Mirror/k3s - k3s - Tyler's Private Git Repository

Mirror/k3s

mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00

Author	SHA1	Message	Date
Brad Davidson	af0b496ef3	Add client certificate authentication support to core Authenticator This is required to make the websocket tunnel server functional on etcd-only nodes, and will save some code on the RKE2 side once pulled through. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-04-06 13:03:14 -07:00
Brad Davidson	e7437d4ad8	Redact datastore and etcd snapshot config from serialization Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-04-06 13:03:14 -07:00
Roberto Bonafiglia	4afeb9c5c7	Merge pull request #5325 from rbrtbnfgl/fix-etcd-ipv6-url Fixed etcd URL in case of IPv6 address	2022-04-05 09:55:42 +02:00
Roberto Bonafiglia	e29771b9ff	Fixed client URL Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2022-03-30 10:59:39 +02:00
Roberto Bonafiglia	dda409b041	Updated localhost address on IPv6 only setup Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2022-03-29 09:35:54 +02:00
Brad Davidson	714979bf6a	Ensure that apiserver ready channel checks re-dial every time Closing idle connections isn't guaranteed to close out a pooled connection to a loadbalancer endpoint that has been removed. Instead, ensure that requests used to wait for the apiserver to become ready aren't reused. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-03-23 13:21:58 -07:00
Brian Downs	8083ef5824	fix function arg call (#5234 )	2022-03-08 17:00:57 -07:00
Roberto Bonafiglia	3fabc0703b	Merge pull request #4450 from olljanat/support-ipv6-only Add partial support for IPv6 only mode	2022-03-08 11:38:52 +01:00
Luther Monson	9a849b1bb7	[master] changing package to k3s-io (#4846 ) * changing package to k3s-io Signed-off-by: Luther Monson <luther.monson@gmail.com> Co-authored-by: Derek Nola <derek.nola@suse.com>	2022-03-02 15:47:27 -08:00
Brad Davidson	e4846c92b4	Move temporary etcd startup into etcd module Reuse the existing etcd library code to start up the temporary etcd server for bootstrap reconcile. This allows us to do proper health-checking of the datastore on startup, including handling of alarms. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-03-01 20:25:20 -08:00
Brad Davidson	5014c9e0e8	Fix adding etcd-only node to existing cluster Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-02-28 19:56:08 -08:00
Brad Davidson	a1b800f0bf	Remove unnecessary copies of etcdconfig struct Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-02-28 12:05:16 -08:00
Brad Davidson	2989b8b2c5	Remove unnecessary copies of runtime struct Several types contained redundant references to ControlRuntime data. Switch to consistently accessing this via config.Runtime instead. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-02-28 12:05:16 -08:00
Brian Downs	40a46e1412	add ability to specify etcd snapshot list output format (#5132 )	2022-02-25 14:00:00 -07:00
Derek Nola	142eed1a9f	Create encryption hash file if it doesn't exist (#5140 ) Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-02-25 08:43:03 -08:00
Olli Janatuinen	966f4d6a01	Add support for IPv6 only mode Automatically switch to IPv6 only mode if first node-ip is IPv6 address Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>	2022-02-10 20:34:59 +02:00
Ankur Gupta	df4147cd57	Update legacy-unknown-cert and legacy-unknown-key (#5057 ) Signed-off-by: Ankur Gupta <ankur.gupta130887@gmail.com>	2022-02-02 09:15:41 -08:00
Roberto Bonafiglia	bb856c67dc	Merge pull request #4952 from rbrtbnfgl/ipv6-nat Add IPv6 NAT	2022-01-19 08:44:57 +01:00
Roberto Bonafiglia	111c1669fc	Added flannel-ipv6-masq flag to enable IPv6 nat Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@gmail.com>	2022-01-14 18:35:37 +01:00
Brian Downs	effcb15adb	Adds the ability to compress etcd snapshots (#4866 )	2022-01-14 10:31:22 -07:00
Luther Monson	66eeabbdfc	linter doesn't actually run on windows, found these while getting it running on a windows machine Signed-off-by: Luther Monson <luther.monson@gmail.com>	2021-12-28 20:44:21 -07:00
Brad Davidson	87395e32d6	Update modules for Kubernetes v1.23 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-12-22 10:47:38 -08:00
Manuel Buil	588d15db8f	Remove Disables, Skips and DisableKubeProxy from the comparing configs Signed-off-by: Manuel Buil <mbuil@suse.com>	2021-12-17 19:04:38 +01:00
Manuel Buil	1e0696628e	Merge pull request #4581 from manuelbuil/checking-HA-parameters Verify new control plane nodes joining the cluster share the same config as cluster members	2021-12-08 10:49:28 +01:00
Derek Nola	bcb662926d	Secrets-encryption rotation (#4372 ) * Regular CLI framework for encrypt commands * New secrets-encryption feature * New integration test * fixes for flaky integration test CI * Fix to bootstrap on restart of existing nodes * Consolidate event recorder Signed-off-by: Derek Nola <derek.nola@suse.com>	2021-12-07 14:31:32 -08:00
