| Age | Commit message (Collapse) | Author |
|---|
|
Generated with:
./scripts/oe-go-mod-autogen.py --repo https://github.com/rancher/k3s.git --rev v1.28.7+k3s1
plus one manual modification to relocation.inc:
- sigs.k8s.io/kustomize/kustomize/v5:sigs.k8s.io/kustomize/kustomize/v5:force
+ sigs.k8s.io/kustomize/kustomize/v5:sigs.k8s.io/kustomize/kustomize/v5/kustomize:force
Bumping k3s to version v1.28.7+k3s1, which comprises the following commits:
051b14b248 Fix netpol startup when flannel is disabled
4c1b91e3f9 Use 3/2/1 cluster for split role test
16ad3bc39c Change default number of etcd nodes in E2E splitserver test
9c0e5a5ff8 Rename AgentReady to ContainerRuntimeReady for better clarity
80baec697f Restore original order of agent startup functions
f19db855bf remove e2e logs drone step (#9516)
25e12bc10c [Release-1.28] Fix drone publish for arm (#9508)
9f78e474d7 Update Kubernetes to v1.28.7 (#9492)
1ca64a81be [Release-1.28] Support PR testing installs (#9469)
45860105bb [Release-1.28] Test_UnitApplyContainerdQoSClassConfigFileIfPresent (#9440)
78543f4850 [Release-1.28] Enable longer http timeout requests (#9444)
3d0674ad1c Bump kine and set NotifyInterval to what the apiserver expects
a3770d21e2 Expose rootless containerd socket directories for external access
0259b8e535 Expose rootless state dir under ~/.rancher/k3s/rootless
865b454a05 Don't verify the node password if the local host is not running an agent
493ebb9517 Fix ipv6 endpoint address selection for on-demand snapshots
cd7c557754 Fix issue with coredns node hosts controller
3d46c7da70 Bump CNI plugins to v1.4.0
b620348998 Add check for etcd-snapshot-dir and fix panic in Walk
6b2c1ecb0f Retry startup snapshot reconcile
c2c9a265bf Fix excessive retry on snapshot reconcile
dda9780f23 Update Kube-router to v2.0.1
a922a0e340 allow executors to define containerd and docker behavior
034ee89344 Update flannel to v0.24.0 and remove multiclustercidr flag (#9075)
6ff57ab749 Bump flannel version
25c7208b7e Changed how lastHeartBeatTime works in the etcd condition
f3b4effb32 Runtimes refactor using exec.LookPath
5eb278b838 [Release-1.28] Auto Dependancy Bump (#9419)
190864259e Consistently handle component exit on shutdown
5857584463 Bump cri-dockerd
35ef1cec92 Bump Local Path Provisioner version (#8953) (#9426)
c9f49a3b06 Bump helm-controller to fix issue with ChartContent
2f9788ab55 Bump runc and helm-controller versions
14fdacb85b gofmt config_test.go
aebdccfae5 Fix issues with certs.d template generation
39a0001575 Use `ipFamilyPolicy: RequireDualStack` for dual-stack kube-dns (#8984)
c236c9ff77 Update to v1.28.6 (#9260)
6224ea62af Error getting node in setEtcdStatusCondition
470bcd1bff Move proxy dialer out of init() and fix crash
04ce0ac0a9 Rebase & Squash (#9070)
4724315b8c Pin opa version for missing dependency chain (#9216)
2858f89a5b Bump quic-go for CVE-2023-49295
b04e18c4a0 Enable network policy controller metrics
bda4b73493 Add e2e test for embedded registry mirror
f3c6250b28 Add embedded registry implementation
ef4e7ae143 Add server CLI flag and config fields for embedded registry
ece564ec93 Add ADR for embedded registry
ea66fe65b4 Propagate errors up from config.Get
a62ee4fd0d Move registries.yaml load into agent config
ace1714e0c Pin images instead of locking layers with lease
3b863906e0 Fix OS PRETTY_NAME on tagged releases
ee85990a83 Add runtime checking of golang version
3be858a878 Add more paths to crun runtime detection (#9086)
fa798ba272 Add support for containerd cri registry config_path
f95ab7aaf9 Fix nil map in full snapshot configmap reconcile
fe19faaf9a Handle logging flags when parsing kube-proxy args
fc3136f54f Fix the OTHER log message that prints the wrong variable
9d5950741e Dockerfile.dapper: set $HOME properly
3248fd05c7 Add ServiceLB support for PodHostIPs FeatureGate
a503d13591 Remove GA feature-gates (#8970)
53c6e05ef5 Handle etcd status condition when cluster reset and disable etcd
3d08cfd0fe Wait for taint to be gone in the node before starting the netpol controller
90367d80b0 Add a retry around updating a secrets-encrypt node annotations (#9125)
5b2d1271a6 Only publish to code_cov on merged E2E builds (#9083)
19b361f30b Update to v1.28.5-k3s1 (#9081)
71a3c35fb7 Bump containerd to v1.7.11
08509a2a90 Allow setting default-runtime on servers
b9c288f702 Bump containerd/runc to v1.7.10-k3s1/v1.1.10
03532f7c0b Added runtime classes for crun/wasm/nvidia
9c6ba42ca0 Nov 2023 stable channel update (#9022)
79438cecaa Modify CONTRIBUTING.md guide
d34550fb2f Fix overlapping address range
6ba6c1b65f remove s390x from manifest (#8998)
022cf6d51f remove s390x steps temporarily since runners are disabled
3f23723035 Update to v1.28.4 (#8920)
6d3a92a658 Print key instead of file path in snapshot metadata log message
b23e70d519 Don't apply s3 retention if S3 client failed to initialize
a92c4a0f17 Don't request metadata when listing objects
96ebb96317 Fix flakey dynamic-cert.json in cert rotation e2e test
611ac0894c Revert e2e pipeline depends_on change
3a6284e2b9 Bump dynamiclistener to fix secret sync race
1e0a7044cf Reorder snapshot configmap reconcile to reduce log spew during initial startup
e53c189587 Handle nil pointer when runtime core is not ready in etcd
6c544a4679 Add jitter to client config retry
fa4c180637 Update install.sh sha256sum (#8885)
da0593bcf9 More improves for K3s patch release docs (#8800)
abc2efdd57 Disable helm CRD installation for disable-helm-controller (#8702)
07ee854914 Tweaked order of ingress IPs in ServiceLB (#8711)
7ecd5874d2 Skip initial datastore reconcile during cluster-reset
2088218c5f Fix issue with snapshot metadata configmap
fd8db56d5a Fix wrong warning from restorecon in install script (#8871)
