github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,560 Commits
32 Branches
867 Tags
626 MiB
Commit Graph

1067 Commits (2835368ecb57fbf47ea1826953b133253b769b99)

Author SHA1 Message Date
Brad Davidson 2835368ecb Bump k3s-root and remove embedded strongswan support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-12-01 12:40:40 -08:00
Derek Nola af8f101bdc
Mark secrets-encryption flag as GA (#6582) 
* Mark secrets-encrypt flag as GA

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-12-01 08:50:51 -08:00
Brad Davidson 915c7719fe go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-30 15:09:32 -08:00
Brad Davidson 1eeea5c81f go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-30 15:09:32 -08:00
Brad Davidson e08a662509 Disable CCM metrics port when legacy CCM functionality is disabled 
Prevents port conflicts on upgrade for users that have deployed other cloud controllers.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-30 15:08:31 -08:00
Brad Davidson a07bb555ba Bump klipper-helm and klipper-lb versions 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-23 14:55:59 -08:00
Derek Nola 614da78e43
Add `prefer-bundled-bin` as an agent flag (#6545) 
* Add prefer-bundled-bin as an agent flag
* Add E2E test for prefer-bundled-bin

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-11-22 13:43:16 -08:00
Manuel Buil 1beecb2e2d
Merge pull request #6531 from manuelbuil/fixLogs 
Fix log for flannelExternalIP use case
 2022-11-22 16:54:26 +01:00
Manuel Buil 483e29e783 Remove stuff which belongs in the windows executor implementation 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-22 12:32:13 +01:00
Brad Davidson 9ff0943d56 Address nits from self-review 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 15:23:30 -08:00
Brad Davidson 56bf7d6ad3 Allow agent to run rootless 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 15:23:30 -08:00
Brad Davidson 6f2b21c5cd Add rootless IPv6 support 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 15:23:30 -08:00
Brad Davidson c02dceb7ad Make rootless settings configurable 
Add enivironment variables for port-driver, cidr, mtu, and disable-host-loopback settings. Since rootless is still experimental, I don't think they deserve full CLI flag status.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 15:23:30 -08:00
Brad Davidson 73171ff20a go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-21 13:44:54 -08:00
Derek Nola 0f52088cd3
Add new `prefer-bundled-bin` experimental flag (#6420) 
* initial prefer-bundled-bin ci change
* Add startup testlet
* Convert parsing to pflag library
* Fix code validation
* go mod tidy

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-11-21 13:01:36 -08:00
Manuel Buil 5188443988 Fix log for flannelExternalIP use case 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-21 17:10:35 +01:00
Manuel Buil e41e4010e5 Revert "Remove stuff which belongs in the windows executor implementation" 
This reverts commit 1bc0684fb7.

Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-15 21:40:42 +01:00
Manuel Buil 9419b1a936
Merge pull request #6492 from manuelbuil/removeWinStuff 
Remove stuff which belongs in the windows executor implementation
 2022-11-15 12:07:17 +01:00
Brad Davidson adb820d859 Bump traefik chart to 19.0.4 to fix kubernetes version check 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-14 13:42:24 -08:00
Manuel Buil 1bc0684fb7 Remove stuff which belongs in the windows executor implementation 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-14 15:52:04 +01:00
Derek Nola 13c633da12
Add Secrets Encryption to CriticalArgs (#6409) 
* Add EncryptSecrets to Critical Control Args
* use deep comparison to extract differences

Signed-off-by: Derek Nola <derek.nola@suse.com>

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-11-04 10:35:29 -07:00
Manuel Buil 861f8ed8f8
Merge pull request #6386 from manuelbuil/changeAddrTypesMetricsServer 
Change addr types in metrics server
 2022-11-04 11:11:21 +01:00
thomasferrandiz b7d217dbf3
Merge pull request #6405 from thomasferrandiz/log-kube-router-version 
log kube-router version when starting netpol controller
 2022-11-04 11:07:37 +01:00
Manuel Buil 8aff25e192
Merge pull request #6403 from manuelbuil/logsFlannelExternalIP 
Avoid wrong config for `flannel-external-ip` and add warning if unencrypted backend
 2022-11-04 09:47:30 +01:00
Manuel Buil 557fcd28d5 Change the priority of address types depending on flannel-external-ip 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-04 09:02:39 +01:00
Manuel Buil 1682172ac1 Add some helping logs to avoid wrong configs 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2022-11-03 18:09:17 +01:00
Roberto Bonafiglia 87c7ea81f0 Updated flannel version to 0.20.1 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2022-11-03 17:49:26 +01:00
Thomas Ferrandiz 68ac954489 log kube-router version when starting netpol controller 
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
 2022-11-03 12:26:50 +01:00
Brad Davidson d7dbf69f7f go generate 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-02 11:29:05 -07:00
iyear 3aae7b8783 Fix incorrect defer usage 
Problem:
Using defer inside a loop can lead to resource leaks

