Commit Graph

1770 Commits (5bf4d9f687879b2200a62f71d7c0edb3a67836ef)

Author SHA1 Message Date
Akihiro Suda 27e64c72a1 rancher/k3s-root -> k3s-io/k3s-root
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 11:00:00 -08:00
Akihiro Suda 679e4df1b0 Bump k3s-root to v0.7.1
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 11:00:00 -08:00
Akihiro Suda eb72d509ce pkg/agent/config: validate containerd snapshotter value
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 11:00:00 -08:00
Akihiro Suda 05f6255437 add fuse-overlayfs snapshotter (mainly for rootless mode)
Ubuntu and Debian kernels support mounting real overlayfs inside userns,
but the vanilla kernel still does not allow it.

OTOH fuse-overlayfs can be mounted inside userns with the vanilla kernel (>= 4.18).

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 11:00:00 -08:00
Akihiro Suda 43f7eaedf8 rootless: fix "stat /run/user/1000: no such file or directory" on `kubectl run`
k3s was mounting a tmpfs on `/run` by itself, so it was hiding RootlessKit's `/run`.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 10:31:21 -08:00
Akihiro Suda 67410d2757 rootless: validate sysctl before starting up
Fix #2420

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 09:21:39 -08:00
Jacob Blain Christen 3647654fe4
[migration k3s-io] update helm-controller dependency (#2569)
rancher/helm-controller ➡️ k3s-io/helm-controller

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-01 08:59:10 -07:00
Jacob Blain Christen b4a51f2b9a
[migration k3s-io] update flannel and go-powershell replace directives (#2576)
rancher/flannel ➡️ k3s-io/flannel
rancher/go-powershell ➡️ k3s-io/go-powershell

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-01 08:12:18 -07:00
Jacob Blain Christen 898fd0848f
[migration k3s-io] update etcd replace directive (#2578)
rancher/etcd ➡️ k3s-io/etcd

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-01 08:08:58 -07:00
Akihiro Suda 0b45e32486 Support cgroup v2
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-11-30 22:57:37 -08:00
Jacob Blain Christen 36230daa86
[migration k3s-io] update kine dependency (#2568)
rancher/kine ➡️ k3s-io/kine

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-30 16:45:22 -07:00
David Nuzik ff5a6fe3dd
Merge pull request #2605 from davidnuzik/add-davidnuzik-to-maintainers
Add davidnuzik (David Nuzik) to the list of maintainers
2020-11-30 11:52:25 -07:00
David Nuzik 0ac7497f1e Add davidnuzik (David Nuzik) to the list of maintainers
Signed-off-by: David Nuzik <david.nuzik@rancher.com>
2020-11-30 11:45:38 -07:00
David Nuzik 0b394ecd39
Merge pull request #2604 from Oats87/add-oats87-to-maintainers
Add Oats87 (Chris Kim) to the list of maintainers for K3s
2020-11-30 11:39:28 -07:00
Chris Kim 5136abbd80 Add Oats87 (Chris Kim) to the list of maintainers for K3s
Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-11-30 10:23:28 -08:00
David Nuzik 3d8a8b5d60
Merge pull request #2575 from MonzElmasry/update_stable
Mark v1.19.4+k3s1 as stable
2020-11-30 11:08:58 -07:00
Jacob Blain Christen cc32e2f9a0
[migration k3s-io] update containerd, cri, and cri-tools replace directives (#2591)
- rancher/cri ➡️ k3s-io/cri
- rancher/cri-tools ➡️ k3s-io/cri-tools
- rancher/containerd ➡️ k3s-io/containerd

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-30 10:40:54 -07:00
Jacob Blain Christen f88d93db37
[migration k3s-io] go.mod replace kubernetes/kubernetes (#2567)
This change set replaces these go.mod replacement directives with references to k3s-io repositories.

- rancher/kubernetes
- rancher/nocode

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-30 09:39:38 -07:00
MonzElmasry 0399d17ebb
update stable release to v1.19.4+k3s1
Signed-off-by: MonzElmasry <menna.elmasry@rancher.com>
2020-11-23 20:52:20 +02:00
Brad Davidson 5896fb06c2 Update Kubernetes to v1.19.4-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-18 15:25:39 -08:00
Brad Davidson 10474638d7 Clean up architecture handling
* Remove unused release.sh and DAPPER_HOST_ARCH
* Reliably use ARCH from version.sh
* Export GOARCH and GOARM so that they are used by `go build`

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-18 15:25:39 -08:00
Chris Kim cb5b9edf32
Merge pull request #2536 from Oats87/issues/k3s/2517-2518
Enhance install.sh to help with k3s upgrade and uninstall scenarios
2020-11-18 09:23:52 -08:00
Chris Kim 25d2ce435b
Update install.sh
Change from file check to yum check for uninstall script

Co-authored-by: Jacob Blain Christen <dweomer5@gmail.com>
2020-11-17 09:08:38 -08:00
Chris Kim 66d87698fd Enhance install.sh to help with k3s upgrade and uninstall scenarios for k3s-selinux
Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-11-16 13:57:07 -08:00
David Nuzik 316ff1f324 Update stable channel to v1.19.3+k3s3
* v1.19.3+k3s3 contains a critical fix for kine. Refer to the release notes for details.

