upstream/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2026-06-08 16:26:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
k3s/pkg/cli/cmds/agent.go

344 lines
12 KiB
Go
Raw Permalink Normal View History

Continued refactoring
2019-01-09 11:54:15 -05:00
package cmds
import (
"os"
"path/filepath"
[master] changing package to k3s-io (#4846) * changing package to k3s-io Signed-off-by: Luther Monson <luther.monson@gmail.com> Co-authored-by: Derek Nola <derek.nola@suse.com>
2022-03-02 18:47:27 -05:00
"github.com/k3s-io/k3s/pkg/version"
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
"github.com/urfave/cli/v2"
Continued refactoring
2019-01-09 11:54:15 -05:00
)
type Agent struct {
Support external CRI implementations
2019-03-04 01:29:06 -05:00
Token string
Merge branch 'master' into tokenfile
2019-03-04 12:10:01 -05:00
TokenFile string
Fix broken K3S_TOKEN env
2019-11-14 14:42:42 -05:00
ClusterSecret string
Fix go fmt error
2019-03-24 15:19:05 -04:00
ServerURL string
Fix adding etcd-only node to existing cluster Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-02-16 17:19:58 -05:00
APIAddressCh chan []string
Use go tcpproxy
2019-07-24 03:22:31 -04:00
DisableLoadBalancer bool
Allow svclb pod to enable ipv6 forwarding Signed-off-by: Manuel Buil <mbuil@suse.com>
2021-11-09 10:44:34 -05:00
DisableServiceLB bool
Add disable flags for control components (#2900) * Add disable flags to control components Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * golint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fixes to disable flags Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Add comments to functions Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Fix joining problem Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * golint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix ticker Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix role labels Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
2021-02-12 10:35:57 -05:00
ETCDAgent bool
LBServerPort int
Kubelet resolv.conf DNS update Allow the kubelet resolv-conf flag to be set, or automatically discovered from /etc/resolv.conf & /run/systemd/resolve/resolv.conf if no loopback devices are present, or create our own which points to nameserver 8.8.8.8
2019-03-26 18:15:16 -04:00
ResolvConf string
Support external CRI implementations
2019-03-04 01:29:06 -05:00
DataDir string
Refactor supervisor listener startup and add metrics * Refactor agent supervisor listener startup and authn/authz to use upstream auth delegators to perform for SubjectAccessReview for access to metrics. * Convert spegel and pprof handlers over to new structure. * Promote bind-address to agent flag to allow setting supervisor bind address for both agent and server. * Promote enable-pprof to agent flag to allow profiling agents. Access to the pprof endpoint now requires client cert auth, similar to the spegel registry api endpoint. * Add prometheus metrics handler. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-24 21:02:05 -04:00
BindAddress string
Add support for dual-stack Pod/Service CIDRs and node IP addresses (#3212) * Add support for dual-stack cluster/service CIDRs and node addresses Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-04-21 18:56:20 -04:00
NodeIP cli.StringSlice
NodeExternalIP cli.StringSlice
add node-internal-dns/node-external-dns address pass-through support (#10852) * add --node-internal-dns and --node-external-dns Signed-off-by: Arne Winter <github@arnewinter.dev> Co-authored-by: Brad Davidson <brad@oatmail.org>
2024-09-06 17:15:19 -04:00
NodeInternalDNS cli.StringSlice
NodeExternalDNS cli.StringSlice
Support external CRI implementations
2019-03-04 01:29:06 -05:00
NodeName string
Make pause image configurable (#345)
2019-05-03 13:36:12 -04:00
PauseImage string
Add containerd snapshotter flag (#1991) * Add containerd snapshotter flag Signed-off-by: Jason-ZW <zhenyang@rancher.com> * Fix CamelCase nit and option description Signed-off-by: Brad Davidson <brad.davidson@rancher.com> Signed-off-by: Jason-ZW <zhenyang@rancher.com> Co-authored-by: Brad Davidson <brad@oatmail.org>
2020-07-17 19:16:23 -04:00
Snapshotter string
Support external CRI implementations
2019-03-04 01:29:06 -05:00
Docker bool
Add support for containerd cri registry config_path Render cri registry mirrors.x.endpoints and configs.x.tls into config_path; keep using mirrors.x.rewrites and configs.x.auth those do not yet have an equivalent in the new format. The new config file format allows disabling containerd's fallback to the default endpoint when using mirror endpoints; a new CLI flag is added to control that behavior. This also re-shares some code that was unnecessarily split into parallel implementations for linux/windows versions. There is probably more work to be done on this front but it's a good start. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-29 21:14:01 -05:00
ContainerdNoDefault bool
Add nonroot-devices flag to agent CLI Add new flag that is passed through to the device_ownership_from_security_context parameter in the containerd CRI config. This is not possible to change without providing a complete custom containerd.toml template so we should add a flag for it. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-30 16:55:40 -04:00
ContainerdNonrootDevices bool
Support external CRI implementations
2019-03-04 01:29:06 -05:00
ContainerRuntimeEndpoint string
Added runtime classes for crun/wasm/nvidia Signed-off-by: Vitor Savian <vitor.savian@suse.com> Added default runtime flag Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-11-21 15:38:56 -05:00
