github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,843 Commits
32 Branches
881 Tags
632 MiB
Commit Graph

2843 Commits (0b7b7895291b60b66aa73314bb5ab0764f1f2143)

Author SHA1 Message Date
Manuel Buil 5164dc185a Fix tailscale bug with ip modes 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-08-02 11:43:42 +02:00
Manuel Buil 7cc896ffc7
Merge pull request #8076 from manuelbuil/updateFlannelAndPugins125 
[Release 1.25] Update flannel and pugins
 2023-08-01 08:36:33 +02:00
Manuel Buil bef708409c Update flannel to v0.22.1 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-07-31 11:03:44 +02:00
Manuel Buil 80aff75466 Update cni plugins version to v1.3.0 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-07-31 11:02:47 +02:00
Pedro Tashima 7515237f85
Update to v1.25.12 (#8021) 
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
 2023-07-20 16:12:22 -03:00
Derek Nola f7ab577cfa
Adjust default kubeconfig file permissions (#7984) 
* Adjust default kubeconfig permissions

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-07-15 08:46:08 -07:00
Ian Cardoso a9b8c87fcc
fix image_scan.sh script and download trivy version (#7950) (#7969) 
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
(cherry picked from commit 58a8deb25d)
 2023-07-14 09:24:11 -03:00
Derek Nola c3eab737ad
Don't use zgrep in `check-config` if apparmor porfile is enforced (#7954) 
* Don't use zgrep if apparmor is enforced for it

* Bump e2e se timeouts for reencryption time

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-07-13 09:13:29 -07:00
Derek Nola a268ab4058
Generation of certificates and keys for etcd gated if etcd is disabled.(#7945) 
Problem:
When support for etcd was added in 3957142, generation of certificates and keys for etcd was not gated behind use of managed etcd.
Keys are generated and distributed across servers even if managed etcd is not enabled.

Solution:
Allow generation of certificates and keys only if managed etc is enabled. Check config.DisableETCD flag.

Signed-off-by: Bartossh <lenartconsulting@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Bartosz Lenart <lenart.consulting@gmail.com>
 2023-07-11 14:18:53 -07:00
Vitor Savian e8a4961732 Adding cli to custom klipper helm image (#7682) 
Adding cli to custom klipper helm image

Signed-off-by: Vitor Savian <vitor.savian@suse.com>
(cherry picked from commit 0809187cff)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-07-07 16:28:16 -07:00
Brad Davidson 696a642d1d Fall back to basic/bearer auth when node identity auth is rejected 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7f50b40cfe)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-07-07 14:12:02 -07:00
LeiLei 5e3c63718d Add `--data-dir` to the `k3s certificate rotate-ca` cli (#7791) 
Need to add a cli flag for this. Also, should probably have config file loading support for the certificate commands.

Signed-off-by: leilei.zhai <leilei.zhai@qingteng.cn>
(cherry picked from commit 72d50b1f7c)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-07-07 14:12:02 -07:00
Derek Nola c850132b5f
Fix rootless node password (#7900) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-07-07 11:03:14 -07:00
Ian Cardoso e2c35c1bc7 add e2e s3 test (#7833) 
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
(cherry picked from commit 9e334153cf)
 2023-07-07 11:14:23 -03:00
Ian Cardoso f22bcd4fc4 fix e2e startup flaky test (#7839) 
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
(cherry picked from commit 324f9ad4da)
 2023-07-07 11:14:23 -03:00
Manuel Buil 27ac011309
Merge pull request #7894 from manuelbuil/headscale125 
[Release 1.25] Support setting control server URL for Tailscale.
 2023-07-07 15:29:45 +02:00
Denys Smirnov f1a4b9f6cb Support setting control server URL for Tailscale. 
This change enables the use of Headscale - open source implementation of the Tailscale control server.

Signed-off-by: Denys Smirnov <dennwc@pm.me>
 2023-07-07 12:31:19 +02:00
Manuel Buil a827ad28dd
Merge pull request #7883 from manuelbuil/ip4ip6dualstack125 
[Release 1.25] Check if we are on ipv4, ipv6 or dualStack when doing tailscale
 2023-07-07 11:28:28 +02:00
Manuel Buil 647539920b Check if we are on ipv4, ipv6 or dualStack when doing tailscale 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-07-06 11:13:11 +02:00
Derek Nola e1a315189b
Allow k3s to customize apiServerPort on helm-controller (#7873) 
Signed-off-by: Daishan Peng <daishan@acorn.io>
Co-authored-by: Daishan Peng <daishan@acorn.io>
 2023-07-05 11:56:58 -07:00
Manuel Buil 7d3319908f
Merge pull request #7860 from manuelbuil/fixSpell125 
[Release 1.25] Fix code spell check
 2023-07-05 10:37:51 +02:00
Manuel Buil 17a611060e
Merge pull request #7856 from manuelbuil/removeFileWindows125 
[Release 1.25] Remove file_windows.go
 2023-07-05 10:37:14 +02:00
Manuel Buil 5a7f40dba3 Fix code spell check 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-07-04 15:53:34 +02:00
Manuel Buil 382fe9599f Remove file_windows.go 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-07-04 12:47:05 +02:00
Derek Nola 582f07cf3e
Missing backport for 1.25 (#7818) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-06-22 17:04:44 -07:00
Brooks Newberry a0954e5d1e
Update Kubernetes to v1.25.11 (#7788) 
Signed-off-by: Brooks Newberry <brooks@newberry.com>
 2023-06-15 06:59:32 -07:00
Manuel Buil 873fc1c77c
Merge pull request #7784 from manuelbuil/tailscaleFixes125 
[Release 1.25] Fix logging and cleanup in Tailscale
 2023-06-14 21:41:10 +02:00
Manuel Buil 8626667494 Fix the error report 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-06-14 19:17:48 +02:00
Manuel Buil 3777310270 Add commands to logout from tailscale 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-06-14 19:17:44 +02:00
Ian Cardoso d8aac17d5f add format command on Makefile and remove vendor 
This commit adds the format command to make it easier to be compliant to golangci-lint issues

