64le := include "kata-deploy.getAllowedHypervisorAnnotationsForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $allowedHypervisorAnnotationsPpc64le }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS_PPC64LE
|
||||
value: {{ $allowedHypervisorAnnotationsPpc64le | quote }}
|
||||
{{- end }}
|
||||
{{- $snapshotterHandlerMappingAmd64 := include "kata-deploy.getSnapshotterHandlerMappingForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $snapshotterHandlerMappingAmd64 }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING_X86_64
|
||||
value: {{ .Values.env.snapshotterHandlerMapping_x86_64 | quote }}
|
||||
value: {{ $snapshotterHandlerMappingAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $snapshotterHandlerMappingArm64 := include "kata-deploy.getSnapshotterHandlerMappingForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $snapshotterHandlerMappingArm64 }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING_AARCH64
|
||||
value: {{ .Values.env.snapshotterHandlerMapping_aarch64 | quote }}
|
||||
value: {{ $snapshotterHandlerMappingArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $snapshotterHandlerMappingS390x := include "kata-deploy.getSnapshotterHandlerMappingForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $snapshotterHandlerMappingS390x }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING_S390X
|
||||
value: {{ .Values.env.snapshotterHandlerMapping_s390x | quote }}
|
||||
value: {{ $snapshotterHandlerMappingS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $snapshotterHandlerMappingPpc64le := include "kata-deploy.getSnapshotterHandlerMappingForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $snapshotterHandlerMappingPpc64le }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING_PPC64LE
|
||||
value: {{ .Values.env.snapshotterHandlerMapping_ppc64le | quote }}
|
||||
value: {{ $snapshotterHandlerMappingPpc64le | quote }}
|
||||
{{- end }}
|
||||
{{- $agentHttpsProxy := include "kata-deploy.getAgentHttpsProxy" . | trim -}}
|
||||
{{- if $agentHttpsProxy }}
|
||||
- name: AGENT_HTTPS_PROXY
|
||||
value: {{ .Values.env.agentHttpsProxy | quote }}
|
||||
value: {{ $agentHttpsProxy | quote }}
|
||||
{{- end }}
|
||||
{{- $agentNoProxy := include "kata-deploy.getAgentNoProxy" . | trim -}}
|
||||
{{- if $agentNoProxy }}
|
||||
- name: AGENT_NO_PROXY
|
||||
value: {{ .Values.env.agentNoProxy | quote }}
|
||||
- name: PULL_TYPE_MAPPING
|
||||
value: {{ .Values.env.pullTypeMapping | quote }}
|
||||
value: {{ $agentNoProxy | quote }}
|
||||
{{- end }}
|
||||
{{- $pullTypeMappingAmd64 := include "kata-deploy.getPullTypeMappingForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $pullTypeMappingAmd64 }}
|
||||
- name: PULL_TYPE_MAPPING_X86_64
|
||||
value: {{ .Values.env.pullTypeMapping_x86_64 | quote }}
|
||||
value: {{ $pullTypeMappingAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $pullTypeMappingArm64 := include "kata-deploy.getPullTypeMappingForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $pullTypeMappingArm64 }}
|
||||
- name: PULL_TYPE_MAPPING_AARCH64
|
||||
value: {{ .Values.env.pullTypeMapping_aarch64 | quote }}
|
||||
value: {{ $pullTypeMappingArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $pullTypeMappingS390x := include "kata-deploy.getPullTypeMappingForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $pullTypeMappingS390x }}
|
||||
- name: PULL_TYPE_MAPPING_S390X
|
||||
value: {{ .Values.env.pullTypeMapping_s390x | quote }}
|
||||
value: {{ $pullTypeMappingS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $pullTypeMappingPpc64le := include "kata-deploy.getPullTypeMappingForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $pullTypeMappingPpc64le }}
|
||||
- name: PULL_TYPE_MAPPING_PPC64LE
|
||||
value: {{ .Values.env.pullTypeMapping_ppc64le | quote }}
|
||||
value: {{ $pullTypeMappingPpc64le | quote }}
|
||||
