Windows update helm chart #1176
Conversation
CHANGELOG.md
Outdated
| @@ -9,7 +9,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/). | |||
|
|
|||
| ### 🚀 Enhancements | |||
| - Add options for Windows server 2019 and Windows server 2022 deployments in E2E-resources @TmNguyen12 [#1149](https://github.com/newrelic/nri-kubernetes/pull/1149) | |||
|
|
|||
| - Add Windows Helm templates and unit tests for kubelet support @TmNguyen12 [#1176] (https://github.com/newrelic/nri-kubernetes/pull/1176) | |||
There was a problem hiding this comment.
| - Add Windows Helm templates and unit tests for kubelet support @TmNguyen12 [#1176] (https://github.com/newrelic/nri-kubernetes/pull/1176) | |
| - Add Windows Helm templates and unit tests for kubelet support @TmNguyen12 [#1176](https://github.com/newrelic/nri-kubernetes/pull/1176) |
| @@ -192,6 +193,20 @@ integrations that you have configured. | |||
| | tolerations | list | `[]` | Sets pod's tolerations to node taints almost globally. (See [Affinities and tolerations](README.md#affinities-and-tolerations)) | | |||
| | updateStrategy | object | See `values.yaml` | Update strategy for the deployed DaemonSets. | | |||
| | verboseLog | bool | `false` | Sets the debug logs to this integration or all integrations if it is set globally. Can be configured also with `global.verboseLog` | | |||
| | windowsNodeSelector | object | `{ kubernetes.io/os: windows, node.kubernetes.io/windows-build: BUILD_NUMBER }` | Sets windows pod's selector. Refer to [Windows support](#tbd) | | |||
| | windowsOsList.agentImage | string | `""` | Overrides the infrastructure-agent windows image | | |||
There was a problem hiding this comment.
Are we not able to auto-detect the image we want? We seem to already be using taints on a windows-flavoured deployment/daemonset.
There was a problem hiding this comment.
We can. This option is if people wanted to override the auto-selected images (like I am for development purposes)
| {{- end }} | ||
| nodeSelector: | ||
| {{- if $.Values.kubelet.windowsNodeSelector }} | ||
| {{ toYaml $.Values.kubelet.windowsNodeSelector | indent 8 }} |
There was a problem hiding this comment.
| {{ toYaml $.Values.kubelet.windowsNodeSelector | indent 8 }} | |
| {{- toYaml $.Values.kubelet.windowsNodeSelector | indent 8 }} |
|
Are we planning on remove the |
Was intended to be part of the agent, but open to discuss if you have concerns |
CHANGELOG.md
Outdated
|
|
||
| ### ⛓️ Dependencies | ||
| - Updated github.com/spf13/viper to v1.20.0 - [Changelog 🔗](https://github.com/spf13/viper/releases/tag/v1.20.0) | ||
| - Updated go to v1.24.1 | ||
| - Updated golang.org/x/crypto to v0.36.0 | ||
| - Updated github.com/google/go-cmp to v0.7.0 - [Changelog 🔗](https://github.com/google/go-cmp/releases/tag/v0.7.0) | ||
|
|
||
| ## v3.36.0 - 2025-03-24 |
There was a problem hiding this comment.
So we can't change releases that have already been cut. You'll need to stick to adding any new changes in the unreleased section. Details here
| @@ -2,7 +2,7 @@ | |||
| apiVersion: apps/v1 | |||
| kind: Deployment | |||
| metadata: | |||
| name: windows-server-2019 | |||
| name: {{ .Release.Name }}-windows-server-2019 | |||
| @@ -2,7 +2,7 @@ | |||
| apiVersion: apps/v1 | |||
There was a problem hiding this comment.
Could we remove this .Values.windows.is2019 config since we're using this node selector: node.kubernetes.io/windows-build: 10.0.17763?
There was a problem hiding this comment.
In that scenario, e2e-resources when installed will always have 2 windows pods stuck in "Pending" because they're looking for a node.
| @@ -47,7 +51,7 @@ spec: | |||
| apiVersion: apps/v1 | |||
There was a problem hiding this comment.
Same thing here for Windows 2022
| @@ -136,6 +136,7 @@ integrations that you have configured. | |||
| | customSecretName | string | `""` | In case you don't want to have the license key in you values, this allows you to point to a user created secret to get the key from there. Can be configured also with `global.customSecretName` | | |||
| | dnsConfig | object | `{}` | Sets pod's dnsConfig. Can be configured also with `global.dnsConfig` | | |||
| | enableProcessMetrics | bool | `false` | Collect detailed metrics from processes running in the host. This defaults to true for accounts created before July 20, 2020. ref: https://docs.newrelic.com/docs/release-notes/infrastructure-release-notes/infrastructure-agent-release-notes/new-relic-infrastructure-agent-1120 | | |||
| | enableWindows | bool | `false` | Enables collection of metrics from Windows containers. Refer to the [Windows support](#tbd) section for more details. | | |||
There was a problem hiding this comment.
Could we have this link to a GH README while we wait for docs on NR? That way folks don't think it's a broken link.
| @@ -116,3 +116,12 @@ readOnlyRootFilesystem: true | |||
|
|
|||
| {{- toYaml $finalSecurityContext -}} | |||
| {{- end -}} | |||
|
|
|||
| {{- define "windowsIntegrationImage" -}} | |||
There was a problem hiding this comment.
Is this the infrastructure image? If so, we may want to call it windowsInfrastructureImage to be clear
There was a problem hiding this comment.
We also may want to use namespacing of these helpers: nriKubernetes. windowsInfrastructureImage
| @@ -4,8 +4,10 @@ kind: PodSecurityPolicy | |||
| metadata: | |||
| name: privileged-{{ include "newrelic.common.naming.fullname" . }} | |||
| spec: | |||
| {{- if not .Values.enableWindows }} | |||
There was a problem hiding this comment.
Is there a change to the linux experience if this is off? Enabling windows shouldn't cause a regression on the linux experience, if it does, we should create a new security policy just for Windows.
Description
Adds daemonset_windows.yaml to the chart templates
Removed linux specific securityContexts
Added windowsNodeSelector param
Added securityContext.windowsOptions defaults
Update and add helm unit tests
do not merge until ready for public preview
Type of change
Checklist: