remove support for calico v2.x (#4974)

* Remove support for calico below version v3.0.0 Change-Id: If8fe3036b9e054901a8b2c48516eff1e1271970f * Update main.yml * fixup node peering Change-Id: Ifac4d363deba826f0c80e390ce80a28df9827323 * fixups Change-Id: Ic35417330af6741962003b3930604393c90804d1 * fixups Change-Id: I0ea82d634bb0c81d9b7dc50569c70988bc8d3a3b
2019-07-15 17:47:09 +03:00 · 2019-07-15 17:47:09 +03:00 · 23ae6027ab
commit 23ae6027ab
parent 781b5691c9
6 changed files with 9 additions and 145 deletions
--- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
@ -137,6 +137,14 @@
    - cloud-provider
    - facts
 - name: Ensure minimum calico version
  assert:
    that: calico_version is version('v3.0.0', '>=')
    msg: "calico_version is too low. Minimum version v3.0.0"
  run_once: yes
  when:
    - kube_network_plugin == 'calico'
 - name: "Get current version of calico cluster version"
  shell: "{{ bin_dir }}/calicoctl.sh version  | grep 'Cluster Version:' | awk '{ print $3}'"
  register: calico_version_on_server
--- a/roles/network_plugin/calico/rr/tasks/main.yml
+++ b/roles/network_plugin/calico/rr/tasks/main.yml
@ -72,26 +72,6 @@
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  delegate_to: "{{ groups['etcd'][0] }}"
  when:
    - calico_version is version("v3.0.0", ">=")
 - name: Calico-rr | Configure route reflector (legacy)
  command: |-
    {{ bin_dir }}/etcdctl \
    --peers={{ etcd_access_addresses }} \
    set /calico/bgp/v1/rr_v4/{{ rr_ip }} \
    '{
       "ip": "{{ rr_ip }}",
       "cluster_id": "{{ cluster_id }}"
     }'
  environment:
    ETCDCTL_CERT_FILE: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}.pem"
    ETCDCTL_KEY_FILE: "{{ etcd_cert_dir }}/admin-{{ groups['etcd'][0] }}-key.pem"
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  delegate_to: "{{ groups['etcd'][0] }}"
  when:
    - calico_version is version("v3.0.0", "<")
 - meta: flush_handlers
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@ -102,7 +102,7 @@
  loop_control:
    label: "{{ item.item.file }}"
- name: Calico | Configure calico network pool (v3.0.0 <= version < v3.3.0)
+- name: Calico | Configure calico network pool (version < v3.3.0)
  shell: >
    echo "
      { "kind": "IPPool",
@ -117,7 +117,6 @@
  when:
    - inventory_hostname == groups['kube-master'][0]
    - 'calico_conf.stdout == "0"'
    - calico_version is version("v3.0.0", ">=")
    - calico_version is version("v3.3.0", "<")
 - name: Calico | Configure calico network pool (version >= v3.3.0)
@ -138,22 +137,6 @@
    - 'calico_conf.stdout == "0"'
    - calico_version is version("v3.3.0", ">=")
 - name: Calico | Configure calico network pool (legacy)
  shell: >
    echo '
      { "kind": "ipPool",
        "spec": {"disabled": false, "ipip": {"enabled": {{ ipip }}, "mode": "{{ ipip_mode|lower }}"},
                 "nat-outgoing": {{ nat_outgoing|default(false) and not peer_with_router|default(false) }}},
        "apiVersion": "v1",
        "metadata": {"cidr": "{{ calico_pool_cidr | default(kube_pods_subnet) }}"}
      }' | {{ bin_dir }}/calicoctl.sh apply -f -
  environment:
    NO_DEFAULT_POOLS: true
  when:
    - inventory_hostname == groups['kube-master'][0]
    - 'calico_conf.stdout == "0"'
    - calico_version is version("v3.0.0", "<")
 - name: "Determine nodeToNodeMesh needed state"
  set_fact:
    nodeToNodeMeshEnabled: "false"
@ -177,20 +160,6 @@
  changed_when: false
  when:
    - inventory_hostname == groups['kube-master'][0]
    - calico_version is version('v3.0.0', '>=')
 - name: Calico | Set global as_num (legacy)
  command: "{{ bin_dir }}/calicoctl.sh config set asNumber {{ global_as_num }}"
  when:
    - inventory_hostname == groups['kube-master'][0]
    - calico_version is version('v3.0.0', '<')
 - name: Calico | Disable node mesh (legacy)
  command: "{{ bin_dir }}/calicoctl.sh config set nodeToNodeMesh off"
  when:
    - inventory_hostname == groups['kube-master'][0]
    - calico_version is version('v3.0.0', '<')
    - nodeToMeshEnabled|default(True)
 - name: Calico | Configure peering with router(s) at global scope
  shell: >
@ -210,24 +179,6 @@
    - "{{ peers|selectattr('scope','defined')|selectattr('scope','equalto', 'global')|list|default([]) }}"
  when:
    - inventory_hostname == groups['kube-master'][0]
    - calico_version | version_compare('v3.0.0', '>=')
    - peer_with_router|default(false)
 - name: Calico | Configure peering with router(s) at global scope (legacy)
  shell: >
   echo '{
   "kind": "bgpPeer",
   "spec": {"asNumber": "{{ item.as }}"},
   "apiVersion": "v1",
   "metadata": {"scope": "global", "peerIP": "{{ item.router_id }}"}
   }'
   | {{ bin_dir }}/calicoctl.sh create --skip-exists -f -
