Commit Graph

429 Commits

Author SHA1 Message Date
Lucas Servén Marín
4ae1ccf1e8
Merge pull request #112 from SerialVelocity/patch-1
Vulnerability: Don't add generic ACCEPT rules to the filter chain
2021-02-15 14:08:36 +01:00
Ben Grabham
709c1ec6c0
Don't add generic ACCEPT rules to the filter chain 2021-02-15 12:00:25 +00:00
Lucas Servén Marín
0eaefc5e6e
Merge pull request #111 from leonnicolas/release_binaries
.github/workflows/ci.yml: publish binaries
2021-02-14 19:53:58 +01:00
leonnicolas
2164e7003f
.github/workflows/ci.yml: publish binaries
All kgctl will be published on each new release.
The naming convention is kgctl-<os name>-<architecure>
2021-02-14 19:33:24 +01:00
Lucas Servén Marín
7ea8c1bc64
.github: allow workflow to be triggered manually
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-02-08 19:49:07 +01:00
Lucas Servén Marín
539a139a16
Merge pull request #108 from squat/migrate_to_github_actions
.github/workflows: migrate to github actions
2021-01-31 15:13:27 +01:00
Lucas Servén Marín
c4c8fe81cc
.github/workflows: migrate to github actions
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-01-31 15:09:11 +01:00
Lucas Servén Marín
fd8bee718b
Merge pull request #107 from squat/no_private_iface
pkg/mesh: don't shadow privIface
2021-01-30 20:16:49 +01:00
Lucas Servén Marín
03545d674f
pkg/mesh: don't shadow privIface
This commit fixes a bug where the variable holding the index of the
private interface was shadowed, causing it to always be "0".

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-01-30 20:09:50 +01:00
Lucas Servén Marín
f61b902128
Merge pull request #106 from leonnicolas/bug_iptables
BUG: iptables rules
2021-01-30 17:42:28 +01:00
Lucas Servén Marín
64fb06a383
pkg/k8s: bump headers for 2021
This commit re-generates all generated files to include the new year in
the comment.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-01-30 17:40:01 +01:00
leonnicolas
448f618c60
BUG: iptables rules
Add default iptables to allow forward traffic from and to pod cidr.

Previously Kilo expected the default behaviour of the forward chain to
accept packets, which can not be guaranteed.
2021-01-30 12:52:30 +01:00
Lucas Servén Marín
3563e660dc
Merge pull request #105 from squat/fix_graph_title
pkg/mesh/graph.go: use WireGuard CIDR as title
2021-01-29 18:21:11 +01:00
Lucas Servén Marín
4d00bc56fe
pkg/mesh/graph.go: use WireGuard CIDR as title
This commit changes the graph so that the WireGuard CIDR is used as the
title rather than the pod subnet assigned to a node in the cluster.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-01-29 15:49:42 +01:00
Lucas Servén Marín
27ca2d4b17
Merge pull request #104 from leonnicolas/nodes_without_private_ips
Nodes without private IPs
2021-01-24 23:21:51 +01:00
leonnicolas
3a201ba0fa
Nodes without private IPs
Allow nodes to have no private IPs.
Nodes without private IPs will automatically be put into
their own location.
2021-01-24 22:37:24 +01:00
Lucas Servén Marín
92825ba0c7
Merge pull request #103 from squat/ignore_kilo_ip_when_finding_internal_ips
pkg/mesh/mesh.go: ignore Kilo IP during discovery
2021-01-20 11:08:58 +01:00
Lucas Servén Marín
95c0143b1a
pkg/mesh/mesh.go: ignore Kilo IP during discovery
This ensures that Kilo will not select an IP assigned to the Kilo
interface when discovering public and private IPs.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-01-19 20:25:50 +01:00
Lucas Servén Marín
e7855825cf
docs/userspace-wireguard.md: add details
This commit clarifies a few lines from the userspace doc and notes in
the README that Kilo works with userspace WireGuard.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-01-07 13:48:10 +01:00
Lucas Servén Marín
f6f0b8c791
README.md: typo fix
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-01-07 13:17:47 +01:00
Lucas Servén Marín
dafae4bafb
Merge pull request #100 from leonnicolas/master
FEATURE: user space wireguard
2020-12-29 19:23:07 +01:00
leonnicolas
e30cff5293
FEATURE: user space wireguard
Add the possibility to use a user space implementation of wireguard. Specifically, the rust implementation boringtun.
2020-12-29 18:50:58 +01:00
Lucas Servén Marín
2d12d9ef81
docs/topology.md: grammar fix
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-12-19 14:59:22 +01:00
Lucas Servén Marín
a789003a58
Merge pull request #97 from castai/add-custom-topology-label
feat: add support for custom topology label
2020-12-19 14:56:05 +01:00
Tadeuš Varnas
a5684a97e0
Update topology.md 2020-12-14 10:53:21 +02:00
Tadeuš Varnas
849449890d
Apply suggestions from code review
Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
2020-12-14 10:20:53 +02:00
Lucas Servén Marín
12798add5f
Merge pull request #99 from squat/dependabot/npm_and_yarn/website/ini-1.3.8
build(deps): bump ini from 1.3.5 to 1.3.8 in /website
2020-12-12 11:36:16 +01:00
dependabot[bot]
a6a7f98c29
build(deps): bump ini from 1.3.5 to 1.3.8 in /website
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8)

