upstream/k3s - Forgejo: Beyond coding. We Forge.

mirror of https://github.com/k3s-io/k3s.git synced 2026-05-28 04:34:19 -04:00

Author	SHA1	Message	Date
Roberto Bonafiglia	ced25af5b1	Fixed tailscale node IP dualstack mode in case of IPv4 only node Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2023-10-09 15:17:33 +02:00
Manuel Buil	f2c7117374	Take IPFamily precedence based on order Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-09-29 11:04:15 +02:00
Manuel Buil	0b23a478cf	ipFamilyPolicy:PreferDualStack for coredns and metrics-server Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-09-29 10:10:43 +02:00
Manuel Buil	4dd45b3142	Merge pull request #8439 from manuelbuil/fixGofmt Fix gofmt error	2023-09-26 19:14:07 +02:00
Vitor Savian	b6ab24c4fd	Added error when cluster reset while using server flag Signed-off-by: Vitor Savian <vitor.savian@suse.com>	2023-09-26 11:00:37 -03:00
Manuel Buil	172a7f1d1a	Fix gofmt error Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-09-26 11:09:03 +02:00
Manuel Buil	8c197bdce4	Include the interface name in the error message Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-09-25 07:55:49 +02:00
Brad Davidson	cba9f0d142	Add new CLI flag to disable TLS SAN CN filtering Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-08-29 08:33:45 -07:00
Hussein Galal	af50e1b096	Update to v1.28.0-k3s1 (#8199 ) * Update to v1.28.0 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update golang to v1.20.7 Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more changes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update wrangler Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * update wrangler Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix nodepassword test Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix nodepassword test Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * disable CGO before running golangci-lint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * execlude CGO Enabled checks Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Ignore reapply change error with logging Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Update google api client Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> --------- Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2023-08-23 00:09:31 +03:00
Vitor Savian	c97211866a	Fix for cluster-reset backup from s3 when etcd snapshots are disabled (#8155 ) * Fixed when the user disable the etcd snapshots, but want to backup from s3 Signed-off-by: Vitor <vitor.savian@suse.com>	2023-08-10 12:23:10 -03:00
Manuel Buil	59eec78c62	Fix tailscale bug with ip modes Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-08-01 09:43:25 +02:00
Manuel Buil	6c44b06e0a	Merge pull request #7838 from manuelbuil/ipv4ipv6tailscale Check if we are on ipv4, ipv6 or dualStack when doing tailscale	2023-07-06 11:11:26 +02:00
Manuel Buil	f21a01474d	Check if we are on ipv4, ipv6 or dualStack when doing tailscale Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-07-03 10:48:59 +02:00
Vitor Savian	0809187cff	Adding cli to custom klipper helm image (#7682 ) Adding cli to custom klipper helm image Signed-off-by: Vitor Savian <vitor.savian@suse.com>	2023-06-28 15:31:58 +00:00
Manuel Buil	869e030bdd	VPN PoC Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-06-09 12:39:33 +02:00
Derek Nola	b0188f5a13	Test Coverage Reports for E2E tests (#7526 ) * Move coverage writer into agent and server * Add coverage report to E2E PR tests * Add codecov upload to drone Signed-off-by: Derek Nola <derek.nola@suse.com>	2023-06-05 14:15:17 -07:00
Manuel Buil	437ad128c7	Migrate netutil methods into /utils/net.go Signed-off-by: Manuel Buil <mbuil@suse.com>	2023-05-04 16:49:16 +02:00
Derek Nola	d5f560360e	Handle multiple arguments with StringSlice flags (#7380 ) * Add helper function for multiple arguments in stringslice Signed-off-by: Derek Nola <derek.nola@suse.com> * Cleanup server setup with util function Signed-off-by: Derek Nola <derek.nola@suse.com>	2023-05-02 09:55:48 -07:00
Brad Davidson	31a6386994	Improve egress selector handling on agentless servers Don't set up the agent tunnel authorizer on agentless servers, and warn when agentless servers won't have a way to reach in-cluster endpoints. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-04-28 11:24:34 -07:00
Roberto Bonafiglia	15ee88964b	Added multiClusterCidr feature Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2023-03-14 18:30:52 +01:00
Brad Davidson	3d146d2f1b	Allow for multiple sets of leader-elected controllers Addresses an issue where etcd controllers did not run on etcd-only nodes Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-10 10:46:48 -08:00
