rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-06-25 15:01:58 +00:00
Code Issues Releases Wiki Activity
2,284 Commits 44 Branches 738 Tags 692 MiB
6af7fe61bc
Commit Graph

74 Commits

Author SHA1 Message Date
Jiaqi Luo
e4bf783a1a set the default PodSecurityConfiguration value only if the cluster's k8s version is at least 1.23 2023-07-10 17:13:46 -07:00
Kinara Shah
10a094b0f5 Revert "set the default PodSecurityConfiguration value only if the cluster's k8s version is at least 1.23 (#3261)" 
This reverts commit 914d4cb027.
 2023-06-21 08:56:15 -07:00
Jiaqi Luo
914d4cb027
set the default PodSecurityConfiguration value only if the cluster's k8s version is at least 1.23 (#3261) 2023-06-20 16:56:05 -07:00
Jiaqi Luo
b183dd71ce add comments and other minor improvements 2022-11-22 12:03:45 -07:00
Jiaqi Luo
5fcf75db40 add the support for PodSecurity on cluster at least v1.23 2022-11-22 12:03:45 -07:00
Jiaqi Luo
c4a521de08 bump the API used for api-server from v1alpha1 to v1 2022-11-22 12:03:45 -07:00
Sebastiaan van Steenis
0cea67e9ff Do not rewrite SELinux labels on volume mounts 2021-11-19 22:39:56 +01:00
Darren Shepherd
abf63e4a08 Fix panic when IgnoreDockerVersion is nil 2020-09-18 10:17:44 -07:00
Luther Monson
23d2341172 updates for prefix path 2020-08-20 13:40:21 -07:00
Luther Monson
7d6181a290 add win_ params for prefix path, env, args and binds 
Problem: When building a hybrid cluster with windows nodes there is only
a single set of overrides you can use per service. This limits
configuring the node as service args and prefix_path sometimes need to
be specific for the different OS.
Solution: Add support for `win_` prefixed parameters for cluster level
`path_prefix` and service level `extra_args`, `extra_env` and
`extra_binds`. Params will work as before, passing in the non `win_`
prefixed params, IF you set the `win_` prefixed params it willy only use
those meaning you will need to duplicate the params in both config
sections of your rke cluster yaml.
 2020-08-20 13:39:57 -07:00
Darren Shepherd
c405e6ea1b Remove references to rancher/types 2020-07-11 23:29:33 -07:00
rawmind0
8ff29b617f Updated api bool fields with default=true to *bool. Go files 2020-06-02 20:15:53 +02:00
rajashree
6b25bcf3e0 Remove ignore-upgrade label from zero downtime upgrade 2020-03-10 23:36:17 -07:00
rajashree
c61d531af1 Rename ignore label and return error on controlplane failure 2020-03-04 15:20:48 -08:00
rajashree
e27a05f8b1 Attempt upgrade on NotReady hosts 2020-02-26 14:14:42 -08:00
rajashree
968a399f26 Accept label to ignore nodes during upgrade 
RKE does a cluster scan to find the unreachable hosts, and if that number
is same as or exceeds maxUnavailable, upgrade won't proceed.
This commit introduces a label users can provide for their nodes so they
don't get counted as unavailable and are excluded from upgrade.
This commit also includes a couple of bug fixes
 2020-02-22 14:23:47 -08:00
Murali Paluru
bf8688e709 auditlog and eventratelimit changes 2019-10-31 13:48:44 -07:00
moelsayed
372393ac1b Add Secret Encryption Provider Support 2019-10-29 14:10:32 -07:00
galal-hussein
7744f18d6e Force deploy certificates if kubeapi cert got changed 2019-04-24 16:54:19 -07:00
Sebastiaan van Steenis
e1d0899efe Show correct filename for webhook auth config file 2019-04-08 15:27:01 -07:00
moelsayed
e3d6fb4db9 Restore backup to a new etcd plane 2019-03-06 09:22:52 -08:00
moelsayed
b80785e75e Ensure certs are availaible for restore 2019-03-03 09:14:36 -08:00
galal-hussein
82fa8d6305 Add restart components to custom certs 2019-01-14 11:51:11 -08:00
Erik Wilson
e04b7d4413 Add support for Kubernetes API Authn Webhook 
Allow multiple authn strategies to be defined, including new 'webhook'
strategy. Webhook strategy configuration contains the contents of the
authentication webhook file as well as the cache timeout period.

