File k3s.changes of Package k3s
-------------------------------------------------------------------
Tue Aug 27 21:55:38 UTC 2024 - Jeff Mahoney <jeffm@suse.com>
- Added Restart=on-failure to service files.
-------------------------------------------------------------------
Wed Jul 31 14:15:18 UTC 2024 - Jeff Mahoney <jeffm@suse.com>
- Change systemd services to depend on network-online.target instead
of network.target. Otherwise, k3s fails to start because no default
route is present.
-------------------------------------------------------------------
Thu Jul 18 12:24:58 UTC 2024 - jeffm@suse.com
- Update to version 1.28.11+k3s2:
* Update flannel to v0.25.4 and fixed issue with IPv6 mask
* Replace 1-weight semaphore on snapshots with simple mutex
* Fix agent supervisor port using apiserver port instead
* [release-1.28] Update Kubernetes to v1.28.11 (#10347)
* fix typo, use rancher/permissions
* Fix race condition panic in loadbalancer.nextServer
* Add test for `isValidResolvConf` (#10302) (#10331)
* Add snapshot retention etcd-s3-folder fix
* Fix bug that caused agents to bypass local loadbalancer
* fix: Use actual warningPeriod in certmonitor
* Bump Local Path Provisioner version (#10268)
* Add write-kubeconfig-group flag to server (#9233)
* Fix embedded mirror blocked by SAR RBAC and re-enable test
* Fix issue caused by sole server marked as failed under load
* Fix netpol crash when node remains tained unintialized
* chore: Bump Trivy version
* Bump ubuntu from 22.04 to 24.04 in /tests/e2e/scripts
* Use busybox tar to avoid issues with fchmodat2 on arm
* Bump alpine from 3.18 to 3.20 in /package
* Bump alpine from 3.18 to 3.20 in /conformance
* Update golangci-lint to stop using deprecated skip files/dirs
* Convert remaining http handlers over to use util.SendError
* Refactor supervisor listener startup and add metrics
* Add proctitle package with linux and windows constraints
* Fix issue with k3s-etcd informers not starting
* Updating the script binary_size_check to complete the command name by adding .exe extension to the k3s binary name to make it available to run stat command
* Bump klipper-helm image for tls secret support
* allow helm controller set owner reference
* Follow directory symlinks in auto deploying manifests (#9288)
* add missing kernel config check
* Validate resolv.conf for presence of nameserver entries
* Bump kine to v0.11.9 to fix pagination
* bump minio-go to v7.0.70
* Add support for svclb pod PriorityClassName
* Update local-path-provisioner helper script
* Fix issue with local traffic policy for single-stack services on dual-stack nodes.
* Bump spegel version
* bump etcd to v3.5.13
* Bump containerd to v1.7.17
* Switch stargz over to cri registry config_path
* Use fixed stream server bind address for cri-dockerd
* Add WithSkipMissing to not fail import on missing blobs
* Improve tailscale test & add extra log in e2e tests
* Update kube-router version to v2.1.2
* Use TrafficManager interface when calling flannel
* Bump flannel version to v0.25.2
* Fix bug when using tailscale config by file
* Replace deprecated ruby function
* Update to v1.28.10 (#10098)
* windows changes
* Set release channel for e2e upgrade test
* Bump E2E opensuse leap to 15.6, fix btrfs test (#10057)
* Make /db/info available anonymously from localhost
* Fix 10 second etcd-snapshot request timeout
* Fix on-demand snapshots not honoring folder
* Update to v1.28.9 (#9959)
* Update kube-router to v2.1.0
* Allow LPP to read helper logs (#9834)
* Update packaged manifests
* Actually fix agent certificate rotation
* Don't log 'apiserver disabled' error sent by etcd-only nodes
* Improve etcd load-balancer startup behavior
* Move etcd snapshot management CLI to request/response
* Bump containerd and cri-dockerd
* Add supervisor cert/key to rotate list
* Add workaround for containerd hosts.toml bug
* Add certificate expiry check and warnings
* Add health-check support to loadbalancer
* Fix etcd snapshot reconcile for agentless nodes
* Add /etc/passwd and /etc/group to k3s docker image
* Fix error when image has already been pulled
* Respect cloud-provider fields set by kubelet
* Send error response if member list cannot be retrieved
* Move error response generation code into util
* Bump spegel to v0.0.20-k3s1 (#9880)
* Add tls for kine
* Fix embeddedmirror test
* E2E setup: Only install jq when we need it
* Add wasm test to e2e matrix
* Move to ubuntu 23.10 for E2E tests (#9755)
* Use ubuntu latest for better golang caching keys (#9711)
* Transition from deprecated pointer library to ptr (#9801) (#9824)
* Remove old pinned dependencies (#9827)
* Add a new error when kine is with disable apiserver or disable etcd
* Update to v1.28.8-k3s1 and Go 1.21.8 (#9746)
* Fix wildcard entry upstream fallback
* Fix flaky check in btrfs test
* Fix e2e vagrant cacheing
* Run docker tests in E2E GH Action
* Bump upload and download actions to v4 (#9666)
* Improve E2E Aftersuite cleanup
* update s3 e2e test (#9025)
* Move to ubuntu 2204 for all E2E tests
* Convert snapshotter test in e2e test
