[pull] master from kubermatic:master

content/kubermatic/main/architecture/compatibility/kkp-components-versioning/_index.en.md

@@ -12,8 +12,8 @@ of provided software and therefore releases updates regularly that also include
 
 | KKP Components | Version |
 | ------------------------------ | ------------------------------ |
-| backup/velero | 1.10.1 |
-| cert-manager | 1.12.2 |
+| backup/velero | 1.13.1 |
+| cert-manager | 1.14.4 |
 | iap | 7.4.0 |
 | kubermatic-operator | 9.9.9-dev |
 | local-kubevirt | 1.1.1 |
@@ -31,12 +31,12 @@ of provided software and therefore releases updates regularly that also include
 | monitoring/alertmanager | 0.25.0 |
 | monitoring/blackbox-exporter | 0.23.0 |
 | monitoring/grafana | 9.5.1 |
-| monitoring/helm-exporter | 1.2.5  |
-| monitoring/karma | 0.114 |
+| monitoring/helm-exporter | 1.2.16 |
+| monitoring/karma | 0.120 |
 | monitoring/kube-state-metrics | 2.8.2 |
 | monitoring/node-exporter | 1.5.0 |
 | monitoring/prometheus | 2.43.1 |
-| nginx-ingress-controller | 1.9.3  |
+| nginx-ingress-controller | 1.10.0 |
 | oauth | 2.36.0 |
 | s3-exporter | 0.7.1 |
 | telemetry | 0.5.0 |

content/kubermatic/main/architecture/supported-providers/vsphere/_index.en.md

@@ -148,12 +148,30 @@ For infrastructure (e.g. VMs, tags and networking) provisioning actions of KKP i
  * Modify customization specification
  * Read customization specifications
  * vSphere Tagging
- * Assign or Unassign vSphere Tag on Object
+ * Assign or Unassign vSphere Tag
+ * Assign or Unassign vSphere Tag on Object
+ * Create vSphere Tag
+ * Create vSphere Tag Category
+ * Delete vSphere Tag
+ * Delete vSphere Tag Category
+ * Edit vSphere Tag
+ * Edit vSphere Tag Category
+ * Modify UsedBy Field For Category
+ * Modify UsedBy Field For Tag
 ---
 
 ```
 $ govc role.ls k8c-user-vcenter
 Cns.Searchable
+InventoryService.Tagging.AttachTag
+InventoryService.Tagging.CreateCategory
+InventoryService.Tagging.CreateTag
+InventoryService.Tagging.DeleteCategory
+InventoryService.Tagging.DeleteTag
+InventoryService.Tagging.EditCategory
+InventoryService.Tagging.EditTag
+InventoryService.Tagging.ModifyUsedByForCategory
+InventoryService.Tagging.ModifyUsedByForTag
 InventoryService.Tagging.ObjectAttachable
 StorageProfile.View
 System.Anonymous
@@ -233,6 +251,8 @@ VirtualMachine.Inventory.CreateFromExisting
  * vApp
  * vApp application configuration
  * vApp instance configuration
+ * vSphere Tagging
+ * Assign or Unassign vSphere Tag on Object
 ---
 
 ```
@@ -245,6 +265,7 @@ Host.Config.Storage
 Host.Config.SystemManagement
 Host.Inventory.EditCluster
 Host.Local.ReconfigVM
+InventoryService.Tagging.ObjectAttachable
 Resource.AssignVMToPool
 Resource.ColdMigrate
 Resource.HotMigrate
@@ -258,12 +279,17 @@ VApp.InstanceConfig
 * Permissions
  * Network
  * Assign network
-
+ * vSphere Tagging
+ * Assign or Unassign vSphere Tag on Object
 ---
 
 ```
 $ govc role.ls k8c-network-attach
+InventoryService.Tagging.ObjectAttachable
 Network.Assign
+System.Anonymous
+System.Read
+System.View
 ```
 
 {{% /tab %}}
@@ -283,10 +309,7 @@ If a tag was not attached to the user cluster, machine controller will only deta
  * Browse datastore
  * Low level file operations
  * vSphere Tagging
- * Assign or Unassign vSphere Tag
  * Assign or Unassign vSphere Tag on an Object
- * Create vSphere Tag
- * Delete vSphere Tag
 
