Calico upgrade path validation and old version cleanup (#6733)

* calico: add constant calico_min_version_required and verify current deployed version against it. * calico: remove upgrade support with data migration The tool was used pre v3.0.0 and is no longer needed. * calico: remove old version support from tasks * calico: remove old ver support from policy ctrl * calico: remove old ver support from node * canal: remove old ver support * remove unused calicoctl download checksums calico_min_version_required is the oldest version that can be installed Older versions can be removed.
2026-03-06 18:17:47 +03:00 · 2020-09-24 18:04:06 +02:00
parent 50e8a52c74
commit 28073c76ac
19 changed files with 21 additions and 253 deletions
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@@ -33,9 +33,8 @@ spec:
      # Minimize downtime during a rolling upgrade or deletion; tell Kubernetes to do a "force
      # deletion": https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods.
      terminationGracePeriodSeconds: 0
-{% if calico_version is version('v3.4.0', '>=') %}
      initContainers:
-{% if calico_datastore == "kdd" and calico_version is version('v3.6.0', '>=') %}
+{% if calico_datastore == "kdd" %}
        # This container performs upgrade from host-local IPAM to calico-ipam.
        # It can be deleted if this is a fresh installation, or if you have already
        # upgraded to use calico-ipam.
@@ -92,31 +91,7 @@ spec:
              name: cni-bin-dir
          securityContext:
            privileged: true
-{% endif %}
      containers:
-{% if calico_version is version('v3.3.0', '>=') and calico_version is version('v3.4.0', '<') %}
-        - name: install-cni
-          image: {{ calico_cni_image_repo }}:{{ calico_cni_image_tag }}
-          command: ["/opt/cni/bin/install"]
-          env:
-            # Name of the CNI config file to create.
-            - name: CNI_CONF_NAME
-              value: "10-calico.conflist"
-            # Install CNI binaries
-            - name: UPDATE_CNI_BINARIES
-              value: "true"
-            # The CNI network config to install on each node.
-            - name: CNI_NETWORK_CONFIG_FILE
-              value: "/host/etc/cni/net.d/calico.conflist.template"
-            # Prevents the container from sleeping forever.
-            - name: SLEEP
-              value: "false"
-          volumeMounts:
-            - mountPath: /host/etc/cni/net.d
-              name: cni-net-dir
-            - mountPath: /host/opt/cni/bin
-              name: cni-bin-dir
-{% endif %}
        # Runs calico/node container on each Kubernetes node.  This
        # container programs network policy and routes on each
        # host.
@@ -209,10 +184,8 @@ spec:
            - name: FELIX_KUBENODEPORTRANGES
              value: "{{ kube_apiserver_node_port_range.split('-')[0] }}:{{ kube_apiserver_node_port_range.split('-')[1] }}"
 {% endif %}
-{% if calico_version is version('v3.8.1', '>=') %}
            - name: FELIX_IPTABLESBACKEND
              value: "{{ calico_iptables_backend }}"
-{% endif %}
            - name: FELIX_IPTABLESLOCKTIMEOUTSECS
              value: "{{ calico_iptables_lock_timeout_secs }}"
 # should be set in etcd before deployment
@@ -250,7 +223,7 @@ spec:
              value: "{{ calico_felix_prometheusgometricsenabled }}"
            - name: FELIX_PROMETHEUSPROCESSMETRICSENABLED
              value: "{{ calico_felix_prometheusprocessmetricsenabled }}"
-{% if calico_version is version('v3.4.0', '>=') and calico_advertise_cluster_ips|default(false) %}
+{% if calico_advertise_cluster_ips|default(false) %}
            - name: CALICO_ADVERTISE_CLUSTER_IPS
              value: "{{ kube_service_addresses }}"
 {% endif %}
@@ -265,7 +238,7 @@ spec:
                fieldRef:
                  fieldPath: status.hostIP
 {% endif %}
-{% if calico_version is version('v3.9.0', '>=') and calico_use_default_route_src_ipaddr|default(false) %}
+{% if calico_use_default_route_src_ipaddr|default(false) %}
            - name: FELIX_DEVICEROUTESOURCEADDRESS
              valueFrom:
                fieldRef:
@@ -295,30 +268,17 @@ spec:
              cpu: {{ calico_node_cpu_requests }}
              memory: {{ calico_node_memory_requests }}
          livenessProbe:
-{% if calico_version is version('v3.8.0', '<') %}
-            httpGet:
-              host: 127.0.0.1
-              path: /liveness
-              port: 9099
-{% else %}
            exec:
              command:
              - /bin/calico-node
              - -felix-live
 {% if calico_network_backend|default("bird") == "bird" %}
              - -bird-live
-{% endif %}
 {% endif %}
            initialDelaySeconds: 5
            failureThreshold: 6
          readinessProbe:
            failureThreshold: 6
-{% if calico_version is version('v3.3.0', '<') %}
-            httpGet:
-              host: 127.0.0.1
-              path: /readiness
-              port: 9099
-{% else %}
            exec:
              command:
              - /bin/calico-node
@@ -326,7 +286,6 @@ spec:
              - -bird-ready
 {% endif %}
              - -felix-ready
-{% endif %}
          volumeMounts:
            - mountPath: /lib/modules
              name: lib-modules
@@ -382,7 +341,7 @@ spec:
          hostPath:
            path: /run/xtables.lock
            type: FileOrCreate
-{% if calico_datastore == "kdd" and calico_version is version('v3.6.0', '>=') %}
+{% if calico_datastore == "kdd" %}
        # Mount in the directory for host-local IPAM allocations. This is
        # used when upgrading from host-local to calico-ipam, and can be removed
        # if not using the upgrade-ipam init container.