Improve feedback when running secrets-encrypt commands on etcd-only nodes, and
allow etcd-only nodes to properly restart when effecting rotation.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Don't hardcode the event namespace when creating event recorders; some controllers want to create events in other namespaces.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Closing idle connections isn't guaranteed to close out a pooled connection to a
loadbalancer endpoint that has been removed. Instead, ensure that requests used
to wait for the apiserver to become ready aren't reused.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
NFS is the default (and well tested) mount type for vagrant-libvirt.
Howver, to make it work, it nneeds the vers=3,tcp options to be
provided.
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
By default, the most of Vagrant boxes are explicitly disabling IPv6
through sysctl. This change makes sure that IPv6, and also IP forwarding
for all families, are enabled.
This change is necessary for using dual-stack in Vagrant environment.
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
This allows secondary etcd nodes to bootstrap the kubelet before an
apiserver joins the cluster. Rancher waits for all the etcd nodes to
come up before adding the control-plane nodes, so this needs to be
handled properly.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Simplify role in existing tests
* Update other tests to output vagrant log on failure
* go test for split server
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Removed vagrant folder
* Fix comments around E2E ENVs
* Eliminate testutil folder
* Convert flock integration test to unit test
* Point to other READMEs
Signed-off-by: Derek Nola <derek.nola@suse.com>
Fixes issue with secrets-encrypt rotate not having any etcd endpoints
available on nodes without a local etcd server.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
adds a new optional node label
"svccontroller.k3s.cattle.io/lbpool=<pool>" that can be set on nodes.
ServiceType: LoadBalancer services can then specify a matching label,
which will schedule the DaemonSet only on specified nodes. This allows
operators to specify different pools of nodes that can serve different
LoadBalancer services on the same ports.
Signed-off-by: robertlestak <robert.lestak@umusic.com>
* Initial mysql, postgres external db
* Convert test options to env variables
* Add explicit ETCD option and bump memory for docker node
Signed-off-by: Derek Nola <derek.nola@suse.com>