Signed-off-by: David Nuzik <david.nuzik@rancher.com>
2020-11-13 00:41:00 -07:00
Brad Davidson ea312a303e Update kine to v0.5.1 for compact fix
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-12 19:46:22 -08:00
Jacob Blain Christen 2c666af483
cri: pull in updated /dev/shm fix (#2506)
Do not relabel container /dev/shm when it is host /dev/shm.

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-11 17:08:59 -07:00
Brad Davidson b873d3a03b Explicitly set agent paths within --data-dir
Removing the cfg.DataDir mutation in 3e4fd7b did not break anything, but
did change some paths in unwanted ways. Rather than mutating the
user-supplied command-line flags, explicitly specify the agent
subdirectory as needed.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-11 09:26:41 -08:00
Brad Davidson 58b5b21f0d Don't pass cloud-provider flag to controller-manager
As per documentation, the cloud-provider flag should not be passed to
controller-manager when using cloud-controller. However, the legacy
cloud-related controllers still need to be explicitly disabled to
prevent errors from being logged.

Fixing this also prevents controller-manager from creating the
cloud-controller-manager service account that needed extra RBAC.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-09 13:55:09 -08:00
Brad Davidson c72c1867d8 Add GH auth for Trivy
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-09 12:30:39 -08:00
David Nuzik 8e05adc6b5
Merge pull request #2487 from brandond/v1.19.3+k3s2-stable
Mark the latest v1.19.x release as stable
2020-11-09 12:15:02 -07:00
Jacob Blain Christen ce5c8efbcf
cri: bump to updated fork (#2478)
Addresses rancher/k3s#2240

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-09 10:19:00 -07:00
Brad Davidson 95c0118ba7 Mark the latest v1.19.x release as stable
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-06 16:21:02 -08:00
Brad Davidson fcb864a5e2
Update sonobuoy version and use rancher mirrored image (#2482)
* Update sonobuoy version
* Use upstream tag for Kubernetes version instead of replacement tag
    Allows building against upstream alpha/beta/rc releases
* Use env variable for sonobuoy version
* Bump version for QA e2e tests

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-06 13:33:31 -08:00
Brad Davidson 50ea2d8164 Fix size check and make script shell consistent
Related to #2205

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-05 15:51:10 -08:00
Brad Davidson 3e4fd7b41f Respect --data-dir path for crictl.yaml
Related to rancher/rke2#474

Note that anyone who customizes the data-dir path will have to set
CRI_CONFIG_FILE to the correct path when using the wrapped binaries
(crictl, etc). This is better than dropping files in the incorrect
location.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-05 15:51:10 -08:00
Brad Davidson f50e3140f9 Disable configure-cloud-routes and external service/route programming support when using k3s stub cloud controller
Resolves warning 3 from #2471

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-05 15:51:10 -08:00
Brad Davidson 31575e407a Add Cluster ID support to k3s stub cloud controller
Resolves warning 2 from #2471.

As per https://github.com/kubernetes/cloud-provider/issues/12 the
ClusterID requirement was never really followed through on, so the
flag is probably going to be removed in the future.

One side-effect of this is that the core k8s cloud-controller-manager
also wants to watch nodes, and needs RBAC to do so.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-05 15:51:10 -08:00
Brad Davidson 5b318d093f Fix containerd sock path warning
Resolves warning 1 from #2471

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-05 15:51:10 -08:00
Brad Davidson d1424626ac Disable containerd experimental snapshot labels
Related to #2455 and containerd/containerd#4684

These were not meant to be enabled by default, break images with many
layers, and will be disabled by default on the next containerd release.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-05 15:51:10 -08:00
Erik Wilson 992ca52c31
Enable go test in ci 2020-11-05 09:48:53 -07:00
Erik Wilson 92d04355f4
Use secrets for node-passwd entries and cleanup 2020-11-05 09:48:53 -07:00
Brad Davidson 3b8ec74049 Update disables list when building with no_stage
The --disable/--no-deploy flags actually turn off some built-in
controllers, in addition to preventing manifests from getting loaded.
Make it clear which controllers can still be disabled even when the
packaged components are ommited by the no_stage build tag.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-04 13:39:45 -08:00
Chris Kim ea916030c2
Merge pull request #2456 from Oats87/fix-rpm-install
Support k3s-selinux rpm install more effectively
2020-10-29 12:49:18 -04:00
Chris Kim a8275838d5 Add additional conditional logic to install.sh to prevent errors on Fedora or systems when run as non-root
Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-10-29 07:30:03 -07:00
Euan Kemp 0521756dd9 Use 'rm' from path in go generate
/bin/rm is less portable. On some distros, like nixos, it doesn't exist
at all.

Signed-off-by: Euan Kemp <euank@euank.com>
2020-10-29 00:07:46 -07:00
Menna Elmasry 523ccaf3f2
Merge pull request #2448 from MonzElmasry/new_b
Make etcd use node private ip
2020-10-29 00:23:56 +02:00
Ranjib Dey dcff6e7047 remove duplicate systemd directives
Signed-off-by: Ranjib Dey ranjib@linux.com
2020-10-28 14:53:01 -07:00
MonzElmasry e8436cc76b
Make etcd use node private ip
Signed-off-by: MonzElmasry <menna.elmasry@rancher.com>
2020-10-28 23:45:24 +02:00
Chris Kim 05d775b31e
Merge pull request #2441 from Oats87/disable-rpm
Disable RPM publishing
2020-10-28 16:07:53 -04:00