-
Notifications
You must be signed in to change notification settings - Fork 402
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merge master into layering #3060
Commits on Dec 23, 2021
-
MCD: remove redundant MkdirAll call in update.go
The call to TempDir a few lines above already created this directory, so this call to MkdirAll is completely unecessary
Configuration menu - View commit details
-
Copy full SHA for 1afbe15 - Browse repository at this point
Copy the full SHA 1afbe15View commit details
Commits on Jan 28, 2022
-
Add KUBELET_NODEIP_HINT to nodeip-configuration
When we added the nodeip-configuration service for None platform deployments, we broke some existing users who were relying on the (largely undefined) previous behavior Kubelet used to select its node ip. While it is possible to work around this by overriding the node ip selection logic, that's very cumbersome and not an acceptable user experience. This change adds a KUBELET_NODEIP_HINT env variable that can be used to override the default behavior of runtimecfg when selecting a node ip. When the variable is unset, the old behavior of selecting an address on the interface of the default route will take effect. When the variable is set, its value will be passed to runtimecfg like a VIP for the IPI platforms. This will cause runtimecfg to prefer an address in the same subnet as the one provided in KUBELET_NODEIP_HINT. If no such address is found, it will fall back to the default route logic as before. KUBELET_NODEIP_HINT can be set using a systemd environment file. The file must be named /etc/default/nodeip-configuration with contents such as (replacing the IP as appropriate): KUBELET_NODEIP_HINT=192.0.2.1 This file should be created using a machine-config manifest that is passed to the installer so it will take effect on initial deployment. The node ip cannot be changed after the node registers initially so this cannot be done as a day 2 operation. Note that the IP specified in the hint does not necessarily need to exist in the environment, it just needs to be in the correct subnet. No traffic will be sent to this address. Co-authored-by: Dan Winship <danwinship@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for a0c9a3c - Browse repository at this point
Copy the full SHA a0c9a3cView commit details
Commits on Feb 26, 2022
-
Add plumbing for mcc metrics handler
The machine config controller did not previously have a metrics handler so one must be added in order for us to do any alerting/metrics work. This requires setting up: - Cluster Roles - Cluster Role Bindings - ServiceMonitor for metrics - Service for metrics - oauth-proxy sidecar to deploymentfor machine-config-controller - mcc-proxy-tls secret for machine-config-controller - metrics handler function in machine-config-controller common - Cluster Roles - Cluster Role Bindings - ServiceMonitor for metrics - Service for metrics - oauth-proxy sidecar to deploymentfor machine-config-controller - mcc-proxy-tls secret for machine-config-controller - metrics handler function in machine-config-controller common I cribbed off of: 557303f And then to add oauth: 3ab692f
Configuration menu - View commit details
-
Copy full SHA for 2c44c12 - Browse repository at this point
Copy the full SHA 2c44c12View commit details -
common/helpers: add certificate functions
Adds certificate helper functions to: - extract certificates from PEM bundles - find the certificate that has the latest expiry date when provided a list
Configuration menu - View commit details
-
Copy full SHA for 35b4e81 - Browse repository at this point
Copy the full SHA 35b4e81View commit details -
controller/node: metric for paused certificates
Adds functionality to the node controller such that: 1.) when a paused machine config pool attempts to sync 2.) if the kubelet-ca has been updated in the pool's 'spec' config 3.) the MCC will set metric to the NotAfter date of the kube-apiserver-to-kubelet-signer certificate 5.) once the pool is unpaused, that metric will be reset to zero
Configuration menu - View commit details
-
Copy full SHA for 89599be - Browse repository at this point
Copy the full SHA 89599beView commit details -
Update vendor/modules with prometheus testutil
Testutil package from the prometheus client used in the node_controller tests, needed to add as dependency. Commands run: ``` $ go mod tidy $ go mod vendor $ make verify ```
Configuration menu - View commit details
-
Copy full SHA for dc42079 - Browse repository at this point
Copy the full SHA dc42079View commit details -
test/e2e: Add e2e test for cert rotation alert
Adds an e2e test that steps through the rotation of the kubelet-apiserver-to-kubelet-signer by: - pausing a pool - rotating the certificate - checking that the proper metric is emitted - unpausing the pool - checking that the metric stops being emitted
Configuration menu - View commit details
-
Copy full SHA for f023c19 - Browse repository at this point
Copy the full SHA f023c19View commit details -
test/e2e-boostrap: node controller mcLister
Node controller now requires a MachineConfigInformer as part of its New() function, updates bootstrap_tests to match
Configuration menu - View commit details
-
Copy full SHA for f371cf0 - Browse repository at this point
Copy the full SHA f371cf0View commit details
Commits on Mar 14, 2022
-
configure-ovs.sh: Provide store hint for default route interface
As we now tear down and reconfigure br-ex on every reboot, we must provide a means to stabilize interface selection in scenarios with multiple default route interfaces. Signed-off-by: Andreas Karis <ak.karis@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for a8754fa - Browse repository at this point
Copy the full SHA a8754faView commit details -
configure-ovs-network: Use lower metric for br-ex than for br-ex1
Signed-off-by: Andreas Karis <ak.karis@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 95ec36a - Browse repository at this point
Copy the full SHA 95ec36aView commit details -
Add Nutanix Platform to Machine Config Operator
Update controllerconfig CRD and relevant switch statements in pkg to handle Nutanix platform. Also Update install/0000_80_machine-config-operator_00_namespace.yaml Add `openshift-nutanix-infra` to list of namespaces.