{{- end }}
|
||||
- name: INSTALLATION_PREFIX
|
||||
value: {{ .Values.env.installationPrefix | quote }}
|
||||
- name: MULTI_INSTALL_SUFFIX
|
||||
value: {{ .Values.env.multiInstallSuffix | quote }}
|
||||
{{- $snapshotterSetup := include "kata-deploy.getSnapshotterSetup" . | trim -}}
|
||||
{{- if $snapshotterSetup }}
|
||||
- name: EXPERIMENTAL_SETUP_SNAPSHOTTER
|
||||
value: {{ .Values.env._experimentalSetupSnapshotter | quote }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL
|
||||
value: {{ .Values.env._experimentalForceGuestPull | quote }}
|
||||
value: {{ $snapshotterSetup | quote }}
|
||||
{{- end }}
|
||||
{{- $forceGuestPullAmd64 := include "kata-deploy.getForceGuestPullForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if eq $forceGuestPullAmd64 "true" }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL_X86_64
|
||||
value: {{ .Values.env._experimentalForceGuestPull | quote }}
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- $forceGuestPullArm64 := include "kata-deploy.getForceGuestPullForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if eq $forceGuestPullArm64 "true" }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL_AARCH64
|
||||
value: {{ .Values.env._experimentalForceGuestPull | quote }}
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- $forceGuestPullS390x := include "kata-deploy.getForceGuestPullForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if eq $forceGuestPullS390x "true" }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL_S390X
|
||||
value: {{ .Values.env._experimentalForceGuestPull | quote }}
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- $forceGuestPullPpc64le := include "kata-deploy.getForceGuestPullForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if eq $forceGuestPullPpc64le "true" }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL_PPC64LE
|
||||
value: {{ .Values.env._experimentalForceGuestPull | quote }}
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- with .Values.env.hostOS }}
|
||||
- name: HOST_OS
|
||||
value: {{ . | quote }}
|
||||
|
||||
@@ -102,7 +102,7 @@ spec:
|
||||
containers:
|
||||
- name: kube-kata-cleanup
|
||||
image: {{ .Values.image.reference }}:{{ default .Chart.AppVersion .Values.image.tag }}
|
||||
imagePullPolicy: IfNotPresent
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy }}
|
||||
command: ["bash", "-c", "/opt/kata-artifacts/scripts/kata-deploy.sh cleanup"]
|
||||
env:
|
||||
- name: NODE_NAME
|
||||
@@ -110,75 +110,152 @@ spec:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
- name: DEBUG
|
||||
value: {{ .Values.env.debug | quote }}
|
||||
- name: SHIMS
|
||||
value: {{ .Values.env.shims | quote }}
|
||||
value: {{ include "kata-deploy.getDebug" . | quote }}
|
||||
{{- $shimsAmd64 := include "kata-deploy.getEnabledShimsForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $shimsAmd64 }}
|
||||
- name: SHIMS_X86_64
|
||||
value: {{ .Values.env.shims_x86_64 | quote }}
|
||||
value: {{ $shimsAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $shimsArm64 := include "kata-deploy.getEnabledShimsForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $shimsArm64 }}
|
||||
- name: SHIMS_AARCH64
|
||||
value: {{ .Values.env.shims_aarch64 | quote }}
|
||||
value: {{ $shimsArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $shimsS390x := include "kata-deploy.getEnabledShimsForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $shimsS390x }}
|
||||
- name: SHIMS_S390X
|
||||
value: {{ .Values.env.shims_s390x | quote }}
|
||||
value: {{ $shimsS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $shimsPpc64le := include "kata-deploy.getEnabledShimsForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $shimsPpc64le }}
|
||||
- name: SHIMS_PPC64LE
|
||||
value: {{ .Values.env.shims_ppc64le | quote }}
|
||||
- name: DEFAULT_SHIM
|
||||
value: {{ .Values.env.defaultShim | quote }}