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  with_items: "{{ peers|selectattr('scope','defined')|selectattr('scope','equalto', 'global')|default([]) }}"
  when:
    - inventory_hostname == groups['kube-master'][0]
    - calico_version is version('v3.0.0', '<')
    - peer_with_router|default(false)
 - name: Calico | Create calico manifests
@ -298,30 +249,6 @@
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  when:
    - calico_version is version('v3.0.0', '>=')
    - peer_with_router|default(false)
    - inventory_hostname in groups['k8s-cluster']
    - local_as is defined
    - groups['calico-rr'] | default([]) | length == 0
 - name: Calico | Configure node asNumber for per node peering (legacy)
  shell: >
   echo '{
   "apiVersion": "v1",
   "kind": "node",
   "metadata": {
      "name": "{{ inventory_hostname }}"
   },
   "spec": {
      "bgp": {
        "asNumber": "{{ local_as }}"
      },
      "orchRefs":[{"nodeName":"{{ inventory_hostname }}","orchestrator":"k8s"}]
   }}' | {{ bin_dir }}/calicoctl.sh create --skip-exists -f -
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  when:
    - calico_version is version('v3.0.0', '<')
    - peer_with_router|default(false)
    - inventory_hostname in groups['k8s-cluster']
    - local_as is defined
@ -345,28 +272,9 @@
  with_items:
    - "{{ peers|selectattr('scope','undefined')|list|default([]) | union(peers|selectattr('scope','defined')|selectattr('scope','equalto', 'node')|list|default([])) }}"
  when:
    - calico_version is version('v3.0.0', '>=')
    - peer_with_router|default(false)
    - inventory_hostname in groups['k8s-cluster']
 - name: Calico | Configure peering with router(s) at node scope (legacy)
  shell: >
   echo '{
   "kind": "bgpPeer",
   "spec": {"asNumber": "{{ item.as }}"},
   "apiVersion": "v1",
   "metadata": {"node": "{{ inventory_hostname }}", "scope": "node", "peerIP": "{{ item.router_id }}"}
   }'
   | {{ bin_dir }}/calicoctl.sh create --skip-exists -f -
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  with_items: "{{ peers|selectattr('scope','undefined')|list|default([]) | union(peers|selectattr('scope','defined')|selectattr('scope','equalto', 'node')|list|default([])) }}"
  when:
    - calico_version | version_compare('v3.0.0', '<')
    - peer_with_router|default(false)
    - inventory_hostname in groups['k8s-cluster']
 - name: Calico | Configure peering with route reflectors
  shell: >
   echo '{
@ -385,27 +293,6 @@
  with_items:
    - "{{ groups['calico-rr'] | default([]) }}"
  when:
    - calico_version is version('v3.0.0', '>=')
    - peer_with_calico_rr|default(false)
    - inventory_hostname in groups['k8s-cluster']
    - hostvars[item]['cluster_id'] == cluster_id
 - name: Calico | Configure peering with route reflectors (legacy)
  shell: >
   echo '{
   "kind": "bgpPeer",
   "spec": {"asNumber": "{{ local_as | default(global_as_num) }}"},
   "apiVersion": "v1",
   "metadata": {"node": "{{ inventory_hostname }}",
     "scope": "node",
     "peerIP": "{{ hostvars[item]["calico_rr_ip"]|default(hostvars[item]["ip"])|default(fallback_ips[item]) }}"}
   }'
   | {{ bin_dir }}/calicoctl.sh create --skip-exists -f -
  retries: 4
  delay: "{{ retry_stagger | random + 3 }}"
  with_items: "{{ groups['calico-rr'] | default([]) }}"
  when:
    - calico_version is version('v3.0.0', '<')
    - not calico_upgrade_enabled
    - peer_with_calico_rr|default(false)
    - hostvars[item]['cluster_id'] == cluster_id
--- a/roles/network_plugin/calico/tasks/pre.yml
+++ b/roles/network_plugin/calico/tasks/pre.yml
@ -1,11 +1,4 @@
 ---
 - name: Calico | Disable calico-node service if it exists
  service:
    name: calico-node
    state: stopped
    enabled: no
  failed_when: false
 - name: Calico | Get kubelet hostname
  shell: >-
    {{ bin_dir }}/kubectl get node -o custom-columns='NAME:.metadata.name,INTERNAL-IP:.status.addresses[?(@.type=="InternalIP")].address'
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@ -25,9 +25,7 @@ spec:
        prometheus.io/port: "{{ calico_felix_prometheusmetricsport }}"
 {% endif %}
    spec:
 {% if kube_version is version('v1.11.1', '>=') %}
      priorityClassName: system-node-critical
 {% endif %}
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: calico-node
--- a/roles/network_plugin/canal/templates/canal-node.yaml.j2
+++ b/roles/network_plugin/canal/templates/canal-node.yaml.j2
@ -15,9 +15,7 @@ spec:
      labels:
        k8s-app: canal-node
    spec:
 {% if kube_version is version('v1.11.1', '>=') %}
      priorityClassName: system-node-critical
 {% endif %}
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      serviceAccountName: canal