Commit Graph

1246 Commits (689c2726e202e0f23fbe25eefe3cc95e21685c7d)

Author SHA1 Message Date
Erik Wilson 689c2726e2
Merge pull request #1787 from St0rmingBr4in/move-contrib-ansible
contrib/ansible: Remove duplication and redirect to new repository
2020-05-12 10:17:55 -07:00
Julien DOCHE 55cca7bba3 contrib/ansible: Remove duplication and redirect to new repository
Signed-off-by: Julien DOCHE <julien.doche@gmail.com>
2020-05-12 17:47:20 +02:00
Craig Jellick 773b8becc6
Merge pull request #1783 from cjellick/code-of-conduct
add code of conduct
2020-05-11 08:05:52 -07:00
Craig Jellick 2bd339f7c8 add code of conduct 2020-05-11 06:12:16 -07:00
Darren Shepherd 904af8fce7
Merge pull request #1765 from csschwe/support_tls_min_version
Feature Request #1741: Adding support for tls minimum version
2020-05-07 08:24:10 -07:00
Chuck Schweizer ca9c9c2e1e Adding support for TLS MinVersion and CipherSuites
This will watch for the following kube-apiserver-arg variables and apply
them to the k3s kube-apiserver https listener.

  --kube-apiserver-arg=tls-cipher-suites=XXXXXXX
  --kube-apiserver-arg=tls-min-version=XXXXXXX
2020-05-07 09:27:09 -05:00
Darren Shepherd cb4b34763e
Merge pull request #1759 from ibuildthecloud/background
Start kube-apiserver in the background
2020-05-06 21:50:48 -07:00
Darren Shepherd e5fe184a44
Merge pull request #1757 from ibuildthecloud/separate-port
Add supervisor port
2020-05-06 21:32:45 -07:00
Darren Shepherd 072396f774 Start kube-apiserver in the background
In rke2 everything is a static pod so this causes a chicken and egg situation
in which we need the kubelet running before the kube-apiserver can be
launched.  By starting the apiserver in the background this allows us to
do this odd bootstrapping.
2020-05-06 21:17:23 -07:00
Craig Jellick 359b2ba790
Merge pull request #1769 from cjellick/channel-18
Add channels for 1.18
2020-05-06 18:08:25 -07:00
Craig Jellick 004e00b34f Add channels for 1.18 2020-05-06 17:43:39 -07:00
Craig Jellick ad4c542ad5
Merge pull request #1735 from stellirin/performance
[systemd] Add value to LimitNOFILE due to performance problems
2020-05-06 16:37:37 -07:00
Darren Shepherd f38082673d
Merge pull request #1753 from ibuildthecloud/prepull
Support prepulling images on start
2020-05-05 22:11:52 -07:00
Darren Shepherd 74bcf4da0b
Merge pull request #1756 from ibuildthecloud/less-logging
Only echo Waiting for kubelet every 30 seconds
2020-05-05 22:07:50 -07:00
Darren Shepherd b86256bf65
Merge pull request #1696 from ibuildthecloud/executor
Encapsulate execution logic
2020-05-05 16:01:31 -07:00
Darren Shepherd 2f5ee914f9 Add supervisor port
In k3s today the kubernetes API and the /v1-k3s API are combined into
one http server.  In rke2 we are running unmodified, non-embedded Kubernetes
and as such it is preferred to run k8s and the /v1-k3s API on different
ports.  The /v1-k3s API port is called the SupervisorPort in the code.

