github/k3s - k3s - https://git.xinac.net

Commit Graph

Author	SHA1	Message	Date
Derek Nola	6e92eb9ac0	local-storage: Fix permission (#7217 ) (#7473 ) * local-storage: Fix permission /var/lib/rancher/k3s/storage/ should be 700 /var/lib/rancher/k3s/storage/* should be 777 Fixes #2348 Signed-off-by: Boleyn Su <boleyn.su@gmail.com> Signed-off-by: Derek Nola <derek.nola@suse.com> Co-authored-by: Boleyn Su <boleyn.su@gmail.com> Co-authored-by: Brad Davidson <brad@oatmail.org>	2023-05-10 11:53:40 -07:00
thomasferrandiz	ca849fa6dd	Merge pull request #7361 from thomasferrandiz/backport-1.25-netpol-logl-level [release-1.25] ensure that klog verbosity is set to the same level as logrus	2023-05-10 15:01:48 +02:00
Manuel Buil	cb23cf0a1e	Migrate netutil methods into /utils/net.go Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-05-05 07:24:22 +02:00
Derek Nola	e6793519d7	[Release-1.25] CLI + Config Enhancement (#7404 ) * Handle multiple arguments with StringSlice flags (#7380) * Add helper function for multiple arguments in stringslice Signed-off-by: Derek Nola <derek.nola@suse.com> * Cleanup server setup with util function Signed-off-by: Derek Nola <derek.nola@suse.com> * Enable FindString to search dotD config files (#7323) * Enable FindString to search dotD config files * Address multiple arg cases Signed-off-by: Derek Nola <derek.nola@suse.com> --------- Signed-off-by: Derek Nola <derek.nola@suse.com>	2023-05-02 14:03:59 -07:00
Derek Nola	71e53ae606	[Release-1.25] Add E2E testing in Drone (#7375 ) * Add E2E to Drone * Build e2e test image * Add ci flag to secretsencryption * Fix vagrant log on secretsencryption * Add cron conformance pipeline Signed-off-by: Derek Nola <derek.nola@suse.com> * Add string output for nodes * Switch snapshot restore for upgrade cluster Signed-off-by: Derek Nola <derek.nola@suse.com> * Added IPv6 check and agent restart on e2e test utils Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com> * Cleanup leftover VMs in E2E pipeline * Dont run most pipelines on nightly cron Signed-off-by: Derek Nola <derek.nola@suse.com> * Don't default to local K3s for startup test (#6950) Signed-off-by: Derek Nola <derek.nola@suse.com> * Added multiClusterCIDR E2E test Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com> * fix_get_sha_url (#7187) Signed-off-by: ShylajaDevadiga <shylaja@rancher.com> * Improve RunCmdOnNode error Signed-off-by: Derek Nola <derek.nola@suse.com> * Pin upgradecluster to v1.25 Signed-off-by: Derek Nola <derek.nola@suse.com> --------- Signed-off-by: Derek Nola <derek.nola@suse.com> Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com> Signed-off-by: ShylajaDevadiga <shylaja@rancher.com> Co-authored-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com> Co-authored-by: ShylajaDevadiga <56045581+ShylajaDevadiga@users.noreply.github.com>	2023-05-01 14:15:49 -07:00
Thomas Ferrandiz	11bcb24e40	ensure that klog verbosity is set to the same level as logrus by repeatedly settting it every second during k3s startup Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>	2023-04-27 08:10:49 +00:00
Hussein Galal	540d19b097	[release-1.25] Update klipper lb and helm-controller (#7240 ) * Update klipper lb and helm-controller Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update klipper helm image Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> --------- Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2023-04-06 22:17:21 +02:00
Roberto Bonafiglia	af81ed062a	Updated kube-route version to move the iptables ACCEPT default rule at the end of the chain Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2023-04-06 09:57:18 +02:00
Brad Davidson	355ddda647	Lock bootstrap data with empty key to prevent conflicts Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `d95980bba3`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-04-05 16:29:13 -07:00
Brad Davidson	64709f401d	Debounce kubernetes service endpoint updates Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `2992477c4b`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-04-05 16:29:13 -07:00
Brad Davidson	7036323cd7	Fix tests to not hide failure location in dummp assert functions Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `ece4d8e45c`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-04-05 16:29:13 -07:00
Brad Davidson	5fc65fcda7	Fix issue with stale connections to removed LB server Track LB connections through each server so that they can be closed when it is removed. Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `e54ceaa497`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-04-05 16:29:13 -07:00
