github/kamaji
1
0
Fork 0
mirror of https://github.com/clastix/kamaji.git synced 2026-04-15 06:56:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
641 Commits 2 Branches 118 Tags
477989a214a82bd11b8fdc35fc609a2e048e7df6
Commit Graph

193 Commits

Author SHA1 Message Date
reoring
477989a214 chore: add concise error messages for non supported ingress hostname (#543) 
* chore: improve error handling and logging for certificate operations

- Enhance error reporting in GenerateCertificatePrivateKeyPair function
- Add detailed error checks for CA certificate and private key parsing
- Implement check for expected number of certificate files
- Improve error logging in APIServerCertificate resource

This commit preserves more details about certificate-related issues,
aiding in debugging and troubleshooting.

* feat: support loadbalancer hostname resolution

Add functionality to resolve loadbalancer hostname to IP address in DeclaredControlPlaneAddress method.
This enhances the existing IP address handling by allowing the use of hostnames for loadbalancers.

- Add hostname check in addition to IP check
- Implement hostname resolution using net.LookupIP
- Return the first resolved IP address if available

* fix: Remove hostname support for LoadBalancer ingress

- Extract LoadBalancer address logic to separate function
- Remove hostname resolution for LoadBalancer ingress
- Add explanatory comments on reasons for not supporting hostnames

* fix: replace fmt and vet with golint

- Remove fmt and vet targets
- Update build target to use golint instead of fmt and vet
- Remove fmt and vet dependencies from run target

* fix: lint errors
 2024-08-20 10:01:28 +02:00
Dario Tranchitella
65c94cc203 fix(kubeadm): storing kubelet defaults (#542) 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
Co-authored-by: Andrei Kvapil <kvapss@gmail.com>
 2024-08-13 08:48:12 +02:00
Dario Tranchitella
09310b55b4 fix: etcd migration based on prefix (#540) 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-08-12 19:24:26 +02:00
Dario Tranchitella
1731e8c2ed Merge commit from fork 
* fix(etcd): using rangeEnd function to restrict permissions

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>

* Update internal/datastore/etcd.go

Co-authored-by: Simon Kienzler <SimonKienzler@users.noreply.github.com>

---------

Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
Co-authored-by: Simon Kienzler <SimonKienzler@users.noreply.github.com>
 2024-08-12 16:41:16 +02:00
Dario Tranchitella
2e17d6b701 fix(ingress): comparing status enhancement (#503) 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-07-29 09:40:04 +02:00
Johann Wagner
b541962163 fix(ipv6): use net.JoinHostPort instead of fmt.Sprintf 2024-07-11 13:20:02 +02:00
Dario Tranchitella
91cbf0c507 feat: telemetry 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-06-27 11:38:41 +02:00
Dario Tranchitella
6ba4b4abac feat: supporting k8s v1.30.2 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-06-24 18:32:02 +02:00
Dario Tranchitella
45d0869b91 feat(webhook): validating DNS service IPs on Service CIDR 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-05-31 12:05:09 +02:00
Dario Tranchitella
511a08889e fix: nil pointer in datastore certificate handler 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-05-31 12:04:28 +02:00
Andrei Kvapil
e51df96777 fix: removing hardcoded cluster.local domain from TCP client 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-05-21 22:25:00 +02:00
Dario Tranchitella
b2fbb52361 feat: supporting k8s v1.30.1 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-05-19 11:59:33 +02:00
Dario Tranchitella
b1ea75f9c0 fix(psql): granting privileges to root user prior deletion 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-05-17 20:41:11 +02:00
Dario Tranchitella
d1910cd389 fix(nats): blocking reconciliation for missing multi-tenancy 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-05-09 16:55:01 +02:00
Dario Tranchitella
90aef60c18 feat: konnectivity agent tolerations support 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-05-09 11:36:07 +02:00
TheCodeAssassin
9ce8da0b37 feat: making DataStore TLS configuration optional 
Co-authored-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-05-09 11:34:50 +02:00
Mario Valderrama
9d73905965 fix: simplify arg parsing 
Signed-off-by: Mario Valderrama <mario.valderrama@ionos.com>
 2024-05-08 14:16:17 +02:00
Dario Tranchitella
6ffd6bbdfd feat(nats): webhook for missing multi-tenancy support 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-05-06 17:32:29 +02:00
TheCodeAssassin
f8a0206785 fix(nats): noEmbed is required in newer versions of kine 2024-05-02 18:26:32 +02:00
Dario Tranchitella
1d548665ee fix(kubeadm): version getter must return component versions 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-04-24 16:28:37 +02:00
Hamza BOUDOUCHE
37616865b4 feat: support for custom service account 2024-04-23 11:03:33 +02:00
Hamza BOUDOUCHE
d31b3eab0a feat: pod additional metadata 2024-04-22 17:55:38 +02:00
TheCodeAssassin
28a098af21 feat: initial support for NATS as Datastore (#442) 2024-04-22 15:31:35 +02:00
Andrei Kvapil
ced34a50e6 Allow overriding secretKey for kubeadm kubeconfig 
During reconciliation, the bootstrap provider copies the content from the secret provided by Kamaji, named `<cluster>-admin-kubeconfig` into a `cluster-info` configmap of tenant cluster, which then used by kubeadm to join nodes.

