Commit Graph

1246 Commits (689c2726e202e0f23fbe25eefe3cc95e21685c7d)

Author SHA1 Message Date
galal-hussein 388cd9c4e8 Add secret encryption configuration 2019-12-23 13:16:27 +02:00
Darren Shepherd 12c3d74a53
Merge pull request #1231 from galal-hussein/update_ccm_permissions
Add lease permissions to ccm cluster role
2019-12-21 08:54:50 -07:00
Darren Shepherd 9bda58c81a Fix uint64 truncation issue in dqlite 2019-12-21 08:51:39 -07:00
galal-hussein 07d4c1510d Add lease permissions to ccm cluster role 2019-12-21 04:41:24 +02:00
Erik Wilson 5c37454762
Merge pull request #1198 from narqo/tunel-addr-join-host-port
Respect IPv6 when building proxy address
2019-12-19 15:20:12 -07:00
Erik Wilson 87a5bd4901
Merge pull request #1223 from erikwilson/wireguard-peer-keepalive
Set wireguard persistent-keepalive on wg set peer
2019-12-19 14:56:35 -07:00
Erik Wilson 9b2538c2c4 Set wireguard persistent-keepalive on wg set peer 2019-12-19 14:54:48 -07:00
Erik Wilson 7b26156421
Merge pull request #1222 from erikwilson/revert-wireguard-keepalive
Revert "Merge pull request #1190 from erikwilson/wireguard-keepalive"
2019-12-19 14:43:57 -07:00
Erik Wilson 3376f31fc2 Revert "Merge pull request #1190 from erikwilson/wireguard-keepalive"
This reverts commit e712cdf7e8, reversing
changes made to d5929bc8c8.

