epostnikof/kubespray
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kubespray.git synced 2025-12-14 13:54:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix: add cilium remove old resources option

Browse Source 
Give users two options: besides skip Cilium, add
`cilium_remove_old_resources`, default is `false`, when set to `true`,
it will remove the content of the old version, but it will cause the
downtime, need to be careful to use.

Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com>
This commit is contained in:
ChengHao Yang
2025-05-24 19:57:32 +08:00
parent d1bd610049
commit 7bb9552e94
3 changed files with 53 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/network_plugin/cilium/defaults/main.yml
View File

@@ -1,5 +1,8 @@
--- ---
cilium_min_version_required: "1.15" cilium_min_version_required: "1.15"
# remove migrate after 2.29 released
cilium_remove_old_resources: false
# Log-level # Log-level
cilium_debug: false cilium_debug: false

5
roles/network_plugin/cilium/tasks/main.yml
View File

@@ -5,5 +5,10 @@
- name: Cilium install - name: Cilium install
include_tasks: install.yml include_tasks: install.yml
# Remove after 2.29 released
- name: Cilium remove old resources
when: cilium_remove_old_resources
include_tasks: remove_old_resources.yml
- name: Cilium apply - name: Cilium apply
include_tasks: apply.yml include_tasks: apply.yml

45
roles/network_plugin/cilium/tasks/remove_old_resources.yml Normal file
View File

@@ -0,0 +1,45 @@
---
# Remove after 2.29 released
- name: Cilium | Delete Old Resource
command: |
{{ kubectl }} delete {{ item.kind | lower }} {{ item.name }} \
{{ '-n kube-system' if item.kind not in ['ClusterRole', 'ClusterRoleBinding'] else '' }} \
loop:
- { kind: ServiceAccount, name: cilium }
- { kind: ServiceAccount, name: cilium-operator }
- { kind: ServiceAccount, name: hubble-generate-certs }
- { kind: ServiceAccount, name: hubble-relay }
- { kind: ServiceAccount, name: hubble-ui }
- { kind: Service, name: hubble-metrics }
- { kind: Service, name: hubble-relay-metrics }
- { kind: Service, name: hubble-relay }
- { kind: Service, name: hubble-ui }
- { kind: Service, name: hubble-peer }
- { kind: Deployment, name: cilium-operator }
- { kind: Deployment, name: hubble-relay }
- { kind: Deployment, name: hubble-ui }
- { kind: DaemonSet, name: cilium }
- { kind: CronJob, name: hubble-generate-certs }
- { kind: Job, name: hubble-generate-certs }
- { kind: ConfigMap, name: cilium-config }
- { kind: ConfigMap, name: ip-masq-agent }
- { kind: ConfigMap, name: hubble-relay-config }
- { kind: ConfigMap, name: hubble-ui-nginx }
- { kind: ClusterRole, name: cilium }
- { kind: ClusterRole, name: cilium-operator }
- { kind: ClusterRole, name: hubble-generate-certs }
- { kind: ClusterRole, name: hubble-relay }
- { kind: ClusterRole, name: hubble-ui }
- { kind: ClusterRoleBinding, name: cilium }
- { kind: ClusterRoleBinding, name: cilium-operator }
- { kind: ClusterRoleBinding, name: hubble-generate-certs }
- { kind: ClusterRoleBinding, name: hubble-relay }
- { kind: ClusterRoleBinding, name: hubble-ui }
- { kind: Secret, name: hubble-ca-secret }
- { kind: Secret, name: hubble-relay-client-certs }
- { kind: Secret, name: hubble-server-certs }
register: patch_result
when: inventory_hostname == groups['kube_control_plane'][0]
failed_when:
- patch_result.rc != 0
- "'not found' not in patch_result.stderr"