Brad Davidson	32d62c5786	Use default address family when adding kubernetes service address to SAN list Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-09 15:17:21 -08:00
Brad Davidson	8340b54309	Pass through default tls-cipher-suites Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-01-12 14:51:04 -08:00
Derek Nola	d723775792	Remove deprecated flags in v1.26 (#6574 ) * Remove NoFlannel * Remove cluster-secret * Remove no-deploy * Remove disable-selinux * Convert wireguard to fatal error * Remove reference to no-op K3S_CLUSTER_SECRET Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-12-05 14:01:01 -08:00
Brad Davidson	56bf7d6ad3	Allow agent to run rootless Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-21 15:23:30 -08:00
Brad Davidson	6f2b21c5cd	Add rootless IPv6 support Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-11-21 15:23:30 -08:00
Brad Davidson	f2585c1671	Add --flannel-external-ip flag Using the node external IP address for all CNI traffic is a breaking change from previous versions; we should make it an opt-in for distributed clusters instead of default behavior. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-10-24 10:10:49 -07:00
Brad Davidson	d963cb2f70	Disable cloud-node and cloud-node-lifecycle if CCM is disabled If CCM and ServiceLB are both disabled, don't run the cloud-controller-manager at all; this should provide the same CLI flag behavior as previous releases, and not create problems when users disable the CCM but still want ServiceLB. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-09-30 08:17:20 -07:00
Brad Davidson	a15e7e8b68	Move DisableServiceLB/Rootless/ServiceLBNamespace into config.Control Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-09-30 08:17:20 -07:00
Derek Nola	1d46841d80	Fix deprecation message Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-09-09 09:07:40 -07:00
Derek Nola	cd49101fc8	Convert deprecated flags to fatal errors for v1.25 (#6069 ) * Replace warning with fatal errors. * Group system-default-registry under (agent/runtime) Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-09-01 09:33:59 -07:00
Derek Nola	118a68c913	Updates to CLI flag grouping + deprecated flag warnings. (#5937 ) * Consolidate data dir flag * Group cluster flags together * Reorder and group agent flags * Add additional info around vmodule flag * Hide deprecated flags, and add warning about their removal Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-08-02 13:51:16 -07:00
Brad Davidson	5eaa0a9422	Replace getLocalhostIP with Loopback helper method Requires tweaking existing method signature to allow specifying whether or not IPv6 addresses should be return URL-safe. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-07-21 16:51:57 -07:00
Brad Davidson	ffe72eecc4	Address issues with etcd snapshots * Increase the default snapshot timeout. The timeout is not currently configurable from Rancher, and larger clusters are frequently seeing uploads fail at 30 seconds. * Enable compression for scheduled snapshots if enabled on the command-line. The CLI flag was not being passed into the etcd config. * Only set the S3 content-type to application/zip if the file is zipped. * Don't run more than one snapshot at once, to prevent misconfigured etcd snapshot cron schedules from stacking up. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-07-12 14:41:38 -07:00
Derek Nola	a9b5a1933f	Delay service readiness until after startuphooks have finished (#5649 ) * Move startup hooks wg into a runtime pointer, check before notifying systemd * Switch default systemd notification to server * Add 1 sec delay to allow etcd to write to disk Signed-off-by: Derek Nola <derek.nola@suse.com>	2022-06-15 09:00:52 -07:00
Darren Shepherd	e6009b1edf	Introduce servicelb-namespace parameter This parameter controls which namespace the klipper-lb pods will be create. It defaults to kube-system so that k3s does not by default create a new namespace. It can be changed if users wish to isolate the pods and apply some policy to them. Signed-off-by: Darren Shepherd <darren@acorn.io>	2022-06-14 15:48:58 -07:00
Igor	2999289e68	add support for pprof server (#5527 ) Signed-off-by: igor <igor@igor.io>	2022-06-13 22:06:55 -07:00
Brad Davidson	9d7230496d	Add support for configuring the EgressSelector mode Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-05-18 13:26:10 -07:00
Michal Rostecki	5f2a4d4209	server: Allow to enable network policies with IPv6-only After previous changes, network policies are working on IPv6-only installations. Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>	2022-04-29 10:51:38 -07:00