Solution:
Judge newer file in the separate function

Signed-off-by: iyear <ljyngup@gmail.com>
 2022-11-01 16:23:25 -07:00
Brad Davidson cb86d2c1f0 Bump traefik to v2.9.4 / chart v18.3.0 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-11-01 16:05:45 -07:00
Petri Kivikangas 6156059136 Convert containerd config.toml.tmpl Linux template to v2 syntax 
Signed-off-by: Petri Kivikangas <36138+Kitanotori@users.noreply.github.com>
 2022-10-27 16:55:03 -07:00
Brad Davidson 76729d813b Set default kubeletPort 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:08:13 -07:00
Brad Davidson 269563e4d2 Check for RBAC before starting tunnel controllers 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:08:13 -07:00
Brad Davidson 68a56ff8d8 Add GVK lookup to deploy controller 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:08:13 -07:00
Brad Davidson 8d28a38a18 Update helm-controller to pull in refactor 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 15:03:13 -07:00
Brad Davidson 16a8b6d6f1 Bump Traefik helm chart to v18.0.0 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-26 13:38:13 -07:00
Brad Davidson f2585c1671 Add --flannel-external-ip flag 
Using the node external IP address for all CNI traffic is a breaking change from previous versions; we should make it an opt-in for distributed clusters instead of default behavior.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-24 10:10:49 -07:00
Brad Davidson e8c250b8dc Fix RBAC to allow removal of legacy finalizer 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-20 16:12:28 -07:00
Brad Davidson 3c0cd6f2dc Return ProviderID in URI format 
The InstancesV1 interface handled this for us by combining the ProviderName and InstanceID values; the new interface requires us to do it manually

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-17 11:05:09 -07:00
Brad Davidson f25419ca2c Add ServiceAccount for svclb pods 
For 1.24 and earlier, the svclb pods need a ServiceAccount so that we can allow their sysctls in PSPs

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-10 17:40:39 -07:00
Derek Nola 06d81cb936
Replace deprecated ioutil package (#6230) 
* Replace ioutil package
* check integration test null pointer
* Remove rotate retries

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2022-10-07 17:36:57 -07:00
Brad Davidson 25e83cfa4f Bump traefik to 2.9.1 / chart 12.0.0 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-06 16:20:21 -07:00
Brad Davidson b411864be5 Handle custom kubelet port in agent tunnel 
The kubelet port can be overridden by users; we shouldn't assume its always 10250

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-05 21:10:38 -07:00
Brad Davidson 11072e2516 Fix occasional "TLS handshake error" in apiserver network proxy. 
We should be reading from the hijacked bufio.ReaderWriter instead of
directly from the net.Conn. There is a race condition where the
underlying http handler may consume bytes from the hijacked request
stream, if it comes in the same packet as the CONNECT header. These
bytes are left in the buffered reader, which we were not using. This was
causing us to occasionally drop a few bytes from the start of the
tunneled connection's client data stream.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-05 21:10:38 -07:00
Brad Davidson f633732d80 Use structured logging instead of logrus for event recorders 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-10-04 10:26:17 -07:00
Brad Davidson d963cb2f70 Disable cloud-node and cloud-node-lifecycle if CCM is disabled 
If CCM and ServiceLB are both disabled, don't run the cloud-controller-manager at all;
this should provide the same CLI flag behavior as previous releases, and not create
problems when users disable the CCM but still want ServiceLB.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-09-30 08:17:20 -07:00
Brad Davidson 0b96ca92bc Move servicelb into cloudprovider LoadBalancer interface 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-09-30 08:17:20 -07:00
Brad Davidson a15e7e8b68 Move DisableServiceLB/Rootless/ServiceLBNamespace into config.Control 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-09-30 08:17:20 -07:00
Brad Davidson 063039471c Implement InstancesV2 instead of Instances 
... and drop legacy ClusterID support.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2022-09-30 08:17:20 -07:00