From 5f18fe739e9a9f5052cca2576ff6ea090feb8448 Mon Sep 17 00:00:00 2001
From: Injun Baeg <ij.baeg@navercorp.com>
Date: Tue, 6 Aug 2024 16:50:50 +0900
Subject: [PATCH] Restart kube-proxy pods only on configmap changes (#11401)
---
roles/kubernetes/kubeadm/tasks/main.yml | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/roles/kubernetes/kubeadm/tasks/main.yml b/roles/kubernetes/kubeadm/tasks/main.yml
index 2cb271a9e..2b5778726 100644
--- a/roles/kubernetes/kubeadm/tasks/main.yml
+++ b/roles/kubernetes/kubeadm/tasks/main.yml
@@ -158,6 +158,17 @@
- loadbalancer_apiserver is defined
notify: Kubeadm | restart kubelet
+- name: Get current resourceVersion of kube-proxy configmap
+ command: "{{ kubectl }} get configmap kube-proxy -n kube-system -o jsonpath='{.metadata.resourceVersion}'"
+ register: original_configmap_resource_version
+ run_once: true
+ delegate_to: "{{ groups['kube_control_plane'] | first }}"
+ delegate_facts: false
+ when:
+ - kube_proxy_deployed
+ tags:
+ - kube-proxy
+
# FIXME(mattymo): Need to point to localhost, otherwise masters will all point
# incorrectly to first master, creating SPoF.
- name: Update server field in kube-proxy kubeconfig
@@ -194,6 +205,17 @@
tags:
- kube-proxy
+- name: Get new resourceVersion of kube-proxy configmap
+ command: "{{ kubectl }} get configmap kube-proxy -n kube-system -o jsonpath='{.metadata.resourceVersion}'"
+ register: new_configmap_resource_version
+ run_once: true
+ delegate_to: "{{ groups['kube_control_plane'] | first }}"
+ delegate_facts: false
+ when:
+ - kube_proxy_deployed
+ tags:
+ - kube-proxy
+
- name: Set ca.crt file permission
file:
path: "{{ kube_cert_dir }}/ca.crt"
@@ -210,6 +232,7 @@
- kubeadm_config_api_fqdn is not defined or loadbalancer_apiserver is defined
- kubeadm_discovery_address != kube_apiserver_endpoint | replace("https://", "") or loadbalancer_apiserver is defined
- kube_proxy_deployed
+ - original_configmap_resource_version.stdout != new_configmap_resource_version.stdout
tags:
- kube-proxy
--
GitLab