Brad Davidson	418c3fa858	Fix issue with datastore corruption on cluster-reset (#5515 ) * Bump etcd to v3.5.4-k3s1 * Fix issue with datastore corruption on cluster-reset * Disable unnecessary components during cluster reset Disable control-plane components and the tunnel setup during cluster-reset, even when not doing a restore. This reduces the amount of log clutter during cluster reset/restore, making any errors encountered more obvious. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-04-27 13:44:15 -07:00
Manuel Buil	6a8de31a92	Fix default ipv6 cidr (#5467 ) Signed-off-by: Manuel Buil <mbuil@suse.com>	2022-04-20 08:41:41 -07:00
Brad Davidson	b12cd62935	Move IPv4/v6 selection into helpers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-04-15 01:02:42 -07:00
Michal Rostecki	c707948adf	netpol: Add dual-stack support This change allows to define two cluster CIDRs for compatibility with Kubernetes dual-stuck, with an assumption that two CIDRs are usually IPv4 and IPv6. It does that by levearaging changes in out kube-router fork, with the following downstream release: https://github.com/k3s-io/kube-router/releases/tag/v1.3.2%2Bk3s Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>	2022-04-06 14:43:09 +02:00
Roberto Bonafiglia	4afeb9c5c7	Merge pull request #5325 from rbrtbnfgl/fix-etcd-ipv6-url Fixed etcd URL in case of IPv6 address	2022-04-05 09:55:42 +02:00
Roberto Bonafiglia	e29771b9ff	Fixed client URL Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2022-03-30 10:59:39 +02:00
Roberto Bonafiglia	dda409b041	Updated localhost address on IPv6 only setup Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2022-03-29 09:35:54 +02:00
Brad Davidson	e811689df9	Fix etcd-only secrets encryption rotation Improve feedback when running secrets-encrypt commands on etcd-only nodes, and allow etcd-only nodes to properly restart when effecting rotation. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-03-25 10:40:58 -07:00
Roberto Bonafiglia	073f155fc4	Added ipv6 only support with flannel Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@suse.com>	2022-03-09 09:35:01 +01:00
Roberto Bonafiglia	3fabc0703b	Merge pull request #4450 from olljanat/support-ipv6-only Add partial support for IPv6 only mode	2022-03-08 11:38:52 +01:00
Luther Monson	9a849b1bb7	[master] changing package to k3s-io (#4846 ) * changing package to k3s-io Signed-off-by: Luther Monson <luther.monson@gmail.com> Co-authored-by: Derek Nola <derek.nola@suse.com>	2022-03-02 15:47:27 -08:00
Brad Davidson	f090bf2d5e	Bootstrap the executor even when the agent is disabled Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-03-02 02:47:54 -08:00
Brad Davidson	5014c9e0e8	Fix adding etcd-only node to existing cluster Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-02-28 19:56:08 -08:00
Olli Janatuinen	966f4d6a01	Add support for IPv6 only mode Automatically switch to IPv6 only mode if first node-ip is IPv6 address Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>	2022-02-10 20:34:59 +02:00
Roberto Bonafiglia	bb856c67dc	Merge pull request #4952 from rbrtbnfgl/ipv6-nat Add IPv6 NAT	2022-01-19 08:44:57 +01:00
Brad Davidson	b1e0f4c8fc	Skip CGroup v2 evac when agent is disabled Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-01-14 13:24:44 -08:00
Roberto Bonafiglia	111c1669fc	Added flannel-ipv6-masq flag to enable IPv6 nat Signed-off-by: Roberto Bonafiglia <roberto.bonafiglia@gmail.com>	2022-01-14 18:35:37 +01:00
Brad Davidson	a0cadcd343	Move ClusterResetRestore handling ControlConfig setup Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2022-01-12 10:46:10 -08:00
Lordran	31f1a00b6f	Fix a typo: advertise-up -> advertise-ip (#4827 ) Signed-off-by: 胥朝阳 <xuzhaoyang@91cyt.com>	2022-01-06 08:52:07 -08:00
Hussein Galal	2e91913f54	Close agentReady channel only in k3s (#4792 ) * Close agentReady channel only in k3s Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * codespell check Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-12-21 00:22:49 +02:00
Hussein Galal	d71b335871	Fix snapshot restoration on fresh nodes (#4737 ) Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-12-14 02:04:39 +02:00
Hussein Galal	03485632ea	Fix regression with cluster reset (#4521 ) * Fix regression with cluster reset Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * typo Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-11-17 23:22:18 +02:00
Chris Kim	f18b3252c0	[master] Add etcd extra args support for K3s (#4463 ) * Add etcd extra args support for K3s Signed-off-by: Chris Kim <oats87g@gmail.com> * Add etcd custom argument integration test Signed-off-by: Chris Kim <oats87g@gmail.com> * go generate Signed-off-by: Chris Kim <oats87g@gmail.com>	2021-11-11 21:03:15 -08:00
