From 8dde1e51bbd538fcfc809846a2669e3ed903ffdf Mon Sep 17 00:00:00 2001
From: Samuel Jones <samuel.jones@stfc.ac.uk>
Date: Thu, 19 Dec 2024 16:47:24 +0000
Subject: [PATCH] Update values

---
 c-api/management-cluster/user-values.yaml | 28 ++++++++++++++++++---
 c-api/management-cluster/values.yaml      | 29 +++++++++-------------
 c-api/prod-cluster/user-values.yaml       | 26 ++++++++++++++++++--
 c-api/prod-cluster/values.yaml            | 30 +++++++++--------------
 c-api/staging-cluster/user-values.yaml    | 26 ++++++++++++++++++--
 c-api/staging-cluster/values.yaml         | 29 +++++++++-------------
 6 files changed, 107 insertions(+), 61 deletions(-)

diff --git a/c-api/management-cluster/user-values.yaml b/c-api/management-cluster/user-values.yaml
index fd1755c..4df805e 100644
--- a/c-api/management-cluster/user-values.yaml
+++ b/c-api/management-cluster/user-values.yaml
@@ -13,16 +13,16 @@ controlPlane:
   # The number of control plane machines to deploy
   # For high-availability, this should be greater than 1
   # For etcd quorum, it should be odd - usually 3, or 5 for very large clusters
-  machineCount: 3
+  machineCount: 5
   # The flavor to use for control plane machines
   machineFlavor: l3.nano
 
 # The Kubernetes version of the cluster
 # This should match the version of kubelet and kubeadm in the image
 # and will be automatically updated by us
-kubernetesVersion: "1.27.7"
+kubernetesVersion: "1.30.6"
 # The name of the image to use for cluster machines
-machineImage: "capi-ubuntu-2004-kube-v1.27.7-2023-11-01"
+machineImage: "capi-ubuntu-2204-kube-v1.30.6-2024-11-15"
 
 # Settings for node-level registry auth if using a private registry
 registryAuth:
@@ -34,3 +34,25 @@ registryAuth:
 # The name of the SSH key to inject into cluster machines, this can be
 # left blank if a user does not require SSH access to the machines
 machineSSHKeyName: sam-laptop
+
+addons:
+  monitoring:
+    enabled: false
+  ingress:
+    enabled: true
+    nginx:
+      release:
+        values:
+          controller:
+            service:
+              loadBalancerIP: "130.246.214.230"
+  openstack:
+    enabled: true
+    csiCinder:
+      enabled: true
+  nodeFeatureDiscovery:
+    enabled: true
+  mellanoxNetworkOperator:
+    enabled: true
+  nvidiaGPUOperator:
+    enabled: false
\ No newline at end of file
diff --git a/c-api/management-cluster/values.yaml b/c-api/management-cluster/values.yaml
index 368ff32..52a49d8 100644
--- a/c-api/management-cluster/values.yaml
+++ b/c-api/management-cluster/values.yaml
@@ -132,6 +132,7 @@ cloudCACert: |
 # The name of the cloud to use from the specified clouds.yaml
 cloudName: openstack
 
+# Values for the Kubernetes cluster network
 kubeNetwork:
   # By default, use the private network range 10.0.0.0/12 for the cluster network
   # We split it into two equally-sized blocks for pods and services
@@ -145,6 +146,10 @@ kubeNetwork:
       - 10.8.0.0/13
   serviceDomain: cluster.local
 
+clusterNetworking:
+  internalNetwork:
+    nodeCidr: 192.168.128.0/17
+
 # Settings for registry mirrors
 registryMirrors: { docker.io: ["https://dockerhub.stfc.ac.uk"] }
 