DefaultRuntime string
Add --image-service-endpoint flag (#8279) * Add --image-service-endpoint flag Problem: External container runtime can be set but image service endpoint is unchanged and also is not exposed as a flag. This is useful for using containerd snapshotters outside of the ones that have built-in support like stargz-snapshotter. Solution: Add a flag --image-service-endpoint and also default image service endpoint to container runtime endpoint if set. Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2023-09-27 16:20:50 -04:00
ImageServiceEndpoint string
Add ability to override flannel interface
2019-03-19 19:28:43 -04:00
FlannelIface string
Add --flannel-conf flag
2019-08-08 01:56:09 -04:00
FlannelConf string
Add FlannelConfCNI flag Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-06-08 04:38:07 -04:00
FlannelCniConfFile string
VPN PoC Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-09-01 13:20:32 -04:00
VPNAuth string
VPNAuthFile string
Support external CRI implementations
2019-03-04 01:29:06 -05:00
Debug bool
Refactor supervisor listener startup and add metrics * Refactor agent supervisor listener startup and authn/authz to use upstream auth delegators to perform for SubjectAccessReview for access to metrics. * Convert spegel and pprof handlers over to new structure. * Promote bind-address to agent flag to allow setting supervisor bind address for both agent and server. * Promote enable-pprof to agent flag to allow profiling agents. Access to the pprof endpoint now requires client cert auth, similar to the spegel registry api endpoint. * Add prometheus metrics handler. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-24 21:02:05 -04:00
EnablePProf bool
Add rootless support
2019-03-08 17:47:44 -05:00
Rootless bool
rootless: add kubelet flags automatically Fix https://github.com/rancher/k3s/issues/784 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2019-10-19 06:18:51 -04:00
RootlessAlreadyUnshared bool
Refactor node password location
2019-11-05 04:45:07 -05:00
WithNodeID bool
cli: add --selinux flag to agent/server sub-cmds (#2111) * cli: add --selinux flag to agent/server sub-cmds Introduces --selinux flag to affirmatively enable SELinux in containerd. Deprecates --disable-selinux flag which now defaults to true which auto-detection of SELinux configuration for containerd is no longer supported. Specifying both --selinux and --disable-selinux will result in an error message encouraging you to pick a side. * Update pkg/agent/containerd/containerd.go update log warning message about enabled selinux host but disabled runtime Co-authored-by: Brad Davidson <brad@oatmail.org> Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
2020-08-11 19:17:32 -04:00
EnableSELinux bool
add protect-kernel-defaults to kubelet Signed-off-by: Brian Downs <brian.downs@gmail.com>
2020-07-14 18:46:10 -04:00
ProtectKernelDefaults bool
Add system-default-registry support and remove shared code (#3285) * Move registries.yaml handling out to rancher/wharfie * Add system-default-registry support * Add CLI support for kubelet image credential providers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-10 18:58:41 -04:00
ClusterReset bool
Add support for retagging images on load from tarball Adds support for retagging images to appear to have been sourced from one or more additional registries as they are imported from the tarball. This is intended to support RKE2 use cases with system-default-registry where the images need to appear to have been pulled from a registry other than docker.io. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-02-12 02:37:58 -05:00
PrivateRegistry string
Add system-default-registry support and remove shared code (#3285) * Move registries.yaml handling out to rancher/wharfie * Add system-default-registry support * Add CLI support for kubelet image credential providers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-10 18:58:41 -04:00
SystemDefaultRegistry string
Add support for retagging images on load from tarball Adds support for retagging images to appear to have been sourced from one or more additional registries as they are imported from the tarball. This is intended to support RKE2 use cases with system-default-registry where the images need to appear to have been pulled from a registry other than docker.io. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-02-12 02:37:58 -05:00
AirgapExtraRegistry cli.StringSlice
ExtraKubeletArgs cli.StringSlice
ExtraKubeProxyArgs cli.StringSlice
Labels cli.StringSlice
Taints cli.StringSlice
Add system-default-registry support and remove shared code (#3285) * Move registries.yaml handling out to rancher/wharfie * Add system-default-registry support * Add CLI support for kubelet image credential providers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-10 18:58:41 -04:00
ImageCredProvBinDir string
ImageCredProvConfig string
Continued refactoring
2019-01-09 11:54:15 -05:00
AgentShared
}
type AgentShared struct {
NodeIP string
}
var (
Secrets-encryption rotation (#4372) * Regular CLI framework for encrypt commands * New secrets-encryption feature * New integration test * fixes for flaky integration test CI * Fix to bootstrap on restart of existing nodes * Consolidate event recorder Signed-off-by: Derek Nola <derek.nola@suse.com>
2021-12-07 17:31:32 -05:00
appName = filepath.Base(os.Args[0])
AgentConfig Agent
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
AgentTokenFlag = &cli.StringFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "token",