Brad Davidson	66dd02cbcc	go generate Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `d388b82d25`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-04-05 16:29:13 -07:00
Brad Davidson	45670c8ae4	Ensure that loopback is used for the advertised address when resetting Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `b010db0cff`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-04-05 16:29:13 -07:00
Brad Davidson	88d5a723ce	Bump Local Path Provisioner version (#7167 ) * chore: Bump Local Path Provisioner version * go generate Signed-off-by: Brad Davidson <brad.davidson@rancher.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> (cherry picked from commit `cee3ddbc4a`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-04-05 16:29:13 -07:00
Hussein Galal	c25f611eed	Remove deprecated nodeSelector label beta.kubernetes.io/os (#6970 ) (#7121 ) * Remove deprecated nodeSelector label beta.kubernetes.io/os Problem: The nodeSelector label beta.kubernetes.io/os in the CoreDNS deployment was deprecated in 1.14 and will likely be removed soon Solution: Change the nodeSelector to remove the beta Signed-off-by: Dan Mills <evilhamsterman@gmail.com> Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> Co-authored-by: Daniel Mills <evilhamsterman@users.noreply.github.com>	2023-04-04 21:04:18 +02:00
Brad Davidson	37a26379d5	Add support for cross-signing new certs during ca rotation We need to send the full chain in order for cross-signing to work properly during switchover to a new root. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-03-13 20:04:11 -07:00
Derek Nola	a6cac3e9e7	Adds a warning about editing to the containerd config.toml file (#7075 ) * Add a warning to the config.toml file Signed-off-by: Derek Nola <derek.nola@suse.com> Co-authored-by: Brad Davidson <brad@oatmail.org>	2023-03-13 15:33:20 -07:00
Brad Davidson	7a7304e3d3	Wait for kubelet to update the Ready status before reading port Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-03-13 14:30:11 -07:00
Daishan Peng	0369a5a6a4	Wait for kubelet port to be ready before setting Signed-off-by: Daishan Peng <daishan@acorn.io>	2023-03-13 14:30:11 -07:00
Roberto Bonafiglia	f5d1f976d3	[Release 1.25] Update flannel and kube-router (#7061 ) * Update kube-router version to fix iptables rules Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com> * Update Flannel to v0.21.3 Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com> --------- Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2023-03-10 20:31:52 -08:00
Brad Davidson	27b5441c96	Add test for filterByIPFamily Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-21 14:13:34 -08:00
Brad Davidson	0a2bdfdd7a	Fix ServiceLB dual-stack ingress IP listing Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-21 14:13:34 -08:00
Brad Davidson	c3fbb30c2e	Fix CACertPath stripping trailing path components Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-14 13:18:12 -08:00
Brad Davidson	4e03608119	Fix etcd member deletion Turns out etcd-only nodes were never running any of the controllers, so allowing multiple controllers didn't really fix things. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-14 13:18:12 -08:00
Brad Davidson	14f2226b67	Allow for multiple sets of leader-elected controllers Addresses an issue where etcd controllers did not run on etcd-only nodes Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-10 11:35:29 -08:00
Roberto Bonafiglia	dda9e48dfc	Updated flannel version to v0.21.0 Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2023-02-10 18:53:15 +01:00
Paul Donohue	0ba4732c1f	Fix access to hostNetwork port on NodeIP when egress-selector-mode=agent Signed-off-by: Paul Donohue <git@PaulSD.com> Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-10 09:43:53 -08:00
Brad Davidson	33c6488bbc	Ensure that node exists when using node auth Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `87f9c4ab11`)	2023-02-10 09:33:55 -08:00
Brad Davidson	ade6203aad	Add support for kubeadm token and client certificate auth Allow bootstrapping with kubeadm bootstrap token strings or existing Kubelet certs. This allows agents to join the cluster using kubeadm bootstrap tokens, as created with the `k3s token create` command. When the token expires or is deleted, agents can successfully restart by authenticating with their kubelet certificate via node authentication. If the token is gone and the node is deleted from the cluster, node auth will fail and they will be prevented from rejoining the cluster until provided with a valid token. Servers still must be bootstrapped with the static cluster token, as they will need to know it to decrypt the bootstrap data. Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `992e64993d`)	2023-02-10 09:33:55 -08:00
