Releasing NSIC and GSLB Controller v1.43.7 (#187)

Signed-off-by: Subash Dangol <subash.dangol@citrix.com>
netscaler · Jul 17, 2024 · 52c95e3 · MalekGD86 · Sep 2, 2024 · 52c95e3
1 parent 639519c
commit 52c95e3
Show file tree

Hide file tree

Showing 48 changed files with 643 additions and 196 deletions.
diff --git a/citrix-cloud-native/Chart.yaml b/citrix-cloud-native/Chart.yaml
@@ -14,15 +14,15 @@ maintainers:
   email: subash.dangol@cloud.com
 dependencies:
   - name: citrix-ingress-controller
-    version: "1.42.12"
+    version: "1.43.7"
     condition: cic.enabled
     alias: cic
   - name: citrix-cpx-with-ingress-controller
-    version: "1.42.12"
+    version: "1.43.7"
     condition: cpx.enabled
     alias: cpx
   - name: citrix-gslb-controller
-    version: "1.42.12"
+    version: "1.43.7"
     condition: gslb.enabled
     alias: gslb
   - name: citrix-node-controller

diff --git a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/Chart.yaml b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/Chart.yaml
@@ -1,9 +1,9 @@
 apiVersion: v2
-appVersion: "1.42.12"
+appVersion: "1.43.7"
 kubeVersion: ">=v1.16.0-0"
 description: A Helm chart for NetScaler CPX with NetScaler ingress Controller running as sidecar.
 name: citrix-cpx-with-ingress-controller
-version: 1.42.12
+version: 1.43.7
 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png
 home: https://www.cloud.com
 sources:

diff --git a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/README.md b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/README.md
@@ -614,15 +614,19 @@ The following table lists the configurable parameters of the NetScaler CPX with
 | cpx.license.accept | Mandatory | no | Set `yes` to accept the NetScaler ingress controller end user license agreement. |
 | cpx.imageRegistry                   | Mandatory  |  `quay.io`               |  The NetScaler CPX image registry             |  
 | cpx.imageRepository                 | Mandatory  |  `citrix/citrix-k8s-cpx-ingress`              |   The NetScaler CPX image repository             | 
-| cpx.imageTag                  | Mandatory  |  `14.1-17.101`               |   The NetScaler CPX image tag            | 
+| cpx.imageTag                  | Mandatory  |  `14.1-25.109`               |   The NetScaler CPX image tag            | 
 | cpx.pullPolicy | Mandatory | IfNotPresent | The NetScaler CPX image pull policy. |
 | cpx.hostName | Optional | N/A | This entity will be used to set Hostname of the CPX |
 | cpx.daemonSet | Optional | False | Set this to true if NetScaler CPX needs to be deployed as DaemonSet. |
 | cpx.cic.imageRegistry                   | Mandatory  |  `quay.io`               |  The NetScaler ingress controller image registry             |  
 | cpx.cic.imageRepository                 | Mandatory  |  `citrix/citrix-k8s-ingress-controller`              |   The NetScaler ingress controller image repository             | 
-| cpx.cic.imageTag                  | Mandatory  |  `1.42.12`               |   The NetScaler ingress controller image tag            | 
+| cpx.cic.imageTag                  | Mandatory  |  `1.43.7`               |   The NetScaler ingress controller image tag            | 
 | cpx.cic.pullPolicy | Mandatory | IfNotPresent | The NetScaler ingress controller image pull policy. |
 | cpx.cic.required | Mandatory | true | NSIC to be run as sidecar with NetScaler CPX |
+| cpx.cic.enableLivenessProbe | Optional | True | Enable livenessProbe settings for Citrix Ingress Controller |
+| cpx.cic.enableReadinessProbe | Optional | True | Enable readinessProbe settings |
+| cpx.cic.livenessProbe | Optional | N/A | Set livenessProbe settings for Citrix Ingress Controller |
+| cpx.cic.readinessProbe | Optional | N/A | Set readinessProbe settings |
 | cpx.cic.resources | Optional | {} |	CPU/Memory resource requests/limits for NetScaler Ingress Controller container |
 | cpx.cic.rbacRole  | Optional |  false  |  To deploy NSIC with RBAC Role set rbacRole=true; by default NSIC gets installed with RBAC ClusterRole(rbacRole=false)) |
 | cpx.cic.prometheusCredentialSecret  | Optional |  N/A  |  The secret key required to create read only user for native export of metrics using Prometheus. |
@@ -717,6 +721,11 @@ The following table lists the configurable parameters of the NetScaler CPX with
 | cpx.nsLbHashAlgo.hashAlgorithm | Optional | 'default' | Specifies the supported algorithm. Supported algorithms are "default", "jarh", "prac", Default value is 'default' |
 | cpx.cpxCommands| Optional | N/A | This argument accepts user-provided bootup NetScaler config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html).  |
 | cpx.cpxShellCommands| Optional | N/A | This argument accepts user-provided bootup config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html). |
+| cpx.enableStartupProbe | Optional | True | Enable startupProbe settings for CPX |
+| cpx.enableLivenessProbe | Optional | True | Enable livenessProbe settings for CPX |
+| cpx.startupProbe | Optional | N/A | Set startupProbe settings for CPX |
+| cpx.livenessProbe | Optional | N/A | Set livenessProbe settings for CPX |
+
 