Aliases: []string{"t"},
Secrets-encryption rotation (#4372) * Regular CLI framework for encrypt commands * New secrets-encryption feature * New integration test * fixes for flaky integration test CI * Fix to bootstrap on restart of existing nodes * Consolidate event recorder Signed-off-by: Derek Nola <derek.nola@suse.com>
2021-12-07 17:31:32 -05:00
Usage: "(cluster) Token to use for authentication",
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_TOKEN"},
Secrets-encryption rotation (#4372) * Regular CLI framework for encrypt commands * New secrets-encryption feature * New integration test * fixes for flaky integration test CI * Fix to bootstrap on restart of existing nodes * Consolidate event recorder Signed-off-by: Derek Nola <derek.nola@suse.com>
2021-12-07 17:31:32 -05:00
Destination: &AgentConfig.Token,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
NodeIPFlag = &cli.StringSliceFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "node-ip",
Aliases: []string{"i"},
Usage: "(agent/networking) IPv4/IPv6 addresses to advertise for node",
Destination: &AgentConfig.NodeIP,
Continued refactoring
2019-01-09 11:54:15 -05:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
NodeExternalIPFlag = &cli.StringSliceFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "node-external-ip",
Usage: "(agent/networking) IPv4/IPv6 external IP addresses to advertise for node",
Destination: &AgentConfig.NodeExternalIP,
Add k3s cloud provider
2019-10-15 17:17:26 -04:00
}
add node-internal-dns/node-external-dns address pass-through support (#10852) * add --node-internal-dns and --node-external-dns Signed-off-by: Arne Winter <github@arnewinter.dev> Co-authored-by: Brad Davidson <brad@oatmail.org>
2024-09-06 17:15:19 -04:00
NodeInternalDNSFlag = &cli.StringSliceFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "node-internal-dns",
Usage: "(agent/networking) internal DNS addresses to advertise for node",
Destination: &AgentConfig.NodeInternalDNS,
add node-internal-dns/node-external-dns address pass-through support (#10852) * add --node-internal-dns and --node-external-dns Signed-off-by: Arne Winter <github@arnewinter.dev> Co-authored-by: Brad Davidson <brad@oatmail.org>
2024-09-06 17:15:19 -04:00
}
NodeExternalDNSFlag = &cli.StringSliceFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "node-external-dns",
Usage: "(agent/networking) external DNS addresses to advertise for node",
Destination: &AgentConfig.NodeExternalDNS,
add node-internal-dns/node-external-dns address pass-through support (#10852) * add --node-internal-dns and --node-external-dns Signed-off-by: Arne Winter <github@arnewinter.dev> Co-authored-by: Brad Davidson <brad@oatmail.org>
2024-09-06 17:15:19 -04:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
NodeNameFlag = &cli.StringFlag{
Continued refactoring
2019-01-09 11:54:15 -05:00
Name: "node-name",
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Usage: "(agent/node) Node name",
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_NODE_NAME"},
Continued refactoring
2019-01-09 11:54:15 -05:00
Destination: &AgentConfig.NodeName,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
WithNodeIDFlag = &cli.BoolFlag{
Refactor node password location
2019-11-05 04:45:07 -05:00
Name: "with-node-id",
Usage: "(agent/node) Append id to node name",
Destination: &AgentConfig.WithNodeID,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
ProtectKernelDefaultsFlag = &cli.BoolFlag{
Updates to CLI flag grouping + deprecated flag warnings. (#5937) * Consolidate data dir flag * Group cluster flags together * Reorder and group agent flags * Add additional info around vmodule flag * Hide deprecated flags, and add warning about their removal Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-08-02 16:51:16 -04:00
Name: "protect-kernel-defaults",
Usage: "(agent/node) Kernel tuning behavior. If set, error if kernel tunables are different than kubelet defaults.",
Destination: &AgentConfig.ProtectKernelDefaults,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
SELinuxFlag = &cli.BoolFlag{
Updates to CLI flag grouping + deprecated flag warnings. (#5937) * Consolidate data dir flag * Group cluster flags together * Reorder and group agent flags * Add additional info around vmodule flag * Hide deprecated flags, and add warning about their removal Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-08-02 16:51:16 -04:00
Name: "selinux",
Usage: "(agent/node) Enable SELinux in containerd",
Destination: &AgentConfig.EnableSELinux,
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_SELINUX"},
Updates to CLI flag grouping + deprecated flag warnings. (#5937) * Consolidate data dir flag * Group cluster flags together * Reorder and group agent flags * Add additional info around vmodule flag * Hide deprecated flags, and add warning about their removal Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-08-02 16:51:16 -04:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
LBServerPortFlag = &cli.IntFlag{
Updates to CLI flag grouping + deprecated flag warnings. (#5937) * Consolidate data dir flag * Group cluster flags together * Reorder and group agent flags * Add additional info around vmodule flag * Hide deprecated flags, and add warning about their removal Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-08-02 16:51:16 -04:00
Name: "lb-server-port",
Usage: "(agent/node) Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer.",
Destination: &AgentConfig.LBServerPort,
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_LB_SERVER_PORT"},