78ea593780 General updates to README (#8786)
19fd7e38f6 enh: Force umount for NFS mount (like with longhorn)
b47cbbfd42 add agent flag disable-apiserver-lb (#8717)
30c8ad926d QoS-class resource configuration
32a1efa408 Bump kine to fix multiple issues
a26441613b add: timezone info in image
0011eb5ead optimize: Simplify and clean up Dockerfile (#8244)
8f7a8b23b7 Improve dualStack log
f5920d7864 Add warning for multiclustercidr flag (#8758)
ba5fcf13fc Wasm shims and runtimes detection
875a9d19c6 Added ADR for etcd status
c5cd7b3d65 Added etcd status condition
022c49242d update channels latest to v1.27.7+k3s2 (#8799)
bbafb86e91 Don't use iptables-save/iptables-restore if it will corrupt rules
9e13aad4a8 Update traefik to fix registry value (#8792)
1ae053d944 Upgrade traefik chart to v25.0.0 (#8771)
f575a05be2 fix: Access outer scope .SystemdCgroup (#8761)
c7c339f0b7 chore: Bump Trivy version (#8739)
1e99a46256 chore: Update sonobuoy image versions (#8710)
9377accd9e update stable to v1.27.7+k3s1 (#8753)
112e1339b7 Restore selinux context systemd unit file (#8593)
49411e7084 Don't try to read token hash and cluster id during cluster-reset
6aef26e94b Update to v1.28.3 (#8682)
5b6b9685e9 Manually requeue configmap reconcile when no nodes have reconciled snapshots
3db1d33282 Re-enable etcd endpoint auto-sync
b8dc95539b Fix CloudDualStackNodeIPs feature-gate inconsistency
0c9bf36fe0 [K3s][Windows Port] Build script, multi-call binary, and Flannel (#7259)
aaf8409096 Use version.Program not K3s in log (#8653)
9597ea1183 Start etcd client before ensuring self removal
2291d6d079 Add etcd-only/control-plane-only server test
7bb4a826af Update kube-router package in build script
3abc8b82ed Bump traefik, golang.org/x/net, google.golang.org/grpc
1ffb4603cd Use IPv6 in case is the first configured IP with dualstack
3d25e9f66c Switch build target from main.go to a package. (#8342)
7c5b69ca1d Fix etcd snapshot integration tests
d885162967 Add server token hash to CR and S3
550ab36ab7 Switch to managing ETCDSnapshotFile resources
5cd4f69bfa Move snapshot delete into local/s3 functions
a15b804e00 Sort snapshots by time and key in tabwriter output
7464007037 Store extra metadata and cluster ID for snapshots
80f909d0ca Move s3 snapshot list functionality to s3.go
8d47645312 Consistently set snapshotFile timestamp
f1afe153a3 Tidy s3 upload functions
2b0e2e8ada Elide old snapshot data when apiserver rejects configmap with ErrRequestEntityTooLarge
676b00aa0e Move etcd snapshot code into separate file
500744bb94 Add new CRD for etcd snapshots
64107b54e4 Minor updates as per design review discussion
22065affa2 Add ADR for etcd snapshot CRD migration
9bb1ce1253 Bump busybox to v1.36.1
5fe4f6709a Bump containerd to v1.7.7-k3s1
7d38b4a3db E2E Domain Drone Cleanup (#8579)
dface01de8 Server Token Rotation (#8265)
ced25af5b1 Fixed tailscale node IP dualstack mode in case of IPv4 only node
ba750e28b7 [v1.28] System agent push tags fix (#8568)
e33359d375 Update install.sh.sha256sum
a6acdd0d75 Fix slemicro check for selinux (#8526)
e82b37640a Network defaults are duplicated, remove one
d4a487d83f Fix spellcheck problem (boostrap ==> bootstrap)
f2c7117374 Take IPFamily precedence based on order
0b23a478cf ipFamilyPolicy:PreferDualStack for coredns and metrics-server
021c5b291b Improve release docs - updated (#8414)
0e5c760625 Pass SystemdCgroup setting through to nvidia runtime options
1e38b5d904 Don't ignore assets in home dir if system assets exist
fe18b1fce9 Add --image-service-endpoint flag (#8279)
79b44cee29 Create and validate install.sh signatures (#8312)
ad206310d1 Update kube-router
b6ab24c4fd Added error when cluster reset while using server flag
b010c941cf Fix .github regex to skip drone runs on gh action bumps (#8433)
d349c9db6c Added cluster reset from non bootstrap nodes on snapshot restore e2e test
d0ab4ef26b Added advertise address integration test
172a7f1d1a Fix gofmt error
8705a88bf4 Clear remove annotations on cluster reset; refuse to delete last member from cluster
002e6c43ee Reorganize Driver interface and etcd driver to avoid passing context and config into most calls
890645924f Don't export functions not needed outside the etcd package
a3c52d60a5 Skip creating CRDs and setting up event recorder for CLI controller context
391e61bd72 Use admin kubeconfig instead of supervisor for etcd snapshot CLI
bd9dad87d5 Typo fix
5c5d957e73 Set server-token adr to accepted
6398c38690 Server token rotation ADR
8c73fd670b Disable HTTP on main etcd client port
12459fca97 Add extraArgs to tailscale
8c197bdce4 Include the interface name in the error message
56abe7055f add link to drone in documentation (#8295)
e1706875f4 Update channel latest to v1.27.6+k3s1 (#8397)
66cb1064d1 Add context to flannel errors
d3f7632463 Fix error reporting
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Bumping k3s to v1.28.2, which comprises the following commits:
6330a5b49c Update to v1.28.2 and go v1.20.8 (#8364)
550dd0578f Bump kine to v0.10.3
b3bb7e5a11 update channel for version v1.28 (#8305)
0d23cfe038 Add RWMutex to address controller
cba9f0d142 Add new CLI flag to disable TLS SAN CN filtering
2cb7023660 Use already imported semver, bump kine
f2d0c5409a Add check for support on cp nodes
51f1a5a0ab Review comments and fixes
42c2ac95e2 CLI + Backend for Secrets Encryption v3
e45a674457 Add new encryption test
b967f92785 Replace os.Write with AtomicWrite function
ced330c66a [v1.28] CLI Removal for v1.28.0 (#8203)
62db5fa27c Update to v1.28.1 (#8239)
af50e1b096 Update to v1.28.0-k3s1 (#8199)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
We refresh one patch, but otherwise, the build is unchanged.