@@ -158,25 +163,13 @@ apiServer:
   port: 6443
 
 addons:
+  # Enable monitoring by default, this deploys
+  # https://github.com/stackhpc/capi-helm-charts/blob/main/charts/cluster-addons/README.md#monitoring-and-logging
+  # and includes Loki which is required for central logging as per UKRI policy
   monitoring:
-    enabled: false
-  ingress:
     enabled: true
-    nginx:
-      release:
-        values:
-          controller:
-            service:
-              loadBalancerIP: "130.246.214.230"
+  # set availabilty zone as upstream uses nova by default
   openstack:
-    enabled: true
     csiCinder:
-      enabled: false
-  cni:
-    type: cilium
-  nodeFeatureDiscovery:
-    enabled: false
-  mellanoxNetworkOperator:
-    enabled: false
-  nvidiaGPUOperator:
-    enabled: false
+      defaultStorageClass:
+        availabilityZone: ceph
diff --git a/c-api/prod-cluster/user-values.yaml b/c-api/prod-cluster/user-values.yaml
index 1071d0a..5e79549 100644
--- a/c-api/prod-cluster/user-values.yaml
+++ b/c-api/prod-cluster/user-values.yaml
@@ -20,9 +20,9 @@ controlPlane:
 # The Kubernetes version of the cluster
 # This should match the version of kubelet and kubeadm in the image
 # and will be automatically updated by us
-kubernetesVersion: "1.27.7"
+kubernetesVersion: "1.30.6"
 # The name of the image to use for cluster machines
-machineImage: "capi-ubuntu-2004-kube-v1.27.7-2023-11-01"
+machineImage: "capi-ubuntu-2204-kube-v1.30.6-2024-11-15"
 
 # Settings for node-level registry auth if using a private registry
 registryAuth:
@@ -34,3 +34,25 @@ registryAuth:
 # The name of the SSH key to inject into cluster machines, this can be
 # left blank if a user does not require SSH access to the machines
 machineSSHKeyName: sam-laptop
+
+addons:
+  monitoring:
+    enabled: false
+  ingress:
+    enabled: true
+    nginx:
+      release:
+        values:
+          controller:
+            service:
+              loadBalancerIP: "130.246.81.192"
+  openstack:
+    enabled: true
+    csiCinder:
+      enabled: true
+  nodeFeatureDiscovery:
+    enabled: true
+  mellanoxNetworkOperator:
+    enabled: true
+  nvidiaGPUOperator:
+    enabled: false
\ No newline at end of file
diff --git a/c-api/prod-cluster/values.yaml b/c-api/prod-cluster/values.yaml
index 8521337..52a49d8 100644
--- a/c-api/prod-cluster/values.yaml
+++ b/c-api/prod-cluster/values.yaml
@@ -1,4 +1,3 @@
-global:
 # The PEM-encoded CA certificate for openstack.stfc.ac.uk
 # this expires 2023-12-05T23:59:59Z (UTC)
 # This allows a user to skip adding verify: false
@@ -133,6 +132,7 @@ cloudCACert: |
 # The name of the cloud to use from the specified clouds.yaml
 cloudName: openstack
 
+# Values for the Kubernetes cluster network
 kubeNetwork:
   # By default, use the private network range 10.0.0.0/12 for the cluster network
   # We split it into two equally-sized blocks for pods and services
@@ -146,6 +146,10 @@ kubeNetwork:
       - 10.8.0.0/13
   serviceDomain: cluster.local
 
+clusterNetworking:
+  internalNetwork:
+    nodeCidr: 192.168.128.0/17
+
 # Settings for registry mirrors
 registryMirrors: { docker.io: ["https://dockerhub.stfc.ac.uk"] }
 