Updates to CLI flag grouping + deprecated flag warnings. (#5937) * Consolidate data dir flag * Group cluster flags together * Reorder and group agent flags * Add additional info around vmodule flag * Hide deprecated flags, and add warning about their removal Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-08-02 16:51:16 -04:00
Value: 6444,
Add agent command to server command
2019-03-01 19:10:18 -05:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
DockerFlag = &cli.BoolFlag{
Add cri-dockerd support as backend for --docker flag Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-12-16 15:00:40 -05:00
Name: "docker",
Usage: "(agent/runtime) (experimental) Use cri-dockerd instead of containerd",
Destination: &AgentConfig.Docker,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
CRIEndpointFlag = &cli.StringFlag{
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Name: "container-runtime-endpoint",
Add cri-dockerd support as backend for --docker flag Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-12-16 15:00:40 -05:00
Usage: "(agent/runtime) Disable embedded containerd and use the CRI socket at the given path; when used with --docker this sets the docker socket path",
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Destination: &AgentConfig.ContainerRuntimeEndpoint,
}
Added runtime classes for crun/wasm/nvidia Signed-off-by: Vitor Savian <vitor.savian@suse.com> Added default runtime flag Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-11-21 15:38:56 -05:00
DefaultRuntimeFlag = &cli.StringFlag{
Name: "default-runtime",
Usage: "(agent/runtime) Set the default runtime in containerd",
Destination: &AgentConfig.DefaultRuntime,
}
Add --image-service-endpoint flag (#8279) * Add --image-service-endpoint flag Problem: External container runtime can be set but image service endpoint is unchanged and also is not exposed as a flag. This is useful for using containerd snapshotters outside of the ones that have built-in support like stargz-snapshotter. Solution: Add a flag --image-service-endpoint and also default image service endpoint to container runtime endpoint if set. Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2023-09-27 16:20:50 -04:00
ImageServiceEndpointFlag = &cli.StringFlag{
Name: "image-service-endpoint",
Usage: "(agent/runtime) Disable embedded containerd image service and use remote image service socket at the given path. If not specified, defaults to --container-runtime-endpoint.",
Destination: &AgentConfig.ImageServiceEndpoint,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
PrivateRegistryFlag = &cli.StringFlag{
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Name: "private-registry",
Usage: "(agent/runtime) Private registry configuration file",
Destination: &AgentConfig.PrivateRegistry,
Make program name a variable to be changed at compile time
2020-05-05 18:09:04 -04:00
Value: "/etc/rancher/" + version.Program + "/registries.yaml",
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
AirgapExtraRegistryFlag = &cli.StringSliceFlag{
Hide the airgap-extra-registry flag Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-02-26 14:07:15 -05:00
Name: "airgap-extra-registry",
Usage: "(agent/runtime) Additional registry to tag airgap images as being sourced from",
Value: &AgentConfig.AirgapExtraRegistry,
Hidden: true,
Add support for retagging images on load from tarball Adds support for retagging images to appear to have been sourced from one or more additional registries as they are imported from the tarball. This is intended to support RKE2 use cases with system-default-registry where the images need to appear to have been pulled from a registry other than docker.io. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-02-12 02:37:58 -05:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
PauseImageFlag = &cli.StringFlag{
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Name: "pause-image",
Revert "Remove --docker/dockershim support" This reverts commit 4a3d283bc14ee2f9f65ba31a6193347d1a1a8c75. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-07-28 15:32:15 -04:00
Usage: "(agent/runtime) Customized pause image for containerd or docker sandbox",
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Destination: &AgentConfig.PauseImage,
Fix default pause image on windows Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2025-02-06 15:35:27 -05:00
Value: "rancher/mirrored-pause:3.6",
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
SnapshotterFlag = &cli.StringFlag{
Add containerd snapshotter flag (#1991) * Add containerd snapshotter flag Signed-off-by: Jason-ZW <zhenyang@rancher.com> * Fix CamelCase nit and option description Signed-off-by: Brad Davidson <brad.davidson@rancher.com> Signed-off-by: Jason-ZW <zhenyang@rancher.com> Co-authored-by: Brad Davidson <brad@oatmail.org>
2020-07-17 19:16:23 -04:00
Name: "snapshotter",
Usage: "(agent/runtime) Override default containerd snapshotter",
Destination: &AgentConfig.Snapshotter,
Basic windows agent that will join a cluster without CNI. Signed-off-by: Jamie Phillips <jamie.phillips@suse.com>
2021-06-10 15:27:00 -04:00
Value: DefaultSnapshotter,
Add containerd snapshotter flag (#1991) * Add containerd snapshotter flag Signed-off-by: Jason-ZW <zhenyang@rancher.com> * Fix CamelCase nit and option description Signed-off-by: Brad Davidson <brad.davidson@rancher.com> Signed-off-by: Jason-ZW <zhenyang@rancher.com> Co-authored-by: Brad Davidson <brad@oatmail.org>
2020-07-17 19:16:23 -04:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