Generated via:
scripts/oe-go-mod-autogen.py --repo https://github.com/rancher/k3s.git --rev v1.27.5+k3s1
Bumping k3s to version v1.27.5+k3s1, which comprises the following commits:
8d074ecb5a Add RWMutex to address controller
f365a9cb98 Add new CLI flag to enable TLS SAN CN filtering
8d6483a59e Update to v1.27.5 (#8236)
e31f00f863 Move flannel to 0.22.2
f8727f56d7 E2E test for token coverage (#8184)
84ded911e9 Bump helm-controller/klipper-helm versions
66bae3e326 Bump dynamiclistener for init deadlock fix
e83b1ba4aa Fixed the etcd retention to delete orphaned snapshots based on the date (#8177)
561db17a31 chore: Bump Trivy version (#8178)
38a0b91c1a chore: Bump Trivy version (#8150)
7f58a1cb23 Run integration test CI in parallel (#8156)
c97211866a Fix for cluster-reset backup from s3 when etcd snapshots are disabled (#8155)
9702f92345 Fix for Kubeflag Integration test (#8154)
b2e71553ce Use VERSION_K8S in tests instead of grep go.mod
bc332ac667 Use 'go list -m' instead of grep to look up versions
53fc3eef0a add --disable-cloud-controller and --disable-kube-proxy test (#8018)
e551308db8 fix for etcd-snapshot delete with --etcd-s3 flag (#8110)
45bc26309f Remove terraform test package (#8136)
fd531140e5 Bump kine to v0.10.2
ca7aeed090 Etcd snapshots retention when node name changes (#8099)
23d6842f9a Bump versions for etcd, containerd, runc, kine
a0da8eded3 Bump docker/docker to master commit
aa76942d0f Add FilterCN function to prevent SAN Stuffing
3515d712a7 Fix typo in terraform/README.md (#8090)
a87b183f9c E2E: Support GOCOVER for more tests + fixes (#8080)
46cbbab263 Consolidate CopyFile functions (#8079)
59eec78c62 Fix tailscale bug with ip modes
468bddb59c update stable channel to v1.27.4+k3s1 (#8067)
767b64ba58 Fix coreos multiple installs (#8083)
cc9dce5764 Security bump to docker/distribution (#8047)
f21ae1d949 Make apiserver egress args conditional on egress-selector-mode
546dc247a0 Add support for `{{ template "base" . }}` in etc/containerd/config.toml.tmpl (#7991)
6d360e6473 Unit test for MustFindString (#8013)
946c8ea842 ADR on secrets encryption v3 (#7938)
780e638099 Update flannel to v0.22.1
e56839b329 Update cni plugins version to v1.3.0
36645e7311 fix update go version doc (#8028)
d8ae6ef59b Update to v1.27.4 (#8014)
be44243353 Adjust default kubeconfig file permissions (#7978)
0b18a65d4f Revert "Warn that v1.28 will deprecate reencrypt/prepare (#7848)"
58a8deb25d fix image_scan.sh script and download trivy version (#7950)
3eb4e12c3b Don't use zgrep in `check-config` if apparmor porfile is enforced (#7939)
34617390d0 Generation of certificates and keys for etcd gated if etcd is disabled. (#6998)
2eddfe6cf4 Add retry for clone step (#7862)
782a3a1cb4 Bump google.golang.org/grpc from 1.51.0 to 1.53.0 in /tests/terraform (#7879)
8405813c12 Fix rootless node password (#7887)
607320d670 Improve for K3s release Docs (#7864)
b9a2bf11ee Support setting control server URL for Tailscale.
