e874d1663d
Print message on upgrade fail
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-19 10:56:55 -07:00
1386f49ddc
Bump containerd and stargz versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-19 10:56:55 -07:00
c20a619525
Update to v1.25.14 ( #8350 )
...
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2023-09-13 20:17:31 -03:00
8ad3cb03cb
Bump kine to v0.10.3
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-08 13:03:01 -07:00
8fcbc2bc85
Add RWMutex to address controller
...
Fixes race condition when address map is updated by multiple goroutines
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 0d23cfe038
2023-08-30 01:35:07 -07:00
8d84d1581e
Add new CLI flag to enable TLS SAN CN filtering
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-29 08:35:21 -07:00
04c1b54c6e
Fix runc version bump
...
Module version bump got dropped when backporting in 4f14d61d40
2023-08-25 12:36:57 -07:00
17411bf0c6
Update to v1.25.13 ( #8241 )
...
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2023-08-24 22:45:06 -03:00
80e1c74a6e
Merge pull request #8223 from manuelbuil/updateFlannel125
...
[Release 1.25] Move flannel to 0.22.2
2023-08-18 12:04:50 +02:00
6277f3da43
Move flannel to 0.22.2
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-08-18 09:25:41 +02:00
393ac6293f
Bump helm-controller/klipper-helm versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 84ded911e9
2023-08-16 14:37:34 -07:00
4b4de04f0b
Bump dynamiclistener for init deadlock fix
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 66bae3e326
2023-08-16 14:37:34 -07:00
ce85b98858
Fixed the etcd retention to delete orphaned snapshots based on the date
...
Signed-off-by: Vitor <vitor.savian@suse.com>
2023-08-15 12:41:06 -03:00
5a2506145e
Fix for cluster-reset backup from s3 when etcd snapshots are disabled ( #8155 )
...
* Fixed when the user disable the etcd snapshots, but want to backup from s3
Signed-off-by: Vitor <vitor.savian@suse.com>
2023-08-10 16:10:23 -03:00
8e945c53e7
fix for etcd-snapshot delete with --etcd-s3 flag ( #8110 )
...
k3s etcd-snapshot save --etcd-s3 ... is creating a local snapshot and uploading it to s3 while k3s etcd-snapshot delete --etcd-s3 ... was deleting the snapshot only on s3 buckets, this commit change the behavior of delete to do it locally and on s3
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
(cherry picked from commit e551308db8
2023-08-04 19:20:33 -07:00
5bcaa01a09
Use VERSION_K8S in tests instead of grep go.mod
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-04 16:08:16 -07:00
47d5eda69f
Use 'go list -m' instead of grep to look up versions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-08-04 16:08:16 -07:00
f44629323e
Bump kine to v0.10.2
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit fd531140e5
2023-08-04 16:08:16 -07:00
4ae502b1d8
Bump versions for containerd, runc, kine
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 23d6842f9a
2023-08-04 16:08:16 -07:00
fafb693522
Bump docker/docker to latest v20.10
...
Fixes issue with invalid HTTP host headers over unix sockets caused by
recent releases of golang rejecting invalid header values.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit a0da8eded3
2023-08-04 16:08:16 -07:00
ddbe499d9a
Add FilterCN function to prevent SAN Stuffing
...
Wire up a node watch to collect addresses of server nodes, to prevent adding unauthorized SANs to the dynamiclistener cert.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit aa76942d0f
2023-08-04 16:08:16 -07:00
3dc5979147
Security bump to docker/distribution ( #8047 )
...
Signed-off-by: Guilherme Macedo <guilherme@gmacedo.com>
(cherry picked from commit cc9dce5764
2023-08-04 16:08:16 -07:00
4c6f7bfb08
Make apiserver egress args conditional on egress-selector-mode
...
Only configure enable-aggregator-routing and egress-selector-config-file
if required by egress-selector-mode.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f21ae1d949
2023-08-04 16:08:16 -07:00
739141a79b
Add support for `{{ template "base" . }}` in etc/containerd/config.toml.tmpl ( #7991 )
...
Signed-off-by: Simon Kirsten <simonkirsten24@gmail.com>
(cherry picked from commit 546dc247a0
2023-08-04 16:08:16 -07:00
ba8cb071e7
[Release-1.25] August Test Backports ( #8127 )
...
* Unit test for MustFindString (#8013 )
* Consolidate CopyFile functions (#8079 )
* Remove unnecessary E2E envs
* Cleanup unnecessary "sudo" in commands
* Add additonal s3 coverage clause
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-08-04 11:38:23 -07:00
00df50ded1
Fixed the etcd retention to delete orphaned snapshots
...
