Commit Graph

161 Commits

Author SHA1 Message Date
Hussein Galal
fd8db56d5a
Fix wrong warning from restorecon in install script (#8871)
* Fix wrong warning from restorecon in install script

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Fix wrong warning from restorecon in install script

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-11-16 00:11:25 +02:00
Samuel Mutel
19fd7e38f6 enh: Force umount for NFS mount (like with longhorn)
Signed-off-by: Samuel Mutel <12967891+smutel@users.noreply.github.com>
2023-11-14 16:34:43 -08:00
Brad Davidson
bbafb86e91 Don't use iptables-save/iptables-restore if it will corrupt rules
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-07 10:01:27 -08:00
Hussein Galal
112e1339b7
Restore selinux context systemd unit file (#8593)
* Restore context of systemd unit file

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Restore context of systemd unit file

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* update the hash of install.sh file

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-10-31 22:54:09 +02:00
Hussein Galal
a6acdd0d75
Fix slemicro check for selinux (#8526)
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-10-04 00:40:35 +03:00
Hussein Galal
767b64ba58
Fix coreos multiple installs (#8083)
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-08-01 00:10:19 +03:00
Manuel Buil
d968e64de0 Add commands to logout from tailscale
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-14 18:57:10 +02:00
Andy Record
afc88cec88 check variant before version to decide rpm target and packager
Signed-off-by: Andy Record <adrecord@gmail.com>
2023-06-05 13:02:28 -07:00
Hussein Galal
fa0dc5900a
Use el8 rpm for fedora 38 and 39 (#7664)
* Use el8 rpm for fedora 38 and 39

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* nit fix

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-06-02 01:59:26 +03:00
Hussein Galal
9543470eb7
Add el9 selinux rpm (#7635)
* Add el9 to the install script

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add rocky-9 install test to test el9 selinux

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add rocky-9 install test to test el9 selinux to workflow

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Use el8 for fedora 37

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add a warning to reboot in coreos systems

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove k3s-selinux module in case of upgrade in el9

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Check for available container-selinux and k3s-selinux

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* extend selinux upgrade to sle distros

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* create /var/lib/rpm-state in sle systems

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* nit fix

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* extend selinux upgrade to sle distros

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-05-31 01:51:23 +03:00
Hussein Galal
213d7ad499
Revert "Add el9 selinux rpm (#7443)" (#7608)
This reverts commit d55ec08675.

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-05-25 16:41:05 +03:00
Hussein Galal
d55ec08675
Add el9 selinux rpm (#7443)
* Add el9 to the install script

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add rocky-9 install test to test el9 selinux

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add rocky-9 install test to test el9 selinux to workflow

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Use el8 for fedora 37

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add a warning to reboot in coreos systems

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* remove k3s-selinux module in case of upgrade in el9

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Check for available container-selinux and k3s-selinux

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* extend selinux upgrade to sle distros

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* create /var/lib/rpm-state in sle systems

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* nit fix

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-05-25 02:52:07 +03:00
Roberto Bonafiglia
91c5e0d75a Fix iptables rules clean during upgrade
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-05-22 20:17:59 +02:00
Roberto Bonafiglia
36699bbd60 Changed command -v redirection for iptables bin check
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-04-21 10:31:01 +02:00
Roberto Bonafiglia
d9f40d4f5b Update install script to clean iptables rules before start
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2023-04-12 22:33:10 +02:00
Hussein Galal
6b51ed478d
Fix call for k3s-selinux versions in airgapped environments (#7264)
* Fix call for k3s-selinux versions in airgapped environments

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* use timeout options in the donwloader

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* more fixes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* run verify_downloader in case binary was skipped

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2023-04-11 22:32:48 +02:00
Hussein Galal
027cc187ce
Add coreos and sle micro to selinux support (#6945)
* Add coreos and sle micro to selinux support

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* Add fix for rpm-ostree

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add uninstall for rpm-ostree (coreos)

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Don't start k3s on coreos

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Don't apply live

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Typo fix

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: Derek Nola <derek.nola@suse.com>
2023-04-06 23:44:07 +02:00
Felix Niederwanger
7e59376bb9
Fix check for (open)SUSE version (#6791)
Fix the check, if we're running SUSE or openSUSE in the installer
script.

