Brad Davidson
1eec7348a5
Call setproctitle to conceal node args in ps output
...
This is related to #2014 .
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
4 years ago
Brian Downs
5a81fdbdc5
update cis flag implementation to propogate the rest of the way through to kubelet
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
4 years ago
Jason
e3f8789114
Add containerd snapshotter flag ( #1991 )
...
* Add containerd snapshotter flag
Signed-off-by: Jason-ZW <zhenyang@rancher.com>
* Fix CamelCase nit and option description
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Jason-ZW <zhenyang@rancher.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
4 years ago
Brian Downs
abb2d9aad1
add flag usage
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
4 years ago
Brian Downs
57a6319fac
add protect-kernel-defaults to kubelet
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
4 years ago
Erik Wilson
e1dc3451bc
Add config file support
4 years ago
Darren Shepherd
7e59c0801e
Make program name a variable to be changed at compile time
5 years ago
Chuck Schweizer
19c34bd12d
Update to set default CipherSuites
...
The default CipherSuites need to be set to disable the insecure TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Cipher
5 years ago
Chuck Schweizer
ca9c9c2e1e
Adding support for TLS MinVersion and CipherSuites
...
This will watch for the following kube-apiserver-arg variables and apply
them to the k3s kube-apiserver https listener.
--kube-apiserver-arg=tls-cipher-suites=XXXXXXX
--kube-apiserver-arg=tls-min-version=XXXXXXX
5 years ago
Darren Shepherd
cb4b34763e
Merge pull request #1759 from ibuildthecloud/background
...
Start kube-apiserver in the background
5 years ago
Darren Shepherd
072396f774
Start kube-apiserver in the background
...
In rke2 everything is a static pod so this causes a chicken and egg situation
in which we need the kubelet running before the kube-apiserver can be
launched. By starting the apiserver in the background this allows us to
do this odd bootstrapping.
5 years ago
Darren Shepherd
2f5ee914f9
Add supervisor port
...
In k3s today the kubernetes API and the /v1-k3s API are combined into
one http server. In rke2 we are running unmodified, non-embedded Kubernetes
and as such it is preferred to run k8s and the /v1-k3s API on different
ports. The /v1-k3s API port is called the SupervisorPort in the code.
To support this separation of ports a new shim was added on the client in
then pkg/agent/proxy package that will launch two load balancers instead
of just one load balancer. One load balancer for 6443 and the other
for 9345 (which is the supervisor port).
5 years ago
Darren Shepherd
341895c322
Don't write ccm.yaml if --disable-cloud-controller is set
5 years ago
Erik Wilson
39c3854648
Merge pull request #1720 from ilknarf/master
...
remove redundant Sprintf
5 years ago
Erik Wilson
c71561129e
Merge pull request #1716 from ibuildthecloud/debugpublic
...
Make debug variable public to be used by wrapper programs
5 years ago
Erik Wilson
c941e1d0bb
Merge pull request #1695 from ibuildthecloud/kubeproxy
...
Add ability to disable kubeproxy
5 years ago
Erik Wilson
df1725cb06
Merge pull request #1694 from ibuildthecloud/inittwice
...
Allow InitLogging to be called twice
5 years ago
Frank
a18d94e5f9
remove redundant Sprintf
5 years ago
Darren Shepherd
56770ff2cc
Make debug variable public to be used by wrapper programs
5 years ago
Darren Shepherd
5715e1ba0d
Add ability to disable kubeproxy
5 years ago
Darren Shepherd
8cc9efdf7c
Allow InitLogging to be called twice
...
This makes it a bit easier to embed k3s into another go program
5 years ago
Darren Shepherd
8b8af94eb2
Move disabled items to a const to keep more consistency
...
This also help when embedding k3s because we can programmitically know
all the components to disable.
