f1c323c268
Skip setting up client tls when etcd server does not have tls enabled
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-03-30 01:06:28 -07:00
90ce62ceaa
Defragment etcd datastore before clearing alarms
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-03-28 09:28:24 -07:00
5cb2c254e5
Fix etcd-only secrets encryption rotation
...
Improve feedback when running secrets-encrypt commands on etcd-only nodes, and
allow etcd-only nodes to properly restart when effecting rotation.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e811689df9
2022-03-25 14:38:22 -07:00
ee772c1074
Ensure that apiserver ready channel checks re-dial every time
...
Closing idle connections isn't guaranteed to close out a pooled connection to a
loadbalancer endpoint that has been removed. Instead, ensure that requests used
to wait for the apiserver to become ready aren't reused.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-03-23 13:23:29 -07:00
3a8910f0b4
Update Kubernetes to v1.21.11-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-03-18 14:03:01 -07:00
87c4a13554
Defer ensuring node passwords on etcd-only nodes during initial cluster bootstrap
...
This allows secondary etcd nodes to bootstrap the kubelet before an
apiserver joins the cluster. Rancher waits for all the etcd nodes to
come up before adding the control-plane nodes, so this needs to be
handled properly.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 38706eeec0
2022-03-18 13:44:06 -07:00
f8fa57de06
Update helm-controller
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit a93b9b6d53
2022-03-17 16:01:41 -07:00
5ba59d98c8
Close additional leaked GPRC clients
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-03-15 18:09:00 -07:00
5580875acb
Bootstrap the executor even when the agent is disabled
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f090bf2d5e
2022-03-15 18:09:00 -07:00
ad40da3271
Fix etcd-snapshot commands by making setup more consistent.
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit a7878db17f
2022-03-15 18:09:00 -07:00
cbf8cadb92
Ignore cluster membership errors when reconciling from temp etcd
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 9a48086524
2022-03-15 18:09:00 -07:00
7da7a00f8f
Move temporary etcd startup into etcd module
...
Reuse the existing etcd library code to start up the temporary etcd
server for bootstrap reconcile. This allows us to do proper
health-checking of the datastore on startup, including handling of
alarms.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit e4846c92b4
2022-03-15 18:09:00 -07:00
a05c3db6d6
Disable ineffassign CI plugin for excessive false positives
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 3531df3f31
2022-03-15 18:09:00 -07:00
8d13e68cc5
Add function to clear local alarms on etcd startup
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 555087b9b8
2022-03-15 18:09:00 -07:00
f55f09672e
Fix adding etcd-only node to existing cluster
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5014c9e0e8
2022-03-15 18:09:00 -07:00
ee4c209df9
Remove unnecessary copies of etcdconfig struct
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit a1b800f0bf
2022-03-15 18:09:00 -07:00
58fe28b500
Fix cluster bootstrap test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 54bb65064e
2022-03-15 18:09:00 -07:00
a18c38d63d
Remove unnecessary copies of runtime struct
...
Several types contained redundant references to ControlRuntime data. Switch to consistently accessing this via config.Runtime instead.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2989b8b2c5
2022-03-15 18:09:00 -07:00
171dd09d79
Bump containerd to v1.4.13-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-03-15 15:03:26 -07:00
86559341a4
remove unused code ( #5247 )
2022-03-09 16:33:16 -07:00
d0be109e7c
add net util funcs ( #5244 )
2022-03-09 14:26:04 -07:00
749d157d87
fix function arg call ( #5234 ) ( #5235 )
2022-03-09 08:00:06 -07:00
6211a979a9
[Engine-1.21] Populate EtcdConfig in runtime from datastore when etcd is disabled ( #5230 )
...
* Populate EtcdConfig in runtime from datastore when etcd is disabled (#5222 )
Fixes issue with secrets-encrypt rotate not having any etcd endpoints
available on nodes without a local etcd server.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Revert naming to old Kine
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
2022-03-08 12:07:18 -08:00
a8e7e287fb
Add `--json` flag for `k3s secrets-encrypt status` ( #5127 ) ( #5199 )
...