 > **Note:**
 >

diff --git a/...ud-native/charts/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml b/...ud-native/charts/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml
@@ -140,12 +140,24 @@ spec:
               name: cpx-volume-conf
             - mountPath: /cpx/bootup_conf
               name: bootupconfig-volume
+{{- if .Values.enableStartupProbe }}
+          startupProbe:
+          {{- toYaml .Values.startupProbe | nindent 12 }}
+{{- end }}
+{{- if .Values.enableLivenessProbe }}
+          livenessProbe:
+          {{- toYaml .Values.livenessProbe | nindent 12 }}
+{{- end }}
 {{- if .Values.cic.required }}
         # Add cic as a sidecar
         - name: cic
           image: "{{ tpl .Values.cic.image . }}"
           imagePullPolicy: {{ .Values.cic.pullPolicy }}
           env:
+{{- if .Values.cic.enableLivenessProbe }}
+          - name: "LIVENESS_FILE_PATH"
+            value: '/tmp/liveness_path.log'
+{{- end }}
 {{- if .Values.analyticsConfig.timeseries.metrics.enableNativeScrape }}
           - name: "PROM_USER"
             valueFrom:
@@ -320,6 +332,14 @@ spec:
           volumeMounts:
             - mountPath: /var/deviceinfo
               name: shared-data
+{{- if .Values.cic.enableReadinessProbe}} 
+          readinessProbe:
+          {{- toYaml .Values.cic.readinessProbe | nindent 12 }}
+{{- end }}
+{{- if .Values.cic.enableLivenessProbe }}
+          livenessProbe:
+          {{- toYaml .Values.cic.livenessProbe | nindent 12 }}
+{{- end }}
           resources:
             {{- toYaml .Values.exporter.resources | nindent 12 }}
 {{- end }}

diff --git a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/values.yaml b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/values.yaml
@@ -5,7 +5,7 @@
 # NetScaler CPX config details
 imageRegistry: quay.io
 imageRepository: citrix/citrix-k8s-cpx-ingress
-imageTag: 14.1-17.101
+imageTag: 14.1-25.109
 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}"
 pullPolicy: IfNotPresent
 imagePullSecrets: []
@@ -84,7 +84,7 @@ servicePorts: []
 cic:
   imageRegistry: quay.io
   imageRepository: citrix/citrix-k8s-ingress-controller
-  imageTag: 1.42.12
+  imageTag: 1.43.7
   image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}"
   pullPolicy: IfNotPresent
   required: true
@@ -104,6 +104,27 @@ cic:
     #   cpu: 1000m
     #   memory: 1000Mi
   prometheusCredentialSecret: # K8s Secret Name for read only user creation for native Prometheus support
+  enableLivenessProbe: True
+  livenessProbe:
+    exec:
+      command:
+      - /bin/sh
+      - -c
+      - |
+        FILE_PATH="$LIVENESS_FILE_PATH"
+        [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1
+    initialDelaySeconds: 30
+    periodSeconds: 60
+  enableReadinessProbe: True
+  readinessProbe:
+      exec:
+        command:
+        - cat
+        - /tmp/readiness
+      initialDelaySeconds: 50
+      periodSeconds: 60
+      failureThreshold: 3
+      successThreshold: 1
 
