github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,533 Commits
32 Branches
881 Tags
632 MiB
Commit Graph

1533 Commits (5753d477df155eac20b652768f0fbf30533c397d)

Author SHA1 Message Date
Brad Davidson 5753d477df Bump coredns to 1.7.1 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-12-09 02:00:48 -08:00
Chris Kim c324aa86b4
Merge pull request #2655 from Oats87/issues/k3s/2548-119-suppl 
[Backport 1.19] Add check for `/init.scope` for cgroup
 2020-12-08 14:14:58 -08:00
Erik Wilson d2fac7b4e7
Merge pull request #2651 from erikwilson/release-1.19 
[Release-1.19] Test script cleanup backport from RKE2
 2020-12-08 11:45:07 -07:00
Chris Kim c399f87af1 Handle the case when systemd lives under `/init.scope` 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-12-08 10:37:57 -08:00
Erik Wilson 9885ade11e Test script cleanup backport from RKE2 
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
 2020-12-08 10:48:58 -07:00
Chris Kim 6196098f81
Merge pull request #2646 from Oats87/issues/k3s/2548-1-19 
[Backport 1.19] Set a cgroup if containerized
 2020-12-08 09:38:35 -08:00
Chris Kim 0ecec4424f When there is a defined cgroup for PID 1, assume we are containerized and set a root 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-12-07 13:16:08 -08:00
Brian Downs 8f9e5628c1
[release-1.19] go 1.15.5 (#2620) 
* update Go to 1.15.5

Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-12-04 17:04:10 -07:00
Jacob Blain Christen 4a8915348b
[release-1.19] containerd: v1.4.3-k3s1 (#2628) 
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2020-12-04 14:49:19 -07:00
Jacob Blain Christen 4eba6a7201
[migration k3s-io][release-1.19] drone: initial move to k3s-io (#2610) 
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2020-12-04 14:10:27 -07:00
Jacob Blain Christen 278df71679
[migration k3s-io][release-1.19] update k/k and nocode (#2571) 
This change set replaces these go.mod replacement directives with references to k3s-io repositories.

- rancher/kubernetes
- rancher/nocode

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2020-11-30 09:34:39 -07:00
Brad Davidson 2532c10faa Update Kubernetes to v1.19.4-k3s1 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-11-17 15:57:38 -08:00
Brad Davidson 234a642528 Clean up architecture handling 
* Remove unused release.sh and DAPPER_HOST_ARCH
* Reliably use ARCH from version.sh
* Export GOARCH and GOARM so that they are used by `go build`

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-11-17 15:57:38 -08:00
Brad Davidson 0e4fbfefe1 Update kine to v0.5.1 for compact fix 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-11-12 21:06:42 -08:00
Menna Elmasry 970fbc66d3
Merge pull request #2507 from dweomer/fix/2240/1.19/selinux-relabel-dev-shm-but-not-with-host-ipc 
[backport 1.19] cri: pull in updated /dev/shm fix
 2020-11-12 02:30:29 +02:00
Jacob Blain Christen 0b9f79f1f3 cri: pull in updated /dev/shm fix 
Do not relabel container /dev/shm when it is host /dev/shm.

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2020-11-11 17:03:37 -07:00
Brad Davidson 2990c4470c Add GH auth for Trivy 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-11-11 10:36:38 -08:00
Jacob Blain Christen 32c5918558
cri: bump to updated fork (#2486) 
Addresses rancher/k3s#2240

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
 2020-11-09 10:19:21 -07:00
Chris Kim 3fc6803658
Merge pull request #2457 from Oats87/fix-rpm-install-1.19 
[1.19 Backport] Support k3s-selinux rpm install more effectively
 2020-10-29 12:49:44 -04:00
Chris Kim 851767b8a2 Add additional conditional logic to install.sh to prevent errors on Fedora or systems when run as non-root 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-10-29 07:48:29 -07:00
Menna Elmasry f8a4547bec Merge pull request #2448 from MonzElmasry/new_b 
Make etcd use node private ip
 2020-10-28 16:40:15 -07:00
Ranjib Dey 18e8184252 remove duplicate systemd directives 
Signed-off-by: Ranjib Dey ranjib@linux.com
 2020-10-28 16:40:15 -07:00
Chris Kim 4e9f0e4275 Remove RPM publishing from .drone.yml 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson 8cdaf52980 Update kine to v0.5.0 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Chris Kim 68339ae00c Add iptable_nat to modprobe list 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-10-28 16:40:15 -07:00
Chris Kim 098966971a Add auto-install capability to install.sh for k3s-selinux 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-10-28 16:40:15 -07:00
Hussein Galal 701e45f42b skip node delete from removed member (#2413) 
* skip node delete from removed member