Manuel Buil	5d168a1d59	Allow svclb pod to enable ipv6 forwarding Signed-off-by: Manuel Buil <mbuil@suse.com>	2021-11-10 18:20:03 +01:00
Luther Monson	36c6634cce	[master] updating to new signals package in wrangler (#4399 ) * updating to new signals package in wrangler Signed-off-by: Luther Monson <luther.monson@gmail.com>	2021-11-08 08:32:43 -07:00
Brian Downs	0452f017c1	Add etcd s3 timeout (#4207 )	2021-10-15 10:24:14 -07:00
Brad Davidson	5a923ab8dc	Add containerd ready channel to delay etcd node join Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-10-14 14:03:52 -07:00
Brad Davidson	dc18ef2e51	Refactor log and reaper exec to omit MAINPID Using MAINPID breaks systemd's exit detection, as it stops watching the original pid, but is unable to watch the new pid as it is not a child of systemd itself. The best we can do is just notify when execing the child process. We also need to consolidate forking into a sigle place so that we don't end up with multiple levels of child processes if both redirecting log output and reaping child processes. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-10-12 13:35:10 -07:00
Brian Downs	ac7a8d89c6	Add ability to reconcile bootstrap data between datastore and disk (#3398 )	2021-10-07 12:47:00 -07:00
Brad Davidson	a16105b348	Properly handle operation as init process Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-28 11:05:34 -07:00
Hussein Galal	7826407a2e	Make sure there are no duplicates in etcd member list (#4025 ) * Make sure there are no duplicates in etcd member list Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix node names with hyphens Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * use full server name for etcd node name Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-09-18 00:51:18 +02:00
Manuel Buil	9fcd79baae	Add tests to the dual-stack PR and enable dual-stack with flannel backend Signed-off-by: Manuel Buil <mbuil@suse.com>	2021-09-15 14:11:54 +02:00
Devin Buhl	a1ec43e0b7	feat: add option to disable s3 over https Signed-off-by: Devin Buhl <devin.kray@gmail.com>	2021-09-05 12:03:49 -04:00
Brad Davidson	cf12a13175	Add missing node name entry to apiserver SAN list Also honor node-ip when adding the node address to the SAN list, instead of hardcoding the autodetected IP address. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-01 13:22:32 -07:00
Brad Davidson	b8add39b07	Bump kine for metrics/tls changes Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-09-01 01:51:30 -07:00
Hussein Galal	e322924781	Reset load balancer state during restoraion (#3877 ) * Reset load balancer state during restoraion Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Reset load balancer state during restoraion Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-08-18 01:02:30 +02:00
Hussein Galal	2069cdf4ee	Fix initial start of etcd only nodes (#3748 ) * Fix initial start of etcd only nodes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-08-03 19:53:21 +02:00
Brad Davidson	869b98bc4c	Sync DisableKubeProxy into control struct Sync DisableKubeProxy from cfg into control before sending control to clients, as it may have been modified by a startup hook. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-07-30 12:26:50 -07:00
Hussein Galal	b1b5f72dc3	Notify systemd for etcd only node (#3732 ) Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-07-29 23:42:19 +02:00
Brian Downs	238dc2086e	prevent snapshot save when snapshots are disabled (#3475 ) * prevent snapshot save when snapshots are disabled	2021-07-09 10:22:49 -07:00
Joe Kralicky	a84c75af62	Adds a command-line flag '--disable-helm-controller' that will disable the server's built-in helm controller. Problem: Testing installation and uninstallation of the Helm Controller on k3s is not possible if the Helm Controller is baked into the k3s server. Solution: The Helm Controller can optionally be disabled, which will allow users to manage its installation manually. Signed-off-by: Joe Kralicky <joe.kralicky@suse.com>	2021-06-25 14:54:36 -04:00
Hussein Galal	136dddca11	Fix storing bootstrap data with empty token string (#3422 ) * Fix storing bootstrap data with empty token string Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * delete node password secret after restoration fixes to bootstrap key vendor update Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix comment Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix typo Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * typos Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Removing dynamic listener file after restoration Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * go mod tidy Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-06-22 22:42:34 +02:00
