From e618d71f2a3b62ea6ca0afeb0c28ca0b0dbfce65 Mon Sep 17 00:00:00 2001 From: ChengHao Yang <17496418+tico88612@users.noreply.github.com> Date: Fri, 18 Apr 2025 09:56:55 +0800 Subject: [PATCH 1/2] Fix: kubeadm secondary use file discovery validation The validation step is moved to the end to avoid the loss of files that may lead to verification failure. Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com> --- .../control-plane/tasks/kubeadm-secondary.yml | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/roles/kubernetes/control-plane/tasks/kubeadm-secondary.yml b/roles/kubernetes/control-plane/tasks/kubeadm-secondary.yml index c797a882c..4e8cdf965 100644 --- a/roles/kubernetes/control-plane/tasks/kubeadm-secondary.yml +++ b/roles/kubernetes/control-plane/tasks/kubeadm-secondary.yml @@ -30,17 +30,6 @@ - hostvars[first_kube_control_plane]['kubeadm_upload_cert'] is defined - hostvars[first_kube_control_plane]['kubeadm_upload_cert'] is not skipped -- name: Create kubeadm ControlPlane config - template: - src: "kubeadm-controlplane.yaml.j2" - dest: "{{ kube_config_dir }}/kubeadm-controlplane.yaml" - mode: "0640" - backup: true - validate: "{{ kubeadm_config_validate_enabled | ternary(bin_dir + '/kubeadm config validate --config %s', omit) }}" - when: - - inventory_hostname != first_kube_control_plane - - not kubeadm_already_run.stat.exists - - name: Wait for k8s apiserver wait_for: host: "{{ kubeadm_discovery_address | regex_replace('\\]?:\\d+$', '') | regex_replace('^\\[', '') }}" @@ -84,6 +73,17 @@ - kubeadm_use_file_discovery - kubeadm_already_run is not defined or not kubeadm_already_run.stat.exists +- name: Create kubeadm ControlPlane config + template: + src: "kubeadm-controlplane.yaml.j2" + dest: "{{ kube_config_dir }}/kubeadm-controlplane.yaml" + mode: "0640" + backup: true + validate: "{{ kubeadm_config_validate_enabled | ternary(bin_dir + '/kubeadm config validate --config %s', omit) }}" + when: + - inventory_hostname != first_kube_control_plane + - not kubeadm_already_run.stat.exists + - name: Joining control plane node to the cluster. command: >- {{ bin_dir }}/kubeadm join From ac0b0e7d6e0aa05e8c7456734f1f17c3ef04cb6c Mon Sep 17 00:00:00 2001 From: ChengHao Yang <17496418+tico88612@users.noreply.github.com> Date: Thu, 15 May 2025 18:02:52 +0800 Subject: [PATCH 2/2] Fix: upgrade cluster discovery kubeconfig not found When installing or upgrading in the past, there was no validation config. Check if the file exists first to prevent subsequent validation errors. Signed-off-by: ChengHao Yang <17496418+tico88612@users.noreply.github.com> --- roles/kubernetes/kubeadm/tasks/main.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/roles/kubernetes/kubeadm/tasks/main.yml b/roles/kubernetes/kubeadm/tasks/main.yml index c140ccbc4..35555bf2b 100644 --- a/roles/kubernetes/kubeadm/tasks/main.yml +++ b/roles/kubernetes/kubeadm/tasks/main.yml @@ -58,6 +58,11 @@ delegate_to: "{{ groups['kube_control_plane'] | first }}" when: kubeadm_use_file_discovery +- name: Check if discovery kubeconfig exists + stat: + path: "{{ kube_config_dir }}/cluster-info-discovery-kubeconfig.yaml" + register: cluster_info_discovery_kubeconfig + - name: Copy discovery kubeconfig copy: dest: "{{ kube_config_dir }}/cluster-info-discovery-kubeconfig.yaml" @@ -66,7 +71,7 @@ mode: "0644" when: - ('kube_control_plane' not in group_names) - - not kubelet_conf.stat.exists + - not kubelet_conf.stat.exists or not cluster_info_discovery_kubeconfig.stat.exists - kubeadm_use_file_discovery - name: Create kubeadm client config