Erik Wilson
02dccd328a
Merge pull request #1835 from evrardjp/remove-trailing-whitespaces
...
Remove trailing whitespaces
2020-05-28 17:07:01 -07:00
Erik Wilson
d4d99872ea
Merge pull request #1836 from briandowns/bump_cni_version
...
update CNI to v0.8.6-k3s1
2020-05-28 17:06:28 -07:00
Brian Downs
3864fa2ba8
update CNI to v0.8.6-k3s1
2020-05-28 14:44:03 -07:00
Jean-Philippe Evrard
eabc82c724
Remove trailing whitespaces
...
To please my OCD, and remove my editor flashing boxes,
I am removing trailing whitespaces. They have no purpose in life.
2020-05-27 17:27:30 +02:00
Erik Wilson
b237637338
Merge pull request #1833 from erikwilson/release-1.18
...
Update k8s 1.18.3
2020-05-27 05:03:00 -07:00
Erik Wilson
f1a01f4afb
Update k8s 1.18.3
2020-05-26 15:59:35 -07:00
Erik Wilson
25d43177ff
Bump golang to 1.13.11
2020-05-26 15:55:58 -07:00
Erik Wilson
43b9bf2e50
Merge pull request #1795 from StateFarmIns/support_for_setting_default_ssl_ciphers
...
Feature Request #1741 : Update to set default CipherSuites
2020-05-15 09:41:37 -07:00
Erik Wilson
d10d6f7fb3
Merge pull request #1762 from consideRatio/coredns-readinessprobe
...
coredns: readiness- and livenessProbe tweaks (~15s -> ~3s startup)
2020-05-15 09:40:54 -07:00
David Nuzik
7352b92cd8
Merge pull request #1794 from davidnuzik/update-stable-channel
...
Bump stable version from v1.17.4 to v1.18.2
2020-05-13 13:55:22 -07:00
David Nuzik
f1c542a38e
Bump stable version from v1.17.4 to v1.18.2
...
* Updates channel.yaml - replaces v1.17.4 with v1.18.2 which is now stable.
2020-05-13 09:45:39 -07:00
Chuck Schweizer
19c34bd12d
Update to set default CipherSuites
...
The default CipherSuites need to be set to disable the insecure TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Cipher
2020-05-13 08:34:45 -05:00
Erik Wilson
689c2726e2
Merge pull request #1787 from St0rmingBr4in/move-contrib-ansible
...
contrib/ansible: Remove duplication and redirect to new repository
2020-05-12 10:17:55 -07:00
Julien DOCHE
55cca7bba3
contrib/ansible: Remove duplication and redirect to new repository
...
Signed-off-by: Julien DOCHE <julien.doche@gmail.com>
2020-05-12 17:47:20 +02:00
Craig Jellick
773b8becc6
Merge pull request #1783 from cjellick/code-of-conduct
...
add code of conduct
2020-05-11 08:05:52 -07:00
Craig Jellick
2bd339f7c8
add code of conduct
2020-05-11 06:12:16 -07:00
Darren Shepherd
904af8fce7
Merge pull request #1765 from csschwe/support_tls_min_version
...
Feature Request #1741 : Adding support for tls minimum version
2020-05-07 08:24:10 -07:00
Chuck Schweizer
ca9c9c2e1e
Adding support for TLS MinVersion and CipherSuites
...
This will watch for the following kube-apiserver-arg variables and apply
them to the k3s kube-apiserver https listener.
--kube-apiserver-arg=tls-cipher-suites=XXXXXXX
--kube-apiserver-arg=tls-min-version=XXXXXXX
2020-05-07 09:27:09 -05:00
Erik Sundell
27ae2fb9c8
coredns: go generate
2020-05-07 16:21:46 +02:00
Darren Shepherd
cb4b34763e
Merge pull request #1759 from ibuildthecloud/background
...
Start kube-apiserver in the background
2020-05-06 21:50:48 -07:00
Darren Shepherd
e5fe184a44
Merge pull request #1757 from ibuildthecloud/separate-port
...
Add supervisor port
2020-05-06 21:32:45 -07:00
Darren Shepherd
072396f774
Start kube-apiserver in the background
...
In rke2 everything is a static pod so this causes a chicken and egg situation
in which we need the kubelet running before the kube-apiserver can be
launched. By starting the apiserver in the background this allows us to
do this odd bootstrapping.
2020-05-06 21:17:23 -07:00
Craig Jellick
359b2ba790
Merge pull request #1769 from cjellick/channel-18
...
Add channels for 1.18
2020-05-06 18:08:25 -07:00
Craig Jellick
004e00b34f
Add channels for 1.18
2020-05-06 17:43:39 -07:00
Craig Jellick
ad4c542ad5
Merge pull request #1735 from stellirin/performance
...
[systemd] Add value to LimitNOFILE due to performance problems
2020-05-06 16:37:37 -07:00
Erik Sundell
03bb1b9770
coredns: readiness- and livenessProbe tweaks
...
The readinessProbe was delaying the startup of coredns greatly. This
change brings startup times from ~15s to ~2-3s when testing locally. A
reduction of ~80%.