* Migrate E2E tests to GitHub Actions
* Allow non-sudo vagrant
* Move docker tests into tests folder (#9555)
* Warn and suppress duplicate registry mirror endpoints
* Bump metrics-server to v0.7.0
* Include flannel version in flannel cni plugin version
* Update contrib/util/check-config.sh
* Rename `RAW_OUTPUT` -> `NO_COLOR`
* Disable color outputs using RAW_OUTPUT env var
* Fix wildcard with embbeded registry test
* e2e tests: cover WebAssembly integration
* fix: use correct wasm shims names
* Don't register embedded registry address as an upstream registry
* Remove filtering of wildcard mirror entry
* Add env var to allow spegel mirroring of `latest` tag
* Bump spegel to v0.0.18-k3s4
* Use and version flannel/cni-plugin properly
* Move snapshot-retention to EtcdSnapshotFlags in order to support loading from config
* Clean up snapshotDir create/exists logic
* Fix additional corner cases in registries handling
* Bump helm-controller/klipper-helm versions
* Fix issue with etcd node name missing hostname
* Tweak netpol node wait logs
* Fix NodeHosts on dual-stack clusters
* Rootless mode also bind service nodePort to host for LoadBalancer type
* Improve tailscale e2e test
* Adjust first node-ip based on configured clusterCIDR
* [Release-1.28] chore(deps): Remediating CVE-2023-45142 CVE-2023-48795 (#9647)
* Update klipper-lb image version
* Fix setup-go typos (#9634)
* Reenable Install and Snapshotter Testing (#9601)
* Better GitHub CI caching strategy for golang (#9495)
* Update install test OS matrix (#9480)
* Unit Testing Matrix and Actions bump (#9479)
* Add an integration test for flannel-backend=none
* Fix netpol startup when flannel is disabled
* Use 3/2/1 cluster for split role test
* Change default number of etcd nodes in E2E splitserver test
* Rename AgentReady to ContainerRuntimeReady for better clarity
* Restore original order of agent startup functions
* remove e2e logs drone step (#9516)
* [Release-1.28] Fix drone publish for arm (#9508)
* Update Kubernetes to v1.28.7 (#9492)
* [Release-1.28] Support PR testing installs (#9469)
* [Release-1.28] Test_UnitApplyContainerdQoSClassConfigFileIfPresent (#9440)
* [Release-1.28] Enable longer http timeout requests (#9444)
* Bump kine and set NotifyInterval to what the apiserver expects
* Expose rootless containerd socket directories for external access
* Expose rootless state dir under ~/.rancher/k3s/rootless
* Don't verify the node password if the local host is not running an agent
* Fix ipv6 endpoint address selection for on-demand snapshots
* Fix issue with coredns node hosts controller
* Bump CNI plugins to v1.4.0
* Add check for etcd-snapshot-dir and fix panic in Walk
* Retry startup snapshot reconcile
* Fix excessive retry on snapshot reconcile
* Update Kube-router to v2.0.1
* allow executors to define containerd and docker behavior
* Update flannel to v0.24.0 and remove multiclustercidr flag (#9075)
* Bump flannel version
* Changed how lastHeartBeatTime works in the etcd condition
* Runtimes refactor using exec.LookPath
* [Release-1.28] Auto Dependancy Bump (#9419)
* Consistently handle component exit on shutdown
* Bump cri-dockerd
* Bump Local Path Provisioner version (#8953) (#9426)
* Bump helm-controller to fix issue with ChartContent
* Bump runc and helm-controller versions
* gofmt config_test.go
* Fix issues with certs.d template generation
* Use `ipFamilyPolicy: RequireDualStack` for dual-stack kube-dns (#8984)
* Update to v1.28.6 (#9260)
* Error getting node in setEtcdStatusCondition
* Move proxy dialer out of init() and fix crash
* Rebase & Squash (#9070)
* Pin opa version for missing dependency chain (#9216)
* Bump quic-go for CVE-2023-49295
* Enable network policy controller metrics
* Add e2e test for embedded registry mirror
* Add embedded registry implementation
* Add server CLI flag and config fields for embedded registry
* Add ADR for embedded registry
* Propagate errors up from config.Get
* Move registries.yaml load into agent config
* Pin images instead of locking layers with lease
* Fix OS PRETTY_NAME on tagged releases
* Add runtime checking of golang version
* Add more paths to crun runtime detection (#9086)
* Add support for containerd cri registry config_path
* Fix nil map in full snapshot configmap reconcile
* Handle logging flags when parsing kube-proxy args
* Fix the OTHER log message that prints the wrong variable
* Dockerfile.dapper: set $HOME properly
* Add ServiceLB support for PodHostIPs FeatureGate
* Remove GA feature-gates (#8970)
* Handle etcd status condition when cluster reset and disable etcd
* Wait for taint to be gone in the node before starting the netpol controller
* Add a retry around updating a secrets-encrypt node annotations (#9125)
* Only publish to code_cov on merged E2E builds (#9083)
* Update to v1.28.5-k3s1 (#9081)
-------------------------------------------------------------------
Thu May 23 11:01:19 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 1.30.1+k3s1:
* Update to v1.30.1 (#10105)
* windows changes
* Update channels with 1.30 (#10097)
* Replace deprecated ruby function