 ---
 
@@ -295,9 +318,6 @@ $ govc role.ls k8c-user-datastore-propagate
 Datastore.AllocateSpace
 Datastore.Browse
 Datastore.FileManagement
-InventoryService.Tagging.CreateTag
-InventoryService.Tagging.DeleteTag
-InventoryService.Tagging.AttachTag
 InventoryService.Tagging.ObjectAttachable
 System.Anonymous
 System.Read
@@ -440,7 +460,7 @@ VirtualMachine.State.RevertToSnapshot
 
 
 
-The described permissions have been tested with vSphere 7.0.U2 and might be different for other vSphere versions.
+The described permissions have been tested with vSphere 8.0.2 and might be different for other vSphere versions.
 
 ## Datastores and Datastore Clusters
 

content/kubermatic/v2.23/architecture/supported-providers/vsphere/vsphere.en.md

@@ -148,12 +148,30 @@ For infrastructure (e.g. VMs, tags and networking) provisioning actions of KKP i
  * Modify customization specification
  * Read customization specifications
  * vSphere Tagging
- * Assign or Unassign vSphere Tag on Object
+ * Assign or Unassign vSphere Tag
+ * Assign or Unassign vSphere Tag on Object
+ * Create vSphere Tag
+ * Create vSphere Tag Category
+ * Delete vSphere Tag
+ * Delete vSphere Tag Category
+ * Edit vSphere Tag
+ * Edit vSphere Tag Category
+ * Modify UsedBy Field For Category
+ * Modify UsedBy Field For Tag
 ---
 
 ```
 $ govc role.ls k8c-user-vcenter
 Cns.Searchable
+InventoryService.Tagging.AttachTag
+InventoryService.Tagging.CreateCategory
+InventoryService.Tagging.CreateTag
+InventoryService.Tagging.DeleteCategory
+InventoryService.Tagging.DeleteTag
+InventoryService.Tagging.EditCategory
+InventoryService.Tagging.EditTag
+InventoryService.Tagging.ModifyUsedByForCategory
+InventoryService.Tagging.ModifyUsedByForTag
 InventoryService.Tagging.ObjectAttachable
 StorageProfile.View
 System.Anonymous
@@ -233,6 +251,8 @@ VirtualMachine.Inventory.CreateFromExisting
  * vApp
  * vApp application configuration
  * vApp instance configuration
+ * vSphere Tagging
+ * Assign or Unassign vSphere Tag on Object
 ---
 
 ```
@@ -245,6 +265,7 @@ Host.Config.Storage
 Host.Config.SystemManagement
 Host.Inventory.EditCluster
 Host.Local.ReconfigVM
+InventoryService.Tagging.ObjectAttachable
 Resource.AssignVMToPool
 Resource.ColdMigrate
 Resource.HotMigrate
@@ -258,12 +279,17 @@ VApp.InstanceConfig
 * Permissions
  * Network
  * Assign network
-
+ * vSphere Tagging
+ * Assign or Unassign vSphere Tag on Object
 ---
 
 ```
 $ govc role.ls k8c-network-attach
+InventoryService.Tagging.ObjectAttachable
 Network.Assign
+System.Anonymous
+System.Read
+System.View
 ```
 
 {{% /tab %}}
@@ -283,10 +309,7 @@ If a tag was not attached to the user cluster, machine controller will only deta
  * Browse datastore
  * Low level file operations
  * vSphere Tagging
- * Assign or Unassign vSphere Tag
  * Assign or Unassign vSphere Tag on an Object
- * Create vSphere Tag
- * Delete vSphere Tag
 
 ---
 
@@ -295,9 +318,6 @@ $ govc role.ls k8c-user-datastore-propagate
 Datastore.AllocateSpace
 Datastore.Browse
 Datastore.FileManagement
-InventoryService.Tagging.CreateTag
-InventoryService.Tagging.DeleteTag
-InventoryService.Tagging.AttachTag
 InventoryService.Tagging.ObjectAttachable
 System.Anonymous
 System.Read
@@ -440,7 +460,7 @@ VirtualMachine.State.RevertToSnapshot
 
 
 
-The described permissions have been tested with vSphere 7.0.U2 and might be different for other vSphere versions.
+The described permissions have been tested with vSphere 8.0.2 and might be different for other vSphere versions.
 
