Skip to content

Commit

Permalink
Changes after review
Browse files Browse the repository at this point in the history
  • Loading branch information
@to-bar
to-bar committed Jul 10, 2020
1 parent 7693542 commit b662e2b
Show file tree
Hide file tree
Showing 3 changed files with 57 additions and 35 deletions.
4 changes: 1 addition & 3 deletions ...cli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/patch-kubeadm-config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,8 @@
# kube-apiserver uses --encryption-provider-config parameter to control how data is encrypted in etcd.
# If this parameter is absent the encryption is not enabled.
- name: upgrade-master | Check if encryption of secret data is enabled
shell: >-
command: >-
grep -- '--encryption-provider-config' /etc/kubernetes/manifests/kube-apiserver.yaml
args:
executable: /bin/bash
register: shell_grep_encryption_flag
changed_when: false
failed_when: shell_grep_encryption_flag.rc > 1
Expand Down
87 changes: 55 additions & 32 deletions ...mmon/ansible/playbooks/roles/upgrade/tasks/kubernetes/update-kubeadm-image-repository.yml
View file
Original file line number Diff line number Diff line change
@@ -1,34 +1,57 @@
---
# Note: Usage of the --config flag for reconfiguring the cluster during upgrade is not recommended since v1.16
- name: upgrade-master | Get value of imageRepository from kubeadm-config ConfigMap
shell: kubeadm config view
changed_when: false
register: result

- name: upgrade-master | Set current value of imageRepository as fact
set_fact:
kubeadm_image_repository: "{{ (result.stdout|from_yaml).imageRepository }}"

- name: upgrade-master | Set new value for imageRepository as fact
set_fact:
new_kubeadm_image_repository: >-
{%- if kubeadm_image_repository is search(':') -%}
{{ kubeadm_image_repository | regex_replace('^(?P<host>.+):(?P<port>\d+)', image_registry_address) }}
{%- else -%}
{{ image_registry_address }}/{{ kubeadm_image_repository }}
{%- endif -%}
- name: upgrade-master | Patch imageRepository in kubeadm-config ConfigMap
when:
- kubeadm_image_repository != new_kubeadm_image_repository
environment:
KUBECONFIG: /home/{{ admin_user.name }}/.kube/config
shell: |-
set -o pipefail &&
# do not use --export option since it has been deprecated in 1.14
kubectl get cm kubeadm-config -n kube-system -o yaml |
sed 's|imageRepository: {{ kubeadm_image_repository }}|imageRepository: {{ new_kubeadm_image_repository }}|g' |
xargs --null -I config_map_content \
kubectl patch cm kubeadm-config -n kube-system --patch config_map_content
args:
executable: /bin/bash
block:
- name: upgrade-master | Get kubeadm-config configmap
shell: |
kubectl get configmap kubeadm-config \
--namespace kube-system \
--output yaml
environment:
KUBECONFIG: &KUBECONFIG /etc/kubernetes/admin.conf
register: shell_kubeadm_configmap
changed_when: false

- name: upgrade-master | Patch kubeadm-config configmap (update-kubeadm-image-repository.yml)
when:
- _image_repository_updated != _image_repository # skip the task if nothing changed
shell: |
kubectl patch configmap kubeadm-config \
--namespace kube-system \
--patch "$KUBEADM_CONFIGMAP_DOCUMENT"
environment:
KUBECONFIG: *KUBECONFIG
# Render an altered kubeadm-config configmap document
KUBEADM_CONFIGMAP_DOCUMENT: >-
{{ _document | combine(_update2, recursive=true) | to_nice_yaml(indent=2) }}
vars:
# Parse yaml payload
_document: >-
{{ shell_kubeadm_configmap.stdout | from_yaml }}
# Extract cluster config
_cluster_config: >-
{{ _document.data.ClusterConfiguration | from_yaml }}
_image_repository: >-
{{ _cluster_config.imageRepository }}
_image_repository_updated: >-
{%- if _image_repository is search(':') -%}
{{ _image_repository | regex_replace('^(?P<host>.+):(?P<port>\d+)', image_registry_address) }}
{%- else -%}
{{ image_registry_address }}/{{ _image_repository }}
{%- endif -%}
# Prepare the cluster config patch
_update1:
imageRepository: "{{ _image_repository_updated }}"

_cluster_config_updated: >-
{{ _cluster_config | combine(_update1, recursive=true) }}
# Prepare the final update for the whole document
_update2:
data:
ClusterConfiguration: >-
{{ _cluster_config_updated | to_nice_yaml(indent=2) }}
1 change: 1 addition & 0 deletions ...rc/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/upgrade-master.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@
- name: upgrade-master | Wait for cluster's readiness
include_tasks: wait.yml

# Note: Usage of the --config flag for reconfiguring the cluster during upgrade is not recommended since v1.16
- name: upgrade-master | Validate whether cluster is upgradeable
# Ignore CoreDNSUnsupportedPlugins error since coredns-migration does not support 'hosts' plugin.
# This issue is fixed in K8s v1.18, see https://github.com/kubernetes/kubernetes/pull/88482
Expand Down

0 comments on commit b662e2b

Please sign in to comment.