github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,373 Commits
32 Branches
881 Tags
631 MiB
Commit Graph

3373 Commits (c577569268df6bec32425954527b758de3e7a3b6)

Author SHA1 Message Date
Brad Davidson c577569268 Fix local password validation when bind-address is set 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit d0ea741b13)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-15 16:42:45 -08:00
Hussein Galal cba30eb6b3
Load kernel modules for nft in agent setup (#11598) 
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
 2025-01-14 01:14:25 +02:00
Derek Nola 92ce3f1fe9 Fix skew semver for release-XX branches (#11531) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-01-13 12:22:34 -08:00
Derek Nola e20b4b947c Upload E2E logs on failure as GHA artifacts (#11514) 
* Upload E2E journald logs as artifacts in GHA

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Improve fork information for parent extraction

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-01-13 12:22:34 -08:00
Derek Nola c75b33b1fe Add "k3s certificate check" clause for better test coverage (#11485) 
* Add "k3s certificate check" clause for better test coverage

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add table support to cert check

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-01-13 12:22:34 -08:00
Derek Nola fba3ad6fb1 Fix docker check warnings (#11474) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-01-13 12:22:34 -08:00
Derek Nola 958f20f0a5 Fix leap install test (#11379) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-01-13 12:22:34 -08:00
Derek Nola e0e8e1a1ec Convert legacy docker tests from bash to golang (#11357) 
* Convert the following Docker test from Bash to Go
    - basics
    - bootstraptoken
    - cacerts
    - compat -> skew
    - etcd
    - lazypull
    - upgrade

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add Docker go tests to GHA
* Prebuild K3s Go Tests
* Strip go test binaries to reduce size
* Handle complex branch options

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Implement basic golang tests on arm and arm64 pipelines

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2025-01-13 12:22:34 -08:00
Vitor Savian fffd3b580b
Add auto import images for containerd image store 
* Add auto import images for containerd image store

* Add auto import images

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Fix EOF error log when importing tarball files

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Delaying queue

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Add parse for images

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

* Fix build for auto import in 1.29

Signed-off-by: Vitor Savian <vitor.savian@suse.com>

---------

Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2025-01-11 01:57:46 -03:00
muicoder 541ccbf640 Update Traefik to v2.11.18 
#11501
Signed-off-by: muicoder <muicoder@gmail.com>
(cherry picked from commit 0144d9b749)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson 9ffabf935c Bump runc to v1.2.4 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 9b1b90b1fb)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson 9bdf646507 Add tests for supervisor request handlers 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f345697c0a)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson 1e1db57b68 Replace *core.Factory with CoreFactory interface 
Make this field an interface instead of pointer to allow mocking. Not sure why wrangler has a type that returns an interface instead of just making it an interface itself. Wrangler in general is hard to mock for testing.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e6327652f0)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson b5f602191e Move additional core/v1 mocks into tests package 
Convert nodepassword tests to use shared mocks

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit c20c06373a)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson 996a9d0534 Move core/v1 mock into tests package for reuse 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 8f8cfb56b5)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson dcdf7cb61a Add test for join existing cluster 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f8271d8506)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson a67c543864 Handle cluster join as create if we're the only member 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 365372441b)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson 24d485e28f Add client-side certificate generation support 
Clients now generate keys client-side and send CSRs. If the server is down-level and sends a cert+key instead of just responding with a cert signed with the client's public key, we use the key from the server instead.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit caeebc52b7)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson 4946ae4a70 Remove unused Certificate field from Node struct 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5b1d57f7b9)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson cc7b0ae912 Move request handlers out of server package 
The servers package, and router.go in particular, had become quite
large. Address this by moving some things out to separate packages:
* http request handlers all move to pkg/server/handlers.
* node password bootstrap auth handler goes into pkg/nodepassword with
  the other nodepassword code.

While we're at it, also be more consistent about calling variables that
hold a config.Control struct or reference `control` instead of `config` or `server`.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2e4e7cf2c1)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
muicoder 681fcbabd7 Update Traefik to v2.11.17 (#11502) 
#11501
Signed-off-by: muicoder <muicoder@gmail.com>
(cherry picked from commit 056cee8290)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson 885fe214bd Fix snapshot flake 
Avoid "snapshot save already in progress" flake when snapshot reconcile from previous save is still in progress.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 68fbd1a6b5)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
Brad Davidson ab9ec28212 Improve error handling of CheckDeployments test helper 
Expose actual error, so that we can tell if the deployment is not found or not ready/available