-------------------------------------------------------------------
Tue May 14 05:35:04 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 1.30.0+k3s1:
* Fix e2e tests (#10061)
* Deprecate pod-infra-container-image kubelet flag (#7409)
* Kubernetes V1.30.0-k3s1 (#10063)
* Bump E2E opensuse leap to 15.6, fix btrfs test (#10057)
* Add E2E Split Server to Drone, support parrallel testing in
Drone (#9940)
* update stable channel to v1.29.4+k3s1 (#10031)
-------------------------------------------------------------------
Sun May 5 07:32:48 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- add conflicts for rke2 and kubernetes-kubelet-common, as those
also use /var/lib/kubelet
-------------------------------------------------------------------
Fri Apr 19 05:37:37 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- add Recommends for the flannel CNI plugin
-------------------------------------------------------------------
Thu Apr 18 19:34:53 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- change to obs_scm
-------------------------------------------------------------------
Sun Apr 7 14:30:16 UTC 2024 - Berthold Gunreben <azouhr@opensuse.org>
- k3s will not start if VERSION_GOLANG has not been set with -ldflags
-------------------------------------------------------------------
Fri Jan 19 08:37:34 UTC 2024 - Berthold Gunreben <azouhr@opensuse.org>
- Make older distributions work again
- Remove obsolete tar archive of previous version
-------------------------------------------------------------------
Wed Jan 17 13:11:41 UTC 2024 - Berthold Gunreben <azouhr@opensuse.org>
- Adopt specfile to new github directory
- Revert https://github.com/k3s-io/k3s/pull/8998 that removed s390x from PLUGIN_PLATFORMS
- Add go_modules service to _service and add resulting vendor.tar.gz to package
-------------------------------------------------------------------
Mon Jul 25 04:07:49 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
- Add _constraints overwrite ppc64le disk requires 7GB to build
-------------------------------------------------------------------
Mon May 2 08:33:45 UTC 2022 - Martin Liška <mliska@suse.cz>
- Remove dependency on binutils-gold as the package will be removed
in the future. Gold linker is unmaintained by the upstream project.
-------------------------------------------------------------------
Thu Nov 04 17:44:06 UTC 2021 - egotthold@suse.com
- Update to version 1.22.3+k3s1:
* Upgrade containerd
* Bump klipper-lb image for arm fix
* Fix log/reap reexec
* Fix other uses of NewForConfigOrDie in contexts where we could return err
* Watch the local Node object instead of get/sleep looping
* Block scheduler startup on untainted node when using embedded CCM
* Update to v1.22.3 (#4348)
* Revert "Add ability to reconcile bootstrap data between datastore and disk (#3398)"
* reset buffer after use (#4279) (#4329)
* remove integration test
* Copy old bootstrap buffer data for use during migration (#4215)
* Add ability to reconcile bootstrap data between datastore and disk (#3398)
* Update peer address when running cluster-reset
* Bump klipper-helm version
* Added configuration input to etcd-snapshot (#4280) (#4281)
* Update to the newest flannel
* Refactor log and reaper exec to omit MAINPID
* Add containerd ready channel to delay etcd node join
* Bump klog fork version
* [Release-1.22] - Add etcd s3 timeout (#4207) (#4230)
* Fix race condition in cloud provider
* Display cluster tls error only in debug mode (#4200)
* set transport to skip verify if se skip flag passed (#4102) (#4103)
* Add "etcd-" prefix to etcd-snapshot commands as aliases (#4161) (#4170)
* Dual-stack support LB controller
* Bump containerd to v1.5.7+k3s1
* Don't evacuate the root cgroup when rootless
* Skip tests that violate version skew policy
* Properly handle operation as init process
* Enable the inheritance of settings for ipv6
* Update build images to python3 for compat with recent gsutil change
* Revert "Use the newer klipper-lb image"
* Disable automounting service account token in servicelb pods
* Make sure there are no duplicates in etcd member list (#4025)
* Use the newer klipper-lb image
* Enable JobTrackingWithFinalizers FeatureGate
* Fix regression from commit 137e80cd865efe51aa3ef0323fd6b0a014b7b9de
* Bump golang version
* Update Kubernetes to v1.22.2-k3s1
* Remove expiremental from cluster commands (#4024)
* Nvidia container runtime discovery in containerd config template (#3890)
* Fix premature etcd shutdown when joining an existing cluster
* Add StargzSupported stub for Windows
* Retrieve "CONTAINERD_" environment variables
* No-op when etcd member was already removed and use existing name for etcd controller (#4014)
* Add tests to the dual-stack PR and enable dual-stack with flannel backend
* Add dual-stack support
* Bump helm-controller and klipper-helm image version
* Return the error since it just gets logged and retried anyways
* Use SubjectAccessReview to validate CCM RBAC
* Set controller authn/authz kubeconfigs
* Pass context into all Executor functions