4ab01f3941 Warn that v1.28 will deprecate reencrypt/prepare (#7848)
9e334153cf add e2e s3 test (#7833)
bca0adbca8 Fix code spell check
7f50b40cfe Fall back to basic/bearer auth when node identity auth is rejected
ce3443ddf6 Allow k3s to customize apiServerPort on helm-controller
324f9ad4da fix e2e startup flaky test (#7839)
72d50b1f7c Add `--data-dir` to the `k3s certificate rotate-ca` cli (#7791)
d593c83603 Remove file_windows.go
f21a01474d Check if we are on ipv4, ipv6 or dualStack when doing tailscale
0809187cff Adding cli to custom klipper helm image (#7682)
c7dec8ed24 Update stable channel to v1.27.3+k3s1 (#7827)
70691a95ee Faster K3s Binary Build Option (#7805)
2215870d5d chore: pkg imported more than once
fe9604cac1 Update Kubernetes to v1.27.3 (#7790)
d968e64de0 Add commands to logout from tailscale
43611bb5ad Fix the error report
b66a118362 Bump helm-controller to v0.15.0 for create-namespace support
a5874f855f Remove unused libvirt config
c6a6e8ef57 Fix spelling check
cc22c80e49 Add issue template for OS validation (#7695)
efa86a63e8 Remove unnecessary daemonset addition/deletion (#7696)
7c151d468f add private registry e2e test (#7653)
869e030bdd VPN PoC
1e73bb8967 Run integration tests on E2E changes, ensures correct coverage values
8f9502233a E2E: Inject gocover ENV for k3s commands
4a68fbd8e9 E2E: Use sudo for all RunCmdOnNode
00f3e2413f chore: Bump Trivy version (#7672)
dc6c569b98 Shortcircuit commands with version or help flags (#7683)
3a8e98a3b8 Bump docker go.mod (#7681)
e5e1a674ce Enable containerd aufs/devmapper/zfs snapshotter plugins
5170bc5a04 Improve error response logging
45d8c1a1a2 Soft-fail on node password verification if the secret cannot be created
b0188f5a13 Test Coverage Reports for E2E tests (#7526)
afc88cec88 check variant before version to decide rpm target and packager
fa0dc5900a Use el8 rpm for fedora 38 and 39 (#7664)
7c0a7687c6 add format command on Makefile and remove vendor
9227e0bde2 Bump vagrant libvirt with fix for plugin installs (#7605)
b64a226ebd Make LB image configurable when compiling k3s
a5928ee137 chore: Bump golang:alpine version
612473755d Add ADR
7b61aacb56 Fix test file list
64a5f58f1e Create new kubeconfig for supervisor use
8748813a61 Use distinct clients for supervisor, deploy, and helm controllers
e9958cf070 Bump metrics-server to v0.6.3 and update tls-cipher-suites
93279d2f59 Bump klipper-lb to v0.4.4
0485a56f33 allow coredns override extensions
85e10cf9d2 update channels (#7634)
9543470eb7 Add el9 selinux rpm (#7635)
d1b0254b91 Update flannel version
213d7ad499 Revert "Add el9 selinux rpm (#7443)" (#7608)
d55ec08675 Add el9 selinux rpm (#7443)
fe554fe703 Pin emicklei/go-restful to v3.9.0
91c5e0d75a Fix iptables rules clean during upgrade
d069a85fcc Update to v1.27.2-k3s1 (#7575)
290f67c939 Add '-all' flag to apply to inactive units
2b24c9917c Bump alpine from 3.17 to 3.18 in /conformance (#7551)
266926693a Bump alpine from 3.17 to 3.18 in /package (#7550)
9bcfac8b88 Add Rotation certification Check (#7097)
4aafff0219 Wrap error stating that it is coming from netpol
cbe8d33c93 Bump containerd/runc to v1.7.1-k3s1/v1.1.7
8f450bafe1 Bump helm-controller version for repo auth/ca support
06296815e6 Adding PITS and Getdeck Beiboot as adopters thanks to Schille and Miworfi for the additions (#7524)
607cbf0ad6 Bump containerd to v1.7.0 and move back into multicall binary
239021e759 Consistently use constant-time comparison of password hashes
9ec1789c21 Bump kube-router version to fix a bug when a port name is used
c6dc789e25 Add support for `-cover` + integration test code coverage (#7415)
3982213f06 add kube-* server flags integration tests (#7416)
b32bf49541 Bump kine to v0.10.1
c98137ddca Fix token startup test
cf9ebb3259 Fail to validate server tokens that use bootstrap id/secret format
7175ebe2be E2E: Startup test cleanup + RunCommand Enhancement (#7388)
bbb8ee0b2d Add dependabot label and reviewer (#7423)
cedefeff24 Bump cni plugins to v1.2.0-k3s1
a736b4b1b9 local-storage: Fix permission (#7217)
437ad128c7 Migrate netutil methods into /utils/net.go
e1d4cff14c Enable FindString to search dotD config files (#7323)
132b41c3bf Add v1.27 channel (#7387)
d5f560360e Handle multiple arguments with StringSlice flags (#7380)
a3ddff2f29 chore: Bump Trivy version
e61fde93c1 Fix MemberList error handling and incorrect etcd-arg passthrough
91afb38799 Retry cluster join on "too many learners" error
f1b6a3549c Fix stack log on panic
c44d33d29b Fix race condition in tunnel server startup
1ca035accc Add e2e test for --disable-agent
31a6386994 Improve egress selector handling on agentless servers
5348b5e696 Improve error message when CLI wrapper Exec fails
bbda54b332 Add longhorn storage test (#6445)
0247794aa9 go generate
0bbc6ad3f0 Bump traefik to v2.9.10
1ac03aad43 Add integration tests for etc-snapshot server flags and refactor /tests/integration/integration.go/K3sStartServer (#7300)
ef648b7a5d Bump Runc and Containerd (#7339)
9539147ee1 Bump k3s-root for aarch64 page size fix
ad41fb8c96 Create CRDs with schema
bc5b42c279 Cleanup help messages (#7369)
f076080b2b Bump cri-dockerd (#7347)
87f0dc5dd3 update channel server for april 2023 (#7327)
66fcca66cb ensure that klog verbosity is set to the same level as logrus by repeatedly settting it every second during k3s startup
36699bbd60 Changed command -v redirection for iptables bin check
944f811dc5 v1.27.1 CLI Deprecation (#7311)
f2bde63eea Kubernetes v1.27.1 (#7271)
8d0255af07 Bump Trivy version (#7257)
779d5f3aa2 chore: Updated the content of the file "/tmp/updatecli/github/k3s-io/... (#7256)
