mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-05 05:15:25 +02:00
master
56 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Martin Jansa
|
3971471c05 |
metadata: relocation.inc: add whitespace around assignments
With: https://lists.openembedded.org/g/bitbake-devel/message/17508 there are many WARNINGs from this layer Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
b88da59f0b |
metadata: src_uri.inc: add whitespace around assignments
With: https://lists.openembedded.org/g/bitbake-devel/message/17508 there are many WARNINGs from this layer Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
49127b1156 |
k3s: fixup SRCREV and modules.txt
The revert of the pending upgrade (that was waiting for a newer go) did not build as the upgrade was incomplete. Bumping the SCREV and modules.txt to complete the process. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
dfb45fb90a |
Reapply "k3s: WIP: [needs newer go]: not for merge: upgrade"
This reverts commit
|
||
|
Bruce Ashfield
|
fd1d4c65e4 |
Revert "k3s: WIP: [needs newer go]: not for merge: upgrade"
This reverts commit b2a271ea4d9c0703812bee1f00dd2735e4ae8afc. |
||
|
Bruce Ashfield
|
a8d5387479 |
k3s: WIP: [needs newer go]: not for merge: upgrade
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
2ef1ee0412 |
k3s: update to v1.31.1+k3s1
Bumping k3s to version v1.31.1+k3s1, which comprises the following commits:
452dbbc14c update kubernetes to v1.31.1-k3s3 (#10910)
9ae2c39004 Update Kubernetes to v1.31.1 (#10895)
d926e69073 Fix hosts.toml header var
2caa785e17 Only clean up containerd hosts dirs managed by k3s
4c8ef7f477 Fix rotateca validation failures when not touching default self-signed CAs
0c8d3c0d58 Bump helm-controller for skip-verify/plain-http and updated tolerations
db3cf9370e Bump containerd to v1.7.21, runc to v1.1.14
28a1fd0302 Update coredns to 1.11.3 and metrics-server to 0.7.2
944b3b2830 Bump traefik to v2.11.8
703e7697b0 Tag PR image build as latest before scanning
88d5576be6 Fix /trivy action running against target branch instead of PR branch
9c537cb705 Bump aquasecurity/trivy-action from 0.20.0 to 0.24.0 (#10795)
be60661f18 Add trivy scanning trigger for PRs (#10758)
e0c4e60171 Update CNI plugins version
3923e0c699 Cover edge case when on new minor release for E2E upgrade test (#10781)
8bfcfd70cc Fix deploy latest commit on E2E tests (#10725)
e8de533e90 Remove secrets encryption controller (#10612)
34be6d96d1 Update kubernetes to v1.31.0-k3s3 (#10780)
c7468edbe7 Bump go dependencies to match upstream 1.31
ebbb109840 Update VERSION_K8S to handle any k3s revision
f5c6472b16 Bump Kine to v0.12.0
d358a89171 Fix secrets-encrypt metrics
178aadbe20 Add k3s-io/kubernetes tags
5087240e32 Downgrade Microsoft/hcsshim to v0.8.26
8cbcbcd044 go generate
20b50426ab Update to v1.31.0
876d54cf49 chore: Bump Trivy version (#10670)
518276fb77 adding MariaDB to README.md (#10717)
649678bd89 Fix k3s-killall.sh support for custom data dir
38df76708d Fix caching name for e2e vagrant box (#10695)
ae0d79c7ea Update to v1.30.3-k3s1 and Go 1.22.5 (#10536)
019b0afdd8 Fix: Add $SUDO prefix to transactional-update commands in install script (#10531)
22fb7049bd Add tolerations support for DaemonSet pods
daf0094cc7 Bump helm-controller to v0.16.3 to drop Helm v2 support
ac247d29cf Update to newer OS images for install testing (#10681)
0ee714d62b Bump containerd to v1.7.20 (#10659)
acb71ee379 Allow Amazon Linux 2 rpm installs
79ec016b6d Allow kylin V10 rpm installs
8ff7d162cc Allow fedora iot rpm installs
45c04f3502 Allow Amazon Linux 2023 rpm installs
3aceb85c22 Add a change for killall to not unmount server and agent directory
82ba778a86 bump docker/docker to v25.0.6
38e8b01b8f update stable channel to v1.30.3+k3s1 (#10647)
bffdf463e1 Fix cloudprovider controller name
e168438d44 Wire lasso metrics up to common gatherer
e2179aa957 Update pkg/cluster/managed.go
3ec086f6f7 Update pkg/secretsencrypt/config.go
e4f3cc7b54 remove deprecated use of wait functions
e514940020 Fix inconsistent loading of config dropins when config file does not exist
9111b1f77e Add K3S_DATA_DIR as env var for --data-dir flag
a26a5ab1d7 Don't set K3S_DATA_DIR env var
59e0761043 Use higher QPS for secrets reencryption (#10571)
a70157c12e Allow Pprof and Superisor metrics in standalone mode (#10576)
ecff337e00 Enhance E2E Hardened option (#10558)
d4c3422a85 Fix ipv6 sysctl required by non-ipv6 LoadBalancer service
21611c5665 Cap length of generated name used for servicelb daemonset
891e72f90f Update secretsencrypt pagination
c2216a62ad Use pagination when retrieving etcd snapshot list
37830fe170 Don't use server and token values from config file for etcd-snapshot commands
cb6bf74bc4 Add dial duration to debug error message
118acabec2 Fix IPv6 primary node-ip handling
9841517457 Fix agents removing configured supervisor address
9d0c2e0000 Fix reentrant rlock in loadbalancer.dialContext
b999a5b23d Bump kine to v0.11.11
58ab25927f For E2E upgrade test, automatically determine the channel to use (#10461)
c36db53e54 Add etcd s3 config secret implementation
5508589fae chore: Bump Trivy version
eb8bd15889 Ensure remotedialer kubelet connections use kubelet bind address
a0b374508e Bump Local Path Provisioner version (#10394)
0b417385a4 chore: Bump golang:alpine version
f6942f3de4 Bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.7
b045465178 Add data-dir to uninstall and killall scripts
d1709d60ce Fix INSTALL_K3S_PR support
047664b610 Bump k3s-root to v0.14.0
4204248bc3 Check for bad token permissions when install via PR (#10387)
8f9ad1f992 Move test-compat to GHA (#10414)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
4fbc98c93c |
k3s: update to v1.30.2+k3s2
Bumping k3s to version v1.30.2+k3s2-2-g16321f2554, which comprises the following commits:
faeaf1b01b Update flannel to v0.25.4 and fixed issue with IPv6 mask
a08ac6fcdc update stable channel to v1.29.6+k3s1 (#10417)
aa4794b372 Replace 1-weight semaphore on snapshots with simple mutex
b4d4ed8f01 Fix agent supervisor port using apiserver port instead
9af17d2997 Update Kubernetes to v1.30.2 (#10349)
f10cb29534 fix typo, use rancher/permissions
c0450a2cb4 Fix race condition panic in loadbalancer.nextServer
cff6f7aa1d Expand GHA go caching to includ newest release branch (#10307)
d9b8ba8d71 Add snapshot retention etcd-s3-folder fix
043b1eac5d Add test for `isValidResolvConf` (#10302)
df5db28a68 Add ADR for support for etcd s3 config secret (#9364)
1661f1024a Fix bug that caused agents to bypass local loadbalancer
79ba10f5ec fix: Use actual warningPeriod in certmonitor
1268779ea0 Bump Local Path Provisioner version (#10268)
f9130d537d Fix embedded mirror blocked by SAR RBAC and re-enable test
7a0ea3c953 Add write-kubeconfig-group flag to server (#9233)
307f07bd61 Fix issue caused by sole server marked as failed under load
ed23a2bb48 Fix netpol crash when node remains tained unintialized
f2e7c01acf chore: Bump Trivy version
4cb4542c3a Bump ubuntu from 22.04 to 24.04 in /tests/e2e/scripts
84b578ec74 Use busybox tar to avoid issues with fchmodat2 on arm
86875c97bb Bump alpine from 3.18 to 3.20 in /package
de4cda57e6 Bump alpine from 3.18 to 3.20 in /conformance
2eca3f1e2c Update golangci-lint to stop using deprecated skip files/dirs
f8e0648304 Convert remaining http handlers over to use util.SendError
ff679fb3ab Refactor supervisor listener startup and add metrics
3d14092f76 Fix issue with k3s-etcd informers not starting
eb192197eb Updating the script binary_size_check to complete the command name by adding .exe extension to the k3s binary name to make it available to run stat command
6683fcdb65 Bump klipper-helm image for tls secret support
c2738231ec update channel server for may 2024 (#10137)
3f62ec3207 Add extra log in e2e tests
99f543a2d4 fix: use absolute path
86b2554772 test: copy vpn-auth-file to guest
b8f101fd89 test: increment agentCount
ab29054887 test: use absolute path to auth file
a8f88aa9e5 test: add agent with auth file
6dcd52eb8e Use TrafficManager interface when calling flannel
af7bcc3900 Bump flannel version to v0.25.2
aadec85501 Fix go.mod
6fcaad553d allow helm controller set owner reference
6886c0977f Follow directory symlinks in auto deploying manifests (#9288)
3e48386c6e git_workflow filename correction
c1cb5d63b9 add missing kernel config check
f24ba9d3a9 Validate resolv.conf for presence of nameserver entries
2669d67a9b Bump kine to v0.11.9 to fix pagination
afdcc83afe bump minio-go to v7.0.70
423675b955 Create ADR for branching strategy (#10147)
aa36341f66 Update kube-router version to v2.1.2
5a0162d8ee Drop check for legacy traefik v1 chart
37f97b33c9 Add support for svclb pod PriorityClassName
b453630478 Update local-path-provisioner helper script
095ecdb034 Fix issue with local traffic policy for single-stack services on dual-stack nodes.