* Handle cgroup v1/2/hybrid in check-config.sh more explicitly/accurately
* [master] Add `etcd-member-management` controller to K3s (#4001)
* go mod tidy
* Minor cleanup on cribbed function
* Wait for apiserver readyz instead of healthz
* Anything not EL7 is EL8
* Add exposed metrics listener instead of replacing loopback listener
* Replace klog with non-exiting fork
* SupportPodPidsLimit is locked to true of 1.20, making pids cgroup support mandatory
* Migrate sqlite data to etcd when initializing the cluster
* feat: add option to disable s3 over https
* Ship Stargz Snapshotter (#2936)
* Add missing node name entry to apiserver SAN list
* added raspberry installation hint (#2379)
* Update maintainers to reflect team changes
* Bump kine for metrics/tls changes
* Small updates to CONTRIBUTING (#3734)
* Fix condition for adding kubernetes endpoints (#3941)
* Bump stable to v1.21.4+k3s1
* Creation of K3s integration test Sonobuoy plugin (#3931)
* Make consistent use of os-release vars
* Fix issue where addon checksum was never stored
* Move cniplugins version to 0.9.1
* Add functions to separate ipv4 from ipv6 functions
* github actions: enable workflow_dispatch (#3923)
* Redux: Enable K3s integration test to run on existing cluster (#3905)
* Check /etc/os-release exists before sourcing it
* install.sh: Inform user of current k3s+SELinux support status for SUSE/openSUSE systems
* Remove runtime V1 (`containerd-shim`)
* Update RootlessKit to v0.14.5 (#3902)
* Fix rootless regression in 1.22 (Set KubeletInUserNamespace gate) (#3901)
* Revert "Enable K3s integration test to run on existing cluster (#3892)" (#3899)
* Enable K3s integration test to run on existing cluster (#3892)
* Set osImage for docker image
* Fix PREVIOUS_CHANNEL lookup when current minor release is not stable
* Fix lint failures
* Replace dropped v1beta1 APIs with v1
* Update wrangler to v0.8.5
* Wrap errors in runControllers for additional context
* Disable deprecated insecure port
* Update containerd to 1.5
* Update grpc
* Update kine for etcd v3.5 compat
* update golangci config to sync with RKE2
* Bump gopls and golangci-lint
* Update etcd to v3.5.0
* Update Kubernetes to v1.22.1
* K3s Flock Integration Test (#3887)
* Reset load balancer state during restoraion (#3877)
* Add missing labels to stalebot config
* Update Kubernetes to v1.21.4-k3s1
* Bump containerd to v1.4.9-k3s1
* Bump helm-controller to work around tiller crashes
* Fix URL pruning when joining an etcd member (#3832)
* Added new testing documentation (#3823)
* Added locking system for integration tests (#3820)
* Updated the code to use GetNetworkByName and tweaked logic.
* Moved testing utils into tests directory. Improved gotests template. (#3805)
* account for an s3 folder when listing objects (#3807)
* Prevent snapshot commands from creating empty snapshot directory (#3783)
* Use New Image Names (#3749)
* Fix Node stuck at deletion (#3771)
* Bump helm-controller to v0.10.2
* install.sh: Use built-in shell functionality instead of awk
* Wrap context with lease before importing images
* Fix initial start of etcd only nodes (#3748)
* update rancher/local-path-provisioner to v0.0.20
* Update MAINTAINERS (#3744)
* Improve config retrieval messages
* Sync DisableKubeProxy into control struct
* Add nightly automation tests
* Add in stalebot config, starting with 6mo old stale issues. (#3739)
* Notify systemd for etcd only node (#3732)
* Exporting the AddFeatureGate function and adding a unit test for it. (#3661)
* Added logic to strip any existing hyphens before processing the args. (#3662)
* Fix to allow non-root users access to storage volumes. (#3714)
* Wait until server is ready before configuring kube-proxy (#3716)
* Introduction of Integration Tests (#3695)
* add gotests templates (#3709)
* Ignore markdown files for github actions (#3676)
* Update 1.21 stable version
* more fixes
* more fixes
* replace error with warn in delete
* fix warning msg
* migrate old token key format
* simplifying the code
* migrate empty string key properly
* Fix multiple bootstrap keys found
* move go routines for api server ready beneath wait group
* Bump Kubernetes to v1.21.3
* Bump containerd to v1.4.8-k3s1
* adding startup hooks args to access to Disables and Skips (#3674)
* Update .github/ISSUE_TEMPLATE/feature_request.md
* Update .github/ISSUE_TEMPLATE/bug_report.md
* Fix to allow prune to correctly cleanup custom named snapshots (#3649)
* Add checkbox to denote backporting required on issue templates
* Adding support for waitgroup to the Startuphooks (#3654)
* Bump helm-controller to v0.10.1 (#3644)
* Add issue template for creating release checklist issues (#3604)
* fix a runtime core panic (#3627)
* Convert existing unit tests to standard layout (#3621)
* Upgrade k3s-root version
* prevent snapshot save when snapshots are disabled (#3475)
* 🐳 burp to inetaf/tcpproxy
* Bump the packaged runc binary version
* Update etcd snapshot error message to be more informative when etcd database is not found (#3568)
* Fixing various bugs related to windows.
