Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,936 Commits 27 Branches 785 Tags 625 MiB
7464007037
Commit Graph

1224 Commits

Author SHA1 Message Date
Brad Davidson
7464007037 Store extra metadata and cluster ID for snapshots 
Write the extra metadata both locally and to S3. These files are placed such that they will not be used by older versions of K3s that do not make use of them.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-10-12 15:04:45 -07:00
Brad Davidson
80f909d0ca Move s3 snapshot list functionality to s3.go 
Also, don't list ONLY s3 snapshots if S3 is enabled.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-10-12 15:04:45 -07:00
Brad Davidson
8d47645312 Consistently set snapshotFile timestamp 
Attempt to use timestamp from creation or filename instead of file/object modification times

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-10-12 15:04:45 -07:00
Brad Davidson
f1afe153a3 Tidy s3 upload functions 
Consistently refer to object keys as such, simplify error handling.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-10-12 15:04:45 -07:00
Brad Davidson
2b0e2e8ada Elide old snapshot data when apiserver rejects configmap with ErrRequestEntityTooLarge 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-10-12 15:04:45 -07:00
Brad Davidson
676b00aa0e Move etcd snapshot code into separate file 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-10-12 15:04:45 -07:00
Brad Davidson
500744bb94 Add new CRD for etcd snapshots 
Also adds a hack go script to print the embedded CRDs, for developer use.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-10-12 15:04:45 -07:00
Brad Davidson
9bb1ce1253 Bump busybox to v1.36.1 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-10-12 15:00:45 -07:00
Derek Nola
dface01de8
Server Token Rotation (#8265) 
* Consolidate NewCertCommands
* Add support for user defined new token
* Add E2E testlets

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Ensure agent token also changes

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-10-09 10:58:49 -07:00
Roberto Bonafiglia
ced25af5b1 Fixed tailscale node IP dualstack mode in case of IPv4 only node 
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
 2023-10-09 15:17:33 +02:00
Manuel Buil
e82b37640a Network defaults are duplicated, remove one 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-10-02 17:21:59 +02:00
Manuel Buil
f2c7117374 Take IPFamily precedence based on order 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-09-29 11:04:15 +02:00
Manuel Buil
0b23a478cf ipFamilyPolicy:PreferDualStack for coredns and metrics-server 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-09-29 10:10:43 +02:00
Brad Davidson
0e5c760625 Pass SystemdCgroup setting through to nvidia runtime options 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-09-27 13:30:26 -07:00
Edgar Lee
fe18b1fce9
Add --image-service-endpoint flag (#8279) 
* Add --image-service-endpoint flag

Problem:
External container runtime can be set but image service endpoint is unchanged
and also is not exposed as a flag. This is useful for using containerd
snapshotters outside of the ones that have built-in support like
stargz-snapshotter.

Solution:
Add a flag --image-service-endpoint and also default image service endpoint to
container runtime endpoint if set.

Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
 2023-09-27 13:20:50 -07:00
Manuel Buil
2a9e8e68d5
Merge pull request #8354 from manuelbuil/vpnExtraParams 
Add extraArgs to vpn provider
 2023-09-27 11:34:29 +02:00
Manuel Buil
4dd45b3142
Merge pull request #8439 from manuelbuil/fixGofmt 
Fix gofmt error
 2023-09-26 19:14:07 +02:00
Vitor Savian
b6ab24c4fd
Added error when cluster reset while using server flag 
Signed-off-by: Vitor Savian <vitor.savian@suse.com>
 2023-09-26 11:00:37 -03:00
Manuel Buil
172a7f1d1a Fix gofmt error 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-09-26 11:09:03 +02:00
Brad Davidson
8705a88bf4 Clear remove annotations on cluster reset; refuse to delete last member from cluster 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-09-25 11:54:23 -07:00
Brad Davidson
002e6c43ee Reorganize Driver interface and etcd driver to avoid passing context and config into most calls 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-09-25 11:54:23 -07:00
Brad Davidson
890645924f Don't export functions not needed outside the etcd package 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-09-25 11:54:23 -07:00
Brad Davidson
a3c52d60a5 Skip creating CRDs and setting up event recorder for CLI controller context 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-09-25 11:54:23 -07:00
Brad Davidson
391e61bd72 Use admin kubeconfig instead of supervisor for etcd snapshot CLI 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-09-25 11:54:23 -07:00
Brad Davidson
8c73fd670b Disable HTTP on main etcd client port 
Fixes performance issue under load, ref: https://github.com/etcd-io/etcd/issues/15402 and https://github.com/kubernetes/kubernetes/pull/118460