e8950a0a3b Fix issue installing artifacts from builds with multiple runs
5cf4d75749 Bump spegel version
bf8b15e7ae bump etcd to v3.5.13
aaa578785c Bump containerd to v1.7.17
30999f9a07 Switch stargz over to cri registry config_path
7374010c0c Use fixed stream server bind address for cri-dockerd
5f6b813cc8 Add WithSkipMissing to not fail import on missing blobs
811de8b819 Fix bug when using tailscale config by file
80978b5b9a Update to v1.30.1 (#10105)
1d22b6971f windows changes
1cd7986b50 Update channels with 1.30 (#10097)
dba30ab21c Replace deprecated ruby function
14549535f1 Fix e2e tests (#10061)
6531fb79b0 Deprecate pod-infra-container-image kubelet flag (#7409)
144f5ad333 Kubernetes V1.30.0-k3s1 (#10063)
fe7d114c6a Bump E2E opensuse leap to 15.6, fix btrfs test (#10057)
0981f0069d Add E2E Split Server to Drone, support parrallel testing in Drone (#9940)
5c94ce2cf8 update stable channel to v1.29.4+k3s1 (#10031)
94e29e2ef5 Make /db/info available anonymously from localhost
d3b60543e7 Fix 10 second etcd-snapshot request timeout
5b431ca531 Fix on-demand snapshots not honoring folder
d973fadbed Update to v1.29.4 (#9960)
06b6444904 Add startup testlet on preloaded images (#9941)
4e26ee1f84 Match setup-go caching key in GitHub Actions (#9890)
81cd630f87 Update kube-router to v2.1.0
c59820a52a Allow LPP to read helper logs (#9834)
3f906bee79 Update packaged manifests
b10cd8fe28 Bump latest to v1.29.3+k3s1
4cc73b1fee Actually fix agent certificate rotation
08f1022663 Don't log 'apiserver disabled' error sent by etcd-only nodes
7d9abc9f07 Improve etcd load-balancer startup behavior
fe465cc832 Move etcd snapshot management CLI to request/response
0792461885 Bump containerd and cri-dockerd
a064ae2f17 Add quotes to avoid useless updatecli updates
60248c42de Add supervisor cert/key to rotate list
9846a72e92 Bump spegel to v0.0.20-k3s1 (#9863)
0e118fe6d3 fix: agent volume in example docker compose (#9838)
f2961fb5d2 Add workaround for containerd hosts.toml bug
49414a8def chore: Bump Trivy version (#9840)
52712859c5 Add updatecli policy to update k3s-root
7f659759dd Add certificate expiry check and warnings
6624273a97 Fix embeddedmirror test
93bcaccad1 E2E setup: Only install jq when we need it
c98ca14198 Add wasm test to e2e matrix
6a42c6fcfe Remove old pinned dependencies (#9806)
14f54d0b26 Transition from deprecated pointer library to ptr (#9801)
5d69d6e782 Add tls for kine
c51d7bfbd1 Add health-check support to loadbalancer
edb0440017 Fix etcd snapshot reconcile for agentless nodes
7474a6fa43 Add /etc/passwd and /etc/group to k3s docker image
6c52235848 update channel server (#9808)
c47c85e5da Move to ubuntu 23.10 for E2E tests (#9755)
b5d0d4ee21 Bump Trivy version (#9780)
41377540fd Use ubuntu latest for better golang caching keys (#9711)
5461c3e1c1 Bump k3s-root
3f649e3bcb Add a new error when kine is with disable apiserver or disable etcd
f099bfa508 Fix error when image has already been pulled
65cd606832 Respect cloud-provider fields set by kubelet
d7cdbb7d4d Send error response if member list cannot be retrieved
7a2a2d075c Move error response generation code into util
8aecc26b0f Update to v1.29.3-k3s1 and Go 1.21.8 (#9747)
bba3e3c66b Fix wildcard entry upstream fallback
364dfd8b89 Fix flaky check in btrfs test
21c170512c Fix e2e vagrant cacheing
aea81c0822 Run docker tests in E2E GH Action
ec5d34dac0 remove repetitive words (#9671)
fe2ca9ecf1 Warn and suppress duplicate registry mirror endpoints
9bd4c8a9fc Bump upload and download actions to v4 (#9666)
2a091a693a Bump metrics-server to v0.7.0
1c8be1d011 Improve E2E Aftersuite cleanup
af4c51bfc3 Move to ubuntu 2204 for all E2E tests
da7312d082 Convert snapshotter test in e2e test
d022a506d5 Migrate E2E tests to GitHub Actions
75ccaf9942 Allow non-sudo vagrant
6f331ea7b5 Include flannel version in flannel cni plugin version
d37d7a40da Bump Trivy version (#9528)
88c431aea5 Adjust first node-ip based on configured clusterCIDR
1fe0371e95 Improve tailscale e2e test
82cfacb2f3 Update contrib/util/check-config.sh
ce0765c9f8 Rename `RAW_OUTPUT` -> `NO_COLOR`
ff7cfa2235 Disable color outputs using RAW_OUTPUT env var
59c724f7a6 Fix wildcard with embbeded registry test
f82d438f39 e2e tests: cover WebAssembly integration
64e4f0e6e7 fix: use correct wasm shims names
2c4773a5aa chore(deps): Remediating CVEs found by trivy; CVE-2023-45142 on otelrestful and CVE-2023-48795 on golang.org/x/crypto (#9513)
091a5c8965 Don't register embedded registry address as an upstream registry
b5a4846e9d Remove filtering of wildcard mirror entry
84a071a81e Add env var to allow spegel mirroring of `latest` tag
26feb25c40 Bump spegel to v0.0.18-k3s4
88d30f940d Use and version flannel/cni-plugin properly
0b3593205a Move snapshot-retention to EtcdSnapshotFlags in order to support loading from config
3576ed4327 Clean up snapshotDir create/exists logic
b164d7a270 Fix additional corner cases in registries handling
29c73e6965 Fix setup-go typos (#9634)
935ad1dbac Move docker tests into tests folder (#9555)
138a107f4c Reenable Install and Snapshotter Testing (#9601)
81a60de256 update stable channel to v1.28.7+k3s1 (#9615)
109e3e454c Bump helm-controller/klipper-helm versions
82432a2df7 Fix issue with etcd node name missing hostname
513c3416e7 Tweak netpol node wait logs
be569f65a9 Fix NodeHosts on dual-stack clusters
8c83b5e0f3 Rootless mode also bind service nodePort to host for LoadBalancer type
3e948aa0d5 Correct formatting of GH PR sha256sum artifact (#9472)
8f777d04f8 Better GitHub CI caching strategy for golang (#9495)
736fb2bc8d Add an integration test for flannel-backend=none
3b4f13f28d Update klipper-lb image version
fa37d03395 Update install test OS matrix (#9480)
922c5a6bed Unit Testing Matrix and Actions bump (#9479)
57e11c72d1 Testing ADR (#9562)
86f102134e Fix netpol startup when flannel is disabled
fae0d99863 Use 3/2/1 cluster for split role test
f90fd7b744 Change default number of etcd nodes in E2E splitserver test
fae41a8b2a Rename AgentReady to ContainerRuntimeReady for better clarity
91cc2feed2 Restore original order of agent startup functions
1c1746114c remove e2e logs drone step (#9517)
085ccbb0ac Fix drone publish for arm (#9503)
3e13e3619c Update Kubernetes to v1.29.2 (#9493)
de825845b2 Bump kine and set NotifyInterval to what the apiserver expects
0ac4c6a056 Expose rootless containerd socket directories for external access
14c6c63b30 Expose rootless state dir under ~/.rancher/k3s/rootless
e3b237fc35 Don't verify the node password if the local host is not running an agent
701e7e45ce Fix iptables check when sbin isn't in user PATH
fa11850563 Readd `k3s secrets-encrypt rotate-keys` with correct support for KMSv2 GA (#9340)
cfc3a124ee [Testing]: Test_UnitApplyContainerdQoSClassConfigFileIfPresent (Created) (#8945)
cc04edf05f Update Kube-router to v2.0.1
a36cc736bc allow executors to define containerd and docker behavior
b1323935dc Add codcov secret for integration tests on Push (#9422)
753c00f30c Consistently handle component exit on shutdown
9e076db724 Bump cri-dockerd
e9cec46a23 Runtimes refactor using exec.LookPath
f9ee66f4d8 Changed how lastHeartBeatTime works in the etcd condition
358c4d6aa9 build: Align drone base images (#8959)
950473e35f Bump flannel version
8224a3a7f6 Fix ipv6 endpoint address selection for on-demand snapshots
888f866dae Fix issue with coredns node hosts controller
77ba9904d1 Bump CNI plugins to v1.4.0
6ec1926f88 Add check for etcd-snapshot-dir and fix panic in Walk
82e3c32c9f Retry startup snapshot reconcile
4005600d4e Fix excessive retry on snapshot reconcile
6a57db553f update channel (#9388)
5c92345423 Bump codecov/codecov-action from 3 to 4 (#9353)
a324146b76 Bump Trivy version (#9237)
fcd1108e73 Add ability to install K3s PR Artifact from GitHub (#9185)
f249fcc2f1 Bump Local Path Provisioner version (#8953)
57482a1c1b Bump helm-controller to fix issue with ChartContent
c635818956 Bump runc and helm-controller versions
97a22632b9 gofmt config_test.go
29848dea3d Fix issues with certs.d template generation
2d98c44fb3 Delete old stalebot
cef7e9e2dc New stale action
d8907ce62c Update to v1.29.1 (#9259)
9a70021a9e Error getting node in setEtcdStatusCondition
c87e6e5f7e Move proxy dialer out of init() and fix crash
5303aa60e9 Fix nonexistent dependency repositories (#9213)
76fa022045 Enable network policy controller metrics
c5a299d0ed Bump quic-go for CVE-2023-49295
6072476432 Add e2e test for embedded registry mirror
37e9b87f62 Add embedded registry implementation
ef90da5c6e Add server CLI flag and config fields for embedded registry
b8f3967ad1 Add ADR for embedded registry
77846d63c1 Propagate errors up from config.Get
16d29398ad Move registries.yaml load into agent config
5c99bdd9bd Pin images instead of locking layers with lease
df5e983fc8 add e2e startup test for rootless k3s (#8383)
64dbbba996 update s3 e2e test (#9025)
4a92ced8ee Handle etcd status condition when cluster reset and disable etcd
8d2c40cdac Use `ipFamilyPolicy: RequireDualStack` for dual-stack kube-dns (#8984)
ac8fe8de2b fix: update trivy from 0.46.1 to 0.48.1 (#8812)
6330e26bb3 Wait for taint to be gone in the node before starting the netpol controller
102ff76328 Print error when downloading file error inside install script (#6874)
eae221f9e5 Fix OS PRETTY_NAME on tagged releases
b297996b92 Add runtime checking of golang version
5fe074b540 Add more paths to crun runtime detection (#9086)
c45524e662 Add support for containerd cri registry config_path
319dca3e82 Fix nil map in full snapshot configmap reconcile
db7091b3f6 Handle logging flags when parsing kube-proxy args
1e663622d2 Fix the OTHER log message that prints the wrong variable
08ccea5cb6 Fix install script checksum
9d21b8a135 add system-agent-installer-k3s step to ga release (#9153)
a7fe1aaaa5 Dockerfile.dapper: set $HOME properly
30449e0128 Add 2>dev/null when checking nm-cloud systemd unit
0ad5d65a1e Added support for env *_PROXY variables for agent loadbalancer (#9118)
a27d660a24 Add ServiceLB support for PodHostIPs FeatureGate
baaab250a7 Silence SELinux warning on INSTALL_K3S_SKIP_SELINUX_RPM (#8703)
aca1c2fd11 Add a retry around updating a secrets-encrypt node annotations (#9039)
bbd68f3a50 Rebase & Squash (#9070)
c7a8eef977 update stable channel to v1.28.5+k3s1 and add v1.29 channel (#9110)
d87851d46e chore: Update Code of Conduct to Redirect to CNCF CoC (#9104)
9d9fbf4ff4 Bump actions/setup-go from 4 to 5 (#9036)
798eecf112 chore: Update sonobuoy image versions (#8910)
3190a5faa2 Remove rotate-keys subcommand (#9079)
9411196406 Update flannel to v0.24.0 and remove multiclustercidr flag (#9075)
7101af36bb Update Kubernetes to v1.29.0+k3s1 (#9052)
bf3f29f9e8 Only publish to code_cov on merged E2E builds (#9051)
231cb6ed20 Remove GA feature-gates (#8970)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
3dc0db19e1 |
k3s: convert remaining WORKDIR references to UNPACKDIR
While the WORKDIR references seem to work, they may not continue to work. We switch to using UNPACKDIR which is where the SRC_URI referenced elements / files will be placed by the fetcher. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
34b281d1a9 |
k3s: adapt SRC_URI to include destsuffix=${GO_SRCURI_DESTSUFFIX}
As of commit cc4ec43a2b657fb4c58429ab14f1edc2473c1327 [go: Drop fork of unpack code, mandate GO_SRCURI_DESTSUFFIX] we require this variable in our go recipes. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cabcaf1007 |
k3s: package check-config.sh
In a similar way we package check-config.sh for docker, we package
the contrib script for k3s.
root@qemux86-64:/# ./usr/share/k3s/check-config.sh [48/4924]
Verifying binaries in ./usr/share/k3s:
- sha256sum: sha256sums unavailable
- links: link list unavailable
System:
- /usr/sbin iptables v1.8.10 (legacy): ok
- swap: disabled
- routes: ok
Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000
info: reading kernel config from /proc/config.gz ...
