github/k3s - k3s - https://git.xinac.net

Commit Graph

Author	SHA1	Message	Date
Brad Davidson	bc60ff79f6	Set kine EmulatedETCDVersion from embedded etcd version Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-11-05 09:07:11 -08:00
Brad Davidson	c9e7b05971	Bump kine Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-10-03 10:54:03 -07:00
Brad Davidson	c36db53e54	Add etcd s3 config secret implementation * Move snapshot structs and functions into pkg/etcd/snapshot * Move s3 client code and functions into pkg/etcd/s3 * Refactor pkg/etcd to track snapshot and s3 moves * Add support for reading s3 client config from secret * Add minio client cache, since S3 client configuration can now be changed at runtime by modifying the secret, and don't want to have to create a new minio client every time we read config. * Add tests for pkg/etcd/s3 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-07-10 13:13:55 -07:00
Katherine Door	7a0ea3c953	Add write-kubeconfig-group flag to server (#9233 ) * Add write-kubeconfig-group flag to server * update kubectl unable to read config message for kubeconfig mode/group Signed-off-by: Katherine Pata <me@kitty.sh>	2024-05-30 23:45:34 -07:00
Brad Davidson	ff679fb3ab	Refactor supervisor listener startup and add metrics * Refactor agent supervisor listener startup and authn/authz to use upstream auth delegators to perform for SubjectAccessReview for access to metrics. * Convert spegel and pprof handlers over to new structure. * Promote bind-address to agent flag to allow setting supervisor bind address for both agent and server. * Promote enable-pprof to agent flag to allow profiling agents. Access to the pprof endpoint now requires client cert auth, similar to the spegel registry api endpoint. * Add prometheus metrics handler. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-05-28 16:24:57 -07:00
Hussein Galal	144f5ad333	Kubernetes V1.30.0-k3s1 (#10063 ) * kubernetes 1.30.0-k3s1 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update go version to v1.22.2 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update dynamiclistener and helm-controller Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update go in go.mod to 1.22.2 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update go in Dockerfiles Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update cri-dockerd Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Add proctitle package with linux and windows constraints Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * go mod tidy Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Fixing setproctitle function Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update dynamiclistener to v0.6.0-rc1 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> --------- Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2024-05-06 19:42:27 +03:00
Derek Nola	6a42c6fcfe	Remove old pinned dependencies (#9806 ) Signed-off-by: Derek Nola <derek.nola@suse.com>	2024-03-28 10:09:48 -07:00
Vitor Savian	5d69d6e782	Add tls for kine Signed-off-by: Vitor Savian <vitor.savian@suse.com> Bump kine Signed-off-by: Vitor Savian <vitor.savian@suse.com> Add integration tests for kine with tls Signed-off-by: Vitor Savian <vitor.savian@suse.com>	2024-03-28 11:12:07 -03:00
Brad Davidson	edb0440017	Fix etcd snapshot reconcile for agentless nodes Disable cleanup of orphaned snapshots and patching of node annotations if running agentless Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-03-27 16:44:36 -07:00
Vitor Savian	3f649e3bcb	Add a new error when kine is with disable apiserver or disable etcd Signed-off-by: Vitor Savian <vitor.savian@suse.com>	2024-03-27 10:59:34 -03:00
Derek Nola	fae41a8b2a	Rename AgentReady to ContainerRuntimeReady for better clarity Signed-off-by: Derek Nola <derek.nola@suse.com>	2024-02-21 12:21:19 -08:00
Brad Davidson	de825845b2	Bump kine and set NotifyInterval to what the apiserver expects Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-02-09 14:22:38 -08:00
Brad Davidson	8224a3a7f6	Fix ipv6 endpoint address selection for on-demand snapshots Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-02-06 18:02:36 -08:00
Brad Davidson	37e9b87f62	Add embedded registry implementation Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-01-09 15:23:05 -08:00
Brad Davidson	ef90da5c6e	Add server CLI flag and config fields for embedded registry Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-01-09 15:23:05 -08:00
Brad Davidson	b297996b92	Add runtime checking of golang version Forces other groups packaging k3s to intentionally choose to build k3s with an unvalidated golang version Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-01-04 17:22:46 -08:00
Hussein Galal	9411196406	Update flannel to v0.24.0 and remove multiclustercidr flag (#9075 ) * update flannel to v0.24.0 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * remove multiclustercidr flag Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> --------- Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2023-12-20 00:25:38 +02:00
Hussein Galal	7101af36bb	Update Kubernetes to v1.29.0+k3s1 (#9052 ) * Update to v1.29.0 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update to v1.29.0 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update go to 1.21.5 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update golangci-lint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update flannel to 0.23.0-k3s1 This update uses k3s' fork of flannel to allow the removal of multicluster cidr flag logic from the code Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix flannel calls Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update cri-tools to version v1.29.0-k3s1 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Remove GOEXPERIMENT=nounified from arm builds Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Skip golangci-lint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Fix setup logging with newer go version Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Move logging flags to components arguments Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * add sysctl commands to the test script Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update scripts/test Signed-off-by: Brad Davidson <brad@oatmail.org> * disable secretsencryption tests Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> --------- Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> Signed-off-by: Brad Davidson <brad@oatmail.org> Co-authored-by: Brad Davidson <brad@oatmail.org>	2023-12-19 05:14:02 +02:00
Hussein Galal	f5920d7864	Add warning for multiclustercidr flag (#8758 ) Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2023-11-14 01:27:52 +02:00