|
||||
value: {{ $shimsPpc64le | quote }}
|
||||
{{- end }}
|
||||
{{- $defaultShimAmd64 := include "kata-deploy.getDefaultShimForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $defaultShimAmd64 }}
|
||||
- name: DEFAULT_SHIM_X86_64
|
||||
value: {{ .Values.env.defaultShim_x86_64 | quote }}
|
||||
value: {{ $defaultShimAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $defaultShimArm64 := include "kata-deploy.getDefaultShimForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $defaultShimArm64 }}
|
||||
- name: DEFAULT_SHIM_AARCH64
|
||||
value: {{ .Values.env.defaultShim_aarch64 | quote }}
|
||||
value: {{ $defaultShimArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $defaultShimS390x := include "kata-deploy.getDefaultShimForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $defaultShimS390x }}
|
||||
- name: DEFAULT_SHIM_S390X
|
||||
value: {{ .Values.env.defaultShim_s390x | quote }}
|
||||
value: {{ $defaultShimS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $defaultShimPpc64le := include "kata-deploy.getDefaultShimForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $defaultShimPpc64le }}
|
||||
- name: DEFAULT_SHIM_PPC64LE
|
||||
value: {{ .Values.env.defaultShim_ppc64le | quote }}
|
||||
value: {{ $defaultShimPpc64le | quote }}
|
||||
{{- end }}
|
||||
- name: CREATE_RUNTIMECLASSES
|
||||
value: {{ .Values.env.createRuntimeClasses | quote }}
|
||||
- name: CREATE_DEFAULT_RUNTIMECLASS
|
||||
value: {{ .Values.env.createDefaultRuntimeClass | quote }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS
|
||||
value: {{ .Values.env.allowedHypervisorAnnotations | quote }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING
|
||||
value: {{ .Values.env.snapshotterHandlerMapping | quote }}
|
||||
{{- $allowedHypervisorAnnotationsAmd64 := include "kata-deploy.getAllowedHypervisorAnnotationsForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $allowedHypervisorAnnotationsAmd64 }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS_X86_64
|
||||
value: {{ $allowedHypervisorAnnotationsAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $allowedHypervisorAnnotationsArm64 := include "kata-deploy.getAllowedHypervisorAnnotationsForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $allowedHypervisorAnnotationsArm64 }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS_AARCH64
|
||||
value: {{ $allowedHypervisorAnnotationsArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $allowedHypervisorAnnotationsS390x := include "kata-deploy.getAllowedHypervisorAnnotationsForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $allowedHypervisorAnnotationsS390x }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS_S390X
|
||||
value: {{ $allowedHypervisorAnnotationsS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $allowedHypervisorAnnotationsPpc64le := include "kata-deploy.getAllowedHypervisorAnnotationsForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $allowedHypervisorAnnotationsPpc64le }}
|
||||
- name: ALLOWED_HYPERVISOR_ANNOTATIONS_PPC64LE
|
||||
value: {{ $allowedHypervisorAnnotationsPpc64le | quote }}
|
||||
{{- end }}
|
||||
{{- $snapshotterHandlerMappingAmd64 := include "kata-deploy.getSnapshotterHandlerMappingForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $snapshotterHandlerMappingAmd64 }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING_X86_64
|
||||
value: {{ .Values.env.snapshotterHandlerMapping_x86_64 | quote }}
|
||||
value: {{ $snapshotterHandlerMappingAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $snapshotterHandlerMappingArm64 := include "kata-deploy.getSnapshotterHandlerMappingForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $snapshotterHandlerMappingArm64 }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING_AARCH64
|
||||
value: {{ .Values.env.snapshotterHandlerMapping_aarch64 | quote }}
