Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,427 Commits 27 Branches 785 Tags 625 MiB
9ac113de4c
Commit Graph

480 Commits

Author SHA1 Message Date
galal-hussein
c580a8b528 Add heartbeat interval and election timeout 2020-06-06 16:39:42 -07:00
Darren Shepherd
6b5b69378f Add embedded etcd support 
This is replaces dqlite with etcd.  The each same UX of dqlite is
followed so there is no change to the CLI args for this.
 2020-06-06 16:39:41 -07:00
Darren Shepherd
39571424dd Generate etcd certificates 2020-06-06 16:39:41 -07:00
Darren Shepherd
a18d387390 Refactor clustered DB framework 2020-06-06 16:39:41 -07:00
Darren Shepherd
4317a91b96 Delete dqlite 2020-06-06 16:39:41 -07:00
Darren Shepherd
7e59c0801e Make program name a variable to be changed at compile time 2020-06-06 16:39:41 -07:00
Taeho Kim
3d59a85dae Upgrade local-path-storage to v0.0.14 2020-06-02 13:47:37 +00:00
Erik Wilson
43b9bf2e50
Merge pull request #1795 from StateFarmIns/support_for_setting_default_ssl_ciphers 
Feature Request #1741: Update to set default CipherSuites
 2020-05-15 09:41:37 -07:00
Erik Wilson
d10d6f7fb3
Merge pull request #1762 from consideRatio/coredns-readinessprobe 
coredns: readiness- and livenessProbe tweaks (~15s -> ~3s startup)
 2020-05-15 09:40:54 -07:00
Chuck Schweizer
19c34bd12d Update to set default CipherSuites 
The default CipherSuites need to be set to disable the insecure TLS 1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Cipher
 2020-05-13 08:34:45 -05:00
Chuck Schweizer
ca9c9c2e1e Adding support for TLS MinVersion and CipherSuites 
This will watch for the following kube-apiserver-arg variables and apply
them to the k3s kube-apiserver https listener.

  --kube-apiserver-arg=tls-cipher-suites=XXXXXXX
  --kube-apiserver-arg=tls-min-version=XXXXXXX
 2020-05-07 09:27:09 -05:00
Erik Sundell
27ae2fb9c8 coredns: go generate 2020-05-07 16:21:46 +02:00
Darren Shepherd
cb4b34763e
Merge pull request #1759 from ibuildthecloud/background 
Start kube-apiserver in the background
 2020-05-06 21:50:48 -07:00
Darren Shepherd
e5fe184a44
Merge pull request #1757 from ibuildthecloud/separate-port 
Add supervisor port
 2020-05-06 21:32:45 -07:00
Darren Shepherd
072396f774 Start kube-apiserver in the background 
In rke2 everything is a static pod so this causes a chicken and egg situation
in which we need the kubelet running before the kube-apiserver can be
launched.  By starting the apiserver in the background this allows us to
do this odd bootstrapping.
 2020-05-06 21:17:23 -07:00
Brad Davidson
71561ecda2 Use ClientCA for the signer controller 2020-05-06 16:51:35 -07:00
Darren Shepherd
f38082673d
Merge pull request #1753 from ibuildthecloud/prepull 
Support prepulling images on start
 2020-05-05 22:11:52 -07:00
Darren Shepherd
74bcf4da0b
Merge pull request #1756 from ibuildthecloud/less-logging 
Only echo Waiting for kubelet every 30 seconds
 2020-05-05 22:07:50 -07:00
Darren Shepherd
2f5ee914f9 Add supervisor port 
In k3s today the kubernetes API and the /v1-k3s API are combined into
one http server.  In rke2 we are running unmodified, non-embedded Kubernetes
and as such it is preferred to run k8s and the /v1-k3s API on different
ports.  The /v1-k3s API port is called the SupervisorPort in the code.

To support this separation of ports a new shim was added on the client in
then pkg/agent/proxy package that will launch two load balancers instead
of just one load balancer.  One load balancer for 6443 and the other
for 9345 (which is the supervisor port).
 2020-05-05 15:54:51 -07:00
Darren Shepherd
afd6f6d7e7 Encapsulate execution logic 
This moves all the calls to cobra root commands to one package
so that we can change the behavior of running components as embedded
or external.