Signed-off-by: Vitor <vitor.savian@suse.com>
2023-08-04 10:34:08 -03:00
9685f9869f
Merge pull request #8098 from manuelbuil/fixTailscale125
...
[Release 1.25] Fix tailscale bug with ip modes
2023-08-03 09:13:28 +02:00
5164dc185a
Fix tailscale bug with ip modes
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-08-02 11:43:42 +02:00
7cc896ffc7
Merge pull request #8076 from manuelbuil/updateFlannelAndPugins125
...
[Release 1.25] Update flannel and pugins
2023-08-01 08:36:33 +02:00
bef708409c
Update flannel to v0.22.1
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-07-31 11:03:44 +02:00
80aff75466
Update cni plugins version to v1.3.0
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-07-31 11:02:47 +02:00
7515237f85
Update to v1.25.12 ( #8021 )
...
Signed-off-by: Pedro Tashima <pedro.tashima@suse.com>
Co-authored-by: Pedro Tashima <pedro.tashima@suse.com>
2023-07-20 16:12:22 -03:00
f7ab577cfa
Adjust default kubeconfig file permissions ( #7984 )
...
* Adjust default kubeconfig permissions
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-15 08:46:08 -07:00
a9b8c87fcc
fix image_scan.sh script and download trivy version ( #7950 ) ( #7969 )
...
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
(cherry picked from commit 58a8deb25d
2023-07-14 09:24:11 -03:00
c3eab737ad
Don't use zgrep in `check-config` if apparmor porfile is enforced ( #7954 )
...
* Don't use zgrep if apparmor is enforced for it
* Bump e2e se timeouts for reencryption time
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-13 09:13:29 -07:00
a268ab4058
Generation of certificates and keys for etcd gated if etcd is disabled.( #7945 )
...
Problem:
When support for etcd was added in 3957142
2023-07-11 14:18:53 -07:00
e8a4961732
Adding cli to custom klipper helm image ( #7682 )
...
Adding cli to custom klipper helm image
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
(cherry picked from commit 0809187cff
2023-07-07 16:28:16 -07:00
696a642d1d
Fall back to basic/bearer auth when node identity auth is rejected
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7f50b40cfe
2023-07-07 14:12:02 -07:00
5e3c63718d
Add `--data-dir` to the `k3s certificate rotate-ca` cli ( #7791 )
...
Need to add a cli flag for this. Also, should probably have config file loading support for the certificate commands.
Signed-off-by: leilei.zhai <leilei.zhai@qingteng.cn>
(cherry picked from commit 72d50b1f7c
2023-07-07 14:12:02 -07:00
c850132b5f
Fix rootless node password ( #7900 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-07-07 11:03:14 -07:00
e2c35c1bc7
add e2e s3 test ( #7833 )
...
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
(cherry picked from commit 9e334153cf
2023-07-07 11:14:23 -03:00
f22bcd4fc4
fix e2e startup flaky test ( #7839 )
...
Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
(cherry picked from commit 324f9ad4da
2023-07-07 11:14:23 -03:00
27ac011309
Merge pull request #7894 from manuelbuil/headscale125
...
[Release 1.25] Support setting control server URL for Tailscale.
2023-07-07 15:29:45 +02:00
f1a4b9f6cb
Support setting control server URL for Tailscale.
...
This change enables the use of Headscale - open source implementation of the Tailscale control server.
Signed-off-by: Denys Smirnov <dennwc@pm.me>
2023-07-07 12:31:19 +02:00
a827ad28dd
Merge pull request #7883 from manuelbuil/ip4ip6dualstack125
...
[Release 1.25] Check if we are on ipv4, ipv6 or dualStack when doing tailscale
2023-07-07 11:28:28 +02:00
647539920b
Check if we are on ipv4, ipv6 or dualStack when doing tailscale
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-07-06 11:13:11 +02:00
e1a315189b
Allow k3s to customize apiServerPort on helm-controller ( #7873 )
...
Signed-off-by: Daishan Peng <daishan@acorn.io>
Co-authored-by: Daishan Peng <daishan@acorn.io>
2023-07-05 11:56:58 -07:00
7d3319908f
Merge pull request #7860 from manuelbuil/fixSpell125
...
[Release 1.25] Fix code spell check
2023-07-05 10:37:51 +02:00
17a611060e
Merge pull request #7856 from manuelbuil/removeFileWindows125
...
[Release 1.25] Remove file_windows.go
2023-07-05 10:37:14 +02:00
5a7f40dba3
Fix code spell check
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-07-04 15:53:34 +02:00
Brad Davidson