rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-05-11 09:55:38 +00:00
Code Issues Releases Wiki Activity
1,589 Commits 44 Branches 726 Tags 669 MiB
441d06df32
Commit Graph

591 Commits

Author SHA1 Message Date
Faisal Chaudhry
441d06df32 set EncryptionConfig on DesiredState when using CustomCerts 2021-07-02 10:01:32 -04:00
Sebastiaan van Steenis
a4bebdb8bb Add support for enabling cri-dockerd 2021-06-08 19:05:54 +02:00
Sebastiaan van Steenis
ff49352399
Merge pull request from superseb/golangcilint_v0401 
Use golangci-lint v1.40.1
 2021-06-08 18:28:53 +02:00
Sebastiaan van Steenis
a58605612e
Merge pull request from pmorillon/unset_proxy_env_vars_when_using_bastion 
Unset proxy env vars when using bastion
 2021-06-07 14:55:43 +02:00
Sebastiaan van Steenis
9c711e669c Use golangci-lint v0.40.1 2021-06-06 14:20:54 +02:00
Pascal Morillon
8b9385040f Unset proxy env vars when ssh bastion is configured with option ignore_proxy_env_vars 2021-05-31 16:49:01 +02:00
Sebastiaan van Steenis
ca8cc62303
Merge pull request from superseb/no_selinux_relabel 
Do not rewrite SELinux labels on volume mounts
 2021-05-31 15:06:19 +02:00
Sebastiaan van Steenis
88a4d73e79
Merge pull request from zhaofengli/mixed-arch-etcd-cluster 
Use the node's architecture to build etcd process
 2021-05-31 10:44:31 +02:00
Kinara Shah
bb0d38e303
Merge pull request from kinarashah/defaultbackend 
set ingress default backend to false for k8s 1.21+
 2021-05-21 09:57:17 -07:00
Sebastiaan van Steenis
04b71a9fd9
Merge pull request from superseb/etcdsave_statefile 
Dont deploy statefile if its not readable
 2021-05-21 11:06:48 +02:00
Sebastiaan van Steenis
9757be753f Do not rewrite SELinux labels on volume mounts 2021-05-18 22:22:40 +02:00
Sebastiaan van Steenis
738bda5fb6 Dont deploy statefile if its not readable 2021-05-18 07:24:57 +02:00
Kinara Shah
b2a9ebee75 set ingress default backend to false for k8s 1.21+ 2021-05-14 16:58:25 -07:00
Dan Ramich
d07658cf9b Encryption update 2021-05-14 10:11:17 -06:00
Sebastiaan van Steenis
b9a126c067
Merge pull request from superseb/etcd_v3415_ciphers 
Add stricter TLS cipher for etcd v3.4.15 and up
 2021-04-06 21:40:05 +02:00
Sebastiaan van Steenis
56b1c16e9f Add stricter TLS cipher for etcd v3.4.15 and up 2021-04-05 13:21:55 +02:00
Sebastiaan van Steenis
05e002bc08 Write kubeconfig/state with stricter permission 2021-03-07 12:41:31 +01:00
Steven Crespo
68453acb6e Add priority class name to addons 2021-02-06 16:46:39 -08:00
Kinara Shah
8c0a4d7f31
Merge pull request from superseb/add_auditlog_checksum 
Add auditlog checksum to trigger restart on update
 2021-01-27 15:00:35 -08:00
Sebastiaan van Steenis
5e50b51b13 Add auditlog checksum to trigger restart on update 2021-01-27 10:32:57 +01:00
rawmind0
1880404fc3 Added etcd snapshot timeout parameter 2021-01-22 18:35:13 +01:00
Sebastiaan van Steenis
e395badf82
Merge pull request from superseb/critical_addons 
Mark all default addons as critical
 2021-01-19 15:49:35 +01:00
Sebastiaan van Steenis
49a794c2de Mark all default addons as critical 2021-01-13 14:29:59 +01:00
Sebastiaan van Steenis
a68a64c0ce Add util command 2021-01-08 18:06:21 +01:00
Ryan Sanna
c14c39f8c5 reduce rewrite workers, add additional logging around secrets retrieval 2020-12-22 12:40:17 -07:00
Ryan Sanna
49e158a974
Revert "Revert "Encryption Key Rotation Changes"" 2020-12-14 11:51:46 -07:00
Ryan Sanna
92573270c7
Revert "Encryption Key Rotation Changes" 2020-12-09 13:49:27 -07:00
Ryan Sanna
e42ff49fec key rotation as part of ClusterUp, more robust secrets rewrite, improved logging 2020-12-08 12:00:32 -07:00
Nick Gerace
da6d9dcf9e Set default http backend to be optional 
Set default http backend to be optional for ingress nginx. It will be
enabled by default.
 2020-12-03 14:53:51 -05:00
Sebastiaan van Steenis
99af2bdf95
Merge pull request from superseb/add_tolerations 
Add tolerations option to addons
 2020-12-03 19:20:54 +01:00
Sebastiaan van Steenis
a1eaee0312
Merge pull request from superseb/retry_tcpportcheck 
Add retry to TCP port check
 2020-12-02 21:39:31 +01:00
Sebastiaan van Steenis
4e31add8fe Add tolerations option to addons 2020-11-26 17:29:46 +01:00
Kiran Shastri
4f062997bb Introduce ACI CNI network provider 
ACI CNI supports k8s versions 1.18+
Added template and arguments for ACI CNI
Disable cloud options for ACI.
Separate generated code into another commit