Configuration menu - View commit details
-
Copy full SHA for d2b2442 - Browse repository at this point
Copy the full SHA d2b2442View commit details
Commits on Mar 15, 2022
-
server/api_test: Adjust expected error message for Go 1.18
Right now Fedora doesn't ship Go 1.17, only Go 1.18beta. That version emits a different error message for incompatible TLS versions. Adjust our unit test to handle both. (Also, a motivation for me is to cross-check the new CI configuration after openshift/release#27015 )
Configuration menu - View commit details
-
Copy full SHA for 061eb05 - Browse repository at this point
Copy the full SHA 061eb05View commit details
Commits on Mar 16, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 1ca9adc - Browse repository at this point
Copy the full SHA 1ca9adcView commit details -
Merge pull request openshift#3019 from cgwalters/go118-api-unit
server/api_test: Adjust expected error message for Go 1.18
Configuration menu - View commit details
-
Copy full SHA for d4b1a8c - Browse repository at this point
Copy the full SHA d4b1a8cView commit details
Commits on Mar 17, 2022
-
Created MCONamespace constant and used in all *.go files except for test/helpers/utils.go which would create a cyclic import
Configuration menu - View commit details
-
Copy full SHA for 943350e - Browse repository at this point
Copy the full SHA 943350eView commit details -
Merge pull request openshift#2802 from jkyros/mco-74-controller-alert…
…-certificate Send alert when MCO can't safely apply updated Kubelet CA on nodes in paused pool
Configuration menu - View commit details
-
Copy full SHA for 57267b7 - Browse repository at this point
Copy the full SHA 57267b7View commit details -
Remove runtime request timeout restriction
Remove the restriction on the runtime-request-timeout option in the kubeletconfig. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for b326856 - Browse repository at this point
Copy the full SHA b326856View commit details -
Revert "Send alert when MCO can't safely apply updated Kubelet CA on …
…nodes in paused pool"
Configuration menu - View commit details
-
Copy full SHA for 6144a92 - Browse repository at this point
Copy the full SHA 6144a92View commit details -
Merge pull request openshift#3027 from DennisPeriquet/revert-2802-mco…
…-74-controller-alert-certificate Revert "Send alert when MCO can't safely apply updated Kubelet CA on nodes in paused pool"
Configuration menu - View commit details
-
Copy full SHA for b80e6a1 - Browse repository at this point
Copy the full SHA b80e6a1View commit details -
Revert "Merge pull request openshift#3027 from DennisPeriquet/revert-…
Configuration menu - View commit details
-
Copy full SHA for a0c0b2e - Browse repository at this point
Copy the full SHA a0c0b2eView commit details -
resourcemerge: update container Resources.Requests
Resourcemerge did not previously merge a container's Resources.Requests in ensureContainer(), which meant that during upgrade cases where we update the container object directly with changes (instead of applying/re-applying the manifests), Resources.Requests changes would not propagate to the updated object. This makes ensureContainer update Resources.Requests if it has changed, which keeps that structure from getting scraped off when we update. ( Which will keep us from failing tests, since at least cpu and memory in that structure are required fields )
Configuration menu - View commit details
-
Copy full SHA for 71686aa - Browse repository at this point
Copy the full SHA 71686aaView commit details
Commits on Mar 21, 2022
-
Fix description typo in osImageURL CRD parameter
Javi Polo committedMar 21, 2022 Configuration menu - View commit details
-
Copy full SHA for 52c1a5b - Browse repository at this point
Copy the full SHA 52c1a5bView commit details -
Merge pull request openshift#3028 from jkyros/unrevert-pr-2802
Make our resourcemerge fork update a container's Resources.Requests, un-revert openshift#2802
Configuration menu - View commit details
-
Copy full SHA for 5ad20c3 - Browse repository at this point
Copy the full SHA 5ad20c3View commit details
Commits on Mar 22, 2022
-
Move log statement to UpdateTuningArgs
This will keep layered and non-layered update logging consistent
Configuration menu - View commit details
-
Copy full SHA for 0e37c4a - Browse repository at this point
Copy the full SHA 0e37c4aView commit details -
Merge pull request openshift#3023 from mkenigs/unused-constants
bootstrap_test.go: remove unused constants
Configuration menu - View commit details
-
Copy full SHA for 5070577 - Browse repository at this point
Copy the full SHA 5070577View commit details -
e2e: Use
/proc/cmdline
instead ofrpm-ostree kargs
The main motivation here is to work around coreos/rpm-ostree#3523 (Which is itself a workaround for a RHEL8 systemd bug) Basically this e2e is invoking `rpm-ostree kargs` in a pretty tight loop which triggers that bug. To read the kernel command line, we can just read `/proc/cmdline` instead. (Now, this is the *actual* cmdline instead of just rpm-ostree's view of it, but it should be fine)
Configuration menu - View commit details
-
Copy full SHA for 752d9c8 - Browse repository at this point
Copy the full SHA 752d9c8View commit details
Commits on Mar 23, 2022
-
Merge pull request openshift#2942 from nutanix-cloud-native/nutanix-p…
…latform Add Nutanix Platform to Machine Config Operator
Configuration menu - View commit details
-
Copy full SHA for fce8f7c - Browse repository at this point
Copy the full SHA fce8f7cView commit details -
build-sys: Default to
make binaries
Today, typing `make` does nothing, which is not very useful. By listing this rule first, `make` will default to `make binaries`.
Configuration menu - View commit details
-
Copy full SHA for 41100ba - Browse repository at this point
Copy the full SHA 41100baView commit details -
Merge pull request openshift#3029 from javipolo/fix_crd_description_typo
Fix description typo in osImageURL CRD parameter
Configuration menu - View commit details
-
Copy full SHA for d94d193 - Browse repository at this point
Copy the full SHA d94d193View commit details
Commits on Mar 24, 2022
-
Merge pull request openshift#3034 from cgwalters/config-drift-no-kargs
e2e: Use `/proc/cmdline` instead of `rpm-ostree kargs`
Configuration menu - View commit details
-
Copy full SHA for 0528d71 - Browse repository at this point
Copy the full SHA 0528d71View commit details -
Merge pull request openshift#3035 from cgwalters/make-build
build-sys: Default to `make binaries`
Configuration menu - View commit details
-
Copy full SHA for 1a9f70f - Browse repository at this point
Copy the full SHA 1a9f70fView commit details
Commits on Mar 25, 2022
-
configure-ovs: set networking on before restarting NetworkManager
nm-online -s does not wait for autoconnect profiles to be active if NM is restarted with networking off. The fact that it does most of the time is just a race condition. Set networking on before restarting NetworkManager. Additionally, try not to re-activate connections more than necessary. Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for ebf1072 - Browse repository at this point
Copy the full SHA ebf1072View commit details
Commits on Mar 27, 2022
-
Merge pull request openshift#3032 from openshift-cherrypick-robot/che…
…rry-pick-3021-to-master [master] Move log statement to UpdateTuningArgs
Configuration menu - View commit details
-
Copy full SHA for b222243 - Browse repository at this point
Copy the full SHA b222243View commit details
Commits on Mar 28, 2022
-
Configuration menu - View commit details
-
Copy full SHA for 3292422 - Browse repository at this point
Copy the full SHA 3292422View commit details -
Merge pull request openshift#2971 from andreaskaris/bz2057160
Bug 2057160: configure-ovs.sh: Provide store hint for default route interface
Configuration menu - View commit details
-
Copy full SHA for a2f16fc - Browse repository at this point
Copy the full SHA a2f16fcView commit details
Commits on Mar 29, 2022
-
Remove namespace from cluster scoped roles/binding
This removes the superfluous namespaces from our ClusterRoles and ClusterRoleBindings since they exist at the cluster scope. The namespace was being silently ignored by the api, which meant that the objects created differed from their manifests by one field: namespace. This difference was causing the library-go functions like ApplyClusterRole to always think the objects were changing, which resutled in: - Re-applying the objects every time we synced - Spamming the event log with update events This change stops the unnecessary updates and the log spam.