Generally Necessary:
- cgroup hierarchy: cgroups V2 mounted, cpu|cpuset|memory controllers status: good
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_PIDS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled
- CONFIG_BRIDGE: enabled
- CONFIG_BRIDGE_NETFILTER: enabled
- CONFIG_IP_NF_FILTER: enabled (as module)
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_MULTIPORT: enabled (as module)
- CONFIG_IP_NF_NAT: enabled (as module)
- CONFIG_NF_NAT: enabled (as module)
- CONFIG_POSIX_MQUEUE: enabled
Optional Features:
- CONFIG_USER_NS: enabled
- CONFIG_SECCOMP: enabled
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: enabled
- CONFIG_CGROUP_HUGETLB: enabled
- CONFIG_NET_CLS_CGROUP: enabled
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_RT_GROUP_SCHED: enabled
- CONFIG_IP_NF_TARGET_REDIRECT: enabled (as module)
- CONFIG_IP_SET: enabled (as module)
- CONFIG_IP_VS: enabled
- CONFIG_IP_VS_NFCT: enabled
- CONFIG_IP_VS_PROTO_TCP: enabled
- CONFIG_IP_VS_PROTO_UDP: enabled
- CONFIG_IP_VS_RR: enabled (as module)
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
- "overlay":
- CONFIG_VXLAN: enabled (as module)
Optional (for encrypted networks):
- CONFIG_CRYPTO: enabled
- CONFIG_CRYPTO_AEAD: enabled
- CONFIG_CRYPTO_GCM: enabled
- CONFIG_CRYPTO_SEQIV: enabled
- CONFIG_CRYPTO_GHASH: enabled
- CONFIG_XFRM: enabled
- CONFIG_XFRM_USER: enabled (as module)
- CONFIG_XFRM_ALGO: enabled
- CONFIG_INET_ESP: enabled (as module)
- CONFIG_INET_XFRM_MODE_TRANSPORT: missing
- Storage Drivers:
- "overlay":
- CONFIG_OVERLAY_FS: enabled
STATUS: pass
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
54f80102b0 |
k3s: set version.UpstreamGolang in binaries
k3s will refuse to start if the golang version it was built with doesn't match the VERSION_GOLANG linker variable. As an example: https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/61668 We query our version of the compiler and set it in the binaries to ensure they match. Note: this may cause issues if you bump the golang compiler, but k3s doesn't rebuild. We'll worry about that when it happens. With this change, k3s starts and the node becomes ready. root@qemux86-64:~# uname -a Linux qemux86-64 6.6.20-yocto-standard #1 SMP PREEMPT_DYNAMIC Sun Mar 3 16:28:22 UTC 2024 x86_64 GNU/Linux root@qemux86-64:~# kubectl get nodes NAME STATUS ROLES AGE VERSION qemux86-64 Ready control-plane,master 10m v1.28.7-k3s1 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
5dfa9cf125 |
k3s: update to v1.28.7
Generated with:
./scripts/oe-go-mod-autogen.py --repo https://github.com/rancher/k3s.git --rev v1.28.7+k3s1
plus one manual modification to relocation.inc:
- sigs.k8s.io/kustomize/kustomize/v5:sigs.k8s.io/kustomize/kustomize/v5:force
+ sigs.k8s.io/kustomize/kustomize/v5:sigs.k8s.io/kustomize/kustomize/v5/kustomize:force
Bumping k3s to version v1.28.7+k3s1, which comprises the following commits:
051b14b248 Fix netpol startup when flannel is disabled
4c1b91e3f9 Use 3/2/1 cluster for split role test
16ad3bc39c Change default number of etcd nodes in E2E splitserver test
9c0e5a5ff8 Rename AgentReady to ContainerRuntimeReady for better clarity
80baec697f Restore original order of agent startup functions
f19db855bf remove e2e logs drone step (#9516)
25e12bc10c [Release-1.28] Fix drone publish for arm (#9508)
9f78e474d7 Update Kubernetes to v1.28.7 (#9492)
1ca64a81be [Release-1.28] Support PR testing installs (#9469)
45860105bb [Release-1.28] Test_UnitApplyContainerdQoSClassConfigFileIfPresent (#9440)
78543f4850 [Release-1.28] Enable longer http timeout requests (#9444)
3d0674ad1c Bump kine and set NotifyInterval to what the apiserver expects
a3770d21e2 Expose rootless containerd socket directories for external access
0259b8e535 Expose rootless state dir under ~/.rancher/k3s/rootless
865b454a05 Don't verify the node password if the local host is not running an agent
493ebb9517 Fix ipv6 endpoint address selection for on-demand snapshots
cd7c557754 Fix issue with coredns node hosts controller
3d46c7da70 Bump CNI plugins to v1.4.0
b620348998 Add check for etcd-snapshot-dir and fix panic in Walk
6b2c1ecb0f Retry startup snapshot reconcile
c2c9a265bf Fix excessive retry on snapshot reconcile
dda9780f23 Update Kube-router to v2.0.1
a922a0e340 allow executors to define containerd and docker behavior
034ee89344 Update flannel to v0.24.0 and remove multiclustercidr flag (#9075)
6ff57ab749 Bump flannel version
25c7208b7e Changed how lastHeartBeatTime works in the etcd condition
f3b4effb32 Runtimes refactor using exec.LookPath
5eb278b838 [Release-1.28] Auto Dependancy Bump (#9419)
190864259e Consistently handle component exit on shutdown
5857584463 Bump cri-dockerd
35ef1cec92 Bump Local Path Provisioner version (#8953) (#9426)
c9f49a3b06 Bump helm-controller to fix issue with ChartContent
2f9788ab55 Bump runc and helm-controller versions
14fdacb85b gofmt config_test.go
aebdccfae5 Fix issues with certs.d template generation
39a0001575 Use `ipFamilyPolicy: RequireDualStack` for dual-stack kube-dns (#8984)
c236c9ff77 Update to v1.28.6 (#9260)
6224ea62af Error getting node in setEtcdStatusCondition
470bcd1bff Move proxy dialer out of init() and fix crash
04ce0ac0a9 Rebase & Squash (#9070)
4724315b8c Pin opa version for missing dependency chain (#9216)
2858f89a5b Bump quic-go for CVE-2023-49295
b04e18c4a0 Enable network policy controller metrics
bda4b73493 Add e2e test for embedded registry mirror
f3c6250b28 Add embedded registry implementation
ef4e7ae143 Add server CLI flag and config fields for embedded registry
ece564ec93 Add ADR for embedded registry
ea66fe65b4 Propagate errors up from config.Get
a62ee4fd0d Move registries.yaml load into agent config
ace1714e0c Pin images instead of locking layers with lease
3b863906e0 Fix OS PRETTY_NAME on tagged releases
ee85990a83 Add runtime checking of golang version
3be858a878 Add more paths to crun runtime detection (#9086)
fa798ba272 Add support for containerd cri registry config_path
f95ab7aaf9 Fix nil map in full snapshot configmap reconcile
fe19faaf9a Handle logging flags when parsing kube-proxy args
fc3136f54f Fix the OTHER log message that prints the wrong variable
9d5950741e Dockerfile.dapper: set $HOME properly
3248fd05c7 Add ServiceLB support for PodHostIPs FeatureGate
a503d13591 Remove GA feature-gates (#8970)
53c6e05ef5 Handle etcd status condition when cluster reset and disable etcd
3d08cfd0fe Wait for taint to be gone in the node before starting the netpol controller
90367d80b0 Add a retry around updating a secrets-encrypt node annotations (#9125)
5b2d1271a6 Only publish to code_cov on merged E2E builds (#9083)
19b361f30b Update to v1.28.5-k3s1 (#9081)
71a3c35fb7 Bump containerd to v1.7.11
08509a2a90 Allow setting default-runtime on servers
b9c288f702 Bump containerd/runc to v1.7.10-k3s1/v1.1.10
03532f7c0b Added runtime classes for crun/wasm/nvidia
9c6ba42ca0 Nov 2023 stable channel update (#9022)
79438cecaa Modify CONTRIBUTING.md guide
d34550fb2f Fix overlapping address range
6ba6c1b65f remove s390x from manifest (#8998)
022cf6d51f remove s390x steps temporarily since runners are disabled
3f23723035 Update to v1.28.4 (#8920)
6d3a92a658 Print key instead of file path in snapshot metadata log message
b23e70d519 Don't apply s3 retention if S3 client failed to initialize
a92c4a0f17 Don't request metadata when listing objects
96ebb96317 Fix flakey dynamic-cert.json in cert rotation e2e test
611ac0894c Revert e2e pipeline depends_on change
3a6284e2b9 Bump dynamiclistener to fix secret sync race
1e0a7044cf Reorder snapshot configmap reconcile to reduce log spew during initial startup
e53c189587 Handle nil pointer when runtime core is not ready in etcd
6c544a4679 Add jitter to client config retry
fa4c180637 Update install.sh sha256sum (#8885)
da0593bcf9 More improves for K3s patch release docs (#8800)
abc2efdd57 Disable helm CRD installation for disable-helm-controller (#8702)
07ee854914 Tweaked order of ingress IPs in ServiceLB (#8711)
7ecd5874d2 Skip initial datastore reconcile during cluster-reset
2088218c5f Fix issue with snapshot metadata configmap
fd8db56d5a Fix wrong warning from restorecon in install script (#8871)
78ea593780 General updates to README (#8786)
19fd7e38f6 enh: Force umount for NFS mount (like with longhorn)
b47cbbfd42 add agent flag disable-apiserver-lb (#8717)
30c8ad926d QoS-class resource configuration
32a1efa408 Bump kine to fix multiple issues
a26441613b add: timezone info in image
0011eb5ead optimize: Simplify and clean up Dockerfile (#8244)
8f7a8b23b7 Improve dualStack log
f5920d7864 Add warning for multiclustercidr flag (#8758)
ba5fcf13fc Wasm shims and runtimes detection
875a9d19c6 Added ADR for etcd status
c5cd7b3d65 Added etcd status condition
022c49242d update channels latest to v1.27.7+k3s2 (#8799)
bbafb86e91 Don't use iptables-save/iptables-restore if it will corrupt rules
9e13aad4a8 Update traefik to fix registry value (#8792)
1ae053d944 Upgrade traefik chart to v25.0.0 (#8771)
f575a05be2 fix: Access outer scope .SystemdCgroup (#8761)
c7c339f0b7 chore: Bump Trivy version (#8739)
1e99a46256 chore: Update sonobuoy image versions (#8710)
9377accd9e update stable to v1.27.7+k3s1 (#8753)
112e1339b7 Restore selinux context systemd unit file (#8593)
49411e7084 Don't try to read token hash and cluster id during cluster-reset
6aef26e94b Update to v1.28.3 (#8682)
5b6b9685e9 Manually requeue configmap reconcile when no nodes have reconciled snapshots
3db1d33282 Re-enable etcd endpoint auto-sync
b8dc95539b Fix CloudDualStackNodeIPs feature-gate inconsistency
0c9bf36fe0 [K3s][Windows Port] Build script, multi-call binary, and Flannel (#7259)
aaf8409096 Use version.Program not K3s in log (#8653)
9597ea1183 Start etcd client before ensuring self removal
2291d6d079 Add etcd-only/control-plane-only server test
7bb4a826af Update kube-router package in build script
3abc8b82ed Bump traefik, golang.org/x/net, google.golang.org/grpc
1ffb4603cd Use IPv6 in case is the first configured IP with dualstack
3d25e9f66c Switch build target from main.go to a package. (#8342)
7c5b69ca1d Fix etcd snapshot integration tests
d885162967 Add server token hash to CR and S3
550ab36ab7 Switch to managing ETCDSnapshotFile resources
5cd4f69bfa Move snapshot delete into local/s3 functions
a15b804e00 Sort snapshots by time and key in tabwriter output
7464007037 Store extra metadata and cluster ID for snapshots
80f909d0ca Move s3 snapshot list functionality to s3.go
8d47645312 Consistently set snapshotFile timestamp
f1afe153a3 Tidy s3 upload functions
2b0e2e8ada Elide old snapshot data when apiserver rejects configmap with ErrRequestEntityTooLarge
676b00aa0e Move etcd snapshot code into separate file
500744bb94 Add new CRD for etcd snapshots
64107b54e4 Minor updates as per design review discussion
22065affa2 Add ADR for etcd snapshot CRD migration
9bb1ce1253 Bump busybox to v1.36.1
5fe4f6709a Bump containerd to v1.7.7-k3s1
7d38b4a3db E2E Domain Drone Cleanup (#8579)
dface01de8 Server Token Rotation (#8265)
ced25af5b1 Fixed tailscale node IP dualstack mode in case of IPv4 only node
ba750e28b7 [v1.28] System agent push tags fix (#8568)
e33359d375 Update install.sh.sha256sum
a6acdd0d75 Fix slemicro check for selinux (#8526)
e82b37640a Network defaults are duplicated, remove one
d4a487d83f Fix spellcheck problem (boostrap ==> bootstrap)
f2c7117374 Take IPFamily precedence based on order
0b23a478cf ipFamilyPolicy:PreferDualStack for coredns and metrics-server
021c5b291b Improve release docs - updated (#8414)
0e5c760625 Pass SystemdCgroup setting through to nvidia runtime options