FlannelIfaceFlag = &cli.StringFlag{
Add ability to override flannel interface
2019-03-19 19:28:43 -04:00
Name: "flannel-iface",
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Usage: "(agent/networking) Override default flannel interface",
Add ability to override flannel interface
2019-03-19 19:28:43 -04:00
Destination: &AgentConfig.FlannelIface,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
FlannelConfFlag = &cli.StringFlag{
Add --flannel-conf flag
2019-08-08 01:56:09 -04:00
Name: "flannel-conf",
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Usage: "(agent/networking) Override default flannel config file",
Add --flannel-conf flag
2019-08-08 01:56:09 -04:00
Destination: &AgentConfig.FlannelConf,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
FlannelCniConfFileFlag = &cli.StringFlag{
Add FlannelConfCNI flag Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-06-08 04:38:07 -04:00
Name: "flannel-cni-conf",
Usage: "(agent/networking) Override default flannel cni config file",
Destination: &AgentConfig.FlannelCniConfFile,
}
VPN PoC Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-09-01 13:20:32 -04:00
VPNAuth = &cli.StringFlag{
Name: "vpn-auth",
Add extraArgs to tailscale Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-14 12:24:19 -04:00
Usage: "(agent/networking) (experimental) Credentials for the VPN provider. It must include the provider name and join key in the format name=<vpn-provider>,joinKey=<key>[,controlServerURL=<url>][,extraArgs=<args>]",
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_VPN_AUTH"},
VPN PoC Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-09-01 13:20:32 -04:00
Destination: &AgentConfig.VPNAuth,
}
VPNAuthFile = &cli.StringFlag{
Name: "vpn-auth-file",
Add extraArgs to tailscale Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-09-14 12:24:19 -04:00
Usage: "(agent/networking) (experimental) File containing credentials for the VPN provider. It must include the provider name and join key in the format name=<vpn-provider>,joinKey=<key>[,controlServerURL=<url>][,extraArgs=<args>]",
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_VPN_AUTH_FILE"},
VPN PoC Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-09-01 13:20:32 -04:00
Destination: &AgentConfig.VPNAuthFile,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
ResolvConfFlag = &cli.StringFlag{
Kubelet resolv.conf DNS update Allow the kubelet resolv-conf flag to be set, or automatically discovered from /etc/resolv.conf & /run/systemd/resolve/resolv.conf if no loopback devices are present, or create our own which points to nameserver 8.8.8.8
2019-03-26 18:15:16 -04:00
Name: "resolv-conf",
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Usage: "(agent/networking) Kubelet resolv.conf file",
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_RESOLV_CONF"},
Kubelet resolv.conf DNS update Allow the kubelet resolv-conf flag to be set, or automatically discovered from /etc/resolv.conf & /run/systemd/resolve/resolv.conf if no loopback devices are present, or create our own which points to nameserver 8.8.8.8
2019-03-26 18:15:16 -04:00
Destination: &AgentConfig.ResolvConf,
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
ExtraKubeletArgs = &cli.StringSliceFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "kubelet-arg",
Usage: "(agent/flags) Customized flag for kubelet process",
Destination: &AgentConfig.ExtraKubeletArgs,
Add extra flags for server and agent components
2019-04-04 20:43:00 -04:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
ExtraKubeProxyArgs = &cli.StringSliceFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "kube-proxy-arg",
Usage: "(agent/flags) Customized flag for kube-proxy process",
Destination: &AgentConfig.ExtraKubeProxyArgs,
Add extra flags for server and agent components
2019-04-04 20:43:00 -04:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
NodeTaints = &cli.StringSliceFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "node-taint",
Usage: "(agent/node) Registering kubelet with set of taints",
Destination: &AgentConfig.Taints,
Expose node labels and taints and add node roles
2019-05-07 19:47:07 -04:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
NodeLabels = &cli.StringSliceFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "node-label",
Usage: "(agent/node) Registering and starting kubelet with set of labels",
Destination: &AgentConfig.Labels,
Expose node labels and taints and add node roles
2019-05-07 19:47:07 -04:00
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
ImageCredProvBinDirFlag = &cli.StringFlag{
Add system-default-registry support and remove shared code (#3285) * Move registries.yaml handling out to rancher/wharfie * Add system-default-registry support * Add CLI support for kubelet image credential providers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-10 18:58:41 -04:00
Name: "image-credential-provider-bin-dir",
Usage: "(agent/node) The path to the directory where credential provider plugin binaries are located",
Destination: &AgentConfig.ImageCredProvBinDir,
Value: "/var/lib/rancher/credentialprovider/bin",
}
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
ImageCredProvConfigFlag = &cli.StringFlag{
Add system-default-registry support and remove shared code (#3285) * Move registries.yaml handling out to rancher/wharfie * Add system-default-registry support * Add CLI support for kubelet image credential providers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-10 18:58:41 -04:00
Name: "image-credential-provider-config",
