fix(helm/cilium): update cilium (patch) #1527
Open
+5
−5
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![tinfoild[bot]](https://avatars.githubusercontent.com/u/5709019?s=60&v=4){kind=small}
tinfoild
bot
added
kube/deploy/core
renovate/datasource/helm
renovate/type/patch
labels
Deploying jjgadgets-biohazard with
|
| Latest commit: |
cd39016
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://d00ccc72.jjgadgets-biohazard.pages.dev |
| Branch Preview URL: | https://renovate-patch-cilium.jjgadgets-biohazard.pages.dev |
tinfoild
bot
force-pushed
the
renovate/patch-cilium
branch
from
2d253a7 to
cd39016
Compare
tinfoild
bot
changed the title
--- kube/deploy/core/_networking/cilium/app Kustomization: flux-system/1-core-1-networking-cilium-app HelmRelease: kube-system/cilium
+++ kube/deploy/core/_networking/cilium/app Kustomization: flux-system/1-core-1-networking-cilium-app HelmRelease: kube-system/cilium
@@ -16,13 +16,13 @@
spec:
chart: cilium
sourceRef:
kind: HelmRepository
name: cilium-charts
namespace: flux-system
- version: 1.16.4
+ version: 1.16.5
interval: 5m
timeout: 1h
values:
bgpControlPlane:
enabled: true
dashboards: |
--- HelmRelease: kube-system/cilium ConfigMap: kube-system/cilium-envoy-config
+++ HelmRelease: kube-system/cilium ConfigMap: kube-system/cilium-envoy-config
@@ -56,12 +56,36 @@
"name": "envoy.filters.http.router",
"typed_config": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
}
}
],
+ "internal_address_config": {
+ "cidr_ranges": [
+ {
+ "address_prefix": "10.0.0.0",
+ "prefix_len": 8
+ },
+ {
+ "address_prefix": "172.16.0.0",
+ "prefix_len": 12
+ },
+ {
+ "address_prefix": "192.168.0.0",
+ "prefix_len": 16
+ },
+ {
+ "address_prefix": "127.0.0.1",
+ "prefix_len": 32
+ },
+ {
+ "address_prefix": "::1",
+ "prefix_len": 128
+ }
+ ]
+ },
"stream_idle_timeout": "0s"
}
}
]
}
]
@@ -109,12 +133,36 @@
"name": "envoy.filters.http.router",
"typed_config": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
}
}
],
+ "internal_address_config": {
+ "cidr_ranges": [
+ {
+ "address_prefix": "10.0.0.0",
+ "prefix_len": 8
+ },
+ {
+ "address_prefix": "172.16.0.0",
+ "prefix_len": 12
+ },
+ {
+ "address_prefix": "192.168.0.0",
+ "prefix_len": 16
+ },
+ {
+ "address_prefix": "127.0.0.1",
+ "prefix_len": 32
+ },
+ {
+ "address_prefix": "::1",
+ "prefix_len": 128
+ }
+ ]
+ },
"stream_idle_timeout": "0s"
}
}
]
}
]
--- HelmRelease: kube-system/cilium ConfigMap: kube-system/hubble-relay-config
+++ HelmRelease: kube-system/cilium ConfigMap: kube-system/hubble-relay-config
@@ -2,13 +2,13 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: hubble-relay-config
namespace: kube-system
data:
- config.yaml: "cluster-name: biohazard\npeer-service: \"hubble-peer.kube-system.svc.cluster.local:443\"\
+ config.yaml: "cluster-name: biohazard\npeer-service: \"hubble-peer.kube-system.svc.cluster.local.:443\"\
\nlisten-address: :4245\ngops: true\ngops-port: \"9893\"\ndial-timeout: \nretry-timeout:\
\ \nsort-buffer-len-max: \nsort-buffer-drain-timeout: \ntls-hubble-client-cert-file:\
\ /var/lib/hubble-relay/tls/client.crt\ntls-hubble-client-key-file: /var/lib/hubble-relay/tls/client.key\n\
tls-hubble-server-ca-files: /var/lib/hubble-relay/tls/hubble-server-ca.crt\n\n\
disable-server-tls: true\n"
--- HelmRelease: kube-system/cilium DaemonSet: kube-system/cilium
