- 10 Dec, 2022 1 commit
-
-
Brad Davidson authored
Signed-off-by:Brad Davidson <brad.davidson@rancher.com>
-
- 09 Dec, 2022 1 commit
-
-
Nikolai Shields authored
-
- 15 Nov, 2022 1 commit
-
-
Brad Davidson authored
Signed-off-by:
-
- 11 Nov, 2022 1 commit
-
-
Hussein Galal authored
* Update to v1.22.16 Signed-off-by:
galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix genproto mod Signed-off-by:
-
- 09 Nov, 2022 1 commit
-
-
Brad Davidson authored
Signed-off-by:
-
- 22 Sep, 2022 1 commit
-
-
Matt Trachier authored
Signed-off-by:matttrach <matttrach@gmail.com>
-
- 16 Sep, 2022 1 commit
-
-
Matt Trachier authored
Signed-off-by:
-
- 09 Sep, 2022 2 commits
-
-
Brad Davidson authored
Signed-off-by: -
Brad Davidson authored
Also reorder validations to perform the short checks first so that things fail faster if there's a problem. Signed-off-by:
-
- 02 Sep, 2022 2 commits
-
-
Brad Davidson authored
Signed-off-by: -
Roberto Bonafiglia authored
Signed-off-by:Roberto Bonafiglia <roberto.bonafiglia@suse.com>
-
- 19 Aug, 2022 1 commit
-
-
Brooks Newberry authored
Signed-off-by:Brooks Newberry <brooks@newberry.com>
-
- 18 Aug, 2022 2 commits
-
-
Brooks Newberry authored
-
Derek Nola authored
Signed-off-by:
Derek Nola <derek.nola@suse.com> (cherry picked from commit 035c03cf)
-
- 08 Aug, 2022 1 commit
-
-
Roberto Bonafiglia authored
Signed-off-by:
-
- 04 Aug, 2022 13 commits
-
-
Roberto Bonafiglia authored
Signed-off-by: -
Roberto Bonafiglia authored
Signed-off-by: -
Manuel Buil authored
Signed-off-by:Manuel Buil <mbuil@suse.com>
-
Michal Rostecki authored
Before this change, kube-router was always assuming that IPv4 is enabled, which is not the case in IPv6-only clusters. To enable network policies in IPv6-only, we need to explicitly let kube-router know when to disable IPv4. Signed-off-by:Michal Rostecki <vadorovsky@gmail.com>
-
Brad Davidson authored
Signed-off-by:
-
Vladimir Kochnev authored
Having separate tokens for server and agent nodes is a nice feature. However, passing server's plain `K3S_AGENT_TOKEN` value to `k3s agent --token` without CA hash is insecure when CA is self-signed, and k3s warns about it in the logs: ``` Cluster CA certificate is not trusted by the host CA bundle, but the token does not include a CA hash. Use the full token from the server's node-token file to enable Cluster CA validation. ``` Okay so I need CA hash but where should I get it? This commit attempts to fix this issue by saving agent token value to `agent-token` file with CA hash appended. Signed-off-by:
Vladimir Kochnev <hashtable@yandex.ru> (cherry picked from commit 13af0b1d) Signed-off-by:
-
Brad Davidson authored
Signed-off-by:
-
Brad Davidson authored
Requires tweaking existing method signature to allow specifying whether or not IPv6 addresses should be return URL-safe. Signed-off-by:
-
Brad Davidson authored
Signed-off-by:
-
Brad Davidson authored
* Use INVOCATION_ID to detect execution under systemd, since as of a9b5a193 NOTIFY_SOCKET is now cleared by the server code. * Set the unit type to notify by default for both server and agent, which is what Rancher-managed installs have done for a while. Signed-off-by:
-
Brad Davidson authored
Addressess issue where the compact may take more than 10 seconds on slower disks. These disks probably aren't really suitable for etcd, but apparently run fine otherwise. Signed-off-by:
-
Dirk Müller authored
This avoids an issue with u-root 7.0.0 which has been retracted by the author: $ go list -u -m all $ go list -m: github.com/u-root/u-root@v7.0.0+incompatible: retracted by module author: Published v7 too early (before migrating to go modules) Signed-off-by:
Dirk Müller <dirk@dmllr.de> (cherry picked from commit 93ca992c) Signed-off-by:
-
Derek Nola authored
* Update etcd error to match correct url * Bump macos version used by GH actions Signed-off-by:
-
- 03 Aug, 2022 1 commit
-
-
Derek Nola authored
Signed-off-by:
-
- 15 Jul, 2022 1 commit
-
-
Nikolai Shields authored
Signed-off-by:Nikolai Shields <nikolai@nikolaishields.com>
-
- 12 Jul, 2022 6 commits
-
-
Brad Davidson authored
* Increase the default snapshot timeout. The timeout is not currently configurable from Rancher, and larger clusters are frequently seeing uploads fail at 30 seconds. * Enable compression for scheduled snapshots if enabled on the command-line. The CLI flag was not being passed into the etcd config. * Only set the S3 content-type to application/zip if the file is zipped. * Don't run more than one snapshot at once, to prevent misconfigured etcd snapshot cron schedules from stacking up. Signed-off-by: -
Brad Davidson authored
Includes fix for ENOSYS/EPERM issue on s390x. Signed-off-by: -
Brad Davidson authored
Includes fix for recently identified memory leak. Signed-off-by: -
Brad Davidson authored
Since #4438 removed 2-way sync and treats any changed+newer files on disk as an error, we no longer need to determine if files are newer on disk/db or if there is a conflicting mix of both. Any changed+newer file is an error, unless we're doing a cluster reset in which case everything is unconditionally replaced. Signed-off-by: -
Brad Davidson authored
Properly skip restoring bootstrap data for files that don't have a path set because the feature that would set it isn't enabled. Signed-off-by: -
Brad Davidson authored
Signed-off-by:
-
- 01 Jul, 2022 3 commits
-
-
Brad Davidson authored
Signed-off-by: -
Brad Davidson authored
Service.Spec.IPFamilyPolicy may be a nil pointer on freshly upgraded clusters. Signed-off-by: -
Brad Davidson authored
Use same kubelet-preferred-address-types setting as RKE2 to improve reliability of the egress selector when using a HTTP proxy. Also, use BindAddressOrLoopback to ensure that the correct supervisor address is used when --bind-address is set. Signed-off-by:
-
- 30 Jun, 2022 1 commit
-
-
Brad Davidson authored
Signed-off-by:
-
