4aca21a1f1
Add cri-dockerd support as backend for --docker flag
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 years ago
d2089872bb
Fix issue with containerd stats missing from cadvisor metrics
...
cadvisor still doesn't pull stats via CRI yet, so we have to continue to use the deprecated arg.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2 years ago
491aa11e10
Revert "Give kubelet the node-ip value ( #5579 )"
...
This reverts commit aa9065749c
3 years ago
29397b4e68
Re-add --cloud-provider=external kubelet arg
...
The cloud-provider arg is deprecated and cannot be set to anything other than external, but must still be used or node addresses are not set properly.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
aa9065749c
Give kubelet the node-ip value ( #5579 )
...
* Give kubelet all node-ips
Signed-off-by: Manuel Buil <mbuil@suse.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
360f18d1cf
Always set pod-infra-container-image to protect it from image GC
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
551f2fa00a
Remove deprecated flags from kubelet
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
333311c7ee
Add systemd cgroup controller support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
8083ef5824
fix function arg call ( #5234 )
3 years ago
3fabc0703b
Merge pull request #4450 from olljanat/support-ipv6-only
...
Add partial support for IPv6 only mode
3 years ago
9a849b1bb7
[master] changing package to k3s-io ( #4846 )
...
* changing package to k3s-io
Signed-off-by: Luther Monson <luther.monson@gmail.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
3 years ago
966f4d6a01
Add support for IPv6 only mode
...
Automatically switch to IPv6 only mode if first node-ip is IPv6 address
Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>
3 years ago
66eeabbdfc
linter doesn't actually run on windows, found these while getting it running on a windows machine
...
Signed-off-by: Luther Monson <luther.monson@gmail.com>
3 years ago
87395e32d6
Update modules for Kubernetes v1.23
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
5d168a1d59
Allow svclb pod to enable ipv6 forwarding
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
3 years ago
73e21e739f
Drop broken SupportNoneCgroupDriver support
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
199424b608
Pass context into all Executor functions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
90960ebf4e
SupportPodPidsLimit is locked to true of 1.20, making pids cgroup support mandatory
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
8b857eef9c
Ship Stargz Snapshotter ( #2936 )
...
* Ship Stargz Snapshotter
Signed-off-by: ktock <ktokunaga.mail@gmail.com>
* Bump github.com/containerd/stargz-snapshotter to v0.8.0
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
3 years ago
176451f4ea
Fix rootless regression in 1.22 (Set KubeletInUserNamespace gate) ( #3901 )
...
Fix issue 3900
Kubernetes 1.22 requires `KuebletInUserNamespace` feature gate to be set for rootless:
https://kubernetes.io/docs/tasks/administer-cluster/kubelet-in-userns/#userns-the-hard-way
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
3 years ago
e204d863a5
Update Kubernetes to v1.22.1
...
* Update Kubernetes to v1.22.1
* Update dependent modules to track with upstream
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
ae909c73e5
Updated the code to use GetNetworkByName and tweaked logic.
...
Updated the method being called and tweaked the logic.
Signed-off-by: Jamie Phillips <jamie.phillips@suse.com>
3 years ago
7704fb6ee5
Exporting the AddFeatureGate function and adding a unit test for it. ( #3661 )
3 years ago
fc19b805d5
Added logic to strip any existing hyphens before processing the args. ( #3662 )
...
Updated the logic to handle if extra args are passed with existing hyphens in the arg. The test was updated to add the additional case of having pre-existing hyphens. The method name was also refactored based on previous feedback.
3 years ago
90445bd581
Wait until server is ready before configuring kube-proxy ( #3716 )
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
3 years ago
a62d143936
Fixing various bugs related to windows.
...
This changes the crictl template for issues with the socket information. It also addresses a typo in the socket address. Last it makes tweaks to configuration that aren't required or had incorrect logic.
Signed-off-by: Jamie Phillips <jamie.phillips@suse.com>
spelling
3 years ago
82394d7d36
Basic windows agent that will join a cluster without CNI.
...
Signed-off-by: Jamie Phillips <jamie.phillips@suse.com>
3 years ago
7345ac35ae
Initial windows support for agent ( #3375 )
...
