github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,059 Commits
33 Branches
863 Tags
625 MiB
Commit Graph

387 Commits (1ca64a81beeac02b333857ab94182717ac287001)

Author SHA1 Message Date
Brad Davidson f1b6a3549c Fix stack log on panic 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-28 11:24:34 -07:00
Brad Davidson 31a6386994 Improve egress selector handling on agentless servers 
Don't set up the agent tunnel authorizer on agentless servers, and warn when agentless servers won't have a way to reach in-cluster endpoints.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-28 11:24:34 -07:00
Derek Nola 944f811dc5
v1.27.1 CLI Deprecation (#7311) 
* Remove Flannel Wireguard
* Remove etcd-snapshot (implicit save)
* Convert ipsec and multiple backend to fatal

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-04-19 12:02:05 -07:00
Roberto Bonafiglia 3e3512bdae Updated kube-route version to move the iptables ACCEPT default rule at the end of the chain 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2023-04-06 09:55:34 +02:00
Brad Davidson 2992477c4b Debounce kubernetes service endpoint updates 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-04 12:02:22 -07:00
Brad Davidson ece4d8e45c Fix tests to not hide failure location in dummp assert functions 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-04 12:02:22 -07:00
Brad Davidson e54ceaa497 Fix issue with stale connections to removed LB server 
Track LB connections through each server so that they can be closed when it is removed.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-04-04 12:02:22 -07:00
Roberto Bonafiglia 15ee88964b Added multiClusterCidr feature 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2023-03-14 18:30:52 +01:00
Daishan Peng b7f90f389c
Wait for kubelet port to be ready before setting (#7041) 
* Wait for kubelet port to be ready before setting
* Wait for kubelet to update the Ready status before reading port

Signed-off-by: Daishan Peng <daishan@acorn.io>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
 2023-03-13 13:48:02 -07:00
Derek Nola d218068f34
Adds a warning about editing to the containerd config.toml file (#7057) 
* Add a warning to the config.toml file

Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
 2023-03-13 13:42:17 -07:00
Roberto Bonafiglia e098b99bfa
Update flannel and kube-router (#7039) 
* Update kube-router version to fix iptables rules

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>

* Update Flannel to v0.21.3

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>

---------

Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2023-03-10 19:57:16 -08:00
Roberto Bonafiglia b8e69712a3 Updated flannel version to v0.21.0 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2023-02-10 23:03:10 +01:00
Paul Donohue 290d7e8fd1 Fix access to hostNetwork port on NodeIP when egress-selector-mode=agent 
Signed-off-by: Paul Donohue <git@PaulSD.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-10 09:43:34 -08:00
Brad Davidson 992e64993d Add support for kubeadm token and client certificate auth 
Allow bootstrapping with kubeadm bootstrap token strings or existing
Kubelet certs. This allows agents to join the cluster using kubeadm
bootstrap tokens, as created with the `k3s token create` command.

When the token expires or is deleted, agents can successfully restart by
authenticating with their kubelet certificate via node authentication.
If the token is gone and the node is deleted from the cluster, node auth
will fail and they will be prevented from rejoining the cluster until
provided with a valid token.

Servers still must be bootstrapped with the static cluster token, as
they will need to know it to decrypt the bootstrap data.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-07 14:55:04 -08:00
Brad Davidson 3c324335b2 Add utility functions for getting kubernetes client 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-02-06 15:09:31 -08:00
Derek Nola 0d4caf4e24
Wait for cri-dockerd socket (#6812) 
* Wait for cri-dockerd socket
* Consolidate cri utility functions

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-01-27 13:16:59 -08:00
Brad Davidson 3cb6fa5cc7 Set cri-dockerd version at build time 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-26 14:32:28 -08:00
Brad Davidson 89f7062431 Add build tag to disable cri-dockerd 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-26 14:29:18 -08:00
Brad Davidson f54b5e4fa0 Fix CI tests 
* General cleanup of test-helpers functions to address CI failures
* Install awscli in test image
* Log containerd output to file even when running with --debug

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-01-13 17:22:25 -08:00
Brad Davidson 0c9b43746b Preload iptable_filter/ip6table_filter 
ServiceLB now requires this module, but it will not get autoloaded by the kubelet if the host is using nftables.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-12-13 12:51:00 -08:00
Hussein Galal f8b661d590
Update to v1.26.0-k3s1 (#6370) 
* Update to v1.26.0-alpha.2

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go generate

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Default CURRENT_VERSION to VERSION_TAG for alpha versions

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove containerd package

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update k8s to v1.26.0-rc.0-k3s1 cri-tools cri-dockerd and cadvisor

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* replace cri-api reference to the new api

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod tidy

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Fix version script to allow rc and alphas

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Fix version script to allow rc and alphas

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Fix version script to allow rc and alphas

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update to Kubernetes 1.26.0-rc.1

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Undo helm-controller pin

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Bump containerd to -k3s2 for stargz fix

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* DevicePlugins featuregate is locked to on

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Bump kine for DeleteRange fix

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Update to v1.26.0-k3s1

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod tidy

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Bring back snapshotter checks and update golang to 1.19.4

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix windows containerd snapshotter checks

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
 2022-12-10 01:42:15 +02:00
Derek Nola d723775792
Remove deprecated flags in v1.26 (#6574) 
* Remove NoFlannel
* Remove cluster-secret
* Remove no-deploy
* Remove disable-selinux
* Convert wireguard to fatal error
* Remove reference to no-op K3S_CLUSTER_SECRET

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-12-05 14:01:01 -08:00
Brad Davidson 2835368ecb Bump k3s-root and remove embedded strongswan support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-12-01 12:40:40 -08:00
Manuel Buil 1beecb2e2d
Merge pull request #6531 from manuelbuil/fixLogs 
Fix log for flannelExternalIP use case
 2022-11-22 16:54:26 +01:00
Brad Davidson 6f2b21c5cd Add rootless IPv6 support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 15:23:30 -08:00
Manuel Buil 5188443988 Fix log for flannelExternalIP use case 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-21 17:10:35 +01:00
thomasferrandiz b7d217dbf3
Merge pull request #6405 from thomasferrandiz/log-kube-router-version 
log kube-router version when starting netpol controller
 2022-11-04 11:07:37 +01:00
Manuel Buil 8aff25e192
Merge pull request #6403 from manuelbuil/logsFlannelExternalIP 
Avoid wrong config for `flannel-external-ip` and add warning if unencrypted backend
 2022-11-04 09:47:30 +01:00
Manuel Buil 1682172ac1 Add some helping logs to avoid wrong configs 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-03 18:09:17 +01:00
Roberto Bonafiglia 87c7ea81f0 Updated flannel version to 0.20.1 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-11-03 17:49:26 +01:00
Thomas Ferrandiz 68ac954489 log kube-router version when starting netpol controller 
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
 2022-11-03 12:26:50 +01:00
Petri Kivikangas 6156059136 Convert containerd config.toml.tmpl Linux template to v2 syntax 
Signed-off-by: Petri Kivikangas <36138+Kitanotori@users.noreply.github.com>
 2022-10-27 16:55:03 -07:00
Brad Davidson 76729d813b Set default kubeletPort 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:08:13 -07:00
Brad Davidson 269563e4d2 Check for RBAC before starting tunnel controllers 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:08:13 -07:00
Brad Davidson f2585c1671 Add --flannel-external-ip flag 
Using the node external IP address for all CNI traffic is a breaking change from previous versions; we should make it an opt-in for distributed clusters instead of default behavior.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-24 10:10:49 -07:00
Derek Nola 06d81cb936
Replace deprecated ioutil package (#6230) 
* Replace ioutil package
* check integration test null pointer
* Remove rotate retries

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-10-07 17:36:57 -07:00
Brad Davidson b411864be5 Handle custom kubelet port in agent tunnel 
The kubelet port can be overridden by users; we shouldn't assume its always 10250

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-05 21:10:38 -07:00
Manuel Buil 5164cf5345 Add flannel-external-ip when there is a k3s node-external-ip 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-09-26 16:24:00 +02:00
Roberto Bonafiglia 26e9405767 Added warning message for flannel backend additional options deprecation 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-09-09 20:04:04 +02:00
Derek Nola cd49101fc8
Convert deprecated flags to fatal errors for v1.25 (#6069) 
* Replace warning with fatal errors.
* Group system-default-registry under (agent/runtime)

