From 150a969cf4304f95619e7ba29eebada6e497dadd Mon Sep 17 00:00:00 2001
From: Matthew Mosesohn <matthew.mosesohn@gmail.com>
Date: Thu, 14 Mar 2019 07:45:46 -0700
Subject: [PATCH] Forcefully delete pods when necessary (#4328)

Pods on down/unresponsive nodes can't be deleted without
--force --grace-period=0.

Fixes #4314
---
 roles/kubernetes-apps/rotate_tokens/tasks/main.yml | 2 +-
 roles/kubernetes/kubeadm/tasks/main.yml            | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/kubernetes-apps/rotate_tokens/tasks/main.yml b/roles/kubernetes-apps/rotate_tokens/tasks/main.yml
index 9c51b4ca0..2acb51ec2 100644
--- a/roles/kubernetes-apps/rotate_tokens/tasks/main.yml
+++ b/roles/kubernetes-apps/rotate_tokens/tasks/main.yml
@@ -44,5 +44,5 @@
   when: needs_rotation
 
 - name: Rotate Tokens | Delete pods in system namespace
-  command: "{{ bin_dir }}/kubectl --kubeconfig /etc/kubernetes/admin.conf delete pods -n kube-system --all"
+  command: "{{ bin_dir }}/kubectl --kubeconfig /etc/kubernetes/admin.conf delete pods -n kube-system --all --grace-period=0 --force"
   when: needs_rotation
diff --git a/roles/kubernetes/kubeadm/tasks/main.yml b/roles/kubernetes/kubeadm/tasks/main.yml
index e6a07b480..2d60876ff 100644
--- a/roles/kubernetes/kubeadm/tasks/main.yml
+++ b/roles/kubernetes/kubeadm/tasks/main.yml
@@ -133,7 +133,7 @@
     - kube-proxy
 
 - name: Restart all kube-proxy pods to ensure that they load the new configmap
-  shell: "{{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf delete pod -n kube-system -l k8s-app=kube-proxy"
+  shell: "{{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf delete pod -n kube-system -l k8s-app=kube-proxy --force --grace-period=0"
   delegate_to: "{{groups['kube-master']|first}}"
   run_once: true
   when:
-- 
GitLab