Brian Downs	88f95ec409	Send systemd notifications for both server and agent (#3430 ) * update agent to sent systemd notify after everything starts	2021-06-15 04:20:26 -07:00
Brian Downs	2682183773	add log message indicating etcd snapshots are disabled Signed-off-by: Brian Downs <brian.downs@gmail.com>	2021-06-04 09:18:16 -07:00
Brad Davidson	02a5bee62f	Add system-default-registry support and remove shared code (#3285 ) * Move registries.yaml handling out to rancher/wharfie * Add system-default-registry support * Add CLI support for kubelet image credential providers Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-05-10 15:58:41 -07:00
Hussein Galal	f410fc7d1e	Invoke cluster reset function when only reset flag is passed (#3276 ) Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-05-05 17:40:04 +02:00
Brad Davidson	2705431d96	Add support for dual-stack Pod/Service CIDRs and node IP addresses (#3212 ) * Add support for dual-stack cluster/service CIDRs and node addresses Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-04-21 15:56:20 -07:00
Chris Kim	69f96d6225	Define a Controllers and LeaderControllers on the server config (#3043 ) Signed-off-by: Chris Kim <oats87g@gmail.com>	2021-03-11 10:39:00 -08:00
Brad Davidson	7cdfaad6ce	Always use static ports for client load-balancers (#3026 ) * Always use static ports for the load-balancers This fixes an issue where RKE2 kube-proxy daemonset pods were failing to communicate with the apiserver when RKE2 was restarted because the load-balancer used a different port every time it started up. This also changes the apiserver load-balancer port to be 1 below the supervisor port instead of 1 above it. This makes the apiserver port consistent at 6443 across servers and agents on RKE2. Additional fixes below were required to successfully test and use this change on etcd-only nodes. * Actually add lb-server-port flag to CLI * Fix nil pointer when starting server with --disable-etcd but no --server * Don't try to use full URI as initial load-balancer endpoint * Fix etcd load-balancer pool updates * Update dynamiclistener to fix cert updates on etcd-only nodes * Handle recursive initial server URL in load balancer * Don't run the deploy controller on etcd-only nodes	2021-03-06 02:29:57 -08:00
Brian Downs	4d1f9eda9d	Etcd Snapshot/Restore to/from S3 Compatible Backends (#2902 ) * Add functionality for etcd snapshot/restore to and from S3 compatible backends. * Update etcd restore functionality to extract and write certificates and configs from snapshot.	2021-03-03 11:14:12 -07:00
galal-hussein	d6124981d5	remove etcd member if disable etcd is passed Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-03-01 23:50:50 +02:00
Hussein Galal	5749f66aa3	Add disable flags for control components (#2900 ) * Add disable flags to control components Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * golint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fixes to disable flags Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Add comments to functions Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Fix joining problem Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * golint Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix ticker Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix role labels Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * more fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2021-02-12 17:35:57 +02:00
Brad Davidson	07256cf7ab	Add ServiceIPRange and ServiceNodePortRange to agent config Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2021-02-03 10:41:51 -08:00
Yuriy	06fda7accf	Add functionality to bind custom IP address for Etcd metrics endpoint (#2750 ) * Add functionality to bind custom IP address for Etcd metrics endpoint Signed-off-by: yuriydzobak <yurii.dzobak@lotusflare.com>	2021-01-22 17:40:48 -08:00
Brian Downs	13229019f8	Add ability to perform an etcd on-demand snapshot via cli (#2819 ) * add ability to perform an etcd on-demand snapshot via cli	2021-01-21 14:09:15 -07:00
Brad Davidson	c6950d2cb0	Update Kubernetes to v1.20.0-k3s1 Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2020-12-08 22:51:34 -08:00
MonzElmasry	e8436cc76b	Make etcd use node private ip Signed-off-by: MonzElmasry <menna.elmasry@rancher.com>	2020-10-28 23:45:24 +02:00
Brian Downs	ba70c41cce	Initial Logging Output Update (#2246 ) This attempts to update logging statements to make them consistent through out the code base. It also adds additional context to messages where possible, simplifies messages, and updates level where necessary.	2020-09-21 09:56:03 -07:00
Darren Shepherd	7657ed2e13	Update pkg/cli/server/server.go Co-authored-by: Jacob Blain Christen <dweomer5@gmail.com>	2020-09-01 10:43:19 -07:00