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
 2023-06-14 13:34:21 -03:00
Manuel Buil 4e1ba3a087
Merge pull request #7758 from manuelbuil/removeLibvirtLines125 
[Release 1.25] Remove unused libvirt config
 2023-06-13 17:47:18 +02:00
Manuel Buil 21a7f5c845 Fix validatecluster e2e test 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-06-13 15:52:09 +02:00
Brad Davidson c65dd08fed Bump helm-controller to v0.15.0 for create-namespace support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-06-12 10:53:26 -07:00
Brad Davidson 03e3324902 Enable containerd aufs/devmapper/zfs snapshotter plugins 
These were unintentionally dropped when moving containerd back into the main multicall binary

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e5e1a674ce)
 2023-06-12 10:53:26 -07:00
Brad Davidson a645d3caf2 Improve error response logging 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5170bc5a04)
 2023-06-12 10:53:26 -07:00
Brad Davidson 3596d1891b Soft-fail on node password verification if the secret cannot be created 
Allows nodes to join the cluster during a webhook outage. This also
enhances auditability by creating Kubernetes events for the deferred
verification.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 45d8c1a1a2)
 2023-06-12 10:53:26 -07:00
Yuxing Deng b36b0c4c88 Make LB image configurable when compiling k3s 
It is no way we can configure the lb image because it is a const value.
It would be better that we make it variable value and we can override
the value like the `helm-controller` job image when compiling k3s/rke2

Signed-off-by: Yuxing Deng <jxfa0043379@hotmail.com>
(cherry picked from commit b64a226ebd)
 2023-06-12 10:53:26 -07:00
github-actions[bot] 8ca3262878 chore: Bump golang:alpine version 
Made with ❤️️ by updatecli

(cherry picked from commit a5928ee137)
 2023-06-12 10:53:26 -07:00
Brad Davidson 3e22bec190 Add ADR 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 612473755d)
 2023-06-12 10:53:26 -07:00
Brad Davidson 29bc03305a Create new kubeconfig for supervisor use 
Only actual admin actions should use the admin kubeconfig; everything done by the supervisor/deploy/helm controllers will now use a distinct account for audit purposes.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 64a5f58f1e)
 2023-06-12 10:53:26 -07:00
Brad Davidson ac6966145c Use distinct clients for supervisor, deploy, and helm controllers 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 8748813a61)
 2023-06-12 10:53:26 -07:00
Brad Davidson 17c534022e Bump metrics-server to v0.6.3 and update tls-cipher-suites 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e9958cf070)
 2023-06-12 10:53:26 -07:00
Brad Davidson 2c542f411c Bump klipper-lb to v0.4.4 
Fixes issue with localhost access to ServiceLB when
ExternalTrafficPolicy=Local

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 93279d2f59)
 2023-06-12 10:53:26 -07:00
Andrew Roffey 928e625529 allow coredns override extensions 
Signed-off-by: Andrew Roffey <andrew@roffey.au>
(cherry picked from commit 0485a56f33)
 2023-06-12 10:53:26 -07:00
Manuel Buil a74e56fd05
Merge pull request #7752 from manuelbuil/fixSpelling125 
[Release 1.25] Fix spelling test
 2023-06-12 18:21:21 +02:00
Manuel Buil 75bd429059 Remove unused libvirt config 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-06-12 18:19:19 +02:00
Manuel Buil 37ec02c0f5 Fix spelling check 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-06-12 15:44:46 +02:00
Manuel Buil cb114a2d91
Merge pull request #7728 from manuelbuil/tailscale125 
[Release 1.25] VPN integration
 2023-06-12 10:20:30 +02:00
Manuel Buil 98333e8a22 VPN integration 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-06-12 09:22:06 +02:00
Ian Cardoso 077fd8b9b6
[Release-1.25] Add private registry e2e test (#7722) 
* add private registry e2e test (#7653)

add private registry e2e test

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>

* E2E: Startup test cleanup + RunCommand Enhancement (#7388)

* Add beforesuite to startup
* Reduce timeouts for startup
* Fix cleanup + set kubeconfig

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
 2023-06-09 13:09:58 -07:00