github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,764 Commits
31 Branches
881 Tags
633 MiB
Commit Graph

1163 Commits (04c1b54c6e45250220a13447a3f7df911158ca5d)

Author SHA1 Message Date
Derek Nola 71e53ae606
[Release-1.25] Add E2E testing in Drone (#7375) 
* Add E2E to Drone 
* Build e2e test image
* Add ci flag to secretsencryption
* Fix vagrant log on secretsencryption
* Add cron conformance pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add string output for nodes
* Switch snapshot restore for upgrade cluster

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Added IPv6 check and agent restart on e2e test utils

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>

* Cleanup leftover VMs in E2E pipeline
* Dont run most pipelines on nightly cron

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Don't default to local K3s for startup test (#6950)

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Added multiClusterCIDR E2E test

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>

* fix_get_sha_url (#7187)

Signed-off-by: ShylajaDevadiga <shylaja@rancher.com>

* Improve RunCmdOnNode error

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Pin upgradecluster to v1.25

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
Signed-off-by: ShylajaDevadiga <shylaja@rancher.com>
Co-authored-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
Co-authored-by: ShylajaDevadiga <56045581+ShylajaDevadiga@users.noreply.github.com>
 2023-05-01 14:15:49 -07:00
Thomas Ferrandiz 11bcb24e40 ensure that klog verbosity is set to the same level as logrus 
by repeatedly settting it every second during k3s startup

Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
 2023-04-27 08:10:49 +00:00
Hussein Galal 540d19b097
[release-1.25] Update klipper lb and helm-controller (#7240) 
* Update klipper lb and helm-controller

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update klipper helm image

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
 2023-04-06 22:17:21 +02:00
Roberto Bonafiglia af81ed062a Updated kube-route version to move the iptables ACCEPT default rule at the end of the chain 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2023-04-06 09:57:18 +02:00
Brad Davidson 355ddda647 Lock bootstrap data with empty key to prevent conflicts 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit d95980bba3)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-05 16:29:13 -07:00
Brad Davidson 64709f401d Debounce kubernetes service endpoint updates 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2992477c4b)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-05 16:29:13 -07:00
Brad Davidson 7036323cd7 Fix tests to not hide failure location in dummp assert functions 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit ece4d8e45c)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-05 16:29:13 -07:00
Brad Davidson 5fc65fcda7 Fix issue with stale connections to removed LB server 
Track LB connections through each server so that they can be closed when it is removed.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e54ceaa497)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-05 16:29:13 -07:00
Brad Davidson 66dd02cbcc go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit d388b82d25)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-05 16:29:13 -07:00
Brad Davidson 45670c8ae4 Ensure that loopback is used for the advertised address when resetting 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit b010db0cff)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-05 16:29:13 -07:00
Brad Davidson 88d5a723ce Bump Local Path Provisioner version (#7167) 
* chore: Bump Local Path Provisioner version
* go generate

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
(cherry picked from commit cee3ddbc4a)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-05 16:29:13 -07:00
Hussein Galal c25f611eed
Remove deprecated nodeSelector label beta.kubernetes.io/os (#6970) (#7121) 
* Remove deprecated nodeSelector label beta.kubernetes.io/os

Problem:
The nodeSelector label beta.kubernetes.io/os in the CoreDNS deployment was deprecated in 1.14 and will likely be removed soon

Solution:
Change the nodeSelector to remove the beta

Signed-off-by: Dan Mills <evilhamsterman@gmail.com>
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Co-authored-by: Daniel Mills <evilhamsterman@users.noreply.github.com>
 2023-04-04 21:04:18 +02:00
Brad Davidson 37a26379d5 Add support for cross-signing new certs during ca rotation 
We need to send the full chain in order for cross-signing to work
properly during switchover to a new root.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-03-13 20:04:11 -07:00
Derek Nola a6cac3e9e7
Adds a warning about editing to the containerd config.toml file (#7075) 
* Add a warning to the config.toml file

Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
 2023-03-13 15:33:20 -07:00
Brad Davidson 7a7304e3d3 Wait for kubelet to update the Ready status before reading port 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-03-13 14:30:11 -07:00
Daishan Peng 0369a5a6a4 Wait for kubelet port to be ready before setting 
Signed-off-by: Daishan Peng <daishan@acorn.io>
 2023-03-13 14:30:11 -07:00
Roberto Bonafiglia f5d1f976d3
[Release 1.25] Update flannel and kube-router (#7061) 
* Update kube-router version to fix iptables rules