* Update ROADMAP.md
* Dispatch to rancher/system-agent-installer-k3s when tagged (#3589)
* Update embedded kube-router (#3557)
* missing build tag for windows
* Set ulimits in docker-compose.yml
* Update to v1.21.2
* Fix coverage reporting to include all packages, not just those with tests
* Add unit tests for pkg/etcd (#3549)
* Fix spelling to satisfy codespell check
* Allow passing targeted environment variables to containerd
* Add user-facing change section to PR template
* (docs) Update README.md
* Export cli server flags and etcd restoration functions (#3527)
* Bump kine to resolve race condition and unrevisioned delete
* Changes local storage pods to have 700 permissions (#3537)
* Redux: Add Unit Test Coverage to CI (#3524)
* Move cloud-controller-manager into an embedded executor (#3525)
* Bump stable version to v1.21.2+k3s1 (#3526)
* Adds a command-line flag '--disable-helm-controller' that will disable the server's built-in helm controller.
* Revert "Add Unit Test Coverage to CI (#3494)" (#3499)
* Add Unit Test Coverage to CI (#3494)
* Basic windows agent that will join a cluster without CNI.
* Fix storing bootstrap data with empty token string (#3422)
* Fail to start k3s if nm-cloud-setup is enabled
* Renamed client-cloud-controller crt and key (#3470)
* Redux: Change containerd image leases from context lifespan to permanent (#3464)
* Revert "Change containerd image leases from 24h to permanent (#3452)" (#3461)
* Change containerd image leases from 24h to permanent (#3452)
* Send systemd notifications for both server and agent (#3430)
* Emit events for AddOn lifecycle
* Add comments, clean up imports and function names
* Tidy up function calls with many args
* Add nodename to UA string for deploy controller
* Changed iptables version check for fail if version is between 1.8.0 and 1.8.3 and using nf_tables mode (#3425)
* Add kubernetes.default.svc to serving certs
* Change Replace with ReplaceAll function
* fix possible race where bootstrap data might not save
* add log message indicating etcd snapshots are disabled
* Fix RBAC cloud-controller-manager name 3308 (#3388)
* cgroup2 CI: add rootless
* k3s-rootless.service: use fuse-overlayfs snapshotter
* Add a path for wireguard's privatekey
* Initial windows support for agent (#3375)
* Bump stable version to v1.21.1+k3s1 and add v1.21 channel
* Update flannel version
* containerd: v1.4.4-k3s2
* Bump channel stable version to v1.20.7+k3s1
* Fix shell expansion and file permission issues install.sh
* runc: v1.0.0-rc95 (#3348)
* move object channel defer close to goroutine
* add retention default and wire in s3 prune
* Handle conntrack-related sysctls in supervisor agent setup
* Add support for multiple env files for systemd unit
* add etcd snapshot save subcommand
-------------------------------------------------------------------
Fri Jul 23 09:58:56 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.21.3+k3s1:
* Fix multiple bootstrap keys found
* Bump containerd to v1.4.8-k3s1
* Fix to allow prune to correctly cleanup custom named snapshots (#3649) (#3672)
* Upgrade k3s-root version
* Bump Kubernetes to v1.21.3 (#3652)
* Backport Fix storing bootstrap data with empty token string (#3514)
* Emit events for AddOn lifecycle
* Add comments, clean up imports and function names
* Tidy up function calls with many args
* Add nodename to UA string for deploy controller
* prevent snapshot save when snapshots are disabled (#3475) (#3610)
* Bump the packaged runc binary version
* Update etcd snapshot error message to be more informative when etcd database is not found (#3592)
* Dispatch to rancher/system-agent-installer-k3s when tagged
* Update embedded kube-router (#3557) (#3595)
* Fix spelling to satisfy codespell check
* Bump rancher/klipper-helm image in airgap image-list.txt
* Bump helm-controller to v0.10.1
* Changes local storage pods to have 700 permissions (#3537) (#3548)
* Move cloud-controller-manager into an embedded executor (#3530)
* fix possible race where bootstrap data might not save
* Renamed client-cloud-controller crt and key (#3472)
* Send systemd notifications for both server and agent (#3430) (#3460)
* Changed iptables version check for fail if version is between 1.8.0 and 1.8.3 and using nf_tables mode (#3454)
* Add kubernetes.default.svc to serving certs
* Fix RBAC cloud-controller-manager name 3308 (#3388) (#3408)
* Add a path for wireguard's privatekey
* Update flannel version
* move object channel defer close to goroutine
* add retention default and wire in s3 prune
* add etcd snapshot save subcommand
- Update go to 1.16
-------------------------------------------------------------------
Mon Jun 21 10:52:40 UTC 2021 - Sayali Lunkad <sayali.lunkad@suse.com>
- Add binutils-gold for aarch64 builds (bsc#1187497)
-------------------------------------------------------------------