|
||||
value: {{ $snapshotterHandlerMappingArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $snapshotterHandlerMappingS390x := include "kata-deploy.getSnapshotterHandlerMappingForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $snapshotterHandlerMappingS390x }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING_S390X
|
||||
value: {{ .Values.env.snapshotterHandlerMapping_s390x | quote }}
|
||||
value: {{ $snapshotterHandlerMappingS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $snapshotterHandlerMappingPpc64le := include "kata-deploy.getSnapshotterHandlerMappingForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $snapshotterHandlerMappingPpc64le }}
|
||||
- name: SNAPSHOTTER_HANDLER_MAPPING_PPC64LE
|
||||
value: {{ .Values.env.snapshotterHandlerMapping_ppc64le | quote }}
|
||||
value: {{ $snapshotterHandlerMappingPpc64le | quote }}
|
||||
{{- end }}
|
||||
{{- $agentHttpsProxy := include "kata-deploy.getAgentHttpsProxy" . | trim -}}
|
||||
{{- if $agentHttpsProxy }}
|
||||
- name: AGENT_HTTPS_PROXY
|
||||
value: {{ .Values.env.agentHttpsProxy | quote }}
|
||||
value: {{ $agentHttpsProxy | quote }}
|
||||
{{- end }}
|
||||
{{- $agentNoProxy := include "kata-deploy.getAgentNoProxy" . | trim -}}
|
||||
{{- if $agentNoProxy }}
|
||||
- name: AGENT_NO_PROXY
|
||||
value: {{ .Values.env.agentNoProxy | quote }}
|
||||
- name: PULL_TYPE_MAPPING
|
||||
value: {{ .Values.env.pullTypeMapping | quote }}
|
||||
value: {{ $agentNoProxy | quote }}
|
||||
{{- end }}
|
||||
{{- $pullTypeMappingAmd64 := include "kata-deploy.getPullTypeMappingForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if $pullTypeMappingAmd64 }}
|
||||
- name: PULL_TYPE_MAPPING_X86_64
|
||||
value: {{ .Values.env.pullTypeMapping_x86_64 | quote }}
|
||||
value: {{ $pullTypeMappingAmd64 | quote }}
|
||||
{{- end }}
|
||||
{{- $pullTypeMappingArm64 := include "kata-deploy.getPullTypeMappingForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if $pullTypeMappingArm64 }}
|
||||
- name: PULL_TYPE_MAPPING_AARCH64
|
||||
value: {{ .Values.env.pullTypeMapping_aarch64 | quote }}
|
||||
value: {{ $pullTypeMappingArm64 | quote }}
|
||||
{{- end }}
|
||||
{{- $pullTypeMappingS390x := include "kata-deploy.getPullTypeMappingForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if $pullTypeMappingS390x }}
|
||||
- name: PULL_TYPE_MAPPING_S390X
|
||||
value: {{ .Values.env.pullTypeMapping_s390x | quote }}
|
||||
value: {{ $pullTypeMappingS390x | quote }}
|
||||
{{- end }}
|
||||
{{- $pullTypeMappingPpc64le := include "kata-deploy.getPullTypeMappingForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if $pullTypeMappingPpc64le }}
|
||||
- name: PULL_TYPE_MAPPING_PPC64LE
|
||||
value: {{ .Values.env.pullTypeMapping_ppc64le | quote }}
|
||||
value: {{ $pullTypeMappingPpc64le | quote }}
|
||||
{{- end }}
|
||||
- name: HELM_POST_DELETE_HOOK
|
||||
value: "true"
|
||||
- name: INSTALLATION_PREFIX
|
||||
value: {{ .Values.env.installationPrefix | quote }}
|
||||
- name: MULTI_INSTALL_SUFFIX
|
||||
value: {{ .Values.env.multiInstallSuffix | quote }}
|
||||
{{- $snapshotterSetup := include "kata-deploy.getSnapshotterSetup" . | trim -}}
|
||||
{{- if $snapshotterSetup }}
|
||||
- name: EXPERIMENTAL_SETUP_SNAPSHOTTER
|
||||
value: {{ .Values.env._experimentalSetupSnapshotter | quote }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL
|
||||
value: {{ .Values.env._experimentalForceGuestPull | quote }}
|
||||
value: {{ $snapshotterSetup | quote }}
|
||||
{{- end }}
|
||||
{{- $forceGuestPullAmd64 := include "kata-deploy.getForceGuestPullForArch" (dict "root" . "arch" "amd64") | trim -}}
|
||||
{{- if eq $forceGuestPullAmd64 "true" }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL_X86_64
|
||||
value: {{ .Values.env._experimentalForceGuestPull_x86_64 | quote }}
