From d91f9e14e6c828a4d9a31d5c5c9393721467d9d3 Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Tue, 11 Sep 2018 15:14:10 +0300 Subject: [PATCH 1/5] Put back legacy support for calico ippools and bgp settings --- roles/network_plugin/calico/tasks/check.yml | 1 + roles/network_plugin/calico/tasks/install.yml | 55 +++++++++++++++---- 2 files changed, 46 insertions(+), 10 deletions(-) diff --git a/roles/network_plugin/calico/tasks/check.yml b/roles/network_plugin/calico/tasks/check.yml index cfacf12a1..89f204c59 100644 --- a/roles/network_plugin/calico/tasks/check.yml +++ b/roles/network_plugin/calico/tasks/check.yml @@ -22,6 +22,7 @@ that: - calico_version_on_server.stdout|version_compare('v2.6.5', '>=') msg: "Your version of calico is not fresh enough for upgrade" + when: calico_upgrade_enabled - name: "Set upgrade flag when version needs to be updated" set_fact: diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml index 4e1f1dc5e..dd72ff323 100644 --- a/roles/network_plugin/calico/tasks/install.yml +++ b/roles/network_plugin/calico/tasks/install.yml @@ -1,5 +1,4 @@ --- - - name: Calico | Write Calico cni config template: src: "cni-calico.conflist.j2" @@ -102,6 +101,25 @@ run_once: true delegate_to: "{{ groups['kube-master'][0] }}" when: + - calico_version_on_server.stdout|version_compare('v3.0.0', '>') or calico_upgrade_enabled + - 'calico_conf.stdout == "0"' + +- name: Calico | Configure calico network pool (legacy) + shell: > + echo ' + { "kind": "ipPool", + "spec": {"disabled": false, "ipip": {"enabled": {{ ipip }}, "mode": "{{ ipip_mode|lower }}"}, + "nat-outgoing": {{ nat_outgoing|default(false) and not peer_with_router|default(false) }}}, + "apiVersion": "v1", + "metadata": {"cidr": "{{ kube_pods_subnet }}"} + }' | {{ bin_dir }}/calicoctl apply -f - + environment: + NO_DEFAULT_POOLS: true + run_once: true + delegate_to: "{{ groups['kube-master'][0] }}" + when: + - calico_version_on_server.stdout|version_compare('v3.0.0', '<') + - not calico_upgrade_enabled - 'calico_conf.stdout == "0"' - name: "Determine nodeToNodeMesh needed state" @@ -112,7 +130,6 @@ - inventory_hostname in groups['k8s-cluster'] run_once: yes - - name: Calico | Set global as_num shell: > echo ' @@ -127,6 +144,24 @@ "asNumber": {{ global_as_num }} }} ' | {{ bin_dir }}/calicoctl --skip-exists create -f - run_once: true delegate_to: "{{ groups['kube-master'][0] }}" + when: + - calico_version_on_server.stdout|version_compare('v3.0.0', '>') or calico_upgrade_enabled + +- name: Calico | Set global as_num (legacy) + command: "{{ bin_dir}}/calicoctl config set asNumber {{ global_as_num }}" + run_once: true + when: + - calico_version_on_server.stdout|version_compare('v3.0.0', '<') + - not calico_upgrade_enabled + +- name: Calico | Disable node mesh (legacy) + command: "{{ bin_dir }}/calicoctl config set nodeToNodeMesh off" + run_once: yes + when: + - calico_version_on_server.stdout|version_compare('v3.0.0', '<') + - not calico_upgrade_enabled + - nodeToMeshEnabled|default(True) + run_once: true - name: Calico | Configure peering with router(s) shell: > @@ -164,10 +199,10 @@ delay: "{{ retry_stagger | random + 3 }}" with_items: "{{ peers|default([]) }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - - not calico_upgrade_enabled - - peer_with_router|default(false) - - inventory_hostname in groups['k8s-cluster'] + - calico_version_on_server.stdout|version_compare('v3.0.0', '<') + - not calico_upgrade_enabled + - peer_with_router|default(false) + - inventory_hostname in groups['k8s-cluster'] - name: Calico | Configure peering with route reflectors shell: > @@ -208,10 +243,10 @@ delay: "{{ retry_stagger | random + 3 }}" with_items: "{{ groups['calico-rr'] | default([]) }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - - not calico_upgrade_enabled - - peer_with_calico_rr|default(false) - - hostvars[item]['cluster_id'] == cluster_id + - calico_version_on_server.stdout|version_compare('v3.0.0', '<') + - not calico_upgrade_enabled + - peer_with_calico_rr|default(false) + - hostvars[item]['cluster_id'] == cluster_id - name: Calico | Create calico manifests From cc79125d3e432ba601c0f9cda2e5402ac167f68f Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Wed, 12 Sep 2018 17:03:55 +0300 Subject: [PATCH 2/5] Update install.yml --- roles/network_plugin/calico/tasks/install.yml | 21 +++++++++---------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml index dd72ff323..a292e3748 100644 --- a/roles/network_plugin/calico/tasks/install.yml +++ b/roles/network_plugin/calico/tasks/install.yml @@ -151,8 +151,8 @@ command: "{{ bin_dir}}/calicoctl config set asNumber {{ global_as_num }}" run_once: true when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - - not calico_upgrade_enabled + - calico_version_on_server.stdout|version_compare('v3.0.0', '<') + - not calico_upgrade_enabled - name: Calico | Disable node mesh (legacy) command: "{{ bin_dir }}/calicoctl config set nodeToNodeMesh off" @@ -161,7 +161,6 @@ - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - not calico_upgrade_enabled - nodeToMeshEnabled|default(True) - run_once: true - name: Calico | Configure peering with router(s) shell: > @@ -199,10 +198,10 @@ delay: "{{ retry_stagger | random + 3 }}" with_items: "{{ peers|default([]) }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - - not calico_upgrade_enabled - - peer_with_router|default(false) - - inventory_hostname in groups['k8s-cluster'] + - calico_version_on_server.stdout|version_compare('v3.0.0', '<') + - not calico_upgrade_enabled + - peer_with_router|default(false) + - inventory_hostname in groups['k8s-cluster'] - name: Calico | Configure peering with route reflectors shell: > @@ -243,10 +242,10 @@ delay: "{{ retry_stagger | random + 3 }}" with_items: "{{ groups['calico-rr'] | default([]) }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - - not calico_upgrade_enabled - - peer_with_calico_rr|default(false) - - hostvars[item]['cluster_id'] == cluster_id + - calico_version_on_server.stdout|version_compare('v3.0.0', '<') + - not calico_upgrade_enabled + - peer_with_calico_rr|default(false) + - hostvars[item]['cluster_id'] == cluster_id - name: Calico | Create calico manifests From 1091e82327b417abfffd34a1298e283da513c184 Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Wed, 12 Sep 2018 22:15:46 +0300 Subject: [PATCH 3/5] Update install.yml --- roles/network_plugin/calico/tasks/install.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml index a292e3748..2da09a9aa 100644 --- a/roles/network_plugin/calico/tasks/install.yml +++ b/roles/network_plugin/calico/tasks/install.yml @@ -101,7 +101,7 @@ run_once: true delegate_to: "{{ groups['kube-master'][0] }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '>') or calico_upgrade_enabled + - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') - 'calico_conf.stdout == "0"' - name: Calico | Configure calico network pool (legacy) @@ -145,8 +145,7 @@ run_once: true delegate_to: "{{ groups['kube-master'][0] }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '>') or calico_upgrade_enabled - + - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') - name: Calico | Set global as_num (legacy) command: "{{ bin_dir}}/calicoctl config set asNumber {{ global_as_num }}" run_once: true @@ -181,7 +180,7 @@ with_items: - "{{ peers|default([]) }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '>') or calico_upgrade_enabled + - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') - peer_with_router|default(false) - inventory_hostname in groups['k8s-cluster'] @@ -222,7 +221,7 @@ with_items: - "{{ groups['calico-rr'] | default([]) }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '>') or calico_upgrade_enabled + - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') - peer_with_calico_rr|default(false) - inventory_hostname in groups['k8s-cluster'] - hostvars[item]['cluster_id'] == cluster_id From 55d76ea3d815d0548f1555b5ff3736cf3d5326b8 Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Thu, 13 Sep 2018 12:04:53 +0300 Subject: [PATCH 4/5] Update install.yml --- roles/network_plugin/calico/tasks/install.