Thu Jun 3 13:23:59 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Drop cni-bin-dir.patch in favor a sed command to handle multiple
%{_libexec} values - boo#1186566
-------------------------------------------------------------------
Mon May 24 12:51:31 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.21.1+k3s1:
* [backport 1.21] containerd: v1.4.4-k3s2
* [backport 1.21] runc: v1.0.0-rc95 (#3348) (#3352)
* Handle conntrack-related sysctls in supervisor agent setup
* Bump to go 1.16.4
* Update Kubernetes to v1.21.1-k3s1
* Add the ability to prune etcd snapshots (#3310)
* Fix passthrough of SystemDefaultRegistry from server config
* change --disable-apiserver flag
* runc: v1.0.0-rc94 (#3305)
* Add executor.Bootstrap hook for pre-execution setup
* Add the ability to list etcd snapshots (#3303)
* Add system-default-registry support and remove shared code (#3285)
* Fix cluster restoration in rke2 (#3295)
* Use config file values in node-args annotation
* Add the ability to delete an etcd snapshot locally or from S3 (#3277)
* Sign CSRs for kubelet-serving with the server CA
* Add cgroup2 CI (Fedora on Vagrant on GHA)
* add new-line
* Invoke cluster reset function when only reset flag is passed (#3276)
* Add ci step to validate incorerct replacement fork
* reference node name when needed
* fixes #3264 - unmount CSI plugins on uninstall
* remove accidentially commited dapper files
* Collect and Store etcd Snapshots and Metadata (#3239)
* Typo fix in README.md
* Export CriConnection function (#3225)
* Use same SANs on ServingKubeAPICert as dynamiclistener
* Add ability to append to slice during config file merge
* Add install script option to force a restart of the K3s service (#3235)
-------------------------------------------------------------------
Thu Apr 29 09:11:09 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.21.0+k3s1:
* Add support for dual-stack Pod/Service CIDRs and node IP addresses (#3212)
* mark v1.20.6+k3s1 as stable
* Update bug_report.md language
* Update feature_request.md
* Support .d directory for k3s config file (#3162)
* Fix service-account-issuer
* Update to forked protobuf 1.4.3-k3s1
* Reduce node and service wait times
* Update Kubernetes to v1.21.0
* Resolve local retention issue when S3 in use.
* add hidden attribute to disable flags
* add etcd s3 secret and access key flags and env vars to secret data
* Add gzip and zst airgap artifacts
* Update CoreDNS to version 1.8.3. (#3168)
* Fix up vagrant provision scripts
* Bump traefik to v2.4.8
* Fix CI failures non-deterministic traefik chart repackaging (#3165)
* delete nocluster file and remove build tag
* remove hidden attribute from cluster flags and related code
* Make v1.20.5+k3s1 stable
* remove duplicated func GetAddresses
* Update to Kubernetes v1.20.5 (#3094)
* Replace which with command -v (#3125)
* AkihiroSuda/containerd-fuse-overlayfs -> containerd/fuse-overlayfs-snapshotter
* rootless: allow kernel.dmesg_restrict=1
* rootless: enable resource limitation (requires cgroup v2, systemd)
* bump up RootlessKit
* containerd: v1.4.4-k3s1 (#3090)
* put etcd bootstrap save call in goroutine and update comment
* Remove unit files after disabling, instead of before
* remove etcd data dir when etcd is disabled (#3059)
* registry mirror repository rewrites (#3064)
* Have Bootstrap Data Stored in etcd at Completed Start (#3038)
* Define a Controllers and LeaderControllers on the server config (#3043)
* Don't start up multiple apiserver load balancers
* Handle loadbalancer port in TIME_WAIT
* Always use static ports for client load-balancers (#3026)
* Update GITHUB_URL
* Update .md files with url and email corrections
* Mark disable components flags as experimental (#3018)
* Etcd Snapshot/Restore to/from S3 Compatible Backends (#2902)
* Suppress test failure due to incompatible server
* Log clearer error on startup if NPC cannot be started
* Add script to test server/agent version compatibility
* change error to warn when removing self from etcd members
* update dynamiclistener
* remove etcd member if disable etcd is passed
* Apply suggestions from code review
* Update to Traefik 2.4.2 and combine manifests
* Remove Traefik v1 migration
* Allow download traefik static file and rename
* Traefik v2 integration
* Wait for apiserver to become healthy before starting agent controllers
* Hide the airgap-extra-registry flag
* update master to 1.20.4
* use v1.20.4-k3s1 as stable
* Update k3s-root to v0.8.1
* Limit zstd decoder memory
* Use HasSuffixI utility function
* Add support for retagging images on load from tarball
* Add disable flags for control components (#2900)
* update usage text (#2926)
-------------------------------------------------------------------
Mon Apr 19 10:54:43 UTC 2021 - alexandre.vicenzi@suse.com
- Update to version 1.20.6+k3s1:
* Update to v1.20.6
* add cloud controller manager fixes from master
* Update to v1.20.6
* Resolve local retention issue when S3 in use.