Brad Davidson	97c506cc65	Add support for `k3s token` command Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `373df1c8b0`)	2023-02-10 09:33:55 -08:00
Brad Davidson	5eac6f977c	Add `certificate rotate-ca` to write updated CA certs to datastore This command must be run on a server while the service is running. After this command completes, all the servers in the cluster should be restarted to load the new CA files. Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `215fb157ff`)	2023-02-10 09:33:55 -08:00
Brad Davidson	03fd2f278a	Add utility functions for getting kubernetes client Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `3c324335b2`)	2023-02-10 09:33:55 -08:00
Brad Davidson	4a28be3c57	Fix CA cert hash for root certs Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `58d40327b4`)	2023-02-10 09:33:55 -08:00
Brad Davidson	7fce823e82	Ensure cluster-signing CA files contain only a single CA cert Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `0919ec6755`)	2023-02-10 09:33:55 -08:00
Brad Davidson	cf689d8126	go generate Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-10 07:26:50 -08:00
Brad Davidson	1ed38578c2	Check for existing resources before creating them Prevents errors when starting with fail-closed webhooks Also, use panic instead of Fatalf so that the CloudControllerManager rescue can handle the error Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-10 07:26:50 -08:00
Brad Davidson	058c6e24b3	go generate Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `1c6fde9a52`)	2023-02-09 15:17:55 -08:00
Brad Davidson	1a5b77b486	Honor Service ExternalTrafficPolicy Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `369b81b45e`)	2023-02-09 15:17:55 -08:00
Brad Davidson	ae874ea57f	Use default address family when adding kubernetes service address to SAN list Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-09 11:51:56 -08:00
Derek Nola	4944776f88	Ignore value conflicts when reencrypting secrets (#6919 ) * Ignore conflict secrets Signed-off-by: Derek Nola <derek.nola@suse.com>	2023-02-08 12:14:22 -08:00
Derek Nola	f4a75678d8	[Release-1.25] Ensure flag type consistency (#6867 ) * Standardize flag declaration Signed-off-by: Derek Nola <derek.nola@suse.com>	2023-02-01 09:23:43 -08:00
Derek Nola	9874f95d6b	Fix cron example (#6864 ) Signed-off-by: Derek Nola <derek.nola@suse.com>	2023-01-31 11:33:51 -08:00
Derek Nola	be8d8bb412	Wait for cri-dockerd socket (#6853 ) * Wait for cri-dockerd socket * Consolidate cri utility functions Signed-off-by: Derek Nola <derek.nola@suse.com>	2023-01-31 09:43:23 -08:00
Silvio Moioli	d6fa972b2c	Bugfix: do not break cert-manager when pprof is enabled (#6635 ) Signed-off-by: Silvio Moioli <silvio@moioli.net> (cherry picked from commit `23c1040adb`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-01-26 17:36:12 -08:00
Brad Davidson	4c17994391	Set cri-dockerd version at build time Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-01-26 14:33:04 -08:00
Brad Davidson	6344590447	Add jitter to scheduled snapshots and retry harder on conflicts Also ensure that the snapshot job does not attempt to trigger multiple concurrent runs, as this is not supported. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-01-26 14:31:08 -08:00
Brad Davidson	c350594f18	Fix CI tests * General cleanup of test-helpers functions to address CI failures * Install awscli in test image * Log containerd output to file even when running with --debug Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `f54b5e4fa0`)	2023-01-17 18:15:24 -08:00
Brad Davidson	45c337bb1f	Pass through default tls-cipher-suites Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-01-13 17:17:21 -08:00
Brad Davidson	a6684bd5d8	Preload iptable_filter/ip6table_filter ServiceLB now requires this module, but it will not get autoloaded by the kubelet if the host is using nftables. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-12-13 17:39:11 -08:00
Brad Davidson	2835368ecb	Bump k3s-root and remove embedded strongswan support Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-12-01 12:40:40 -08:00
Derek Nola	af8f101bdc	Mark secrets-encryption flag as GA (#6582 ) * Mark secrets-encrypt flag as GA Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-12-01 08:50:51 -08:00