 2020-05-05 15:34:32 -07:00
Darren Shepherd
61ba9171ce Only echo Waiting for kubelet every 30 seconds 
Don't print a message every second while we are waiting for the
kubelet to report Ready.
 2020-05-05 15:23:18 -07:00
Darren Shepherd
1d05e99769
Merge pull request #1752 from ibuildthecloud/disable-ccm 
Don't write ccm.yaml if --disable-cloud-controller is set
 2020-05-05 15:11:10 -07:00
Darren Shepherd
6932d03bb4 Support prepulling images on start 
In the agent/images folder if a .txt file is found it is assumed to
be a line separated list of image names to pull on start.
 2020-05-05 14:45:39 -07:00
Darren Shepherd
70ddc799bd
Merge pull request #1691 from ibuildthecloud/staticpod 
Suppport static pods at ${datadir}/agent/staticpods
 2020-05-05 14:35:45 -07:00
Darren Shepherd
341895c322 Don't write ccm.yaml if --disable-cloud-controller is set 2020-05-05 13:01:52 -07:00
Darren Shepherd
8c7fbe3dde Suppport static pods at ${datadir}/agent/pod-manifests 2020-05-05 12:43:47 -07:00
Erik Wilson
39c3854648
Merge pull request #1720 from ilknarf/master 
remove redundant Sprintf
 2020-05-04 20:50:58 -07:00
Erik Wilson
c71561129e
Merge pull request #1716 from ibuildthecloud/debugpublic 
Make debug variable public to be used by wrapper programs
 2020-05-04 20:50:36 -07:00
Erik Wilson
c941e1d0bb
Merge pull request #1695 from ibuildthecloud/kubeproxy 
Add ability to disable kubeproxy
 2020-05-04 20:26:22 -07:00
Erik Wilson
df1725cb06
Merge pull request #1694 from ibuildthecloud/inittwice 
Allow InitLogging to be called twice
 2020-05-04 20:22:04 -07:00
Erik Wilson
2fb5bad3e8
Merge pull request #1704 from ibuildthecloud/x509-admin 
No longer use basic auth for default admin account
 2020-05-04 20:21:12 -07:00
Erik Wilson
21eabd902b
Merge pull request #1693 from ibuildthecloud/disableditem 
Move disabled items to a const to keep more consistency
 2020-05-04 20:16:42 -07:00
Erik Wilson
21266bab7e
Merge pull request #1692 from ibuildthecloud/err 
Check for error on mkdir
 2020-05-04 20:16:20 -07:00
Erik Wilson
ed8cd9250b
Merge pull request #1690 from ibuildthecloud/flannel 
Only need to resolve the path of host-local if Flannel is enabled
 2020-05-04 20:15:59 -07:00
Erik Wilson
47bb0939e6
Merge pull request #1611 from Dirbaio/master 
Correctly quote auth strings in containerd config. For #1610
 2020-05-04 19:27:17 -07:00
Frank
a18d94e5f9 remove redundant Sprintf 2020-04-30 10:48:12 -05:00
Darren Shepherd
56770ff2cc Make debug variable public to be used by wrapper programs 2020-04-29 11:37:59 -07:00
Darren Shepherd
3c8e0b4157 No longer use basic auth for default admin account 2020-04-28 16:01:33 -07:00
Darren Shepherd
5715e1ba0d Add ability to disable kubeproxy 2020-04-27 11:24:00 -07:00
Darren Shepherd
7920fa48c9 Only need to resolve the path of host-local if Flannel is enabled 2020-04-27 11:17:41 -07:00
Darren Shepherd
8cc9efdf7c Allow InitLogging to be called twice 
This makes it a bit easier to embed k3s into another go program
 2020-04-27 11:16:08 -07:00
Darren Shepherd
8b8af94eb2 Move disabled items to a const to keep more consistency 
This also help when embedding k3s because we can programmitically know
all the components to disable.