554ad87c8d chore: Bump golang:alpine version (#7292)
257fa2c54c Update to v1.26.4-k3s1 (#7282)
d9f40d4f5b Update install script to clean iptables rules before start
0c683720ad Update kube-router to insert iptables rules right after kubernetes ones
6b51ed478d Fix call for k3s-selinux versions in airgapped environments (#7264)
027cc187ce Add coreos and sle micro to selinux support (#6945)
30638072c9 Update klipper lb to v0.4.2 (#7210)
6c394abb32 Add make commands to terraform automation and fix external dbs related issue (#7159)
3e3512bdae Updated kube-route version to move the iptables ACCEPT default rule at the end of the chain
d95980bba3 Lock bootstrap data with empty key to prevent conflicts
12091fc724 Bump actions/setup-go from 3 to 4
2992477c4b Debounce kubernetes service endpoint updates
ece4d8e45c Fix tests to not hide failure location in dummp assert functions
e54ceaa497 Fix issue with stale connections to removed LB server
5dece799df Update remotedialer to silence errors when disconnecting
4182dcaac8 [UpdateCLI] Improve Klipper Helm and Helm controller bumps (#7146)
127cea1f3f Upgrade helm-controller to v0.13.3 (#7209)
d2e04b826a Don't apply hardened args to agent (#7089)
d388b82d25 go generate
de80c07053 Ensure that loopback is used for the advertised address when resetting
b010db0cff Ensure that loopback is used for the advertised address when resetting
877247a691 Bump runc to v1.1.5
eb982bbbde Bump etcd to v3.5.7
cee3ddbc4a Bump Local Path Provisioner version (#7167)
ddd9665fed Improve Trivy configuration (#7154)
fdf994dc35 [UpdateCLI] Improve workflow (#7142)
37b3f4d25c Run go generate in local-path-provisioner Updatecli pipeline (#7181)
8ec7d5e6b0 fix_get_sha_url (#7187)
a99376663b Drone Pipelines enhancement (#7169)
fb491f5ebf Update stable channel to v1.26.3+k3s1 (#7161)
d13ee64403 Enhance `k3s check-config` (#7091)
01ea3ff27b Update flannel to fix NAT issue with old iptables version
c97370be6f Clean E2E VMs before testing (#7109)
7c32f88fec Pin golangci-lint version to v1.51.2 (#7113)
dc4a148725 Update to v1.26.3-k3s1 (#7108)
561ec056c1 Drone: Cleanup E2E VMs on test panic (#7104)
9980504196 Fix to Rotate CA e2e test (#7101)
85b261096c Add automation for Restart command for K3s (#7002)
19ac384929 Remove Nikolai from MAINTAINERS list (#7088)
7d2f997b3e Added multiClusterCIDR E2E test
262cd7de0a Added IPv6 check and agent restart on e2e test utils
15ee88964b Added multiClusterCidr feature
822ee79eb8 Remove deprecated nodeSelector label beta.kubernetes.io/os (#6970)
a912902aa7 Add missing kernel config checks (#6946)
8503d0143c skip all pipelines based on what is in the PR (#6996)
977a85559e Add support for cross-signing new certs during ca rotation
68fcb48a35 Update/rename certs.sh; add default cert rotation script
b7f90f389c Wait for kubelet port to be ready before setting (#7041)
a45d081027 update stable version in channel server (#7066)
d218068f34 Adds a warning about editing to the containerd config.toml file (#7057)
c259403af1 Bump various dependencies for CVEs (#7044)
e098b99bfa Update flannel and kube-router (#7039)
c78dc4db71 Add flannel adr (#6973)
522ad1e697 Add E2E to Drone (#6890)
ea094d1d49 Update to v1.26.2-k3s1 (#7011)
ee28c20b62 Bump kine to v0.9.9
cbe4bcfeee Add test for filterByIPFamily
cc333d8d0c Fix ServiceLB dual-stack ingress IP listing
2156015521 Improve default umask for certs.sh
23d98cec22 Fix CACertPath stripping trailing path components
0c302f4341 Fix etcd member deletion
9efa0797b7 Don't default to local K3s for startup test (#6950)
7739c8b97e Update flannel to v0.21.1
b8e69712a3 Updated flannel version to v0.21.0
3d146d2f1b Allow for multiple sets of leader-elected controllers
0d416d797d Wait for server to become ready before creating token
290d7e8fd1 Fix access to hostNetwork port on NodeIP when egress-selector-mode=agent
ddcc4d4034 go generate
c6d0afd0cb Check for existing resources before creating them
32d62c5786 Use default address family when adding kubernetes service address to SAN list
a92f163c9d Add NATS to the list of supported data stores (#6876)
b43dd7746d Add CI test
c900089e88 Add ADR
87f9c4ab11 Ensure that node exists when using node auth
992e64993d Add support for kubeadm token and client certificate auth
373df1c8b0 Add support for `k3s token` command
7d49202721 Ignore value conflicts when reencrypting secrets (#6850)
be7f751863 Add e2e tests for CA cert rotation
8a6404f97c Add basic test for custom CA certs
9b6b72941f Clarify ADR based on design review feedback
f13768c247 Add ADR
215fb157ff Add `certificate rotate-ca` to write updated CA certs to datastore
3c324335b2 Add utility functions for getting kubernetes client
58d40327b4 Fix CA cert hash for root certs
0919ec6755 Ensure cluster-signing CA files contain only a single CA cert
1ec242d816 Add example certificate generation script
7e59376bb9 Fix check for (open)SUSE version (#6791)
ee007bc7cf Bump deps: trivy, sonobuoy, dapper (#6807)
bb353f5d2b Fix reference to documentation (#6860)
7cad3db251 E2E: Consoldiate docker and prefer bundled tests into new startup test (#6851)
32086717fc Ensure flag type consistency (#6852)
750cff561d Bump vagrant boxes to fedora37 (#6832)
9fcc7c0db8 Fix cronjob example (#6707)
0d4caf4e24 Wait for cri-dockerd socket (#6812)
1c6fde9a52 go generate
369b81b45e Honor Service ExternalTrafficPolicy
94d1a87509 Bump wrangler version for EndpointSlice support
86e36225f5 Consolidate E2E tests and GH Actions (#6772)
808c71a63e Add Ayedo (#6801)
75f77ab951 E2E Rancher and Hardened script improvements (#6778)
f0655f153e update stable channel to v1.25.6+k3s1 (#6828)
