Commit Graph

2045 Commits (5ab6d21a7db824f77841157fde173f79b1d12bc3)

Author SHA1 Message Date
Brad Davidson 29483d0651 Initial update of netpol and utils from upstream
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-02-03 10:41:51 -08:00
Brad Davidson 740b654d47 Update containerd to fix AppArmor on SLES
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-29 16:33:33 -08:00
Brad Davidson 2555ffe9f8 Bump k3s-root to v0.8.0
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-26 15:54:48 -08:00
Akihiro Suda f3c41b7650 fix cgroup2 support
Fix issue 900

cgroup2 support was introduced in PR 2584, but got broken in f3de60ff31

It was failing with "F1210 19:13:37.305388    4955 server.go:181] cannot set feature gate SupportPodPidsLimit to false, feature is locked to true"

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2021-01-25 22:45:07 -08:00
Brad Davidson e8e34a549a Update k3s-root to v0.7.3
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-22 21:21:25 -08:00
Akihiro Suda 728ebcc027 rootless: remove rootful /run/{netns,containerd} symlinks
Since a recent commit, rootless mode was failing with the following errors:

```
E0122 22:59:47.615567      21 kuberuntime_manager.go:755] createPodSandbox for pod "helm-install-traefik-wf8lc_kube-system(9de0a1b2-e2a2-4ea5-8fb6-22c9272a182f)" failed: rpc error: code = Unknown desc = failed to create network namespace for sandbox "285ab835609387f82d304bac1fefa5fb2a6c49a542a9921995d0c35d33c683d5": failed to setup netns: open /var/run/netns/cni-c628a228-651e-e03e-d27d-bb5e87281846: permission denied
...
E0122 23:31:34.027814      21 pod_workers.go:191] Error syncing pod 1a77d21f-ff3d-4475-9749-224229ddc31a ("coredns-854c77959c-w4d7g_kube-system(1a77d21f-ff3d-4475-9749-224229ddc31a)"), skipping: failed to "CreatePodSandbox" for "coredns-854c77959c-w4d7g_kube-system(1a77d21f-ff3d-4475-9749-224229ddc31a)" with CreatePodSandboxError: "CreatePodSandbox for pod \"coredns-854c77959c-w4d7g_kube-system(1a77d21f-ff3d-4475-9749-224229ddc31a)\" failed: rpc error: code = Unknown desc = failed to create containerd task: io.containerd.runc.v2: create new shim socket: listen unix /run/containerd/s/8f0e40e11a69738407f1ebaf31ced3f08c29bb62022058813314fb004f93c422: bind: permission denied\n: exit status 1: unknown"
```

Remove symlinks to /run/{netns,containerd} so that rootless mode can create their own /run/{netns,containerd}.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2021-01-22 19:51:43 -08:00
Brad Davidson 071de833ae Fix typo in field tag
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-22 19:38:37 -08:00
Brad Davidson 8011697175 Only container-runtime-endpoint wants RuntimeSocket path as URI
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-22 18:56:30 -08:00
Yuriy 06fda7accf
Add functionality to bind custom IP address for Etcd metrics endpoint (#2750)
* Add functionality to bind custom IP address for Etcd metrics endpoint

Signed-off-by: yuriydzobak <yurii.dzobak@lotusflare.com>
2021-01-22 17:40:48 -08:00
Brad Davidson f152f656a0
Replace k3s cloud provider wrangler controller with core node informer (#2843)
* Replace k3s cloud provider wrangler controller with core node informer

Upstream k8s has exposed an interface for cloud providers to access the
cloud controller manager's node cache and shared informer since
Kubernetes 1.9. This is used by all the other in-tree cloud providers;
we should use it too instead of running a dedicated wrangler controller.

Doing so also appears to fix an intermittent issue with the uninitialized
taint not getting cleared on nodes in CI.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-22 16:59:48 -08:00
Brad Davidson fd991cb964 Improve sonobuoy status output handling
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-22 16:13:36 -08:00
Brad Davidson 97a606bac1 Update sonobuoy version for v1.20.0
Also drop the rancher-mirrored sonobuoy image since CI has a
pull-through image cache now.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-22 16:13:36 -08:00
Brian Downs 13229019f8
Add ability to perform an etcd on-demand snapshot via cli (#2819)
* add ability to perform an etcd on-demand snapshot via cli
2021-01-21 14:09:15 -07:00
David Nuzik 84f6655342
Merge pull request #2821 from MonzElmasry/mark_1.20.2
mark k3s v1.20.2 as stable
2021-01-21 09:18:46 -07:00
Waqar Ahmed 3ea696815b Do not validate snapshotter argument if docker is enabled
Problem:
While using ZFS on debian and K3s with docker, I am unable to get k3s working as the snapshotter value is being validated and the validation fails.

Solution:
We should not validate snapshotter value if we are using docker as it's a no-op in that case.