 2020-04-27 11:15:35 -07:00
Darren Shepherd
c25f1ab1b6 Check for error on mkdir 2020-04-27 11:14:21 -07:00
Darren Shepherd
130e6e31a1
Merge pull request #1664 from KnicKnic/windows-18-build 
fix build windows v1.18
 2020-04-27 09:23:32 -07:00
Darren Shepherd
e4f87f51e2
Merge pull request #1681 from KnicKnic/fix_file_paths 
fix usage of path instead of filepath
 2020-04-27 09:21:48 -07:00
Darren Shepherd
7d06d2ccc1
Merge pull request #1653 from KnicKnic/enable_agent_windows 
enable agent to start on windows
 2020-04-27 09:05:12 -07:00
Knic Knic
44b8af097c fix usage of path instead of filepath 2020-04-25 00:29:18 -07:00
Erik Wilson
2c49341113
Merge pull request #1669 from erikwilson/manifest-mod-time 
Check modification time before deploying manifests
 2020-04-23 14:17:14 -07:00
galal-hussein
1d6b83d8a4 go generate 2020-04-23 02:42:12 +02:00
Erik Wilson
fec2c271c2 Check modification time before deploying manifests 2020-04-22 09:58:41 -07:00
Knic Knic
d919a0b998 Mock out rootlessports on windows 2020-04-21 15:43:36 -07:00
Darren Shepherd
dfcbd5a3c1 Update generated code 2020-04-18 23:59:08 -07:00
Darren Shepherd
a8d96112d9 Updates for k8s v1.18 support 2020-04-18 23:59:08 -07:00
Knic Knic
7f77c9a3c8 enable agent to start on windows 2020-04-18 23:43:08 -07:00
Dario Nieuwenhuis
cd0b58e920 Correctly quote auth strings in containerd config. Fixes #1610 2020-04-03 02:42:01 +02:00
louis
f2a4e1d57d feat: add master taint toleration to klipper, coredns, metrics-server, traefik and local-storage 2020-03-25 19:11:10 +01:00
galal-hussein
2b6faa925f use mirrored images for traefik and coredns 2020-03-23 19:00:30 +02:00
galal-hussein
356fe006a2 Add asterisks for omitted values in nodeconfig 2020-03-12 20:18:56 +02:00
galal-hussein
3f927d8006 Revert "Replace traefik with nginx" 
This reverts commit 9a17033095.
 2020-03-11 01:45:23 +02:00
galal-hussein
c4f18227fc default backend multiarch 2020-03-09 23:52:04 +02:00
galal-hussein
717b5a765e use multiarch image for nginx 2020-03-07 00:19:32 +02:00
Erik Wilson
ceff3f58fb
Merge pull request #1466 from galal-hussein/traefik_to_nginx 
Replace traefik with nginx
 2020-03-02 15:04:09 -07:00
galal-hussein
9a17033095 Replace traefik with nginx 2020-03-03 00:00:39 +02:00
Erik Wilson
8725798578
Merge pull request #1464 from erikwilson/selinux-update 
Simplify SELinux detection and add --disable-selinux flag
 2020-02-28 15:42:45 -07:00
Erik Wilson
a3cb9ee1f6 Simplify SELinux detection and add --disable-selinux flag 2020-02-28 10:10:55 -07:00
Erik Wilson
0aeea78060
Merge pull request #1444 from KnicKnic/k3s_build_windows 
K3s build windows (no agents)
 2020-02-27 11:46:21 -07:00
Darren Shepherd
4d32fe9959 Support SELinux 2020-02-24 16:03:09 -07:00
Erik Wilson
4210800648
Merge pull request #1343 from ibuildthecloud/rootless 
Create pidns for rootless
 2020-02-24 15:05:52 -07:00
Knic Knic
c2db115ec3 fix formatting 2020-02-23 00:48:26 -08:00
Knic Knic
2346ccc63f get build on windows and get api_server to work 2020-02-22 23:17:59 -08:00
Knic Knic
522e08872a do not rename inuse files 2020-02-21 22:45:05 -08:00
Erik Wilson
fe45eb008a
Merge pull request #1416 from erikwilson/device-plugins-path 
Use default kubelet device-plugins path
 2020-02-14 14:19:51 -07:00
galal-hussein
d49ef31767 Inject node config on startup 2020-02-14 21:17:13 +02:00
Erik Wilson
b15c4473cd Use default kubelet device-plugins path 2020-02-14 10:18:07 -07:00