 entityPrefix:
 license:
@@ -244,6 +265,28 @@ resources:
 
 affinity: {}
 
+enableStartupProbe: True
+startupProbe:
+  initialDelaySeconds: 30
+  periodSeconds: 5
+  failureThreshold: 20
+  successThreshold: 1
+  exec:
+    command:
+    - /bin/ping
+    - -c 1
+    - 192.0.0.1
+
+enableLivenessProbe: True
+livenessProbe:
+  exec:
+    command:
+    - ls
+    - /tmp/cpx_started
+  periodSeconds:  5
+  failureThreshold: 3
+  successThreshold: 1
+
 # cpxCommands: to provide global config to be applied in CPX. The commands will be executed in order. For e.g.
 # add rewrite action rw_act_x_forwarded_proto insert_http_header X-Forwarded-Proto "\"https\""
 # add rewrite policy rw_pol_x_forwarded_proto CLIENT.SSL.IS_SSL rw_act_x_forwarded_proto

diff --git a/citrix-cloud-native/charts/citrix-gslb-controller/Chart.yaml b/citrix-cloud-native/charts/citrix-gslb-controller/Chart.yaml
@@ -1,8 +1,8 @@
 apiVersion: v1
-appVersion: "1.42.12"
+appVersion: "1.43.7"
 description: A Helm chart for NetScaler GSLB Controller configuring MPX/VPX.
 name: citrix-gslb-controller
-version: 1.42.12
+version: 1.43.7
 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png
 home: https://www.cloud.com
 maintainers:

diff --git a/citrix-cloud-native/charts/citrix-gslb-controller/README.md b/citrix-cloud-native/charts/citrix-gslb-controller/README.md
@@ -199,7 +199,7 @@ The following table lists the mandatory and optional parameters that you can con
 | gslb.license.accept | Mandatory | no | Set `yes` to accept the NSIC end user license agreement. |
 | gslb.imageRegistry                   | Optional  |  `quay.io`               |  The NetScaler ingress controller image registry             |  
 | gslb.imageRepository                 | Optional  |  `citrix/citrix-k8s-ingress-controller`              |   The NetScaler ingress controller image repository             | 
-| gslb.imageTag                  | Optional  |  `1.42.12`               |   The NetScaler ingress controller image tag            | 
+| gslb.imageTag                  | Optional  |  `1.43.7`               |   The NetScaler ingress controller image tag            | 
 | gslb.pullPolicy | Optional | Always | The NSIC image pull policy. |
 | gslb.imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). |
 | gslb.adcCredentialSecret | Optional | N/A | The kubernetes secret containing login credentials for the NetScaler VPX or MPX. For information on how to create the secret keys, see [Prerequisites](#prerequistes). |

diff --git a/citrix-cloud-native/charts/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml b/citrix-cloud-native/charts/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml
@@ -1,33 +1,17 @@
-{{- if .Values.openshift }}
-apiVersion: apps.openshift.io/v1
-kind: DeploymentConfig
-{{- else }}
 apiVersion: apps/v1
 kind: Deployment
-{{- end}}
 metadata:
   name: {{ include "citrix-gslb-controller.fullname" . }}
   namespace: {{ .Release.Namespace }}
 spec:
   selector:
+    matchLabels:
 {{- if .Values.openshift }}
-     router: {{ include "citrix-gslb-controller.fullname" . }}
+      router: {{ include "citrix-gslb-controller.fullname" . }}
 {{- else }}
-    matchLabels:
       app: {{ include "citrix-gslb-controller.fullname" . }}
 {{- end }}
   replicas: 1
-{{- if .Values.openshift }}
-  strategy:
-    resources: {}
-    rollingParams:
-      intervalSeconds: 1
-      maxSurge: 0
-      maxUnavailable: 25%
-      timeoutSeconds: 600
-      updatePeriodSeconds: 1
-    type: Rolling
-{{- end}}
   template:
     metadata:
       name: {{ include "citrix-gslb-controller.name" . }}