Wireguard docs fail to describe that persistent-keepalive is only valid
when peer is set.
2019-12-19 14:41:38 -07:00
Erik Wilson 1c905b42ab
Merge pull request #1220 from galal-hussein/update_helmcontroller
Update helm controller and vendor udpate
2019-12-19 14:37:25 -07:00
galal-hussein b624e3631a Update helm controller and vendor udpate 2019-12-19 23:12:48 +02:00
Vladimir Varankin 0c5299c951 pkg/agent/tunnel: respect ipv6 when building proxy addresses 2019-12-19 12:08:07 +01:00
galal-hussein ab273a7f1c update helm controller 2019-12-18 19:12:06 -07:00
Erik Wilson 0f92707432
Merge pull request #1214 from erikwilson/fix-tag-version
Fix missing version for tags
2019-12-17 23:29:43 -07:00
Erik Wilson 178898f969 Fix missing version for tags 2019-12-17 23:29:05 -07:00
Erik Wilson b43c8e4574
Merge pull request #1213 from erikwilson/containerd-patch-3889
Apply containerd patch 3889
2019-12-17 22:55:26 -07:00
Erik Wilson 6875b11dd2 Fix identity_token -> identitytoken for containerd toml 2019-12-17 21:14:05 -07:00
Erik Wilson 52c8e8d5c5 Containerd patch 3889 2019-12-17 21:13:52 -07:00
Darren Shepherd 14aa455eff
Merge pull request #1208 from erikwilson/cleanup-k8s-versioning
Cleanup k8s versioning
2019-12-17 16:55:48 -07:00
Darren Shepherd ba30690c18
Merge pull request #1207 from ibuildthecloud/kine-fix2
Kine fix
2019-12-17 15:22:13 -07:00
Erik Wilson e72e9e3daa Cleanup k8s versioning 2019-12-17 12:21:47 -07:00
Darren Shepherd 1004f5b0be Update vendor for kine fix 2019-12-17 09:01:32 -07:00
Darren Shepherd 96afc5fde4
Merge pull request #1205 from ibuildthecloud/master
Small dqlite fixes
2019-12-16 16:16:16 -07:00
Darren Shepherd b329c6fac2 Update vendor 2019-12-16 11:45:21 -07:00
Darren Shepherd 4acaa0740d Small dqlite fixes 2019-12-16 11:45:01 -07:00
Erik Wilson 97383868bd
Merge pull request #1186 from erikwilson/upgrade-k8s-1.17.0
Upgrade k8s  to v1.17.0
2019-12-16 09:40:38 -07:00
Erik Wilson e712cdf7e8
Merge pull request #1190 from erikwilson/wireguard-keepalive
Set Wireguard keepalive to 25 seconds
2019-12-16 09:40:11 -07:00
Erik Wilson 07028a3115 Fix image tags, replace + with - 2019-12-15 23:28:25 -07:00
Erik Wilson bddab9479c Set build version of k8s from k3s 2019-12-15 23:28:25 -07:00
Erik Wilson 4e6ed0873f Update vendor for k8s 1.17.0 2019-12-15 23:28:25 -07:00
Erik Wilson 5679a8bd2f Update generated 2019-12-15 23:28:19 -07:00
Erik Wilson 76281bf731 Update k3s for k8s 1.17.0 2019-12-15 23:28:19 -07:00
Erik Wilson 5a2cc21094 Update go mod for k8s 1.17.0 2019-12-15 23:28:19 -07:00
Erik Wilson d5929bc8c8
Merge pull request #1196 from erikwilson/compose-default-token
Remove docker-compose default token
2019-12-12 18:05:00 -07:00
Erik Wilson d77b390931 Remove docker-compose default token 2019-12-12 18:02:54 -07:00
Erik Wilson d578b46842
Merge pull request #1195 from erikwilson/move-docker-compose
Cleanup docker-compose.yml
2019-12-12 17:31:35 -07:00
Erik Wilson 814c302d7c
Merge pull request #955 from btashton/servicelb-sysctl
Enable ip forwarding on both all and default net config
2019-12-12 17:31:02 -07:00
Erik Wilson a532c70e72 Cleanup docker-compose.yml 2019-12-12 17:29:12 -07:00
Erik Wilson 7b62811f98 Set Wireguard keepalive to 25 seconds 2019-12-12 10:40:41 -07:00
Erik Wilson d4959d53af
Merge pull request #1182 from erikwilson/docker-pause-image
Allow --pause-image to set docker sandbox image also
2019-12-11 10:36:07 -07:00
Erik Wilson 2eacfa75cb
Merge pull request #1180 from erikwilson/cleanup-flannel-backend-help-text
Cleanup --flannel-backend help text
2019-12-11 10:35:50 -07:00
Erik Wilson 0c50d06a69
Merge pull request #1179 from erikwilson/upgrade-go-1.13.5
Upgrade go to 1.13.5
2019-12-11 10:35:41 -07:00
Erik Wilson 56b0743653
Merge pull request #1171 from dweomer/mutable-labels
Mutable --node-label values for server/agent sub-commands.
2019-12-11 10:35:27 -07:00
Erik Wilson c2be59e5f3
Allow udp protocol for service-lb ports
For #577
2019-12-11 10:34:11 -07:00
Brennan Ashton a952d5c32a Default device net config enables ip forwarding
The Linux kernel is inconsistent about how devconf is configured for new
network namespaces between ipv4 and ipv6. The behavior can also be
controlled via net.core.devconf_inherit_init_net in Linux 5.1+ so make
sure to enable forwarding on all and default for both ipv6 and ipv4.

This issue first came up testing on a yocto kernel that had this patch:
 ipv4: net namespace does not inherit network configurations

[0] https://www.kernel.org/doc/html/latest/admin-guide/sysctl/net.html#devconf-inherit-init-net
[1] https://lkml.org/lkml/2014/7/29/119

Signed-off-by: Brennan Ashton <brennana@jfrog.com>
2019-12-10 16:29:59 -08:00
Erik Wilson 2de93d70cf Allow --pause-image to set docker sandbox image also 2019-12-10 16:16:26 -07:00
Erik Wilson 11e4d01efe Cleanup --flannel-backend help text 2019-12-10 14:51:16 -07:00
Erik Wilson de42d457b3 Upgrade go to 1.13.5 2019-12-10 14:47:25 -07:00
Erik Wilson 2cf88ae2c4
Merge pull request #1172 from simnalamburt/readme
Update README.md: k3s does not exclude legacy/alpha/non-default features anymore
2019-12-10 09:37:02 -07:00
Jacob Blain Christen 063efb25bb Mutable --node-label values for server/agent sub-commands.
Values passed in via the server/agent `--node-label` flag are treated as mutable. They are passed through to the kubelet just as before but after the kubelet comes up they are applied again. This allows for passing labels a k3s start-time that may be necessary for scheduling but may change from boot to boot, e.g. `k3os.io/version` after an upgrade.

Tested locallon on my amd64 workstation with the docker container.

Addresses #1119.
2019-12-09 16:40:15 -07:00