@@ -159,23 +163,13 @@ apiServer:
   port: 6443
 
 addons:
+  # Enable monitoring by default, this deploys
+  # https://github.com/stackhpc/capi-helm-charts/blob/main/charts/cluster-addons/README.md#monitoring-and-logging
+  # and includes Loki which is required for central logging as per UKRI policy
   monitoring:
-    enabled: false
-  ingress:
     enabled: true
-    nginx:
-      release:
-        values:
-          controller:
-            service:
-              loadBalancerIP: "130.246.81.192"
+  # set availabilty zone as upstream uses nova by default
   openstack:
-    enabled: true
-  cni:
-    type: cilium
-  nodeFeatureDiscovery:
-    enabled: false
-  mellanoxNetworkOperator:
-    enabled: false
-  nvidiaGPUOperator:
-    enabled: false
+    csiCinder:
+      defaultStorageClass:
+        availabilityZone: ceph
diff --git a/c-api/staging-cluster/user-values.yaml b/c-api/staging-cluster/user-values.yaml
index 7aa300f..5c8bb20 100644
--- a/c-api/staging-cluster/user-values.yaml
+++ b/c-api/staging-cluster/user-values.yaml
@@ -20,9 +20,9 @@ controlPlane:
 # The Kubernetes version of the cluster
 # This should match the version of kubelet and kubeadm in the image
 # and will be automatically updated by us
-kubernetesVersion: "1.27.7"
+kubernetesVersion: "1.30.6"
 # The name of the image to use for cluster machines
-machineImage: "capi-ubuntu-2004-kube-v1.27.7-2023-11-01"
+machineImage: "capi-ubuntu-2204-kube-v1.30.6-2024-11-15"
 
 # Settings for node-level registry auth if using a private registry
 registryAuth:
@@ -34,3 +34,25 @@ registryAuth:
 # The name of the SSH key to inject into cluster machines, this can be
 # left blank if a user does not require SSH access to the machines
 machineSSHKeyName: sam-laptop
+
+addons:
+  monitoring:
+    enabled: false
+  ingress:
+    enabled: true
+    nginx:
+      release:
+        values:
+          controller:
+            service:
+              loadBalancerIP: "130.246.81.122"
+  openstack:
+    enabled: true
+    csiCinder:
+      enabled: true
+  nodeFeatureDiscovery:
+    enabled: true
+  mellanoxNetworkOperator:
+    enabled: true
+  nvidiaGPUOperator:
+    enabled: false
\ No newline at end of file
diff --git a/c-api/staging-cluster/values.yaml b/c-api/staging-cluster/values.yaml
index 9ba42b8..52a49d8 100644
--- a/c-api/staging-cluster/values.yaml
+++ b/c-api/staging-cluster/values.yaml
@@ -1,4 +1,3 @@
-global:
 # The PEM-encoded CA certificate for openstack.stfc.ac.uk
 # this expires 2023-12-05T23:59:59Z (UTC)
 # This allows a user to skip adding verify: false
@@ -147,6 +146,10 @@ kubeNetwork:
       - 10.8.0.0/13
   serviceDomain: cluster.local
 
+clusterNetworking:
+  internalNetwork:
+    nodeCidr: 192.168.128.0/17
+
 # Settings for registry mirrors
 registryMirrors: { docker.io: ["https://dockerhub.stfc.ac.uk"] }
 
@@ -160,23 +163,13 @@ apiServer:
   port: 6443
 
 addons:
+  # Enable monitoring by default, this deploys
+  # https://github.com/stackhpc/capi-helm-charts/blob/main/charts/cluster-addons/README.md#monitoring-and-logging
+  # and includes Loki which is required for central logging as per UKRI policy
   monitoring:
-    enabled: false
-  ingress:
     enabled: true
-    nginx:
-      release:
-        values:
-          controller:
-            service:
-              loadBalancerIP: "130.246.81.122"
+  # set availabilty zone as upstream uses nova by default
   openstack:
-    enabled: true
-  cni:
-    type: cilium
-  nodeFeatureDiscovery:
-    enabled: false
-  mellanoxNetworkOperator:
-    enabled: false
-  nvidiaGPUOperator:
-    enabled: false
+    csiCinder:
+      defaultStorageClass:
+        availabilityZone: ceph