Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[release-1.29] Backports for 2024-06 release cycle #10249

Merged
merged 31 commits into from
May 31, 2024

Conversation

brandond
Copy link
Member

@brandond brandond commented May 29, 2024

Proposed Changes

Backports:

Types of Changes

Verification

Testing

See linked issues

Linked Issues

User-Facing Change

Add WithSkipMissing to not fail import on missing blobs
Use fixed stream server bind address for cri-dockerd
Switch stargz over to cri registry config_path
Bump to containerd v1.7.17, etcd v3.5.13
Bump spegel version
Fix issue with externalTrafficPolicy: Local for single-stack services on dual-stack nodes
ServiceLB now sets the priorityClassName on svclb pods to `system-node-critical` by default. This can be overridden on a per-service basis via the `svccontroller.k3s.cattle.io/priorityclassname` annotation.
bump minio-go to v7.0.70
Bump kine to v0.11.9 to fix pagination
Update valid resolv conf
Add missing kernel config check
Symlinked sub-directories are now respected when scanning Auto-Deploying Manifests (AddOns) 
Fix bug: allow helm controller set owner reference
Bump klipper-helm image for tls secret support
Fix issue with k3s-etcd informers not starting
`--enable-pprof` can now be set on agents to enable the debug/pprof endpoints. When set, agents will listen on the supervisor port.
`--supervisor-metrics` can now be set on servers to enable serving internal metrics on the supervisor endpoint; when set agents will listen on the supervisor port.
Fix netpol crash when node remains tained unintialized
The embedded load-balancer will now fall back to trying all servers with health-checks ignored, if all servers have been marked unavailable due to failed health checks.

Further Comments

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5f6b813)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Will now use 127.0.0.1:10010, same as containerd's CRI

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7374010)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 30999f9)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit aaa5787)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit bf8b15e)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
@brandond brandond requested a review from a team as a code owner May 29, 2024 23:41
Copy link

codecov bot commented May 30, 2024

Codecov Report

Attention: Patch coverage is 32.71605% with 218 lines in your changes are missing coverage. Please review.

Project coverage is 43.29%. Comparing base (fa35125) to head (3c8f89e).

Files Patch % Lines
pkg/agent/https/https.go 0.00% 55 Missing ⚠️
pkg/util/net.go 14.81% 45 Missing and 1 partial ⚠️
pkg/deploy/controller.go 0.00% 12 Missing and 1 partial ⚠️
pkg/profile/profile.go 0.00% 13 Missing ⚠️
pkg/util/file.go 0.00% 11 Missing ⚠️
pkg/spegel/spegel.go 0.00% 10 Missing ⚠️
pkg/metrics/metrics.go 0.00% 9 Missing ⚠️
pkg/agent/run.go 0.00% 4 Missing and 2 partials ⚠️
pkg/cli/agent/agent.go 45.45% 3 Missing and 3 partials ⚠️
pkg/cli/server/server.go 70.00% 3 Missing and 3 partials ⚠️
... and 18 more
Additional details and impacted files
@@               Coverage Diff                @@
##           release-1.29   #10249      +/-   ##
================================================
- Coverage         48.69%   43.29%   -5.41%     
================================================
  Files               158      163       +5     
  Lines             14048    14195     +147     
================================================
- Hits               6841     6146     -695     
- Misses             5906     6872     +966     
+ Partials           1301     1177     -124     
Flag Coverage Δ
e2etests 36.25% <32.09%> (-10.29%) ⬇️
inttests 37.12% <27.46%> (?)
unittests 16.38% <6.77%> (-0.18%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@brandond brandond force-pushed the 2024-06-backports_release-1.29 branch from e33c443 to 0495a0b Compare May 30, 2024 22:37
brandond and others added 20 commits May 31, 2024 07:07
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 5cf4d75)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
…-stack nodes.

Just enable IP forwarding for all address families regardless of service address families.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 095ecdb)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit b453630)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 37f97b3)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit afdcc83)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2669d67)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Co-authored-by: Brad Davidson <brad@oatmail.org>
Signed-off-by: linxin <linxin@geedgenetworks.com>
(cherry picked from commit f24ba9d)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: zouxianyu <2979121738@qq.com>
(cherry picked from commit c1cb5d6)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Robert Rose <robert.rose@mailbox.org>
(cherry picked from commit 6886c09)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: huangzy <huangzynn@outlook.com>
(cherry picked from commit 6fcaad5)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 6683fcd)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
… adding .exe extension to the k3s binary name to make it available to run stat command

Signed-off-by: Anuj Garg <anujgarg@microsoft.com>
(cherry picked from commit eb19219)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Start shared informer caches when k3s-etcd controller wins leader election. Previously, these were only started when the main k3s apiserver controller won an election. If the leaders ended up going to different nodes, some informers wouldn't be started

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 3d14092)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
(cherry picked from commit 48ff3bc)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Refactor agent supervisor listener startup and authn/authz to use upstream
  auth delegators to perform for SubjectAccessReview for access to
  metrics.
* Convert spegel and pprof handlers over to new structure.
* Promote bind-address to agent flag to allow setting supervisor bind
  address for both agent and server.
* Promote enable-pprof to agent flag to allow profiling agents. Access
  to the pprof endpoint now requires client cert auth, similar to the
  spegel registry api endpoint.
* Add prometheus metrics handler.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit ff679fb)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit f8e0648)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 2eca3f1)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Bumps alpine from 3.18 to 3.20.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit de4cda5)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Bumps alpine from 3.18 to 3.20.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 86875c9)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 84b578e)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
dependabot bot and others added 6 commits May 31, 2024 07:07
Bumps ubuntu from 22.04 to 24.04.

---
updated-dependencies:
- dependency-name: ubuntu
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 4cb4542)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Made with ❤️️ by updatecli

(cherry picked from commit f2e7c01)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
It is concievable that users might take more than 60 seconds to deploy their own cloud-provider. Instead of exiting, we should wait forever, but with more logging to indicate what's being waited on.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit ed23a2b)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
If health checks are failing for all servers, make a second pass through the server list with health-checks ignored before returning failure

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit ca39614)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
* Add write-kubeconfig-group flag to server
* update kubectl unable to read config message for kubeconfig mode/group

Signed-off-by: Katherine Pata <me@kitty.sh>
(cherry picked from commit 7a0ea3c)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
@brandond brandond force-pushed the 2024-06-backports_release-1.29 branch from ec020ba to 3c8f89e Compare May 31, 2024 07:08
@brandond brandond merged commit da2625d into k3s-io:release-1.29 May 31, 2024
28 checks passed
@brandond brandond deleted the 2024-06-backports_release-1.29 branch June 6, 2024 21:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

9 participants