Brad Davidson	915c7719fe	go generate Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-30 15:09:32 -08:00
Brad Davidson	1eeea5c81f	go generate Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-30 15:09:32 -08:00
Brad Davidson	e08a662509	Disable CCM metrics port when legacy CCM functionality is disabled Prevents port conflicts on upgrade for users that have deployed other cloud controllers. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-30 15:08:31 -08:00
Brad Davidson	a07bb555ba	Bump klipper-helm and klipper-lb versions Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-23 14:55:59 -08:00
Derek Nola	614da78e43	Add `prefer-bundled-bin` as an agent flag (#6545 ) * Add prefer-bundled-bin as an agent flag * Add E2E test for prefer-bundled-bin Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-11-22 13:43:16 -08:00
Manuel Buil	1beecb2e2d	Merge pull request #6531 from manuelbuil/fixLogs Fix log for flannelExternalIP use case	2022-11-22 16:54:26 +01:00
Manuel Buil	483e29e783	Remove stuff which belongs in the windows executor implementation Signed-off-by: Manuel Buil <mbuil@suse.com>	2022-11-22 12:32:13 +01:00
Brad Davidson	9ff0943d56	Address nits from self-review Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-21 15:23:30 -08:00
Brad Davidson	56bf7d6ad3	Allow agent to run rootless Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-21 15:23:30 -08:00
Brad Davidson	6f2b21c5cd	Add rootless IPv6 support Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-21 15:23:30 -08:00
Brad Davidson	c02dceb7ad	Make rootless settings configurable Add enivironment variables for port-driver, cidr, mtu, and disable-host-loopback settings. Since rootless is still experimental, I don't think they deserve full CLI flag status. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-21 15:23:30 -08:00
Brad Davidson	73171ff20a	go generate Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-21 13:44:54 -08:00
Derek Nola	0f52088cd3	Add new `prefer-bundled-bin` experimental flag (#6420 ) * initial prefer-bundled-bin ci change * Add startup testlet * Convert parsing to pflag library * Fix code validation * go mod tidy Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-11-21 13:01:36 -08:00
Manuel Buil	5188443988	Fix log for flannelExternalIP use case Signed-off-by: Manuel Buil <mbuil@suse.com>	2022-11-21 17:10:35 +01:00
Manuel Buil	e41e4010e5	Revert "Remove stuff which belongs in the windows executor implementation" This reverts commit `1bc0684fb7`. Signed-off-by: Manuel Buil <mbuil@suse.com>	2022-11-15 21:40:42 +01:00
Manuel Buil	9419b1a936	Merge pull request #6492 from manuelbuil/removeWinStuff Remove stuff which belongs in the windows executor implementation	2022-11-15 12:07:17 +01:00
Brad Davidson	adb820d859	Bump traefik chart to 19.0.4 to fix kubernetes version check Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-14 13:42:24 -08:00
Manuel Buil	1bc0684fb7	Remove stuff which belongs in the windows executor implementation Signed-off-by: Manuel Buil <mbuil@suse.com>	2022-11-14 15:52:04 +01:00
Derek Nola	13c633da12	Add Secrets Encryption to CriticalArgs (#6409 ) * Add EncryptSecrets to Critical Control Args * use deep comparison to extract differences Signed-off-by: Derek Nola <derek.nola@suse.com> Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-11-04 10:35:29 -07:00
Manuel Buil	861f8ed8f8	Merge pull request #6386 from manuelbuil/changeAddrTypesMetricsServer Change addr types in metrics server	2022-11-04 11:11:21 +01:00
thomasferrandiz	b7d217dbf3	Merge pull request #6405 from thomasferrandiz/log-kube-router-version log kube-router version when starting netpol controller	2022-11-04 11:07:37 +01:00
Manuel Buil	8aff25e192	Merge pull request #6403 from manuelbuil/logsFlannelExternalIP Avoid wrong config for `flannel-external-ip` and add warning if unencrypted backend	2022-11-04 09:47:30 +01:00
Manuel Buil	557fcd28d5	Change the priority of address types depending on flannel-external-ip Signed-off-by: Manuel Buil <mbuil@suse.com>	2022-11-04 09:02:39 +01:00
Manuel Buil	1682172ac1	Add some helping logs to avoid wrong configs Signed-off-by: Manuel Buil <mbuil@suse.com>	2022-11-03 18:09:17 +01:00
Roberto Bonafiglia	87c7ea81f0	Updated flannel version to 0.20.1 Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2022-11-03 17:49:26 +01:00
Thomas Ferrandiz	68ac954489	log kube-router version when starting netpol controller Signed-off-by: Thomas Ferrandiz <thomas.ferrandiz@suse.com>	2022-11-03 12:26:50 +01:00
Brad Davidson	d7dbf69f7f	go generate Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-02 11:29:05 -07:00
