remove support for calico v2.x (#4974)

* Remove support for calico below version v3.0.0 Change-Id: If8fe3036b9e054901a8b2c48516eff1e1271970f * Update main.yml * fixup node peering Change-Id: Ifac4d363deba826f0c80e390ce80a28df9827323 * fixups Change-Id: Ic35417330af6741962003b3930604393c90804d1 * fixups Change-Id: I0ea82d634bb0c81d9b7dc50569c70988bc8d3a3b
5 years ago · 23ae6027ab
6 changed files with 9 additions and 145 deletions
--- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
@ -137,6 +137,14 @@
    - cloud-provider
    - facts

+- name: Ensure minimum calico version
+  assert:
+    that: calico_version is version('v3.0.0', '>=')
+    msg: "calico_version is too low. Minimum version v3.0.0"
+  run_once: yes
+  when:
+    - kube_network_plugin == 'calico'
+
 - name: "Get current version of calico cluster version"
  shell: "{{ bin_dir }}/calicoctl.sh version  | grep 'Cluster Version:' | awk '{ print $3}'"
  register: calico_version_on_server
--- a/roles/network_plugin/calico/rr/tasks/main.yml
+++ b/roles/network_plugin/calico/rr/tasks/main.yml
@ -72,26 +72,6 @@
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  delegate_to: "{{ groups['etcd'][0] }}"
-  when:
-    - calico_version is version("v3.0.0", ">=")
-
- name: Calico-rr | Configure route reflector (legacy)
-  command: |-
-    {{ bin_dir }}/etcdctl \
-    --peers={{ etcd_access_addresses }} \
-    set /calico/bgp/v1/rr_v4/{{ rr_ip }} \
-    '{
-       "ip": "{{ rr_ip }}",
-       "cluster_id": "{{ cluster_id }}"
-     }'
-  environment:
-    ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}.pem"
-    ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}-key.pem"
-  retries: 4
-  delay: "{{ retry_stagger | random + 3 }}"
-  delegate_to: "{{ groups['etcd'][0] }}"
-  when:
-    - calico_version is version("v3.0.0", "<")

 - meta: flush_handlers

--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@ -102,7 +102,7 @@
  loop_control:
    label: "{{ item.item.file }}"

- name: Calico | Configure calico network pool (v3.0.0 <= version < v3.3.0)
+- name: Calico | Configure calico network pool (version < v3.3.0)
  shell: >
    echo "
      { "kind": "IPPool",
@ -117,7 +117,6 @@
  when:
    - inventory_hostname == groups['kube-master'][0]
    - 'calico_conf.stdout == "0"'
-    - calico_version is version("v3.0.0", ">=")
    - calico_version is version("v3.3.0", "<")

 - name: Calico | Configure calico network pool (version >= v3.3.0)
@ -138,22 +137,6 @@
    - 'calico_conf.stdout == "0"'
    - calico_version is version("v3.3.0", ">=")

- name: Calico | Configure calico network pool (legacy)
-  shell: >
-    echo '
-      { "kind": "ipPool",
-        "spec": {"disabled": false, "ipip": {"enabled": {{ ipip }}, "mode": "{{ ipip_mode|lower }}"},
-                 "nat-outgoing": {{ nat_outgoing|default(false) and not peer_with_router|default(false) }}},
-        "apiVersion": "v1",
-        "metadata": {"cidr": "{{ calico_pool_cidr | default(kube_pods_subnet) }}"}
-      }' | {{ bin_dir }}/calicoctl.sh apply -f -
-  environment:
-    NO_DEFAULT_POOLS: true
-  when:
-    - inventory_hostname == groups['kube-master'][0]
-    - 'calico_conf.stdout == "0"'
-    - calico_version is version("v3.0.0", "<")
-
 - name: "Determine nodeToNodeMesh needed state"
  set_fact:
    nodeToNodeMeshEnabled: "false"
@ -177,20 +160,6 @@
  changed_when: false
  when:
    - inventory_hostname == groups['kube-master'][0]
-    - calico_version is version('v3.0.0', '>=')
-
- name: Calico | Set global as_num (legacy)
-  command: "{{ bin_dir }}/calicoctl.sh config set asNumber {{ global_as_num }}"
-  when:
-    - inventory_hostname == groups['kube-master'][0]
-    - calico_version is version('v3.0.0', '<')
-
- name: Calico | Disable node mesh (legacy)
-  command: "{{ bin_dir }}/calicoctl.sh config set nodeToNodeMesh off"
-  when:
-    - inventory_hostname == groups['kube-master'][0]
-    - calico_version is version('v3.0.0', '<')
-    - nodeToMeshEnabled|default(True)

 - name: Calico | Configure peering with router(s) at global scope
  shell: >
@ -210,24 +179,6 @@
    - "{{ peers|selectattr('scope','defined')|selectattr('scope','equalto', 'global')|list|default([]) }}"
  when:
    - inventory_hostname == groups['kube-master'][0]
-    - calico_version | version_compare('v3.0.0', '>=')
-    - peer_with_router|default(false)
-
- name: Calico | Configure peering with router(s) at global scope (legacy)
-  shell: >
-   echo '{
-   "kind": "bgpPeer",
-   "spec": {"asNumber": "{{ item.as }}"},
-   "apiVersion": "v1",
-   "metadata": {"scope": "global", "peerIP": "{{ item.router_id }}"}
-   }'
-   | {{ bin_dir }}/calicoctl.sh create --skip-exists -f -
-  retries: 4
-  delay: "{{ retry_stagger | random + 3 }}"
-  with_items: "{{ peers|selectattr('scope','defined')|selectattr('scope','equalto', 'global')|default([]) }}"
-  when:
-    - inventory_hostname == groups['kube-master'][0]
-    - calico_version is version('v3.0.0', '<')
    - peer_with_router|default(false)