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>

* Update Flannel to v0.21.3

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>

---------

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2023-03-10 20:31:52 -08:00
Brad Davidson 27b5441c96 Add test for filterByIPFamily 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-21 14:13:34 -08:00
Brad Davidson 0a2bdfdd7a Fix ServiceLB dual-stack ingress IP listing 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-21 14:13:34 -08:00
Brad Davidson c3fbb30c2e Fix CACertPath stripping trailing path components 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-14 13:18:12 -08:00
Brad Davidson 4e03608119 Fix etcd member deletion 
Turns out etcd-only nodes were never running **any** of the controllers,
so allowing multiple controllers didn't really fix things.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-14 13:18:12 -08:00
Brad Davidson 14f2226b67 Allow for multiple sets of leader-elected controllers 
Addresses an issue where etcd controllers did not run on etcd-only nodes

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-10 11:35:29 -08:00
Roberto Bonafiglia dda9e48dfc Updated flannel version to v0.21.0 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2023-02-10 18:53:15 +01:00
Paul Donohue 0ba4732c1f Fix access to hostNetwork port on NodeIP when egress-selector-mode=agent 
Signed-off-by: Paul Donohue <git@PaulSD.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-10 09:43:53 -08:00
Brad Davidson 33c6488bbc Ensure that node exists when using node auth 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 87f9c4ab11)
 2023-02-10 09:33:55 -08:00
Brad Davidson ade6203aad Add support for kubeadm token and client certificate auth 
Allow bootstrapping with kubeadm bootstrap token strings or existing
Kubelet certs. This allows agents to join the cluster using kubeadm
bootstrap tokens, as created with the `k3s token create` command.

When the token expires or is deleted, agents can successfully restart by
authenticating with their kubelet certificate via node authentication.
If the token is gone and the node is deleted from the cluster, node auth
will fail and they will be prevented from rejoining the cluster until
provided with a valid token.

Servers still must be bootstrapped with the static cluster token, as
they will need to know it to decrypt the bootstrap data.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 992e64993d)
 2023-02-10 09:33:55 -08:00
Brad Davidson 97c506cc65 Add support for `k3s token` command 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 373df1c8b0)
 2023-02-10 09:33:55 -08:00
Brad Davidson 5eac6f977c Add `certificate rotate-ca` to write updated CA certs to datastore 
This command must be run on a server while the service is running. After this command completes, all the servers in the cluster should be restarted to load the new CA files.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 215fb157ff)
 2023-02-10 09:33:55 -08:00
Brad Davidson 03fd2f278a Add utility functions for getting kubernetes client 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 3c324335b2)
 2023-02-10 09:33:55 -08:00
Brad Davidson 4a28be3c57 Fix CA cert hash for root certs 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 58d40327b4)
 2023-02-10 09:33:55 -08:00
Brad Davidson 7fce823e82 Ensure cluster-signing CA files contain only a single CA cert 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 0919ec6755)
 2023-02-10 09:33:55 -08:00
Brad Davidson cf689d8126 go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-10 07:26:50 -08:00
Brad Davidson 1ed38578c2 Check for existing resources before creating them 
Prevents errors when starting with fail-closed webhooks

Also, use panic instead of Fatalf so that the CloudControllerManager rescue can handle the error

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-10 07:26:50 -08:00
Brad Davidson 058c6e24b3 go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 1c6fde9a52)
 2023-02-09 15:17:55 -08:00
Brad Davidson 1a5b77b486 Honor Service ExternalTrafficPolicy 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 369b81b45e)
 2023-02-09 15:17:55 -08:00
Brad Davidson ae874ea57f Use default address family when adding kubernetes service address to SAN list 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-09 11:51:56 -08:00
Derek Nola 4944776f88
Ignore value conflicts when reencrypting secrets (#6919) 
* Ignore conflict secrets

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-02-08 12:14:22 -08:00
Derek Nola f4a75678d8
[Release-1.25] Ensure flag type consistency (#6867) 
* Standardize flag declaration

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-02-01 09:23:43 -08:00
Derek Nola 9874f95d6b
Fix cron example (#6864) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-31 11:33:51 -08:00
Derek Nola be8d8bb412
Wait for cri-dockerd socket (#6853) 
* Wait for cri-dockerd socket
* Consolidate cri utility functions

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-31 09:43:23 -08:00
Silvio Moioli d6fa972b2c Bugfix: do not break cert-manager when pprof is enabled (#6635) 
Signed-off-by: Silvio Moioli <silvio@moioli.net>
(cherry picked from commit 23c1040adb)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-26 17:36:12 -08:00
Brad Davidson 4c17994391 Set cri-dockerd version at build time 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-26 14:33:04 -08:00
Brad Davidson 6344590447 Add jitter to scheduled snapshots and retry harder on conflicts 
Also ensure that the snapshot job does not attempt to trigger multiple concurrent runs, as this is not supported.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-26 14:31:08 -08:00
Brad Davidson c350594f18 Fix CI tests 
* General cleanup of test-helpers functions to address CI failures
* Install awscli in test image
* Log containerd output to file even when running with --debug