iyear	3aae7b8783	Fix incorrect defer usage Problem: Using defer inside a loop can lead to resource leaks Solution: Judge newer file in the separate function Signed-off-by: iyear <ljyngup@gmail.com>	2022-11-01 16:23:25 -07:00
Brad Davidson	cb86d2c1f0	Bump traefik to v2.9.4 / chart v18.3.0 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-01 16:05:45 -07:00
Petri Kivikangas	6156059136	Convert containerd config.toml.tmpl Linux template to v2 syntax Signed-off-by: Petri Kivikangas <36138+Kitanotori@users.noreply.github.com>	2022-10-27 16:55:03 -07:00
Brad Davidson	76729d813b	Set default kubeletPort Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-26 15:08:13 -07:00
Brad Davidson	269563e4d2	Check for RBAC before starting tunnel controllers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-26 15:08:13 -07:00
Brad Davidson	68a56ff8d8	Add GVK lookup to deploy controller Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-26 15:08:13 -07:00
Brad Davidson	8d28a38a18	Update helm-controller to pull in refactor Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-26 15:03:13 -07:00
Brad Davidson	16a8b6d6f1	Bump Traefik helm chart to v18.0.0 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-26 13:38:13 -07:00
Brad Davidson	f2585c1671	Add --flannel-external-ip flag Using the node external IP address for all CNI traffic is a breaking change from previous versions; we should make it an opt-in for distributed clusters instead of default behavior. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-24 10:10:49 -07:00
Brad Davidson	e8c250b8dc	Fix RBAC to allow removal of legacy finalizer Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-20 16:12:28 -07:00
Brad Davidson	3c0cd6f2dc	Return ProviderID in URI format The InstancesV1 interface handled this for us by combining the ProviderName and InstanceID values; the new interface requires us to do it manually Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-17 11:05:09 -07:00
Brad Davidson	f25419ca2c	Add ServiceAccount for svclb pods For 1.24 and earlier, the svclb pods need a ServiceAccount so that we can allow their sysctls in PSPs Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-10 17:40:39 -07:00
Derek Nola	06d81cb936	Replace deprecated ioutil package (#6230 ) * Replace ioutil package * check integration test null pointer * Remove rotate retries Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-10-07 17:36:57 -07:00
Brad Davidson	25e83cfa4f	Bump traefik to 2.9.1 / chart 12.0.0 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-06 16:20:21 -07:00
Brad Davidson	b411864be5	Handle custom kubelet port in agent tunnel The kubelet port can be overridden by users; we shouldn't assume its always 10250 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-05 21:10:38 -07:00
Brad Davidson	11072e2516	Fix occasional "TLS handshake error" in apiserver network proxy. We should be reading from the hijacked bufio.ReaderWriter instead of directly from the net.Conn. There is a race condition where the underlying http handler may consume bytes from the hijacked request stream, if it comes in the same packet as the CONNECT header. These bytes are left in the buffered reader, which we were not using. This was causing us to occasionally drop a few bytes from the start of the tunneled connection's client data stream. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-05 21:10:38 -07:00
Brad Davidson	f633732d80	Use structured logging instead of logrus for event recorders Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-04 10:26:17 -07:00
Brad Davidson	d963cb2f70	Disable cloud-node and cloud-node-lifecycle if CCM is disabled If CCM and ServiceLB are both disabled, don't run the cloud-controller-manager at all; this should provide the same CLI flag behavior as previous releases, and not create problems when users disable the CCM but still want ServiceLB. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-09-30 08:17:20 -07:00
Brad Davidson	0b96ca92bc	Move servicelb into cloudprovider LoadBalancer interface Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-09-30 08:17:20 -07:00
Brad Davidson	a15e7e8b68	Move DisableServiceLB/Rootless/ServiceLBNamespace into config.Control Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-09-30 08:17:20 -07:00
Brad Davidson	063039471c	Implement InstancesV2 instead of Instances ... and drop legacy ClusterID support. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-09-30 08:17:20 -07:00

1 2 3 4 5 ...

1167 Commits (c3d9410216de0ff594b30fd769348bb75f44237f)