This change allows a Kubernetes API Auth service to authenticate
user requests without proxying through the Rancher server.
 2019-01-03 17:15:23 -07:00
galal-hussein
696b61679c Final fixes and cleanup for state management 
Fix dind and local and etcd snapshots

add ExternalFlags and dialer options
 2018-11-09 11:16:17 -08:00
galal-hussein
8b8870311b refactor the build state 
remove extra cert generation for etcd in reconcile

fix reconcile and etcd add and remove cluster state with rke remove

fix add/remove issues

Fix the up command

Fix default paths for kubeconfig and rkestate
 2018-11-09 11:16:17 -08:00
galal-hussein
3551e6e4b6 Add Rotate certificates command to rke 2018-10-31 12:08:31 -07:00
moelsayed
90c426d73e Switch all concurrent tasks to use worker pool 2018-10-18 13:24:59 -07:00
galal-hussein
c2071495ac use errgroup for tunneling hosts 2018-10-18 09:26:30 -07:00
Sebastiaan van Steenis
12559a21c7 Use clusterversion to check supported Docker versions 2018-10-04 11:31:35 -07:00
moelsayed
fdba4f86e5 Fix reconcile for ros prefix 2018-06-25 17:22:32 -07:00
galal-hussein
aff01a9267 Bastion host 2018-05-10 00:16:04 +02:00
galal-hussein
825bbbdf71 Add prefix path to services and generate plan 2018-04-12 00:54:47 +02:00
Darren Shepherd
aed76eb7e3 Default the docker info 2018-03-31 04:00:50 -07:00
galal-hussein
b431a22a9c Add cloud and network provider types 2018-03-29 22:58:46 +02:00
galal-hussein
3694d16212 Add Azure cloud provider 2018-03-28 21:46:28 +02:00
galal-hussein
e8571898b4 Add support for AWS cloud provider 2018-03-23 20:14:11 +02:00
moelsayed
5ea7cdebcb typo 2018-03-23 02:02:46 +02:00
moelsayed
914ca06e2c Error out on unsuppored docker version instead of Warn 2018-03-22 20:33:11 +02:00
galal-hussein
c02873b8e9 Ignore inactive hosts 2018-02-22 02:16:51 +02:00
galal-hussein
c2c1804500 External etcd 2018-02-14 22:58:35 +02:00
galal-hussein
59182cee62 [RKE Refactor] Generate cluster and node certs 2018-02-08 20:15:36 +02:00
Alena Prokharchyk
ebb64ec3f9
Merge pull request #298 from moelsayed/refactor_cert_deploy 
Refactor certificates deployment
 2018-02-01 14:11:55 -08:00
moelsayed
8ba6413a44 Refactor certificates deployment 2018-02-01 23:57:15 +02:00
galal-hussein
f8f877ba27 Add nginx ingress controller and labels/taints sync 2018-02-01 23:28:31 +02:00
moelsayed
4159d7f156 Pass private registries list through the function calls 2018-01-31 19:50:55 +02:00
moelsayed
3a1394e739 Add SystemImages type 2018-01-30 18:33:53 +02:00
galal-hussein
0ef0a17010 Add generic generation for pki objects and etcd TLS 2018-01-25 20:38:07 +02:00
galal-hussein
c425298f69 revert back to ignore docker version 2018-01-22 21:31:08 +02:00
galal-hussein
9e29b753cb Add unschedulable kubelet on etcd nodes 2018-01-19 20:18:51 +02:00