Manuel Buil	1b3187ea07	Check HA network parameters Signed-off-by: Manuel Buil <mbuil@suse.com>	2021-12-07 23:09:05 +01:00
Manuel Buil	7685da3e24	Improve flannel logging Signed-off-by: Manuel Buil <mbuil@suse.com>	2021-11-22 21:51:52 +01:00
Chris Kim	f18b3252c0	[master] Add etcd extra args support for K3s (#4463 ) * Add etcd extra args support for K3s Signed-off-by: Chris Kim <oats87g@gmail.com> * Add etcd custom argument integration test Signed-off-by: Chris Kim <oats87g@gmail.com> * go generate Signed-off-by: Chris Kim <oats87g@gmail.com>	2021-11-11 21:03:15 -08:00
Brad Davidson	5ab6d21a7d	Increase agent's apiserver ready timeout (#4454 ) Since we now start the server's agent sooner and in the background, we may need to wait longer than 30 seconds for the apiserver to become ready on downstream projects such as RKE2. Since this essentially just serves as an analogue for the server's apiReady channel, there's little danger in setting it to something relatively high. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-11-11 14:01:49 -07:00
Manuel Buil	8271d98a76	Merge pull request #4437 from manuelbuil/fix_svclb_ipv6_rh Allow svclb pod to enable ipv6 forwarding	2021-11-10 19:08:40 +01:00
Manuel Buil	5d168a1d59	Allow svclb pod to enable ipv6 forwarding Signed-off-by: Manuel Buil <mbuil@suse.com>	2021-11-10 18:20:03 +01:00
Brian Downs	adaeae351c	update bootstrap logic (#4438 ) * update bootstrap logic resolving a startup bug and account for etcd	2021-11-10 05:33:42 -07:00
Brad Davidson	3da1bb3af2	Fix other uses of NewForConfigOrDie in contexts where we could return err Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-10-29 15:18:14 -07:00
Brad Davidson	3fe460d080	Block scheduler startup on untainted node when using embedded CCM Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-10-29 15:18:14 -07:00
Brian Downs	0452f017c1	Add etcd s3 timeout (#4207 )	2021-10-15 10:24:14 -07:00
Brad Davidson	5a923ab8dc	Add containerd ready channel to delay etcd node join Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-10-14 14:03:52 -07:00
Brian Downs	ac7a8d89c6	Add ability to reconcile bootstrap data between datastore and disk (#3398 )	2021-10-07 12:47:00 -07:00
Brad Davidson	73e21e739f	Drop broken SupportNoneCgroupDriver support Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-23 16:12:51 -07:00
Hussein Galal	7826407a2e	Make sure there are no duplicates in etcd member list (#4025 ) * Make sure there are no duplicates in etcd member list Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix node names with hyphens Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * use full server name for etcd node name Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-09-18 00:51:18 +02:00
Brad Davidson	753e11ee3c	Enable JobTrackingWithFinalizers FeatureGate Works around issue with Job controller not tracking job pods that are in CrashloopBackoff during upgrade from 1.21 to 1.22. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-17 11:26:45 -07:00
Brad Davidson	b72306ce3d	Return the error since it just gets logged and retried anyways Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-14 16:41:27 -07:00
Brad Davidson	5986898419	Use SubjectAccessReview to validate CCM RBAC Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-14 16:41:27 -07:00
Brad Davidson	dc556cbb72	Set controller authn/authz kubeconfigs Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-14 16:41:27 -07:00
Brad Davidson	199424b608	Pass context into all Executor functions Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-14 16:41:27 -07:00
Chris Kim	928b8531c3	[master] Add `etcd-member-management` controller to K3s (#4001 ) * Initial leader elected etcd member management controller * Bump etcd to v3.5.0-k3s2 Signed-off-by: Chris Kim <oats87g@gmail.com>	2021-09-14 08:20:38 -07:00
Brad Davidson	3449d5b9f9	Wait for apiserver readyz instead of healthz Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-10 17:04:15 -07:00
Brad Davidson	29c8b238e5	Replace klog with non-exiting fork Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-10 09:36:16 -07:00
Brad Davidson	90960ebf4e	SupportPodPidsLimit is locked to true of 1.20, making pids cgroup support mandatory Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-09 11:49:53 -07:00
Devin Buhl	a1ec43e0b7	feat: add option to disable s3 over https Signed-off-by: Devin Buhl <devin.kray@gmail.com>	2021-09-05 12:03:49 -04:00
Kohei Tokunaga	8b857eef9c	Ship Stargz Snapshotter (#2936 ) * Ship Stargz Snapshotter Signed-off-by: ktock <ktokunaga.mail@gmail.com> * Bump github.com/containerd/stargz-snapshotter to v0.8.0 Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>	2021-09-01 16:27:42 -07:00

1 2 3 4 5

240 Commits