* add hidden attribute to disable flags
* delete nocluster file and remove build tag
* remove hidden attribute from cluster flags and related code
* add etcd s3 secret and access key flags and env vars to secret data
* put etcd bootstrap save call in goroutine and update comment
* remove duplicate method
* Have Bootstrap Data Stored in etcd at Completed Start (#3038)
* Etcd Snapshot/Restore to/from S3 Compatible Backends (#2902)
* Add ability to perform an etcd on-demand snapshot via cli (#2819)
* Update to Kubernetes v1.20.5 (#3094)
* [release 1.20] containerd: v1.4.4-k3s1 (#3086)
* Define a Controllers and LeaderControllers on the server config (#3053)
* Suppress test failure due to incompatible server
* Log clearer error on startup if NPC cannot be started
* Add script to test server/agent version compatibility
* [release-1.20] Add disable components flags (#3019)
* Update to v1.20.4 (#2960)
* Update k3s-root to v0.8.1
* Use appropriate response codes for authn/authz failures
- Bump go version to 1.15
-------------------------------------------------------------------
Wed Apr 14 14:26:22 UTC 2021 - Michal Suchanek <msuchanek@suse.com>
- Add disk size requirement in constraints
- host-local path fixup
* Refresh cni-bin-dir.patch
-------------------------------------------------------------------
Thu Mar 25 14:25:49 UTC 2021 - Michal Suchanek <msuchanek@suse.com>
- Update to upstream version 1.20.4+k3s1
* Known Issues
- K3s servers should always be upgraded before agents. Agents upgraded to
this release before all servers have been upgraded will fail to start due to
the issue described at #2996
* Changes since v1.20.2+k3s2:
+ Upgrade Kubernetes to v1.20.4 (#2960)
+ K3s servers now use appropriate HTTP response codes to node join failures
caused by incorrect credentials (#2915)
+ ServiceLB now adds IP addresses for all nodes running LB pods to the
Service ingress IP list (#2909)
+ K3s will now reliably enable CFS quotas when the cpu and cpuacct cgroup
controllers are comounted (#2911)
+ K3s nodes can now successfully join clusters when the cluster CA
certificate is trusted by the OS CA bundle (#2743)
+ K3s binary size has been reduced; time to first launch a new version of
K3s should be reduced as well (#2905)
+ K3s is now compiled with golang 1.15.8, resolving a common source of
crashes on 32bit arm systems (#2896)
+ Crictl will more reliably locate its config file when run by non-root users (#2894)
+ The K3s systemd unit will successfully start with a missing
EnvironmentFile (#2886 @AkihiroSuda)
+ The K3s Network Policy Controller has been updated, offering improved
performance and reliability of network policy enforcement (#2867)
+ K3s containerd now supports AppArmor signal mediation (#2877)
+ The K3s embedded userspace (k3s-root) has been updated to fix several
BusyBox CVEs and allow use of the fuse-overlayfs snapshotter (#2862 #2847)
+ K3s now supports cgroupv2 (#2844)
+ Several regressions in rootless support have been resolved (#2846)
+ Cadvisor statistics are no longer missing pod labels (#2836)
+ Embedded etcd's Prometheus metrics can now be exposed beyond localhost (#2750 @yuriydzobak)
+ The node.cloudprovider.kubernetes.io/uninitialized taint on new nodes is
now cleared more reliably (#2843)
+ Embedded etc snapshots can now be performed on-demand (#2819)
+ K3s no longer validates containerd snapshotter functionality when not
using the embedded containerd (#2800 @sonicaj)
* Embedded Component Versions
* Kubernetes v1.20.4
* Kine v0.6.0
* SQLite 3.33.0
* Etcd v3.4.13-k3s1
* Containerd v1.4.3-k3s3
* Flannel v0.12.0-k3s1
* Metrics-server v0.3.6
* Traefik v1.7.19
* CoreDNS v1.8.0
* Helm-controller v0.8.3
* Local-path-provisioner v0.0.19
- Refresh cni-bin-dir.patch
- hyperkube no longer available
-------------------------------------------------------------------
Tue Aug 4 11:41:14 UTC 2020 - Dirk Mueller <dmueller@suse.com>
- add conflicts and minimal update-alternatives for new kubectl implementation
-------------------------------------------------------------------
Mon Aug 3 17:02:25 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com>
- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
-------------------------------------------------------------------
Thu May 2 12:44:52 UTC 2019 - Duncan Mac-Vicar <dmacvicar@suse.de>
- Update to version 0.4.0
* Features and Enhancements
- Update to kubernetes v1.14.1 - Upgraded from Kubernetes
v1.13.5.
This Kubernetes upgrade moves pid limiting to beta and is
enabled by default, which may not be supported by all kernels.
K3s will auto-detect cgroup pids support and add flags as
needed if the pids module is not available. [#335]
- Add --bind-address flag for API server [#214]
Support custom bind address for kubernetes API server to bind to.
- Add --cluster-domain flag for custom kubelet and DNS configuration [#267]
Support configuring custom DNS cluster domains.
