Brad Davidson
4cc73b1fee
Actually fix agent certificate rotation
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-10 09:21:01 -07:00
Brad Davidson
08f1022663
Don't log 'apiserver disabled' error sent by etcd-only nodes
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 15:36:33 -07:00
Brad Davidson
7d9abc9f07
Improve etcd load-balancer startup behavior
...
Prefer the address of the etcd member being joined, and seed the full address list immediately on startup.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 15:36:33 -07:00
Brad Davidson
fe465cc832
Move etcd snapshot management CLI to request/response
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 15:21:26 -07:00
Brad Davidson
0792461885
Bump containerd and cri-dockerd
...
Bump containerd to v1.7.15
Bump cri-dockerd to v0.3.12
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-09 11:09:30 -07:00
Manuel Buil
a064ae2f17
Add quotes to avoid useless updatecli updates
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-04-08 19:49:29 +02:00
Brad Davidson
60248c42de
Add supervisor cert/key to rotate list
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-05 10:59:17 -07:00
Derek Nola
9846a72e92
Bump spegel to v0.0.20-k3s1 ( #9863 )
...
* Bump spegel to v0.0.20-k3s1
* Remove deprecated libp2p Pretty function
* Remove quic-go pin
Pinned version is now out of date, indirect dependencies are now newer, with CVE issue fixed
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-04-05 08:43:19 -07:00
HaoTian Qi
0e118fe6d3
fix: agent volume in example docker compose ( #9838 )
...
Signed-off-by: 117503445 <t117503445@gmail.com>
2024-04-04 10:36:47 -07:00
Brad Davidson
f2961fb5d2
Add workaround for containerd hosts.toml bug
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-03 20:47:54 -07:00
github-actions[bot]
49414a8def
chore: Bump Trivy version ( #9840 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-04-02 12:02:20 -07:00
Manuel Buil
52712859c5
Add updatecli policy to update k3s-root
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-04-02 09:06:38 +02:00
Brad Davidson
7f659759dd
Add certificate expiry check and warnings
...
* Add ADR
* Add `k3s certificate check` command.
* Add periodic check and events when certs are about to expire.
* Add metrics for certificate validity remaining, labeled by cert subject
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-28 12:05:21 -07:00
Derek Nola
6624273a97
Fix embeddedmirror test
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:12:54 -07:00
Derek Nola
93bcaccad1
E2E setup: Only install jq when we need it
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:12:54 -07:00
Derek Nola
c98ca14198
Add wasm test to e2e matrix
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:12:54 -07:00
Derek Nola
6a42c6fcfe
Remove old pinned dependencies ( #9806 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:09:48 -07:00
Derek Nola
14f54d0b26
Transition from deprecated pointer library to ptr ( #9801 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-28 10:07:02 -07:00
Vitor Savian
5d69d6e782
Add tls for kine
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
Bump kine
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
Add integration tests for kine with tls
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-03-28 11:12:07 -03:00
Brad Davidson
c51d7bfbd1
Add health-check support to loadbalancer
...
* Adds support for health-checking loadbalancer servers. If a
health-check fails when dialing, all existing connections to the
server will be closed.
* Wires up a remotedialer tunnel connectivity check as the health check
for supervisor/apiserver connections.
* Wires up a simple ping request to the supervisor port as the health
check for etcd connections.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-27 16:50:27 -07:00
Brad Davidson
edb0440017
Fix etcd snapshot reconcile for agentless nodes
...
Disable cleanup of orphaned snapshots and patching of node annotations if running agentless
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-27 16:44:36 -07:00
Brad Davidson
7474a6fa43
Add /etc/passwd and /etc/group to k3s docker image
...
