[pull] main from k0sproject:main #19
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
Turn on detailed logging if k0s is started with --debug, too. Signed-off-by: Tom Wieczorek <[email protected]>
The filepath.Abs(...) error was previously discarded. Although this function only fails under pathological circumstances, it's better to handle error conditions properly. Signed-off-by: Tom Wieczorek <[email protected]>
Both "k0s controller" and "k0s worker" take either [TOKEN] as an argument or a path to a file containing the join token via --token-file. Before this PR, when --token-file was given, the file was read upon spin-up, even when the node has joined already and won't utilize the token. As the token is not needed after join, you would expect that you can or even should remove the file, but that makes k0s refuse to start unless the --token-file argument is removed from the systemd unit or other startup scripts. This PR makes the controller and worker read the contents of the file only right before the value is getting used. This allows --token-file argument to be ignored when it is not needed and the file not existing will not generate an error. Signed-off-by: Kimmo Lehto <[email protected]>
Signed-off-by: Kimmo Lehto <[email protected]>
Signed-off-by: Kimmo Lehto <[email protected]>
Ignore token-file argument when value not needed Both "k0s controller" and "k0s worker" take either [TOKEN] as an argument or a path to a file containing the join token via --token-file. Before this PR, when --token-file was given, the file was read upon spin-up, even when the node has joined already and won't utilize the token for anything. As the token is not needed after join, you would expect that you can or even should remove the file, but that makes k0s refuse to start unless the --token-file argument is also removed from the systemd unit or other startup scripts. This PR makes the controller and worker read the contents of the file only right before the value is getting used. This allows --token-file argument to be ignored when it is not needed and the file not existing will not generate an error.
Enable console logging for keepalived
This allows for removing the component and makes it analogous to how node-local load balancing is controlled. Co-authored-by: Kimmo Lehto <[email protected]> Signed-off-by: Tom Wieczorek <[email protected]>
helm charts reconciliation does not work for oci registry when running k0s behind a proxy. the bug has been solved upstream and has now been released pr that addressed the bug: helm/helm#12761 Signed-off-by: Ricardo Maraschini <[email protected]>
Replace the %v format specifier in calls to fmt.Errorf() with %w whenever an error argument is used. Signed-off-by: Tom Wieczorek <[email protected]>
This is best practice, unless equality is really required. Signed-off-by: Tom Wieczorek <[email protected]>
This is best practice, unless the exact type is really required. Signed-off-by: Tom Wieczorek <[email protected]>
See https://github.com/polyfloyd/go-errorlint#examples Signed-off-by: Tom Wieczorek <[email protected]>
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.5.17 to 9.5.18. - [Release notes](https://github.com/squidfunk/mkdocs-material/releases) - [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG) - [Commits](squidfunk/mkdocs-material@9.5.17...9.5.18) --- updated-dependencies: - dependency-name: mkdocs-material dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Wrap errors correctly, part 3
…aterial-9.5.18 Bump mkdocs-material from 9.5.17 to 9.5.18 in /docs
chore: bump helm library
The Go compiler doesn't touch the binary if it doesn't detect any code changes. (Presumably by checking the BuildID of the old and the new binary?) However, the Makefile relied on a regeneration of the binary in any case, so that it can reappend the bindata file agan. Mitigate this by deleting the binary before the build. That way, the Go compiler doesn't have a choice. Fixes: 08df7f5 ("Provide empty asset offsets without codegen") Signed-off-by: Tom Wieczorek <[email protected]>
https://github.com/containerd/containerd/releases/tag/v1.7.15 Signed-off-by: Tom Wieczorek <[email protected]>
Bump containerd to v1.7.15
https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.29.md#changelog-since-v1293 Fixes CVE-2024-3177. Signed-off-by: Tom Wieczorek <[email protected]>
https://github.com/cloudnativelabs/kube-router/releases/tag/v1.6.1 Signed-off-by: Tom Wieczorek <[email protected]>
Remove binary before building it
Bumps [regex](https://github.com/mrabarnett/mrab-regex) from 2023.12.25 to 2024.4.16. - [Changelog](https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt) - [Commits](mrabarnett/mrab-regex@2023.12.25...2024.4.16) --- updated-dependencies: - dependency-name: regex dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…24.4.16 Bump regex from 2023.12.25 to 2024.4.16 in /docs
Bump Kubernetes to v1.29.4
Bump kube-router to v1.6.1