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-09-01 09:33:59 -07:00
Roberto Bonafiglia a30971efaa Updated flannel to v0.19.1 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-08-08 09:57:56 +02:00
Brad Davidson 4aca21a1f1 Add cri-dockerd support as backend for --docker flag 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-08-05 02:39:25 -07:00
Brad Davidson b1fa63dfb7 Revert "Remove --docker/dockershim support" 
This reverts commit 4a3d283bc1.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-08-05 02:39:25 -07:00
Roberto Bonafiglia d90ba30353 Added NodeIP autodect in case of dualstack connection 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-08-04 09:54:45 +02:00
Derek Nola 118a68c913
Updates to CLI flag grouping + deprecated flag warnings. (#5937) 
* Consolidate data dir flag
* Group cluster flags together
* Reorder and group agent flags
* Add additional info around vmodule flag
* Hide deprecated flags, and add warning about their removal

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-08-02 13:51:16 -07:00
Brad Davidson db2ba7b61d Don't enable unprivileged ports and icmp on old kernels 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-07-28 14:33:20 -07:00
Brad Davidson bd5fdfce33 Fix server systemd detection 
* Use INVOCATION_ID to detect execution under systemd, since as of a9b5a1933f NOTIFY_SOCKET is now cleared by the server code.
* Set the unit type to notify by default for both server and agent, which is what Rancher-managed installs have done for a while.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-07-21 13:42:20 -07:00
Brad Davidson afee83dda2 Bump remotedialer 
Includes fix for recently identified memory leak.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-07-07 12:22:37 -07:00
Olli Janatuinen 2968a83bc0 containerd: Enable enable_unprivileged_ports and enable_unprivileged_icmp by default 
Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>
 2022-06-15 14:49:51 -07:00
Brad Davidson 3399afed83 Ensure that CONTAINERD_ variables are not shadowed by later entries 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-06-15 10:58:12 -07:00
Derek Nola a9b5a1933f
Delay service readiness until after startuphooks have finished (#5649) 
* Move startup hooks wg into a runtime pointer, check before notifying systemd
* Switch default systemd notification to server
* Add 1 sec delay to allow etcd to write to disk
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-06-15 09:00:52 -07:00
Roberto Bonafiglia a693071c74
Merge pull request #5552 from sjoerdsimons/sjoerd/flannel-wireguard-mode 
Add cli flag for flannel wireguard mode
 2022-06-15 14:28:21 +02:00
Manuel Buil d4522de06a
Merge pull request #5656 from manuelbuil/AddFlannelCniConfFile 
Add FlannelCNIConf flag
 2022-06-14 10:23:51 +02:00
Brad Davidson b550e1183a Remove control-plane egress context and fix agent mode. 
The control-plane context handles requests outside the cluster and
should not be sent to the proxy.

In agent mode, we don't watch pods and just direct-dial any request for
a non-node address, which is the original behavior.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-06-10 10:14:15 -07:00
Brad Davidson d3242bea3c Refactor egress-selector pods mode to watch pods 
Watching pods appears to be the most reliable way to ensure that the
proxy routes and authorizes connections.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-06-08 09:34:53 -07:00
Manuel Buil c705d34804 Add FlannelConfCNI flag 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-06-08 11:03:17 +02:00
Sjoerd Simons 8643576985 Add ability to pass configuration options to flannel backend 
Allow the flannel backend to be specified as
backend=option=val,option2=val2 to select a given backend with extra options.