5 years ago
Darren Shepherd
7d06d2ccc1
Merge pull request #1653 from KnicKnic/enable_agent_windows
...
enable agent to start on windows
5 years ago
Knic Knic
7f77c9a3c8
enable agent to start on windows
5 years ago
galal-hussein
3f927d8006
Revert "Replace traefik with nginx"
...
This reverts commit 9a17033095
.
5 years ago
Erik Wilson
ceff3f58fb
Merge pull request #1466 from galal-hussein/traefik_to_nginx
...
Replace traefik with nginx
5 years ago
galal-hussein
9a17033095
Replace traefik with nginx
5 years ago
Erik Wilson
a3cb9ee1f6
Simplify SELinux detection and add --disable-selinux flag
5 years ago
Erik Wilson
0374c4f63d
Add --disable flag
5 years ago
Erik Wilson
1a2690d7be
Merge pull request #1192 from galal-hussein/add_encryption_config
...
Add secret encryption config
5 years ago
Erik Wilson
7675f9f85c
Clean up host-gw variable names
5 years ago
Segator
c23f12765e
hostgw flannel support
5 years ago
galal-hussein
388cd9c4e8
Add secret encryption configuration
5 years ago
Erik Wilson
76281bf731
Update k3s for k8s 1.17.0
5 years ago
Erik Wilson
d4959d53af
Merge pull request #1182 from erikwilson/docker-pause-image
...
Allow --pause-image to set docker sandbox image also
5 years ago
Erik Wilson
2eacfa75cb
Merge pull request #1180 from erikwilson/cleanup-flannel-backend-help-text
...
Cleanup --flannel-backend help text
5 years ago
Erik Wilson
2de93d70cf
Allow --pause-image to set docker sandbox image also
5 years ago
Erik Wilson
11e4d01efe
Cleanup --flannel-backend help text
5 years ago
Jacob Blain Christen
063efb25bb
Mutable --node-label values for server/agent sub-commands.
...
Values passed in via the server/agent `--node-label` flag are treated as mutable. They are passed through to the kubelet just as before but after the kubelet comes up they are applied again. This allows for passing labels a k3s start-time that may be necessary for scheduling but may change from boot to boot, e.g. `k3os.io/version` after an upgrade.
Tested locallon on my amd64 workstation with the docker container.
Addresses #1119 .
5 years ago
galal-hussein
99b8222e8d
Change storage to datastore
5 years ago
Erik Wilson
95ff805c98
Fix broken K3S_TOKEN env
5 years ago
Erik Wilson
d4151b7739
Add the --with-node-id flag to agent
5 years ago
Erik Wilson
a73f8b1773
Update check-config.sh for k3s
5 years ago
Erik Wilson
e4b3730fa2
Go DNS lookup order hack
5 years ago
Erik Wilson
55c05ac500
Refactor node password location
5 years ago
Darren Shepherd
3e213d1347
Allow --debug to be set with K3S_DEBUG env var
5 years ago
Darren Shepherd
3f5fb70116
Move server arguments to experimental for dqlite related
5 years ago
Darren Shepherd
e2431bdf9d
Add dqlite support
5 years ago
Darren Shepherd
53d3ab074c
Shrink k3s wrapper binary
5 years ago
Erik Wilson
47a94637dc
Move metrics-server manifests to sub-directory
5 years ago
Erik Wilson
0fef39de65
Add default multi-arch metrics-server deployment
5 years ago
Darren Shepherd
ba240d0611
Refactor tokens, bootstrap, and cli args
5 years ago
YAMAMOTO Takashi
4970d6133f
Propagate DisableAgent flag
...
The recent setMasterRoleLabel stuff uses it.
5 years ago
Erik Wilson
f648a64ee3
Merge pull request #923 from AkihiroSuda/fix-rootless-kubelet-flags
...
rootless: add kubelet flags automatically
5 years ago
Akihiro Suda
aafccdbccb
rootless: add kubelet flags automatically
...
