fix for calico with kdd datastore (#4922)

* fix for calico with kdd datastore * remove AS number from daemonset * revert changes to canal * additionnal fixes for kdd datastore in calico
5 years ago · dc16ab92f4
5 changed files with 40 additions and 26 deletions
--- a/roles/network_plugin/calico/tasks/check.yml
+++ b/roles/network_plugin/calico/tasks/check.yml
@ -10,16 +10,10 @@
  run_once: yes

 - name: "Get current version of calico cluster version"
-  shell: "{{ bin_dir }}/calicoctl version  | grep 'Cluster Version:' | awk '{ print $3}'"
+  shell: "{{ bin_dir }}/calicoctl.sh version  | grep 'Cluster Version:' | awk '{ print $3}'"
  register: calico_version_on_server
  run_once: yes
  changed_when: false
-  environment:
-    ETCD_ENDPOINTS: "{{ etcd_access_addresses }}"
-    ETCD_CA_CERT_FILE: "{{ calico_cert_dir }}/ca_cert.crt"
-    ETCD_CERT_FILE: "{{ calico_cert_dir }}/cert.crt"
-    ETCD_KEY_FILE: "{{ calico_cert_dir }}/key.pem"
-

 - name: "Determine if calico upgrade is needed"
  block:
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@ -35,7 +35,7 @@

 - name: Calico | Install calicoctl wrapper script
  template:
-    src: calicoctl.sh.j2
+    src: "calicoctl.{{ calico_datastore }}.sh.j2"
    dest: "{{ bin_dir }}/calicoctl.sh"
    mode: 0755
    owner: root
@ -73,6 +73,32 @@
    - 'calico_conf.stdout == "0"'
    - calico_pool_cidr is defined

+- name: Calico | Create calico manifests for kdd
+  template:
+    src: "{{ item.file }}.j2"
+    dest: "{{ kube_config_dir }}/{{ item.file }}"
+  with_items:
+    - {name: calico, file: kdd-crds.yml, type: kdd}
+  register: calico_node_kdd_manifest
+  when:
+    - inventory_hostname in groups['kube-master']
+    - calico_datastore == "kdd"
+
+- name: Start Calico resources
+  kube:
+    name: "{{ item.item.name }}"
+    namespace: "kube-system"
+    kubectl: "{{ bin_dir }}/kubectl"
+    resource: "{{ item.item.type }}"
+    filename: "{{ kube_config_dir }}/{{ item.item.file }}"
+    state: "latest"
+  with_items:
+    - "{{ calico_node_kdd_manifest.results }}"
+  when:
+    - inventory_hostname == groups['kube-master'][0] and not item is skipped
+  loop_control:
+    label: "{{ item.item.file }}"
+
 - name: Calico | Configure calico network pool (v3.0.0 <= version < v3.3.0)
  shell: >
    echo "
@ -180,9 +206,10 @@
        "asNumber": "{{ local_as }}"
      },
      "orchRefs":[{"nodeName":"{{ inventory_hostname }}","orchestrator":"k8s"}]
-   }}' | {{ bin_dir }}/calicoctl.sh create --skip-exists -f -
+   }}' | {{ bin_dir }}/calicoctl.sh {{ 'apply -f -' if calico_datastore == "kdd" else 'create --skip-exists -f -' }}
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
+  delegate_to: "{{ groups['kube-master'][0] }}"
  when:
    - calico_version is version('v3.0.0', '>=')
    - peer_with_router|default(false)
@ -230,6 +257,7 @@
  delay: "{{ retry_stagger | random + 3 }}"
  with_items:
    - "{{ peers|selectattr('scope','undefined')|list|default([]) | union(peers|selectattr('scope','defined')|selectattr('scope','equalto', 'node')|list|default([])) }}"
+  delegate_to: "{{ groups['kube-master'][0] }}"
  when:
    - calico_version is version('v3.0.0', '>=')
    - peer_with_router|default(false)
@ -269,6 +297,7 @@
  with_items:
    - "{{ peers|selectattr('scope','defined')|selectattr('scope','equalto', 'global')|list|default([]) }}"
  run_once: true
+  delegate_to: "{{ groups['kube-master'][0] }}"
  when:
    - calico_version | version_compare('v3.0.0', '>=')
    - peer_with_router|default(false)
@ -309,6 +338,7 @@
  delay: "{{ retry_stagger | random + 3 }}"
  with_items:
    - "{{ groups['calico-rr'] | default([]) }}"
+  delegate_to: "{{ groups['kube-master'][0] }}"
  when:
    - calico_version is version('v3.0.0', '>=')
    - peer_with_calico_rr|default(false)
@ -351,17 +381,6 @@
    - inventory_hostname in groups['kube-master']
    - rbac_enabled or item.type not in rbac_resources

- name: Calico | Create calico manifests for kdd
-  template:
-    src: "{{ item.file }}.j2"
-    dest: "{{ kube_config_dir }}/{{ item.file }}"
-  with_items:
-    - {name: calico, file: kdd-crds.yml, type: kdd}
-  register: calico_node_kdd_manifest
-  when:
-    - inventory_hostname in groups['kube-master']
-    - calico_datastore == "kdd"
-
 - name: Calico | Create calico manifests for typha
  template:
    src: "{{ item.file }}.j2"
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@ -145,11 +145,6 @@ spec:
            # Wait for the datastore.
            - name: WAIT_FOR_DATASTORE
              value: "true"
-            # Set based on the k8s node name.
-            - name: NODENAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: spec.nodeName
 {% endif %}
            # Choose the backend to use.
            - name: CALICO_NETWORKING_BACKEND
@ -189,7 +184,7 @@ spec:
 # should be set in etcd before deployment
 #            # Configure the IP Pool from which Pod IPs will be chosen.
 #            - name: CALICO_IPV4POOL_CIDR
-#              value: "192.168.0.0/16"
+#              value: "{{ calico_pool_cidr | default(kube_pods_subnet) }}"
            - name: CALICO_IPV4POOL_IPIP
              value: "{{ calico_ipv4pool_ipip }}"
            # Disable IPv6 on Kubernetes.
--- a/roles/network_plugin/calico/templates/calicoctl.etcd.sh.j2
+++ b/roles/network_plugin/calico/templates/calicoctl.etcd.sh.j2
--- a/roles/network_plugin/calico/templates/calicoctl.kdd.sh.j2
+++ b/roles/network_plugin/calico/templates/calicoctl.kdd.sh.j2
@ -0,0 +1,6 @@
+#!/bin/bash
+DATASTORE_TYPE=kubernetes \
+{% if inventory_hostname in groups['kube-master'] %}
+KUBECONFIG={{ kube_config_dir }}/admin.conf \
+{% endif %}
+{{ bin_dir }}/calicoctl "$@"