+++ HelmRelease: kube-system/cilium DaemonSet: kube-system/cilium
@@ -27,13 +27,13 @@
spec:
securityContext:
appArmorProfile:
type: Unconfined
containers:
- name: cilium-agent
- image: quay.io/cilium/cilium:v1.16.4@sha256:d55ec38938854133e06739b1af237932b9c4dd4e75e9b7b2ca3acc72540a44bf
+ image: quay.io/cilium/cilium:v1.16.5@sha256:758ca0793f5995bb938a2fa219dcce63dc0b3fa7fc4ce5cc851125281fb7361d
imagePullPolicy: IfNotPresent
command:
- cilium-agent
args:
- --config-dir=/tmp/cilium/config-map
startupProbe:
@@ -196,13 +196,13 @@
mountPath: /var/lib/cilium/tls/hubble
readOnly: true
- name: tmp
mountPath: /tmp
initContainers:
- name: config
- image: quay.io/cilium/cilium:v1.16.4@sha256:d55ec38938854133e06739b1af237932b9c4dd4e75e9b7b2ca3acc72540a44bf
+ image: quay.io/cilium/cilium:v1.16.5@sha256:758ca0793f5995bb938a2fa219dcce63dc0b3fa7fc4ce5cc851125281fb7361d
imagePullPolicy: IfNotPresent
command:
- cilium-dbg
- build-config
env:
- name: K8S_NODE_NAME
@@ -221,13 +221,13 @@
value: '7445'
volumeMounts:
- name: tmp
mountPath: /tmp
terminationMessagePolicy: FallbackToLogsOnError
- name: apply-sysctl-overwrites
- image: quay.io/cilium/cilium:v1.16.4@sha256:d55ec38938854133e06739b1af237932b9c4dd4e75e9b7b2ca3acc72540a44bf
+ image: quay.io/cilium/cilium:v1.16.5@sha256:758ca0793f5995bb938a2fa219dcce63dc0b3fa7fc4ce5cc851125281fb7361d
imagePullPolicy: IfNotPresent
env:
- name: BIN_PATH
value: /opt/cni/bin
command:
- sh
@@ -251,13 +251,13 @@
- SYS_ADMIN
- SYS_CHROOT
- SYS_PTRACE
drop:
- ALL
- name: mount-bpf-fs
- image: quay.io/cilium/cilium:v1.16.4@sha256:d55ec38938854133e06739b1af237932b9c4dd4e75e9b7b2ca3acc72540a44bf
+ image: quay.io/cilium/cilium:v1.16.5@sha256:758ca0793f5995bb938a2fa219dcce63dc0b3fa7fc4ce5cc851125281fb7361d
imagePullPolicy: IfNotPresent
args:
- mount | grep "/sys/fs/bpf type bpf" || mount -t bpf bpf /sys/fs/bpf
command:
- /bin/bash
- -c
@@ -267,13 +267,13 @@
privileged: true
volumeMounts:
- name: bpf-maps
mountPath: /sys/fs/bpf
mountPropagation: Bidirectional
- name: clean-cilium-state
- image: quay.io/cilium/cilium:v1.16.4@sha256:d55ec38938854133e06739b1af237932b9c4dd4e75e9b7b2ca3acc72540a44bf
+ image: quay.io/cilium/cilium:v1.16.5@sha256:758ca0793f5995bb938a2fa219dcce63dc0b3fa7fc4ce5cc851125281fb7361d
imagePullPolicy: IfNotPresent
command:
- /init-container.sh
env:
- name: CILIUM_ALL_STATE
valueFrom:
@@ -315,13 +315,13 @@
- name: cilium-cgroup
mountPath: /sys/fs/cgroup
mountPropagation: HostToContainer
- name: cilium-run
mountPath: /var/run/cilium
- name: install-cni-binaries
- image: quay.io/cilium/cilium:v1.16.4@sha256:d55ec38938854133e06739b1af237932b9c4dd4e75e9b7b2ca3acc72540a44bf
+ image: quay.io/cilium/cilium:v1.16.5@sha256:758ca0793f5995bb938a2fa219dcce63dc0b3fa7fc4ce5cc851125281fb7361d
imagePullPolicy: IfNotPresent
command:
- /install-plugin.sh
resources:
requests:
cpu: 100m
--- HelmRelease: kube-system/cilium DaemonSet: kube-system/cilium-envoy
+++ HelmRelease: kube-system/cilium DaemonSet: kube-system/cilium-envoy
@@ -28,13 +28,13 @@
spec:
securityContext:
appArmorProfile:
type: Unconfined
containers:
- name: cilium-envoy
- image: quay.io/cilium/cilium-envoy:v1.30.7-1731393961-97edc2815e2c6a174d3d12e71731d54f5d32ea16@sha256:0287b36f70cfbdf54f894160082f4f94d1ee1fb10389f3a95baa6c8e448586ed
+ image: quay.io/cilium/cilium-envoy:v1.30.8-1733837904-eaae5aca0fb988583e5617170a65ac5aa51c0aa8@sha256:709c08ade3d17d52da4ca2af33f431360ec26268d288d9a6cd1d98acc9a1dced