Roberto Bonafiglia	ced25af5b1	Fixed tailscale node IP dualstack mode in case of IPv4 only node Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2023-10-09 15:17:33 +02:00
Manuel Buil	f2c7117374	Take IPFamily precedence based on order Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-09-29 11:04:15 +02:00
Manuel Buil	0b23a478cf	ipFamilyPolicy:PreferDualStack for coredns and metrics-server Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-09-29 10:10:43 +02:00
Manuel Buil	4dd45b3142	Merge pull request #8439 from manuelbuil/fixGofmt Fix gofmt error	2023-09-26 19:14:07 +02:00
Vitor Savian	b6ab24c4fd	Added error when cluster reset while using server flag Signed-off-by: Vitor Savian <vitor.savian@suse.com>	2023-09-26 11:00:37 -03:00
Manuel Buil	172a7f1d1a	Fix gofmt error Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-09-26 11:09:03 +02:00
Manuel Buil	8c197bdce4	Include the interface name in the error message Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-09-25 07:55:49 +02:00
Brad Davidson	cba9f0d142	Add new CLI flag to disable TLS SAN CN filtering Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-08-29 08:33:45 -07:00
Hussein Galal	af50e1b096	Update to v1.28.0-k3s1 (#8199 ) * Update to v1.28.0 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update golang to v1.20.7 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more changes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update wrangler Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update wrangler Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix nodepassword test Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix nodepassword test Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * disable CGO before running golangci-lint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * execlude CGO Enabled checks Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Ignore reapply change error with logging Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update google api client Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> --------- Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2023-08-23 00:09:31 +03:00
Vitor Savian	c97211866a	Fix for cluster-reset backup from s3 when etcd snapshots are disabled (#8155 ) * Fixed when the user disable the etcd snapshots, but want to backup from s3 Signed-off-by: Vitor <vitor.savian@suse.com>	2023-08-10 12:23:10 -03:00
Manuel Buil	59eec78c62	Fix tailscale bug with ip modes Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-08-01 09:43:25 +02:00
Manuel Buil	6c44b06e0a	Merge pull request #7838 from manuelbuil/ipv4ipv6tailscale Check if we are on ipv4, ipv6 or dualStack when doing tailscale	2023-07-06 11:11:26 +02:00
Manuel Buil	f21a01474d	Check if we are on ipv4, ipv6 or dualStack when doing tailscale Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-07-03 10:48:59 +02:00
Vitor Savian	0809187cff	Adding cli to custom klipper helm image (#7682 ) Adding cli to custom klipper helm image Signed-off-by: Vitor Savian <vitor.savian@suse.com>	2023-06-28 15:31:58 +00:00
Manuel Buil	869e030bdd	VPN PoC Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-06-09 12:39:33 +02:00
Derek Nola	b0188f5a13	Test Coverage Reports for E2E tests (#7526 ) * Move coverage writer into agent and server * Add coverage report to E2E PR tests * Add codecov upload to drone Signed-off-by: Derek Nola <derek.nola@suse.com>	2023-06-05 14:15:17 -07:00
Manuel Buil	437ad128c7	Migrate netutil methods into /utils/net.go Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-05-04 16:49:16 +02:00
Derek Nola	d5f560360e	Handle multiple arguments with StringSlice flags (#7380 ) * Add helper function for multiple arguments in stringslice Signed-off-by: Derek Nola <derek.nola@suse.com> * Cleanup server setup with util function Signed-off-by: Derek Nola <derek.nola@suse.com>	2023-05-02 09:55:48 -07:00
Brad Davidson	31a6386994	Improve egress selector handling on agentless servers Don't set up the agent tunnel authorizer on agentless servers, and warn when agentless servers won't have a way to reach in-cluster endpoints. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-04-28 11:24:34 -07:00
Roberto Bonafiglia	15ee88964b	Added multiClusterCidr feature Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2023-03-14 18:30:52 +01:00
Brad Davidson	3d146d2f1b	Allow for multiple sets of leader-elected controllers Addresses an issue where etcd controllers did not run on etcd-only nodes Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-10 10:46:48 -08:00
Brad Davidson	32d62c5786	Use default address family when adding kubernetes service address to SAN list Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-09 15:17:21 -08:00
Brad Davidson	8340b54309	Pass through default tls-cipher-suites Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-01-12 14:51:04 -08:00
Derek Nola	d723775792	Remove deprecated flags in v1.26 (#6574 ) * Remove NoFlannel * Remove cluster-secret * Remove no-deploy * Remove disable-selinux * Convert wireguard to fatal error * Remove reference to no-op K3S_CLUSTER_SECRET Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-12-05 14:01:01 -08:00
Brad Davidson	56bf7d6ad3	Allow agent to run rootless Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-21 15:23:30 -08:00
Brad Davidson	6f2b21c5cd	Add rootless IPv6 support Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-21 15:23:30 -08:00
Brad Davidson	f2585c1671	Add --flannel-external-ip flag Using the node external IP address for all CNI traffic is a breaking change from previous versions; we should make it an opt-in for distributed clusters instead of default behavior. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-24 10:10:49 -07:00
Brad Davidson	d963cb2f70	Disable cloud-node and cloud-node-lifecycle if CCM is disabled If CCM and ServiceLB are both disabled, don't run the cloud-controller-manager at all; this should provide the same CLI flag behavior as previous releases, and not create problems when users disable the CCM but still want ServiceLB. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-09-30 08:17:20 -07:00
Brad Davidson	a15e7e8b68	Move DisableServiceLB/Rootless/ServiceLBNamespace into config.Control Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-09-30 08:17:20 -07:00
Derek Nola	1d46841d80	Fix deprecation message Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-09-09 09:07:40 -07:00
Derek Nola	cd49101fc8	Convert deprecated flags to fatal errors for v1.25 (#6069 ) * Replace warning with fatal errors. * Group system-default-registry under (agent/runtime) Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-09-01 09:33:59 -07:00

1 2 3 4

194 Commits (67fd5fa9e5319e0880dd24d4dd188184e923b954)