Fixes `cannot find name for user ID 0: No such file or directory` errors when checking user info in docker image
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-27 16:41:46 -07:00
Brian Downs
6c52235848
update channel server ( #9808 )
2024-03-27 14:28:39 -07:00
Derek Nola
c47c85e5da
Move to ubuntu 23.10 for E2E tests ( #9755 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-27 09:55:13 -07:00
github-actions[bot]
b5d0d4ee21
Bump Trivy version ( #9780 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-03-27 09:20:44 -07:00
Derek Nola
41377540fd
Use ubuntu latest for better golang caching keys ( #9711 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-27 09:19:56 -07:00
Derek Nola
5461c3e1c1
Bump k3s-root
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-27 09:19:37 -07:00
Vitor Savian
3f649e3bcb
Add a new error when kine is with disable apiserver or disable etcd
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2024-03-27 10:59:34 -03:00
Brad Davidson
f099bfa508
Fix error when image has already been pulled
...
CRI and containerd APIs disagree about the registry names - CRI supports
index.docker.io as an alias for docker.io, while containerd does not.
Use the actual stored RepoTag to determine what image to ask containerd for.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-26 16:19:40 -07:00
Brad Davidson
65cd606832
Respect cloud-provider fields set by kubelet
...
Don't clobber the providerID field and instance-type/region/zone labels if provided by the kubelet. This allows the user to set these to the correct values when using the embedded CCM in a real cloud environment.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-26 16:18:34 -07:00
Brad Davidson
d7cdbb7d4d
Send error response if member list cannot be retrieved
...
Prevents joining nodes from being stuck with bad initial member list if there is a transient failure, or if they try to join themselves
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-26 15:17:15 -07:00
Brad Davidson
7a2a2d075c
Move error response generation code into util
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-26 15:17:15 -07:00
Brian Downs
8aecc26b0f
Update to v1.29.3-k3s1 and Go 1.21.8 ( #9747 )
2024-03-17 13:33:54 -07:00
Brad Davidson
bba3e3c66b
Fix wildcard entry upstream fallback
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-12 23:31:16 -07:00
Derek Nola
364dfd8b89
Fix flaky check in btrfs test
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-08 10:54:28 -08:00
Derek Nola
21c170512c
Fix e2e vagrant cacheing
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-08 10:54:28 -08:00
Derek Nola
aea81c0822
Run docker tests in E2E GH Action
...
Build image with new input option
Run most of the basic docker tests in E2E
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-08 10:54:28 -08:00
John
ec5d34dac0
remove repetitive words ( #9671 )
...
Signed-off-by: hishope <csqiye@126.com>
2024-03-08 09:44:16 -08:00
Brad Davidson
fe2ca9ecf1
Warn and suppress duplicate registry mirror endpoints
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-07 16:30:06 -08:00
Derek Nola
9bd4c8a9fc
Bump upload and download actions to v4 ( #9666 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-07 15:56:43 -08:00
Brad Davidson
2a091a693a
Bump metrics-server to v0.7.0
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-07 12:45:29 -08:00
Derek Nola
1c8be1d011
Improve E2E Aftersuite cleanup
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-06 14:04:05 -08:00
Derek Nola
af4c51bfc3
Move to ubuntu 2204 for all E2E tests
...
Simplify node roles
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-06 14:04:05 -08:00
Derek Nola
da7312d082
Convert snapshotter test in e2e test
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-06 14:04:05 -08:00
Derek Nola
d022a506d5
Migrate E2E tests to GitHub Actions
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-06 14:04:05 -08:00
Derek Nola
75ccaf9942
Allow non-sudo vagrant
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2024-03-06 14:04:05 -08:00
Brad Davidson
6f331ea7b5
Include flannel version in flannel cni plugin version
...
We were misreporting the flannel version as the flannel cni plugin version; restore the actual flannel version as build metadata
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-03-06 09:46:48 -08:00
github-actions[bot]
d37d7a40da
Bump Trivy version ( #9528 )
...
Made with ❤️ ️ by updatecli
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-03-06 08:52:55 -08:00
Roberto Bonafiglia
88c431aea5
Adjust first node-ip based on configured clusterCIDR
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-03-06 11:10:41 +01:00
Manuel Buil
1fe0371e95
Improve tailscale e2e test
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-03-06 08:26:36 +01:00