imagePullPolicy: IfNotPresent
command:
- /usr/bin/cilium-envoy-starter
args:
- --
- -c /var/run/cilium/envoy/bootstrap-config.json
--- HelmRelease: kube-system/cilium Deployment: kube-system/cilium-operator
+++ HelmRelease: kube-system/cilium Deployment: kube-system/cilium-operator
@@ -31,13 +31,13 @@
name: cilium-operator
app.kubernetes.io/part-of: cilium
app.kubernetes.io/name: cilium-operator
spec:
containers:
- name: cilium-operator
- image: quay.io/cilium/operator-generic:v1.16.4@sha256:c55a7cbe19fe0b6b28903a085334edb586a3201add9db56d2122c8485f7a51c5
+ image: quay.io/cilium/operator-generic:v1.16.5@sha256:f7884848483bbcd7b1e0ccfd34ba4546f258b460cb4b7e2f06a1bcc96ef88039
imagePullPolicy: IfNotPresent
command:
- cilium-operator-generic
args:
- --config-dir=/tmp/cilium/config-map
- --debug=$(CILIUM_DEBUG)
--- HelmRelease: kube-system/cilium Deployment: kube-system/hubble-relay
+++ HelmRelease: kube-system/cilium Deployment: kube-system/hubble-relay
@@ -17,13 +17,13 @@
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
annotations:
- cilium.io/hubble-relay-configmap-checksum: f18d283e3ced5dd280579a24600ca22a98b825420dc58ad772a9ee1fb959fd5b
+ cilium.io/hubble-relay-configmap-checksum: 23016e590410ba3fd0c5cff76cb1e3ca451a349188df5518f1bc41996a2ace06
labels:
k8s-app: hubble-relay
app.kubernetes.io/name: hubble-relay
app.kubernetes.io/part-of: cilium
spec:
securityContext:
@@ -34,13 +34,13 @@
capabilities:
drop:
- ALL
runAsGroup: 65532
runAsNonRoot: true
runAsUser: 65532
- image: quay.io/cilium/hubble-relay:v1.16.4@sha256:fb2c7d127a1c809f6ba23c05973f3dd00f6b6a48e4aee2da95db925a4f0351d2
+ image: quay.io/cilium/hubble-relay:v1.16.5@sha256:6cfae1d1afa566ba941f03d4d7e141feddd05260e5cd0a1509aba1890a45ef00
imagePullPolicy: IfNotPresent
command:
- hubble-relay
args:
- serve
ports: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.15.11->1.15.121.16.4->1.16.5Release Notes
cilium/cilium (cilium)
v1.15.12: 1.15.12Compare Source
Summary of Changes
Bugfixes:
CI Changes:
Misc Changes:
147f428(v1.15) (#36223, @cilium-renovate[bot])Other Changes:
Docker Manifests
cilium
quay.io/cilium/cilium:v1.15.12@​sha256:d1793b67d976e1bc0a4ab01b34c94adfcd35a8be7612d04c6d618bf25f50f0d1clustermesh-apiserver
quay.io/cilium/clustermesh-apiserver:v1.15.12@​sha256:96541f82229725e21b036adffffd92270c82b4bc0f8c27795058b5f115ad5bd0docker-plugin
quay.io/cilium/docker-plugin:v1.15.12@​sha256:f564af976d82c09e37f17945e7de9bfc17f76a7f0f4d5529795c22d3fffd2adbhubble-relay
quay.io/cilium/hubble-relay:v1.15.12@​sha256:19a6458a8ea824052fe74ff06f37222f42e72df41f06b548fe07b9a22daa1203operator-alibabacloud
quay.io/cilium/operator-alibabacloud:v1.15.12@​sha256:f62872cb96278159e968e3f384ad2ebab30eef9335c2a3838c5bc0bc528398ceoperator-aws
quay.io/cilium/operator-aws:v1.15.12@​sha256:a9d63cbd89e0c7ccf46460809b95e37045092dd297a1bc934afa19a83f4884aaoperator-azure
quay.io/cilium/operator-azure:v1.15.12@​sha256:a89046318bbb87f9ae357566dab448871384cfc7797ef2a3c31abd903d9ec8dcoperator-generic
quay.io/cilium/operator-generic:v1.15.12@​sha256:e48d863367bfd39843917400aa7454ca6a4af74f995cf29a2edb81d7d13c7277operator
quay.io/cilium/operator:v1.15.12@​sha256:3c40d1c94de94629c02c2c8ee8b69ee6e16c9e60e94ecd343e2a48ebf4a6c430Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Renovate Bot.