rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-07-16 08:25:51 +00:00
Code Issues Releases Wiki Activity
2,191 Commits 41 Branches 740 Tags 732 MiB
ebde95b72a
Commit Graph

72 Commits

Author SHA1 Message Date
Jiaqi Luo
312f5ee285 Revert "Merge pull request #3531 from jiaqiluo/fix-kube-apiserver" 
This reverts commit 5e050c58a9, reversing
changes made to 1951add95d.
 2024-03-21 20:11:03 -07:00
Jiaqi Luo
6dff99618c This PR fixes the issue that kube-apiserver does not restart in all CP nodes after changing the Pod Security Admission Configuration. 
A new environment variable RKE_ADMISSION_CONFIG_CHECKSUM whose value is the checksum of the content of the admission configuration file is added to the env list that is set in the `kube-apiserver` container configuration, so any changes in the admission configuration file will result in a change in the container's configuration. RKE will detect the changes during reconciliation and therefore restart the kube-apiserver container on all CP nodes. The upgrade cadence is thresholded by the upgrade strategy in the cluster.

This PR also drops the unnecessary appending of env var to the cluster object which shows in the cluster.rkestate file.

Signed-off-by: Jiaqi Luo <6218999+jiaqiluo@users.noreply.github.com>
 2024-03-13 18:10:58 -07:00
Jiaqi Luo
b183dd71ce add comments and other minor improvements 2022-11-22 12:03:45 -07:00
Jiaqi Luo
5fcf75db40 add the support for PodSecurity on cluster at least v1.23 2022-11-22 12:03:45 -07:00
Sebastiaan van Steenis
0cea67e9ff Do not rewrite SELinux labels on volume mounts 2021-11-19 22:39:56 +01:00
Kinara Shah
594296bb10 update etcd client to use both v3 and v2 
v3 for >=1.22, v2 otherwise
 2021-11-08 09:50:17 -08:00
Sebastiaan van Steenis
9c711e669c Use golangci-lint v0.40.1 2021-06-06 14:20:54 +02:00
Sebastiaan van Steenis
422dfff0fd Check etcd cluster health after member delete 2020-09-29 13:53:45 +02:00
Luther Monson
7d6181a290 add win_ params for prefix path, env, args and binds 
Problem: When building a hybrid cluster with windows nodes there is only
a single set of overrides you can use per service. This limits
configuring the node as service args and prefix_path sometimes need to
be specific for the different OS.
Solution: Add support for `win_` prefixed parameters for cluster level
`path_prefix` and service level `extra_args`, `extra_env` and
`extra_binds`. Params will work as before, passing in the non `win_`
prefixed params, IF you set the `win_` prefixed params it willy only use
those meaning you will need to duplicate the params in both config
sections of your rke cluster yaml.
 2020-08-20 13:39:57 -07:00
Darren Shepherd
c405e6ea1b Remove references to rancher/types 2020-07-11 23:29:33 -07:00
Sebastiaan van Steenis
5c7daf4fb1 Add logging structs/file content to trace loglevel 2020-03-05 19:42:05 +01:00
kinarashah
12f88f55db error out if service options are not found 
it's unexpected to see empty service options, but node plan shouldn't be generated
in those scenarios
 2020-02-28 11:21:41 -08:00
Sebastiaan van Steenis
adc5941fd9 Add per node kubelet server certificate 2019-10-31 15:56:44 -07:00
moelsayed
372393ac1b Add Secret Encryption Provider Support 2019-10-29 14:10:32 -07:00
kinarashah
9411027476 consider service options based on hostOS info 2019-09-09 11:12:33 -07:00
orangedeng
0ef3c0849a Support node taint configuration 
**Problem:**
We can not set node taints in RKE node config.

