* install.sh: test if BIN_DIR is readonly, else use /opt
On flatcar /usr is a readonly partition, while /opt is allowed for
writing.
Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
* install.sh: only warn on Flatcar about selinux
This check is a bit more explicit, but only warn about finding the rpm
installed policy when on Flatcar Container Linux
Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
* Update install.sh
Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
Co-authored-by: Brad Davidson <brad@oatmail.org>
Solution: Set priorityClassName to system-node-critical of traefik, metrics-server, local storage and coredns deployment
Signed-off-by: transhapHigsn <fet.prashantsingh@gmail.com>
Ubuntu and Debian kernels support mounting real overlayfs inside userns,
but the vanilla kernel still does not allow it.
OTOH fuse-overlayfs can be mounted inside userns with the vanilla kernel (>= 4.18).
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
rancher/flannel ➡️ k3s-io/flannel
rancher/go-powershell ➡️ k3s-io/go-powershell
Part of https://github.com/rancher/k3s/issues/2189
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
This change set replaces these go.mod replacement directives with references to k3s-io repositories.
- rancher/kubernetes
- rancher/nocode
Part of https://github.com/rancher/k3s/issues/2189
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
* Remove unused release.sh and DAPPER_HOST_ARCH
* Reliably use ARCH from version.sh
* Export GOARCH and GOARM so that they are used by `go build`
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Removing the cfg.DataDir mutation in 3e4fd7b did not break anything, but
did change some paths in unwanted ways. Rather than mutating the
user-supplied command-line flags, explicitly specify the agent
subdirectory as needed.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
As per documentation, the cloud-provider flag should not be passed to
controller-manager when using cloud-controller. However, the legacy
cloud-related controllers still need to be explicitly disabled to
prevent errors from being logged.
Fixing this also prevents controller-manager from creating the
cloud-controller-manager service account that needed extra RBAC.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Update sonobuoy version
* Use upstream tag for Kubernetes version instead of replacement tag
Allows building against upstream alpha/beta/rc releases
* Use env variable for sonobuoy version
* Bump version for QA e2e tests
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Related to rancher/rke2#474
Note that anyone who customizes the data-dir path will have to set
CRI_CONFIG_FILE to the correct path when using the wrapped binaries
(crictl, etc). This is better than dropping files in the incorrect
location.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Resolves warning 2 from #2471.
As per https://github.com/kubernetes/cloud-provider/issues/12 the
ClusterID requirement was never really followed through on, so the
flag is probably going to be removed in the future.
One side-effect of this is that the core k8s cloud-controller-manager
also wants to watch nodes, and needs RBAC to do so.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Related to #2455 and containerd/containerd#4684
These were not meant to be enabled by default, break images with many
layers, and will be disabled by default on the next containerd release.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
The --disable/--no-deploy flags actually turn off some built-in
controllers, in addition to preventing manifests from getting loaded.
Make it clear which controllers can still be disabled even when the
packaged components are ommited by the no_stage build tag.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>