diff --git a/citrix-cloud-native/charts/citrix-gslb-controller/values.yaml b/citrix-cloud-native/charts/citrix-gslb-controller/values.yaml
@@ -5,7 +5,7 @@
 # image contains information needed to fetch NSIC image
 imageRegistry: quay.io
 imageRepository: citrix/citrix-k8s-ingress-controller
-imageTag: 1.42.12
+imageTag: 1.43.7
 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}"
 pullPolicy: IfNotPresent
 imagePullSecrets: []

diff --git a/citrix-cloud-native/charts/citrix-ingress-controller/Chart.yaml b/citrix-cloud-native/charts/citrix-ingress-controller/Chart.yaml
@@ -1,9 +1,9 @@
 apiVersion: v2
-appVersion: "1.42.12"
+appVersion: "1.43.7"
 kubeVersion: ">=v1.16.0-0"
 description: A Helm chart for NetScaler Ingress Controller configuring MPX/VPX.
 name: citrix-ingress-controller
-version: 1.42.12
+version: 1.43.7
 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png
 home: https://www.cloud.com
 sources:

diff --git a/citrix-cloud-native/charts/citrix-ingress-controller/README.md b/citrix-cloud-native/charts/citrix-ingress-controller/README.md
@@ -352,7 +352,7 @@ The following table lists the mandatory and optional parameters that you can con
 | cic.license.accept | Mandatory | no | Set `yes` to accept the NSIC end user license agreement. |
 | cic.imageRegistry                   | Mandatory  |  `quay.io`               |  The NetScaler ingress controller image registry             |  
 | cic.imageRepository                 | Mandatory  |  `citrix/citrix-k8s-ingress-controller`              |   The NetScaler ingress controller image repository             | 
-| cic.imageTag                  | Mandatory  |  `1.42.12`               |   The NetScaler ingress controller image tag            | 
+| cic.imageTag                  | Mandatory  |  `1.43.7               |   The NetScaler ingress controller image tag            | 
 | cic.pullPolicy | Mandatory | IfNotPresent | The NSIC image pull policy. |
 | cic.imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). |
 | cic.nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) |
@@ -435,6 +435,11 @@ The following table lists the mandatory and optional parameters that you can con
 | cic.extraVolumeMounts  |  Optional |  [] |  Specify the Additional VolumeMounts to be mounted in NSIC container  |
 | cic.extraVolumes  |  Optional |  [] |  Specify the Additional Volumes for additional volumeMounts  |
 | cic.rbacRole  | Optional |  false  |  To deploy NSIC with RBAC Role set rbacRole=true; by default NSIC gets installed with RBAC ClusterRole(rbacRole=false) |
+| cic.bgpAdvertisement | Optional | false  | To advertise VIP using BGP from NetScaler |
+| cic.enableReadinessProbe | Optional | True | Enable readinessProbe settings Citrix Ingress Controller  |
+| cic.enableLivenessProbe| Optional | True | Enable livenessPorbe settings for Citrix Ingress Controller |
+| cic.readinessProbe | Optional | N/A | Set readinessProbe settings Citrix Ingress Controller  |
+| cic.livenessProbe| Optional | N/A | Set livenessPorbe settings for Citrix Ingress Controller |
 
 Alternatively, you can define a YAML file with the values for the parameters and pass the values while installing the chart.
 

