diff --git a/.ci/scripts/generate-portainer-manifests-from-chart.sh b/.ci/scripts/generate-portainer-manifests-from-chart.sh old mode 100644 new mode 100755 diff --git a/charts/portainer/Chart.yaml b/charts/portainer/Chart.yaml index 0399013..e38a45e 100644 --- a/charts/portainer/Chart.yaml +++ b/charts/portainer/Chart.yaml @@ -16,11 +16,11 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 1.0.18 +version: 1.0.19 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: ce-latest-ee-2.7.0 +appVersion: ce-latest-ee-2.10.0 sources: - https://github.com/portainer/k8s diff --git a/charts/portainer/templates/deployment.yaml b/charts/portainer/templates/deployment.yaml index ec5d4de..75f9ba1 100644 --- a/charts/portainer/templates/deployment.yaml +++ b/charts/portainer/templates/deployment.yaml @@ -62,26 +62,12 @@ spec: - name: http containerPort: 9000 protocol: TCP - {{- if not .Values.enterpriseEdition.enabled }} - name: https containerPort: 9443 - protocol: TCP - {{- end }} + protocol: TCP - name: tcp-edge containerPort: 8000 protocol: TCP - {{- if .Values.enterpriseEdition.enabled }} - livenessProbe: - httpGet: - path: / - port: 9000 - scheme: HTTP - readinessProbe: - httpGet: - path: / - port: 9000 - scheme: HTTP - {{- else }} livenessProbe: httpGet: path: / @@ -91,7 +77,6 @@ spec: httpGet: path: / port: 9443 - scheme: HTTPS - {{- end }} + scheme: HTTPS resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/charts/portainer/templates/service.yaml b/charts/portainer/templates/service.yaml index d2b8b75..75f7399 100644 --- a/charts/portainer/templates/service.yaml +++ b/charts/portainer/templates/service.yaml @@ -21,8 +21,7 @@ spec: name: http {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.httpNodePort))) }} nodePort: {{ .Values.service.httpNodePort}} - {{- end }} - {{- if not .Values.enterpriseEdition.enabled }} + {{- end }} - port: {{ .Values.service.httpsPort }} targetPort: 9443 protocol: TCP @@ -30,7 +29,6 @@ spec: {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.httpsNodePort))) }} nodePort: {{ .Values.service.httpsNodePort}} {{- end }} - {{- end }} {{- if (eq .Values.service.type "NodePort") }} - port: {{ .Values.service.edgeNodePort }} targetPort: {{ .Values.service.edgeNodePort }} diff --git a/charts/portainer/values.yaml b/charts/portainer/values.yaml index 8418ede..09234c3 100644 --- a/charts/portainer/values.yaml +++ b/charts/portainer/values.yaml @@ -9,7 +9,7 @@ enterpriseEdition: enabled: false image: repository: portainer/portainer-ee - tag: 2.7.0 + tag: 2.10.0 pullPolicy: Always image: diff --git a/deploy/manifests/agent/ee/portainer-agent-ee210-k8s-lb.yaml b/deploy/manifests/agent/ee/portainer-agent-ee210-k8s-lb.yaml new file mode 100644 index 0000000..7f03e5f --- /dev/null +++ b/deploy/manifests/agent/ee/portainer-agent-ee210-k8s-lb.yaml @@ -0,0 +1,80 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: portainer +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: portainer-sa-clusteradmin + namespace: portainer +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: portainer-crb-clusteradmin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: portainer-sa-clusteradmin + namespace: portainer +--- +apiVersion: v1 +kind: Service +metadata: + name: portainer-agent + namespace: portainer +spec: + type: LoadBalancer + selector: + app: portainer-agent + ports: + - name: http + protocol: TCP + port: 9001 + targetPort: 9001 +--- +apiVersion: v1 +kind: Service +metadata: + name: portainer-agent-headless + namespace: portainer +spec: + clusterIP: None + selector: + app: portainer-agent +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: portainer-agent + namespace: portainer +spec: + selector: + matchLabels: + app: portainer-agent + template: + metadata: + labels: + app: portainer-agent + spec: + serviceAccountName: portainer-sa-clusteradmin + containers: + - name: portainer-agent + image: portainer/agent:2.10.0 + imagePullPolicy: Always + env: + - name: LOG_LEVEL + value: INFO + - name: AGENT_CLUSTER_ADDR + value: "portainer-agent-headless" + - name: KUBERNETES_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + ports: + - containerPort: 9001 + protocol: TCP diff --git a/deploy/manifests/agent/ee/portainer-agent-ee210-k8s-nodeport.yaml b/deploy/manifests/agent/ee/portainer-agent-ee210-k8s-nodeport.yaml new file mode 100644 index 0000000..cc446e5 --- /dev/null +++ b/deploy/manifests/agent/ee/portainer-agent-ee210-k8s-nodeport.yaml @@ -0,0 +1,81 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: portainer +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: portainer-sa-clusteradmin + namespace: portainer +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: portainer-crb-clusteradmin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: portainer-sa-clusteradmin + namespace: portainer +--- +apiVersion: v1 +kind: Service +metadata: + name: portainer-agent + namespace: portainer +spec: + type: NodePort + selector: + app: portainer-agent + ports: + - name: http + protocol: TCP + port: 9001 + targetPort: 9001 + nodePort: 30778 +--- +apiVersion: v1 +kind: Service +metadata: + name: portainer-agent-headless + namespace: portainer +spec: + clusterIP: None + selector: + app: portainer-agent +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: portainer-agent + namespace: portainer +spec: + selector: + matchLabels: + app: portainer-agent + template: + metadata: + labels: + app: portainer-agent + spec: + serviceAccountName: portainer-sa-clusteradmin + containers: + - name: portainer-agent + image: portainer/agent:2.4.0 + imagePullPolicy: Always + env: + - name: LOG_LEVEL + value: INFO + - name: AGENT_CLUSTER_ADDR + value: "portainer-agent-headless" + - name: KUBERNETES_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + ports: + - containerPort: 9001 + protocol: TCP diff --git a/deploy/manifests/portainer/portainer-ee.yaml b/deploy/manifests/portainer/portainer-ee.yaml index fcddf60..ae0c29b 100644 --- a/deploy/manifests/portainer/portainer-ee.yaml +++ b/deploy/manifests/portainer/portainer-ee.yaml @@ -14,7 +14,7 @@ metadata: labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" --- # Source: portainer/templates/pvc.yaml kind: "PersistentVolumeClaim" @@ -28,7 +28,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: accessModes: - "ReadWriteOnce" @@ -44,7 +44,7 @@ metadata: labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -64,7 +64,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: type: NodePort ports: @@ -72,7 +72,12 @@ spec: targetPort: 9000 protocol: TCP name: http - nodePort: 30777 + nodePort: 30777 + - port: 9443 + targetPort: 9443 + protocol: TCP + name: https + nodePort: 30779 - port: 30776 targetPort: 30776 protocol: TCP @@ -92,7 +97,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: replicas: 1 strategy: @@ -116,7 +121,7 @@ spec: claimName: portainer containers: - name: portainer - image: "portainer/portainer-ee:2.7.0" + image: "portainer/portainer-ee:2.10.0" imagePullPolicy: Always args: - '--tunnel-port=30776' @@ -126,20 +131,23 @@ spec: ports: - name: http containerPort: 9000 - protocol: TCP + protocol: TCP + - name: https + containerPort: 9443 + protocol: TCP - name: tcp-edge containerPort: 8000 protocol: TCP livenessProbe: httpGet: path: / - port: 9000 - scheme: HTTP + port: 9443 + scheme: HTTPS readinessProbe: httpGet: path: / - port: 9000 - scheme: HTTP + port: 9443 + scheme: HTTPS resources: {} diff --git a/deploy/manifests/portainer/portainer-lb-ee.yaml b/deploy/manifests/portainer/portainer-lb-ee.yaml index 74aaa61..ffdeee9 100644 --- a/deploy/manifests/portainer/portainer-lb-ee.yaml +++ b/deploy/manifests/portainer/portainer-lb-ee.yaml @@ -14,7 +14,7 @@ metadata: labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" --- # Source: portainer/templates/pvc.yaml kind: "PersistentVolumeClaim" @@ -28,7 +28,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: accessModes: - "ReadWriteOnce" @@ -44,7 +44,7 @@ metadata: labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -64,14 +64,18 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: type: LoadBalancer ports: - port: 9000 targetPort: 9000 protocol: TCP - name: http + name: http + - port: 9443 + targetPort: 9443 + protocol: TCP + name: https - port: 8000 targetPort: 8000 protocol: TCP @@ -90,7 +94,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: replicas: 1 strategy: @@ -114,7 +118,7 @@ spec: claimName: portainer containers: - name: portainer - image: "portainer/portainer-ee:2.7.0" + image: "portainer/portainer-ee:2.10.0" imagePullPolicy: Always args: volumeMounts: @@ -123,20 +127,23 @@ spec: ports: - name: http containerPort: 9000 - protocol: TCP + protocol: TCP + - name: https + containerPort: 9443 + protocol: TCP - name: tcp-edge containerPort: 8000 protocol: TCP livenessProbe: httpGet: path: / - port: 9000 - scheme: HTTP + port: 9443 + scheme: HTTPS readinessProbe: httpGet: path: / - port: 9000 - scheme: HTTP + port: 9443 + scheme: HTTPS resources: {} diff --git a/deploy/manifests/portainer/portainer-lb.yaml b/deploy/manifests/portainer/portainer-lb.yaml index 181bfd5..8dfecf6 100644 --- a/deploy/manifests/portainer/portainer-lb.yaml +++ b/deploy/manifests/portainer/portainer-lb.yaml @@ -14,7 +14,7 @@ metadata: labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" --- # Source: portainer/templates/pvc.yaml kind: "PersistentVolumeClaim" @@ -28,7 +28,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: accessModes: - "ReadWriteOnce" @@ -44,7 +44,7 @@ metadata: labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -64,14 +64,14 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: type: LoadBalancer ports: - port: 9000 targetPort: 9000 protocol: TCP - name: http + name: http - port: 9443 targetPort: 9443 protocol: TCP @@ -94,7 +94,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: replicas: 1 strategy: @@ -130,7 +130,7 @@ spec: protocol: TCP - name: https containerPort: 9443 - protocol: TCP + protocol: TCP - name: tcp-edge containerPort: 8000 protocol: TCP @@ -143,7 +143,7 @@ spec: httpGet: path: / port: 9443 - scheme: HTTPS + scheme: HTTPS resources: {} diff --git a/deploy/manifests/portainer/portainer.yaml b/deploy/manifests/portainer/portainer.yaml index e250912..2b2af22 100644 --- a/deploy/manifests/portainer/portainer.yaml +++ b/deploy/manifests/portainer/portainer.yaml @@ -14,7 +14,7 @@ metadata: labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" --- # Source: portainer/templates/pvc.yaml kind: "PersistentVolumeClaim" @@ -28,7 +28,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: accessModes: - "ReadWriteOnce" @@ -44,7 +44,7 @@ metadata: labels: app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -64,7 +64,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: type: NodePort ports: @@ -72,7 +72,7 @@ spec: targetPort: 9000 protocol: TCP name: http - nodePort: 30777 + nodePort: 30777 - port: 9443 targetPort: 9443 protocol: TCP @@ -97,7 +97,7 @@ metadata: io.portainer.kubernetes.application.stack: portainer app.kubernetes.io/name: portainer app.kubernetes.io/instance: portainer - app.kubernetes.io/version: "ce-latest-ee-2.7.0" + app.kubernetes.io/version: "ce-latest-ee-2.10.0" spec: replicas: 1 strategy: @@ -134,7 +134,7 @@ spec: protocol: TCP - name: https containerPort: 9443 - protocol: TCP + protocol: TCP - name: tcp-edge containerPort: 8000 protocol: TCP @@ -147,7 +147,7 @@ spec: httpGet: path: / port: 9443 - scheme: HTTPS + scheme: HTTPS resources: {}