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- $forceGuestPullArm64 := include "kata-deploy.getForceGuestPullForArch" (dict "root" . "arch" "arm64") | trim -}}
|
||||
{{- if eq $forceGuestPullArm64 "true" }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL_AARCH64
|
||||
value: {{ .Values.env._experimentalForceGuestPull_aarch64 | quote }}
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- $forceGuestPullS390x := include "kata-deploy.getForceGuestPullForArch" (dict "root" . "arch" "s390x") | trim -}}
|
||||
{{- if eq $forceGuestPullS390x "true" }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL_S390X
|
||||
value: {{ .Values.env._experimentalForceGuestPull_s390x | quote }}
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- $forceGuestPullPpc64le := include "kata-deploy.getForceGuestPullForArch" (dict "root" . "arch" "ppc64le") | trim -}}
|
||||
{{- if eq $forceGuestPullPpc64le "true" }}
|
||||
- name: EXPERIMENTAL_FORCE_GUEST_PULL_PPC64LE
|
||||
value: {{ .Values.env._experimentalForceGuestPull_ppc64le | quote }}
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- with .Values.env.hostOS }}
|
||||
- name: HOST_OS
|
||||
value: {{ . | quote }}
|
||||
|
||||
@@ -1,11 +1,15 @@
|
||||
{{- if .Values.runtimeClasses.enabled }}
|
||||
{{- $multiInstallSuffix := .Values.env.multiInstallSuffix }}
|
||||
{{- $defaultShim := .Values.env.defaultShim }}
|
||||
{{- $createDefaultRC := .Values.runtimeClasses.createDefault }}
|
||||
{{- $defaultRCName := .Values.runtimeClasses.defaultName }}
|
||||
|
||||
{{- /* Parse the shims string into a list */ -}}
|
||||
{{- $shims := splitList " " .Values.env.shims }}
|
||||
{{- /* Get enabled shims from structured config */ -}}
|
||||
{{- $enabledShims := list -}}
|
||||
{{- range $shimName, $shimConfig := .Values.shims -}}
|
||||
{{- if $shimConfig.enabled -}}
|
||||
{{- $enabledShims = append $enabledShims $shimName -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- /* Define runtime class configurations with their overhead settings */ -}}
|
||||
{{- $runtimeClassConfigs := dict
|
||||
@@ -29,8 +33,8 @@
|
||||
"remote" (dict "memory" "120Mi" "cpu" "250m")
|
||||
}}
|
||||
|
||||
{{- /* Create RuntimeClass for each shim */ -}}
|
||||
{{- range $shim := $shims }}
|
||||
{{- /* Create RuntimeClass for each enabled shim */ -}}
|
||||
{{- range $shim := $enabledShims }}
|
||||
{{- $config := index $runtimeClassConfigs $shim }}
|
||||
{{- if $config }}
|
||||
---
|
||||
@@ -59,8 +63,10 @@ scheduling:
|
||||
|
||||
{{- /* Create default RuntimeClass if requested */ -}}
|
||||
{{- if and $createDefaultRC (not $multiInstallSuffix) }}
|
||||
{{- /* Get default shim for amd64 (fallback) */ -}}
|
||||
{{- $defaultShim := index .Values.defaultShim "amd64" | default (index .Values.defaultShim "arm64") | default (index .Values.defaultShim "s390x") | default (index .Values.defaultShim "ppc64le") }}
|
||||
{{- $defaultConfig := index $runtimeClassConfigs $defaultShim }}
|
||||
{{- if $defaultConfig }}
|
||||
{{- if and $defaultShim $defaultConfig }}
|
||||
---
|
||||
kind: RuntimeClass
|
||||
apiVersion: node.k8s.io/v1
|
||||
|
||||
@@ -1,10 +1,13 @@
|
||||
imagePullPolicy: Always
|
||||
|
||||
imagePullSecrets: []
|
||||
|
||||
image:
|
||||
reference: quay.io/kata-containers/kata-deploy
|
||||
tag: ""
|
||||
# k8s-dist can be k8s, k3s, rke2, k0s, microk8s
|
||||
k8sDistribution: "k8s"
|
||||
|
||||
k8sDistribution: "k8s" # k8s, k3s, rke2, k0s, microk8s
|
||||
|
||||
# Node selector to control which nodes the kata-deploy daemonset runs on
|
||||
# Example:
|
||||
# nodeSelector:
|
||||
@@ -12,37 +15,252 @@ k8sDistribution: "k8s"
|
||||
# node-type: "worker"
|
||||
nodeSelector: {}
|
||||
|
||||
# RuntimeClass configuration
|
||||
# When enabled, RuntimeClasses will be created by the Helm chart instead of by the kata-deploy script
|
||||
debug: false
|
||||
|
||||
snapshotter:
|
||||
setup: [] # ["nydus", "erofs"] or []