The livenessProbe would also take potentially more than a minute to
be declared unhealthy and restarted which is now tweaked down to about
30 seconds
For more information about the probes, see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes
2020-05-06 22:18:32 +02:00
Darren Shepherd
f38082673d
Merge pull request #1753 from ibuildthecloud/prepull
...
Support prepulling images on start
2020-05-05 22:11:52 -07:00
Darren Shepherd
74bcf4da0b
Merge pull request #1756 from ibuildthecloud/less-logging
...
Only echo Waiting for kubelet every 30 seconds
2020-05-05 22:07:50 -07:00
Darren Shepherd
b86256bf65
Merge pull request #1696 from ibuildthecloud/executor
...
Encapsulate execution logic
2020-05-05 16:01:31 -07:00
Darren Shepherd
2f5ee914f9
Add supervisor port
...
In k3s today the kubernetes API and the /v1-k3s API are combined into
one http server. In rke2 we are running unmodified, non-embedded Kubernetes
and as such it is preferred to run k8s and the /v1-k3s API on different
ports. The /v1-k3s API port is called the SupervisorPort in the code.
To support this separation of ports a new shim was added on the client in
then pkg/agent/proxy package that will launch two load balancers instead
of just one load balancer. One load balancer for 6443 and the other
for 9345 (which is the supervisor port).
2020-05-05 15:54:51 -07:00
Darren Shepherd
afd6f6d7e7
Encapsulate execution logic
...
This moves all the calls to cobra root commands to one package
so that we can change the behavior of running components as embedded
or external.
2020-05-05 15:34:32 -07:00
Darren Shepherd
61ba9171ce
Only echo Waiting for kubelet every 30 seconds
...
Don't print a message every second while we are waiting for the
kubelet to report Ready.
2020-05-05 15:23:18 -07:00
Darren Shepherd
1d05e99769
Merge pull request #1752 from ibuildthecloud/disable-ccm
...
Don't write ccm.yaml if --disable-cloud-controller is set
2020-05-05 15:11:10 -07:00
Darren Shepherd
6932d03bb4
Support prepulling images on start
...
In the agent/images folder if a .txt file is found it is assumed to
be a line separated list of image names to pull on start.
2020-05-05 14:45:39 -07:00
Darren Shepherd
70ddc799bd
Merge pull request #1691 from ibuildthecloud/staticpod
...
Suppport static pods at ${datadir}/agent/staticpods
2020-05-05 14:35:45 -07:00
Darren Shepherd
341895c322
Don't write ccm.yaml if --disable-cloud-controller is set
2020-05-05 13:01:52 -07:00
Darren Shepherd
8c7fbe3dde
Suppport static pods at ${datadir}/agent/pod-manifests
2020-05-05 12:43:47 -07:00
Erik Wilson
39c3854648
Merge pull request #1720 from ilknarf/master
...
remove redundant Sprintf
2020-05-04 20:50:58 -07:00
Erik Wilson
c71561129e
Merge pull request #1716 from ibuildthecloud/debugpublic
...
Make debug variable public to be used by wrapper programs
2020-05-04 20:50:36 -07:00
Erik Wilson
6d785b8627
Merge pull request #1736 from oliviermichaelis/replace-deprecated
...
Replace deprecated option
2020-05-04 20:29:53 -07:00
Erik Wilson
c941e1d0bb
Merge pull request #1695 from ibuildthecloud/kubeproxy
...
Add ability to disable kubeproxy
2020-05-04 20:26:22 -07:00
Erik Wilson
df1725cb06
Merge pull request #1694 from ibuildthecloud/inittwice
...
Allow InitLogging to be called twice
2020-05-04 20:22:04 -07:00
Erik Wilson
2fb5bad3e8
Merge pull request #1704 from ibuildthecloud/x509-admin
...
No longer use basic auth for default admin account
2020-05-04 20:21:12 -07:00
Erik Wilson
21eabd902b
Merge pull request #1693 from ibuildthecloud/disableditem
...
Move disabled items to a const to keep more consistency
2020-05-04 20:16:42 -07:00
Erik Wilson
21266bab7e
Merge pull request #1692 from ibuildthecloud/err
...
Check for error on mkdir
2020-05-04 20:16:20 -07:00
Erik Wilson
ed8cd9250b
Merge pull request #1690 from ibuildthecloud/flannel
...
Only need to resolve the path of host-local if Flannel is enabled
2020-05-04 20:15:59 -07:00
Erik Wilson
47bb0939e6
Merge pull request #1611 from Dirbaio/master
...
Correctly quote auth strings in containerd config. For #1610
2020-05-04 19:27:17 -07:00
Erik Wilson
c769bb115a
Merge pull request #1500 from joakimr-axis/joakimr-axis_package-cli
...
package-cli: Remove redundant rm -rf build/data
2020-05-04 19:24:21 -07:00
Erik Wilson
698e444a03
Merge pull request #1742 from dweomer/runc/replace-rc10
...
runc: bump to rc10
2020-05-04 18:36:06 -07:00
Jacob Blain Christen
4949da46f1
runc: bump to rc10
...
- [CVE-2019-19921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921 )
See https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc10
2020-05-04 18:11:25 -07:00