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f54b5e4fa0)
 2023-01-17 18:15:24 -08:00
Brad Davidson 45c337bb1f Pass through default tls-cipher-suites 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-13 17:17:21 -08:00
Brad Davidson a6684bd5d8 Preload iptable_filter/ip6table_filter 
ServiceLB now requires this module, but it will not get autoloaded by the kubelet if the host is using nftables.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-12-13 17:39:11 -08:00
Brad Davidson 2835368ecb Bump k3s-root and remove embedded strongswan support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-12-01 12:40:40 -08:00
Derek Nola af8f101bdc
Mark secrets-encryption flag as GA (#6582) 
* Mark secrets-encrypt flag as GA

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-12-01 08:50:51 -08:00
Brad Davidson 915c7719fe go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-30 15:09:32 -08:00
Brad Davidson 1eeea5c81f go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-30 15:09:32 -08:00
Brad Davidson e08a662509 Disable CCM metrics port when legacy CCM functionality is disabled 
Prevents port conflicts on upgrade for users that have deployed other cloud controllers.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-30 15:08:31 -08:00
Brad Davidson a07bb555ba Bump klipper-helm and klipper-lb versions 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-23 14:55:59 -08:00
Derek Nola 614da78e43
Add `prefer-bundled-bin` as an agent flag (#6545) 
* Add prefer-bundled-bin as an agent flag
* Add E2E test for prefer-bundled-bin

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-11-22 13:43:16 -08:00
Manuel Buil 1beecb2e2d
Merge pull request #6531 from manuelbuil/fixLogs 
Fix log for flannelExternalIP use case
 2022-11-22 16:54:26 +01:00
Manuel Buil 483e29e783 Remove stuff which belongs in the windows executor implementation 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-22 12:32:13 +01:00
Brad Davidson 9ff0943d56 Address nits from self-review 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 15:23:30 -08:00
Brad Davidson 56bf7d6ad3 Allow agent to run rootless 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 15:23:30 -08:00
Brad Davidson 6f2b21c5cd Add rootless IPv6 support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 15:23:30 -08:00
Brad Davidson c02dceb7ad Make rootless settings configurable 
Add enivironment variables for port-driver, cidr, mtu, and disable-host-loopback settings. Since rootless is still experimental, I don't think they deserve full CLI flag status.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 15:23:30 -08:00
Brad Davidson 73171ff20a go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 13:44:54 -08:00
Derek Nola 0f52088cd3
Add new `prefer-bundled-bin` experimental flag (#6420) 
* initial prefer-bundled-bin ci change
* Add startup testlet
* Convert parsing to pflag library
* Fix code validation
* go mod tidy

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-11-21 13:01:36 -08:00
Manuel Buil 5188443988 Fix log for flannelExternalIP use case 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-21 17:10:35 +01:00
Manuel Buil e41e4010e5 Revert "Remove stuff which belongs in the windows executor implementation" 
This reverts commit 1bc0684fb7.

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-15 21:40:42 +01:00
Manuel Buil 9419b1a936
Merge pull request #6492 from manuelbuil/removeWinStuff 
Remove stuff which belongs in the windows executor implementation
 2022-11-15 12:07:17 +01:00
Brad Davidson adb820d859 Bump traefik chart to 19.0.4 to fix kubernetes version check 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-14 13:42:24 -08:00
Manuel Buil 1bc0684fb7 Remove stuff which belongs in the windows executor implementation 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-14 15:52:04 +01:00
Derek Nola 13c633da12
Add Secrets Encryption to CriticalArgs (#6409) 
* Add EncryptSecrets to Critical Control Args
* use deep comparison to extract differences

Signed-off-by: Derek Nola <derek.nola@suse.com>

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-11-04 10:35:29 -07:00
Manuel Buil 861f8ed8f8
Merge pull request #6386 from manuelbuil/changeAddrTypesMetricsServer 
Change addr types in metrics server
 2022-11-04 11:11:21 +01:00
thomasferrandiz b7d217dbf3
Merge pull request #6405 from thomasferrandiz/log-kube-router-version 
log kube-router version when starting netpol controller
 2022-11-04 11:07:37 +01:00
Manuel Buil 8aff25e192
Merge pull request #6403 from manuelbuil/logsFlannelExternalIP 
Avoid wrong config for `flannel-external-ip` and add warning if unencrypted backend
 2022-11-04 09:47:30 +01:00
Manuel Buil 557fcd28d5 Change the priority of address types depending on flannel-external-ip 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-04 09:02:39 +01:00
Manuel Buil 1682172ac1 Add some helping logs to avoid wrong configs 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-03 18:09:17 +01:00
Roberto Bonafiglia 87c7ea81f0 Updated flannel version to 0.20.1 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-11-03 17:49:26 +01:00
Thomas Ferrandiz 68ac954489 log kube-router version when starting netpol controller 
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
 2022-11-03 12:26:50 +01:00
Brad Davidson d7dbf69f7f go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-02 11:29:05 -07:00
iyear 3aae7b8783 Fix incorrect defer usage 
Problem:
Using defer inside a loop can lead to resource leaks