|
||||
|
||||
# See MAINTENANCE.md for field descriptions and maintenance guide
|
||||
# NOTE: All shims are disabled by default. Enable the ones you need explicitly.
|
||||
shims:
|
||||
clh: # cloud-hypervisor, golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
- arm64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: ""
|
||||
|
||||
cloud-hypervisor: # rust runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
- arm64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: ""
|
||||
|
||||
dragonball: # rust runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
- arm64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: ""
|
||||
|
||||
fc: # firecracker, golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
- arm64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: "devmapper" # requires pre-configuration on the user side
|
||||
|
||||
qemu: # golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
- arm64
|
||||
- s390x
|
||||
- ppc64le
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: ""
|
||||
|
||||
qemu-runtime-rs: # rust runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
- s390x
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: ""
|
||||
|
||||
qemu-nvidia-gpu: # golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
- arm64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: ""
|
||||
|
||||
qemu-nvidia-gpu-snp: # golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: ""
|
||||
forceGuestPull: true
|
||||
crio:
|
||||
guestPull: true
|
||||
agent:
|
||||
httpsProxy: ""
|
||||
noProxy: ""
|
||||
|
||||
qemu-nvidia-gpu-tdx: # golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: ""
|
||||
forceGuestPull: true
|
||||
crio:
|
||||
guestPull: true
|
||||
agent:
|
||||
httpsProxy: ""
|
||||
noProxy: ""
|
||||
|
||||
qemu-snp: # golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: nydus
|
||||
forceGuestPull: false
|
||||
crio:
|
||||
guestPull: true
|
||||
agent:
|
||||
httpsProxy: ""
|
||||
noProxy: ""
|
||||
|
||||
qemu-tdx: # golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: nydus
|
||||
forceGuestPull: false
|
||||
crio:
|
||||
guestPull: true
|
||||
agent:
|
||||
httpsProxy: ""
|
||||
noProxy: ""
|
||||
|
||||
qemu-se: # golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- s390x
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: nydus
|
||||
forceGuestPull: false
|
||||
crio:
|
||||
guestPull: true
|
||||
agent:
|
||||
httpsProxy: ""
|
||||
noProxy: ""
|
||||
|
||||
qemu-se-runtime-rs: # rust runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- s390x
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: nydus
|
||||
forceGuestPull: false
|
||||
crio:
|
||||
guestPull: true
|
||||
agent:
|
||||
httpsProxy: ""
|
||||
noProxy: ""
|
||||
|
||||
qemu-cca: # golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- arm64
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: nydus
|
||||
forceGuestPull: false
|
||||
crio:
|
||||
guestPull: true
|
||||
agent:
|
||||
httpsProxy: ""
|
||||
noProxy: ""
|
||||
|
||||
qemu-coco-dev: # golang runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
- s390x
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: nydus
|
||||
forceGuestPull: false
|
||||
crio:
|
||||
guestPull: true
|
||||
agent:
|
||||
httpsProxy: ""
|
||||
noProxy: ""
|
||||
|
||||
qemu-coco-dev-runtime-rs: # rust runtime
|
||||
enabled: false
|
||||
supportedArches:
|
||||
- amd64
|
||||
- s390x
|
||||
allowedHypervisorAnnotations: []
|
||||
containerd:
|
||||
snapshotter: nydus
|
||||
forceGuestPull: false
|
||||
crio:
|
||||
guestPull: true
|
||||
agent:
|
||||
httpsProxy: ""
|
||||
noProxy: ""
