Commit Graph

150 Commits

Author SHA1 Message Date
Jacob Blain Christen
0d05b14b71
runc: v1.0.0-rc94 (#3305)
- bump the runc version to v1.0.0-rc94
- build runc from its own source tree instead of from ./vendor/
  - side-steps incompatibility with upstream kubelet container manager

Signed-off-by: Jacob Blain Christen <dweomer5@gmail.com>
2021-05-12 11:50:24 -07:00
Brad Davidson
02a5bee62f
Add system-default-registry support and remove shared code (#3285)
* Move registries.yaml handling out to rancher/wharfie
* Add system-default-registry support
* Add CLI support for kubelet image credential providers

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-10 15:58:41 -07:00
Brad Davidson
2705431d96
Add support for dual-stack Pod/Service CIDRs and node IP addresses (#3212)
* Add support for dual-stack cluster/service CIDRs and node addresses

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-04-21 15:56:20 -07:00
Brad Davidson
4fbc241679 Update to forked protobuf 1.4.3-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-04-14 14:51:42 -07:00
Brad Davidson
e8381db778 Update Kubernetes to v1.21.0
* Update Kubernetes to v1.21.0
* Update to golang v1.16.2
* Update dependent modules to track with upstream
* Switch to upstream flannel
* Track changes to upstream cloud-controller-manager and FeatureGates

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-04-14 14:51:42 -07:00
Jacob Blain Christen
93b18b343a Update to Kubernetes v1.20.5 (#3094)
* Update to Kubernetes v1.20.5
* vendor: bumps for some containerd deps
* go: bump to 1.16.2 for arm

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
(cherry picked from commit 355fff3017)
2021-03-31 14:18:41 -07:00
Akihiro Suda
cb73461a5b AkihiroSuda/containerd-fuse-overlayfs -> containerd/fuse-overlayfs-snapshotter
The repo has been moved.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2021-03-24 10:34:34 -07:00
Akihiro Suda
11ef43011a bump up RootlessKit
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2021-03-24 00:37:30 -07:00
Jacob Blain Christen
59a39e9a3b
containerd: v1.4.4-k3s1 (#3090)
Addresses k3s-io/k3s#3066 and CVE-2021-21334

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2021-03-17 14:38:42 -07:00
Jacob Blain Christen
618b0f98bf
registry mirror repository rewrites (#3064)
Support repository regex rewrite rules when fetching image content.

Example configuration:
```yaml
# /etc/rancher/k3s/registries.yaml
mirrors:
  "docker.io":
    endpoint:
    - "https://registry-1.docker.io/v2"
    rewrite:
      "^library/alpine$": "my-org/alpine"
```

This will instruct k3s containerd to fetch content for `alpine` images
from `docker.io/my-org/alpine` instead of the default
`docker.io/library/alpine` locations.

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2021-03-15 16:17:27 -07:00
Brad Davidson
7cdfaad6ce
Always use static ports for client load-balancers (#3026)
* Always use static ports for the load-balancers

This fixes an issue where RKE2 kube-proxy daemonset pods were failing to
communicate with the apiserver when RKE2 was restarted because the
load-balancer used a different port every time it started up.

This also changes the apiserver load-balancer port to be 1 below the
supervisor port instead of 1 above it. This makes the apiserver port
consistent at 6443 across servers and agents on RKE2.

Additional fixes below were required to successfully test and use this change
on etcd-only nodes.

