Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,781 Commits 27 Branches 785 Tags 625 MiB
c35761d169
Commit Graph

1781 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Derek Nola
c35761d169
Renamed client-cloud-controller crt and key (#3472) 
Signed-off-by: dereknola <derek.nola@suse.com>
 2021-06-16 14:55:43 -07:00
Brian Downs
8651d6af5f
Send systemd notifications for both server and agent (#3430) (#3460) 
* update agent to sent systemd notify after everything starts
 2021-06-15 12:16:15 -07:00
Derek Nola
c012e6ec6f
Changed iptables version check for fail if version is between 1.8.0 and 1.8.3 and using nf_tables mode (#3454) 
Signed-off-by: dereknola <derek.nola@suse.com>
 2021-06-15 09:19:28 -07:00
Brad Davidson
eac48f69bc Add kubernetes.default.svc to serving certs 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-06-08 16:24:16 -07:00
Brian Downs
3db7f98853
Merge pull request #3354 from briandowns/backport_etcd_subcommands-1.21 
[ Backport 1.21 ] - etcd subcommands 1.21
 2021-06-08 10:23:20 -07:00
Derek Nola
16ae282c7a
Fix RBAC cloud-controller-manager name 3308 (#3388) (#3408) 
* Changed cloud-controller-manager user name in ccm.yaml
* Changed RBAC name in server.go and deps.go

Signed-off-by: dereknola <derek.nola@suse.com>
 2021-06-07 08:46:24 -07:00
Manuel Buil
5beae200a0
Merge pull request #3403 from manuelbuil/backport_wireguard 
[Backport 1.21] Add a path for wireguard's privatekey
 2021-06-07 17:40:27 +02:00
Manuel Buil
84f22d3c60
Merge pull request #3402 from manuelbuil/flannel_backport 
[Backport  1.21] Update flannel version
 2021-06-04 09:44:24 +02:00
Manuel Buil
ff54d8c96d Add a path for wireguard's privatekey 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-06-04 09:00:35 +02:00
Manuel Buil
1932979f44 Update flannel version 
Signed-off-by: Manuel Buil <mbuil@suse.com>
 2021-06-04 08:56:46 +02:00
Erik Wilson
75dba57f9b
Merge pull request #3359 from dweomer/fix-1.21/3296/caps 
[backport 1.21] containerd: v1.4.4-k3s2
 2021-05-20 13:46:14 -07:00
Jacob Blain Christen
5573fe4beb [backport 1.21] containerd: v1.4.4-k3s2 
Pull in backport of containerd/containerd#5017

Addresses #3296

Signed-off-by: Jacob Blain Christen <dweomer5@gmail.com>
 2021-05-20 11:38:48 -07:00
Jacob Blain Christen
778ee545ff
[backport 1.21] runc: v1.0.0-rc95 (#3348) (#3352) 
- Addresses #3299

Signed-off-by: Jacob Blain Christen <dweomer5@gmail.com>
 2021-05-20 10:26:06 -07:00
Brian Downs
8fd180e0d9 move object channel defer close to goroutine 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-05-19 14:49:48 -07:00
Brian Downs
69795277be add retention default and wire in s3 prune 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-05-19 14:49:44 -07:00
Brian Downs
58649c5e85 add etcd snapshot save subcommand 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-05-19 14:49:38 -07:00
Brad Davidson
67651aee58 Handle conntrack-related sysctls in supervisor agent setup 
(cherry picked from commit 7e175e8ad4)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-18 22:25:33 -07:00
Erik Wilson
fd4d226e3d
Merge pull request #3328 from erikwilson/v1.21.1-k3s1 
Update Kubernetes to v1.21.1-k3s1
 2021-05-14 13:54:28 -07:00
Erik Wilson
11c5effca2
Bump to go 1.16.4 2021-05-14 10:36:13 -07:00
Erik Wilson
70430b53a8
Update Kubernetes to v1.21.1-k3s1 2021-05-14 10:12:55 -07:00
Brian Downs
6ee28214fa
Add the ability to prune etcd snapshots (#3310) 
* add prune subcommand to force rentention policy enforcement
 2021-05-13 13:36:33 -07:00
Brad Davidson
079620ded0 Fix passthrough of SystemDefaultRegistry from server config 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-13 02:18:09 -07:00
Menna Elmasry
f76d6208e4
Merge pull request #3316 from MonzElmasry/disable-apiserver-flag 
change --disable-api-server flag to --disable-apiserver
 2021-05-13 01:10:55 +02:00
MonzElmasry
24474c5734
change --disable-apiserver flag 
Signed-off-by: MonzElmasry <menna.elmasry@rancher.com>
 2021-05-13 00:00:11 +02:00
Jacob Blain Christen
0d05b14b71
runc: v1.0.0-rc94 (#3305) 
- bump the runc version to v1.0.0-rc94
- build runc from its own source tree instead of from ./vendor/
  - side-steps incompatibility with upstream kubelet container manager

Signed-off-by: Jacob Blain Christen <dweomer5@gmail.com>
 2021-05-12 11:50:24 -07:00
Brad Davidson
e10524a6b1 Add executor.Bootstrap hook for pre-execution setup 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-11 18:46:15 -07:00
Brian Downs
bcd8b67db4
Add the ability to list etcd snapshots (#3303) 
* add ability to list local and s3 etcd snapshots
 2021-05-11 16:59:33 -07:00
Brad Davidson
02a5bee62f
Add system-default-registry support and remove shared code (#3285) 
* Move registries.yaml handling out to rancher/wharfie
* Add system-default-registry support
* Add CLI support for kubelet image credential providers

