Commit Graph

435 Commits

Author SHA1 Message Date
Lucas Servén Marín
b187f32407
Merge pull request #334 from alexanderczigler/patch-1
fix: spelling
2022-10-19 15:41:59 +02:00
Alexander Czigler
d29f930203
fix: spelling 2022-10-19 13:34:03 +02:00
Sebastian Rojo
a9d5883a3a
ADD manifest for k3s with cilium as CNI (#331) 2022-09-10 13:38:38 +02:00
Alex Stockinger
1921c6a212
Add metrics for iptables operations (#323)
* Add metrics for iptables operations

* Update pkg/iptables/metrics.go

Co-authored-by: leonnicolas <60091705+leonnicolas@users.noreply.github.com>

* Reorg imports

* pass registerer via controller option

* Update pkg/iptables/metrics.go

Co-authored-by: leonnicolas <60091705+leonnicolas@users.noreply.github.com>

* move registerer check into metrics wrapper method

* Register all metrics in

Co-authored-by: leonnicolas <60091705+leonnicolas@users.noreply.github.com>
Co-authored-by: Clive Jevons <clive@jevons-it.net>
2022-08-05 23:24:50 +02:00
Lucas Servén Marín
cb238c85a1
Merge pull request #322 from squat/dependabot/npm_and_yarn/website/terser-4.8.1
build(deps): bump terser from 4.8.0 to 4.8.1 in /website
2022-07-20 06:11:36 +02:00
dependabot[bot]
2b1b55610d
build(deps): bump terser from 4.8.0 to 4.8.1 in /website
Bumps [terser](https://github.com/terser/terser) from 4.8.0 to 4.8.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-20 01:39:05 +00:00
Lucas Servén Marín
cd4a1ee4e0
Merge pull request #317 from clive-jevons/prepend-encapsulation-rules-in-mesh
prepend encapsulation rules to reduce number of reconciliation thereof
2022-07-14 11:09:55 +02:00
Clive Jevons
0f0b0bda13 prepend encapsulation rules to reduce number of reconciliation thereof
because of the way the iptables rules are reconciled, having the encapsulation
rules at the end of the slice of rules results in them being deleted and re-added
many times, even though they are very static. Prepending them to the slice of
rules prevents this from happening, making that iptables chain more stable
and saving a bunch of roundtrips to iptables.
2022-07-12 15:01:58 +02:00
leonnicolas
37b3cf1fc8
.github/workflows/ci.yml: run e2e daily (#320)
The e2e tests are not flaky anymore, so we should run them daily to see
if they break for whatever reason. This way we notice before someone
makes a "goog" PR.

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2022-07-12 10:00:04 +02:00
leonnicolas
e328646617
Pin boringtun image tag (#319)
* Pin boringtun image tag

Pin the image to a tag before boringtun's cli changed.
Specifically the --disable-drop-privileges flag need a boolean param.

* Fix image name
2022-07-11 23:17:05 +02:00
dependabot[bot]
6ebc914354
build(deps): bump eventsource from 1.1.0 to 1.1.1 in /website (#315)
Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/EventSource/eventsource/releases)
- [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md)
- [Commits](https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: eventsource
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-13 21:03:15 +02:00
Antoine
4be792ea54
feat: cilium add-mode support (#312)
* feat: cilium add-mode support

when cni management by kilo is disable, we can use existing cluster's cni setup thanks to add-on mode

https://kilo.squat.ai/docs/introduction#add-on-mode

* feat: manifest example for cilium addon mode

* fix: apply comment from PR review

* fix: add mutex to interface retrieval into flannel addon mode
2022-05-20 02:13:07 +02:00
Lucas Servén Marín
50fbc2eec2
staticcheck (#313)
* CI: use staticcheck for linting

This commit switches the linter for Go code from golint to staticcheck.
Golint has been deprecated since last year and staticcheck is a
recommended replacement.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>

* revendor

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>

* cmd,pkg: fix lint warnings

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-05-19 19:45:43 +02:00
Lucas Servén Marín
93f46e03ea
Merge pull request #311 from squat/dependabot/npm_and_yarn/website/cross-fetch-3.1.5
build(deps): bump cross-fetch from 3.1.4 to 3.1.5 in /website
2022-04-29 00:46:08 +02:00
dependabot[bot]
59ed36e81f
build(deps): bump cross-fetch from 3.1.4 to 3.1.5 in /website
Bumps [cross-fetch](https://github.com/lquixada/cross-fetch) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/lquixada/cross-fetch/releases)
- [Commits](https://github.com/lquixada/cross-fetch/compare/v3.1.4...v3.1.5)

---
updated-dependencies:
- dependency-name: cross-fetch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-28 22:26:28 +00:00
leonnicolas
0820a9d32f
Remove context.TODO() (#310)
Remove almost all (except the ones created by informer-gen)
context.TODOs.

