Commit Graph

2940 Commits (d885162967bc7c813289553e392687239ea8da8e)

Author SHA1 Message Date
Brad Davidson d885162967 Add server token hash to CR and S3
This required pulling the token hash stuff out of the cluster package, into util.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 550ab36ab7 Switch to managing ETCDSnapshotFile resources
Reconcile snapshot CRs instead of ConfigMap; manage ConfigMap downstream from CR list

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 5cd4f69bfa Move snapshot delete into local/s3 functions
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson a15b804e00 Sort snapshots by time and key in tabwriter output
Fixes snapshot list coming out in non-deterministic order

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 7464007037 Store extra metadata and cluster ID for snapshots
Write the extra metadata both locally and to S3. These files are placed such that they will not be used by older versions of K3s that do not make use of them.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 80f909d0ca Move s3 snapshot list functionality to s3.go
Also, don't list ONLY s3 snapshots if S3 is enabled.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 8d47645312 Consistently set snapshotFile timestamp
Attempt to use timestamp from creation or filename instead of file/object modification times

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson f1afe153a3 Tidy s3 upload functions
Consistently refer to object keys as such, simplify error handling.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 2b0e2e8ada Elide old snapshot data when apiserver rejects configmap with ErrRequestEntityTooLarge
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 676b00aa0e Move etcd snapshot code into separate file
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 500744bb94 Add new CRD for etcd snapshots
Also adds a hack go script to print the embedded CRDs, for developer use.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 64107b54e4 Minor updates as per design review discussion
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 22065affa2 Add ADR for etcd snapshot CRD migration
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:04:45 -07:00
Brad Davidson 9bb1ce1253 Bump busybox to v1.36.1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 15:00:45 -07:00
Brad Davidson 5fe4f6709a Bump containerd to v1.7.7-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-10-12 14:46:26 -07:00
Derek Nola 7d38b4a3db
E2E Domain Drone Cleanup (#8579)
* Cleanup inactive vm domains
* Have e2e depend on amd64 pipeline

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-10-10 09:54:51 -07:00
Derek Nola dface01de8
Server Token Rotation (#8265)
* Consolidate NewCertCommands
* Add support for user defined new token
* Add E2E testlets

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Ensure agent token also changes

Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-10-09 10:58:49 -07:00
Roberto Bonafiglia ced25af5b1 Fixed tailscale node IP dualstack mode in case of IPv4 only node
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-10-09 15:17:33 +02:00
Johnatas ba750e28b7
[v1.28] System agent push tags fix (#8568)
* change script and drone

Signed-off-by: Johnatas <johnatasr@hotmail.com>

* adjust secret

Signed-off-by: Johnatas <johnatasr@hotmail.com>

---------

Signed-off-by: Johnatas <johnatasr@hotmail.com>
2023-10-06 16:33:48 -03:00
Manuel Buil a5485a5067
Merge pull request #8566 from manuelbuil/updateInstall.shSHA
Update install.sh.sha256sum
2023-10-06 17:36:11 +02:00
Manuel Buil e33359d375 Update install.sh.sha256sum
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-10-06 15:31:37 +02:00
Manuel Buil 1c65568fa4
Merge pull request #8523 from manuelbuil/RemoveNetworkDefaults
Network defaults are duplicated, remove one
2023-10-04 08:21:55 +02:00
Hussein Galal a6acdd0d75
Fix slemicro check for selinux (#8526)
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-10-04 00:40:35 +03:00
Manuel Buil e82b37640a Network defaults are duplicated, remove one
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-10-02 17:21:59 +02:00
Manuel Buil 00fc5a23ec
Merge pull request #8507 from manuelbuil/fixSpellCheck
Fix spellcheck problem (boostrap ==> bootstrap)
2023-09-29 16:11:24 +02:00
Manuel Buil d4a487d83f Fix spellcheck problem (boostrap ==> bootstrap)
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-29 12:45:23 +02:00
Manuel Buil 5d46467eb8
Merge pull request #8460 from manuelbuil/dsOrderGood2
Take IPFamily precedence based on order
2023-09-29 12:33:51 +02:00
Manuel Buil f2c7117374 Take IPFamily precedence based on order
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-29 11:04:15 +02:00
Manuel Buil 0b23a478cf ipFamilyPolicy:PreferDualStack for coredns and metrics-server
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-29 10:10:43 +02:00
Johnatas 021c5b291b
Improve release docs - updated (#8414)
* add updated improves