 ## Datastores and Datastore Clusters
 
@@ -527,4 +547,4 @@ We have two options to configure these flags for KKP installations:
 ### References
 
 * <https://github.com/cilium/cilium/issues/13096>
-* <https://github.com/cilium/cilium/issues/21801>
+* <https://github.com/cilium/cilium/issues/21801>

content/kubermatic/v2.24/architecture/supported-providers/vsphere/_index.en.md

@@ -148,12 +148,30 @@ For infrastructure (e.g. VMs, tags and networking) provisioning actions of KKP i
  * Modify customization specification
  * Read customization specifications
  * vSphere Tagging
- * Assign or Unassign vSphere Tag on Object
+ * Assign or Unassign vSphere Tag
+ * Assign or Unassign vSphere Tag on Object
+ * Create vSphere Tag
+ * Create vSphere Tag Category
+ * Delete vSphere Tag
+ * Delete vSphere Tag Category
+ * Edit vSphere Tag
+ * Edit vSphere Tag Category
+ * Modify UsedBy Field For Category
+ * Modify UsedBy Field For Tag
 ---
 
 ```
 $ govc role.ls k8c-user-vcenter
 Cns.Searchable
+InventoryService.Tagging.AttachTag
+InventoryService.Tagging.CreateCategory
+InventoryService.Tagging.CreateTag
+InventoryService.Tagging.DeleteCategory
+InventoryService.Tagging.DeleteTag
+InventoryService.Tagging.EditCategory
+InventoryService.Tagging.EditTag
+InventoryService.Tagging.ModifyUsedByForCategory
+InventoryService.Tagging.ModifyUsedByForTag
 InventoryService.Tagging.ObjectAttachable
 StorageProfile.View
 System.Anonymous
@@ -233,6 +251,8 @@ VirtualMachine.Inventory.CreateFromExisting
  * vApp
  * vApp application configuration
  * vApp instance configuration
+ * vSphere Tagging
+ * Assign or Unassign vSphere Tag on Object
 ---
 
 ```
@@ -245,6 +265,7 @@ Host.Config.Storage
 Host.Config.SystemManagement
 Host.Inventory.EditCluster
 Host.Local.ReconfigVM
+InventoryService.Tagging.ObjectAttachable
 Resource.AssignVMToPool
 Resource.ColdMigrate
 Resource.HotMigrate
@@ -258,12 +279,17 @@ VApp.InstanceConfig
 * Permissions
  * Network
  * Assign network
-
+ * vSphere Tagging
+ * Assign or Unassign vSphere Tag on Object
 ---
 
 ```
 $ govc role.ls k8c-network-attach
+InventoryService.Tagging.ObjectAttachable
 Network.Assign
+System.Anonymous
+System.Read
+System.View
 ```
 
 {{% /tab %}}
@@ -283,10 +309,7 @@ If a tag was not attached to the user cluster, machine controller will only deta
  * Browse datastore
  * Low level file operations
  * vSphere Tagging
- * Assign or Unassign vSphere Tag
  * Assign or Unassign vSphere Tag on an Object
- * Create vSphere Tag
- * Delete vSphere Tag
 
 ---
 
@@ -295,9 +318,6 @@ $ govc role.ls k8c-user-datastore-propagate
 Datastore.AllocateSpace
 Datastore.Browse
 Datastore.FileManagement
-InventoryService.Tagging.CreateTag
-InventoryService.Tagging.DeleteTag
-InventoryService.Tagging.AttachTag
 InventoryService.Tagging.ObjectAttachable
 System.Anonymous
 System.Read
@@ -440,7 +460,7 @@ VirtualMachine.State.RevertToSnapshot
 
 
 
-The described permissions have been tested with vSphere 7.0.U2 and might be different for other vSphere versions.
+The described permissions have been tested with vSphere 8.0.2 and might be different for other vSphere versions.
 
 ## Datastores and Datastore Clusters