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2022-04-28 19:39:57 +02:00
Lucas Servén Marín
7aeaa855e7
Merge pull request #309 from squat/release-0.5
Release 0.5
2022-04-27 19:32:56 +02:00
Lucas Servén Marín
01bf238799
Merge pull request #307 from squat/cut-0.5.0
cut 0.5.0
2022-04-27 12:46:00 +02:00
Lucas Servén Marín
37a5aef6ea
cut 0.5.0
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-25 10:39:39 +02:00
Lucas Servén Marín
5424c5eb55
Merge pull request #306 from squat/update_packages
go.*: Update k8s packages
2022-04-23 12:28:58 +02:00
leonnicolas
213688fd7d
Update autogenerated code and CRD
Also edit Makefile to generate valid manifest.

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2022-04-23 11:39:37 +02:00
leonnicolas
3eaacc01ae
go.*: Update k8s packages
- update k8s client_go
 - update k8s apiextensions-apiserver
 - update k8s controller-tools

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2022-04-23 11:09:50 +02:00
Lucas Servén Marín
e20d13ace0
Merge pull request #302 from squat/support_nftables
Dockerfile: support nftables
2022-04-23 09:30:42 +02:00
Lucas Servén Marín
0ddeea3d78
Merge pull request #305 from squat/pprof
Pprof
2022-04-22 18:59:23 +02:00
Lucas Servén Marín
bbc4fe30a6
vendor: revendor
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-22 12:05:46 +02:00
Lucas Servén Marín
7291a3bd71
cmd/kg: add pprof endpoints
This commit enhances the Kilo agent internal HTTP server to include
pprof endpoints. For simplicity, this commit migrates the internal
server creation to https://github.com/metalmatze/signal/internalserver,
which allows for easy registration of common internal server
observability endpoints.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-22 12:03:56 +02:00
Lucas Servén Marín
826593d6ba
Merge pull request #303 from squat/bump_golang
Bump go and container base image
2022-04-21 21:54:47 +02:00
leonnicolas
6491d7b87f
Bump go and container base image
- bump golang 1.17 -> 1.18
 - bump alpine 3.14 -> 3.15
 - revendor

 We need to use golang instead of golang:alpine because it does not
 contain git anymore. This should be fine as we are not enabling CGO,
 thus not linking against musl instead of libc.

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2022-04-21 21:35:54 +02:00
Lucas Servén Marín
d04da92a23
Dockerfile: support nftables
Currently, Kilo _only_ supports adding firewall rules via the legacy
iptables API. This means that on systems using nftables in the host
network namespace, the namespace will be polluted and both firewall
infrastructures will be used, causing unexpected and difficult
to predict interactions. In other words, networking may not work as
expected on nftables-based systems.

This PR fixes this by using the iptables-wrappers project [0] to install
run-time detection of the in-use iptables backend.

[0] https://github.com/kubernetes-sigs/iptables-wrappers

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-21 20:46:03 +02:00
Lucas Servén Marín
fc741bf444
Merge pull request #301 from squat/check_docs_in_ci
.github: ensure docs are up to date in CI
2022-04-21 20:40:50 +02:00
Lucas Servén Marín
8afe1bea53
Merge pull request #300 from squat/use_cni_0.4.0
manifests: use CNI 0.4.0
2022-04-21 08:26:42 +02:00
Lucas Servén Marín
112772d02d
docs: regenerate
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-20 16:15:56 +02:00
Lucas Servén Marín
a385f1ac82
.github: ensure docs are up to date in CI
This commit updates the CI configuration for Kilo to ensure that the
documentation, specifically the generated docs, are up-to-date.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-20 16:11:07 +02:00
Lucas Servén Marín
1f19133ea8
manifests: use CNI 0.4.0
As mentioned in the Kilo Slack [0], Kubernetes supports CNI 0.4.0 and
does not yet support 1.0.0. Correspondingly, this commit downgrades the
declared CNI version in the configuration to 0.4.0 and crucially updates
the configuration used in the e2e tests to exercise this new CNI
version.