Darren Shepherd
782004bec9 Create pidns for rootless 2020-01-31 21:40:34 -07:00
Erik Wilson
0374c4f63d Add --disable flag 2020-01-30 16:45:01 -07:00
Erik Wilson
3592d0bdd9
Merge pull request #1344 from ibuildthecloud/dialer-fallback 
If tunnel session does not exist fallback to default dialer
 2020-01-27 13:59:45 -07:00
Erik Wilson
1a2690d7be
Merge pull request #1192 from galal-hussein/add_encryption_config 
Add secret encryption config
 2020-01-27 13:59:09 -07:00
Darren Shepherd
bf57a7f419 Don't start node controller if coredns is not deployed 2020-01-22 11:09:36 -07:00
Darren Shepherd
3396a7b099 If tunnel session does not exist fallback to default dialer 2020-01-22 11:04:41 -07:00
Erik Wilson
1b23c891dd
Merge pull request #1304 from erikwilson/fixup-cadvisor 
Run kubelet with containerd flag
 2020-01-20 15:37:22 -07:00
Erik Wilson
4cacffd7e6
Merge pull request #1298 from erikwilson/warn-npc-fail 
Warn if NPC can't start rather than fatal error
 2020-01-20 15:36:56 -07:00
Erik Wilson
fa03a0df3c Run kubelet with containerd flag 
The containerd flag was accidentally added to kubelet and is
deprecated, but needed for cadvisor to properly connect with
the k3s containerd socket, so adding for now.
 2020-01-16 10:25:57 -07:00
Erik Wilson
5b98d10e4b Warn if NPC can't start rather than fatal error 
If the ip_set kernel module is not available we should warn
that the network policy controller can not start rather than
cause a fatal error.

Also adds module probing and config checks for ip_set.
 2020-01-14 14:30:12 -07:00
Erik Wilson
7675f9f85c Clean up host-gw variable names 2020-01-08 17:43:07 -07:00
Segator
c23f12765e hostgw flannel support 2020-01-08 17:43:07 -07:00
Segator
6736e24673 support hostgw 2020-01-08 17:43:07 -07:00
Erik Wilson
9421746ccf
Merge pull request #1235 from ibuildthecloud/master 
Fix uint64 truncation issue in dqlite
 2019-12-23 13:56:18 -07:00
galal-hussein
388cd9c4e8 Add secret encryption configuration 2019-12-23 13:16:27 +02:00
Darren Shepherd
9bda58c81a Fix uint64 truncation issue in dqlite 2019-12-21 08:51:39 -07:00
galal-hussein
07d4c1510d Add lease permissions to ccm cluster role 2019-12-21 04:41:24 +02:00
Erik Wilson
5c37454762
Merge pull request #1198 from narqo/tunel-addr-join-host-port 
Respect IPv6 when building proxy address
 2019-12-19 15:20:12 -07:00
Erik Wilson
9b2538c2c4 Set wireguard persistent-keepalive on wg set peer 2019-12-19 14:54:48 -07:00
Erik Wilson
3376f31fc2 Revert "Merge pull request #1190 from erikwilson/wireguard-keepalive" 
This reverts commit e712cdf7e8, reversing
changes made to d5929bc8c8.

Wireguard docs fail to describe that persistent-keepalive is only valid
when peer is set.
 2019-12-19 14:41:38 -07:00
Vladimir Varankin
0c5299c951 pkg/agent/tunnel: respect ipv6 when building proxy addresses 2019-12-19 12:08:07 +01:00
Erik Wilson
6875b11dd2 Fix identity_token -> identitytoken for containerd toml 2019-12-17 21:14:05 -07:00
Darren Shepherd
4acaa0740d Small dqlite fixes 2019-12-16 11:45:01 -07:00
Erik Wilson
97383868bd
Merge pull request #1186 from erikwilson/upgrade-k8s-1.17.0 
Upgrade k8s  to v1.17.0
 2019-12-16 09:40:38 -07:00
Erik Wilson
e712cdf7e8
Merge pull request #1190 from erikwilson/wireguard-keepalive 
Set Wireguard keepalive to 25 seconds
 2019-12-16 09:40:11 -07:00
Erik Wilson
5679a8bd2f Update generated 2019-12-15 23:28:19 -07:00