b02a874d53
Add --image-service-endpoint flag ( #8279 )
...
* Add --image-service-endpoint flag
Problem:
External container runtime can be set but image service endpoint is unchanged
and also is not exposed as a flag. This is useful for using containerd
snapshotters outside of the ones that have built-in support like
stargz-snapshotter.
Solution:
Add a flag --image-service-endpoint and also default image service endpoint to
container runtime endpoint if set.
Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
(cherry picked from commit fe18b1fce9
2023-10-17 10:45:12 -07:00
ec31704c1a
Use version.Program not K3s in log ( #8654 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-10-16 14:18:24 -07:00
2cda8e5512
Windows support
...
Signed-off-by: Sean Yen <seanyen@microsoft.com>
2023-10-16 23:16:05 +02:00
1f3880c756
Start etcd client before ensuring self removal
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-14 01:15:24 -07:00
6f776a3a04
Add etcd-only/control-plane-only server test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-14 01:15:24 -07:00
429224d364
Update kube-router package in build script
...
Package was changed in version script in bc332ac667
2023-10-13 16:23:31 -07:00
fdd80188b0
Bump traefik, golang.org/x/net, google.golang.org/grpc
...
Fixes exposure to CVE-2023-39325
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-13 12:28:56 -07:00
b2d3d6cef5
Switch build target from main.go to a package. ( #8342 )
...
* Switch build target from main.go to a package.
* Dont build with vcs
Signed-off-by: Dan Lorenc <dlorenc@chainguard.dev>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
(cherry picked from commit 3d25e9f66c
2023-10-13 12:28:56 -07:00
d1cd3399a6
Fix etcd snapshot integration tests
...
Snapshot delete/prune tests were only working because the delete command
would report success even when deleting a snapshot that didn't exist,
and the test regex was finding the snapshot name multiple times in
the list output and deleting it twice.
Snapshot restore tests seem to have expected the deployment to be rolled out
immediately, which is not a reasonable expectation.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7c5b69ca1d
2023-10-13 12:28:56 -07:00
3b28ac0a1f
Add server token hash to CR and S3
...
This required pulling the token hash stuff out of the cluster package, into util.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit d885162967
2023-10-13 12:28:56 -07:00
e86e9d4fbc
Switch to managing ETCDSnapshotFile resources
...
Reconcile snapshot CRs instead of ConfigMap; manage ConfigMap downstream from CR list
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 550ab36ab7
2023-10-13 12:28:56 -07:00
e0222ac1a2
Move snapshot delete into local/s3 functions
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5cd4f69bfa
2023-10-13 12:28:56 -07:00
8633571a5b
Sort snapshots by time and key in tabwriter output
...
Fixes snapshot list coming out in non-deterministic order
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit a15b804e00
2023-10-13 12:28:56 -07:00
61bbad7d9e
Store extra metadata and cluster ID for snapshots
...
Write the extra metadata both locally and to S3. These files are placed such that they will not be used by older versions of K3s that do not make use of them.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7464007037
2023-10-13 12:28:56 -07:00
db4ee1b2ae
Move s3 snapshot list functionality to s3.go
...
Also, don't list ONLY s3 snapshots if S3 is enabled.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 80f909d0ca
2023-10-13 12:28:56 -07:00
514bcade78
Consistently set snapshotFile timestamp
...
Attempt to use timestamp from creation or filename instead of file/object modification times
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 8d47645312
2023-10-13 12:28:56 -07:00
a89645dfb4
Tidy s3 upload functions
...
Consistently refer to object keys as such, simplify error handling.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f1afe153a3
2023-10-13 12:28:56 -07:00
a8d117dc42
Elide old snapshot data when apiserver rejects configmap with ErrRequestEntityTooLarge
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2b0e2e8ada
2023-10-13 12:28:56 -07:00
e2296d8538
Move etcd snapshot code into separate file
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 676b00aa0e
2023-10-13 12:28:56 -07:00
a0e04b3068
Add new CRD for etcd snapshots
...