1e38b5d904 Don't ignore assets in home dir if system assets exist
fe18b1fce9 Add --image-service-endpoint flag (#8279)
79b44cee29 Create and validate install.sh signatures (#8312)
ad206310d1 Update kube-router
b6ab24c4fd Added error when cluster reset while using server flag
b010c941cf Fix .github regex to skip drone runs on gh action bumps (#8433)
d349c9db6c Added cluster reset from non bootstrap nodes on snapshot restore e2e test
d0ab4ef26b Added advertise address integration test
172a7f1d1a Fix gofmt error
8705a88bf4 Clear remove annotations on cluster reset; refuse to delete last member from cluster
002e6c43ee Reorganize Driver interface and etcd driver to avoid passing context and config into most calls
890645924f Don't export functions not needed outside the etcd package
a3c52d60a5 Skip creating CRDs and setting up event recorder for CLI controller context
391e61bd72 Use admin kubeconfig instead of supervisor for etcd snapshot CLI
bd9dad87d5 Typo fix
5c5d957e73 Set server-token adr to accepted
6398c38690 Server token rotation ADR
8c73fd670b Disable HTTP on main etcd client port
12459fca97 Add extraArgs to tailscale
8c197bdce4 Include the interface name in the error message
56abe7055f add link to drone in documentation (#8295)
e1706875f4 Update channel latest to v1.27.6+k3s1 (#8397)
66cb1064d1 Add context to flannel errors
d3f7632463 Fix error reporting
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
51a017123d |
k3s: update to v1.28.2
Bumping k3s to v1.28.2, which comprises the following commits:
6330a5b49c Update to v1.28.2 and go v1.20.8 (#8364)
550dd0578f Bump kine to v0.10.3
b3bb7e5a11 update channel for version v1.28 (#8305)
0d23cfe038 Add RWMutex to address controller
cba9f0d142 Add new CLI flag to disable TLS SAN CN filtering
2cb7023660 Use already imported semver, bump kine
f2d0c5409a Add check for support on cp nodes
51f1a5a0ab Review comments and fixes
42c2ac95e2 CLI + Backend for Secrets Encryption v3
e45a674457 Add new encryption test
b967f92785 Replace os.Write with AtomicWrite function
ced330c66a [v1.28] CLI Removal for v1.28.0 (#8203)
62db5fa27c Update to v1.28.1 (#8239)
af50e1b096 Update to v1.28.0-k3s1 (#8199)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
86ec0fea15 |
k3s: update to v1.27.5
We refresh one patch, but otherwise, the build is unchanged. Generated via: scripts/oe-go-mod-autogen.py --repo https://github.com/rancher/k3s.git --rev v1.27.5+k3s1 Bumping k3s to version v1.27.5+k3s1, which comprises the following commits: 8d074ecb5a Add RWMutex to address controller f365a9cb98 Add new CLI flag to enable TLS SAN CN filtering 8d6483a59e Update to v1.27.5 (#8236) e31f00f863 Move flannel to 0.22.2 f8727f56d7 E2E test for token coverage (#8184) 84ded911e9 Bump helm-controller/klipper-helm versions 66bae3e326 Bump dynamiclistener for init deadlock fix e83b1ba4aa Fixed the etcd retention to delete orphaned snapshots based on the date (#8177) 561db17a31 chore: Bump Trivy version (#8178) 38a0b91c1a chore: Bump Trivy version (#8150) 7f58a1cb23 Run integration test CI in parallel (#8156) c97211866a Fix for cluster-reset backup from s3 when etcd snapshots are disabled (#8155) 9702f92345 Fix for Kubeflag Integration test (#8154) b2e71553ce Use VERSION_K8S in tests instead of grep go.mod bc332ac667 Use 'go list -m' instead of grep to look up versions 53fc3eef0a add --disable-cloud-controller and --disable-kube-proxy test (#8018) e551308db8 fix for etcd-snapshot delete with --etcd-s3 flag (#8110) 45bc26309f Remove terraform test package (#8136) fd531140e5 Bump kine to v0.10.2 ca7aeed090 Etcd snapshots retention when node name changes (#8099) 23d6842f9a Bump versions for etcd, containerd, runc, kine a0da8eded3 Bump docker/docker to master commit aa76942d0f Add FilterCN function to prevent SAN Stuffing 3515d712a7 Fix typo in terraform/README.md (#8090) a87b183f9c E2E: Support GOCOVER for more tests + fixes (#8080) 46cbbab263 Consolidate CopyFile functions (#8079) 59eec78c62 Fix tailscale bug with ip modes 468bddb59c update stable channel to v1.27.4+k3s1 (#8067) 767b64ba58 Fix coreos multiple installs (#8083) cc9dce5764 Security bump to docker/distribution (#8047) f21ae1d949 Make apiserver egress args conditional on egress-selector-mode 546dc247a0 Add support for `{{ template "base" . }}` in etc/containerd/config.toml.tmpl (#7991) 6d360e6473 Unit test for MustFindString (#8013) 946c8ea842 ADR on secrets encryption v3 (#7938) 780e638099 Update flannel to v0.22.1 e56839b329 Update cni plugins version to v1.3.0 36645e7311 fix update go version doc (#8028) d8ae6ef59b Update to v1.27.4 (#8014) be44243353 Adjust default kubeconfig file permissions (#7978) 0b18a65d4f Revert "Warn that v1.28 will deprecate reencrypt/prepare (#7848)" 58a8deb25d fix image_scan.sh script and download trivy version (#7950) 3eb4e12c3b Don't use zgrep in `check-config` if apparmor porfile is enforced (#7939) 34617390d0 Generation of certificates and keys for etcd gated if etcd is disabled. (#6998) 2eddfe6cf4 Add retry for clone step (#7862) 782a3a1cb4 Bump google.golang.org/grpc from 1.51.0 to 1.53.0 in /tests/terraform (#7879) 8405813c12 Fix rootless node password (#7887) 607320d670 Improve for K3s release Docs (#7864) b9a2bf11ee Support setting control server URL for Tailscale. 4ab01f3941 Warn that v1.28 will deprecate reencrypt/prepare (#7848) 9e334153cf add e2e s3 test (#7833) bca0adbca8 Fix code spell check 7f50b40cfe Fall back to basic/bearer auth when node identity auth is rejected ce3443ddf6 Allow k3s to customize apiServerPort on helm-controller 324f9ad4da fix e2e startup flaky test (#7839) 72d50b1f7c Add `--data-dir` to the `k3s certificate rotate-ca` cli (#7791) d593c83603 Remove file_windows.go f21a01474d Check if we are on ipv4, ipv6 or dualStack when doing tailscale 0809187cff Adding cli to custom klipper helm image (#7682) c7dec8ed24 Update stable channel to v1.27.3+k3s1 (#7827) 70691a95ee Faster K3s Binary Build Option (#7805) 2215870d5d chore: pkg imported more than once fe9604cac1 Update Kubernetes to v1.27.3 (#7790) d968e64de0 Add commands to logout from tailscale 43611bb5ad Fix the error report b66a118362 Bump helm-controller to v0.15.0 for create-namespace support a5874f855f Remove unused libvirt config c6a6e8ef57 Fix spelling check cc22c80e49 Add issue template for OS validation (#7695) efa86a63e8 Remove unnecessary daemonset addition/deletion (#7696) 7c151d468f add private registry e2e test (#7653) 869e030bdd VPN PoC 1e73bb8967 Run integration tests on E2E changes, ensures correct coverage values 8f9502233a E2E: Inject gocover ENV for k3s commands 4a68fbd8e9 E2E: Use sudo for all RunCmdOnNode 00f3e2413f chore: Bump Trivy version (#7672) dc6c569b98 Shortcircuit commands with version or help flags (#7683) 3a8e98a3b8 Bump docker go.mod (#7681) e5e1a674ce Enable containerd aufs/devmapper/zfs snapshotter plugins 5170bc5a04 Improve error response logging 45d8c1a1a2 Soft-fail on node password verification if the secret cannot be created b0188f5a13 Test Coverage Reports for E2E tests (#7526) afc88cec88 check variant before version to decide rpm target and packager fa0dc5900a Use el8 rpm for fedora 38 and 39 (#7664) 7c0a7687c6 add format command on Makefile and remove vendor 9227e0bde2 Bump vagrant libvirt with fix for plugin installs (#7605) b64a226ebd Make LB image configurable when compiling k3s a5928ee137 chore: Bump golang:alpine version 612473755d Add ADR 7b61aacb56 Fix test file list 64a5f58f1e Create new kubeconfig for supervisor use 8748813a61 Use distinct clients for supervisor, deploy, and helm controllers e9958cf070 Bump metrics-server to v0.6.3 and update tls-cipher-suites 93279d2f59 Bump klipper-lb to v0.4.4 0485a56f33 allow coredns override extensions 85e10cf9d2 update channels (#7634) 9543470eb7 Add el9 selinux rpm (#7635) d1b0254b91 Update flannel version 213d7ad499 Revert "Add el9 selinux rpm (#7443)" (#7608) d55ec08675 Add el9 selinux rpm (#7443) fe554fe703 Pin emicklei/go-restful to v3.9.0 91c5e0d75a Fix iptables rules clean during upgrade d069a85fcc Update to v1.27.2-k3s1 (#7575) 290f67c939 Add '-all' flag to apply to inactive units 2b24c9917c Bump alpine from 3.17 to 3.18 in /conformance (#7551) 266926693a Bump alpine from 3.17 to 3.18 in /package (#7550) 9bcfac8b88 Add Rotation certification Check (#7097) 4aafff0219 Wrap error stating that it is coming from netpol cbe8d33c93 Bump containerd/runc to v1.7.1-k3s1/v1.1.7 8f450bafe1 Bump helm-controller version for repo auth/ca support 06296815e6 Adding PITS and Getdeck Beiboot as adopters thanks to Schille and Miworfi for the additions (#7524) 607cbf0ad6 Bump containerd to v1.7.0 and move back into multicall binary 239021e759 Consistently use constant-time comparison of password hashes 9ec1789c21 Bump kube-router version to fix a bug when a port name is used c6dc789e25 Add support for `-cover` + integration test code coverage (#7415) 3982213f06 add kube-* server flags integration tests (#7416) b32bf49541 Bump kine to v0.10.1 c98137ddca Fix token startup test cf9ebb3259 Fail to validate server tokens that use bootstrap id/secret format 7175ebe2be E2E: Startup test cleanup + RunCommand Enhancement (#7388) bbb8ee0b2d Add dependabot label and reviewer (#7423) cedefeff24 Bump cni plugins to v1.2.0-k3s1 a736b4b1b9 local-storage: Fix permission (#7217) 437ad128c7 Migrate netutil methods into /utils/net.go e1d4cff14c Enable FindString to search dotD config files (#7323) 132b41c3bf Add v1.27 channel (#7387) d5f560360e Handle multiple arguments with StringSlice flags (#7380) a3ddff2f29 chore: Bump Trivy version e61fde93c1 Fix MemberList error handling and incorrect etcd-arg passthrough 91afb38799 Retry cluster join on "too many learners" error f1b6a3549c Fix stack log on panic c44d33d29b Fix race condition in tunnel server startup 1ca035accc Add e2e test for --disable-agent 31a6386994 Improve egress selector handling on agentless servers 5348b5e696 Improve error message when CLI wrapper Exec fails bbda54b332 Add longhorn storage test (#6445) 0247794aa9 go generate 0bbc6ad3f0 Bump traefik to v2.9.10 1ac03aad43 Add integration tests for etc-snapshot server flags and refactor /tests/integration/integration.go/K3sStartServer (#7300) ef648b7a5d Bump Runc and Containerd (#7339) 9539147ee1 Bump k3s-root for aarch64 page size fix ad41fb8c96 Create CRDs with schema bc5b42c279 Cleanup help messages (#7369) f076080b2b Bump cri-dockerd (#7347) 87f0dc5dd3 update channel server for april 2023 (#7327) 66fcca66cb ensure that klog verbosity is set to the same level as logrus by repeatedly settting it every second during k3s startup 36699bbd60 Changed command -v redirection for iptables bin check 944f811dc5 v1.27.1 CLI Deprecation (#7311) f2bde63eea Kubernetes v1.27.1 (#7271) 8d0255af07 Bump Trivy version (#7257) 779d5f3aa2 chore: Updated the content of the file "/tmp/updatecli/github/k3s-io/... (#7256) 554ad87c8d chore: Bump golang:alpine version (#7292) 257fa2c54c Update to v1.26.4-k3s1 (#7282) d9f40d4f5b Update install script to clean iptables rules before start 0c683720ad Update kube-router to insert iptables rules right after kubernetes ones 6b51ed478d Fix call for k3s-selinux versions in airgapped environments (#7264) 027cc187ce Add coreos and sle micro to selinux support (#6945) 30638072c9 Update klipper lb to v0.4.2 (#7210) 6c394abb32 Add make commands to terraform automation and fix external dbs related issue (#7159) 3e3512bdae Updated kube-route version to move the iptables ACCEPT default rule at the end of the chain d95980bba3 Lock bootstrap