Darren Shepherd	ae5c585050	Revert "Add config file support" This reverts commit `e1dc3451bc`. Signed-off-by: Darren Shepherd <darren@rancher.com>	2020-08-29 21:44:07 -07:00
Brian Downs	866dc94cea	Galal hussein etcd backup restore (#2154 ) * Add etcd snapshot and restore Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix error logs Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * goimports Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix flag describtion Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Add disable snapshot and retention Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * use creation time for snapshot retention Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * unexport method, update var name Signed-off-by: Brian Downs <brian.downs@gmail.com> * adjust snapshot flags Signed-off-by: Brian Downs <brian.downs@gmail.com> * update var name, string concat Signed-off-by: Brian Downs <brian.downs@gmail.com> * revert previous change, create constants Signed-off-by: Brian Downs <brian.downs@gmail.com> * update Signed-off-by: Brian Downs <brian.downs@gmail.com> * updates Signed-off-by: Brian Downs <brian.downs@gmail.com> * type assertion error checking Signed-off-by: Brian Downs <brian.downs@gmail.com> * update Signed-off-by: Brian Downs <brian.downs@gmail.com> * update Signed-off-by: Brian Downs <brian.downs@gmail.com> * update Signed-off-by: Brian Downs <brian.downs@gmail.com> * pr remediation Signed-off-by: Brian Downs <brian.downs@gmail.com> * pr remediation Signed-off-by: Brian Downs <brian.downs@gmail.com> * pr remediation Signed-off-by: Brian Downs <brian.downs@gmail.com> * pr remediation Signed-off-by: Brian Downs <brian.downs@gmail.com> * pr remediation Signed-off-by: Brian Downs <brian.downs@gmail.com> * updates Signed-off-by: Brian Downs <brian.downs@gmail.com> * updates Signed-off-by: Brian Downs <brian.downs@gmail.com> * simplify logic, remove unneeded function Signed-off-by: Brian Downs <brian.downs@gmail.com> * update flags Signed-off-by: Brian Downs <brian.downs@gmail.com> * update flags Signed-off-by: Brian Downs <brian.downs@gmail.com> * add comment Signed-off-by: Brian Downs <brian.downs@gmail.com> * exit on restore completion, update flag names, move retention check Signed-off-by: Brian Downs <brian.downs@gmail.com> * exit on restore completion, update flag names, move retention check Signed-off-by: Brian Downs <brian.downs@gmail.com> * exit on restore completion, update flag names, move retention check Signed-off-by: Brian Downs <brian.downs@gmail.com> * update disable snapshots flag and field names Signed-off-by: Brian Downs <brian.downs@gmail.com> * move function Signed-off-by: Brian Downs <brian.downs@gmail.com> * update field names Signed-off-by: Brian Downs <brian.downs@gmail.com> * update var and field names Signed-off-by: Brian Downs <brian.downs@gmail.com> * update var and field names Signed-off-by: Brian Downs <brian.downs@gmail.com> * update defaultSnapshotIntervalMinutes to 12 like rke Signed-off-by: Brian Downs <brian.downs@gmail.com> * update directory perms Signed-off-by: Brian Downs <brian.downs@gmail.com> * update etc-snapshot-dir usage Signed-off-by: Brian Downs <brian.downs@gmail.com> * update interval to 12 hours Signed-off-by: Brian Downs <brian.downs@gmail.com> * fix usage typo Signed-off-by: Brian Downs <brian.downs@gmail.com> * add cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * add cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * add cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * wire in cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * wire in cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * wire in cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * wire in cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * wire in cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * wire in cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * wire in cron Signed-off-by: Brian Downs <brian.downs@gmail.com> * update deps target to work, add build/data target for creation, and generate Signed-off-by: Brian Downs <brian.downs@gmail.com> * remove dead make targets Signed-off-by: Brian Downs <brian.downs@gmail.com> * error handling, cluster reset functionality Signed-off-by: Brian Downs <brian.downs@gmail.com> * error handling, cluster reset functionality Signed-off-by: Brian Downs <brian.downs@gmail.com> * update Signed-off-by: Brian Downs <brian.downs@gmail.com> * remove intermediate dapper file Signed-off-by: Brian Downs <brian.downs@gmail.com> Co-authored-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>	2020-08-28 16:57:40 -07:00

1 2 3 4 5

225 commits