Solution:
Judge newer file in the separate function

Signed-off-by: iyear <ljyngup@gmail.com>
 2022-11-01 16:23:25 -07:00
Brad Davidson cb86d2c1f0 Bump traefik to v2.9.4 / chart v18.3.0 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-01 16:05:45 -07:00
Petri Kivikangas 6156059136 Convert containerd config.toml.tmpl Linux template to v2 syntax 
Signed-off-by: Petri Kivikangas <36138+Kitanotori@users.noreply.github.com>
 2022-10-27 16:55:03 -07:00
Brad Davidson 76729d813b Set default kubeletPort 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:08:13 -07:00
Brad Davidson 269563e4d2 Check for RBAC before starting tunnel controllers 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:08:13 -07:00
Brad Davidson 68a56ff8d8 Add GVK lookup to deploy controller 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:08:13 -07:00
Brad Davidson 8d28a38a18 Update helm-controller to pull in refactor 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:03:13 -07:00
Brad Davidson 16a8b6d6f1 Bump Traefik helm chart to v18.0.0 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 13:38:13 -07:00
Brad Davidson f2585c1671 Add --flannel-external-ip flag 
Using the node external IP address for all CNI traffic is a breaking change from previous versions; we should make it an opt-in for distributed clusters instead of default behavior.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-24 10:10:49 -07:00
Brad Davidson e8c250b8dc Fix RBAC to allow removal of legacy finalizer 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-20 16:12:28 -07:00
Brad Davidson 3c0cd6f2dc Return ProviderID in URI format 
The InstancesV1 interface handled this for us by combining the ProviderName and InstanceID values; the new interface requires us to do it manually

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-17 11:05:09 -07:00
Brad Davidson f25419ca2c Add ServiceAccount for svclb pods 
For 1.24 and earlier, the svclb pods need a ServiceAccount so that we can allow their sysctls in PSPs

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-10 17:40:39 -07:00
Derek Nola 06d81cb936
Replace deprecated ioutil package (#6230) 
* Replace ioutil package
* check integration test null pointer
* Remove rotate retries

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-10-07 17:36:57 -07:00
Brad Davidson 25e83cfa4f Bump traefik to 2.9.1 / chart 12.0.0 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-06 16:20:21 -07:00
Brad Davidson b411864be5 Handle custom kubelet port in agent tunnel 
The kubelet port can be overridden by users; we shouldn't assume its always 10250

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-05 21:10:38 -07:00
Brad Davidson 11072e2516 Fix occasional "TLS handshake error" in apiserver network proxy. 
We should be reading from the hijacked bufio.ReaderWriter instead of
directly from the net.Conn. There is a race condition where the
underlying http handler may consume bytes from the hijacked request
stream, if it comes in the same packet as the CONNECT header. These
bytes are left in the buffered reader, which we were not using. This was
causing us to occasionally drop a few bytes from the start of the
tunneled connection's client data stream.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-05 21:10:38 -07:00
Brad Davidson f633732d80 Use structured logging instead of logrus for event recorders 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-04 10:26:17 -07:00
Brad Davidson d963cb2f70 Disable cloud-node and cloud-node-lifecycle if CCM is disabled 
If CCM and ServiceLB are both disabled, don't run the cloud-controller-manager at all;
this should provide the same CLI flag behavior as previous releases, and not create
problems when users disable the CCM but still want ServiceLB.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-09-30 08:17:20 -07:00
Brad Davidson 0b96ca92bc Move servicelb into cloudprovider LoadBalancer interface 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-09-30 08:17:20 -07:00
Brad Davidson a15e7e8b68 Move DisableServiceLB/Rootless/ServiceLBNamespace into config.Control 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-09-30 08:17:20 -07:00
Brad Davidson 063039471c Implement InstancesV2 instead of Instances 
... and drop legacy ClusterID support.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-09-30 08:17:20 -07:00
Brad Davidson 6e97bddc04 Bump metrics-server to v0.6.1 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-09-29 15:49:29 -07:00
Manuel Buil 5164cf5345 Add flannel-external-ip when there is a k3s node-external-ip 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-09-26 16:24:00 +02:00
Roberto Bonafiglia 26e9405767 Added warning message for flannel backend additional options deprecation 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-09-09 20:04:04 +02:00
Derek Nola 1d46841d80 Fix deprecation message 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-09-09 09:07:40 -07:00