Signed-off-by: phoenix <felix.niederwanger@suse.com>
2023-02-06 11:27:12 -08:00
Alexey Vazhnov
870d9c32b0
Fix OpenRC init script error 'openrc-run.sh: source: not found' (#6614)
To avoid error message:

user@server ~ % /etc/init.d/k3s status
/lib/rc/sh/openrc-run.sh: 28: /etc/init.d/k3s: source: not found
/lib/rc/sh/openrc-run.sh: 29: /etc/init.d/k3s: source: not found
 * status: stopped

I've replaced `source` with `sourcex`, defined in https://github.com/OpenRC/openrc/blob/master/sh/openrc-run.sh.in#L30
Classic shell `.` also works.
Tested in Devuan 5 Daedalus (based on Debian 12 bookworm / testing), package `openrc` version 0.45.2-2.

Signed-off-by: Alexey Vazhnov <vazhnov@boot-keys.org>
2023-01-03 14:00:22 -05:00
Derek Nola
d723775792
Remove deprecated flags in v1.26 (#6574)
* Remove NoFlannel
* Remove cluster-secret
* Remove no-deploy
* Remove disable-selinux
* Convert wireguard to fatal error
* Remove reference to no-op K3S_CLUSTER_SECRET

Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-12-05 14:01:01 -08:00
Klaas Demter
457e5e7379 Update install.sh to recommend current version of k3s-selinux
Signed-off-by: Klaas Demter <re4il07t@duck.com>
2022-12-05 11:52:33 -08:00
Sakala Venkata Krishna Rohit
4e2e91e089
Switch from Google Buckets to AWS S3 Buckets (#6497)
* Add python pip pakacge to install aws cli

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Upload build artifacts to aws s3 instead of gcp bucket

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Upload logs to aws s3 instead of google buckets

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Replace gcloud auth with aws credentials for artifact uploading to buckets

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Replace usage of google bucket with aws s3 buckets

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
2022-11-28 19:27:43 +02:00
Roberto Bonafiglia
87c7ea81f0 Updated flannel version to 0.20.1
Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>
2022-11-03 17:49:26 +01:00
Derek Nola
1deccc9524 remove quotest to match style
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-09-13 11:30:04 -07:00
Derek Nola
71b7e9f763 Add binary skip option
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-09-13 11:12:41 -07:00
Derek Nola
e31e6d6d8e Restore original skip_download behavior
Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-09-13 11:05:03 -07:00
Manuel Buil
a6f5a4d3a5 Remove wireguard interfaces when deleting the cluster
Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-08-30 14:30:45 +02:00
Derek Nola
2b35f89664
Convert install tests to run PR build of k3s (#6003)
* Convert install tests to run PR version of k3s

Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-08-26 09:36:50 -07:00
Brad Davidson
bd5fdfce33 Fix server systemd detection
* Use INVOCATION_ID to detect execution under systemd, since as of a9b5a1933f NOTIFY_SOCKET is now cleared by the server code.
* Set the unit type to notify by default for both server and agent, which is what Rancher-managed installs have done for a while.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-07-21 13:42:20 -07:00
Manuel Buil
699ae80de0 Remove kube-ipvs0 interface when cleaning up
Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-06-06 12:14:06 +02:00
Sakala Venkata Krishna Rohit
3e3549e45c
Add s390x arch support for k3s (#5018)
* Update docs to include s390x arch

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Add s390x drone pipeline

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Install trivy linux arch only for amd64

This is done so that trivy is not installed for s390x arch

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Add s390x arch if condition for Dockerfile.test

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Add s390x arch in install script

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Add s390x GOARCH in build script

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Add SUFFIX s390x in scripts

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Skip image scan for s390x arch

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Update klipper-lb to version v0.3.5

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Update traefik version to v2.6.2

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Update registry to v2.8.1 in tests which supports s390x

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>

* Skip compact tests for s390x arch

This is done because compact test require a previous k3s version which supports s390x and it is not available

Signed-off-by: Venkata Krishna Rohit Sakala <rohitsakala@gmail.com>
2022-04-15 09:41:40 -07:00
Manuel Buil
def9c99679 Remove the iptables rules from ipmasq flannel
Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-02-08 18:55:25 +01:00
Manuel Buil
66780cc665 Remove ip6table rules when cleaning up k3s
Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-01-18 08:36:00 +01:00
Jacob Blain Christen
559c8ad94b
install: /usr/sbin/transactional-update (#4403)
- also updated k3s-uninstall.sh on zypper and TU systems
- fix #4409 for Fedora CoreOS

new installer tests via github actions:
- fedora-coreos
- opensuse-microos

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2021-11-08 16:26:21 -07:00
Adam Majer
f1d6e9bc4b
install.sh: fix path detection for sle-micro (#4398)
transactional-update was always under /usr/sbin.

