Commit Graph

3391 Commits (b67249ec777d738d25eb888a65007bd185d46ac8)

Author SHA1 Message Date
Brad Davidson df5db28a68
Add ADR for support for etcd s3 config secret (#9364)
* Add ADR for etcd s3 config secret
* Update ADR with changes from initial review

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-06-04 14:15:43 -07:00
Brad Davidson 1661f1024a Fix bug that caused agents to bypass local loadbalancer
If proxy.SetAPIServerPort was called multiple times, all calls after the
first one would cause the apiserver address to be set to the default
server address, bypassing the local load-balancer. This was most likely
to occur on RKE2, where the supervisor may be up for a period of time
before it is ready to manage node password secrets, causing the agent
to retry.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-06-04 11:18:45 -07:00
Koen de Laat 79ba10f5ec fix: Use actual warningPeriod in certmonitor
Signed-off-by: Koen de Laat <koen.de.laat@philips.com>
2024-06-03 11:20:15 -07:00
github-actions[bot] 1268779ea0
Bump Local Path Provisioner version (#10268)
* chore: Bump Local Path Provisioner version

Made with ❤️️ by updatecli
2024-06-03 11:19:23 -07:00
Brad Davidson f9130d537d Fix embedded mirror blocked by SAR RBAC and re-enable test
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-31 08:33:18 -07:00
Katherine Door 7a0ea3c953
Add write-kubeconfig-group flag to server (#9233)
* Add write-kubeconfig-group flag to server
* update kubectl unable to read config message for kubeconfig mode/group

Signed-off-by: Katherine Pata <me@kitty.sh>
2024-05-30 23:45:34 -07:00
Brad Davidson 307f07bd61 Fix issue caused by sole server marked as failed under load
If health checks are failing for all servers, make a second pass through the server list with health-checks ignored before returning failure

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-30 11:47:23 -07:00
Brad Davidson ed23a2bb48 Fix netpol crash when node remains tained unintialized
It is concievable that users might take more than 60 seconds to deploy their own cloud-provider. Instead of exiting, we should wait forever, but with more logging to indicate what's being waited on.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 23:34:44 -07:00
github-actions[bot] f2e7c01acf chore: Bump Trivy version
Made with ❤️️ by updatecli
2024-05-28 20:12:36 -07:00
dependabot[bot] 4cb4542c3a Bump ubuntu from 22.04 to 24.04 in /tests/e2e/scripts
Bumps ubuntu from 22.04 to 24.04.

---
updated-dependencies:
- dependency-name: ubuntu
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-28 20:12:14 -07:00
Brad Davidson 84b578ec74 Use busybox tar to avoid issues with fchmodat2 on arm
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 20:11:46 -07:00
dependabot[bot] 86875c97bb Bump alpine from 3.18 to 3.20 in /package
Bumps alpine from 3.18 to 3.20.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-28 20:11:46 -07:00
dependabot[bot] de4cda57e6 Bump alpine from 3.18 to 3.20 in /conformance
Bumps alpine from 3.18 to 3.20.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-28 20:09:39 -07:00
Brad Davidson 2eca3f1e2c Update golangci-lint to stop using deprecated skip files/dirs
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 16:24:57 -07:00
Brad Davidson f8e0648304 Convert remaining http handlers over to use util.SendError
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 16:24:57 -07:00
Brad Davidson ff679fb3ab Refactor supervisor listener startup and add metrics
* Refactor agent supervisor listener startup and authn/authz to use upstream
  auth delegators to perform for SubjectAccessReview for access to
  metrics.
* Convert spegel and pprof handlers over to new structure.
* Promote bind-address to agent flag to allow setting supervisor bind
  address for both agent and server.
* Promote enable-pprof to agent flag to allow profiling agents. Access
  to the pprof endpoint now requires client cert auth, similar to the
  spegel registry api endpoint.
* Add prometheus metrics handler.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 16:24:57 -07:00
Brad Davidson 3d14092f76 Fix issue with k3s-etcd informers not starting
Start shared informer caches when k3s-etcd controller wins leader election. Previously, these were only started when the main k3s apiserver controller won an election. If the leaders ended up going to different nodes, some informers wouldn't be started

