Commit Graph

1814 Commits

Author SHA1 Message Date
Brad Davidson
5f53c0976c Expose failure if Traefik helm chart cannot be downloaded
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-21 17:08:31 -08:00
David Nuzik
9400a8e1d0
Merge pull request #2727 from k3s-io/davidnuzik-v1.19.5+k3s2-to-stable
mark v1.19.5+k3s2 as stable
2020-12-17 19:15:47 -07:00
David Nuzik
7ab1e1c084
mark v1.19.5+k3s2 as stable 2020-12-17 18:41:39 -07:00
Brad Davidson
8936cf577f Bump coredns to 1.8.0
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-17 15:20:19 -08:00
Brad Davidson
d13f7fabd6 Fix incorrect kubernetes replacement fork in go.mod
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-16 14:35:11 -08:00
Brad Davidson
833422cab1 Add bash to curl image before running dispatch script
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-16 13:11:12 -08:00
Chris Kim
332fd73d46
Add support for both config-file and data-dir at a global level in the self-extracting wrapper for K3s (#2594)
* Add support for both config-file and data-dir at a global level in the self-extracting wrapper for K3s

Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-12-16 09:27:57 -08:00
Brad Davidson
d672a4ae1a Wait longer for sonobuoy tests to start up
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-16 09:22:52 -08:00
Erik Wilson
5d5f33abc8
Merge pull request #2716 from brandond/fix_manfest
Fix manifest CI step
2020-12-16 10:18:33 -07:00
Brad Davidson
d84bf75c3d Fix manifest CI step
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-16 00:59:25 -08:00
Erik Wilson
1230d7b7df Fix HA server initialization
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
2020-12-15 16:08:28 -08:00
Brad Davidson
8e4d3e645b Restore legacy master role for etcd nodes
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-15 15:15:46 -08:00
Brad Davidson
13d585059f Add registry mirrors for CI test step
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-15 13:57:18 -08:00
Brad Davidson
ef9ad4f04d Clean up CI warnings/errors
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-15 10:54:59 -08:00
David Nuzik
2df9ec6771
Merge pull request #2702 from briandowns/update_channel_server
update stable version
2020-12-14 09:51:42 -07:00
Brian Downs
0dfab2b30a update stable version
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-12-14 09:40:26 -07:00
Jacob Blain Christen
bae2607fd9
fix the k3s-upgrade dispatch (#2679)
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-10 14:31:44 -07:00
Brad Davidson
9b62903ae3 Update CODEOWNERS for k3s-io move
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-10 08:52:22 -08:00
Chris Kim
fbe89176e1
Merge pull request #2668 from Oats87/issues/k3s/2548-mst-suppl2
Set kubelet-cgroups if we detect we are running under a `.scope`
2020-12-09 17:07:27 -08:00
Chris Kim
61ef2ce95e use version.Program
Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-12-09 12:34:13 -08:00
Chris Kim
48925fcb88
Simplify checkCgroups function call
Co-authored-by: Brian Downs <brian.downs@gmail.com>
2020-12-09 11:59:54 -08:00
Chris Kim
a3f87a81bd Independently set kubelet-cgroups and runtime-cgroups, and detect if we are running under a systemd scope
Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-12-09 11:39:33 -08:00
Brad Davidson
c5aad1b5ed Disable the ServiceAccountIssuerDiscovery feature-gate.
We're not setting ``--service-account-issuer` to a https URL, which causes an
error message at startup when the feature gate is enabled. From the
docs on that flag:

> If this option is not a valid URI per the OpenID Discovery 1.0 spec, the
> ServiceAccountIssuerDiscovery feature will remain disabled, even if the
> feature gate is set to true. It is highly recommended that this value
> comply with the OpenID spec:
> https://openid.net/specs/openid-connect-discovery-1_0.html. In practice,
> this means that service-account-issuer must be an https URL. It is also
> highly recommended that this URL be capable of serving OpenID discovery
> documents at {service-account-issuer}/.well-known/openid-configuration.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-08 22:51:34 -08:00
Brad Davidson
63f2211b31 deprecate the "node-role.kubernetes.io/master" label / taint
Related to https://github.com/kubernetes/kubernetes/pull/95382

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-08 22:51:34 -08:00
Brad Davidson
c6950d2cb0 Update Kubernetes to v1.20.0-k3s1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-08 22:51:34 -08:00
Brad Davidson
cd27c6fcbe Bump coredns to 1.7.1
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-08 15:58:17 -08:00
Erik Wilson
0ae7f2d5ae
Merge pull request #2407 from erikwilson/node-passwd-cleanup
Use secrets for node-passwd entries
2020-12-08 16:25:13 -07:00
Hussein Galal
989c936993
update etcd to fix the panic for etcd tombstone issue (#2658)
* update etcd

