github/k3s - k3s - https://git.xinac.net

Commit Graph

Author	SHA1	Message	Date
Brad Davidson	3c324335b2	Add utility functions for getting kubernetes client Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2 years ago
Brad Davidson	76729d813b	Set default kubeletPort Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2 years ago
Brad Davidson	269563e4d2	Check for RBAC before starting tunnel controllers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2 years ago
Brad Davidson	b411864be5	Handle custom kubelet port in agent tunnel The kubelet port can be overridden by users; we shouldn't assume its always 10250 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2 years ago
Brad Davidson	afee83dda2	Bump remotedialer Includes fix for recently identified memory leak. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2 years ago
Brad Davidson	b550e1183a	Remove control-plane egress context and fix agent mode. The control-plane context handles requests outside the cluster and should not be sent to the proxy. In agent mode, we don't watch pods and just direct-dial any request for a non-node address, which is the original behavior. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Brad Davidson	d3242bea3c	Refactor egress-selector pods mode to watch pods Watching pods appears to be the most reliable way to ensure that the proxy routes and authorizes connections. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Brad Davidson	9d7230496d	Add support for configuring the EgressSelector mode Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Brad Davidson	ce5b9347c9	Replace DefaultProxyDialerFn dialer injection with EgressSelector support Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Brad Davidson	e763fadbba	Ensure that WaitForAPIServerReady always re-dials through the loadbalancer Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Brad Davidson	13ca10664f	Use ListWatch helpers instead of bare List/Watch Reduces code complexity a bit and ensures we don't have to handle closed watch channels on our own Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Brad Davidson	7e447692c5	Fix issue with RKE2 servers hanging on listing apiserver addresses Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Brad Davidson	49544e0d49	Allow agents to query non-apiserver supervisors for apiserver endpoints Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Roberto Bonafiglia	dda409b041	Updated localhost address on IPv6 only setup Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	3 years ago
Luther Monson	9a849b1bb7	[master] changing package to k3s-io (#4846 ) * changing package to k3s-io Signed-off-by: Luther Monson <luther.monson@gmail.com> Co-authored-by: Derek Nola <derek.nola@suse.com>	3 years ago
Brad Davidson	5ab6d21a7d	Increase agent's apiserver ready timeout (#4454 ) Since we now start the server's agent sooner and in the background, we may need to wait longer than 30 seconds for the apiserver to become ready on downstream projects such as RKE2. Since this essentially just serves as an analogue for the server's apiReady channel, there's little danger in setting it to something relatively high. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Deshi Xiao	f1622129e4	refactor: Use plain channel send or receive fix issue #4369 should use a simple channel send/receive instead of select with a single case Signed-off-by: Deshi Xiao <xiaods@gmail.com>	3 years ago
Brad Davidson	3fe460d080	Block scheduler startup on untainted node when using embedded CCM Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Brad Davidson	5a923ab8dc	Add containerd ready channel to delay etcd node join Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	3 years ago
Xiao Deshi	cfe7e0c734	remove duplicated func GetAddresses refactor tunnel.go and controller.go, remove duplicated lines. Signed-off-by: Xiao Deshi <xiaods@gmail.com>	4 years ago
Hussein Galal	5749f66aa3	Add disable flags for control components (#2900 ) * Add disable flags to control components Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * golint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fixes to disable flags Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Add comments to functions Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Fix joining problem Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * golint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix ticker Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix role labels Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	4 years ago
Brian Downs	ba70c41cce	Initial Logging Output Update (#2246 ) This attempts to update logging statements to make them consistent through out the code base. It also adds additional context to messages where possible, simplifies messages, and updates level where necessary.	4 years ago
Darren Shepherd	7e59c0801e	Make program name a variable to be changed at compile time	5 years ago
Darren Shepherd	2f5ee914f9	Add supervisor port In k3s today the kubernetes API and the /v1-k3s API are combined into one http server. In rke2 we are running unmodified, non-embedded Kubernetes and as such it is preferred to run k8s and the /v1-k3s API on different ports. The /v1-k3s API port is called the SupervisorPort in the code. To support this separation of ports a new shim was added on the client in then pkg/agent/proxy package that will launch two load balancers instead of just one load balancer. One load balancer for 6443 and the other for 9345 (which is the supervisor port).	5 years ago
Darren Shepherd	a8d96112d9	Updates for k8s v1.18 support	5 years ago
Vladimir Varankin	0c5299c951	pkg/agent/tunnel: respect ipv6 when building proxy addresses	5 years ago
Darren Shepherd	ba240d0611	Refactor tokens, bootstrap, and cli args	5 years ago
Erik Wilson	a17e336993	Use go tcpproxy	5 years ago
Erik Wilson	8ce509ee6b	Cleanup tunnel logs	5 years ago
Erik Wilson	23b0797578	Add context to tunnel connect	5 years ago
Erik Wilson	b93b4732eb	Start endpoint tunnel watch before waiting	5 years ago
Erik Wilson	e77dc568bb	Cleanup tunnel	5 years ago
Erik Wilson	7e6664b684	Add resource version to tunnel endpoint watch	5 years ago
Erik Wilson	034a863696	Cleanup remotedialer tunnel logs	5 years ago
Erik Wilson	e0212144e8	Tunnel agent to all servers Watch the kubernetes endpoints to create a tunnel to all servers.	5 years ago
Erik Wilson	2c9444399b	Refactor certs	6 years ago
Darren Shepherd	c0702b0492	Port to wrangler	6 years ago
Darren Shepherd	62c62cc7b4	Continued refactoring	6 years ago

38 Commits (23d98cec227eb1ade3ec0f0a7045993cbbc84531)