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 93e548326a)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
galal-hussein d8da89b261 RBAC changes for compat with AuthorizeNodeWithSelectors 
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit b4747703b0)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2025-01-10 16:52:41 -08:00
manuelbuil 1c0d3aaf02 If no etcd was deployed, fail etcd-snapshot with a useful error 
Signed-off-by: manuelbuil <mbuil@suse.com>
 2025-01-09 11:47:22 -08:00
Brooks Newberry ab3818c616
Update to v1.29.12 (#11460) 
Signed-off-by: Brooks Newberry <brooks@newberry.com>
 2024-12-12 07:15:11 -08:00
Arne Winter 9260776412 add node-internal-dns/node-external-dns address pass-through support (#10852) 
* add --node-internal-dns and --node-external-dns

Signed-off-by: Arne Winter <github@arnewinter.dev>
Co-authored-by: Brad Davidson <brad@oatmail.org>
(cherry picked from commit c4c11e51f1)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-11 17:10:02 -08:00
Brad Davidson 75b6304ae5 Add hidden flag/var for supervisor/apiserver listen config 
Add flags supervisor and apiserver ports and bind address so that we can add an e2e to cover supervisor and apiserver on separate ports, as used by rke2

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e143e0fa12)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson 897193a067 Fix agent tunnel address on rke2 
Fix issue where rke2 tunnel was trying to connect to apiserver port instead of supervisor

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5a5b136151)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson 7bc029942c Tail journald logs into report on suite failure 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e9cf3a7ab5)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson dd7d1e12a0 Fix integration test failure message 
The error message should be printf style, not just concatenated. The
current message is garbled if the command or result contains things that
look like formatting directives:

`Internal error occurred: error sending request: Post "https://10.10.10.102:10250/exec/default/volume-test/volume-test?command=sh&command=-c&command=echo+local-path-test+%!!(MISSING)E(MISSING)+%!!(MISSING)F(MISSING)data%!!(MISSING)F(MISSING)test&error=1&output=1": proxy error from 127.0.0.1:6443 while dialing 10.10.10.102:10250, code 502: 502 Bad Gateway`

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 45195e2654)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson 960e2eca7e Add command output to test failure message 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 81dda9d626)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson d266b9970c Fall back to polling the supervisor for apiserver addresses when the watch fails 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit c7ff957cae)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson 1a16be41e4 Return apiserver addresses from both etcd and endpoints 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 168b344d1d)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson fba0f092d4 Use helper to set consistent rest.Config rate limits and timeouts 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 71918e0d69)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson 3c064d17db Add loadbalancer metrics 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 3d2fabb013)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson ba4237aaf7 Refactor load balancer server list and health checking 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 911ee19a93)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson 867ca25412 Refactor filterCN to use a Set instead of map[string]bool 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 95797c4a79)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson a5906cff16 Separate persistent config struct from LoadBalancer and make fields private 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 67fd5fa9e5)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson 446ffda6c2 Move http/socks proxy stuff to separate file 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 13e9113787)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Brad Davidson f64ee16f6f Remove unused code from etcdproxy 
None of these fields or functions are used in k3s or rke2

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f2f57b4a4b)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-10 17:35:49 -08:00
Derek Nola c8280df92d
Update coredns to 1.12.0 (#11456) 
* Update to coredns 1.12.0

Signed-off-by: Reinhard Nägele <unguiculus@gmail.com>
Co-authored-by: Reinhard Nägele <unguiculus@gmail.com>
 2024-12-10 16:57:28 -08:00
Derek Nola 20ea4f332a
Remove experimental from embedded-registry flag (#11446) 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2024-12-10 08:37:33 -08:00
Derek Nola 07d60c0b50
Fix secrets-encrypt reencrypt timeout error (#11440) 
* Add missing default OS for split server test



* Launch go routine and return for k3s secrets-encrypt reencrypt



---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2024-12-09 13:21:53 -08:00
Brad Davidson 666b590a75 Add rewrite test to privateregistry e2e 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-03 11:59:14 -08:00
Brad Davidson c216848b8a Bump containerd for image rewrite fix 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-12-03 11:59:14 -08:00
Brooks Newberry 7a4d8fccba
update Kubernetes to v1.29.11-k3s1 (#11370) 
Signed-off-by: Brooks Newberry <brooks@newberry.com>
 2024-11-26 16:49:58 -08:00
Brad Davidson b91bdd32d6 Fix issue with loadbalancer failover to default server 
The loadbalancer should only fail over to the default server if all other server have failed, and it should force fail-back to a preferred server as soon as one passes health checks.

The loadbalancer tests have been improved to ensure that this occurs.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-11-14 08:19:49 -08:00
Brad Davidson c50a9962c0 Fix handling of wrapped subcommands when run with a path 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-11-12 19:28:49 -08:00
Brad Davidson dd5aea388f Bump kine for mysql connection close fix 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 71fdc4a117)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2024-11-12 19:28:49 -08:00