* Actually add lb-server-port flag to CLI
* Fix nil pointer when starting server with --disable-etcd but no --server
* Don't try to use full URI as initial load-balancer endpoint
* Fix etcd load-balancer pool updates
* Update dynamiclistener to fix cert updates on etcd-only nodes
* Handle recursive initial server URL in load balancer
* Don't run the deploy controller on etcd-only nodes
2021-03-06 02:29:57 -08:00
Brian Downs
4d1f9eda9d
Etcd Snapshot/Restore to/from S3 Compatible Backends (#2902)
* Add functionality for etcd snapshot/restore to and from S3 compatible backends.
* Update etcd restore functionality to extract and write certificates and configs from snapshot.
2021-03-03 11:14:12 -07:00
galal-hussein
885b7391a2 update dynamiclistener
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-03-01 23:51:07 +02:00
galal-hussein
fad2a046c3 update master to 1.20.4
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-02-23 23:31:08 -08:00
Brad Davidson
6c472b5942 Use zstd instead of gzip for embedded tarball
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-02-08 21:08:35 -08:00
Brad Davidson
740b654d47 Update containerd to fix AppArmor on SLES
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-29 16:33:33 -08:00
Brad Davidson
1d4adb0301 Update Kubernetes to v1.20.2-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-13 21:31:53 -08:00
Brad Davidson
26d45287b6
Update helm-controller to v0.8.3 (#2793)
* Update helm-controller to v0.8.3
* Update klipper-helm image

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-01-11 12:09:39 -08:00
Brad Davidson
d13f7fabd6 Fix incorrect kubernetes replacement fork in go.mod
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-16 14:35:11 -08:00
Brad Davidson
c6950d2cb0 Update Kubernetes to v1.20.0-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-08 22:51:34 -08:00
Hussein Galal
989c936993
update etcd to fix the panic for etcd tombstone issue (#2658)
* update etcd

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod tidy

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2020-12-09 01:06:37 +02:00
Hussein Galal
fadc5a8057
Add tombstone file to etcd and catch errc etcd channel (#2592)
* Add tombstone file to embedded etcd

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod update

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fixes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* more fixes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* more changes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* gofmt and goimports

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod update

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod tidy

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2020-12-07 22:30:44 +02:00
Jacob Blain Christen
47019226bb
containerd: v1.4.3-k3s1 (#2631)
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-07 10:02:56 -07:00
Akihiro Suda
05f6255437 add fuse-overlayfs snapshotter (mainly for rootless mode)
Ubuntu and Debian kernels support mounting real overlayfs inside userns,
but the vanilla kernel still does not allow it.

OTOH fuse-overlayfs can be mounted inside userns with the vanilla kernel (>= 4.18).

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 11:00:00 -08:00
Jacob Blain Christen
3647654fe4
[migration k3s-io] update helm-controller dependency (#2569)
rancher/helm-controller ➡️ k3s-io/helm-controller

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-01 08:59:10 -07:00
Jacob Blain Christen
b4a51f2b9a
[migration k3s-io] update flannel and go-powershell replace directives (#2576)
rancher/flannel ➡️ k3s-io/flannel
rancher/go-powershell ➡️ k3s-io/go-powershell

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-01 08:12:18 -07:00
Jacob Blain Christen
898fd0848f
[migration k3s-io] update etcd replace directive (#2578)
rancher/etcd ➡️ k3s-io/etcd

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-01 08:08:58 -07:00
Akihiro Suda
0b45e32486 Support cgroup v2
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-11-30 22:57:37 -08:00
Jacob Blain Christen
36230daa86
[migration k3s-io] update kine dependency (#2568)
rancher/kine ➡️ k3s-io/kine

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-30 16:45:22 -07:00
Jacob Blain Christen
cc32e2f9a0
[migration k3s-io] update containerd, cri, and cri-tools replace directives (#2591)
- rancher/cri ➡️ k3s-io/cri
- rancher/cri-tools ➡️ k3s-io/cri-tools
- rancher/containerd ➡️ k3s-io/containerd

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-30 10:40:54 -07:00
Jacob Blain Christen
f88d93db37
[migration k3s-io] go.mod replace kubernetes/kubernetes (#2567)
This change set replaces these go.mod replacement directives with references to k3s-io repositories.