Signed-off-by: Adam Majer <amajer@suse.de>
2021-11-05 08:39:45 -07:00
Jacob Blain Christen
52eb6cac1c
install.sh: initial support for sle-micro (#4331)
Support invoking install.sh on SLE Micro with or without SELinux
enabled. Same deal for SLES.

Additionally, easy-to-invoke assertions, via Vagrant, that the local
install.sh works correctly:
- tests/install/centos-7 (stand-in for rhel 7)
- tests/install/centos-8 (stand-in for rhel 8)
- tests/install/opensuse-leap (stand-in for sles)
- tests/install/opensuse-microos (stand-in for sle-micro)
- tests/install/ubuntu-focal

Addresses #3188
Addresses #3917

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2021-10-29 09:47:37 -07:00
Jacob Blain Christen
72a1925a34
install.sh: capture quoted environment variables (#4275)
Leverage posix builtins + grep (with regex matching) to emit quoted
environment variables to K3S_FILE_ENV, e.g.:

```shell
$ export CONTAINERD_TEST_1='one!1' K3S_TEST_2=two K3S_TEST_3='thr ee' TEST_4='!@#$%^&*()_+four!'
$ sh -c export | while read x v; do echo $v; done | grep -E '^(K3S|CONTAINERD)_'
CONTAINERD_TEST_1='one!1'
K3S_TEST_2='two'
K3S_TEST_3='thr ee'
```

Fixes #3395
Addresses rancher/k3os#708

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2021-10-22 10:45:39 -07:00
Manuel Buil
60cd86bc42
Merge pull request #3906 from manuelbuil/dual-stack
Add dual-stack support on flannel
2021-09-15 18:48:10 +02:00
Nicolas Brechet
e732517712 Retrieve "CONTAINERD_" environment variables
Signed-off-by: Nicolas Brechet <nicolas.brechet@swisscom.com>
2021-09-15 09:37:34 -07:00
Manuel Buil
681058bb40 Add dual-stack support
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-09-15 11:44:48 +02:00
Brad Davidson
3d27804c77 Anything not EL7 is EL8
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-09-10 12:37:04 -07:00
Jordi Prats
74196acaea
added raspberry installation hint (#2379)
Signed-off-by: Jordi Prats <jordi.prats@gmail.com>
2021-09-01 12:28:15 -07:00
Brad Davidson
84155ee313 Make consistent use of os-release vars
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-08-27 10:30:15 -07:00
Richard Brown
f94d8d76a8 Check /etc/os-release exists before sourcing it
Signed-off-by: Richard Brown <rbrownccb@opensuse.org>
2021-08-26 11:55:27 -07:00
Richard Brown
51b7451709 install.sh: Inform user of current k3s+SELinux support status for SUSE/openSUSE systems
Signed-off-by: Richard Brown <rbrownccb@opensuse.org>
2021-08-26 11:55:27 -07:00
Joakim Roubert
80a15bebc0 install.sh: Use built-in shell functionality instead of awk
If install.sh relies on awk, install.sh malfunctions when run on a
device with a limited environment where awk is not available. This patch
replaces the use of awk with built-in shell script functionality.

Fixes: #3737
Signed-off-by: Joakim Roubert <joakim.roubert@axis.com>
2021-08-04 12:06:53 -07:00
Manuel Buil
a629db023c Fail to start k3s if nm-cloud-setup is enabled
Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-06-17 12:24:53 +02:00
Brad Davidson
25c2888d28 Fix shell expansion and file permission issues install.sh
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-19 19:00:31 -07:00
Brad Davidson
c824c3bcc1 Add support for multiple env files for systemd unit
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-17 14:18:40 -07:00
Vegetto
64577a070d fixes #3264 - unmount CSI plugins on uninstall
Signed-off-by: angelnu <git@angelnucom>
2021-05-03 20:05:26 -07:00