- Add --flannel-iface flag for agent [#72]
Support custom flannel interface.
- Add passthrough args [#290]
Support for overriding k3s default arguments or passing custom
arguments to Kubernetes processes:
--kube-apiserver-arg value
Customized flag for kube-apiserver process
--kube-scheduler-arg value
Customized flag for kube-scheduler process
--kube-controller-arg value
Customized flag for kube-controller-manager process
--kubelet-arg value
(agent) Customized flag for kubelet process
--kube-proxy-arg value
(agent) Customized flag for kube-proxy process
- Initial metrics-server support [#252]
Configures aggregation layer so metrics server can be launched and
metrics scraped. Future enhancements will remove need for a
custom metrics server deployment.
- Add experimental rootless support
Provides --rootless flag for running k3s agent as a user.
* Bug fixes
- Fixed an issue where k3s may not connect to the API server when using
proxy settings [#325]
- Changes from Release v0.3.0
* Features and Enhancements
- Airgap support with helm and preinstalled images [#166]
Support static helm charts through the API server and loading
container images on agents. See our documentation for details
on how to perform airgap installations.
- Add --tls-san flag for API server cert validation [#200]
Support alternate names for cert generation to avoid API cert issues.
- Add --resolv-conf flag for custom kubelet DNS configuration [#53]
- Support configuring custom DNS resolvers or using the host system's
resolv.conf configuration. If the host system's resolv.conf doesn't
supply any viable resolvers, intelligently fallback to 8.8.8.8
(Google Public DNS).
- Update to kubernetes v1.13.5
This upgrade from v1.13.4 addresses Kubernetes CVE-2019-9946
and CVE-2019-1002101.
* Bug fixes
- Fixed an issue where the k3s service load balancer will not be created
if the port name is longer than 15 characters #90
- Fixed an issue where k3s does not ignore empty yaml documents in a
manfest #222
- Fixed an issue where k3s may not run with selinux, the installer will now
add selinux permissions #227
- Fixed an issue where k3s deployment manifests are created even if
--no-deploy is specified #230
-------------------------------------------------------------------
Fri Mar 15 18:57:35 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Replace the sales pitch in the description by new wording,
sourced from second block paragraph of k3s's README.md and
Wikipedia, so as to fulfill the openSUSE description
recommendations on what k3s is, and how it differs from other
implementations of its kind.
-------------------------------------------------------------------
Fri Mar 15 10:40:37 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Fix 'Conflicts'
- Add 'iptables' requires
- Package hyperkube sepraretly
- Add a workaround for https://github.com/rancher/k3s/issues/231
- Add kubectl and crictl symlinks
- Update description
-------------------------------------------------------------------
Wed Mar 13 22:07:33 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Add requires to 'conntrack-tools' and 'runc' as it is needed at
runtime
-------------------------------------------------------------------
Wed Mar 13 15:07:20 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Fix k3s-agent.service as '-u' is not a valid option
-------------------------------------------------------------------
Tue Mar 12 15:02:30 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Update to version 0.2.0:
* Features and Enhancements:
- Support arbitrary CRI implementations [#107] - Users can now
configure k3s to use cri-o and other CRI implementations that
are not packaged into k3s.
- Support for preloading images [#92] - Users can now have node
agents load docker images from a location on the host at startup,
eliminating the need to pull images from a remote location.
- Upgrade to Kubernetes v1.13.4 [#95] - Update to the latest
release of Kubernetes.
- Support k3s on Rancher [#69] - Users can now import k3s
clusters into Rancher (supported in Rancher v2.2.0-rc3 and later).
- Support agent options in server command [#73] - Users can now
set any of the options available to agents when starting the k3s
server node.
- Support the ability to run k3s as non-root user [#38] - User
can now run the k3s server as a non-root user.
- Support the ability to read node token from a file [#98] - Users
can now have the node-agent read its token from a file rather
than passing it as a string.
* Bug fixes:
- Fixed an issue where preloaded deployment manifests fail to
deploy if no namespace is specified #151
- Fixed an issue where changes to helm chart values or
values.yaml aren't always triggering an upgrade #187
- Fixed an issue where nodes with uppercase hostnames hang
indefinitely #160
- Fixed an issue where containerd log level environment variable
is not respected #188
- Fixed an issue where node-token path doesn't resolve for root
user in agent scripts #189
- Fixed an issue where traefik is not listed in the --no-deploy
flag's help text #186
- Fixed an issue where changing cluster CIDR was not possible #93
- Fixed an issue where k3s systemd service should wait until
the server is ready #57
- Fixed an issue where test volume mount e2e fails for k3s
image #45
- Fixed an issue where component status is not accurate #126
- Fixed an issue where install script fails if wget is not
available #48
- Added the ability to dynamically install the latest release
of k3s #47
-------------------------------------------------------------------
Mon Mar 4 14:35:14 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Add _constraints to avoid 'cannot allocate memory' error seen
on aarch64
-------------------------------------------------------------------
Thu Feb 28 07:33:11 UTC 2019 - Duncan Mac-Vicar <dmacvicar@suse.de>
- Initial package - v0.1.0