In particular this adds the following options to wireguard-native
backend:
* Mode - flannel wireguard tunnel mode
* PersistentKeepaliveInterval- wireguard persistent keepalive interval

Signed-off-by: Sjoerd Simons <sjoerd@collabora.com>
 2022-06-07 20:13:28 +02:00
Brad Davidson 9d7230496d Add support for configuring the EgressSelector mode 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-05-18 13:26:10 -07:00
Brad Davidson 4a3d283bc1 Remove --docker/dockershim support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-05-11 14:39:07 -07:00
Brad Davidson c8447dca56 Bump golang to 1.18.1 
Also update all use of 'go get' => 'go install', update CI tooling for
1.18 compatibility, and gofmt everything so lint passes.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-05-11 14:39:07 -07:00
Brad Davidson e6385b2341 Update CNI version in config file 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-05-11 14:39:07 -07:00
Brad Davidson 1d4f995edd Move auto-generated resolv.conf out of /tmp to prevent accidental cleanup 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-05-03 20:33:32 -07:00
Manuel Buil 314e3f56dc Check if user has a correct cluster-cidr and service-cidr config 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-05-03 11:01:30 +02:00
Brad Davidson ce5b9347c9 Replace DefaultProxyDialerFn dialer injection with EgressSelector support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-04-29 17:54:36 -07:00
Brad Davidson e763fadbba Ensure that WaitForAPIServerReady always re-dials through the loadbalancer 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-04-29 14:47:30 -07:00
Brad Davidson 13ca10664f Use ListWatch helpers instead of bare List/Watch 
Reduces code complexity a bit and ensures we don't  have to handle closed watch channels on our own

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-04-29 12:24:12 -07:00
Michal Rostecki 5f2a4d4209 server: Allow to enable network policies with IPv6-only 
After previous changes, network policies are working on IPv6-only
installations.

Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
 2022-04-29 10:51:38 -07:00
Michal Rostecki c0045f415b agent(netpol): Explicitly enable IPv4 when necessary 
Before this change, kube-router was always assuming that IPv4 is
enabled, which is not the case in IPv6-only clusters. To enable network
policies in IPv6-only, we need to explicitly let kube-router know when
to disable IPv4.

Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
 2022-04-29 10:51:38 -07:00
Brad Davidson a69d635c9b Drop unnecessary intermediate variable 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-04-29 09:22:57 -07:00
Brad Davidson 333311c7ee Add systemd cgroup controller support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-04-29 09:22:57 -07:00
Brad Davidson 418c3fa858
Fix issue with datastore corruption on cluster-reset (#5515) 
* Bump etcd to v3.5.4-k3s1
* Fix issue with datastore corruption on cluster-reset
* Disable unnecessary components during cluster reset

Disable control-plane components and the tunnel setup during
cluster-reset, even when not doing a restore. This reduces the amount of
log clutter during cluster reset/restore, making any errors encountered
more obvious.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-04-27 13:44:15 -07:00
Brad Davidson b12cd62935 Move IPv4/v6 selection into helpers 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-04-15 01:02:42 -07:00
Brad Davidson 7e447692c5 Fix issue with RKE2 servers hanging on listing apiserver addresses 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-04-15 01:02:42 -07:00
Dirk Müller fa0fa8b1d0 Update golangci-lint to 1.45.2 
This requires a further set of gofmt -s improvements to the
code, but nothing major. golangci-lint 1.45.2 brings golang 1.18
support which might be needed in the future.

Signed-off-by: Dirk Müller <dirk@dmllr.de>
 2022-04-13 14:48:42 -07:00
Roberto Bonafiglia f04c602c07 Updated wireguard-native options and added log message 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-04-07 19:31:21 +02:00
Roberto Bonafiglia 47abaf362e Added new flannel backend to use wireguard from flannel 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-04-07 19:31:13 +02:00
Michal Rostecki 9350016de8
Merge pull request #5387 from vadorovsky/kube-router-dual-stack 
netpol: Add dual-stack support
 2022-04-07 11:24:38 +02:00
Brad Davidson 49544e0d49 Allow agents to query non-apiserver supervisors for apiserver endpoints 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-04-06 13:03:14 -07:00
Michal Rostecki c707948adf netpol: Add dual-stack support 
This change allows to define two cluster CIDRs for compatibility with
Kubernetes dual-stuck, with an assumption that two CIDRs are usually
IPv4 and IPv6.