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 15:48:15 -07:00
Anuj Garg eb192197eb Updating the script binary_size_check to complete the command name by adding .exe extension to the k3s binary name to make it available to run stat command
Signed-off-by: Anuj Garg <anujgarg@microsoft.com>
2024-05-28 13:30:53 -07:00
Brad Davidson 6683fcdb65 Bump klipper-helm image for tls secret support
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-28 13:12:47 -07:00
Brian Downs c2738231ec
update channel server for may 2024 (#10137) 2024-05-28 08:55:41 -07:00
thomasferrandiz 6e6f7995e7
Merge pull request #10146 from thomasferrandiz/flannel-v0.25.2
Bump flannel version to v0.25.2
2024-05-28 09:17:47 +02:00
Manuel Buil 3f62ec3207 Add extra log in e2e tests
Signed-off-by: Manuel Buil <mbuil@suse.com>
2024-05-27 16:11:12 +02:00
Nikos Pitsillos 99f543a2d4 fix: use absolute path
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Nikos Pitsillos 86b2554772 test: copy vpn-auth-file to guest
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Nikos Pitsillos b8f101fd89 test: increment agentCount
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Nikos Pitsillos ab29054887 test: use absolute path to auth file
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Nikos Pitsillos a8f88aa9e5 test: add agent with auth file
Signed-off-by: Nikos Pitsillos <npitsillos@gmail.com>
2024-05-27 16:10:57 +02:00
Thomas Ferrandiz 6dcd52eb8e Use TrafficManager interface when calling flannel
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
2024-05-27 13:05:18 +00:00
Thomas Ferrandiz af7bcc3900 Bump flannel version to v0.25.2
Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>
2024-05-27 13:05:18 +00:00
Brad Davidson aadec85501 Fix go.mod
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-24 13:04:16 -07:00
huangzy 6fcaad553d allow helm controller set owner reference
Signed-off-by: huangzy <huangzynn@outlook.com>
2024-05-24 12:44:10 -07:00
Robert Rose 6886c0977f Follow directory symlinks in auto deploying manifests (#9288)
Signed-off-by: Robert Rose <robert.rose@mailbox.org>
2024-05-24 12:42:25 -07:00
0xMALVEE 3e48386c6e git_workflow filename correction
Signed-off-by: 0xMALVEE <m.alvee8141@gmail.com>
2024-05-24 12:41:11 -07:00
zouxianyu c1cb5d63b9 add missing kernel config check
Signed-off-by: zouxianyu <2979121738@qq.com>
2024-05-24 12:40:25 -07:00
linxin f24ba9d3a9 Validate resolv.conf for presence of nameserver entries
Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: linxin <linxin@geedgenetworks.com>
2024-05-24 12:39:34 -07:00
Brad Davidson 2669d67a9b Bump kine to v0.11.9 to fix pagination
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-24 11:34:36 -07:00
Brad Davidson afdcc83afe bump minio-go to v7.0.70
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-24 10:29:17 -07:00
Max 423675b955
Create ADR for branching strategy (#10147)
Signed-off-by: rancher-max <max.ross@suse.com>
2024-05-24 10:03:22 -07:00
Roberto Bonafiglia aa36341f66 Update kube-router version to v2.1.2
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2024-05-24 17:05:29 +02:00
Brad Davidson 5a0162d8ee Drop check for legacy traefik v1 chart
We have been bundling traefik v2 for three years, its time to drop the legacy chart check

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 14:13:13 -07:00
Brad Davidson 37f97b33c9 Add support for svclb pod PriorityClassName
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 14:11:15 -07:00
Brad Davidson b453630478 Update local-path-provisioner helper script
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 14:00:00 -07:00
Brad Davidson 095ecdb034 Fix issue with local traffic policy for single-stack services on dual-stack nodes.
Just enable IP forwarding for all address families regardless of service address families.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 13:54:30 -07:00
Brad Davidson e8950a0a3b Fix issue installing artifacts from builds with multiple runs
Also makes error handling and variable capitalization consistent with other functions.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 13:50:24 -07:00
Brad Davidson 5cf4d75749 Bump spegel version
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 13:48:38 -07:00
Brad Davidson bf8b15e7ae bump etcd to v3.5.13
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 13:37:49 -07:00
Brad Davidson aaa578785c Bump containerd to v1.7.17
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 13:37:49 -07:00
Brad Davidson 30999f9a07 Switch stargz over to cri registry config_path
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 13:35:15 -07:00
Brad Davidson 7374010c0c Use fixed stream server bind address for cri-dockerd
Will now use 127.0.0.1:10010, same as containerd's CRI

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 13:33:27 -07:00
Brad Davidson 5f6b813cc8 Add WithSkipMissing to not fail import on missing blobs
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-05-23 13:32:22 -07:00