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml index 2da09a9aa..294b09d3b 100644 --- a/roles/network_plugin/calico/tasks/install.yml +++ b/roles/network_plugin/calico/tasks/install.yml @@ -101,7 +101,7 @@ run_once: true delegate_to: "{{ groups['kube-master'][0] }}" when: - - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') + - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') - 'calico_conf.stdout == "0"' - name: Calico | Configure calico network pool (legacy) @@ -180,7 +180,7 @@ with_items: - "{{ peers|default([]) }}" when: - - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') + - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') - peer_with_router|default(false) - inventory_hostname in groups['k8s-cluster'] @@ -221,7 +221,7 @@ with_items: - "{{ groups['calico-rr'] | default([]) }}" when: - - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') + - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') - peer_with_calico_rr|default(false) - inventory_hostname in groups['k8s-cluster'] - hostvars[item]['cluster_id'] == cluster_id From c83350e59709df4e3200b37d462d5ad16e9d670c Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Thu, 13 Sep 2018 18:05:10 +0300 Subject: [PATCH 5/5] refactor to base on calico_version --- roles/network_plugin/calico/tasks/check.yml | 2 +- roles/network_plugin/calico/tasks/install.yml | 23 ++++++++----------- 2 files changed, 11 insertions(+), 14 deletions(-) diff --git a/roles/network_plugin/calico/tasks/check.yml b/roles/network_plugin/calico/tasks/check.yml index 89f204c59..7ddca6418 100644 --- a/roles/network_plugin/calico/tasks/check.yml +++ b/roles/network_plugin/calico/tasks/check.yml @@ -10,7 +10,7 @@ run_once: yes - name: "Get current version of calico cluster version" - shell: "{{ bin_dir }}/calicoctl version | grep 'Cluster Version' | awk '{ print $3}'" + shell: "{{ bin_dir }}/calicoctl version | grep 'Cluster Version:' | awk '{ print $3}'" register: calico_version_on_server run_once: yes delegate_to: "{{ groups['kube-master'][0] }}" diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml index 294b09d3b..f2d41f9fc 100644 --- a/roles/network_plugin/calico/tasks/install.yml +++ b/roles/network_plugin/calico/tasks/install.yml @@ -101,8 +101,8 @@ run_once: true delegate_to: "{{ groups['kube-master'][0] }}" when: - - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') - 'calico_conf.stdout == "0"' + - calico_version | version_compare("v3.0.0", ">=") - name: Calico | Configure calico network pool (legacy) shell: > @@ -118,9 +118,8 @@ run_once: true delegate_to: "{{ groups['kube-master'][0] }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - - not calico_upgrade_enabled - 'calico_conf.stdout == "0"' + - calico_version | version_compare("v3.0.0", "<") - name: "Determine nodeToNodeMesh needed state" set_fact: @@ -145,20 +144,19 @@ run_once: true delegate_to: "{{ groups['kube-master'][0] }}" when: - - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') + - calico_version | version_compare('v3.0.0', '>=') + - name: Calico | Set global as_num (legacy) command: "{{ bin_dir}}/calicoctl config set asNumber {{ global_as_num }}" run_once: true when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - - not calico_upgrade_enabled + - calico_version | version_compare('v3.0.0', '<') - name: Calico | Disable node mesh (legacy) command: "{{ bin_dir }}/calicoctl config set nodeToNodeMesh off" run_once: yes when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - - not calico_upgrade_enabled + - calico_version | version_compare('v3.0.0', '<') - nodeToMeshEnabled|default(True) - name: Calico | Configure peering with router(s) @@ -180,7 +178,7 @@ with_items: - "{{ peers|default([]) }}" when: - - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') + - calico_version | version_compare('v3.0.0', '>=') - peer_with_router|default(false) - inventory_hostname in groups['k8s-cluster'] @@ -197,8 +195,7 @@ delay: "{{ retry_stagger | random + 3 }}" with_items: "{{ peers|default([]) }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') - - not calico_upgrade_enabled + - calico_version | version_compare('v3.0.0', '<') - peer_with_router|default(false) - inventory_hostname in groups['k8s-cluster'] @@ -221,7 +218,7 @@ with_items: - "{{ groups['calico-rr'] | default([]) }}" when: - - calico_upgrade_enabled or calico_version_on_server.stdout|version_compare('v3.0.0', '>') + - calico_version | version_compare('v3.0.0', '>=') - peer_with_calico_rr|default(false) - inventory_hostname in groups['k8s-cluster'] - hostvars[item]['cluster_id'] == cluster_id @@ -241,7 +238,7 @@ delay: "{{ retry_stagger | random + 3 }}" with_items: "{{ groups['calico-rr'] | default([]) }}" when: - - calico_version_on_server.stdout|version_compare('v3.0.0', '<') + - calico_version | version_compare('v3.0.0', '<') - not calico_upgrade_enabled - peer_with_calico_rr|default(false) - hostvars[item]['cluster_id'] == cluster_id