github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #7784 from manuelbuil/tailscaleFixes125 

[Release 1.25] Fix logging and cleanup in Tailscale
pull/7788/head
Manuel Buil 2023-06-14 21:41:10 +02:00 committed by GitHub
parent d8aac17d5f 8626667494
commit 873fc1c77c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 50 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
install.sh
View File

@ -646,6 +646,27 @@ killtree() {
) 2>/dev/null ) 2>/dev/null
} }
remove_interfaces() {
# Delete network interface(s) that match 'master cni0'
ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore; do
iface=${iface%%@*}
[ -z "$iface" ] || ip link delete $iface
done
# Delete cni related interfaces
ip link delete cni0
ip link delete flannel.1
ip link delete flannel-v6.1
ip link delete kube-ipvs0
ip link delete flannel-wg
ip link delete flannel-wg-v6
# Restart tailscale
if [ -n "$(command -v tailscale)" ]; then
tailscale set --advertise-routes=
fi
}
getshims() { getshims() {
ps -e -o pid= -o args= | sed -e 's/^ *//; s/\s\s*/\t/;' | grep -w 'k3s/data/[^/]*/bin/containerd-shim' | cut -f1 ps -e -o pid= -o args= | sed -e 's/^ *//; s/\s\s*/\t/;' | grep -w 'k3s/data/[^/]*/bin/containerd-shim' | cut -f1
} }
@ -669,17 +690,8 @@ do_unmount_and_remove '/run/netns/cni-'
# Remove CNI namespaces # Remove CNI namespaces
ip netns show 2>/dev/null | grep cni- | xargs -r -t -n 1 ip netns delete ip netns show 2>/dev/null | grep cni- | xargs -r -t -n 1 ip netns delete
# Delete network interface(s) that match 'master cni0' remove_interfaces
ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore; do
iface=${iface%%@*}
[ -z "$iface" ] || ip link delete $iface
done
ip link delete cni0
ip link delete flannel.1
ip link delete flannel-v6.1
ip link delete kube-ipvs0
ip link delete flannel-wg
ip link delete flannel-wg-v6
rm -rf /var/lib/cni/ rm -rf /var/lib/cni/
iptables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | iptables-restore iptables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | iptables-restore
ip6tables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | ip6tables-restore ip6tables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | ip6tables-restore

34
package/rpm/install.sh
View File

@ -543,6 +543,27 @@ killtree() {
) 2>/dev/null ) 2>/dev/null
} }
remove_interfaces() {
# Delete network interface(s) that match 'master cni0'
ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore; do
iface=${iface%%@*}
[ -z "$iface" ] || ip link delete $iface
done
# Delete cni related interfaces
ip link delete cni0
ip link delete flannel.1
ip link delete flannel-v6.1
ip link delete kube-ipvs0
ip link delete flannel-wg
ip link delete flannel-wg-v6
# Remove advertised routes in tailscale
if [[ -n $(command -v tailscale) ]]; then
tailscale set --advertise-routes=
fi
}
getshims() { getshims() {
ps -e -o pid= -o args= | sed -e 's/^ *//; s/\s\s*/\t/;' | grep -w 'k3s/data/[^/]*/bin/containerd-shim' | cut -f1 ps -e -o pid= -o args= | sed -e 's/^ *//; s/\s\s*/\t/;' | grep -w 'k3s/data/[^/]*/bin/containerd-shim' | cut -f1
} }
@ -558,17 +579,8 @@ do_unmount '/var/lib/rancher/k3s'
do_unmount '/var/lib/kubelet/pods' do_unmount '/var/lib/kubelet/pods'
do_unmount '/run/netns/cni-' do_unmount '/run/netns/cni-'
# Delete network interface(s) that match 'master cni0' remove_interfaces
ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore; do
iface=${iface%%@*}
[ -z "$iface" ] || ip link delete $iface
done
ip link delete cni0
ip link delete flannel.1
ip link delete flannel-v6.1
ip link delete flannel-wg
ip link delete flannel-wg-v6
ip link delete kube-ipvs0
rm -rf /var/lib/cni/ rm -rf /var/lib/cni/
iptables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | iptables-restore iptables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | iptables-restore
ip6tables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | ip6tables-restore ip6tables-save | grep -v KUBE- | grep -v CNI- | grep -iv flannel | ip6tables-restore

8
pkg/vpn/vpn.go
View File

@ -2,13 +2,13 @@ package vpn
import ( import (
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"net" "net"
"strings" "strings"
"github.com/k3s-io/k3s/pkg/util" "github.com/k3s-io/k3s/pkg/util"
"github.com/pkg/errors"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
) )
@ -44,11 +44,11 @@ func StartVPN(vpnAuthConfigFile string) error {
logrus.Infof("Starting VPN: %s", authInfo.Name) logrus.Infof("Starting VPN: %s", authInfo.Name)
switch authInfo.Name { switch authInfo.Name {
case "tailscale": case "tailscale":
outpt, err := util.ExecCommand("tailscale", []string{"up", "--authkey", authInfo.JoinKey, "--reset"}) output, err := util.ExecCommand("tailscale", []string{"up", "--authkey", authInfo.JoinKey, "--reset"})
if err != nil { if err != nil {
return err return errors.Wrap(err, "tailscale up failed: "+output)
} }
logrus.Debugf("Output from tailscale up: %v", outpt) logrus.Debugf("Output from tailscale up: %v", output)
return nil return nil
default: default:
return fmt.Errorf("Requested VPN: %s is not supported. We currently only support tailscale", authInfo.Name) return fmt.Errorf("Requested VPN: %s is not supported. We currently only support tailscale", authInfo.Name)