Usage: "(agent/node) The path to the credential provider plugin config file",
Destination: &AgentConfig.ImageCredProvConfig,
Value: "/var/lib/rancher/credentialprovider/config.yaml",
}
add agent flag disable-apiserver-lb (#8717) * add node flag disable-agent-lb * add agent flag disable-apiserver-lb Co-authored-by: Brad Davidson <brad@oatmail.org> Signed-off-by: chenk008 <kongchen28@gmail.com>
2023-11-14 18:54:32 -05:00
DisableAgentLBFlag = &cli.BoolFlag{
Name: "disable-apiserver-lb",
Usage: "(agent/networking) (experimental) Disable the agent's client-side load-balancer and connect directly to the configured server address",
Destination: &AgentConfig.DisableLoadBalancer,
}
Add support for containerd cri registry config_path Render cri registry mirrors.x.endpoints and configs.x.tls into config_path; keep using mirrors.x.rewrites and configs.x.auth those do not yet have an equivalent in the new format. The new config file format allows disabling containerd's fallback to the default endpoint when using mirror endpoints; a new CLI flag is added to control that behavior. This also re-shares some code that was unnecessarily split into parallel implementations for linux/windows versions. There is probably more work to be done on this front but it's a good start. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-29 21:14:01 -05:00
DisableDefaultRegistryEndpointFlag = &cli.BoolFlag{
Name: "disable-default-registry-endpoint",
Usage: "(agent/containerd) Disables containerd's fallback default registry endpoint when a mirror is configured for that registry",
Destination: &AgentConfig.ContainerdNoDefault,
}
Add nonroot-devices flag to agent CLI Add new flag that is passed through to the device_ownership_from_security_context parameter in the containerd CRI config. This is not possible to change without providing a complete custom containerd.toml template so we should add a flag for it. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-30 16:55:40 -04:00
NonrootDevicesFlag = &cli.BoolFlag{
Name: "nonroot-devices",
Usage: "(agent/containerd) Allows non-root pods to access devices by setting device_ownership_from_security_context=true in the containerd CRI config",
Destination: &AgentConfig.ContainerdNonrootDevices,
}
Refactor supervisor listener startup and add metrics * Refactor agent supervisor listener startup and authn/authz to use upstream auth delegators to perform for SubjectAccessReview for access to metrics. * Convert spegel and pprof handlers over to new structure. * Promote bind-address to agent flag to allow setting supervisor bind address for both agent and server. * Promote enable-pprof to agent flag to allow profiling agents. Access to the pprof endpoint now requires client cert auth, similar to the spegel registry api endpoint. * Add prometheus metrics handler. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-24 21:02:05 -04:00
EnablePProfFlag = &cli.BoolFlag{
Name: "enable-pprof",
Usage: "(experimental) Enable pprof endpoint on supervisor port",
Destination: &AgentConfig.EnablePProf,
}
BindAddressFlag = &cli.StringFlag{
Name: "bind-address",
Usage: "(listener) " + version.Program + " bind address (default: 0.0.0.0)",
Destination: &AgentConfig.BindAddress,
}
Continued refactoring
2019-01-09 11:54:15 -05:00
)
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
func NewAgentCommand(action func(ctx *cli.Context) error) *cli.Command {
return &cli.Command{
Continued refactoring
2019-01-09 11:54:15 -05:00
Name: "agent",
Usage: "Run node agent",
UsageText: appName + " agent [OPTIONS]",
Revert "Add config file support" This reverts commit e1dc3451bcecac8c67e4342aea44955a82bfa932. Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 15:46:55 -04:00
Action: action,
Continued refactoring
2019-01-09 11:54:15 -05:00
Flags: []cli.Flag{
Add config file support independent of CLI framework Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 23:30:07 -04:00
ConfigFlag,
DebugFlag,
Revert "Add config file support" This reverts commit e1dc3451bcecac8c67e4342aea44955a82bfa932. Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 15:46:55 -04:00
VLevel,
VModule,
LogFile,
AlsoLogToStderr,
Secrets-encryption rotation (#4372) * Regular CLI framework for encrypt commands * New secrets-encryption feature * New integration test * fixes for flaky integration test CI * Fix to bootstrap on restart of existing nodes * Consolidate event recorder Signed-off-by: Derek Nola <derek.nola@suse.com>
2021-12-07 17:31:32 -05:00
AgentTokenFlag,
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
&cli.StringFlag{
Add --token-file support
2019-03-01 19:07:55 -05:00
Name: "token-file",
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Usage: "(cluster) Token file to use for authentication",
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_TOKEN_FILE"},
Add --token-file support
2019-03-01 19:07:55 -05:00
Destination: &AgentConfig.TokenFile,
},
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
&cli.StringFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "server",
Aliases: []string{"s"},
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Usage: "(cluster) Server to connect to",
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_URL"},
Continued refactoring
2019-01-09 11:54:15 -05:00
Destination: &AgentConfig.ServerURL,
},
Add K3S_DATA_DIR as env var for --data-dir flag Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-07-29 15:22:50 -04:00
// Note that this is different from DataDirFlag used elswhere in the CLI,
// as this is bound to AgentConfig instead of ServerConfig.
