Just enable IP forwarding for all address families regardless of service address families.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 095ecdb034)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Will now use 127.0.0.1:10010, same as containerd's CRI
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7374010c0c)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
The default clientaccess request timeout is too short. Wait longer by default, and add the s3 timeout if s3 is enabled.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit d3b60543e7)
Also fix etcd s3 tests to actually check that the files are saved to s3 🙃
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5b431ca531)
* Update traefik chart to bump image tag and fix quoting
* Fix image quoting in flat manifests
* Update local-path-provisioner config to stop using deprecated hostpath volume type
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Prefer the address of the etcd member being joined, and seed the full address list immediately on startup.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7d9abc9f07)
* Adds support for health-checking loadbalancer servers. If a
health-check fails when dialing, all existing connections to the
server will be closed.
* Wires up a remotedialer tunnel connectivity check as the health check
for supervisor/apiserver connections.
* Wires up a simple ping request to the supervisor port as the health
check for etcd connections.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit c51d7bfbd1)
Disable cleanup of orphaned snapshots and patching of node annotations if running agentless
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit edb0440017)
Fixes `cannot find name for user ID 0: No such file or directory` errors when checking user info in docker image
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7474a6fa43)
CRI and containerd APIs disagree about the registry names - CRI supports
index.docker.io as an alias for docker.io, while containerd does not.
Use the actual stored RepoTag to determine what image to ask containerd for.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f099bfa508)
Don't clobber the providerID field and instance-type/region/zone labels if provided by the kubelet. This allows the user to set these to the correct values when using the embedded CCM in a real cloud environment.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 65cd606832)
Prevents joining nodes from being stuck with bad initial member list if there is a transient failure, or if they try to join themselves
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit d7cdbb7d4d)
Brad Davidson