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-10 15:58:41 -07:00
Hussein Galal
948295e8e8
Fix cluster restoration in rke2 (#3295) 
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
 2021-05-11 00:06:33 +02:00
Brad Davidson
fc037e87f8 Use config file values in node-args annotation 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-05-10 14:08:02 -07:00
Brian Downs
e998cd110d
Add the ability to delete an etcd snapshot locally or from S3 (#3277) 
* Add the ability to delete a given set of etcd snapshots from the CLI for locally stored and S3 store snapshots.
 2021-05-07 16:10:04 -07:00
Siegfried Weber
e77fd18270 Sign CSRs for kubelet-serving with the server CA 
Problem:
Only the client CA is passed to the kube-controller-manager and
therefore CSRs with the signer name "kubernetes.io/kubelet-serving" are
signed with the client CA. Serving certificates must be signed with the
server CA otherwise e.g. "kubectl logs" fails with the error message
"x509: certificate signed by unknown authority".

Solution:
Instead of providing only one CA via the kube-controller-manager
parameter "--cluster-signing-cert-file", the corresponding CA for every
signer is set with the parameters
"--cluster-signing-kube-apiserver-client-cert-file",
"--cluster-signing-kubelet-client-cert-file",
"--cluster-signing-kubelet-serving-cert-file", and
"--cluster-signing-legacy-unknown-cert-file".

Signed-off-by: Siegfried Weber <mail@siegfriedweber.net>
 2021-05-05 15:59:57 -07:00
Akihiro Suda
3cfa76fcbf Add cgroup2 CI (Fedora on Vagrant on GHA) 
Add `.github/workflows/cgroup2.yaml` for running Fedora on Vagrant on
GitHub Actions to test cgroup2 environment.

Only very basic smoke tests are executed, as Vagrant is too slow to run
the entire sonobuoy.

Relevant:
- kubernetes-sigs/kind PR 2017
- https://github.com/rootless-containers/usernetes/blob/v20210201.0/.github/workflows/main.yaml

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-05-05 15:53:47 -07:00
Menna Elmasry
17d91c5148
Merge pull request #3270 from MonzElmasry/validate-go-mod-ci 
Add ci step to validate incorrect replacement fork
 2021-05-05 20:00:45 +02:00
Menna Elmasry
91c5797016
add new-line 
Co-authored-by: Brian Downs <brian.downs@gmail.com>
 2021-05-05 19:06:12 +02:00
Hussein Galal
f410fc7d1e
Invoke cluster reset function when only reset flag is passed (#3276) 
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
 2021-05-05 17:40:04 +02:00
MonzElmasry
45265620c1
Add ci step to validate incorerct replacement fork 
Signed-off-by: MonzElmasry <menna.elmasry@rancher.com>
 2021-05-05 17:10:40 +02:00
Brian Downs
e1b9067d21
Merge pull request #3268 from briandowns/fix_node_name 
Reference node name when needed
 2021-05-04 10:48:26 -07:00
Brian Downs
beb0d8397a reference node name when needed 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-05-04 10:03:28 -07:00
Vegetto
64577a070d fixes #3264 - unmount CSI plugins on uninstall 
Signed-off-by: angelnu <git@angelnucom>
 2021-05-03 20:05:26 -07:00
Brian Downs
245efe0d66
Merge pull request #3257 from briandowns/remove_dapperfile 
remove accidentially commited dapper files
 2021-04-30 20:38:40 -07:00
Brian Downs
259d7ce655 remove accidentially commited dapper files 
Signed-off-by: Brian Downs <brian.downs@gmail.com>
 2021-04-30 18:38:42 -07:00
Brian Downs
c5ad71ce0b
Collect and Store etcd Snapshots and Metadata (#3239) 
* Add the ability to store local etcd snapshots and etcd snapshots stored in an S3 compatible object store in a ConfigMap.
 2021-04-30 18:26:39 -07:00
Loren Lisk
fceb20fe0c Typo fix in README.md 
Just a small typo fix

Signed-off-by: Loren Lisk <loren.lisk@liskl.com>
 2021-04-30 08:43:55 -07:00
Hussein Galal
2db3bf7a89
Export CriConnection function (#3225) 
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
 2021-04-29 22:11:19 +02:00
Brad Davidson
3cb4ca4b35 Use same SANs on ServingKubeAPICert as dynamiclistener 
The kube-apiserver cert should have the same SANs in the same order,
excluding the extra user-configured SANs since this will only be used
in-cluster.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-04-28 09:58:19 -07:00
Darren Shepherd
8f1a20c0d3 Add ability to append to slice during config file merge 
If key ends in "+" the value of the key is appended to previous
values found.  If values are string instead of a slice they are
automatically converted to a slice of one string.

Signed-off-by: Darren Shepherd <darren@rancher.com>
 2021-04-27 15:59:03 -07:00
Chris Kim
7a10a9971f
Add install script option to force a restart of the K3s service (#3235) 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2021-04-27 08:49:03 -07:00
Brad Davidson
2705431d96
Add support for dual-stack Pod/Service CIDRs and node IP addresses (#3212) 
* Add support for dual-stack cluster/service CIDRs and node addresses

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2021-04-21 15:56:20 -07:00
David Nuzik
ac507e530d
Merge pull request #3219 from davidnuzik/mark-1.20.6-stable 
Mark v1.20.6+k3s1 as stable
 2021-04-19 16:50:05 -07:00