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-09-25 08:29:57 -07:00
Manuel Buil
12459fca97 Add extraArgs to tailscale 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-09-25 17:04:50 +02:00
Manuel Buil
cae8b2b626
Merge pull request #8346 from manuelbuil/interfaceLogs 
Include the interface name in the error message
 2023-09-25 16:50:01 +02:00
Manuel Buil
3194dc7367
Merge pull request #8284 from manuelbuil/improveFlannelLogging 
Add context to flannel errors
 2023-09-25 08:20:33 +02:00
Manuel Buil
8c197bdce4 Include the interface name in the error message 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-09-25 07:55:49 +02:00
Manuel Buil
8146041185
Merge pull request #8250 from manuelbuil/fixWinError 
Fix error reporting
 2023-09-22 18:42:54 +02:00
Johnatas
6330a5b49c
Update to v1.28.2 and go v1.20.8 (#8364) 
* Update to v1.28.2

Signed-off-by: Johnatas <johnatasr@hotmail.com>

* Bump containerd and stargz versions

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Print message on upgrade fail

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Send Bad Gateway instead of Service Unavailable when tunnel dial fails

Works around new handling for Service Unavailable by apiserver aggregation added in kubernetes/kubernetes#119870

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

* Add 60 seconds to server upgrade wait to account for delays in apiserver readiness

Also change cleanup helper to ensure upgrade test doesn't pollute the
images for the rest of the tests.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

---------

Signed-off-by: Johnatas <johnatasr@hotmail.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad.davidson@rancher.com>
 2023-09-19 10:18:47 -03:00
Manuel Buil
66cb1064d1 Add context to flannel errors 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-09-07 14:09:22 +02:00
Manuel Buil
d3f7632463 Fix error reporting 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2023-08-31 17:20:14 +02:00
Brad Davidson
0d23cfe038 Add RWMutex to address controller 
Fixes race condition when address map is updated by multiple goroutines

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-08-29 20:52:37 -07:00
Brad Davidson
cba9f0d142 Add new CLI flag to disable TLS SAN CN filtering 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-08-29 08:33:45 -07:00
Derek Nola
2cb7023660 Use already imported semver, bump kine 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-08-25 14:17:00 -06:00
Derek Nola
f2d0c5409a Add check for support on cp nodes 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-08-25 14:17:00 -06:00
Derek Nola
51f1a5a0ab Review comments and fixes 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-08-25 14:17:00 -06:00
Derek Nola
42c2ac95e2 CLI + Backend for Secrets Encryption v3 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-08-25 14:17:00 -06:00
Derek Nola
b967f92785 Replace os.Write with AtomicWrite function 
Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-08-25 14:17:00 -06:00
Derek Nola
ced330c66a
[v1.28] CLI Removal for v1.28.0 (#8203) 
* Remove deprecated flannel ipsec

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Remove multipart backend

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix secrets-encryption integration test flakiness

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-08-24 22:09:13 -07:00
Hussein Galal
af50e1b096
Update to v1.28.0-k3s1 (#8199) 
* Update to v1.28.0

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update golang to v1.20.7

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* more changes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update wrangler

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update wrangler

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix nodepassword test

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fix nodepassword test

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* disable CGO before running golangci-lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* execlude CGO Enabled checks

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Ignore reapply change error with logging

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Update google api client

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
 2023-08-23 00:09:31 +03:00
Brad Davidson
66bae3e326 Bump dynamiclistener for init deadlock fix 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-08-15 16:36:12 -07:00
Vitor Savian
e83b1ba4aa
Fixed the etcd retention to delete orphaned snapshots based on the date (#8177) 
* Fix retention using name instead of date

Signed-off-by: Vitor <vitor.savian@suse.com>
 2023-08-14 18:48:59 -03:00
Vitor Savian
c97211866a
Fix for cluster-reset backup from s3 when etcd snapshots are disabled (#8155) 
* Fixed when the user disable the etcd snapshots, but want to backup from s3

Signed-off-by: Vitor <vitor.savian@suse.com>
 2023-08-10 12:23:10 -03:00
Ian Cardoso
e551308db8
fix for etcd-snapshot delete with --etcd-s3 flag (#8110) 
k3s etcd-snapshot save --etcd-s3 ... is creating a local snapshot and uploading it to s3 while k3s etcd-snapshot delete --etcd-s3 ... was deleting the snapshot only on s3 buckets, this commit change the behavior of delete to do it locally and on s3

Signed-off-by: Ian Cardoso <osodracnai@gmail.com>
 2023-08-04 14:26:32 -03:00
Vitor Savian
ca7aeed090
Etcd snapshots retention when node name changes (#8099) 
Fixed the etcd retention to delete orphaned snapshots

Signed-off-by: Vitor <vitor.savian@suse.com>
 2023-08-03 10:54:40 -03:00
Brad Davidson
aa76942d0f Add FilterCN function to prevent SAN Stuffing 
Wire up a node watch to collect addresses of server nodes, to prevent adding unauthorized SANs to the dynamiclistener cert.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-08-02 11:15:39 -07:00
Manuel Buil
8c38d1169d
Merge pull request #8077 from manuelbuil/fixTailscale 
Fix tailscale bug with ip modes
 2023-08-02 11:42:20 +02:00
Derek Nola
46cbbab263
Consolidate CopyFile functions (#8079) 
* Consolidate CopyFile function

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Copy to File, not destination folder

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
 2023-08-01 08:55:34 -07:00