To support this separation of ports a new shim was added on the client in
then pkg/agent/proxy package that will launch two load balancers instead
of just one load balancer.  One load balancer for 6443 and the other
for 9345 (which is the supervisor port).
2020-05-05 15:54:51 -07:00
Darren Shepherd afd6f6d7e7 Encapsulate execution logic
This moves all the calls to cobra root commands to one package
so that we can change the behavior of running components as embedded
or external.
2020-05-05 15:34:32 -07:00
Darren Shepherd 61ba9171ce Only echo Waiting for kubelet every 30 seconds
Don't print a message every second while we are waiting for the
kubelet to report Ready.
2020-05-05 15:23:18 -07:00
Darren Shepherd 1d05e99769
Merge pull request #1752 from ibuildthecloud/disable-ccm
Don't write ccm.yaml if --disable-cloud-controller is set
2020-05-05 15:11:10 -07:00
Darren Shepherd 6932d03bb4 Support prepulling images on start
In the agent/images folder if a .txt file is found it is assumed to
be a line separated list of image names to pull on start.
2020-05-05 14:45:39 -07:00
Darren Shepherd 70ddc799bd
Merge pull request #1691 from ibuildthecloud/staticpod
Suppport static pods at ${datadir}/agent/staticpods
2020-05-05 14:35:45 -07:00
Darren Shepherd 341895c322 Don't write ccm.yaml if --disable-cloud-controller is set 2020-05-05 13:01:52 -07:00
Darren Shepherd 8c7fbe3dde Suppport static pods at ${datadir}/agent/pod-manifests 2020-05-05 12:43:47 -07:00
Erik Wilson 39c3854648
Merge pull request #1720 from ilknarf/master
remove redundant Sprintf
2020-05-04 20:50:58 -07:00
Erik Wilson c71561129e
Merge pull request #1716 from ibuildthecloud/debugpublic
Make debug variable public to be used by wrapper programs
2020-05-04 20:50:36 -07:00
Erik Wilson 6d785b8627
Merge pull request #1736 from oliviermichaelis/replace-deprecated
Replace deprecated option
2020-05-04 20:29:53 -07:00
Erik Wilson c941e1d0bb
Merge pull request #1695 from ibuildthecloud/kubeproxy
Add ability to disable kubeproxy
2020-05-04 20:26:22 -07:00
Erik Wilson df1725cb06
Merge pull request #1694 from ibuildthecloud/inittwice
Allow InitLogging to be called twice
2020-05-04 20:22:04 -07:00
Erik Wilson 2fb5bad3e8
Merge pull request #1704 from ibuildthecloud/x509-admin
No longer use basic auth for default admin account
2020-05-04 20:21:12 -07:00
Erik Wilson 21eabd902b
Merge pull request #1693 from ibuildthecloud/disableditem
Move disabled items to a const to keep more consistency
2020-05-04 20:16:42 -07:00
Erik Wilson 21266bab7e
Merge pull request #1692 from ibuildthecloud/err
Check for error on mkdir
2020-05-04 20:16:20 -07:00
Erik Wilson ed8cd9250b
Merge pull request #1690 from ibuildthecloud/flannel
Only need to resolve the path of host-local if Flannel is enabled
2020-05-04 20:15:59 -07:00
Erik Wilson 47bb0939e6
Merge pull request #1611 from Dirbaio/master
Correctly quote auth strings in containerd config. For #1610
2020-05-04 19:27:17 -07:00
Erik Wilson c769bb115a
Merge pull request #1500 from joakimr-axis/joakimr-axis_package-cli
package-cli: Remove redundant rm -rf build/data
2020-05-04 19:24:21 -07:00
Erik Wilson 698e444a03
Merge pull request #1742 from dweomer/runc/replace-rc10
runc: bump to rc10
2020-05-04 18:36:06 -07:00
Jacob Blain Christen 4949da46f1 runc: bump to rc10
- [CVE-2019-19921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921)

See https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc10
2020-05-04 18:11:25 -07:00
Erik Wilson c900a251a2
Merge pull request #1745 from erikwilson/upgrade-helm-controller
Upgrade helm-controller v0.6.0
2020-05-04 17:52:25 -07:00
Erik Wilson cafd10eb50 Upgrade helm-controller v0.6.0 2020-05-04 17:27:21 -07:00
Erik Wilson 202a2ae482 Check for correct go vendoring 2020-05-04 17:26:05 -07:00
Erik Wilson a013f7dda5
Merge pull request #1740 from erikwilson/bump-cri
Bump cri to 1.3.0-k3s6
2020-05-04 10:39:58 -07:00
Erik Wilson c50e261408
Merge pull request #1739 from briandowns/README_update
update readme
2020-05-04 10:39:46 -07:00
Erik Wilson 82cb820a1a
Merge pull request #1737 from erikwilson/bump-k3s-root
Bump k3s-root to 0.4.1
2020-05-04 10:39:26 -07:00
Erik Wilson e0bf7a053a Bump cri to 1.3.0-k3s6 2020-05-04 10:11:48 -07:00
Brian Downs 08fec686fd update readme 2020-05-04 10:11:42 -07:00
Darren Shepherd 470ffca5d7 Update README, fix out of date information 2020-05-04 09:51:25 -07:00
David Nuzik de48f0c43d
Merge pull request #1730 from geerlingguy/1729-ansible-changed
Fixes #1729: Use 'is changed' instead of non-existent changed filter.
2020-05-04 09:36:38 -07:00
David Nuzik b6fe30ac20
Merge pull request #1731 from geerlingguy/fix-ansible-readme-typo
Fix typo in Ansible README file scp command.
2020-05-04 09:32:32 -07:00
Erik Wilson 5d77f24e7e Bump k3s-root to 0.4.1 2020-05-04 09:18:35 -07:00
omichaelis e629fd381d
Replace deprecated option
The option --no-deploy was deprecated by
0374c4f63d
and is now replaced in the install.sh documentation by --disable

Signed-off-by: omichaelis <38879457+oliviermichaelis@users.noreply.github.com>
2020-05-03 18:26:59 +02:00
Adam Farden b4335630b7 [systemd] Add value to LimitNOFILE due to performance problems
When k3s is installed on an OS with default high ulimits, performance
issues can be observed. This was discovered on CoreOS where the default
value is 1073741816. Symptoms include very slow file operations such
as installing a Rook/Ceph cluster will take ~6 hours instead of ~10 minutes.

A google search for 'container LimitNOFILE' will show that most major
projects set this already, including the (unused) containerd systemd unit
found in this repository at /vendor/github.com/containerd/containerd/containerd.service

k3OS is not affected becuasse the default there is already 1048576.

See description in coreos/fedora-coreos-tracker#329
2020-05-03 09:37:00 +02:00