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
&cli.StringFlag{
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
Name: "data-dir",
Aliases: []string{"d"},
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Usage: "(agent/data) Folder to hold state",
Continued refactoring
2019-01-09 11:54:15 -05:00
Destination: &AgentConfig.DataDir,
Make program name a variable to be changed at compile time
2020-05-05 18:09:04 -04:00
Value: "/var/lib/rancher/" + version.Program + "",
Migrate to UrfaveCLI v2 (#11831) * Bump rootlesskit tov 1.1.1, last of the v1 line * Migrate to urfavecli v2 * Disable StringSlice seperattion Signed-off-by: Derek Nola <derek.nola@suse.com>
2025-03-12 12:02:45 -04:00
EnvVars: []string{version.ProgramUpper + "_DATA_DIR"},
Continued refactoring
2019-01-09 11:54:15 -05:00
},
Revert "Add config file support" This reverts commit e1dc3451bcecac8c67e4342aea44955a82bfa932. Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 15:46:55 -04:00
NodeNameFlag,
WithNodeIDFlag,
NodeLabels,
NodeTaints,
Add system-default-registry support and remove shared code (#3285) * Move registries.yaml handling out to rancher/wharfie * Add system-default-registry support * Add CLI support for kubelet image credential providers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-05-10 18:58:41 -04:00
ImageCredProvBinDirFlag,
ImageCredProvConfigFlag,
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
SELinuxFlag,
Updates to CLI flag grouping + deprecated flag warnings. (#5937) * Consolidate data dir flag * Group cluster flags together * Reorder and group agent flags * Add additional info around vmodule flag * Hide deprecated flags, and add warning about their removal Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-08-02 16:51:16 -04:00
LBServerPortFlag,
ProtectKernelDefaultsFlag,
Revert "Add config file support" This reverts commit e1dc3451bcecac8c67e4342aea44955a82bfa932. Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 15:46:55 -04:00
CRIEndpointFlag,
Added runtime classes for crun/wasm/nvidia Signed-off-by: Vitor Savian <vitor.savian@suse.com> Added default runtime flag Signed-off-by: Vitor Savian <vitor.savian@suse.com>
2023-11-21 15:38:56 -05:00
DefaultRuntimeFlag,
Add --image-service-endpoint flag (#8279) * Add --image-service-endpoint flag Problem: External container runtime can be set but image service endpoint is unchanged and also is not exposed as a flag. This is useful for using containerd snapshotters outside of the ones that have built-in support like stargz-snapshotter. Solution: Add a flag --image-service-endpoint and also default image service endpoint to container runtime endpoint if set. Signed-off-by: Edgar Lee <edgarhinshunlee@gmail.com>
2023-09-27 16:20:50 -04:00
ImageServiceEndpointFlag,
Revert "Add config file support" This reverts commit e1dc3451bcecac8c67e4342aea44955a82bfa932. Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 15:46:55 -04:00
PauseImageFlag,
SnapshotterFlag,
PrivateRegistryFlag,
Add support for containerd cri registry config_path Render cri registry mirrors.x.endpoints and configs.x.tls into config_path; keep using mirrors.x.rewrites and configs.x.auth those do not yet have an equivalent in the new format. The new config file format allows disabling containerd's fallback to the default endpoint when using mirror endpoints; a new CLI flag is added to control that behavior. This also re-shares some code that was unnecessarily split into parallel implementations for linux/windows versions. There is probably more work to be done on this front but it's a good start. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-11-29 21:14:01 -05:00
DisableDefaultRegistryEndpointFlag,
Add nonroot-devices flag to agent CLI Add new flag that is passed through to the device_ownership_from_security_context parameter in the containerd CRI config. This is not possible to change without providing a complete custom containerd.toml template so we should add a flag for it. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-10-30 16:55:40 -04:00
NonrootDevicesFlag,
Add support for retagging images on load from tarball Adds support for retagging images to appear to have been sourced from one or more additional registries as they are imported from the tarball. This is intended to support RKE2 use cases with system-default-registry where the images need to appear to have been pulled from a registry other than docker.io. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-02-12 02:37:58 -05:00