Signed-off-by: Tom Wieczorek <[email protected]>
Introduce controlPlaneLoadBalancing.enabled
…orkerconfig Use dedicated leasepool for worker config component
Drop multierr module and rely on the standard lib
Lease pool's leader status field was an atomic.Value that is always used for booleans only. This requires pre-initializing it through Store(false) and also typecasting when retrieving. By using atomic.Bool, the zero value is false and the value type is always bool. Signed-off-by: Kimmo Lehto <[email protected]>
Bump containerd to v1.7.17
Use atomic.Bool instead of atomic.Value for leader status
Remove unused atomic.Value from CSRApprover constructor
They build a logical unit and separating those from the other file functions makes that clear. Signed-off-by: Tom Wieczorek <[email protected]>
The temporary file was properly closed on panic, but not removed from disk. Add an additional boolean that indicates whether the write call returned. Use this boolean as an additional criterion in the defer func to find out if the file needs to be removed or not. Signed-off-by: Tom Wieczorek <[email protected]>
Atomic file writes could get confused when used with non-absolute paths, and the working directory would change while writing files. This can be easily mitigated by using the absolute path internally. Signed-off-by: Tom Wieczorek <[email protected]>
This allows the atomic write functions to be extended in the future without breaking the existing API. Introduces the atomicOpener struct, which implements the fluent interface and collects all the desired information for an atomic file write. It provides some terminal methods that do the actual writing. The old workhorse function WriteAtomically has been splitted up in AtomicOpener.Do, AtomicOpener.Open and its companion struct Atomic, especially its Finish and Close methods. Atomic implements io.WriteCloser and io.ReaderFrom and may be used more or less like a usual write-only io.File. The magic happens when it's finished/closed. The write callback of AtomicOpener.Do now accepts the purpose-built interface file.AtomicWriter. This allows the interface to be extended with new methods without having to change all call sites. Setting permissions is now optional, i.e. callers have to opt in by calling WithPermissions(...). Signed-off-by: Tom Wieczorek <[email protected]>
Eventually, this might need to get some additional toggles if it's okay to fail to set permissions because k0s doesn't have the appropriate privileges (CAP_CHOWN). This is also the reason why there are no unit tests for this: The test outcome depends on the test process's permissions. Signed-off-by: Tom Wieczorek <[email protected]>
Use file.AtomicOpener directly when writing the keepalived config file. This was the only hack that relied on using *os.File directly. Signed-off-by: Tom Wieczorek <[email protected]>
updated-dependencies: - dependency-name: requests dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Remove unused autopilot inttest toolsuite
…-2.32.2 Bump requests from 2.32.1 to 2.32.2 in /docs
updated-dependencies: - dependency-name: github.com/go-logr/logr dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Otherwise the defaulting could pick up `kube-bridge` address as api/etcd address when restarting k0s if it sees it before any "real" address. This happens on e.g. bootloose containers where kube-bridge is at index 11 and eth0 on index 18. Signed-off-by: Jussi Nummelin <[email protected]>
….com/go-logr/logr-1.4.2 Bump github.com/go-logr/logr from 1.4.1 to 1.4.2
Add readinessProbe/minReadySeconds to kube-router
…nfig-defaulting Skip `kube-bridge` interface for api/etcd address
Fluent interface for atomic file writes
https://www.python.org/downloads/release/python-3123/ Signed-off-by: Tom Wieczorek <[email protected]>
Bump Python verison for docs to v3.12.3
The extra find wrapper that confined the chmod only to non-writable directories was significantly slower. The unfiltered recursive chmod will make everything user-writable, which doesn't hurt when the next step is a recursive removal anyways. Signed-off-by: Tom Wieczorek <[email protected]>
Use chmod directly in make clean-gocache
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.3.2 to 1.4.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](BurntSushi/toml@v1.3.2...v1.4.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
….com/BurntSushi/toml-1.4.0 Bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0
Bumps [watchdog](https://github.com/gorakhargosh/watchdog) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/gorakhargosh/watchdog/releases) - [Changelog](https://github.com/gorakhargosh/watchdog/blob/master/changelog.rst) - [Commits](gorakhargosh/watchdog@v4.0.0...v4.0.1) --- updated-dependencies: - dependency-name: watchdog dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
…-4.0.1 Bump watchdog from 4.0.0 to 4.0.1 in /docs
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )