David Nuzik
da3e26a624
Merge pull request #2134 from tuananh/patch-1
...
Fix typo
2020-08-17 10:00:31 -07:00
Tuan Anh Tran
a1199fca6f
Fix typo
...
Signed-off-by: Tuan Anh Tran <anh.tt@teko.vn>
2020-08-17 11:48:09 +07:00
Jacob Blain Christen
4db4171808
helm-controller: bring in a fix for tolerations
...
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-08-16 03:06:36 -07:00
Craig Jellick
186c441aa5
initial roadmap
...
Signed-off-by: Craig Jellick <craig@rancher.com>
2020-08-13 08:06:55 -07:00
Jacob Blain Christen
e2089bea18
cli: add --selinux flag to agent/server sub-cmds ( #2111 )
...
* cli: add --selinux flag to agent/server sub-cmds
Introduces --selinux flag to affirmatively enable SELinux in containerd.
Deprecates --disable-selinux flag which now defaults to true which
auto-detection of SELinux configuration for containerd is no longer
supported. Specifying both --selinux and --disable-selinux will result
in an error message encouraging you to pick a side.
* Update pkg/agent/containerd/containerd.go
update log warning message about enabled selinux host but disabled runtime
Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-08-11 16:17:32 -07:00
Brad Davidson
4a68698014
Merge pull request #2104 from brandond/update_helm-controller
...
Update helm-controller
2020-08-10 23:54:52 -07:00
Jacob Blain Christen
89b9dde3c2
Merge pull request #2109 from dweomer/go1.13.15
...
golang: 1.13.15
2020-08-10 16:11:30 -07:00
Jacob Blain Christen
3f8c94254a
golang: 1.13.15
...
- https://github.com/golang/go/issues?q=milestone%3AGo1.13.15+label%3ACherryPickApproved
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-08-10 15:39:36 -07:00
Brad Davidson
30345b6974
Update helm-controller
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-08-07 12:17:58 -07:00
Erik Wilson
026584e1f7
Merge pull request #2103 from brandond/fix_2102
...
Fix removal of /run directories
2020-08-07 11:49:58 -07:00
Brad Davidson
0291bd770e
Fix removal of /run directories
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-08-07 11:13:04 -07:00
Jacob Blain Christen
97ff5affab
Merge pull request #2065 from dweomer/containerd/v1.3.6-selinux
...
updated containerd/cri selinux support
2020-08-07 11:09:28 -07:00
Craig Jellick
4aaebd35f6
etcd mgmt is a work in progress
2020-08-07 10:21:54 -07:00
Craig Jellick
dbf59b46f2
Clarify K3s's positioning, goals, intentions, and components
2020-08-07 09:56:50 -07:00
Brad Davidson
9137c45cdb
Merge pull request #1614 from sen-subhabrata/master
...
install.sh: cleanup /run on uninstall
2020-08-05 11:26:21 -07:00
Brad Davidson
3f2551ec05
Merge pull request #1848 from euank/insecure-on-lo
...
Listen insecurely on localhost only
2020-08-05 10:55:09 -07:00
Brad Davidson
d11570fbdb
Merge pull request #2096 from AkihiroSuda/bump-up-rootlesskit
...
update rootlesskit to v0.10.0
2020-08-05 10:31:17 -07:00
Euan Kemp
4808c4e7d5
Listen insecurely on localhost only
...
Before this change, k3s configured the scheduler and controller's
insecure ports to listen on 0.0.0.0. Those ports include pprof, which
provides a DoS vector at the very least.
These ports are only enabled for componentstatus checks in the first
place, and componentstatus is hardcoded to only do the check on
localhost anyway (see
https://github.com/kubernetes/kubernetes/blob/v1.18.2/pkg/registry/core/rest/storage_core.go#L341-L344 ),
so there shouldn't be any downside to switching them to listen only on
localhost.
2020-08-05 10:28:11 -07:00
Akihiro Suda
a70cdac356
update rootlesskit to v0.10.0
...
Fix intermittent "Connection reset by peer" error during port forwarding
https://github.com/rootless-containers/rootlesskit/issues/153
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-08-05 18:22:05 +09:00
Brad Davidson
c8282f4939
Merge pull request #2053 from brandond/update_dynamiclistener
...
Update dynamiclistener
2020-08-04 14:48:47 -07:00
Brad Davidson
3e8141dc65
Update dynamiclistener
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-08-04 13:05:37 -07:00
Brian Downs
6fcec6aea9
Merge pull request #1754 from briandowns/add_pr_template
...
add pull request template
2020-08-03 09:25:39 -07:00
Hussein Galal
169ee63907
Add etcd members as learners ( #2066 )
...
* Add etcd members as learners
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
* Ignore errors in promote member
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2020-07-29 22:52:49 +02:00
Brad Davidson
a33494802b
Merge pull request #2072 from brandond/setproctitle
...
Call setproctitle to conceal node args in ps output
2020-07-28 18:45:27 -07:00
Brad Davidson
1eec7348a5
Call setproctitle to conceal node args in ps output
...
This is related to #2014 .