data with empty key to prevent conflicts 12091fc724 Bump actions/setup-go from 3 to 4 2992477c4b Debounce kubernetes service endpoint updates ece4d8e45c Fix tests to not hide failure location in dummp assert functions e54ceaa497 Fix issue with stale connections to removed LB server 5dece799df Update remotedialer to silence errors when disconnecting 4182dcaac8 [UpdateCLI] Improve Klipper Helm and Helm controller bumps (#7146) 127cea1f3f Upgrade helm-controller to v0.13.3 (#7209) d2e04b826a Don't apply hardened args to agent (#7089) d388b82d25 go generate de80c07053 Ensure that loopback is used for the advertised address when resetting b010db0cff Ensure that loopback is used for the advertised address when resetting 877247a691 Bump runc to v1.1.5 eb982bbbde Bump etcd to v3.5.7 cee3ddbc4a Bump Local Path Provisioner version (#7167) ddd9665fed Improve Trivy configuration (#7154) fdf994dc35 [UpdateCLI] Improve workflow (#7142) 37b3f4d25c Run go generate in local-path-provisioner Updatecli pipeline (#7181) 8ec7d5e6b0 fix_get_sha_url (#7187) a99376663b Drone Pipelines enhancement (#7169) fb491f5ebf Update stable channel to v1.26.3+k3s1 (#7161) d13ee64403 Enhance `k3s check-config` (#7091) 01ea3ff27b Update flannel to fix NAT issue with old iptables version c97370be6f Clean E2E VMs before testing (#7109) 7c32f88fec Pin golangci-lint version to v1.51.2 (#7113) dc4a148725 Update to v1.26.3-k3s1 (#7108) 561ec056c1 Drone: Cleanup E2E VMs on test panic (#7104) 9980504196 Fix to Rotate CA e2e test (#7101) 85b261096c Add automation for Restart command for K3s (#7002) 19ac384929 Remove Nikolai from MAINTAINERS list (#7088) 7d2f997b3e Added multiClusterCIDR E2E test 262cd7de0a Added IPv6 check and agent restart on e2e test utils 15ee88964b Added multiClusterCidr feature 822ee79eb8 Remove deprecated nodeSelector label beta.kubernetes.io/os (#6970) a912902aa7 Add missing kernel config checks (#6946) 8503d0143c skip all pipelines based on what is in the PR (#6996) 977a85559e Add support for cross-signing new certs during ca rotation 68fcb48a35 Update/rename certs.sh; add default cert rotation script b7f90f389c Wait for kubelet port to be ready before setting (#7041) a45d081027 update stable version in channel server (#7066) d218068f34 Adds a warning about editing to the containerd config.toml file (#7057) c259403af1 Bump various dependencies for CVEs (#7044) e098b99bfa Update flannel and kube-router (#7039) c78dc4db71 Add flannel adr (#6973) 522ad1e697 Add E2E to Drone (#6890) ea094d1d49 Update to v1.26.2-k3s1 (#7011) ee28c20b62 Bump kine to v0.9.9 cbe4bcfeee Add test for filterByIPFamily cc333d8d0c Fix ServiceLB dual-stack ingress IP listing 2156015521 Improve default umask for certs.sh 23d98cec22 Fix CACertPath stripping trailing path components 0c302f4341 Fix etcd member deletion 9efa0797b7 Don't default to local K3s for startup test (#6950) 7739c8b97e Update flannel to v0.21.1 b8e69712a3 Updated flannel version to v0.21.0 3d146d2f1b Allow for multiple sets of leader-elected controllers 0d416d797d Wait for server to become ready before creating token 290d7e8fd1 Fix access to hostNetwork port on NodeIP when egress-selector-mode=agent ddcc4d4034 go generate c6d0afd0cb Check for existing resources before creating them 32d62c5786 Use default address family when adding kubernetes service address to SAN list a92f163c9d Add NATS to the list of supported data stores (#6876) b43dd7746d Add CI test c900089e88 Add ADR 87f9c4ab11 Ensure that node exists when using node auth 992e64993d Add support for kubeadm token and client certificate auth 373df1c8b0 Add support for `k3s token` command 7d49202721 Ignore value conflicts when reencrypting secrets (#6850) be7f751863 Add e2e tests for CA cert rotation 8a6404f97c Add basic test for custom CA certs 9b6b72941f Clarify ADR based on design review feedback f13768c247 Add ADR 215fb157ff Add `certificate rotate-ca` to write updated CA certs to datastore 3c324335b2 Add utility functions for getting kubernetes client 58d40327b4 Fix CA cert hash for root certs 0919ec6755 Ensure cluster-signing CA files contain only a single CA cert 1ec242d816 Add example certificate generation script 7e59376bb9 Fix check for (open)SUSE version (#6791) ee007bc7cf Bump deps: trivy, sonobuoy, dapper (#6807) bb353f5d2b Fix reference to documentation (#6860) 7cad3db251 E2E: Consoldiate docker and prefer bundled tests into new startup test (#6851) 32086717fc Ensure flag type consistency (#6852) 750cff561d Bump vagrant boxes to fedora37 (#6832) 9fcc7c0db8 Fix cronjob example (#6707) 0d4caf4e24 Wait for cri-dockerd socket (#6812) 1c6fde9a52 go generate 369b81b45e Honor Service ExternalTrafficPolicy 94d1a87509 Bump wrangler version for EndpointSlice support 86e36225f5 Consolidate E2E tests and GH Actions (#6772) 808c71a63e Add Ayedo (#6801) 75f77ab951 E2E Rancher and Hardened script improvements (#6778) f0655f153e update stable channel to v1.25.6+k3s1 (#6828) 3cb6fa5cc7 Set cri-dockerd version at build time f72649d1bd Bump cri-dockerd 89f7062431 Add build tag to disable cri-dockerd f10af367c3 Update to v1.26.1-k3s1 (#6774) f19892c2d2 drone correct plugins/docker tag supporting linux/arm (#6769) 291f8bfe00 Slow dependency CI to weekly (#6764) 2007cdd54f generate report and upload test results (#6737) 7bbcac92fd Bump download action to v3 (#6746) d71ab6317e Update stable to 1.25.5+k3s2 (#6753) f54b5e4fa0 Fix CI tests 23c1040adb Bugfix: do not break cert-manager when pprof is enabled (#6635) a4549cf989 chore: Bump golang:alpine version (#6683) 8340b54309 Pass through default tls-cipher-suites cc3583399a Add explicit permissions to workflows (#6700) d85952d6a0 Bump ubuntu from 20.04 to 22.04 in /tests/e2e/scripts (#6686) 674a05478f Containerd restart testlet (#6696) d78e490716 Bump containerd to v1.6.15-k3s1 e53500f37f Bump alpine from 3.16 to 3.17 in /conformance (#6687) c7151e8b61 Bump alpine from 3.16 to 3.17 in /package (#6688) 3cafc8e6dd RIP Codespell (#6701) fd8481a29d Adjust e2e test run script and fixes (#6718) a298bfdb18 Add jitter to scheduled snapshots and retry harder on conflicts f0ec6a4c12 Exclude December r1 releases from channel server bc6bebc998 Bump containerd to v1.6.14-k3s1 454440f9a3 Add Dependabot config for security ADR (#6560) 870d9c32b0 Fix OpenRC init script error 'openrc-run.sh: source: not found' (#6614) 97f162291a Change Updatecli GH action reference branch (#6682) beafd9eaff Update stable to v1.25.5 (#6618) 8f28de259c Add initial Updatecli ADR automation (#6583) 9e97a3b4aa Current status badges (#6653) fae8817655 Bump k3s-root version to v0.12.1 0c9b43746b Preload iptable_filter/ip6table_filter f8b661d590 Update to v1.26.0-k3s1 (#6370) b5d39df929 Deprecation of `etcd-snapshot` command in v1.26 (#6575) d723775792 Remove deprecated flags in v1.26 (#6574) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Kai Kang
|
64c7c56236 |
k3s: not compatible with mips
k3s depends on 'virtual-containerd' provided by containerd-opencontainers which is not compatible with mips. So set COMPATIBLE_HOST for k3s that not compatible with mips to align with containerd-opencontainers. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
cd816688c5 |
k3s, kubernetes, nagios-nrpe: fix Upstream-Status formatting
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
46fb24baad |
k3s: update to v1.25.8
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d36563caf1 |
k3s: update to v1.24.7
Bumping k3s to version v1.24.7-rc4+k3s1, which comprises the following commits:
e3c9d859e8 Return ProviderID in URI format
e44d22ca61 Add ServiceAccount for svclb pods
2ca51a3d59 Update to v1.24.7-k3s1 (#6270)
0751b6052e Fix dualStack test
519f13e34d [Release-1.24] Replace deprecated ioutil package (#6235)
c1c7b95dc0 Fix flakey etcd test
6ed1e1423f Fix helm job failure on multi-server tests
87bfc8883b Bump traefik to 2.9.1 / chart 12.0.0
06eb948c23 Fix the typo in the test
3a829ae860 Handle custom kubelet port in agent tunnel
3f5c88e4a3 Fix occasional "TLS handshake error" in apiserver network proxy.
cb0f4bd49c Use structured logging instead of logrus for event recorders
44ae7aa4db Dump info on coredns when deployment rollout fails
a75bbf5f4e Add ADR for ServiceLB move to CCM
69dd30433b Disable cloud-node and cloud-node-lifecycle if CCM is disabled
76f13d3558 Move servicelb into cloudprovider LoadBalancer interface
23c302dccc Move DisableServiceLB/Rootless/ServiceLBNamespace into config.Control
307e45e739 Implement InstancesV2 instead of Instances
7198eb2f74 Bump metrics-server to v0.6.1
0be4ef9213 Add flannel-external-ip when there is a k3s node-external-ip
a8e0c66d1a updating to v1.24.6-k3s1 (#6164)
fb823c8a5f Update to v1.24.5 (#6143)
ae7d6285b6 Fix gofmt warnings
1b806f5fee Bump golang to correct version
ee859f7f5a Add validation check to confirm correct golang version for Kubernetes
cf684c74a3 [Release-1.24] Bulk Backport of Testing Changes
b8f05e4904 Bump containerd to v1.6.8-k3s1
35e488c9c7 Bump runc to v1.1.4
e1884e4d60 Update Flannel to v0.19.2 to fix older iptables issue
79bb7bccd9 Fix e2e tests (#6018)
4c9ad2546c Fix dualStack test and change ipv6 network (#6023)
654d2b9567 CI: update Fedora 34 -> 35 (#5996)
2b35f89664 Convert install tests to run PR build of k3s (#6003)
f81138402e E2E: Add support for CentOS 7 and Rocky 8 (#6015)
ab2638a247 mark v1.24.4+k3s1 as stable (#6036)
7d6982d1fa Export agent.NetworkName for Windows
3e394f8ec5 The Windows kubelet does not accept cadvisor flags
c3f830e9b9 Update to v1.24.4 (#6014)
035c03cfaa Remove codespell from Drone, add to GH Actions (#6004)
b14cabc107 Add nightly install github action (#5998)
75f8cfb6ea E2E: Local cluster testing (#5977)
116c977fbf Convert vagrant tests to yaml based config (#5992)
30fc909581 Update run scripts (#5979)
a30971efaa Updated flannel to v0.19.1
6b7b9c5aa9 Add scripts to run e2e test using ansible (#5134)
18cb7ef650 fix checkError in terraform/testutils (#5893)
77fa7fb490 Removing checkbox indicating backports since the policy is to backport everything (#5947)
b7f7379157 Update MAINTAINERS with new folks and departures (#5948)
db3c569b7f Add docker e2e test
aadab55145 Add ADR for inclusion of cri-dockerd
4aca21a1f1 Add cri-dockerd support as backend for --docker flag
b1fa63dfb7 Revert "Remove --docker/dockershim support"
cf66559940 Print stack on panic
abdf0c7319 Fix comments and add check in case of IPv6 only node
d90ba30353 Added NodeIP autodect in case of dualstack connection
82e5da35a9 Upgrade macos-10.15 to macos-12 (#5953)
43508341c1 Bump minio to v7.0.33
1c17f05b8e Fix secrets reencryption for 8K+ secrets (#5936)
118a68c913 Updates to CLI flag grouping + deprecated flag warnings. (#5937)
13af0b1d88 Save agent token to /var/lib/rancher/k3s/server/agent-token
4c0bc8c046 Update etcd error to match correct url (#5909)
db2ba7b61d Don't enable unprivileged ports and icmp on old kernels
90016c208d ADR: Depreciating and Removing Old Flags (#5890)
24da6adfa9 Move v1.24.3+k3s1 to stable (#5889)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
c991546a7f | k3s: pass -trimpath to improve reproducibility | ||
|
Vasileios Anagnostopoulos
|
7106007c14 |
k3s: fix the version of k3s
When executing `k3s --version` the mentioned version `k3s version dev (HEAD)`. The root cause is, that the BUILD_FLAGS were not the expected ones. After that patch, the k3s is reporting the correct version. Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d90ad944d5 |
k3s: update to 1.24.3
We bumping to 1.24.x, along with the k3s changes, we update our
dependencies to allow a vendored build.