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* use grpc errors

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go imports

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* exit if node is the etcd that being removed

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson 085a3b2920 Make etcd voting members responsible for managing learners (#2399) 
* Set etcd timeouts using values from k8s instead of etcdctl
  Fix for one of the warnings from #2303
* Use etcd zap logger instead of deprecated capsnlog
  Fix for one of the warnings from #2303
* Remove member self-promotion code paths
* Add learner promotion tracking code
* Fix RaftAppliedIndex progress check
* Remove ErrGRPCKeyNotFound check
  This is not used by v3 API - it just returns a response with 0 KVs.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Jeremy Katz ffb02676bc Add information on reporting security issues 
Signed-off-by: Jeremy Katz <jeremy@tidelift.com>
 2020-10-28 16:40:15 -07:00
Brian Downs fd9dfba283 run go mod tidy 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-10-28 16:40:15 -07:00
Brian Downs be95bfe1b9 update kine to v0.4.1 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-10-28 16:40:15 -07:00
Erik Wilson c1002f0fc9 Use no_proxy env, add .svc and cluster domains 2020-10-28 16:40:15 -07:00
Erik Wilson e3eaba37c2 Add network policy controller CacheSyncOrTimeout 2020-10-28 16:40:15 -07:00
Erik Wilson ec015c9b3e Add event handlers to network policy controller 2020-10-28 16:40:15 -07:00
Erik Wilson 884ba6bb7b check-config: Remove NF_NAT_IPV4 and NF_NAT_NEEDED from kernel check 2020-10-28 16:40:15 -07:00
Erik Wilson f4c4d8c08d Add locking and verification for data directory extraction 2020-10-28 16:40:15 -07:00
Erik Wilson 9ad1786b3d Add file verification for data directory 2020-10-28 16:40:15 -07:00
Erik Wilson 1be79b461e Add Release function for flock 2020-10-28 16:40:15 -07:00
Erik Wilson d0c9d9bd5f Add flock from k8s.io/kubernetes/pkg/util/flock 2020-10-28 16:40:15 -07:00
Brad Davidson 879150d155 Add temporary fix for issue with interrupted etcd promote 
This is a minimal fix for https://github.com/rancher/rke2/issues/392

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Hussein Galal 64bfc7c8bc Allow for multiple etcd snapshot restoration (#2307) 
* add reset tmp file

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go imports

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix multiple lines string

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix typo

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* use resetFile function

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson 4a3f0e4928 Revert removal of EndpointName hooks (#2319) 
* Revert "Remove dead EndpointName code"
    This reverts commit 8025da5a8d.
* Fix docstrings based on proper understanding of use
 2020-10-28 16:40:15 -07:00
Brad Davidson 22f57cd84e Add timeout to clientaccess http client 
The default http client does not have an overall request timeout, so
connections to misbehaving or unavailable servers can stall for an
excessive amount of time. At the moment, just attempting to join
an unavailable cluster takes 2 minutes and 40 seconds to timeout.

Resolve that by setting a reasonable request timeout.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson ad981265c2 Split clientaccess token/kubeconfig code 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson e3431ffbf3 Simplify token parsing 
Improves readability, reduces round-trips to the join server to validate certs.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson 3d8118b4a3 Fix misc nits and missing/unused imports 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson dfe88df824 Add a bunch of doc comments 
Also change identical error messages to clarify where problems are
occurring.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson 491d1003ef Use const for kube-system namespace 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson 5e4edcb524 Fix etcd directory permissions 
Silences warning on startup about insecure directory permissions

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00
Brad Davidson 61dd185422 Rename etcd directory helpers to reduce confusion about which datadir we're talking about 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2020-10-28 16:40:15 -07:00