**Solution:**
Sync taints from config in `SyncLabelsAndTaints` function
 2019-08-22 21:09:05 -07:00
galal-hussein
9c5de9f577 Handle etcd changing its public IP address 2019-08-21 11:47:42 -07:00
Darren Shepherd
f8bac2c059 Update to new certs package since latest k8s dropped it 2019-08-19 11:02:43 -07:00
Denise
0c405cdc88 Revert "Handle changing public ip for etcd member delete" 
This reverts commit b5d7f5dcd4.
 2019-08-12 11:51:20 -07:00
Rodrigue Cloutier
aff29683b2 Fixed issue 1404: Support of configuration with no node with etcd role 2019-08-09 11:14:10 -07:00
galal-hussein
b5d7f5dcd4 Handle changing public ip for etcd member delete 2019-08-09 11:07:30 -07:00
Sebastiaan van Steenis
3f94e86706 Revert "Add per node kubelet server certificate" 
This reverts commit b860e634db.
 2019-08-08 09:49:47 -07:00
Sebastiaan van Steenis
b860e634db Add per node kubelet server certificate 2019-07-31 14:54:43 -07:00
moelsayed
7b5797ce18 reconcile node roles 2019-07-11 14:27:55 -07:00
moelsayed
058f196e72 Fix worker/controlplane reconcile logic 2019-07-11 14:27:55 -07:00
Sebastiaan van Steenis
63b6ece7b9 Check if certificates are present in state 
Problem: If certificates are empty in cluster state (or missing rkestate file), RKE and Rancher would throw NPE.

Solution: Check if certificates are present or error out (for now this situation needs manual intervention)
 2019-07-11 14:27:41 -07:00
kinarashah
116b47b025 rancher pass serviceoptions and addon templates to rke 2019-07-03 10:04:27 -07:00
galal-hussein
7744f18d6e Force deploy certificates if kubeapi cert got changed 2019-04-24 16:54:19 -07:00
moelsayed
e3d6fb4db9 Restore backup to a new etcd plane 2019-03-06 09:22:52 -08:00
galal-hussein
30661bc429 Add retries in reconcile when delete hosts 2019-02-15 14:13:46 -08:00
galal-hussein
82fa8d6305 Add restart components to custom certs 2019-01-14 11:51:11 -08:00
galal-hussein
696b61679c Final fixes and cleanup for state management 
Fix dind and local and etcd snapshots

add ExternalFlags and dialer options
 2018-11-09 11:16:17 -08:00
galal-hussein
8b8870311b refactor the build state 
remove extra cert generation for etcd in reconcile

fix reconcile and etcd add and remove cluster state with rke remove

fix add/remove issues

Fix the up command

Fix default paths for kubeconfig and rkestate
 2018-11-09 11:16:17 -08:00
galal-hussein
3551e6e4b6 Add Rotate certificates command to rke 2018-10-31 12:08:31 -07:00
galal-hussein
cf76401978 Change the etcd member add steps 2018-10-18 09:25:59 -07:00
moelsayed
496d1a46a5 Allow replacing a single contorl node 2018-10-04 13:14:28 -07:00
Sebastiaan van Steenis
12559a21c7 Use clusterversion to check supported Docker versions 2018-10-04 11:31:35 -07:00
galal-hussein
ce62c898bb Handle deleting all controlplane nodes when nodes are unreachable 2018-09-26 17:03:53 -07:00
galal-hussein
2bd4577b19 Add default heartbeat and election timeout to etcd 
Reload the etcd cluster in the right order
 2018-09-25 18:24:52 -07:00
moelsayed
39b5ac1345 Fix resoncile missing taints 2018-08-03 11:38:02 -07:00
moelsayed
fdba4f86e5 Fix reconcile for ros prefix 2018-06-25 17:22:32 -07:00
galal-hussein
fc48d82392 Change controlplane taint to NoSchedule 2018-06-21 21:08:36 -07:00
galal-hussein
3c906a9ed2 Make control node only unschedulable 2018-05-31 15:43:30 -07:00
galal-hussein
dd403b2769 Add more log info when deleting k8s nodes 2018-05-05 00:07:30 +02:00
galal-hussein
b3f457426c Fix multiple etcd add at runtime 2018-04-14 22:59:33 -07:00
galal-hussein
825bbbdf71 Add prefix path to services and generate plan 2018-04-12 00:54:47 +02:00
galal-hussein
7c0f3f6e57 Add get node for delete and cordon 2018-04-03 00:34:15 +02:00
Darren Shepherd
b841604933 Revert "Make etcd provisioning a public API" 
This reverts commit d2c58fb8e6.
 2018-04-02 04:03:43 -07:00
Darren Shepherd
d2c58fb8e6 Make etcd provisioning a public API 2018-03-31 04:00:50 -07:00
moelsayed
ef7b997e2a Log RKE components to a specific location 2018-03-21 22:29:09 +02:00