Commit Graph

57 Commits

Author SHA1 Message Date
Brian Downs
bb8e5374ea conform to repo conventions
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-09-03 18:48:30 -07:00
Brian Downs
00831f9bc8 use version.Program
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-09-03 08:51:17 -07:00
Brian Downs
301fb73952 add node ip to the request header for cert gen
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-09-02 19:15:09 -07:00
Jacob Blain Christen
e2089bea18
cli: add --selinux flag to agent/server sub-cmds (#2111)
* cli: add --selinux flag to agent/server sub-cmds

Introduces --selinux flag to affirmatively enable SELinux in containerd.
Deprecates --disable-selinux flag which now defaults to true which
auto-detection of SELinux configuration for containerd is no longer
supported.  Specifying both --selinux and --disable-selinux will result
in an error message encouraging you to pick a side.

* Update pkg/agent/containerd/containerd.go

update log warning message about enabled selinux host but disabled runtime

Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-08-11 16:17:32 -07:00
Brian Downs
5a81fdbdc5 update cis flag implementation to propogate the rest of the way through to kubelet
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-07-20 16:31:56 -07:00
Jason
e3f8789114
Add containerd snapshotter flag (#1991)
* Add containerd snapshotter flag

Signed-off-by: Jason-ZW <zhenyang@rancher.com>

* Fix CamelCase nit and option description

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Jason-ZW <zhenyang@rancher.com>

Co-authored-by: Brad Davidson <brad@oatmail.org>
2020-07-18 01:16:23 +02:00
Darren Shepherd
7e59c0801e Make program name a variable to be changed at compile time 2020-06-06 16:39:41 -07:00
Darren Shepherd
2f5ee914f9 Add supervisor port
In k3s today the kubernetes API and the /v1-k3s API are combined into
one http server.  In rke2 we are running unmodified, non-embedded Kubernetes
and as such it is preferred to run k8s and the /v1-k3s API on different
ports.  The /v1-k3s API port is called the SupervisorPort in the code.

To support this separation of ports a new shim was added on the client in
then pkg/agent/proxy package that will launch two load balancers instead
of just one load balancer.  One load balancer for 6443 and the other
for 9345 (which is the supervisor port).
2020-05-05 15:54:51 -07:00
Darren Shepherd
70ddc799bd
Merge pull request #1691 from ibuildthecloud/staticpod
Suppport static pods at ${datadir}/agent/staticpods
2020-05-05 14:35:45 -07:00
Darren Shepherd
8c7fbe3dde Suppport static pods at ${datadir}/agent/pod-manifests 2020-05-05 12:43:47 -07:00
Erik Wilson
c941e1d0bb
Merge pull request #1695 from ibuildthecloud/kubeproxy
Add ability to disable kubeproxy
2020-05-04 20:26:22 -07:00
Darren Shepherd
5715e1ba0d Add ability to disable kubeproxy 2020-04-27 11:24:00 -07:00
Darren Shepherd
7920fa48c9 Only need to resolve the path of host-local if Flannel is enabled 2020-04-27 11:17:41 -07:00
Erik Wilson
a3cb9ee1f6 Simplify SELinux detection and add --disable-selinux flag 2020-02-28 10:10:55 -07:00
Erik Wilson
b15c4473cd Use default kubelet device-plugins path 2020-02-14 10:18:07 -07:00
Erik Wilson
76281bf731 Update k3s for k8s 1.17.0 2019-12-15 23:28:19 -07:00
Erik Wilson
2de93d70cf Allow --pause-image to set docker sandbox image also 2019-12-10 16:16:26 -07:00
Darren Shepherd
ff34c5c5cf Download cert/key to agent with single HTTP request
Since generated cert/keys are stored locally, each server has a different
copy.  In a HA setup we need to ensure we download the cert and key from
the same server so we combined HTTP requests to do that.
2019-11-15 21:51:51 -07:00
Erik Wilson
55c05ac500 Refactor node password location 2019-11-12 15:30:34 -07:00
Darren Shepherd
ba240d0611 Refactor tokens, bootstrap, and cli args 2019-10-30 19:06:49 -07:00
Akihiro Suda
aafccdbccb rootless: add kubelet flags automatically
Fix https://github.com/rancher/k3s/issues/784

