From 4c76feb574ce7d74cad190a1f1db4516cdaa9aa2 Mon Sep 17 00:00:00 2001
From: James <github@j4m3s.eu>
Date: Tue, 6 Jun 2023 09:27:00 +0000
Subject: [PATCH] Kubelet csr approver fixes (#10165)
* Fix upgrade-path for kubelet-csr-approver
Fixes an error when you enable kubelet-csr-approver when upgrading.
It hangs waiting for the certificate to be approved since the
kubelet-csr-approver is not installed yet.
* Add missing package when using helm role
---
playbooks/upgrade_cluster.yml | 2 +-
roles/kubernetes-apps/helm/tasks/main.yml | 19 +++++++++++++++++++
roles/kubernetes-apps/helm/vars/amazon.yml | 2 ++
roles/kubernetes-apps/helm/vars/centos-9.yml | 2 ++
roles/kubernetes-apps/helm/vars/centos.yml | 2 ++
roles/kubernetes-apps/helm/vars/debian.yml | 2 ++
roles/kubernetes-apps/helm/vars/fedora.yml | 2 ++
roles/kubernetes-apps/helm/vars/redhat-9.yml | 2 ++
roles/kubernetes-apps/helm/vars/redhat.yml | 2 ++
roles/kubernetes-apps/helm/vars/suse.yml | 2 ++
roles/kubernetes-apps/helm/vars/ubuntu.yml | 2 ++
11 files changed, 38 insertions(+), 1 deletion(-)
create mode 100644 roles/kubernetes-apps/helm/vars/amazon.yml
create mode 100644 roles/kubernetes-apps/helm/vars/centos-9.yml
create mode 100644 roles/kubernetes-apps/helm/vars/centos.yml
create mode 100644 roles/kubernetes-apps/helm/vars/debian.yml
create mode 100644 roles/kubernetes-apps/helm/vars/fedora.yml
create mode 100644 roles/kubernetes-apps/helm/vars/redhat-9.yml
create mode 100644 roles/kubernetes-apps/helm/vars/redhat.yml
create mode 100644 roles/kubernetes-apps/helm/vars/suse.yml
create mode 100644 roles/kubernetes-apps/helm/vars/ubuntu.yml
diff --git a/playbooks/upgrade_cluster.yml b/playbooks/upgrade_cluster.yml
index 96a8feb45..5eccc56ba 100644
--- a/playbooks/upgrade_cluster.yml
+++ b/playbooks/upgrade_cluster.yml
@@ -84,6 +84,7 @@
roles:
- { role: kubespray-defaults }
- { role: upgrade/pre-upgrade, tags: pre-upgrade }
+ - { role: kubernetes-apps/kubelet-csr-approver, tags: kubelet-csr-approver }
- { role: container-engine, tags: "container-engine", when: deploy_container_engine }
- { role: kubernetes/node, tags: node }
- { role: kubernetes/control-plane, tags: master, upgrade_cluster_setup: true }
@@ -104,7 +105,6 @@
- { role: kubernetes-apps/external_cloud_controller, tags: external-cloud-controller }
- { role: network_plugin, tags: network }
- { role: kubernetes-apps/network_plugin, tags: network }
- - { role: kubernetes-apps/kubelet-csr-approver, tags: kubelet-csr-approver }
- { role: kubernetes-apps/policy_controller, tags: policy-controller }
- name: Finally handle worker upgrades, based on given batch size
diff --git a/roles/kubernetes-apps/helm/tasks/main.yml b/roles/kubernetes-apps/helm/tasks/main.yml
index fee247b98..5a89fb69c 100644
--- a/roles/kubernetes-apps/helm/tasks/main.yml
+++ b/roles/kubernetes-apps/helm/tasks/main.yml
@@ -1,4 +1,23 @@
---
+- name: Helm | Gather os specific variables
+ include_vars: "{{ item }}"
+ with_first_found:
+ - files:
+ - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml"
+ - "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml"
+ - "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml"
+ - "{{ ansible_distribution|lower }}.yml"
+ - "{{ ansible_os_family|lower }}.yml"
+ - defaults.yml
+ paths:
+ - ../vars
+ skip: true
+
+- name: Helm | Install PyYaml
+ package:
+ name: "{{ pyyaml_package }}"
+ state: present
+
- name: Helm | Download helm
include_tasks: "../../../download/tasks/download_file.yml"
vars:
diff --git a/roles/kubernetes-apps/helm/vars/amazon.yml b/roles/kubernetes-apps/helm/vars/amazon.yml
new file mode 100644
index 000000000..190d26225
--- /dev/null
+++ b/roles/kubernetes-apps/helm/vars/amazon.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: PyYAML
diff --git a/roles/kubernetes-apps/helm/vars/centos-9.yml b/roles/kubernetes-apps/helm/vars/centos-9.yml
new file mode 100644
index 000000000..ba3964da9
--- /dev/null
+++ b/roles/kubernetes-apps/helm/vars/centos-9.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: python3-pyyaml
diff --git a/roles/kubernetes-apps/helm/vars/centos.yml b/roles/kubernetes-apps/helm/vars/centos.yml
new file mode 100644
index 000000000..190d26225
--- /dev/null
+++ b/roles/kubernetes-apps/helm/vars/centos.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: PyYAML
diff --git a/roles/kubernetes-apps/helm/vars/debian.yml b/roles/kubernetes-apps/helm/vars/debian.yml
new file mode 100644
index 000000000..db0add5b0
--- /dev/null
+++ b/roles/kubernetes-apps/helm/vars/debian.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: python3-yaml
diff --git a/roles/kubernetes-apps/helm/vars/fedora.yml b/roles/kubernetes-apps/helm/vars/fedora.yml
new file mode 100644
index 000000000..ba3964da9
--- /dev/null
+++ b/roles/kubernetes-apps/helm/vars/fedora.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: python3-pyyaml
diff --git a/roles/kubernetes-apps/helm/vars/redhat-9.yml b/roles/kubernetes-apps/helm/vars/redhat-9.yml
new file mode 100644
index 000000000..ba3964da9
--- /dev/null
+++ b/roles/kubernetes-apps/helm/vars/redhat-9.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: python3-pyyaml
diff --git a/roles/kubernetes-apps/helm/vars/redhat.yml b/roles/kubernetes-apps/helm/vars/redhat.yml
new file mode 100644
index 000000000..190d26225
--- /dev/null
+++ b/roles/kubernetes-apps/helm/vars/redhat.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: PyYAML
diff --git a/roles/kubernetes-apps/helm/vars/suse.yml b/roles/kubernetes-apps/helm/vars/suse.yml
new file mode 100644
index 000000000..190d26225
--- /dev/null
+++ b/roles/kubernetes-apps/helm/vars/suse.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: PyYAML
diff --git a/roles/kubernetes-apps/helm/vars/ubuntu.yml b/roles/kubernetes-apps/helm/vars/ubuntu.yml
new file mode 100644
index 000000000..db0add5b0
--- /dev/null
+++ b/roles/kubernetes-apps/helm/vars/ubuntu.yml
@@ -0,0 +1,2 @@
+---
+pyyaml_package: python3-yaml
--
GitLab