|
||||
|
||||
# Default shim per architecture
|
||||
# Since shims are disabled by default, you must explicitly configure defaultShim
|
||||
# for the architectures you're using.
|
||||
# Example:
|
||||
# defaultShim:
|
||||
# amd64: shim
|
||||
defaultShim:
|
||||
amd64: qemu
|
||||
arm64: qemu
|
||||
s390x: qemu
|
||||
ppc64le: qemu
|
||||
|
||||
runtimeClasses:
|
||||
# Enable RuntimeClass creation via Helm
|
||||
enabled: true
|
||||
# Create a default RuntimeClass (alias for the default shim)
|
||||
# NOTE: Default RuntimeClass creation is NOT supported with multiInstallSuffix.
|
||||
# When multiInstallSuffix is set, this option will be ignored to avoid naming conflicts.
|
||||
# In multi-install scenarios, use the fully qualified RuntimeClass names (e.g., kata-qemu-suffix1).
|
||||
createDefault: false
|
||||
# Name for the default RuntimeClass (defaults to "kata" if not specified)
|
||||
defaultName: "kata"
|
||||
|
||||
env:
|
||||
debug: "false"
|
||||
shims: "clh cloud-hypervisor dragonball fc qemu qemu-coco-dev qemu-coco-dev-runtime-rs qemu-runtime-rs qemu-se-runtime-rs qemu-snp qemu-tdx stratovirt qemu-nvidia-gpu qemu-nvidia-gpu-snp qemu-nvidia-gpu-tdx qemu-cca"
|
||||
installationPrefix: ""
|
||||
hostOS: ""
|
||||
# Suffix for multi-install deployments to avoid conflicts between multiple Kata installations
|
||||
# NOTE: When set, the default RuntimeClass (runtimeClasses.createDefault) will NOT be created
|
||||
# to avoid naming conflicts. Use fully qualified RuntimeClass names (e.g., kata-qemu-suffix1).
|
||||
multiInstallSuffix: ""
|
||||
|
||||
# DEPRECATED: Use 'runtimeClasses.enabled' and 'runtimeClasses.createDefault' instead
|
||||
# Will be removed in 2 releases
|
||||
createRuntimeClasses: "false"
|
||||
createDefaultRuntimeClass: "false"
|
||||
|
||||
# DEPRECATED: Use structured 'shims' and 'defaultShim' sections above
|
||||
# Will be removed in 2 releases
|
||||
debug: ""
|
||||
shims: ""
|
||||
shims_x86_64: ""
|
||||
shims_aarch64: ""
|
||||
shims_s390x: ""
|
||||
shims_ppc64le: ""
|
||||
defaultShim: "qemu"
|
||||
defaultShim: ""
|
||||
defaultShim_x86_64: ""
|
||||
defaultShim_aarch64: ""
|
||||
defaultShim_s390x: ""
|
||||
defaultShim_ppc64le: ""
|
||||
# createRuntimeClasses: DEPRECATED - Use runtimeClasses.enabled instead
|
||||
# When runtimeClasses.enabled is true (default), this is automatically set to "false"
|
||||
# to let Helm manage RuntimeClasses instead of the kata-deploy script
|
||||
createRuntimeClasses: "false"
|
||||
createDefaultRuntimeClass: "false"
|
||||
allowedHypervisorAnnotations: ""
|
||||
_experimentalSetupSnapshotter: ""
|
||||
snapshotterHandlerMapping: ""
|
||||
snapshotterHandlerMapping_x86_64: ""
|
||||
snapshotterHandlerMapping_aarch64: ""
|
||||
@@ -55,13 +273,6 @@ env:
|
||||
pullTypeMapping_aarch64: ""
|
||||
pullTypeMapping_s390x: ""
|
||||
pullTypeMapping_ppc64le: ""
|
||||
installationPrefix: ""
|
||||
hostOS: ""
|
||||
# Suffix for multi-install deployments to avoid conflicts between multiple Kata installations
|
||||
# NOTE: When set, the default RuntimeClass (runtimeClasses.createDefault) will NOT be created
|
||||
# to avoid naming conflicts. Use fully qualified RuntimeClass names (e.g., kata-qemu-suffix1).
|
||||
multiInstallSuffix: ""
|
||||
_experimentalSetupSnapshotter: ""
|
||||
_experimentalForceGuestPull: ""
|
||||
_experimentalForceGuestPull_x86_64: ""
|
||||
_experimentalForceGuestPull_aarch64: ""
|
||||
|
||||
Reference in New Issue
Block a user