From 536606c2ed40297375c01f4bf70048e10391a730 Mon Sep 17 00:00:00 2001
From: Lovro Seder <vrovro@gmail.com>
Date: Mon, 20 Apr 2020 17:43:39 +0200
Subject: [PATCH] Fix kube-proxy ds win nodeselector check for 1.17 (#5982)

* Fix kube-proxy ds nodeselector for older versions

* Fix for ansible-lint
---
 roles/win_nodes/kubernetes_patch/defaults/main.yml    |  2 ++
 .../files/nodeselector-os-linux-patch.json            |  1 -
 roles/win_nodes/kubernetes_patch/tasks/main.yml       | 11 ++---------
 3 files changed, 4 insertions(+), 10 deletions(-)
 delete mode 100644 roles/win_nodes/kubernetes_patch/files/nodeselector-os-linux-patch.json

diff --git a/roles/win_nodes/kubernetes_patch/defaults/main.yml b/roles/win_nodes/kubernetes_patch/defaults/main.yml
index 2dd8721b9..ab979d4c8 100644
--- a/roles/win_nodes/kubernetes_patch/defaults/main.yml
+++ b/roles/win_nodes/kubernetes_patch/defaults/main.yml
@@ -3,3 +3,5 @@
 kubernetes_user_manifests_path: "{{ ansible_env.HOME }}/kube-manifests"
 # Optionally remove kube_proxy installed by kubeadm
 kube_proxy_remove: false
+# nodeselector for kube-proxy ds is beta until 1.18
+kube_proxy_nodeselector: "{{ 'kubernetes.io/os' if kube_version is version('v1.18.0', '>=') else 'beta.kubernetes.io/os' }}"
diff --git a/roles/win_nodes/kubernetes_patch/files/nodeselector-os-linux-patch.json b/roles/win_nodes/kubernetes_patch/files/nodeselector-os-linux-patch.json
deleted file mode 100644
index d6a7761da..000000000
--- a/roles/win_nodes/kubernetes_patch/files/nodeselector-os-linux-patch.json
+++ /dev/null
@@ -1 +0,0 @@
-{"spec":{"template":{"spec":{"nodeSelector":{"kubernetes.io/os":"linux"}}}}}
\ No newline at end of file
diff --git a/roles/win_nodes/kubernetes_patch/tasks/main.yml b/roles/win_nodes/kubernetes_patch/tasks/main.yml
index 8d838686f..ada163451 100644
--- a/roles/win_nodes/kubernetes_patch/tasks/main.yml
+++ b/roles/win_nodes/kubernetes_patch/tasks/main.yml
@@ -9,17 +9,12 @@
 
 - name: Apply kube-proxy nodeselector
   block:
-    - name: Copy kube-proxy daemonset nodeselector patch
-      copy:
-        src: nodeselector-os-linux-patch.json
-        dest: "{{ kubernetes_user_manifests_path }}/nodeselector-os-linux-patch.json"
-
     # Due to https://github.com/kubernetes/kubernetes/issues/58212 we cannot rely on exit code for "kubectl patch"
     - name: Check current nodeselector for kube-proxy daemonset
       command: >-
         {{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf
         get ds kube-proxy --namespace=kube-system
-        -o jsonpath='{.spec.template.spec.nodeSelector.kubernetes\.io/os}'
+        -o jsonpath='{.spec.template.spec.nodeSelector.{{ kube_proxy_nodeselector | regex_replace('\.', '\\.') }}}'
       register: current_kube_proxy_state
       retries: 60
       delay: 5
@@ -30,9 +25,7 @@
       shell: >-
         {{ bin_dir }}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf
         patch ds kube-proxy --namespace=kube-system --type=strategic -p
-        "$(cat nodeselector-os-linux-patch.json)"
-      args:
-        chdir: "{{ kubernetes_user_manifests_path }}"
+        '{"spec":{"template":{"spec":{"nodeSelector":{"{{ kube_proxy_nodeselector }}":"linux"} }}}}'
       register: patch_kube_proxy_state
       when: current_kube_proxy_state.stdout | trim | lower != "linux"
 
-- 
GitLab