Signed-off-by: Waqar Ahmed <waqarahmedjoyia@live.com>
2021-01-20 12:25:28 -08:00
Chin-Ya Huang 2cf61689c5 Fix typo
Signed-off-by: Chin-Ya Huang <chin-ya.huang@suse.com>
2021-01-20 12:24:31 -08:00
MonzElmasry 4c8ebe2dfb
mark k3s v1.20.02 as stable
Signed-off-by: MonzElmasry <menna.elmasry@rancher.com>
2021-01-15 23:37:18 +02:00
Brad Davidson 1d4adb0301 Update Kubernetes to v1.20.2-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-13 21:31:53 -08:00
Brad Davidson 26d45287b6
Update helm-controller to v0.8.3 (#2793)
* Update helm-controller to v0.8.3
* Update klipper-helm image

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-11 12:09:39 -08:00
Erik Wilson c71060f288
Merge pull request #2744 from erikwilson/rke2-node-password-bootstrap
Bootstrap node password with local file
2021-01-11 09:51:30 -07:00
Menna Elmasry 5d6255df61
Merge pull request #2784 from MonzElmasry/etcd-dir
change etcd dir permission if it exists
2021-01-09 00:45:09 +02:00
MonzElmasry 86f68d5d62
change etcd dir permission if it exists
Signed-off-by: MonzElmasry <menna.elmasry@rancher.com>
2021-01-08 23:47:36 +02:00
JenTing Hsiao 3c7fd3d37b Fix normal user with --rootless or --disable-agent have no permission to start
Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com>
2021-01-08 00:47:18 -08:00
Erik Wilson 6dabf7ac61
Merge pull request #2526 from erikwilson/diagnostics-script
Add diagnostics collection
2021-01-05 11:57:53 -07:00
Brad Davidson 1bb026fd1f Add v1.20 channel and mark as stable
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-04 16:04:21 -08:00
JenTing Hsiao 578e116e20 Fix typo
Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com>
2021-01-04 11:11:50 -08:00
Erik Wilson 4245fd7b67 Return http.StatusOK instead of 0
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
2020-12-23 16:55:47 -07:00
Erik Wilson 2fb411fc83 Fix spelling mistake
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
2020-12-23 15:08:07 -07:00
Erik Wilson 09eb44ba53 Bootstrap node password with local file
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
2020-12-23 15:08:06 -07:00
JenTing Hsiao 57041f0239
Add codespell CI test and fix codespell error (#2740)
* Add codespell CI test
* Fix codespell error
2020-12-22 12:35:58 -08:00
Brad Davidson 2ea6b16315 Update stable charts URL
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-21 17:08:31 -08:00
Brad Davidson 5f53c0976c Expose failure if Traefik helm chart cannot be downloaded
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-21 17:08:31 -08:00
David Nuzik 9400a8e1d0
Merge pull request #2727 from k3s-io/davidnuzik-v1.19.5+k3s2-to-stable
mark v1.19.5+k3s2 as stable
2020-12-17 19:15:47 -07:00
David Nuzik 7ab1e1c084
mark v1.19.5+k3s2 as stable 2020-12-17 18:41:39 -07:00
Brad Davidson 8936cf577f Bump coredns to 1.8.0
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-17 15:20:19 -08:00
Brad Davidson d13f7fabd6 Fix incorrect kubernetes replacement fork in go.mod
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-16 14:35:11 -08:00
Brad Davidson 833422cab1 Add bash to curl image before running dispatch script
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-16 13:11:12 -08:00
Chris Kim 332fd73d46
Add support for both config-file and data-dir at a global level in the self-extracting wrapper for K3s (#2594)
* Add support for both config-file and data-dir at a global level in the self-extracting wrapper for K3s

Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-12-16 09:27:57 -08:00
Brad Davidson d672a4ae1a Wait longer for sonobuoy tests to start up
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-16 09:22:52 -08:00
Erik Wilson 5d5f33abc8
Merge pull request #2716 from brandond/fix_manfest
Fix manifest CI step
2020-12-16 10:18:33 -07:00
Brad Davidson d84bf75c3d Fix manifest CI step
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-16 00:59:25 -08:00
Erik Wilson 1230d7b7df Fix HA server initialization
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
2020-12-15 16:08:28 -08:00
Brad Davidson 8e4d3e645b Restore legacy master role for etcd nodes
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-15 15:15:46 -08:00
Brad Davidson 13d585059f Add registry mirrors for CI test step
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-15 13:57:18 -08:00
Brad Davidson ef9ad4f04d Clean up CI warnings/errors
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-15 10:54:59 -08:00
David Nuzik 2df9ec6771
Merge pull request #2702 from briandowns/update_channel_server
update stable version
2020-12-14 09:51:42 -07:00
Brian Downs 0dfab2b30a update stable version
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-12-14 09:40:26 -07:00
Jacob Blain Christen bae2607fd9
fix the k3s-upgrade dispatch (#2679)
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-10 14:31:44 -07:00
Brad Davidson 9b62903ae3 Update CODEOWNERS for k3s-io move
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-10 08:52:22 -08:00
Chris Kim fbe89176e1
Merge pull request #2668 from Oats87/issues/k3s/2548-mst-suppl2
Set kubelet-cgroups if we detect we are running under a `.scope`
2020-12-09 17:07:27 -08:00