Signed-off-by: Johnatas <johnatasr@hotmail.com>

* change push tags version example

Signed-off-by: Johnatas <johnatasr@hotmail.com>

---------

Signed-off-by: Johnatas <johnatasr@hotmail.com>
2023-09-28 22:52:14 -03:00
Brad Davidson 0e5c760625 Pass SystemdCgroup setting through to nvidia runtime options
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-27 13:30:26 -07:00
Brad Davidson 1e38b5d904 Don't ignore assets in home dir if system assets exist
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-27 13:29:01 -07:00
Edgar Lee fe18b1fce9
Add --image-service-endpoint flag (#8279)
* Add --image-service-endpoint flag

Problem:
External container runtime can be set but image service endpoint is unchanged
and also is not exposed as a flag. This is useful for using containerd
snapshotters outside of the ones that have built-in support like
stargz-snapshotter.

Solution:
Add a flag --image-service-endpoint and also default image service endpoint to
container runtime endpoint if set.

Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2023-09-27 13:20:50 -07:00
Jose D. Gomez R 79b44cee29
Create and validate install.sh signatures (#8312)
- SHA256 Signature of the install script
- Added a sha256sum invocations in the validate script.

  These calls will validate that the install script signatures
  match. And when the script is changed the signatures must be
  recalculated as reported by the error message in sha256sum.

Signed-off-by: Jose D. Gomez R <jose.gomez@suse.com>
2023-09-27 12:34:08 -07:00
Manuel Buil 2a9e8e68d5
Merge pull request #8354 from manuelbuil/vpnExtraParams
Add extraArgs to vpn provider
2023-09-27 11:34:29 +02:00
Roberto Bonafiglia ad206310d1 Update kube-router
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-09-27 10:41:48 +02:00
Manuel Buil 4dd45b3142
Merge pull request #8439 from manuelbuil/fixGofmt
Fix gofmt error
2023-09-26 19:14:07 +02:00
Vitor Savian b6ab24c4fd
Added error when cluster reset while using server flag
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-09-26 11:00:37 -03:00
Chris Wayne b010c941cf
Fix .github regex to skip drone runs on gh action bumps (#8433)
* Fix .github regex to skip drone runs on gh action bumps

Signed-off-by: Chris Wayne <cwayne18@gmail.com>
2023-09-26 08:46:37 -04:00
Vitor Savian d349c9db6c
Added cluster reset from non bootstrap nodes on snapshot restore e2e test
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-09-26 08:48:25 -03:00
Vitor Savian d0ab4ef26b
Added advertise address integration test
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-09-26 08:47:25 -03:00
Manuel Buil 172a7f1d1a Fix gofmt error
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-26 11:09:03 +02:00
Brad Davidson 8705a88bf4 Clear remove annotations on cluster reset; refuse to delete last member from cluster
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-25 11:54:23 -07:00
Brad Davidson 002e6c43ee Reorganize Driver interface and etcd driver to avoid passing context and config into most calls
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-25 11:54:23 -07:00
Brad Davidson 890645924f Don't export functions not needed outside the etcd package
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-25 11:54:23 -07:00
Brad Davidson a3c52d60a5 Skip creating CRDs and setting up event recorder for CLI controller context
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-25 11:54:23 -07:00
Brad Davidson 391e61bd72 Use admin kubeconfig instead of supervisor for etcd snapshot CLI
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-09-25 11:54:23 -07:00
Derek Nola bd9dad87d5 Typo fix
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-09-25 09:19:31 -07:00
Derek Nola 5c5d957e73 Set server-token adr to accepted
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-09-25 09:19:31 -07:00
Derek Nola 6398c38690 Server token rotation ADR
Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-09-25 09:19:31 -07:00