From 4c76feb574ce7d74cad190a1f1db4516cdaa9aa2 Mon Sep 17 00:00:00 2001 From: James Date: Tue, 6 Jun 2023 09:27:00 +0000 Subject: [PATCH] Kubelet csr approver fixes (#10165) * Fix upgrade-path for kubelet-csr-approver Fixes an error when you enable kubelet-csr-approver when upgrading. It hangs waiting for the certificate to be approved since the kubelet-csr-approver is not installed yet. * Add missing package when using helm role --- playbooks/upgrade_cluster.yml | 2 +- roles/kubernetes-apps/helm/tasks/main.yml | 19 +++++++++++++++++++ roles/kubernetes-apps/helm/vars/amazon.yml | 2 ++ roles/kubernetes-apps/helm/vars/centos-9.yml | 2 ++ roles/kubernetes-apps/helm/vars/centos.yml | 2 ++ roles/kubernetes-apps/helm/vars/debian.yml | 2 ++ roles/kubernetes-apps/helm/vars/fedora.yml | 2 ++ roles/kubernetes-apps/helm/vars/redhat-9.yml | 2 ++ roles/kubernetes-apps/helm/vars/redhat.yml | 2 ++ roles/kubernetes-apps/helm/vars/suse.yml | 2 ++ roles/kubernetes-apps/helm/vars/ubuntu.yml | 2 ++ 11 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 roles/kubernetes-apps/helm/vars/amazon.yml create mode 100644 roles/kubernetes-apps/helm/vars/centos-9.yml create mode 100644 roles/kubernetes-apps/helm/vars/centos.yml create mode 100644 roles/kubernetes-apps/helm/vars/debian.yml create mode 100644 roles/kubernetes-apps/helm/vars/fedora.yml create mode 100644 roles/kubernetes-apps/helm/vars/redhat-9.yml create mode 100644 roles/kubernetes-apps/helm/vars/redhat.yml create mode 100644 roles/kubernetes-apps/helm/vars/suse.yml create mode 100644 roles/kubernetes-apps/helm/vars/ubuntu.yml diff --git a/playbooks/upgrade_cluster.yml b/playbooks/upgrade_cluster.yml index 96a8feb45..5eccc56ba 100644 --- a/playbooks/upgrade_cluster.yml +++ b/playbooks/upgrade_cluster.yml @@ -84,6 +84,7 @@ roles: - { role: kubespray-defaults } - { role: upgrade/pre-upgrade, tags: pre-upgrade } + - { role: kubernetes-apps/kubelet-csr-approver, tags: kubelet-csr-approver } - { role: container-engine, tags: "container-engine", when: deploy_container_engine } - { role: kubernetes/node, tags: node } - { role: kubernetes/control-plane, tags: master, upgrade_cluster_setup: true } @@ -104,7 +105,6 @@ - { role: kubernetes-apps/external_cloud_controller, tags: external-cloud-controller } - { role: network_plugin, tags: network } - { role: kubernetes-apps/network_plugin, tags: network } - - { role: kubernetes-apps/kubelet-csr-approver, tags: kubelet-csr-approver } - { role: kubernetes-apps/policy_controller, tags: policy-controller } - name: Finally handle worker upgrades, based on given batch size diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml index fee247b98..5a89fb69c 100644 --- a/roles/kubernetes-apps/helm/tasks/main.yml +++ b/roles/kubernetes-apps/helm/tasks/main.yml @@ -1,4 +1,23 @@ --- +- name: Helm | Gather os specific variables + include_vars: "{{ item }}" + with_first_found: + - files: + - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml" + - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml" + - "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml" + - "{{ ansible_distribution|lower }}.yml" + - "{{ ansible_os_family|lower }}.yml" + - defaults.yml + paths: + - ../vars + skip: true + +- name: Helm | Install PyYaml + package: + name: "{{ pyyaml_package }}" + state: present + - name: Helm | Download helm include_tasks: "../../../download/tasks/download_file.yml" vars: diff --git a/roles/kubernetes-apps/helm/vars/amazon.yml b/roles/kubernetes-apps/helm/vars/amazon.yml new file mode 100644 index 000000000..190d26225 --- /dev/null +++ b/roles/kubernetes-apps/helm/vars/amazon.yml @@ -0,0 +1,2 @@ +--- +pyyaml_package: PyYAML diff --git a/roles/kubernetes-apps/helm/vars/centos-9.yml b/roles/kubernetes-apps/helm/vars/centos-9.yml new file mode 100644 index 000000000..ba3964da9 --- /dev/null +++ b/roles/kubernetes-apps/helm/vars/centos-9.yml @@ -0,0 +1,2 @@ +--- +pyyaml_package: python3-pyyaml diff --git a/roles/kubernetes-apps/helm/vars/centos.yml b/roles/kubernetes-apps/helm/vars/centos.yml new file mode 100644 index 000000000..190d26225 --- /dev/null +++ b/roles/kubernetes-apps/helm/vars/centos.yml @@ -0,0 +1,2 @@ +--- +pyyaml_package: PyYAML diff --git a/roles/kubernetes-apps/helm/vars/debian.yml b/roles/kubernetes-apps/helm/vars/debian.yml new file mode 100644 index 000000000..db0add5b0 --- /dev/null +++ b/roles/kubernetes-apps/helm/vars/debian.yml @@ -0,0 +1,2 @@ +--- +pyyaml_package: python3-yaml diff --git a/roles/kubernetes-apps/helm/vars/fedora.yml b/roles/kubernetes-apps/helm/vars/fedora.yml new file mode 100644 index 000000000..ba3964da9 --- /dev/null +++ b/roles/kubernetes-apps/helm/vars/fedora.yml @@ -0,0 +1,2 @@ +--- +pyyaml_package: python3-pyyaml diff --git a/roles/kubernetes-apps/helm/vars/redhat-9.yml b/roles/kubernetes-apps/helm/vars/redhat-9.yml new file mode 100644 index 000000000..ba3964da9 --- /dev/null +++ b/roles/kubernetes-apps/helm/vars/redhat-9.yml @@ -0,0 +1,2 @@ +--- +pyyaml_package: python3-pyyaml diff --git a/roles/kubernetes-apps/helm/vars/redhat.yml b/roles/kubernetes-apps/helm/vars/redhat.yml new file mode 100644 index 000000000..190d26225 --- /dev/null +++ b/roles/kubernetes-apps/helm/vars/redhat.yml @@ -0,0 +1,2 @@ +--- +pyyaml_package: PyYAML diff --git a/roles/kubernetes-apps/helm/vars/suse.yml b/roles/kubernetes-apps/helm/vars/suse.yml new file mode 100644 index 000000000..190d26225 --- /dev/null +++ b/roles/kubernetes-apps/helm/vars/suse.yml @@ -0,0 +1,2 @@ +--- +pyyaml_package: PyYAML diff --git a/roles/kubernetes-apps/helm/vars/ubuntu.yml b/roles/kubernetes-apps/helm/vars/ubuntu.yml new file mode 100644 index 000000000..db0add5b0 --- /dev/null +++ b/roles/kubernetes-apps/helm/vars/ubuntu.yml @@ -0,0 +1,2 @@ +--- +pyyaml_package: python3-yaml