- rancher/kubernetes
- rancher/nocode

Part of https://github.com/rancher/k3s/issues/2189

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-30 09:39:38 -07:00
Brad Davidson
5896fb06c2 Update Kubernetes to v1.19.4-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-18 15:25:39 -08:00
Brad Davidson
ea312a303e Update kine to v0.5.1 for compact fix
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-11-12 19:46:22 -08:00
Jacob Blain Christen
2c666af483
cri: pull in updated /dev/shm fix (#2506)
Do not relabel container /dev/shm when it is host /dev/shm.

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-11 17:08:59 -07:00
Jacob Blain Christen
ce5c8efbcf
cri: bump to updated fork (#2478)
Addresses rancher/k3s#2240

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-11-09 10:19:00 -07:00
Brad Davidson
7a5a9033a7 Update kine to v0.5.0
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-10-28 13:03:47 -07:00
Brad Davidson
03f05f9337 Update Kubernetes to v1.19.3-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-10-16 13:18:59 -07:00
Brian Downs
299fe83a1f update kine to v0.4.1
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-10-15 10:34:24 -07:00
MonzElmasry
302fd26f50
bump k8s version to v1.19.2 on master
Signed-off-by: MonzElmasry <menna.elmasry@rancher.com>
2020-09-21 22:21:25 +02:00
Hussein Galal
beab211685
update etcd to use rancher fork (#2238)
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2020-09-12 01:13:27 +02:00
Brad Davidson
617b34c588 Update golang to 1.15.2
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-09-11 11:52:03 -07:00
Hussein Galal
041f18f6da
pin down grpc and related library in go.mod (#2222)
* pin down grpc and related library in go.mod

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod tidy

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2020-09-10 00:08:21 +02:00
Brad Davidson
698cd2373f Update to v1.19.1-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-09-09 11:32:29 -07:00
Brad Davidson
8d5f58f00e
Merge pull request #2195 from brandond/rke2_271
Update helm-controller
2020-09-02 12:17:40 -07:00
Brad Davidson
733d26816a Update helm-controller
Related to https://github.com/rancher/rke2/issues/271

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-09-02 10:17:04 -07:00
Darren Shepherd
0c29005bb3 Update vendor
Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 21:44:18 -07:00
Darren Shepherd
ae5c585050 Revert "Add config file support"
This reverts commit e1dc3451bc.

Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 21:44:07 -07:00
Erik Wilson
447097a597
Merge pull request #2098 from erikwilson/k8s-1.19
Update to k8s 1.19
2020-08-28 18:22:15 -07:00
Erik Wilson
daa4beb22c
Update go.mod for k8s 1.19 2020-08-28 17:18:31 -07:00
Brian Downs
866dc94cea
Galal hussein etcd backup restore (#2154)
* Add etcd snapshot and restore

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix error logs

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* goimports

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix flag describtion

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add disable snapshot and retention

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* use creation time for snapshot retention

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* unexport method, update var name

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* adjust snapshot flags

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update var name, string concat

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* revert previous change, create constants

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* updates

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* type assertion error checking

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* pr remediation

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* pr remediation

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* pr remediation

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* pr remediation

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* pr remediation

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* updates

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* updates

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* simplify logic, remove unneeded function

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update flags

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update flags

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* add comment

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* exit on restore completion, update flag names, move retention check

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* exit on restore completion, update flag names, move retention check

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* exit on restore completion, update flag names, move retention check

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update disable snapshots flag and field names

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* move function

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update field names

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update var and field names

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update var and field names

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update defaultSnapshotIntervalMinutes to 12 like rke

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update directory perms

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update etc-snapshot-dir usage

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update interval to 12 hours

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* fix usage typo

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* add cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* add cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* add cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* wire in cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* wire in cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* wire in cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* wire in cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* wire in cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* wire in cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* wire in cron

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update deps target to work, add build/data target for creation, and generate

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* remove dead make targets

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* error handling, cluster reset functionality

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* error handling, cluster reset functionality

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* update

Signed-off-by: Brian Downs <brian.downs@gmail.com>

* remove intermediate dapper file

Signed-off-by: Brian Downs <brian.downs@gmail.com>

Co-authored-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2020-08-28 16:57:40 -07:00