3cb6fa5cc7 Set cri-dockerd version at build time
f72649d1bd Bump cri-dockerd
89f7062431 Add build tag to disable cri-dockerd
f10af367c3 Update to v1.26.1-k3s1 (#6774)
f19892c2d2 drone correct plugins/docker tag supporting linux/arm (#6769)
291f8bfe00 Slow dependency CI to weekly (#6764)
2007cdd54f generate report and upload test results (#6737)
7bbcac92fd Bump download action to v3 (#6746)
d71ab6317e Update stable to 1.25.5+k3s2 (#6753)
f54b5e4fa0 Fix CI tests
23c1040adb Bugfix: do not break cert-manager when pprof is enabled (#6635)
a4549cf989 chore: Bump golang:alpine version (#6683)
8340b54309 Pass through default tls-cipher-suites
cc3583399a Add explicit permissions to workflows (#6700)
d85952d6a0 Bump ubuntu from 20.04 to 22.04 in /tests/e2e/scripts (#6686)
674a05478f Containerd restart testlet (#6696)
d78e490716 Bump containerd to v1.6.15-k3s1
e53500f37f Bump alpine from 3.16 to 3.17 in /conformance (#6687)
c7151e8b61 Bump alpine from 3.16 to 3.17 in /package (#6688)
3cafc8e6dd RIP Codespell (#6701)
fd8481a29d Adjust e2e test run script and fixes (#6718)
a298bfdb18 Add jitter to scheduled snapshots and retry harder on conflicts
f0ec6a4c12 Exclude December r1 releases from channel server
bc6bebc998 Bump containerd to v1.6.14-k3s1
454440f9a3 Add Dependabot config for security ADR (#6560)
870d9c32b0 Fix OpenRC init script error 'openrc-run.sh: source: not found' (#6614)
97f162291a Change Updatecli GH action reference branch (#6682)
beafd9eaff Update stable to v1.25.5 (#6618)
8f28de259c Add initial Updatecli ADR automation (#6583)
9e97a3b4aa Current status badges (#6653)
fae8817655 Bump k3s-root version to v0.12.1
0c9b43746b Preload iptable_filter/ip6table_filter
f8b661d590 Update to v1.26.0-k3s1 (#6370)
b5d39df929 Deprecation of `etcd-snapshot` command in v1.26 (#6575)
d723775792 Remove deprecated flags in v1.26 (#6574)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Bumping k3s to version v1.24.7-rc4+k3s1, which comprises the following commits:
e3c9d859e8 Return ProviderID in URI format
e44d22ca61 Add ServiceAccount for svclb pods
2ca51a3d59 Update to v1.24.7-k3s1 (#6270)
0751b6052e Fix dualStack test
519f13e34d [Release-1.24] Replace deprecated ioutil package (#6235)
c1c7b95dc0 Fix flakey etcd test
6ed1e1423f Fix helm job failure on multi-server tests
87bfc8883b Bump traefik to 2.9.1 / chart 12.0.0
06eb948c23 Fix the typo in the test
3a829ae860 Handle custom kubelet port in agent tunnel
3f5c88e4a3 Fix occasional "TLS handshake error" in apiserver network proxy.
cb0f4bd49c Use structured logging instead of logrus for event recorders
44ae7aa4db Dump info on coredns when deployment rollout fails
a75bbf5f4e Add ADR for ServiceLB move to CCM
69dd30433b Disable cloud-node and cloud-node-lifecycle if CCM is disabled
76f13d3558 Move servicelb into cloudprovider LoadBalancer interface
23c302dccc Move DisableServiceLB/Rootless/ServiceLBNamespace into config.Control
307e45e739 Implement InstancesV2 instead of Instances
7198eb2f74 Bump metrics-server to v0.6.1
0be4ef9213 Add flannel-external-ip when there is a k3s node-external-ip
a8e0c66d1a updating to v1.24.6-k3s1 (#6164)
fb823c8a5f Update to v1.24.5 (#6143)
ae7d6285b6 Fix gofmt warnings
1b806f5fee Bump golang to correct version
ee859f7f5a Add validation check to confirm correct golang version for Kubernetes
cf684c74a3 [Release-1.24] Bulk Backport of Testing Changes
b8f05e4904 Bump containerd to v1.6.8-k3s1
35e488c9c7 Bump runc to v1.1.4
e1884e4d60 Update Flannel to v0.19.2 to fix older iptables issue
79bb7bccd9 Fix e2e tests (#6018)
4c9ad2546c Fix dualStack test and change ipv6 network (#6023)
654d2b9567 CI: update Fedora 34 -> 35 (#5996)
2b35f89664 Convert install tests to run PR build of k3s (#6003)
f81138402e E2E: Add support for CentOS 7 and Rocky 8 (#6015)
ab2638a247 mark v1.24.4+k3s1 as stable (#6036)
7d6982d1fa Export agent.NetworkName for Windows
3e394f8ec5 The Windows kubelet does not accept cadvisor flags
c3f830e9b9 Update to v1.24.4 (#6014)
035c03cfaa Remove codespell from Drone, add to GH Actions (#6004)
b14cabc107 Add nightly install github action (#5998)
75f8cfb6ea E2E: Local cluster testing (#5977)
116c977fbf Convert vagrant tests to yaml based config (#5992)
30fc909581 Update run scripts (#5979)
a30971efaa Updated flannel to v0.19.1
6b7b9c5aa9 Add scripts to run e2e test using ansible (#5134)
18cb7ef650 fix checkError in terraform/testutils (#5893)
77fa7fb490 Removing checkbox indicating backports since the policy is to backport everything (#5947)
b7f7379157 Update MAINTAINERS with new folks and departures (#5948)
db3c569b7f Add docker e2e test
aadab55145 Add ADR for inclusion of cri-dockerd
4aca21a1f1 Add cri-dockerd support as backend for --docker flag
b1fa63dfb7 Revert "Remove --docker/dockershim support"
cf66559940 Print stack on panic
abdf0c7319 Fix comments and add check in case of IPv6 only node
d90ba30353 Added NodeIP autodect in case of dualstack connection
82e5da35a9 Upgrade macos-10.15 to macos-12 (#5953)
43508341c1 Bump minio to v7.0.33
1c17f05b8e Fix secrets reencryption for 8K+ secrets (#5936)
118a68c913 Updates to CLI flag grouping + deprecated flag warnings. (#5937)
13af0b1d88 Save agent token to /var/lib/rancher/k3s/server/agent-token
4c0bc8c046 Update etcd error to match correct url (#5909)
db2ba7b61d Don't enable unprivileged ports and icmp on old kernels
90016c208d ADR: Depreciating and Removing Old Flags (#5890)
24da6adfa9 Move v1.24.3+k3s1 to stable (#5889)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
We bumping to 1.24.x, along with the k3s changes, we update our
dependencies to allow a vendored build.