AirgapExtraRegistryFlag,
Revert "Add config file support" This reverts commit e1dc3451bcecac8c67e4342aea44955a82bfa932. Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 15:46:55 -04:00
NodeIPFlag,
Refactor supervisor listener startup and add metrics * Refactor agent supervisor listener startup and authn/authz to use upstream auth delegators to perform for SubjectAccessReview for access to metrics. * Convert spegel and pprof handlers over to new structure. * Promote bind-address to agent flag to allow setting supervisor bind address for both agent and server. * Promote enable-pprof to agent flag to allow profiling agents. Access to the pprof endpoint now requires client cert auth, similar to the spegel registry api endpoint. * Add prometheus metrics handler. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-24 21:02:05 -04:00
BindAddressFlag,
Revert "Add config file support" This reverts commit e1dc3451bcecac8c67e4342aea44955a82bfa932. Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 15:46:55 -04:00
NodeExternalIPFlag,
add node-internal-dns/node-external-dns address pass-through support (#10852) * add --node-internal-dns and --node-external-dns Signed-off-by: Arne Winter <github@arnewinter.dev> Co-authored-by: Brad Davidson <brad@oatmail.org>
2024-09-06 17:15:19 -04:00
NodeInternalDNSFlag,
NodeExternalDNSFlag,
Revert "Add config file support" This reverts commit e1dc3451bcecac8c67e4342aea44955a82bfa932. Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 15:46:55 -04:00
ResolvConfFlag,
FlannelIfaceFlag,
FlannelConfFlag,
Add FlannelConfCNI flag Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-06-08 04:38:07 -04:00
FlannelCniConfFileFlag,
Revert "Add config file support" This reverts commit e1dc3451bcecac8c67e4342aea44955a82bfa932. Signed-off-by: Darren Shepherd <darren@rancher.com>
2020-08-29 15:46:55 -04:00
ExtraKubeletArgs,
ExtraKubeProxyArgs,
Add `prefer-bundled-bin` as an agent flag (#6545) * Add prefer-bundled-bin as an agent flag * Add E2E test for prefer-bundled-bin Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-11-22 16:43:16 -05:00
// Experimental flags
Refactor supervisor listener startup and add metrics * Refactor agent supervisor listener startup and authn/authz to use upstream auth delegators to perform for SubjectAccessReview for access to metrics. * Convert spegel and pprof handlers over to new structure. * Promote bind-address to agent flag to allow setting supervisor bind address for both agent and server. * Promote enable-pprof to agent flag to allow profiling agents. Access to the pprof endpoint now requires client cert auth, similar to the spegel registry api endpoint. * Add prometheus metrics handler. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2024-04-24 21:02:05 -04:00
EnablePProfFlag,
Ensure flag type consistency (#6852) * Convert all flags to pointers for consistency Signed-off-by: Derek Nola <derek.nola@suse.com>
2023-01-31 15:57:48 -05:00
&cli.BoolFlag{
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
Name: "rootless",
Usage: "(experimental) Run rootless",
Destination: &AgentConfig.Rootless,
},
Add `prefer-bundled-bin` as an agent flag (#6545) * Add prefer-bundled-bin as an agent flag * Add E2E test for prefer-bundled-bin Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-11-22 16:43:16 -05:00
PreferBundledBin,
Refactor tokens, bootstrap, and cli args
2019-10-27 01:53:25 -04:00
// Deprecated/hidden below
Updates to CLI flag grouping + deprecated flag warnings. (#5937) * Consolidate data dir flag * Group cluster flags together * Reorder and group agent flags * Add additional info around vmodule flag * Hide deprecated flags, and add warning about their removal Signed-off-by: Derek Nola <derek.nola@suse.com>
2022-08-02 16:51:16 -04:00
DockerFlag,
VPN PoC Signed-off-by: Manuel Buil <mbuil@suse.com>
2022-09-01 13:20:32 -04:00
VPNAuth,
VPNAuthFile,
add agent flag disable-apiserver-lb (#8717) * add node flag disable-agent-lb * add agent flag disable-apiserver-lb Co-authored-by: Brad Davidson <brad@oatmail.org> Signed-off-by: chenk008 <kongchen28@gmail.com>
2023-11-14 18:54:32 -05:00
DisableAgentLBFlag,
Continued refactoring
2019-01-09 11:54:15 -05:00
},
}
}
Reference in a new issue Copy permalink