Also adds a hack go script to print the embedded CRDs, for developer use.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 500744bb94
2023-10-13 12:28:56 -07:00
ab464cab61
Minor updates as per design review discussion
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 64107b54e4
2023-10-13 12:28:56 -07:00
eb1f2af7ab
Add ADR for etcd snapshot CRD migration
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 22065affa2
2023-10-13 12:28:56 -07:00
34d8b325f1
Bump busybox to v1.36.1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 9bb1ce1253
2023-10-13 12:28:56 -07:00
81ec0650f8
Bump containerd to v1.7.7-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5fe4f6709a
2023-10-13 12:28:56 -07:00
11bc2c29f6
Pass SystemdCgroup setting through to nvidia runtime options
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 0e5c760625
2023-10-13 12:28:56 -07:00
03b4872344
Don't ignore assets in home dir if system assets exist
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 1e38b5d904
2023-10-13 12:28:56 -07:00
babe286e20
Disable HTTP on main etcd client port
...
Fixes performance issue under load, ref: https://github.com/etcd-io/etcd/issues/15402 and https://github.com/kubernetes/kubernetes/pull/118460
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 8c73fd670b
2023-10-13 12:28:56 -07:00
722fca3b82
Use IPv6 in case is the first configured IP with dualstack
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-10-13 10:25:34 +02:00
0816812c99
[Release-1.25] Clear remove annotations on cluster reset ( #8589 )
...
* Use admin kubeconfig instead of supervisor for etcd snapshot CLI
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Skip creating CRDs and setting up event recorder for CLI controller context
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Don't export functions not needed outside the etcd package
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Reorganize Driver interface and etcd driver to avoid passing context and config into most calls
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Clear remove annotations on cluster reset; refuse to delete last member from cluster
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
---------
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 08:11:34 -07:00
6afee00eaf
Server Token Rotation ( #8578 )
...
* Consolidate NewCertCommands
* Add support for user defined new token
* Add E2E testlets
* Ensure agent token also changes
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-10-10 09:45:27 -07:00
07646f6877
Fixed tailscale node IP dualstack mode in case of IPv4 only node
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-10-10 10:38:14 +02:00
8bfd2389fe
Added advertise address integration test
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-10-05 17:11:14 -03:00
ba169d91eb
Merge pull request #8553 from manuelbuil/netCleanUp125
...
[Release 1.25] Network defaults are duplicated, remove one
2023-10-05 18:30:31 +02:00
67380ddb01
Network defaults are duplicated, remove one
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-10-04 08:25:25 +02:00
a873fba947
Merge pull request #8506 from manuelbuil/IPPrecedence125
...
[Release 1.25] Take IPFamily precedence based on order
2023-10-03 18:41:02 +02:00
7e1e1867d4
Take IPFamily precedence based on order
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-10-02 18:40:56 +02:00
6f550cd9a1
ipFamilyPolicy:PreferDualStack for coredns and metrics-server
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-10-02 11:35:15 +02:00
857e01755b
Merge pull request #8511 from manuelbuil/fixSpellCheck125
...
[Release 1.25] Fix spellcheck problem (boostrap ==> bootstrap)
2023-09-29 19:14:45 +02:00
5fd0fb12ea
Fix spellcheck problem (boostrap ==> bootstrap)
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-29 16:13:11 +02:00
0359564998
Added cluster reset from non bootstrap nodes on snapshot e2e test
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-09-28 13:28:14 -03:00
00cc29ba27
Merge pull request #8466 from manuelbuil/vpnExtraArgs125
...
[Release-1.25] Add extraArgs to tailscale
2023-09-28 10:06:03 +02:00
940bbd19bb
Added error when cluster reset while using server flag
...
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-09-27 16:42:23 -03:00
d8402c1578
Update kube-router
...
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-09-27 11:47:39 +02:00
221fdd60c4
Add extraArgs to tailscale
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-27 11:39:08 +02:00
01e6b5b8d3
Merge pull request #8437 from manuelbuil/interfaceLog125
...
[Release 1.25] Include the interface name in the error message
2023-09-26 19:14:43 +02:00
c4e30c6f11
Include the interface name in the error message
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-26 11:08:14 +02:00
28e12da73c
E2E test for token coverage ( #8184 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-09-25 09:23:32 -07:00
3f6f1c852e
Run integration test CI in parallel ( #8156 )
...
* Run integration test CI in parallel
* Define go version in E2E
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-09-25 09:23:32 -07:00
dbaac3fdb5
Fix for Kubeflag Integration test ( #8154 )
...
* Use argument that doesn't require file
* Use build-k3s workflow in cgroup
* Bump timeout on integration tests
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-09-25 09:23:32 -07:00
b5dc298552
Merge pull request #8421 from manuelbuil/flannelErrors125
...
[Release 1.25] Add context to flannel errors
2023-09-25 16:33:21 +02:00
Edgar Lee