* Add json flag for secrets-encrypt status
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-03-03 10:25:36 -08:00
b2222d0f0e
Create encryption hash file if it doesn't exist ( #5170 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-02-28 09:05:51 -08:00
343c7ceb6b
add ability to specify etcd snapshot list output format ( #5132 ) ( #5181 )
2022-02-26 12:29:17 -07:00
b4e50c29c7
Update to v1.21.10 ( #5150 )
...
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2022-02-22 21:36:30 +02:00
1f529b5161
Update Wrangler to resolve issue with deleting owned resources.
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-02-11 15:52:11 -08:00
70304e030a
Add server flag to access nonlocal/nondefault k3s server ( #5016 ) ( #5055 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-01-31 15:58:05 -08:00
d3189ad239
Move containerd wait into exported function
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-25 13:10:00 -08:00
3b3d2d222b
[Engine-1.21] Update to v1.21.9 ( #5005 )
...
* Backport #4861
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Update tags to k3s-io for v1.21.9
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-01-25 09:16:20 -08:00
290fb7484c
go generate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-18 17:38:54 -08:00
fbacc9c42a
Fix CRD version lookup
...
Backport CRD lookup fix from a5355f0827
2022-01-18 17:38:54 -08:00
4b442e7bd3
Update packaged components
...
Update images and manifests/charts for coredns, local-path-provisioner, traefik, and pause
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-18 17:38:54 -08:00
0aefe2d2e2
Upgrade: metrics server version bump from v0.5.0 to v0.5.2
...
Kubernetes Metrics Server version upgrade with the following changes:
Remove elevated permissions cap_net_bind_service from metrics-server
Fix bad architecture metadata
Fix reporting inconsistent number of nodes, caused by using invalid Kubelet node start time metric
Fix reporting partial container metrics for pod
Signed-off-by: Farukh Khan <farukhkhan21@gmail.com>
2022-01-18 17:38:54 -08:00
923bc85496
Add package version to traefik helm chart
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit a3cab2664e
2022-01-18 17:38:54 -08:00
5ec623d17a
Add dashboard annotations to Traefik helm chart
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 1c5e79b4d6
2022-01-18 17:38:54 -08:00
0d76df93ac
Allow svclb pod to enable ipv6 forwarding
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-01-18 17:38:54 -08:00
53b10471c4
Bump klipper-lb image for arm fix
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-18 17:38:54 -08:00
4f1fd7b30f
Dual-stack support LB controller
...
Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-01-18 17:38:54 -08:00
8755fd45f6
[Engine-1.21] Adds the ability to compress etcd snapshots ( #4866 ) ( #4958 )
2022-01-18 11:08:54 -07:00
b242beafd8
Update etcd to v3.4.18-k3s1
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-14 14:32:11 -08:00
8fe79bfe7a
Skip CGroup v2 evac when agent is disabled
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-14 13:25:31 -08:00
43e1f40800
Enable logging on all subcommands ( #4921 ) ( #4933 )
...
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-01-14 09:21:44 -08:00
f1f4ad64f3
Move ClusterResetRestore handling ControlConfig setup
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-12 10:46:33 -08:00
803a3cfc14
Add basic etcd join test
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-07 10:15:17 -08:00
0a1f013f68
Fix handling of agent-token fallback to token
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-07 10:15:17 -08:00
4decce56a3
Fix use of agent creds for secrets-encrypt and config validate
...
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-01-06 14:17:03 -08:00
3970bc001a
[engine-1.21] Remove the Vendor Directory ( #4825 )
...
* code to remove vendor dir
Signed-off-by: Luther Monson <luther.monson@gmail.com>
2021-12-27 14:32:00 -07:00
c938d93216
Add etcd sonobuoy tests
...
Closes a gap in test coverage. Also fixes an issue where args and hooks
from previous test runs were not being reset for subsequent runs.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 52e450f033
2021-12-22 12:41:36 -08:00
Brad Davidson