This change introduces a new annotation, `kamaji.clastix.io/kubeconfig-secret-key`, for the TenantControlPlane resource. This annotation instructs kamaji to read the kubeconfig from a specific key (the default one is super-admin.conf).

Example:

```
kamaji.clastix.io/kubeconfig-secret-key: super-admin.svc
```

This will instruct the system to use `super-admin.svc` a kubeconfig with a local service FQDN (introduced by https://github.com/clastix/kamaji/pull/403).

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-04-18 10:57:16 +02:00
Dario Tranchitella
1311220b94 fix(webhook): expecting leading slash 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-04-18 10:57:05 +02:00
Dario Tranchitella
b99639c9fa feat: supporting kubernetes v1.30 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-04-18 10:57:05 +02:00
Andrey
dc3d5060ca fix: ensure SetControllerReference to certificates 
Co-authored-by: Andrey Kontyakov <avkontya@mts.ru>
 2024-04-03 15:04:10 +02:00
Jason Witkowski
7ac8e5e539 fix: kube-apiserver extra args override 
Co-authored-by: Jason Witkowski <jwitkowski@zscaler.com>
Co-authored-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-03-04 11:45:27 +01:00
Jason Witkowski
cec4f9136d fix: konnectivity extra args override 
Co-authored-by: Jason Witkowski <jwitkowski@zscaler.com>
 2024-03-04 11:31:10 +01:00
Dario Tranchitella
cf1f2763f6 feat: supporting k8s v1.29.1 2024-01-26 17:30:03 +01:00
Dario Tranchitella
25dc19f839 feat: admin kubeconfig with local service FQDN 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2024-01-22 18:50:58 +01:00
Dario Tranchitella
755cc5bacd refactor(golangci-lint): aligning to new linters 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-12-15 13:02:49 +01:00
Dario Tranchitella
e0c86d685c feat: support for kubeadm cluster-admins rbac 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-12-15 13:02:49 +01:00
Dario Tranchitella
ddb700f4f0 refactor: upgrading to new dependencies 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-12-15 13:02:49 +01:00
Dario Tranchitella
8b999f1323 feat: supporting k8s v1.28 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-12-15 13:02:49 +01:00
Dario Tranchitella
045c5bbd7c fix(migrate): preventing 63 characters pod name limit 
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
 2023-12-12 12:24:22 +01:00
Dario Tranchitella
c8039cdf5c feat: supporting k8s v1.28.2 2023-10-17 19:46:19 +02:00
Dario Tranchitella
0f1a4f28de fix: blocking datastore secret deletion with finalizer 2023-09-29 10:56:28 +02:00
Dario Tranchitella
05ffd6cf75 feat: supporting k8s v1.28.1 2023-09-06 14:46:29 +02:00
Dario Tranchitella
dc97d69d0c fix: tcp deployment replica to pointer 2023-09-01 09:13:00 +01:00
Dario Tranchitella
58a5cac9e8 feat: supporting k8s 1.28 2023-08-22 09:35:16 +02:00
Dario Tranchitella
e9d2af931a fix(webhook): decoding delete content 2023-08-22 09:35:02 +02:00
Dario Tranchitella
65854721de fix(ingress): referencing ingress port from hostname 2023-08-08 10:55:33 +02:00
Dario Tranchitella
7e94ecdbab feat: kubeconfig and certificates rotation 2023-08-03 18:03:54 +02:00
Dario Tranchitella
648da19687 refactor: checking kubeconfig user certs validity 2023-08-03 18:03:54 +02:00
Dario Tranchitella
6c4b339c4b fix(typo): error message for kubeconfig 2023-08-03 18:03:54 +02:00
Dario Tranchitella
eee62032de refactor: ensuring owner reference and labels with controller label 2023-08-03 18:03:54 +02:00
Dario Tranchitella
751ce3722b fix(capi): keys for kubeadm-bootstrap controller 2023-08-01 19:04:58 +02:00
Dario Tranchitella
abcc662c96 fix(datastore): replacing dash with underscore 2023-07-05 22:20:55 +02:00
Dario Tranchitella
792119d2d3 fix: validating tcp name 2023-07-04 21:55:19 +02:00