rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-05-11 18:04:35 +00:00
Code Issues Releases Wiki Activity
1,551 Commits 44 Branches 726 Tags 669 MiB
9c711e669c
Commit Graph

57 Commits

Author SHA1 Message Date
Sebastiaan van Steenis
9c711e669c Use golangci-lint v0.40.1 2021-06-06 14:20:54 +02:00
Sebastiaan van Steenis
adc5941fd9 Add per node kubelet server certificate 2019-10-31 15:56:44 -07:00
moelsayed
372393ac1b Add Secret Encryption Provider Support 2019-10-29 14:10:32 -07:00
Dax McDonald
ad678b6a32 Remove dead code 2019-10-04 15:02:14 -07:00
galal-hussein
798632b3a4 Handle missing request header ca in rotate certificate 2019-08-29 13:42:47 -07:00
Darren Shepherd
f8bac2c059 Update to new certs package since latest k8s dropped it 2019-08-19 11:02:43 -07:00
Sebastiaan van Steenis
3f94e86706 Revert "Add per node kubelet server certificate" 
This reverts commit b860e634db.
 2019-08-08 09:49:47 -07:00
Sebastiaan van Steenis
b860e634db Add per node kubelet server certificate 2019-07-31 14:54:43 -07:00
moelsayed
fd237d9eef Fix constant kubeapi certificate regeneration 2019-07-31 14:52:46 -07:00
Erik Wilson
e2f7f865ed Force deploy certs if etcd cert was changed 2019-05-24 09:12:39 -07:00
galal-hussein
7744f18d6e Force deploy certificates if kubeapi cert got changed 2019-04-24 16:54:19 -07:00
galal-hussein
3bc6b0a18f Fix desired state in rke rotate 2019-04-03 16:39:21 -07:00
galal-hussein
32e1071041 Handle missing service account token key when fetching certs from nodes 2019-03-19 08:52:08 -07:00
galal-hussein
c1372bc797 Fetch certificates and state from nodes for legacy cluster 2019-03-18 12:59:52 -07:00
galal-hussein
9ee750ec01 Adding csr generation and custom certs 2019-01-09 11:47:53 -08:00
Erik Wilson
e04b7d4413 Add support for Kubernetes API Authn Webhook 
Allow multiple authn strategies to be defined, including new 'webhook'
strategy. Webhook strategy configuration contains the contents of the
authentication webhook file as well as the cache timeout period.

This change allows a Kubernetes API Auth service to authenticate
user requests without proxying through the Rancher server.
 2019-01-03 17:15:23 -07:00
galal-hussein
3c6c7f1b7b Run rebuild cluster certs from clusterup 2018-12-20 14:04:47 -08:00
galal-hussein
4d23fb4288 Return api and client certs to rotate certs 2018-12-18 16:35:20 -08:00
galal-hussein
f3bbd81c52 Update etcd save/restore to work with new state managemnet 2018-11-27 11:09:56 -08:00
galal-hussein
11aa0caabc Fix rotate certificates with new state 2018-11-14 05:15:57 +08:00
galal-hussein
696b61679c Final fixes and cleanup for state management 
Fix dind and local and etcd snapshots

add ExternalFlags and dialer options
 2018-11-09 11:16:17 -08:00
moelsayed
6da35256a8 handle upgrade cases 
backup state to kubernetes
 2018-11-09 11:16:17 -08:00
galal-hussein
8b8870311b refactor the build state 
remove extra cert generation for etcd in reconcile

fix reconcile and etcd add and remove cluster state with rke remove

fix add/remove issues

Fix the up command

Fix default paths for kubeconfig and rkestate
 2018-11-09 11:16:17 -08:00
moelsayed
90fd13db65 Update main code path to use new state 2018-11-09 11:16:17 -08:00
galal-hussein
3551e6e4b6 Add Rotate certificates command to rke 2018-10-31 12:08:31 -07:00
moelsayed
90c426d73e Switch all concurrent tasks to use worker pool 2018-10-18 13:24:59 -07:00
galal-hussein
00e317250d Fix requestheaqder ca certificate regeneration 2018-09-07 18:29:00 -07:00
galal-hussein
f314d1dc96 Avoid panic if cert or key of a secret is not found 2018-09-04 13:10:13 -07:00
Thorsten Schifferdecker
9766b4cbcd fix typo porxy > proxy 
Signed-off-by: Thorsten Schifferdecker <ts@systs.org>
 2018-07-22 08:36:34 -07:00
galal-hussein
8269c3f301 Add metrics-server addon deployment 2018-07-17 16:51:59 -07:00
galal-hussein
1f8113428e restore certificates to at least on etcd/control plane 2018-06-20 11:01:07 -07:00
galal-hussein
2da8682463 Add certificate bundle backup with etcd snapshot-save 2018-06-07 16:40:41 -07:00
galal-hussein
f75ab86027 Fix etcd restore issue 2018-05-14 21:13:36 -07:00
galal-hussein
a3416e6b92 Etcd Backup/restore 2018-05-09 19:39:19 +02:00
moelsayed
a2d985ef46 Handle missing backup kube-etcd gracefully 2018-04-25 11:37:31 -07:00
moelsayed
fb1fd833ce Deploy backup certificates on full plane instead of single node 2018-04-20 15:46:32 -07:00
galal-hussein
41599bf24f Set cluster certificate paths 2018-04-02 20:36:40 +02:00
David Lewis
0efc4fc845 Support additional altnames for PKI certs 2018-03-23 12:39:34 -07:00
galal-hussein
11d7aa0e16 Start cluster with only etcd nodes 2018-02-16 03:39:13 +02:00
galal-hussein
c2c1804500 External etcd 2018-02-14 22:58:35 +02:00
galal-hussein
59182cee62 [RKE Refactor] Generate cluster and node certs 2018-02-08 20:15:36 +02:00
moelsayed
ebfc5a7c10 Refactor saving secrets 2018-02-02 00:02:42 +02:00
moelsayed
4159d7f156 Pass private registries list through the function calls 2018-01-31 19:50:55 +02:00
moelsayed
3a1394e739 Add SystemImages type 2018-01-30 18:33:53 +02:00
galal-hussein
0ef0a17010 Add generic generation for pki objects and etcd TLS 2018-01-25 20:38:07 +02:00
moelsayed
4c08db1d53 recoverable provisioning 2018-01-13 05:57:28 +02:00
Darren Shepherd
d8dd29765f Add context.Context to everything and also make logging pluggable 2018-01-09 15:18:01 -07:00
Guangbo Chen
1cc26ee373 update misspelled common words 2017-12-09 19:53:38 +08:00
moelsayed
fad6134609 Generate new KubeAPI certificate for new nodes using the same key 2017-11-27 00:36:42 +02:00
galal-hussein
c383436411 Add cluster validation and regenerate kubeapi cert 2017-11-21 21:25:25 +02:00