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-10-25 17:10:14 +09:00
Erik Wilson
da3a7c6bbc Add network policy controller 2019-10-18 16:11:42 -07:00
Darren Shepherd
30c14a4db6
Merge pull request #901 from erikwilson/default-kubelet-dir
Use default kubelet directory
2019-10-17 16:49:11 -07:00
galal-hussein
d2c1f66496 Add k3s cloud provider 2019-10-16 21:13:15 +02:00
Erik Wilson
c72ef62d2c Use default kubelet directory 2019-10-15 10:47:03 -07:00
galal-hussein
5ccc880ddb Add private registry to containerd 2019-10-08 01:54:53 +02:00
Erik Wilson
999e40d6d3 Add strongswan utilities for ipsec 2019-09-27 18:26:39 -07:00
Erik Wilson
959acf9c92 Add --flannel-backend flag 2019-09-27 18:26:39 -07:00
Erik Wilson
3cd807a657 Add --flannel-conf flag 2019-09-27 18:26:39 -07:00
Erik Wilson
a76ca2e887 Remove hostname requirement in /etc/hosts 2019-08-21 22:56:20 -07:00
YAMAMOTO Takashi
dc4ebd4c67 Remove agent proxy config which is no longer used 2019-07-17 18:05:16 +09:00
Erik Wilson
29865fd9c9 Remove agent proxy 2019-06-25 15:04:04 -07:00
Erik Wilson
2c9444399b Refactor certs 2019-06-25 15:04:04 -07:00
Darren Shepherd
c0702b0492 Port to wrangler 2019-05-26 22:28:50 -07:00
galal-hussein
930093dfe9 Expose node labels and taints and add node roles 2019-05-08 01:47:07 +02:00
haokang.ke
52f845ec84 Make pause image configurable (#345) 2019-05-03 10:36:12 -07:00
galal-hussein
5d8d9e610b Add timeout to hostname check 2019-05-03 14:41:08 +02:00
galal-hussein
7e1699cda0 Check if hostname is resolvable before running agent 2019-05-01 22:54:05 +02:00
Darren Shepherd
9db91d7de3
Merge pull request #369 from erikwilson/node-dns
Node DNS & cert registration
2019-04-26 16:00:31 -07:00
Erik Wilson
c9941895d6 Bind kubelet to all interfaces and use webhook auth 2019-04-26 15:02:30 -07:00
galal-hussein
bdf8a355e1 Add containerd config go template 2019-04-25 22:17:34 +02:00
Erik Wilson
f584197bba Save password as text file 2019-04-25 10:53:21 -07:00
Erik Wilson
e64c0298f2 Add cert per-node password authentication 2019-04-23 11:02:35 -07:00
Erik Wilson
1b2db423de Add node name to node cert generation 2019-04-19 18:20:34 +00:00
Darren Shepherd
0e3711b8b7
Merge pull request #339 from km4rcus/cluster-domain-option
Add --cluster-domain option
2019-04-15 10:06:07 -07:00
Stuart Wallace
2268e028a2 Add ability to override flannel interface 2019-04-12 21:06:43 +01:00
Marco Mancini
b445bad171 Add --cluster-domain option 2019-04-12 08:06:35 +02:00
galal-hussein
7794528aa1 Add extra flags for server and agent components 2019-04-09 08:20:38 +02:00
Erik Wilson
a4df9f4ab1 Kubelet resolv.conf DNS update
Allow the kubelet resolv-conf flag to be set, or automatically
discovered from /etc/resolv.conf & /run/systemd/resolve/resolv.conf if
no loopback devices are present, or create our own which points to
nameserver 8.8.8.8
2019-03-26 23:13:54 +00:00
Adam Liddell
b430513abf Enforce lower case hostname for node, references #160 2019-03-05 18:34:24 +00:00