Fix https://github.com/rancher/k3s/issues/784
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
5 years ago
Erik Wilson
ad4ea681ce
Hide the --disable-agent flag
5 years ago
Erik Wilson
da3a7c6bbc
Add network policy controller
5 years ago
Erik Wilson
9e14d3e470
Merge pull request #851 from MagnaXSoftware/switch-string-slice
...
Add comma-separated no-deploy values
5 years ago
Xavier Landreville
2f4a08c54d
Add comma-separated no-deploy values
...
This allows no-deploy values to be either specified as multiple --no-deploy invocations,
or a single invocation with comma-separated values.
5 years ago
galal-hussein
d2c1f66496
Add k3s cloud provider
5 years ago
galal-hussein
5ccc880ddb
Add private registry to containerd
5 years ago
galal-hussein
56e0e5ad7e
Add default local storage provisioner
5 years ago
Erik Wilson
6f7a1a70fa
Label new flannel flags as experimental
5 years ago
Erik Wilson
959acf9c92
Add --flannel-backend flag
5 years ago
Erik Wilson
3cd807a657
Add --flannel-conf flag
5 years ago
galal-hussein
b1891f445b
Add master role label on startup
5 years ago
Darren Shepherd
209acb58c1
Revert CSI patch
5 years ago
Erik Wilson
5679cfafaf
Merge pull request #707 from ibuildthecloud/pr683
...
Integrate Kine
5 years ago
Darren Shepherd
2cb6f52339
Disable storing bootstrap information by default
5 years ago
Erik Wilson
e6067314c9
Localhost -> 127.0.0.1
5 years ago
galal-hussein
1ae0c540d7
Refactor bootstrap, move kine startup code to kine, integrate kine
5 years ago
Erik Wilson
30e050a692
Cleanup logging
5 years ago
Erik Wilson
a17e336993
Use go tcpproxy
5 years ago
Erik Wilson
e1162c7cfa
Update agent to notify systemd
5 years ago
Erik Wilson
131f3bec44
Merge pull request #619 from erikwilson/node-ip-from-flannel-iface
...
Default node-ip from flannel-iface
5 years ago
Erik Wilson
a1ce08d4f1
Default node-ip from flannel-iface
5 years ago
Darren Shepherd
dbb7b04c3d
Add option to disable scheduler
5 years ago
Erik Wilson
853708c8ba
Merge pull request #591 from erikwilson/add-ctr
...
Build & enable ctr with k3s server
6 years ago
Erik Wilson
24b73403c7
Cleanup bootstrap
6 years ago
Erik Wilson
ed72856d27
Build & enable ctr with k3s server
6 years ago
Erik Wilson
4b540f8d94
Cleanup command help text
6 years ago
galal-hussein
37582b6fac
Add cert storage backend flag
6 years ago
galal-hussein
28d9d83be2
Add k3s HA bootstrap
6 years ago
Erik Wilson
2c9444399b
Refactor certs
6 years ago
galal-hussein
17d8708ca5
Add storage backend flags
6 years ago
Erik Wilson
199f673676
Merge pull request #479 from galal-hussein/add_storage_backend_options
...
Add MySQL and Postgress support
6 years ago
Darren Shepherd
c0702b0492
Port to wrangler
6 years ago
Darren Shepherd
4b4dd1b59b
Merge pull request #454 from galal-hussein/node_labels_taints
...
Expose node labels and taints and add node roles
6 years ago
galal-hussein
e9cd8adbf6
Add Storage endpoint option
6 years ago
galal-hussein
483df6fd82
Check if server time before 1/1/1980
...
Check
6 years ago
galal-hussein
930093dfe9
Expose node labels and taints and add node roles
6 years ago
haokang.ke
52f845ec84
Make pause image configurable ( #345 )
6 years ago
galal-hussein
fae6df0df0
Change the stderr threshold for cli
6 years ago
Darren Shepherd
0e3711b8b7
Merge pull request #339 from km4rcus/cluster-domain-option
...