Signed-off-by: Kiran Shastri <shastrinator@gmail.com>
(cherry picked from commit e94c54005e)
 2020-11-17 15:29:03 -05:00
Sebastiaan van Steenis
a252645797 Add retry to TCP port check 2020-11-09 18:35:58 +01:00
Jacob Payne
04ea70ee3b updated NodeUpgradeStrategy.Drain to use pointer 2020-10-26 09:59:49 -07:00
kinarashah
8c3c618b63 set default ingress network mode for both rancher and rke 
Problem:
Setting defaults for ingress in parse logic works only for
rke standalone but not when rancher calls rke using ClusterUp.

Solution:
Setting them during the cluster defaults logic
 2020-10-24 13:09:38 +02:00
Sebastiaan van Steenis
16f3089220
Merge pull request from ibrokethecloud/master 
Allow addons.go to parse http and https ports for ingress controller
 2020-10-22 20:54:09 +02:00
Gaurav Mehta
5a63de09bc Updated cluster/addons.go to allow it to parse and send new http_port and https_ports to the ingress template 
Fixed up yaml import package

Updated rke ingress addon to support a new field hostNetwork. Users can use this now to run ingress controller on overlay network only

Ported additional ingress types changes into types/rke_types

Fixed linting errors related to variable names in addons.go and rke_types

Changed types for hostNetwork and http/https ports

Added validation to check http/https ports are different

Changed rke_types for additional spec in ingressConfig. Changed validation and default logic accordingly
 2020-10-21 19:00:04 +11:00
Sebastiaan van Steenis
422dfff0fd Check etcd cluster health after member delete 2020-09-29 13:53:45 +02:00
Sebastiaan van Steenis
b3ca1f8327 Don't advertise etcd port 4001 in v3.4.13 and up 2020-09-23 09:27:51 -07:00
Darren Shepherd
abf63e4a08 Fix panic when IgnoreDockerVersion is nil 2020-09-18 10:17:44 -07:00
Sebastiaan van Steenis
12b4dcaf59 Remove statefile for dind remove 2020-09-08 21:33:06 -07:00
Chris Kim
526ac7b065 Add CanalControllers to the systemImagesDefaultsMap 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-09-08 16:17:30 -07:00
Chris Kim
0522b664ac Add CanalControllers to support Canal v3.14.0+ 
Signed-off-by: Chris Kim <oats87g@gmail.com>
 2020-09-04 17:49:39 -07:00
Vincent Batts
d77ee0d53f
cluster/plan: don't relabel /lib/modules by default 
As this logic went, it would relabel /lib/modules, except on enterprise
linux and when SELinux is enabled (even just permisive).

Flatcar Container Linux defaults to SELinux on, but permisive, and
`/lib/modules/` is a symlink to the read-only `/usr`.
So `./rke up` would fail on attempting to relabel /usr.

The prior work around is to set `SELINUX=disable` in
/etc/selinux/config.

Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
 2020-08-21 16:17:00 -04:00
Luther Monson
de19c42611 added windows path cleaner 2020-08-20 13:41:18 -07:00
Luther Monson
23d2341172 updates for prefix path 2020-08-20 13:40:21 -07:00
Luther Monson
7d6181a290 add win_ params for prefix path, env, args and binds 
Problem: When building a hybrid cluster with windows nodes there is only
a single set of overrides you can use per service. This limits
configuring the node as service args and prefix_path sometimes need to
be specific for the different OS.
Solution: Add support for `win_` prefixed parameters for cluster level
`path_prefix` and service level `extra_args`, `extra_env` and
`extra_binds`. Params will work as before, passing in the non `win_`
prefixed params, IF you set the `win_` prefixed params it willy only use
those meaning you will need to duplicate the params in both config
sections of your rke cluster yaml.
 2020-08-20 13:39:57 -07:00
Sebastiaan van Steenis
f251e3ca92 Change file copy method for state file 2020-08-14 18:42:37 +02:00
Sebastiaan van Steenis
6761a1a3e1 Add restore flag to use local state 2020-08-04 13:13:43 +02:00