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod tidy

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2020-12-09 01:06:37 +02:00
Chris Kim
cd5591cc85
Merge pull request #2654 from Oats87/issues/k3s/2548-mst-suppl
Add check for `/init.scope` for cgroup
2020-12-08 13:35:28 -08:00
Brian Downs
821fa6d93f
bump Go to version 1.15.5 (#2638)
Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-12-08 11:50:31 -07:00
Chris Kim
3d1e40eaa3 Handle the case when systemd lives under /init.scope
Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-12-08 10:26:54 -08:00
Chris Kim
e71e11fed0
Merge pull request #2642 from Oats87/issues/k3s/2548-cgroup
Set a cgroup if containerized
2020-12-08 10:05:21 -08:00
Erik Wilson
cccba681a9
Test script cleanup backport from RKE2 (#2650)
* Test script cleanup backport from RKE2

Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>

* Update scripts/test

Co-authored-by: Brian Downs <brian.downs@gmail.com>

Co-authored-by: Brian Downs <brian.downs@gmail.com>
2020-12-08 10:43:31 -07:00
Chris Kim
f3de60ff31 When there is a defined cgroup for PID 1, assume we are containerized and set a root
Signed-off-by: Chris Kim <oats87g@gmail.com>
2020-12-07 13:15:15 -08:00
Hussein Galal
fadc5a8057
Add tombstone file to etcd and catch errc etcd channel (#2592)
* Add tombstone file to embedded etcd

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod update

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* fixes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* more fixes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* more changes

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* gofmt and goimports

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod update

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go lint

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>

* go mod tidy

Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2020-12-07 22:30:44 +02:00
Jacob Blain Christen
10b43c8fe5
channels: tweak testing channel config(s) (#2643)
Limit the `testing` channel(s) to alpha, beta, and rc pre-releases.

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-07 12:37:28 -07:00
Erik Wilson
f6153201ba Add diagnostics collection scripts
Signed-off-by: Erik Wilson <Erik.E.Wilson@gmail.com>
2020-12-07 11:08:47 -07:00
Jacob Blain Christen
47019226bb
containerd: v1.4.3-k3s1 (#2631)
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-07 10:02:56 -07:00
Brad Davidson
15d03c5930 Fix alternate bindir logic for #2551
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2020-12-04 21:56:22 -08:00
Brian Downs
a7bf00bb9d
Update uninstall script to remove mount point path after umount (#2542)
* update uninstall script to remove mount point path after umount
2020-12-04 20:17:10 -07:00
Vincent Batts
eb3e4c154c
install.sh: support install on Flatcar with no args (#2551)
* install.sh: test if BIN_DIR is readonly, else use /opt

On flatcar /usr is a readonly partition, while /opt is allowed for
writing.

Signed-off-by: Vincent Batts <vbatts@kinvolk.io>

* install.sh: only warn on Flatcar about selinux

This check is a bit more explicit, but only warn about finding the rpm
installed policy when on Flatcar Container Linux

Signed-off-by: Vincent Batts <vbatts@kinvolk.io>

* Update install.sh

Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: Vincent Batts <vbatts@kinvolk.io>

Co-authored-by: Brad Davidson <brad@oatmail.org>
2020-12-04 18:19:01 -08:00
Jacob Blain Christen
e43a9096b8
[migration k3s-io] drone: initial move to k3s-io (#2609)
Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-12-04 14:07:04 -07:00
Chin-Ya Huang
3f0f2b342e Show go version when executes with --version.
Signed-off-by: Chin-Ya Huang <chin-ya.huang@suse.com>
2020-12-04 12:51:15 -08:00
transhapHigsn
87a43c69e1 Problem: CoreDNS getting preempted by other pods
Solution: Set priorityClassName to system-node-critical of traefik, metrics-server, local storage and coredns deployment
Signed-off-by: transhapHigsn <fet.prashantsingh@gmail.com>
2020-12-04 12:50:12 -08:00
Akihiro Suda
27e64c72a1 rancher/k3s-root -> k3s-io/k3s-root
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 11:00:00 -08:00
Akihiro Suda
679e4df1b0 Bump k3s-root to v0.7.1
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 11:00:00 -08:00
Akihiro Suda
eb72d509ce pkg/agent/config: validate containerd snapshotter value
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 11:00:00 -08:00
Akihiro Suda
05f6255437 add fuse-overlayfs snapshotter (mainly for rootless mode)
Ubuntu and Debian kernels support mounting real overlayfs inside userns,
but the vanilla kernel still does not allow it.

OTOH fuse-overlayfs can be mounted inside userns with the vanilla kernel (>= 4.18).

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 11:00:00 -08:00
Akihiro Suda
43f7eaedf8 rootless: fix "stat /run/user/1000: no such file or directory" on kubectl run
k3s was mounting a tmpfs on `/run` by itself, so it was hiding RootlessKit's `/run`.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 10:31:21 -08:00
Akihiro Suda
67410d2757 rootless: validate sysctl before starting up
Fix #2420

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-12-01 09:21:39 -08:00