Configuration menu - View commit details
-
Copy full SHA for 696d4e1 - Browse repository at this point
Copy the full SHA 696d4e1View commit details -
configure-ovs: move dhcp config from br-ex to ovs-if-br-ex
Signed-off-by: Jaime Caamaño Ruiz <jcaamano@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for e43a9f2 - Browse repository at this point
Copy the full SHA e43a9f2View commit details -
start.go: rm orphaned err check
Looks like this err check got orphaned in openshift@ccde275
Configuration menu - View commit details
-
Copy full SHA for bce4aae - Browse repository at this point
Copy the full SHA bce4aaeView commit details -
Merge pull request openshift#3040 from jkyros/fix-log-spam-manifest-n…
…amespaces Bug 2068613: ClusterRoleUpdated/ClusterRoleBindingUpdated Spamming Event Logs
Configuration menu - View commit details
-
Copy full SHA for 48169ef - Browse repository at this point
Copy the full SHA 48169efView commit details
Commits on Mar 30, 2022
-
Merge pull request openshift#3026 from umohnani8/runtime-request
Remove runtime request timeout restriction
Configuration menu - View commit details
-
Copy full SHA for 15b7424 - Browse repository at this point
Copy the full SHA 15b7424View commit details -
Merge pull request openshift#2895 from mkenigs/redundant-mkdir
mcd: Remove redundant MkdirAll call in update.go
Configuration menu - View commit details
-
Copy full SHA for 338a3d5 - Browse repository at this point
Copy the full SHA 338a3d5View commit details -
Merge pull request openshift#3038 from mkenigs/update-prometheus
Bug 2067857: prometheus/client_golang v1.11.0 -> v1.12.1
Configuration menu - View commit details
-
Copy full SHA for 0d02fbc - Browse repository at this point
Copy the full SHA 0d02fbcView commit details -
Merge pull request openshift#3042 from mkenigs/rm-err-check
start.go: rm orphaned err check
Configuration menu - View commit details
-
Copy full SHA for d01267c - Browse repository at this point
Copy the full SHA d01267cView commit details
Commits on Mar 31, 2022
-
Merge pull request openshift#3024 from jcaamano/addr-gen-mode
Bug 2058030: configure-ovs: move dhcp config from br-ex to ovs-if-br-ex
Configuration menu - View commit details
-
Copy full SHA for 1120f0a - Browse repository at this point
Copy the full SHA 1120f0aView commit details -
Bugfix: Render Nutanix cloud provider as blank.
Nutanix `cloudProvider` field needs to be rendered as blank.
Configuration menu - View commit details
-
Copy full SHA for 83abeab - Browse repository at this point
Copy the full SHA 83abeabView commit details -
Merge pull request openshift#2888 from cybertron/nodeip-hint
Bug 1949827: Add KUBELET_NODEIP_HINT to nodeip-configuration
Configuration menu - View commit details
-
Copy full SHA for 5a571cd - Browse repository at this point
Copy the full SHA 5a571cdView commit details -
Update github.com/containers/image
... to remove a lot of the c/storage dependencies added in openshift#2689 . Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 9ffab24 - Browse repository at this point
Copy the full SHA 9ffab24View commit details -
Merge pull request openshift#3006 from jcaamano/master
Bug 2055433: configure-ovs: set networking on before restarting NetworkManager
Configuration menu - View commit details
-
Copy full SHA for abceabc - Browse repository at this point
Copy the full SHA abceabcView commit details
Commits on Apr 1, 2022
-
Merge pull request openshift#3025 from openshift-cherrypick-robot/che…
…rry-pick-3020-to-master [master] Create MCONamespace constant
Configuration menu - View commit details
-
Copy full SHA for 5f21537 - Browse repository at this point
Copy the full SHA 5f21537View commit details -
Avoid kubernetes node port range
Per [0], the range 30000-32767 is used for kubernetes node ports. We should not have haproxy listening in that range to avoid possible conflicts. 9444 is adjacent to 9445 where the haproxy frontend listens, but is currently unused in the host port registry. 0: https://github.com/openshift/openshift-docs/blob/main/modules/installation-network-user-infra.adoc
Configuration menu - View commit details
-
Copy full SHA for 675c770 - Browse repository at this point
Copy the full SHA 675c770View commit details -
Merge pull request openshift#3051 from nutanix-cloud-native/nutanix-p…
…latform-remove-cloudprovider Render Nutanix cloud provider as blank.
Configuration menu - View commit details
-
Copy full SHA for 974b118 - Browse repository at this point
Copy the full SHA 974b118View commit details
Commits on Apr 4, 2022
-
Merge pull request openshift#2695 from mtrmac/c-image-deps
Update github.com/containers/image
Configuration menu - View commit details
-
Copy full SHA for 5516bd8 - Browse repository at this point
Copy the full SHA 5516bd8View commit details
Commits on Apr 5, 2022
-
Merge pull request openshift#3044 from cybertron/avoid-kube-ports
Bug 2069740: Avoid kubernetes node port range
Configuration menu - View commit details
-
Copy full SHA for be77042 - Browse repository at this point
Copy the full SHA be77042View commit details -
Configuration menu - View commit details
-
Copy full SHA for b78d77a - Browse repository at this point
Copy the full SHA b78d77aView commit details