[0] https://kubernetes.slack.com/archives/C022EB4R7TK/p1650455432970199?thread_ts=1650368553.132859&cid=C022EB4R7TK

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-20 14:57:21 +02:00
Lucas Servén Marín
7985ed5091
Merge pull request #299 from READ10/main
bump CNI plugins version and fix spec version
2022-04-19 14:49:47 +02:00
Dave Allan
19c13b7401 reduce cniVersion from 1.0.1 to 1.0.0 to match spec version 2022-04-19 08:28:31 -04:00
Dave Allan
3e6818d0b3 bump CNI plugins version to 1.1.1 2022-04-19 08:27:35 -04:00
Lucas Servén Marín
8cadff2b79
CNI: bump to 1.0.1 (#297)
* CNI: bump to 1.0.1

This commit bumps the declared version of CNI in the Kilo manifests to
1.0.1. This is possible with no changes to the configuration lists
because our simple configuration is not affected by any of the
deprecations, and there was effectively no change between 0.4.0 and
1.0.0, other than the declaration of a stable API. Similarly, this
commit also bumps the version of the CNI library and the plugins
package.

Bumping to CNI 1.0.0 will help ensure that Kilo stays compatible with
container runtimes in the future.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>

* vendor: revendor

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-18 19:00:37 +02:00
Lucas Servén Marín
6862274e8e
Merge pull request #298 from squat/dependabot/npm_and_yarn/website/async-2.6.4
build(deps): bump async from 2.6.3 to 2.6.4 in /website
2022-04-17 00:43:23 +02:00
dependabot[bot]
a02542b529
build(deps): bump async from 2.6.3 to 2.6.4 in /website
Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v2.6.3...v2.6.4)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-16 22:24:04 +00:00
Lucas Servén Marín
7dbbf52e1c
Merge pull request #295 from squat/release-0.4
Release 0.4
2022-04-17 00:23:27 +02:00
dependabot[bot]
9a9131d965
build(deps): bump github.com/containernetworking/cni from 0.6.0 to 0.8.1 (#293) 2022-04-14 09:20:22 +00:00
Lucas Servén Marín
a6d50a8046
.github/workflows/release.yaml: clarify job name (#296)
Currently,the job to build kgctl binaries is named `linux`, which
suggests to the reader that the job is only building binaries for Linux,
when it is in fact building binaries for Linux, Darwin, and Windows.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-13 20:23:13 +02:00
Lucas Servén Marín
d47bb4f587
Merge pull request #292 from clive-jevons/bump-referenced-image-tag-to-0.4.1
bump referenced image version to 0.4.1 in preparation for release 0.4.1
2022-04-13 12:52:20 +02:00
Lucas Servén Marín
206b078c5f
CI: run for all PRs (#294)
Currently, CI only runs for PRs to the main branch. This commit modifies
the configuration so that it runs for PRs to any branch.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-13 12:02:07 +02:00
Clive Jevons
7c5f9ecc40 bump referenced image version to 0.4.1 in preparation for release 0.4.1 2022-04-11 18:18:26 +02:00
Lucas Servén Marín
69fb81bcd3
Merge pull request #291 from clive-jevons/pin-image-in-manifests-to-release-0.4
pin release-0.4 image version to tag 0.4.0
2022-04-11 16:07:12 +02:00
Clive Jevons
c00cf69b55 pin release-0.4 image version to tag 0.4.0 2022-04-11 15:46:27 +02:00
leonnicolas
0dfb744630
kgctl connect (#269)
* kgctl connect

Use kgctl connect to connect your laptop to a cluster.

Signed-off-by: leonnicolas <leonloechner@gmx.de>

* cmd/kgctl: finish connect command

This commit fixes some bugs and finishes the implementation of the
`kgctl connect` command.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>

* e2e: add tests for kgctl connect

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>

* docs: add documentation for `kgctl connect`

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>

* pkg/mesh: move peer route generation to mesh

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>

Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
2022-04-08 13:42:13 +02:00
hhstu
d95e590f5c
add example for kubeadm-userspace,kubeadm-flannel-userspace (#284)
* add example for  kubeadm-userspace,kubeadm-flannel-userspace

* remove configmap of kilo when use flannel
2022-04-03 12:50:41 +02:00