 - name: Calico | Create calico manifests
@ -298,30 +249,6 @@
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  when:
-    - calico_version is version('v3.0.0', '>=')
-    - peer_with_router|default(false)
-    - inventory_hostname in groups['k8s-cluster']
-    - local_as is defined
-    - groups['calico-rr'] | default([]) | length == 0
-
- name: Calico | Configure node asNumber for per node peering (legacy)
-  shell: >
-   echo '{
-   "apiVersion": "v1",
-   "kind": "node",
-   "metadata": {
-      "name": "{{ inventory_hostname }}"
-   },
-   "spec": {
-      "bgp": {
-        "asNumber": "{{ local_as }}"
-      },
-      "orchRefs":[{"nodeName":"{{ inventory_hostname }}","orchestrator":"k8s"}]
-   }}' | {{ bin_dir }}/calicoctl.sh create --skip-exists -f -
-  retries: 4
-  delay: "{{ retry_stagger | random + 3 }}"
-  when:
-    - calico_version is version('v3.0.0', '<')
    - peer_with_router|default(false)
    - inventory_hostname in groups['k8s-cluster']
    - local_as is defined
@ -345,28 +272,9 @@
  with_items:
    - "{{ peers|selectattr('scope','undefined')|list|default([]) | union(peers|selectattr('scope','defined')|selectattr('scope','equalto', 'node')|list|default([])) }}"
  when:
-    - calico_version is version('v3.0.0', '>=')
-    - peer_with_router|default(false)
-    - inventory_hostname in groups['k8s-cluster']
-
- name: Calico | Configure peering with router(s) at node scope (legacy)
-  shell: >
-   echo '{
-   "kind": "bgpPeer",
-   "spec": {"asNumber": "{{ item.as }}"},
-   "apiVersion": "v1",
-   "metadata": {"node": "{{ inventory_hostname }}", "scope": "node", "peerIP": "{{ item.router_id }}"}
-   }'
-   | {{ bin_dir }}/calicoctl.sh create --skip-exists -f -
-  retries: 4
-  delay: "{{ retry_stagger | random + 3 }}"
-  with_items: "{{ peers|selectattr('scope','undefined')|list|default([]) | union(peers|selectattr('scope','defined')|selectattr('scope','equalto', 'node')|list|default([])) }}"
-  when:
-    - calico_version | version_compare('v3.0.0', '<')
    - peer_with_router|default(false)
    - inventory_hostname in groups['k8s-cluster']

-
 - name: Calico | Configure peering with route reflectors
  shell: >
   echo '{
@ -385,27 +293,6 @@
  with_items:
    - "{{ groups['calico-rr'] | default([]) }}"
  when:
-    - calico_version is version('v3.0.0', '>=')
    - peer_with_calico_rr|default(false)
    - inventory_hostname in groups['k8s-cluster']
    - hostvars[item]['cluster_id'] == cluster_id
-
- name: Calico | Configure peering with route reflectors (legacy)
-  shell: >
-   echo '{
-   "kind": "bgpPeer",
-   "spec": {"asNumber": "{{ local_as | default(global_as_num) }}"},
-   "apiVersion": "v1",
-   "metadata": {"node": "{{ inventory_hostname }}",
-     "scope": "node",
-     "peerIP": "{{ hostvars[item]["calico_rr_ip"]|default(hostvars[item]["ip"])|default(fallback_ips[item]) }}"}
-   }'
-   | {{ bin_dir }}/calicoctl.sh create --skip-exists -f -
-  retries: 4
-  delay: "{{ retry_stagger | random + 3 }}"
-  with_items: "{{ groups['calico-rr'] | default([]) }}"
-  when:
-    - calico_version is version('v3.0.0', '<')
-    - not calico_upgrade_enabled
-    - peer_with_calico_rr|default(false)
-    - hostvars[item]['cluster_id'] == cluster_id
--- a/roles/network_plugin/calico/tasks/pre.yml
+++ b/roles/network_plugin/calico/tasks/pre.yml
@ -1,11 +1,4 @@
 ---
- name: Calico | Disable calico-node service if it exists
-  service:
-    name: calico-node
-    state: stopped
-    enabled: no
-  failed_when: false
-
 - name: Calico | Get kubelet hostname
  shell: >-
    {{ bin_dir }}/kubectl get node -o custom-columns='NAME:.metadata.name,INTERNAL-IP:.status.addresses[?(@.type=="InternalIP")].address'
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@ -25,9 +25,7 @@ spec:
        prometheus.io/port: "{{ calico_felix_prometheusmetricsport }}"
 {% endif %}
    spec:
-{% if kube_version is version('v1.11.1', '>=') %}
      priorityClassName: system-node-critical
-{% endif %}
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: calico-node
--- a/roles/network_plugin/canal/templates/canal-node.yaml.j2
+++ b/roles/network_plugin/canal/templates/canal-node.yaml.j2
@ -15,9 +15,7 @@ spec:
      labels:
        k8s-app: canal-node
    spec:
-{% if kube_version is version('v1.11.1', '>=') %}
      priorityClassName: system-node-critical
-{% endif %}
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: canal