github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,316 Commits
32 Branches
873 Tags
629 MiB
Commit Graph

442 Commits (925a6d2da822a03f78d72613fa0943e9851e1946)

Author SHA1 Message Date
Brian Downs 99a8bca522 remove hard coded value 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-07-09 11:20:06 -07:00
Brandon Davidson 538842ffdc
Merge pull request #1768 from brandond/fix_1764 
Configure default signer implementation to use ClientCA instead of ServerCA
 2020-07-07 16:52:14 -07:00
Erik Wilson 0d6a2bfb0b
Merge pull request #1974 from mschneider82/patch-1 
fixed panic in network_policy_controller
 2020-07-01 09:48:00 -07:00
Erik Wilson 42f0b95ac5
Merge pull request #1800 from niusmallnan/dev 
Add retry backoff for starting network-policy controller
 2020-07-01 09:47:21 -07:00
niusmallnan d713683614 Add retry backoff for starting network-policy controller 
Signed-off-by: niusmallnan <niusmallnan@gmail.com>
 2020-06-30 09:25:09 +08:00
Matthias Schneider 56a083c812 fixed panic in network_policy_controller 
I have rebooted a newly created k3s etcd cluster and this panic was triggered:

    ```
    k3s[948]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x45f2945]
    k3s[948]: goroutine 1 [running]:
    k3s[948]: github.com/rancher/k3s/pkg/agent/netpol.NewNetworkPolicyController(0xc00159e180, 0x61b4a60, 0xc006294000, 0xdf8475800, 0xc011d9a360, 0xc, 0x0, 0xc00bf545b8, 0x2b2edbc)
    k3s[948]:         /home/x/git/k3s/pkg/agent/netpol/network_policy_controller.go:1698 +0x275
    ```

Signed-off-by: Matthias Schneider <ms@wck.biz>
 2020-06-29 20:49:24 +02:00
Jacob Blain Christen 3197d206ce
Merge pull request #1892 from dweomer/servicelb/node-role 
servicelb: fix ineffective toleration
 2020-06-26 13:55:57 -07:00
Brian Downs 58aae57e12 set environment variable and create config for crictl 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-06-24 14:26:44 -07:00
Brian Downs 63dbf806df create symlink from docker sock to where crictl in k3s is looking for the sock to use 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2020-06-23 18:42:45 -07:00
Hussein Galal f5ee757b86
Add cluster dns configmap (#1785) 2020-06-22 23:06:01 +02:00
Brian Downs 7f4f237575
added profile = false args to api, controllerManager, and scheduler (#1891) 2020-06-12 21:09:41 +02:00
Jacob Blain Christen 1ed12cffa0 servicelb: fix ineffective toleration 
noderole.kubernetes.io/master -> node-role.kubernetes.io/master
 2020-06-11 14:39:12 -07:00
galal-hussein c580a8b528 Add heartbeat interval and election timeout 2020-06-06 16:39:42 -07:00
Darren Shepherd 6b5b69378f Add embedded etcd support 
This is replaces dqlite with etcd.  The each same UX of dqlite is
followed so there is no change to the CLI args for this.
 2020-06-06 16:39:41 -07:00
Darren Shepherd 39571424dd Generate etcd certificates 2020-06-06 16:39:41 -07:00
Darren Shepherd a18d387390 Refactor clustered DB framework 2020-06-06 16:39:41 -07:00
Darren Shepherd 4317a91b96 Delete dqlite 2020-06-06 16:39:41 -07:00
Darren Shepherd 7e59c0801e Make program name a variable to be changed at compile time 2020-06-06 16:39:41 -07:00
Taeho Kim 3d59a85dae Upgrade local-path-storage to v0.0.14 2020-06-02 13:47:37 +00:00
Erik Wilson 43b9bf2e50
Merge pull request #1795 from StateFarmIns/support_for_setting_default_ssl_ciphers 
Feature Request #1741: Update to set default CipherSuites
 2020-05-15 09:41:37 -07:00
Erik Wilson d10d6f7fb3
Merge pull request #1762 from consideRatio/coredns-readinessprobe 
coredns: readiness- and livenessProbe tweaks (~15s -> ~3s startup)
 2020-05-15 09:40:54 -07:00
Chuck Schweizer 19c34bd12d Update to set default CipherSuites 
The default CipherSuites need to be set to disable the insecure TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Cipher
 2020-05-13 08:34:45 -05:00
Chuck Schweizer ca9c9c2e1e Adding support for TLS MinVersion and CipherSuites 
This will watch for the following kube-apiserver-arg variables and apply
them to the k3s kube-apiserver https listener.