Dependencies were gathered via: go list -m all | sort | uniq > mod.all
And then processed to generate the SRC_URI fetches and relocations into
the build.
We also change our TAGS to avoid two different errors. btrfs
build restrictions:
package command-line-arguments
imports github.com/k3s-io/k3s/pkg/cli/agent
imports github.com/k3s-io/k3s/pkg/agent
imports github.com/k3s-io/k3s/pkg/agent/config
imports github.com/k3s-io/k3s/pkg/containerd
imports github.com/containerd/containerd/snapshots/btrfs/plugin:
build constraints exclude all Go files in github.com/k3s-io/containerd@v1.5.13-k3s1/snapshots/btrfs/plugin
And ctrd, which leads to the following (which is also
found on non Yocto / non-cross build k3s builds):
# github.com/containerd/containerd/pkg/cri/server
../../go/pkg/mod/github.com/k3s-io/containerd@v1.5.13-k3s1/pkg/cri/server/instrumented_service.go:36:9: cannot use &instrumentedService{?} (value of type *instrumentedService) as type grpcServices in return statement:
*instrumentedService does not implement grpcServices (missing ListPodSandboxStats method)
../../go/pkg/mod/github.com/k3s-io/containerd@v1.5.13-k3s1/pkg/cri/server/service.go:156:9: cannot use c (variable of type *criService) as type CRIService in return statement:
*criService does not implement CRIService (missing ListPodSandboxStats method)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The significant commit in this series is:
0e72260df4 delete vendor dir
Which means that we completely have to revamp the recipe to build
without go accessing the network to pull in dependencies. This is
an initial effort, and it is acknowledged that it isn't efficient
or fast, due to the number of fetches and I/O required to complete
the population of the vendor/ directory.
The recipe can be iterated and made more efficient over time.
Bumping k3s to version v1.23.1+k3s1-11-ge7464a17f7, which comprises the following commits:
e7464a17f7 Fix use of agent creds for secrets-encrypt and config validate
8d8c8b0c6b Don't skip the dev image when skipping airgap
31f1a00b6f Fix a typo: advertise-up -> advertise-ip (#4827)
2ac8df3602 Integration tests utilities improvements (#4832)
612a9412fd Enable make generate to use dapper and standardize go and gzip versions (#4861)
66eeabbdfc linter doesn't actually run on windows, found these while getting it running on a windows machine
142b1d96f4 Update channel.yaml for 1.23
ff49dcf71e Export default parser
d0f7e23328 Require integration test to be run as sudo/root (#4824)
a02db0f2fa Fix cgroup smoke test (#4823)
08d538fb3a Update golang
87395e32d6 Update modules for Kubernetes v1.23
6656d48415 Add tests to use vagrantfile (#4722)
70902209b9 Bump stable to v1.22.5+k3s1 (#4821)
3ee3ecb3ac package rename wasnt approved yet, backing out cruft that snuck into last pr
a5c6e6a68a Fix panic checking name of uninitialized etcd member
52e450f033 Add etcd sonobuoy tests
9919f229b6 Add variable to enforce max test concurrency
247298a20d Fix previous channel detection
6872e7da25 More codespell ignores
3ae550ae51 Update bootstrap logic to output all changed files on disk (#4800)
0e72260df4 delete vendor dir
e6cf8f5982 code changes to drop the vendor dir
4eb282edac Move flannel logs to logrus
2e91913f54 Close agentReady channel only in k3s (#4792)
8ad7d141e8 Close etcd clients to avoid leaking GRPC connections
588d15db8f Remove Disables, Skips and DisableKubeProxy from the comparing configs
555dfc54db Add initial skeleton ADOPTERS.md to better track large use cases (#4764)
baf865b836 Add ADR
6f4217a340 Build standalone containerd
8737e2e13f Build script cleanups
89e63972e9 Bump k3s-root to v0.10.1
17eebe0563 Fix cold boot and reconcilation on secondary servers (#4747)
73725a0882 docs: adrs: Dual-stack in network policy agent
d71b335871 Fix snapshot restoration on fresh nodes (#4737)
bf4e037fcf Resolve Bootstrap Migration Edge Case (#4730)
2f3bfc27c0 Add in docs/adr to ensure we capture decisions properly during design calls (#4707)
a6fe2c0bc5 Resolve restore bootstrap (#4704)
a70487d5ae Update wharfie usage in windows code path
3985fd0e26 [master] Add validation to certificate rotation (#4692)
e8a30a87c8 Bump runc to v1.0.3
eb068da7f3 Add `SKIP_AIRGAP` enviroment variable for make (#4688)
8f389ab030 Include node-external-ip in serving-kubelet.crt SANs (#4620)
bcb662926d Secrets-encryption rotation (#4372)
1b3187ea07 Check HA network parameters
7d3447ceff Bump wharfie to v0.5.1 and use shared decompression code
05d43278e2 bump kine to v0.8.1
3b6a3fe905 Update dynamiclistener
a8f7e9f7e8 Nighlty automation vagrant rework (#4574)
a0208058ae Bump stable to v1.21.7+k3s1 (#4636)
77fd3e99ec Add cert rotation command (#4495)
1e6e4db2bc Update maintainers list (#4622)
d05c334a78 Improved cleanup for etcd unit test (#4537)
ae4a1a144a etcd snapshot functionality enhancements (#4453)
0c1f816f24 go generate
a7ba3e14ff Add package version to traefik helm chart
7685da3e24 Improve flannel logging