diff --git a/citrix-cloud-native/charts/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml b/citrix-cloud-native/charts/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml
@@ -1,33 +1,18 @@
-{{- if .Values.openshift }}
-apiVersion: apps.openshift.io/v1
-kind: DeploymentConfig
-{{- else }}
 apiVersion: apps/v1
 kind: Deployment
-{{- end }}
 metadata:
   name: {{ include "citrix-ingress-controller.fullname" . }}
   namespace: {{ .Release.Namespace }}
 spec:
   selector:
+    matchLabels:
 {{- if .Values.openshift }}
-     router: {{ include "citrix-ingress-controller.fullname" . }}
+      router: {{ include "citrix-ingress-controller.fullname" . }}
 {{- else }}
-    matchLabels:
-      app: {{ include "citrix-ingress-controller.fullname" . }}
+      app: {{ include "citrix-ingress-controller.
+      fullname" . }}
 {{- end }}
   replicas: 1
-{{- if .Values.openshift }}
-  strategy:
-    resources: {}
-    rollingParams:
-      intervalSeconds: 1
-      maxSurge: 0
-      maxUnavailable: 25%
-      timeoutSeconds: 600
-      updatePeriodSeconds: 1
-    type: Rolling
-{{- end }}
   template:
     metadata:
       name: cic
@@ -47,6 +32,14 @@ spec:
       - name: cic
         image: "{{ tpl .Values.image . }}"
         imagePullPolicy: {{ .Values.pullPolicy }}
+{{- if .Values.enableReadinessProbe }}
+        readinessProbe:
+        {{- toYaml .Values.readinessProbe | nindent 10 }}
+{{- end }}
+{{- if .Values.enableLivenessProbe }}
+        livenessProbe:
+        {{- toYaml .Values.livenessProbe | nindent 10 }}
+{{- end }}
         args:
           - --configmap
             {{ .Release.Namespace }}/{{ include "cicconfigmap.fullname" . }}
@@ -100,6 +93,10 @@ spec:
 {{- if .Values.nitroReadTimeout }}
         - name: "NS_NITRO_READ_TIMEOUT"
           value: "{{ .Values.nitroReadTimeout }}"
+{{- end }}
+{{-f if .Values.enableLivenessProbe }}
+        - name: "LIVENESS_FILE_PATH"
+          value: '/tmp/liveness_path.log'
 {{- end }}
         - name: "NS_USER"
         {{- if and .Values.secretStore.enabled .Values.secretStore.username}}
@@ -159,6 +156,12 @@ spec:
         - name: "OPTIMIZE_ENDPOINT_BINDING"
           value: "{{ .Values.optimizeEndpointBinding }}"
 {{- end }}
+{{- if .Values.nodeLabels }}
+        - name: "NODE_LABELS"
+          value: "{{ .Values.nodeLabels }}"
+{{- end  }}
+        - name: "BGP_ADVERTISEMENT"
+          value: {{ .Values.bgpAdvertisement | quote }}
         resources:
             {{- toYaml .Values.resources | nindent 12 }}
         {{- if ne (len .Values.extraVolumeMounts) 0 }}

diff --git a/citrix-cloud-native/charts/citrix-ingress-controller/values.yaml b/citrix-cloud-native/charts/citrix-ingress-controller/values.yaml
@@ -5,7 +5,7 @@
 # NetScaler Ingress Controller config details
 imageRegistry: quay.io
 imageRepository: citrix/citrix-k8s-ingress-controller
-imageTag: 1.42.12
+imageTag: 1.43.7
 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}"
 pullPolicy: IfNotPresent
 imagePullSecrets: []
@@ -179,6 +179,32 @@ resources:
 
 affinity: {}
 
+bgpAdvertisement: False
+nodeLabels: ""
+
+enableReadinessProbe: True
+readinessProbe:
+  exec:
+    command:
+    - cat
+    - /tmp/readiness
+  initialDelaySeconds: 10
+  periodSeconds: 60
+  failureThreshold: 3
+  successThreshold: 1
+
+enableLivenessProbe: True
+livenessProbe:
+  exec:
+    command:
+    - /bin/sh
+    - -c
+    - |
+      FILE_PATH="$LIVENESS_FILE_PATH"
+      [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1
+  initialDelaySeconds: 30
+  periodSeconds: 60
+
 extraVolumeMounts: []
   # We usually recommend not to specify default resources and to leave this as a conscious
   # choice for the user.