Dependencies were gathered via: go list -m all | sort | uniq > mod.all
And then processed to generate the SRC_URI fetches and relocations into
the build.
We also change our TAGS to avoid two different errors. btrfs
build restrictions:
package command-line-arguments
imports github.com/k3s-io/k3s/pkg/cli/agent
imports github.com/k3s-io/k3s/pkg/agent
imports github.com/k3s-io/k3s/pkg/agent/config
imports github.com/k3s-io/k3s/pkg/containerd
imports github.com/containerd/containerd/snapshots/btrfs/plugin:
build constraints exclude all Go files in github.com/k3s-io/containerd@v1.5.13-k3s1/snapshots/btrfs/plugin
And ctrd, which leads to the following (which is also
found on non Yocto / non-cross build k3s builds):
# github.com/containerd/containerd/pkg/cri/server
../../go/pkg/mod/github.com/k3s-io/containerd@v1.5.13-k3s1/pkg/cri/server/instrumented_service.go:36:9: cannot use &instrumentedService{?} (value of type *instrumentedService) as type grpcServices in return statement:
*instrumentedService does not implement grpcServices (missing ListPodSandboxStats method)
../../go/pkg/mod/github.com/k3s-io/containerd@v1.5.13-k3s1/pkg/cri/server/service.go:156:9: cannot use c (variable of type *criService) as type CRIService in return statement:
*criService does not implement CRIService (missing ListPodSandboxStats method)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
ec96eab80c |
k3s: update recipe formatting and map googlesource to github
Reformat the k3s depedencies and src_uri into a more readible and maintainable format. We also map googlesoruce to github for better fetching, as suggested by Diego Sueiro <diego.sueiro@arm.com>. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Richard Neill
|
6ed391fdb0 |
k3s: Add missing IP Virtual Server (ip_vs) feature to the kernel config
K3s (and Kubernetes) supports load balancing via IPVS, and by default reports
errors when IPVS kernel modules cannot be loaded.
This patch adds the missing reported kernel modules to the k3s recipe:
* ip-vs
* ip-vs-rr
* ip-vs-wrr
* ip-vs-sh
The modules are configured by including the ip_vs kernel feature.
Signed-off-by: Richard Neill <richard.neill@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Adrian Freihofer
|
bed7142c26 |
k3s: do not use a go file as patch
On some build hosts, one of our downloaded depedencies matches patch.bbclass' regex, and is then thought to be a patch. That leads to errors as follows: Compiling k3s failed with: do_patch: Importing patch 'github.com.andreyvit.diff' with striplevel '1' We add a noapply to the SRC_URI to ensure that it is not considered a patch. Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
e1aeb3beaf |
k3s: clarify uprev version (1.22.6) and PV
The shortlog of the previous uprev incorrectly stated that
1.23.x was the target. There are issues remaining with that
version, so the uprev was contained to 1.22.x
We also typically do NOT use the exact release tag, since
fixes are continually arriving post release, and with the
extensive go mod vendor process, it doesn't accurately
represent the version.
As such, we switch to: v1.22.6+k3s1+git${SRCREV_k3s}, for
finer grained version tracking.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
8cba065209 |
k3s: update to 1.23.1
The significant commit in this series is:
0e72260df4 delete vendor dir
Which means that we completely have to revamp the recipe to build
without go accessing the network to pull in dependencies. This is
an initial effort, and it is acknowledged that it isn't efficient
or fast, due to the number of fetches and I/O required to complete
the population of the vendor/ directory.
The recipe can be iterated and made more efficient over time.
Bumping k3s to version v1.23.1+k3s1-11-ge7464a17f7, which comprises the following commits:
e7464a17f7 Fix use of agent creds for secrets-encrypt and config validate
8d8c8b0c6b Don't skip the dev image when skipping airgap
31f1a00b6f Fix a typo: advertise-up -> advertise-ip (#4827)
2ac8df3602 Integration tests utilities improvements (#4832)
612a9412fd Enable make generate to use dapper and standardize go and gzip versions (#4861)
66eeabbdfc linter doesn't actually run on windows, found these while getting it running on a windows machine
142b1d96f4 Update channel.yaml for 1.23
ff49dcf71e Export default parser
d0f7e23328 Require integration test to be run as sudo/root (#4824)
a02db0f2fa Fix cgroup smoke test (#4823)
08d538fb3a Update golang
87395e32d6 Update modules for Kubernetes v1.23
6656d48415 Add tests to use vagrantfile (#4722)
70902209b9 Bump stable to v1.22.5+k3s1 (#4821)
3ee3ecb3ac package rename wasnt approved yet, backing out cruft that snuck into last pr
a5c6e6a68a Fix panic checking name of uninitialized etcd member
52e450f033 Add etcd sonobuoy tests
9919f229b6 Add variable to enforce max test concurrency
247298a20d Fix previous channel detection
6872e7da25 More codespell ignores
3ae550ae51 Update bootstrap logic to output all changed files on disk (#4800)
0e72260df4 delete vendor dir
e6cf8f5982 code changes to drop the vendor dir
4eb282edac Move flannel logs to logrus
2e91913f54 Close agentReady channel only in k3s (#4792)
8ad7d141e8 Close etcd clients to avoid leaking GRPC connections
588d15db8f Remove Disables, Skips and DisableKubeProxy from the comparing configs
555dfc54db Add initial skeleton ADOPTERS.md to better track large use cases (#4764)
baf865b836 Add ADR
6f4217a340 Build standalone containerd
8737e2e13f Build script cleanups
89e63972e9 Bump k3s-root to v0.10.1
17eebe0563 Fix cold boot and reconcilation on secondary servers (#4747)
73725a0882 docs: adrs: Dual-stack in network policy agent
d71b335871 Fix snapshot restoration on fresh nodes (#4737)
bf4e037fcf Resolve Bootstrap Migration Edge Case (#4730)
2f3bfc27c0 Add in docs/adr to ensure we capture decisions properly during design calls (#4707)
a6fe2c0bc5 Resolve restore bootstrap (#4704)
a70487d5ae Update wharfie usage in windows code path
3985fd0e26 [master] Add validation to certificate rotation (#4692)
e8a30a87c8 Bump runc to v1.0.3
eb068da7f3 Add `SKIP_AIRGAP` enviroment variable for make (#4688)
8f389ab030 Include node-external-ip in serving-kubelet.crt SANs (#4620)
bcb662926d Secrets-encryption rotation (#4372)
1b3187ea07 Check HA network parameters
7d3447ceff Bump wharfie to v0.5.1 and use shared decompression code
05d43278e2 bump kine to v0.8.1
3b6a3fe905 Update dynamiclistener
a8f7e9f7e8 Nighlty automation vagrant rework (#4574)
a0208058ae Bump stable to v1.21.7+k3s1 (#4636)
77fd3e99ec Add cert rotation command (#4495)
1e6e4db2bc Update maintainers list (#4622)
d05c334a78 Improved cleanup for etcd unit test (#4537)
ae4a1a144a etcd snapshot functionality enhancements (#4453)
0c1f816f24 go generate
a7ba3e14ff Add package version to traefik helm chart
7685da3e24 Improve flannel logging
d93c82f958 [master] Bump golang and containerd (#4538)
65110a4eec [master] Bump Kubernetes to v1.22.4-k3s1 (#4536)
03485632ea Fix regression with cluster reset (#4521)
ef263bd2b0 Improved regex for double equals arguments (#4505)
535a919635 Removed value from warning about skipping flags (#4491)
c77efe64e1 tests/vagrant: refactor vagrant smoke tests (#4484)
f18b3252c0 [master] Add etcd extra args support for K3s (#4463)
41ff19de71 Feature: Add CoreDNS Customization Options
4b57951fb0 Fix to allow etcd-snapshot to use config file with flags that are only used with k3s server. (#4464)
5ab6d21a7d Increase agent's apiserver ready timeout (#4454)
bc7cdc78ca go generate
2e9358934d Add dashboard annotations to Traefik helm chart
5d168a1d59 Allow svclb pod to enable ipv6 forwarding
adaeae351c update bootstrap logic (#4438)
d85b2468ea Corrected skip check for dualstack on CI (#4427)
559c8ad94b install: /usr/sbin/transactional-update (#4403)
7bd65047c3 Match to last After keyword for parser (#4383)
8915e4c7f7 Replace gzip with pigz for faster builds (#4411)
0a5c6b1088 Remove unit tests from drone CI (#4424)
36c6634cce [master] updating to new signals package in wrangler (#4399)
f1d6e9bc4b install.sh: fix path detection for sle-micro (#4398)
86c6924119 containerd: v1.5.7-k3s2 (#4387)
f7dcc139ff Bump klipper-lb image for arm fix
aa3332085f Update k3s CI to run all integration tests (#4358)
94c1b988ca Enable Epics Action to automatically check off child issues in an epic (#4353)
f1622129e4 refactor: Use plain channel send or receive
f9f1cabe9c Fix log/reap reexec
702fe24afe containerd/cri: enable the btrfs snapshotter (#4316)
3da1bb3af2 Fix other uses of NewForConfigOrDie in contexts where we could return err
5acd0b9008 Watch the local Node object instead of get/sleep looping
3fe460d080 Block scheduler startup on untainted node when using embedded CCM
52eb6cac1c install.sh: initial support for sle-micro (#4331)
91cf835ec3 Update to v1.22.3 (#4354)
7c3f21e581 K3s Integration test fixes (#4341)
ab3d25a2c5 Update peer address when running cluster-reset
0a0b915921 reset buffer after use (#4279)
02a314c69a Bump klipper-helm version
918945da45 Added configuration input to etcd-snapshot (#4280)
72a1925a34 install.sh: capture quoted environment variables (#4275)
6e410fad49 Update to the newest flannel
b5b7033afd Bump klog fork version
e11a4bf8bb set duration to second (#4231)
0452f017c1 Add etcd s3 timeout (#4207)
34080b23b1 Copy old bootstrap buffer data for use during migration (#4215)
dbc14b8990 Fix race condition in cloud provider
5a923ab8dc Add containerd ready channel to delay etcd node join
6b4d75d245 maintainers: add Manuel and Michal (#4193)
b282528ee2 Display cluster tls error only in debug mode (#4124)
dc18ef2e51 Refactor log and reaper exec to omit MAINPID
d6b6a3ee9f vagrant: Add Ubuntu 21.04 support
5e01201195 vagrant: Update package list for Ubuntu
e420583684 vagrant: Add support for vagrant-libvirt
f830d09d6e vagrant: Change OS environment variable to DISTRO
feec44572d Improve error message when using a "K10" prefixed token (#4180)
ac7a8d89c6 Add ability to reconcile bootstrap data between datastore and disk (#3398)
9e787bfacb moving fossa to being inline step with a sles image
b6919adf62 Add "etcd-" prefix to etcd-snapshot commands as aliases (#4161)
00cf4578ec Dual-stack support LB controller
1f7151ed2f Update stable to v1.21.5+k3s2
9b35734e1a Add topologySpreadConstraints to support scaling of coredns
e24e1332fd Bump containerd to v1.5.7+k3s1
12e675e2cc Don't evacuate the root cgroup when rootless
cd5002ea37 Skip tests that violate version skew policy
5d1a37ee32 Send MAINPID to systemd when reexecing for logfile output
a16105b348 Properly handle operation as init process
f4cea90cb9 set transport to skip verify if se skip flag passed (#4102)
fd495a6a5f Bump stable to v1.21.5+k3s1 (#4068)
87524a7ac7 Enable the inheritance of settings for ipv6
4ec71b360c Adding fossa anaylze/test drone step
73e21e739f Drop broken SupportNoneCgroupDriver support
8005885bad Add 1.22 channel
539e224159 Update build images to python3 for compat with recent gsutil change
b99b943c17 Use the new klipper-lb image that has newer go and Alpine versions
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
7223f80a2b |
k3s: update to 1.22.3
Bumping k3s to version v1.22.3+k3s1, which comprises the following commits:
61a2aab25e Upgrade containerd
e1883d0537 Bump klipper-lb image for arm fix
5eb13b6ba6 Fix log/reap reexec
259ceb452c Fix other uses of NewForConfigOrDie in contexts where we could return err
cc23fce0a7 Watch the local Node object instead of get/sleep looping
6349aed8e8 Block scheduler startup on untainted node when using embedded CCM
db8f54e6af Update to v1.22.3 (#4348)
46eea2f10a Revert "Add ability to reconcile bootstrap data between datastore and disk (#3398)"
9a4ca5978b reset buffer after use (#4279) (#4329)
c9f6fa0be0 remove integration test
07f844cf95 Copy old bootstrap buffer data for use during migration (#4215)
48355dce10 Add ability to reconcile bootstrap data between datastore and disk (#3398)
84e9b829e0 Update peer address when running cluster-reset
06b8639068 Bump klipper-helm version
f98934980d Added configuration input to etcd-snapshot (#4280) (#4281)
7ede7d2e7c Update to the newest flannel
971854c15b Refactor log and reaper exec to omit MAINPID
3988edef25 Add containerd ready channel to delay etcd node join
b65bcdf963 Bump klog fork version
7c78e1c802 [Release-1.22] - Add etcd s3 timeout (#4207) (#4230)
c10a0a2163 Fix race condition in cloud provider
6193b1af97 Display cluster tls error only in debug mode (#4200)
737f722315 set transport to skip verify if se skip flag passed (#4102) (#4103)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Richard Neill
|
152e254b0f |
k3s: Add additional required kernel modules
Adds the following kernel modules for k3s: * xt-physdev * xt-nflog * xt-limit * nfnetlink-log Without them, the k3s network-policy-controller reports failures in the log related to iptables-restore. Signed-off-by: Richard Neill <richard.neill@arm.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
0a7ae8bc50 |
global: convert github SRC_URIs to use https protocol
github is removing git:// access, and fetches will start experiencing interruptions in service, and eventually will fail completely. bitbake will also begin to warn on github src_uri's that don't use https. So we convert the meta-virt instances to use protocol=https (done using the oe-core contrib conversion script) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Kamil Dziezyk
|
e94f6cb9ab |
k3s: Add xt-statistic kernel module to rrecommends
Include the xt-statistic kernel module required by K3S for iptables configuration. Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com> Change-Id: I7592261c65c7c0831ce553ee907fba9e3e458b6f Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Kamil Dziezyk
|
7304d7e245 |
k3s: Update k3s service configuration
Update k3s.service with the latest changes from install.sh script. Add k3s-killall.sh script to stop all of the K3s containers and reset the containerd state. The killall script cleans up containers, K3s directories, and networking components while also removing the iptables chain with all the associated rules. The cluster data will not be deleted. Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com> Change-Id: If1794367cabfc18fc8e3ecaf26badd4d0bc25114 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
83cf286391 |
k3s: update to v1.22.x
Bumping k3s to version v1.22.2+k3s2-4-g737f722315, which comprises the following commits:
737f722315 set transport to skip verify if se skip flag passed (#4102) (#4103)
dd4b36e034 Add "etcd-" prefix to etcd-snapshot commands as aliases (#4161) (#4170)
cedcece9cc Dual-stack support LB controller
3f5774b41e Bump containerd to v1.5.7+k3s1
bdd597fb9e Don't evacuate the root cgroup when rootless
6d282b26c2 Skip tests that violate version skew policy
a09bcba540 Properly handle operation as init process
44013ae899 Enable the inheritance of settings for ipv6
10bca343e8 Update build images to python3 for compat with recent gsutil change
28be0de4e8 Revert "Use the newer klipper-lb image"
64b502e92c Disable automounting service account token in servicelb pods
7826407a2e Make sure there are no duplicates in etcd member list (#4025)
1d21491094 Use the newer klipper-lb image
753e11ee3c Enable JobTrackingWithFinalizers FeatureGate
dccee4e87b Fix regression from commit 137e80cd865efe51aa3ef0323fd6b0a014b7b9de
7a36c3f7f2 Bump golang version
77dfdda909 Update Kubernetes to v1.22.2-k3s1
eda65b19d9 Remove expiremental from cluster commands (#4024)
debb508643 Nvidia container runtime discovery in containerd config template (#3890)
086ca8ba6a Fix premature etcd shutdown when joining an existing cluster
85e11c47d1 Add StargzSupported stub for Windows
e732517712 Retrieve "CONTAINERD_" environment variables
acf9036b63 No-op when etcd member was already removed and use existing name for etcd controller (#4014)
9fcd79baae Add tests to the dual-stack PR and enable dual-stack with flannel backend
681058bb40 Add dual-stack support
5e0fae914f Bump helm-controller and klipper-helm image version
b72306ce3d Return the error since it just gets logged and retried anyways
5986898419 Use SubjectAccessReview to validate CCM RBAC
dc556cbb72 Set controller authn/authz kubeconfigs
199424b608 Pass context into all Executor functions
137e80cd86 Handle cgroup v1/2/hybrid in check-config.sh more explicitly/accurately
928b8531c3 [master] Add `etcd-member-management` controller to K3s (#4001)
699ea16523 go mod tidy
57377d2cd4 Minor cleanup on cribbed function
3449d5b9f9 Wait for apiserver readyz instead of healthz
3d27804c77 Anything not EL7 is EL8
b4d8c641c6 Add exposed metrics listener instead of replacing loopback listener
29c8b238e5 Replace klog with non-exiting fork
90960ebf4e SupportPodPidsLimit is locked to true of 1.20, making pids cgroup support mandatory
741ba95b04 Migrate sqlite data to etcd when initializing the cluster
a1ec43e0b7 feat: add option to disable s3 over https
8b857eef9c Ship Stargz Snapshotter (#2936)
cf12a13175 Add missing node name entry to apiserver SAN list
74196acaea added raspberry installation hint (#2379)
fdaa0c4210 Update maintainers to reflect team changes
b8add39b07 Bump kine for metrics/tls changes
ad1a40a96c Small updates to CONTRIBUTING (#3734)
933052a02c Fix condition for adding kubernetes endpoints (#3941)
4d6ddfea51 Bump stable to v1.21.4+k3s1
60297a1bbe Creation of K3s integration test Sonobuoy plugin (#3931)
84155ee313 Make consistent use of os-release vars
2a68c7c8a4 Fix issue where addon checksum was never stored
736c262612 Move cniplugins version to 0.9.1
96dcef478a Add functions to separate ipv4 from ipv6 functions
a9fce84ab6 github actions: enable workflow_dispatch (#3923)
114b30277f Redux: Enable K3s integration test to run on existing cluster (#3905)
f94d8d76a8 Check /etc/os-release exists before sourcing it
51b7451709 install.sh: Inform user of current k3s+SELinux support status for SUSE/openSUSE systems
331c6fed71 Remove runtime V1 (`containerd-shim`)
c23e63aeea Update RootlessKit to v0.14.5 (#3902)
176451f4ea Fix rootless regression in 1.22 (Set KubeletInUserNamespace gate) (#3901)
66dacc6ee0 Revert "Enable K3s integration test to run on existing cluster (#3892)" (#3899)
703b5af950 Enable K3s integration test to run on existing cluster (#3892)
58315fe135 Set osImage for docker image
156bae2940 Fix PREVIOUS_CHANNEL lookup when current minor release is not stable
e95b75409a Fix lint failures
a5355f0827 Replace dropped v1beta1 APIs with v1
dc14f370c4 Update wrangler to v0.8.5
c434db7cc6 Wrap errors in runControllers for additional context
422d266da2 Disable deprecated insecure port
641ab26fde Update containerd to 1.5
16616c6b90 Update grpc
54a7c860c7 Update kine for etcd v3.5 compat
92b651e548 update golangci config to sync with RKE2
4ebd6009ea Bump gopls and golangci-lint
872855015c Update etcd to v3.5.0
e204d863a5 Update Kubernetes to v1.22.1
ed5991f13b K3s Flock Integration Test (#3887)
e322924781 Reset load balancer state during restoraion (#3877)
a55921b33d Add missing labels to stalebot config
8e90c56f5c Update Kubernetes to v1.21.4-k3s1
544cf406aa Bump containerd to v1.4.9-k3s1
a1097984c0 Bump helm-controller to work around tiller crashes
b23955e835 Fix URL pruning when joining an etcd member (#3832)
e87204c064 Added new testing documentation (#3823)
a1e36153f9 Added locking system for integration tests (#3820)
ae909c73e5 Updated the code to use GetNetworkByName and tweaked logic.
4cc781b5e3 Moved testing utils into tests directory. Improved gotests template. (#3805)
dcf0657b20 account for an s3 folder when listing objects (#3807)
b4eca61aeb Prevent snapshot commands from creating empty snapshot directory (#3783)
3b01157a3a Use New Image Names (#3749)
bc96ffb5f3 Fix Node stuck at deletion (#3771)
338f9cae3f Bump helm-controller to v0.10.2
80a15bebc0 install.sh: Use built-in shell functionality instead of awk
dfd4e42e57 Wrap context with lease before importing images
2069cdf4ee Fix initial start of etcd only nodes (#3748)
429af17e4d update rancher/local-path-provisioner to v0.0.20
56109f96b3 Update MAINTAINERS (#3744)
5ab3590d9b Improve config retrieval messages
869b98bc4c Sync DisableKubeProxy into control struct
4f03532f47 Add nightly automation tests
09457a57d5 Add in stalebot config, starting with 6mo old stale issues. (#3739)
b1b5f72dc3 Notify systemd for etcd only node (#3732)
7704fb6ee5 Exporting the AddFeatureGate function and adding a unit test for it. (#3661)
fc19b805d5 Added logic to strip any existing hyphens before processing the args. (#3662)
a1d7a62493 Fix to allow non-root users access to storage volumes. (#3714)
90445bd581 Wait until server is ready before configuring kube-proxy (#3716)
21c8a33647 Introduction of Integration Tests (#3695)
f99b1c8798 add gotests templates (#3709)
71e1f1df8c Ignore markdown files for github actions (#3676)
1f6806d940 Update 1.21 stable version
20a48734c2 more fixes
7ebcc4b134 more fixes
b4401296ec replace error with warn in delete
2f82bfcf67 fix warning msg
b377839148 migrate old token key format
997ed7b9b4 simplifying the code
ad17292fa8 migrate empty string key properly
a65e5b6466 Fix multiple bootstrap keys found
37fcb61f5e move go routines for api server ready beneath wait group
c5832c1128 Bump Kubernetes to v1.21.3
b352d73511 Bump containerd to v1.4.8-k3s1
18bc98f60c adding startup hooks args to access to Disables and Skips (#3674)
dcabe14edd Update .github/ISSUE_TEMPLATE/feature_request.md
8840c937e6 Update .github/ISSUE_TEMPLATE/bug_report.md
bba49ea447 Fix to allow prune to correctly cleanup custom named snapshots (#3649)
f6be76b4f7 Add checkbox to denote backporting required on issue templates
aef8a6aafd Adding support for waitgroup to the Startuphooks (#3654)
ad28d18b19 Bump helm-controller to v0.10.1 (#3644)
d96fa8f727 Add issue template for creating release checklist issues (#3604)
a939decf01 fix a runtime core panic (#3627)
55fe4ff5b0 Convert existing unit tests to standard layout (#3621)
fbc41ed753 Upgrade k3s-root version
238dc2086e prevent snapshot save when snapshots are disabled (#3475)
a4c992ce52 🐳 burp to inetaf/tcpproxy
dd8398dc76 Bump the packaged runc binary version
ada145641c Update etcd snapshot error message to be more informative when etcd database is not found (#3568)
a62d143936 Fixing various bugs related to windows.
e1cd9438ad Update ROADMAP.md
81b006c938 Dispatch to rancher/system-agent-installer-k3s when tagged (#3589)
73df2d806b Update embedded kube-router (#3557)
77fcf2dfc5 missing build tag for windows
18367e12d0 Set ulimits in docker-compose.yml
8faa70dced Update to v1.21.2
6b3285b7e3 Fix coverage reporting to include all packages, not just those with tests
c833183517 Add unit tests for pkg/etcd (#3549)
cbfe673c43 Fix spelling to satisfy codespell check
cbacd7107e Allow passing targeted environment variables to containerd
4a6e87e5a2 Add user-facing change section to PR template
a5cff7e143 (docs) Update README.md
f5fbb9a9a8 Export cli server flags and etcd restoration functions (#3527)
246b378a27 Bump kine to resolve race condition and unrevisioned delete
3e1693bc97 Changes local storage pods to have 700 permissions (#3537)
7242ce9316 Redux: Add Unit Test Coverage to CI (#3524)
04398a2582 Move cloud-controller-manager into an embedded executor (#3525)
f3d0a857d2 Bump stable version to v1.21.2+k3s1 (#3526)
a84c75af62 Adds a command-line flag '--disable-helm-controller' that will disable the server's built-in helm controller.
cf55712767 Revert "Add Unit Test Coverage to CI (#3494)" (#3499)
216b3beaef Add Unit Test Coverage to CI (#3494)
82394d7d36 Basic windows agent that will join a cluster without CNI.