It does that by levearaging changes in out kube-router fork, with the
following downstream release:

https://github.com/k3s-io/kube-router/releases/tag/v1.3.2%2Bk3s

Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
 2022-04-06 14:43:09 +02:00
Euan Kemp c2e846dc16 Allow using flannel wireguard backend in a custom config 
Ideally we'd have fully fleshed out support for it (i.e. #5011), but
that's a potentially breaking change and taking a little while to merge.

This is a much simpler change which won't break anything, but will allow
a "Type": "wireguard" reference in the "--flannel-conf" custom config
file to work.

Signed-off-by: Euan Kemp <euank@euank.com>
 2022-04-05 09:44:26 -07:00
Roberto Bonafiglia 4afeb9c5c7
Merge pull request #5325 from rbrtbnfgl/fix-etcd-ipv6-url 
Fixed etcd URL in case of IPv6 address
 2022-04-05 09:55:42 +02:00
Roberto Bonafiglia 06c779c57d Fixed loadbalancer in case of IPv6 addresses 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-03-31 11:49:30 +02:00
Luther Monson 13191da58a add a wrapper around the containerd.New call to fix and pass the proper npipe connector 
Signed-off-by: Luther Monson <luther.monson@gmail.com>
 2022-03-29 18:06:48 -07:00
Roberto Bonafiglia dda409b041 Updated localhost address on IPv6 only setup 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-03-29 09:35:54 +02:00
Roberto Bonafiglia ff85faa7de Changed ipv6 config on flannel setup 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-03-09 12:30:33 +01:00
Roberto Bonafiglia 073f155fc4 Added ipv6 only support with flannel 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-03-09 09:35:01 +01:00
Roberto Bonafiglia 93346904cf
Merge pull request #5215 from rbrtbnfgl/flannel_0.17 
Flannel 0.17
 2022-03-09 08:51:10 +01:00
Roberto Bonafiglia 3fabc0703b
Merge pull request #4450 from olljanat/support-ipv6-only 
Add partial support for IPv6 only mode
 2022-03-08 11:38:52 +01:00
Roberto Bonafiglia f3d81544b1 Fixed log in case of ipv6 only config 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-03-08 09:42:25 +01:00
Roberto Bonafiglia 0c83f50c4c Added switch case to check netMode 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-03-08 09:34:25 +01:00
Roberto Bonafiglia 2c39febdd2 Fixed in case of empty address 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-03-07 14:09:29 +01:00
Roberto Bonafiglia d7d4c891e2 Updated flannel to 0.17 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-03-07 14:09:05 +01:00
Luther Monson 9a849b1bb7
[master] changing package to k3s-io (#4846) 
* changing package to k3s-io

Signed-off-by: Luther Monson <luther.monson@gmail.com>

Co-authored-by: Derek Nola <derek.nola@suse.com>
 2022-03-02 15:47:27 -08:00
Brad Davidson f090bf2d5e Bootstrap the executor even when the agent is disabled 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-03-02 02:47:54 -08:00
Brad Davidson 5014c9e0e8 Fix adding etcd-only node to existing cluster 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-02-28 19:56:08 -08:00
Manuel Buil 062fe63dd1 Fix annoying netpol log 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-02-10 20:01:27 +01:00
Olli Janatuinen 966f4d6a01 Add support for IPv6 only mode 
Automatically switch to IPv6 only mode if first node-ip is IPv6 address

Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>
 2022-02-10 20:34:59 +02:00
Michal Rostecki 4fed9f4052 netpol: Use kube-router as a library 
Before this change, we were copying a part of kube-router code to
pkg/agent/netpol directory with modifications, from which the biggest
one was consumption of k3s node config instead of kube-router config.

However, that approach made it hard to follow new upstream versions.
It's possible to use kube-router as a library, so it seems like a better
way to do that.

Instead of modifying kube-router network policy controller to comsume
k3s configuration, this change just converts k3s node config into
kube-router config. All the functionality of kube-router except netpol
is still disabled.

Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-02-07 10:54:08 +01:00
Brad Davidson bc7635f01f Move containerd wait into exported function 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-01-25 13:09:30 -08:00
Roberto Bonafiglia 8eded2749a Added debug log for IPv6 Masquerading rule 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@gmail.com>
 2022-01-17 10:20:12 +01:00