Signed-off-by: dependabot[bot] <support@github.com>
2020-12-12 10:09:14 +00:00
varnastadues
cb12666fc1 feat: add support for custom topology label 2020-12-11 16:44:20 +02:00
Lucas Servén Marín
42c895f70a
Makefile: no darwin+arm windows+arm build matrix
This commit excludes Darwin+ARM and Windows+ARM combinations from the
build matrix.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-11-23 11:16:35 +01:00
Lucas Servén Marín
f52efc212c
Makefile: variable detection for cross-compilation
The PR to add support for cross-compilation to other OSs introduced a
bug in ARCH and OS variable detection. This commit fixes it.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-11-23 10:18:08 +01:00
Lucas Servén Marín
ab24242a44
Merge pull request #93 from squat/remove_coreos_specific_code
README.md: remove CoreOS-specific install step
2020-11-14 13:06:56 +01:00
Lucas Servén Marín
f205c9bfab
README.md: remove CoreOS-specific install step
This commit removes a code snippet that is specific to CoreOS Container
Linux. Including this in the installation instructions for WireGuard can
give the impression that this code works for any cluster.

Fixes: #89.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-11-14 13:04:50 +01:00
Lucas Servén Marín
6ab9913c7b
Merge pull request #92 from squat/non_linux
pkg/*: allow kgctl to compile for other OSes
2020-11-14 12:31:28 +01:00
Lucas Servén Marín
45cedbb84a
pkg/*: allow kgctl to compile for other OSes
This commit enables the compilation of kgctl when GOOS!=linux.
This fixes #56.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-11-14 12:16:07 +01:00
Lucas Servén Marín
b802489826
Merge pull request #87 from pratikbalar/patch-1
Highlighting Note
2020-11-11 08:41:22 +01:00
Praitk
ae8f0655b3
Highlighting Note
Highlighting Note in order to it visible first cause after analyzing some issues, i find people are ignoring this note section (including my self)
2020-11-11 11:53:26 +05:30
Lucas Servén Marín
425796ec4e
Merge pull request #80 from hansbogert/patch-1
doc: Add video reference to README
2020-10-24 15:13:46 +02:00
Hans van den Bogert
33eac74d4a
doc: Add video reference to README 2020-10-24 14:51:40 +02:00
Lucas Servén Marín
410a014daf
vendor: revendor
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-23 11:38:32 +02:00
Lucas Servén Marín
0cc1a2ff8c
docs,website: add doc for kg
This commit adds a doc for `kg`, the Kilo agent that runs on every node
in the mesh. This includes: the doc itself, files needed for the
website, and tooling to generate the document using `embedmd`.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-23 11:38:25 +02:00
Lucas Servén Marín
5e970d8b42
pkg/mesh: small change for clarity
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-18 16:11:01 +02:00
Lucas Servén Marín
ac7fa37fd0
Merge pull request #42 from squat/peer-dns-names
pkg/k8s: enable peers to use DNS names
2020-09-17 15:20:52 +02:00
Lucas Servén Marín
116fb7337a
pkg/k8s: enable peers to use DNS names
This commit enables peers defined using the Peer CRD to declare their
endpoints using DNS names.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-17 14:48:38 +02:00
Lucas Servén Marín
e3cb7d7958
.travis.yml: only tag latest images on master
Ensure that only images built from the master branch get tagged with
`latest`.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-17 14:47:40 +02:00
Lucas Servén Marín
d3492a72cb
website: add dependency resolutions
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-17 14:28:07 +02:00
Lucas Servén Marín
7750a08019
website: update syntax for new docusaurus version
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-17 13:05:47 +02:00
Lucas Servén Marín
5d7fb96274
website/yarn.lock: bump npm deps
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-17 13:05:20 +02:00
Lucas Servén Marín
b5cadfe3de
.travis.yml: only tag latest image if not git tag
If we tag a release for, e.g. 0.1.1, after we've already cut a 0.2.0
tag, then CI would tag the 0.1.1 image as `latest`, which is confusing.
This commit ensures that we only tag the `latest` image when building
from master.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2020-09-15 15:58:15 +02:00
Lucas Servén Marín
ab8df1306e
Merge pull request #65 from rubenv/patch-1
Fix typo
2020-07-14 15:31:10 +02:00