Add --cluster-domain option
6 years ago
Darren Shepherd
08c3d0d4ef
Merge pull request #250 from yoink00/master
...
Allow flannel interface to be specified on the command line
6 years ago
Stuart Wallace
2268e028a2
Add ability to override flannel interface
6 years ago
Marco Mancini
b445bad171
Add --cluster-domain option
6 years ago
galal-hussein
e5d8d72e59
Fix comment of bind address
6 years ago
Darren Shepherd
046a817818
Add rootless support
6 years ago
galal-hussein
7794528aa1
Add extra flags for server and agent components
6 years ago
Darren Shepherd
841f8d29e6
Ensure CSI is initialized properly when running agent and server combined
6 years ago
galal-hussein
d255574150
Add bind address server config
6 years ago
Erik Wilson
a4df9f4ab1
Kubelet resolv.conf DNS update
...
Allow the kubelet resolv-conf flag to be set, or automatically
discovered from /etc/resolv.conf & /run/systemd/resolve/resolv.conf if
no loopback devices are present, or create our own which points to
nameserver 8.8.8.8
6 years ago
Erik Wilson
1d61576e54
Fix linting issues
6 years ago
Darren Shepherd
4463408819
Merge pull request #239 from takmatsu/add-hosts
...
Add tls-san flag
6 years ago
Erik Wilson
2768f559c1
Fix go fmt error
6 years ago
Takeaki Matsumoto
3a6b305455
Change flag name and type
6 years ago
Takeaki Matsumoto
9551e1db21
Add advertise-address flag
...
In NAT or LB environment,
we need not just the certs for local ip, but also additional ips.
advertise-address flag enables to add optional ips.
6 years ago
Darren Shepherd
9a862610ac
Merge pull request #177 from erikwilson/systemd-notify
...
Enable systemd ready notification for k3s server
6 years ago
Erik Wilson
107b5f3985
Enable systemd ready notification for k3s server
...
Disables k8s generic api server systemd ready notification and send
our own ready notification after server available and kubeconfig
available.
Make sure we unset the NOTIFY_SOCKET environment variable by passing
`true` to SdNotify so the agent can start containers.
6 years ago
Vladimir Zorin
44cce9a76f
Set ClusterDNS to ServiceCIDR network address + 10 when cluster-dns is not provided
6 years ago
Vladimir Zorin
7ad03ad8b0
Add cluster-dns server arg support
6 years ago
Vladimir Zorin
b8c3ff1dab
Add --service-cidr server arg support
6 years ago
Darren Shepherd
0414f97c78
Revert "Enable systemd ready notification for k3s server"
...
This reverts commit c73e9187bb
.
6 years ago
Darren Shepherd
8acc17fcf3
Merge branch 'master' into tokenfile
6 years ago
Darren Shepherd
70e6ca4ab8
Support external CRI implementations
6 years ago
Darren Shepherd
3d113ceb2d
Add agent command to server command
6 years ago
Darren Shepherd
91f9472751
Add traefik to no-deploy help text
6 years ago
Darren Shepherd
e5b7d36c55
Actually pass cluster-cidr on to server
6 years ago
Darren Shepherd
e28e497168
Add --token-file support
6 years ago
Erik Wilson
c73e9187bb
Enable systemd ready notification for k3s server
...
Disables k8s generic api server systemd ready notification and send
our own ready notification after server available and kubeconfig
available.
6 years ago
Darren Shepherd
01b3bb315e
Fix version printing on startup
6 years ago
Darren Shepherd
529aa431d1
Adjust debug logging and write containerd logs to a file
6 years ago
Darren Shepherd
793ac4fb89
Add crictl
6 years ago
Darren Shepherd
e832588662
Add embedded service load balancer
6 years ago
Darren Shepherd
400225e73d
Prepopulate known IPs in TLS
6 years ago
Darren Shepherd
287e0f44c9
Prepare for initial release
6 years ago
Darren Shepherd
62c62cc7b4
Continued refactoring
6 years ago