d93c82f958 [master] Bump golang and containerd (#4538)
65110a4eec [master] Bump Kubernetes to v1.22.4-k3s1 (#4536)
03485632ea Fix regression with cluster reset (#4521)
ef263bd2b0 Improved regex for double equals arguments (#4505)
535a919635 Removed value from warning about skipping flags (#4491)
c77efe64e1 tests/vagrant: refactor vagrant smoke tests (#4484)
f18b3252c0 [master] Add etcd extra args support for K3s (#4463)
41ff19de71 Feature: Add CoreDNS Customization Options
4b57951fb0 Fix to allow etcd-snapshot to use config file with flags that are only used with k3s server. (#4464)
5ab6d21a7d Increase agent's apiserver ready timeout (#4454)
bc7cdc78ca go generate
2e9358934d Add dashboard annotations to Traefik helm chart
5d168a1d59 Allow svclb pod to enable ipv6 forwarding
adaeae351c update bootstrap logic (#4438)
d85b2468ea Corrected skip check for dualstack on CI (#4427)
559c8ad94b install: /usr/sbin/transactional-update (#4403)
7bd65047c3 Match to last After keyword for parser (#4383)
8915e4c7f7 Replace gzip with pigz for faster builds (#4411)
0a5c6b1088 Remove unit tests from drone CI (#4424)
36c6634cce [master] updating to new signals package in wrangler (#4399)
f1d6e9bc4b install.sh: fix path detection for sle-micro (#4398)
86c6924119 containerd: v1.5.7-k3s2 (#4387)
f7dcc139ff Bump klipper-lb image for arm fix
aa3332085f Update k3s CI to run all integration tests (#4358)
94c1b988ca Enable Epics Action to automatically check off child issues in an epic (#4353)
f1622129e4 refactor: Use plain channel send or receive
f9f1cabe9c Fix log/reap reexec
702fe24afe containerd/cri: enable the btrfs snapshotter (#4316)
3da1bb3af2 Fix other uses of NewForConfigOrDie in contexts where we could return err
5acd0b9008 Watch the local Node object instead of get/sleep looping
3fe460d080 Block scheduler startup on untainted node when using embedded CCM
52eb6cac1c install.sh: initial support for sle-micro (#4331)
91cf835ec3 Update to v1.22.3 (#4354)
7c3f21e581 K3s Integration test fixes (#4341)
ab3d25a2c5 Update peer address when running cluster-reset
0a0b915921 reset buffer after use (#4279)
02a314c69a Bump klipper-helm version
918945da45 Added configuration input to etcd-snapshot (#4280)
72a1925a34 install.sh: capture quoted environment variables (#4275)
6e410fad49 Update to the newest flannel
b5b7033afd Bump klog fork version
e11a4bf8bb set duration to second (#4231)
0452f017c1 Add etcd s3 timeout (#4207)
34080b23b1 Copy old bootstrap buffer data for use during migration (#4215)
dbc14b8990 Fix race condition in cloud provider
5a923ab8dc Add containerd ready channel to delay etcd node join
6b4d75d245 maintainers: add Manuel and Michal (#4193)
b282528ee2 Display cluster tls error only in debug mode (#4124)
dc18ef2e51 Refactor log and reaper exec to omit MAINPID
d6b6a3ee9f vagrant: Add Ubuntu 21.04 support
5e01201195 vagrant: Update package list for Ubuntu
e420583684 vagrant: Add support for vagrant-libvirt
f830d09d6e vagrant: Change OS environment variable to DISTRO
feec44572d Improve error message when using a "K10" prefixed token (#4180)
ac7a8d89c6 Add ability to reconcile bootstrap data between datastore and disk (#3398)
9e787bfacb moving fossa to being inline step with a sles image
b6919adf62 Add "etcd-" prefix to etcd-snapshot commands as aliases (#4161)
00cf4578ec Dual-stack support LB controller
1f7151ed2f Update stable to v1.21.5+k3s2
9b35734e1a Add topologySpreadConstraints to support scaling of coredns
e24e1332fd Bump containerd to v1.5.7+k3s1
12e675e2cc Don't evacuate the root cgroup when rootless
cd5002ea37 Skip tests that violate version skew policy
5d1a37ee32 Send MAINPID to systemd when reexecing for logfile output
a16105b348 Properly handle operation as init process
f4cea90cb9 set transport to skip verify if se skip flag passed (#4102)
fd495a6a5f Bump stable to v1.21.5+k3s1 (#4068)
87524a7ac7 Enable the inheritance of settings for ipv6
4ec71b360c Adding fossa anaylze/test drone step
73e21e739f Drop broken SupportNoneCgroupDriver support
8005885bad Add 1.22 channel
539e224159 Update build images to python3 for compat with recent gsutil change
b99b943c17 Use the new klipper-lb image that has newer go and Alpine versions
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Update k3s.service with the latest changes from install.sh script.
Add k3s-killall.sh script to stop all of the K3s containers and reset
the containerd state.
The killall script cleans up containers, K3s directories, and networking
components while also removing the iptables chain with all the associated
rules. The cluster data will not be deleted.
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Change-Id: If1794367cabfc18fc8e3ecaf26badd4d0bc25114
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
See recipes-containers/k3s/README.md for basic usage and testing
instructions.
Signed-off-by: Joakim Roubert <joakimr@axis.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
Bruce Ashfield
Martin Jansa
Kamil Dziezyk
Joakim Roubert