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-07-28 15:49:49 -07:00
Brad Davidson
375c68524b
Merge pull request #2073 from brandond/update_docker_baseimage
...
Update base image version in Dockerfiles
2020-07-28 10:16:47 -07:00
Brad Davidson
1b78715903
Update base image version in Dockerfiles
...
Should hopefully fix issues that cropped up with arm builds failing due
to the sqlite libs from alpine 3.10 no longer being compatible with
alpine edge, which was probably never a safe assumption to begin with.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-07-28 00:23:46 -07:00
Brad Davidson
361e218fef
Merge pull request #2064 from brandond/write_kubeconfig_claim
...
Correctly report and propagate kubeconfig write failures
2020-07-27 16:28:45 -07:00
Jacob Blain Christen
371bee82f9
containerd: bump to v1.3.6
...
Remove $NOTIFY_SOCKET, if present, from env when invoking containerd to
prevent gratuitous notifications sent to systemd.
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-07-27 14:41:52 -07:00
Brad Davidson
118d3256b5
Merge pull request #2056 from mcsaucy/http
...
Always validate K3S_URL if running agent.
2020-07-24 14:23:00 -07:00
Chris Kim
79931c73bc
Merge pull request #2063 from Oats87/bump-k3s-root-v060-rc3
...
Bump k3s-root to v0.6.0-rc3
2020-07-24 12:38:35 -07:00
Brad Davidson
dfd0f9d1a6
Correctly report and propagate kubeconfig write failures
...
As seen in issues such as #15 #155 #518 #570 there are situations where
k3s will fail to write the kubeconfig file, but reports that it wrote it
anyway as the success message is printed unconditionally. Also, secondary
actions like setting file mode and creating a symlink are also attempted
even if the file was not created.
This change skips attempting additional actions, and propagates the
failure back upwards.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-07-24 12:07:32 -07:00
Chris Kim
b5e57a10d5
Bump k3s-root to v0.6.0-rc3 for https://github.com/rancher/k3s/issues/1812
...
Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-07-24 11:16:50 -07:00
Josh McSavaney
265bd9848b
Always validate K3S_URL.
...
Also move K3S_URL validation to its own function.
Signed-off-by: Josh McSavaney <mcsaucy@csh.rit.edu>
2020-07-23 17:21:55 -04:00
Brad Davidson
4eb88a2fd3
Merge pull request #2042 from brandond/coredns_sync_1919-master
...
Update coredns version for master
2020-07-21 15:12:59 -07:00
Brad Davidson
77bfe47627
Merge pull request #2037 from brandond/update_k3s-root_slirp4netns
...
Update k3s-root to pull in updated slirp4netns
2020-07-21 15:12:27 -07:00
Brad Davidson
9da8dc4f61
Update coredns version to 1.6.9 for master
...
Needed for #1844
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-07-21 11:06:44 -07:00
Brian Downs
04f57e5e1d
Merge pull request #2044 from briandowns/add_cis_server_flag
...
update cis flag implementation to propogate the rest of the way
2020-07-20 16:56:07 -07:00
Brian Downs
5a81fdbdc5
update cis flag implementation to propogate the rest of the way through to kubelet
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-07-20 16:31:56 -07:00
Hussein Galal
6d59b81479
Fix cli in main.go ( #2043 )
2020-07-21 00:06:21 +02:00
Erik Wilson
1b62c2802b
Merge pull request #1983 from erikwilson/upgrade-flannel
...
Update flannel to v0.12.0-k3s1
2020-07-20 14:18:49 -07:00
Brad Davidson
1de58904ad
Update flannel to v0.12.0-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-07-20 13:18:46 -07:00
Brad Davidson
9e00f6dc73
Update k3s-root to pull in updated slirp4netns
...
Related to #1709
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-07-17 16:47:44 -07:00
Jason
e3f8789114
Add containerd snapshotter flag ( #1991 )
...
* Add containerd snapshotter flag
Signed-off-by: Jason-ZW <zhenyang@rancher.com>
* Fix CamelCase nit and option description
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Jason-ZW <zhenyang@rancher.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
2020-07-18 01:16:23 +02:00
Brad Davidson
206accbe8d
Update to v1.18.6-k3s1 ( #2035 )
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-07-18 01:14:37 +02:00
David Nuzik
186c4a1c6b
Merge pull request #2022 from davidnuzik/mark-v1.18.6-stable
...
Set v1.18.6 as stable in channel server
2020-07-16 17:36:57 -07:00
Brian Downs
f7dae176e9
Merge pull request #2023 from briandowns/add_kubelet_cis_flag
...
add protect-kernel-defaults to kubelet
2020-07-14 16:32:43 -07:00
Brian Downs
abb2d9aad1
add flag usage
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-07-14 15:55:18 -07:00
Brian Downs
57a6319fac
add protect-kernel-defaults to kubelet
...
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-07-14 15:46:10 -07:00
David Nuzik
cecce93ee1
Set v1.18.6 as stable in channel server
...
Signed-off-by: David Nuzik <david.nuzik@rancher.com>
2020-07-14 11:55:48 -07:00