Signed-off-by: Jamie Phillips <jamie.phillips@suse.com>
4 years ago
7e175e8ad4
Handle conntrack-related sysctls in supervisor agent setup
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
4 years ago
02a5bee62f
Add system-default-registry support and remove shared code ( #3285 )
...
* Move registries.yaml handling out to rancher/wharfie
* Add system-default-registry support
* Add CLI support for kubelet image credential providers
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
4 years ago
2705431d96
Add support for dual-stack Pod/Service CIDRs and node IP addresses ( #3212 )
...
* Add support for dual-stack cluster/service CIDRs and node addresses
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
4 years ago
6e8284e3d4
rootless: enable resource limitation (requires cgroup v2, systemd)
...
Now rootless mode can be used with cgroup v2 resource limitations.
A pod is executed in a cgroup like "/user.slice/user-1001.slice/user@1001.service/k3s-rootless.service/kubepods/podd0eb6921-c81a-4214-b36c-d3b9bb212fac/63b5a253a1fd4627da16bfce9bec58d72144cf30fe833e0ca9a6d60ebf837475".
This is accomplished by running `kubelet` in a cgroup namespace, and enabling `cgroupfs` driver for the cgroup hierarchy delegated by systemd.
To enable cgroup v2 resource limitation, `k3s server --rootless` needs to be launched as `systemctl --user` service.
Please see the comment lines in `k3s-rootless.service` for the usage.
Running `k3s server --rootless` via a terminal is not supported.
When it really needs to be launched via a terminal, `systemd-run --user -p Delegate --tty` needs to be prepended to create a systemd scope.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
4 years ago
5749f66aa3
Add disable flags for control components ( #2900 )
...
* Add disable flags to control components
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* golint
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* more fixes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fixes to disable flags
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Add comments to functions
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Fix joining problem
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* more fixes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* golint
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix ticker
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* fix role labels
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* more fixes
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
4 years ago
e06119729b
Improve handling of comounted cpu,cpuacct controllers ( #2911 )
...
* Improve handling of comounted cpu,cpuacct controllers
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
4 years ago
f3c41b7650
fix cgroup2 support
...
Fix issue 900
cgroup2 support was introduced in PR 2584, but got broken in f3de60ff31
4 years ago
8011697175
Only container-runtime-endpoint wants RuntimeSocket path as URI
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
4 years ago
61ef2ce95e
use version.Program
...
Signed-off-by: Chris Kim <oats87g@gmail.com>
4 years ago
48925fcb88
Simplify checkCgroups function call
...
Co-authored-by: Brian Downs <brian.downs@gmail.com>
4 years ago
a3f87a81bd
Independently set kubelet-cgroups and runtime-cgroups, and detect if we are running under a systemd scope
...
Signed-off-by: Chris Kim <oats87g@gmail.com>
4 years ago
3d1e40eaa3
Handle the case when systemd lives under `/init.scope`
...
Signed-off-by: Chris Kim <oats87g@gmail.com>
4 years ago
f3de60ff31
When there is a defined cgroup for PID 1, assume we are containerized and set a root
...
Signed-off-by: Chris Kim <oats87g@gmail.com>
4 years ago
5a81fdbdc5
update cis flag implementation to propogate the rest of the way through to kubelet
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
4 years ago
afd6f6d7e7
Encapsulate execution logic
...
This moves all the calls to cobra root commands to one package
so that we can change the behavior of running components as embedded
or external.
5 years ago
70ddc799bd
Merge pull request #1691 from ibuildthecloud/staticpod
...
Suppport static pods at ${datadir}/agent/staticpods
5 years ago
8c7fbe3dde
Suppport static pods at ${datadir}/agent/pod-manifests
5 years ago
5715e1ba0d
Add ability to disable kubeproxy
5 years ago
fa03a0df3c
Run kubelet with containerd flag
...
The containerd flag was accidentally added to kubelet and is
deprecated, but needed for cadvisor to properly connect with
the k3s containerd socket, so adding for now.
5 years ago
76281bf731
Update k3s for k8s 1.17.0
5 years ago
2de93d70cf
Allow --pause-image to set docker sandbox image also
5 years ago
55c05ac500
Refactor node password location
5 years ago
Brad Davidson