k3s-io/k3s - k3s - Gitea: ArmstrongLabs

Author SHA1 Message Date

Author	SHA1	Message	Date
Koen de Laat	4fa0e1e570	fix: Use actual warningPeriod in certmonitor Signed-off-by: Koen de Laat <koen.de.laat@philips.com> (cherry picked from commit `79ba10f5ec`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-06-04 13:21:47 -07:00
Brad Davidson	7ace0d9142	Refactor supervisor listener startup and add metrics * Refactor agent supervisor listener startup and authn/authz to use upstream auth delegators to perform for SubjectAccessReview for access to metrics. * Convert spegel and pprof handlers over to new structure. * Promote bind-address to agent flag to allow setting supervisor bind address for both agent and server. * Promote enable-pprof to agent flag to allow profiling agents. Access to the pprof endpoint now requires client cert auth, similar to the spegel registry api endpoint. * Add prometheus metrics handler. Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `ff679fb3ab`) Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2024-05-31 09:17:13 -07:00
Brad Davidson	d5a85d7307	Add certificate expiry check and warnings * Add ADR * Add `k3s certificate check` command. * Add periodic check and events when certs are about to expire. * Add metrics for certificate validity remaining, labeled by cert subject Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `7f659759dd`)	2024-04-11 10:01:16 -07:00

Koen de Laat

fix: Use actual warningPeriod in certmonitor

Signed-off-by: Koen de Laat <koen.de.laat@philips.com>
(cherry picked from commit 79ba10f5ec)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

2024-06-04 13:21:47 -07:00

Brad Davidson

7ace0d9142

Refactor supervisor listener startup and add metrics

* Refactor agent supervisor listener startup and authn/authz to use upstream
  auth delegators to perform for SubjectAccessReview for access to
  metrics.
* Convert spegel and pprof handlers over to new structure.
* Promote bind-address to agent flag to allow setting supervisor bind
  address for both agent and server.
* Promote enable-pprof to agent flag to allow profiling agents. Access
  to the pprof endpoint now requires client cert auth, similar to the
  spegel registry api endpoint.
* Add prometheus metrics handler.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit ff679fb3ab)
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

2024-05-31 09:17:13 -07:00

Brad Davidson

d5a85d7307

Add certificate expiry check and warnings

* Add ADR
* Add `k3s certificate check` command.
* Add periodic check and events when certs are about to expire.
* Add metrics for certificate validity remaining, labeled by cert subject

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 7f659759dd)

2024-04-11 10:01:16 -07:00

3 Commits (release-1.28)