  --kube-apiserver-arg=tls-cipher-suites=XXXXXXX
  --kube-apiserver-arg=tls-min-version=XXXXXXX
 2020-05-07 09:27:09 -05:00
Erik Sundell 27ae2fb9c8 coredns: go generate 2020-05-07 16:21:46 +02:00
Darren Shepherd cb4b34763e
Merge pull request #1759 from ibuildthecloud/background 
Start kube-apiserver in the background
 2020-05-06 21:50:48 -07:00
Darren Shepherd e5fe184a44
Merge pull request #1757 from ibuildthecloud/separate-port 
Add supervisor port
 2020-05-06 21:32:45 -07:00
Darren Shepherd 072396f774 Start kube-apiserver in the background 
In rke2 everything is a static pod so this causes a chicken and egg situation
in which we need the kubelet running before the kube-apiserver can be
launched.  By starting the apiserver in the background this allows us to
do this odd bootstrapping.
 2020-05-06 21:17:23 -07:00
Brad Davidson 71561ecda2 Use ClientCA for the signer controller 2020-05-06 16:51:35 -07:00
Darren Shepherd f38082673d
Merge pull request #1753 from ibuildthecloud/prepull 
Support prepulling images on start
 2020-05-05 22:11:52 -07:00
Darren Shepherd 74bcf4da0b
Merge pull request #1756 from ibuildthecloud/less-logging 
Only echo Waiting for kubelet every 30 seconds
 2020-05-05 22:07:50 -07:00
Darren Shepherd 2f5ee914f9 Add supervisor port 
In k3s today the kubernetes API and the /v1-k3s API are combined into
one http server.  In rke2 we are running unmodified, non-embedded Kubernetes
and as such it is preferred to run k8s and the /v1-k3s API on different
ports.  The /v1-k3s API port is called the SupervisorPort in the code.

To support this separation of ports a new shim was added on the client in
then pkg/agent/proxy package that will launch two load balancers instead
of just one load balancer.  One load balancer for 6443 and the other
for 9345 (which is the supervisor port).
 2020-05-05 15:54:51 -07:00
Darren Shepherd afd6f6d7e7 Encapsulate execution logic 
This moves all the calls to cobra root commands to one package
so that we can change the behavior of running components as embedded
or external.
 2020-05-05 15:34:32 -07:00
Darren Shepherd 61ba9171ce Only echo Waiting for kubelet every 30 seconds 
Don't print a message every second while we are waiting for the
kubelet to report Ready.
 2020-05-05 15:23:18 -07:00
Darren Shepherd 1d05e99769
Merge pull request #1752 from ibuildthecloud/disable-ccm 
Don't write ccm.yaml if --disable-cloud-controller is set
 2020-05-05 15:11:10 -07:00
Darren Shepherd 6932d03bb4 Support prepulling images on start 
In the agent/images folder if a .txt file is found it is assumed to
be a line separated list of image names to pull on start.
 2020-05-05 14:45:39 -07:00
Darren Shepherd 70ddc799bd
Merge pull request #1691 from ibuildthecloud/staticpod 
Suppport static pods at ${datadir}/agent/staticpods
 2020-05-05 14:35:45 -07:00
Darren Shepherd 341895c322 Don't write ccm.yaml if --disable-cloud-controller is set 2020-05-05 13:01:52 -07:00
Darren Shepherd 8c7fbe3dde Suppport static pods at ${datadir}/agent/pod-manifests 2020-05-05 12:43:47 -07:00
Erik Wilson 39c3854648
Merge pull request #1720 from ilknarf/master 
remove redundant Sprintf
 2020-05-04 20:50:58 -07:00
Erik Wilson c71561129e
Merge pull request #1716 from ibuildthecloud/debugpublic 
Make debug variable public to be used by wrapper programs
 2020-05-04 20:50:36 -07:00
Erik Wilson c941e1d0bb
Merge pull request #1695 from ibuildthecloud/kubeproxy 
Add ability to disable kubeproxy
 2020-05-04 20:26:22 -07:00
Erik Wilson df1725cb06
Merge pull request #1694 from ibuildthecloud/inittwice 
Allow InitLogging to be called twice
 2020-05-04 20:22:04 -07:00
Erik Wilson 2fb5bad3e8
Merge pull request #1704 from ibuildthecloud/x509-admin 
No longer use basic auth for default admin account
 2020-05-04 20:21:12 -07:00
Erik Wilson 21eabd902b
Merge pull request #1693 from ibuildthecloud/disableditem 
Move disabled items to a const to keep more consistency
 2020-05-04 20:16:42 -07:00
Erik Wilson 21266bab7e
Merge pull request #1692 from ibuildthecloud/err 
Check for error on mkdir
 2020-05-04 20:16:20 -07:00
Erik Wilson ed8cd9250b
Merge pull request #1690 from ibuildthecloud/flannel 
Only need to resolve the path of host-local if Flannel is enabled
 2020-05-04 20:15:59 -07:00
Erik Wilson 47bb0939e6
Merge pull request #1611 from Dirbaio/master 
Correctly quote auth strings in containerd config. For #1610
 2020-05-04 19:27:17 -07:00
Frank a18d94e5f9 remove redundant Sprintf 2020-04-30 10:48:12 -05:00
Darren Shepherd 56770ff2cc Make debug variable public to be used by wrapper programs 2020-04-29 11:37:59 -07:00
Darren Shepherd 3c8e0b4157 No longer use basic auth for default admin account 2020-04-28 16:01:33 -07:00