136dddca11 Fix storing bootstrap data with empty token string (#3422)
a629db023c Fail to start k3s if nm-cloud-setup is enabled
4b2ab8b515 Renamed client-cloud-controller crt and key (#3470)
ef23c6c548 Redux: Change containerd image leases from context lifespan to permanent (#3464)
b74c499709 Revert "Change containerd image leases from 24h to permanent (#3452)" (#3461)
86b3ba8dba Change containerd image leases from 24h to permanent (#3452)
88f95ec409 Send systemd notifications for both server and agent (#3430)
a7d1159ba6 Emit events for AddOn lifecycle
ea2cd6d727 Add comments, clean up imports and function names
6e48ca9b53 Tidy up function calls with many args
6ef000091a Add nodename to UA string for deploy controller
2afa3dbe1c Changed iptables version check for fail if version is between 1.8.0 and 1.8.3 and using nf_tables mode (#3425)
f6cec4e75d Add kubernetes.default.svc to serving certs
243fd14cf1 Change Replace with ReplaceAll function
afd506a595 fix possible race where bootstrap data might not save
2682183773 add log message indicating etcd snapshots are disabled
664a98919b Fix RBAC cloud-controller-manager name 3308 (#3388)
5e0527f304 cgroup2 CI: add rootless
daf527ccaf k3s-rootless.service: use fuse-overlayfs snapshotter
1576030d6b Add a path for wireguard's privatekey
7345ac35ae Initial windows support for agent (#3375)
3abe7c7cef Bump stable version to v1.21.1+k3s1 and add v1.21 channel
d415e41337 Update flannel version
cb25835d84 containerd: v1.4.4-k3s2
79cf4a7c83 Bump channel stable version to v1.20.7+k3s1
25c2888d28 Fix shell expansion and file permission issues install.sh
f11cbc5a8e runc: v1.0.0-rc95 (#3348)
ecbf17e2ed move object channel defer close to goroutine
254b52077e add retention default and wire in s3 prune
7e175e8ad4 Handle conntrack-related sysctls in supervisor agent setup
c824c3bcc1 Add support for multiple env files for systemd unit
e8ecc00fc8 add etcd snapshot save subcommand
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
4ab1f0527b |
k3s: update to v1.21.5
Bumping k3s to version v1.21.5+k3s2-2-gaa5a0a8c78, which comprises the following commits:
aa5a0a8c78 set transport to skip verify if se skip flag passed (#4102) (#4104)
3ee5098225 Add "etcd-" prefix to etcd-snapshot commands as aliases (#4161) (#4171)
724ef700ba Bump containerd to v1.4.11+k3s1
69a9f46bce Don't evacuate the root cgroup when rootless
0af55a830a Skip tests that violate version skew policy
9e66f975d5 Fix PREVIOUS_CHANNEL lookup when current minor release is not stable
38ddda587a Properly handle operation as init process
15f3a2ebfb Enable the inheritance of settings for ipv6
273827d4ba Update build images to python3 for compat with recent gsutil change
8c2f7ac41c Remove experimental from cluster commands
acad8ef840 [release-1.21] Update Kubernetes to v1.21.5 (#4032)
6acee2e2f5 No-op when etcd member was already removed and use existing name for etcd controller (#4015)
863512e055 Initial leader elected etcd member management controller (#4010)
37caf87d6d Add exposed metrics listener instead of replacing loopback listener
a8a6edfb0d Add missing node name entry to apiserver SAN list
659307d327 Fix condition for adding kubernetes endpoints (#3941) (#3946)
7cf85c235a Fix issue where addon checksum was never stored
656c190629 Reset load balancer state during restoraion (#3878)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
7b46286b34 |
virtual/containerd: don't rprovide virtual/
Similar to the oe-core commit:
commit 93ac180d8c389f16964bce8bd5538d9389e970e6
Author: Michael Opdenacker <michael.opdenacker@bootlin.com>
Date: Wed Sep 1 11:20:20 2021 +0200
meta: stop using "virtual/" in RPROVIDES and RDEPENDS
Fixes [YOCTO #14538]
Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS.
That's confusing because "virtual/" has no special meaning in
RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS).
Instead, using "virtual-" instead of "virtual/"
as already done in the glibc recipe.
We stop rproviding virtual/containerd to keep the namespace clean.
There aren't many users of this virtual provides, but we keep
it around (for now) to maintain compatibility.
At the same time we convert the RPROVIDES to virtual-containerd, to keep
it available and consistent with oe-core use virtual-libc, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
8a974c88ca |
k3s: update to 1.21.4
Bumping k3s to version v1.21.4+k3s1-1-g656c190629, which comprises the following commits:
656c190629 Reset load balancer state during restoraion (#3878)
3e250fdbab Update Kubernetes to v1.21.4-k3s1
5802b429f8 Bump containerd to v1.4.9-k3s1
abb6581a94 Bump helm-controller to work around tiller crashes
e45726f610 Fix URL pruning when joining an etcd member
18bc38d838 account for an s3 folder when listing objects (#3807) (#3812)
12ec437605 fix Node stuck at deletion (#3775)
69047a35c0 Bump helm-controller to v0.10.2
cc694b1f09 Notify systemd for etcd only node (#3733)
e6247d583c [Backport 1.21] Cannot write data to local PVC (#3721)
786f91b997 Fix multiple bootstrap keys found
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
d876cfc5bf |
global: overrides syntax conversion
OEcore/bitbake are moving to use the clearer ":" as an overrides
separator.
This is pass one of updating the meta-virt recipes to use that
syntax.
This has only been minimally build/runtime tested, more changes
will be required for missed overrides, or incorrect conversions
Note: A recent bitbake is required:
commit 75fad23fc06c008a03414a1fc288a8614c6af9ca
Author: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Sun Jul 18 12:59:15 2021 +0100
bitbake: data_smart/parse: Allow ':' characters in variable/function names
It is becomming increasingly clear we need to find a way to show what
is/is not an override in our syntax. We need to do this in a way which
is clear to users, readable and in a way we can transition to.
The most effective way I've found to this is to use the ":" charater
to directly replace "_" where an override is being specified. This
includes "append", "prepend" and "remove" which are effectively special
override directives.
This patch simply adds the character to the parser so bitbake accepts
the value but maps it back to "_" internally so there is no behaviour
change.
This change is simple enough it could potentially be backported to older
version of bitbake meaning layers using the new syntax/markup could
work with older releases. Even if other no other changes are accepted
at this time and we don't backport, it does set us on a path where at
some point in future we could
require a more explict syntax.
I've tested this patch by converting oe-core/meta-yocto to the new
syntax for overrides (9000+ changes) and then seeing that builds
continue to work with this patch.
(Bitbake rev: 0dbbb4547cb2570d2ce607e9a53459df3c0ac284)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
9cfb3ae103 |
k3s: update to v1.21.3
Bumping k3s to version v1.21.3+k3s1, which comprises the following commits:
786f91b997 Fix multiple bootstrap keys found
b9cc6409f4 Bump containerd to v1.4.8-k3s1
c15259d925 Fix to allow prune to correctly cleanup custom named snapshots (#3649) (#3672)
659002f153 [release-1.21] Upgrade k3s-root version
9c981b0184 [release-1.21] Bump Kubernetes to v1.21.3 (#3652)
9859ec7a81 [release-1.21] - Backport Fix storing bootstrap data with empty token string (#3514)
5a88b5b3ea Emit events for AddOn lifecycle
ab0520f44e Add comments, clean up imports and function names
411d7e6753 Tidy up function calls with many args
ff0451c4dd Add nodename to UA string for deploy controller
c3d134a405 prevent snapshot save when snapshots are disabled (#3475) (#3610)
267adf64dc Bump the packaged runc binary version
42ab13a869 Update etcd snapshot error message to be more informative when etcd database is not found (#3592)
bbd4fb9888 Dispatch to rancher/system-agent-installer-k3s when tagged
0c5577a8ec [Backport 1.21] Update embedded kube-router (#3557) (#3595)
04d425289f Fix spelling to satisfy codespell check
733ca42b6a go mod vendor
9863b92eb4 Bump rancher/klipper-helm image in airgap image-list.txt
0a5bca7ea2 Bump helm-controller to v0.10.1
0c2d8376d0 Changes local storage pods to have 700 permissions (#3537) (#3548)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
9eff8e847b |
k3s: bump to 1.21.2
Bumping k3s to version v1.21.2+k3s1-6-g0c2d8376d0, which comprises the following commits:
0c2d8376d0 Changes local storage pods to have 700 permissions (#3537) (#3548)
65e521140a [Backport 1.21] Move cloud-controller-manager into an embedded executor (#3530)
3224f6b56d fix possible race where bootstrap data might not save
5a67e8dc47 Update to v1.21.2 (#3479)
c35761d169 Renamed client-cloud-controller crt and key (#3472)
8651d6af5f Send systemd notifications for both server and agent (#3430) (#3460)
32b02d1baf Send systemd notifications for both server and agent (#3430)
c012e6ec6f Changed iptables version check for fail if version is between 1.8.0 and 1.8.3 and using nf_tables mode (#3454)
eac48f69bc Add kubernetes.default.svc to serving certs
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
b88e74aca7 |
k3s: update to 1.21 latest
Bumping k3s to version v1.21.1+k3s1-10-geac48f69bc, which comprises the following commits:
eac48f69bc Add kubernetes.default.svc to serving certs
16ae282c7a Fix RBAC cloud-controller-manager name 3308 (#3388) (#3408)
ff54d8c96d Add a path for wireguard's privatekey
1932979f44 Update flannel version
8fd180e0d9 move object channel defer close to goroutine
69795277be add retention default and wire in s3 prune
58649c5e85 add etcd snapshot save subcommand
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
78f83d1e98 |
k3s: update to v1.21.x
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
77f8a0b4d4 |
k3s: update to v1.20.6
Bumping to the latest 1.20.x release, which comprises the following commits: b06a5ffc2f Update to v1.20.6 77390596e6 add cloud controller manager fixes from master ef28edaf9a Update to v1.20.6 1521e3b085 Resolve local retention issue when S3 in use. 221c9ae589 add hidden attribute to disable flags 9a572ecae0 delete nocluster file and remove build tag 3f73665131 remove hidden attribute from cluster flags and related code 29f6275aae add etcd s3 secret and access key flags and env vars to secret data 355fff3017 Update to Kubernetes v1.20.5 (#3094) c09142a3a7 put etcd bootstrap save call in goroutine and update comment a2b1d28c68 [release 1.20] containerd: v1.4.4-k3s1 (#3086) 62839b302a remove duplicate method 0167f86f5d Have Bootstrap Data Stored in etcd at Completed Start (#3038) 1da86eaa0b Etcd Snapshot/Restore to/from S3 Compatible Backends (#2902) 0a3360fc6f Add ability to perform an etcd on-demand snapshot via cli (#2819) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
a50389a985 |
k3s: clean up README
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
5d7d39943f |
k3s: rrecommend required kernel modules
If the required modules aren't in the image, k3s will fail to start. Set the requirements as RRECOMMENDS for image types that don't install the kernel-modules meta-package. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d891808b45 |
k3s: drop ctr symlink
We build and depend on our own containerd, we don't need the ctr symlink to k3s for proper operation. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cad10c54f2 |
k3s: add additional build tags
To more closely align with the rancher/upstream build, we add additional tags to the build. To make them easier to manage, we also introduce a variable and use it in the go build line. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
98daf1fa93 |
k3s: add seccomp distro feature requirement
k3s requires seccomp, and a runc with seccomp enabled for proper operation. runc has a distro feature check to enable seccomp, so if we enforce it as k3s feature, we'll also get a properly built runc and we'll work out of the box. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
0a35ee512c |
k3s: bump to v1.20.4
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
18a0ff528c |
k3s: bump to v1.19.5
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
159990bfa3 |
k3s: bump to v1.19
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |