From 5d99fa09404beee664c8ed6cf8f8a86082187792 Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Sat, 9 Sep 2017 23:41:20 +0300 Subject: [PATCH] Purge old upgrade hooks and unused tasks (#1641) --- roles/dnsmasq/tasks/main.yml | 2 - roles/dnsmasq/tasks/pre_upgrade.yml | 9 --- roles/etcd/tasks/install_docker.yml | 19 ----- roles/etcd/tasks/main.yml | 4 - roles/etcd/tasks/pre_upgrade.yml | 60 -------------- roles/kubernetes/master/tasks/main.yml | 3 - .../kubernetes/master/tasks/post-upgrade.yml | 31 ------- roles/kubernetes/master/tasks/pre-upgrade.yml | 80 +------------------ .../kubernetes/preinstall/tasks/gitinfos.yml | 30 ------- roles/kubernetes/preinstall/tasks/main.yml | 4 - roles/network_plugin/weave/tasks/main.yml | 2 - .../weave/tasks/pre-upgrade.yml | 42 ---------- roles/uploads/defaults/main.yml | 58 -------------- roles/uploads/tasks/main.yml | 27 ------- uploads.yml | 11 --- 15 files changed, 2 insertions(+), 380 deletions(-) delete mode 100644 roles/dnsmasq/tasks/pre_upgrade.yml delete mode 100644 roles/etcd/tasks/pre_upgrade.yml delete mode 100644 roles/kubernetes/master/tasks/post-upgrade.yml delete mode 100644 roles/kubernetes/preinstall/tasks/gitinfos.yml delete mode 100644 roles/network_plugin/weave/tasks/pre-upgrade.yml delete mode 100644 roles/uploads/defaults/main.yml delete mode 100644 roles/uploads/tasks/main.yml delete mode 100644 uploads.yml diff --git a/roles/dnsmasq/tasks/main.yml b/roles/dnsmasq/tasks/main.yml index 607e6df51..4a9031013 100644 --- a/roles/dnsmasq/tasks/main.yml +++ b/roles/dnsmasq/tasks/main.yml @@ -1,6 +1,4 @@ --- -- include: pre_upgrade.yml - - name: ensure dnsmasq.d directory exists file: path: /etc/dnsmasq.d diff --git a/roles/dnsmasq/tasks/pre_upgrade.yml b/roles/dnsmasq/tasks/pre_upgrade.yml deleted file mode 100644 index 9d1517580..000000000 --- a/roles/dnsmasq/tasks/pre_upgrade.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Delete legacy dnsmasq daemonset - kube: - name: dnsmasq - namespace: "{{system_namespace}}" - kubectl: "{{bin_dir}}/kubectl" - resource: "ds" - state: absent - when: inventory_hostname == groups['kube-master'][0] diff --git a/roles/etcd/tasks/install_docker.yml b/roles/etcd/tasks/install_docker.yml index 76eead2a2..f7589e812 100644 --- a/roles/etcd/tasks/install_docker.yml +++ b/roles/etcd/tasks/install_docker.yml @@ -11,22 +11,3 @@ retries: 4 delay: "{{ retry_stagger | random + 3 }}" changed_when: false - -# Plan B: looks nicer, but requires docker-py on all hosts: -# - name: Install | Set up etcd-binarycopy container -# docker: -# name: etcd-binarycopy -# state: present -# image: "{{ etcd_image_repo }}:{{ etcd_image_tag }}" -# when: etcd_deployment_type == "docker" -# -# - name: Install | Copy etcdctl from etcd-binarycopy container -# command: /usr/bin/docker cp "etcd-binarycopy:{{ etcd_container_bin_dir }}etcdctl" "{{ bin_dir }}/etcdctl" -# when: etcd_deployment_type == "docker" -# -# - name: Install | Clean up etcd-binarycopy container -# docker: -# name: etcd-binarycopy -# state: absent -# image: "{{ etcd_image_repo }}:{{ etcd_image_tag }}" -# when: etcd_deployment_type == "docker" diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index a21016941..3f8403570 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -1,8 +1,4 @@ --- -- include: pre_upgrade.yml - when: etcd_cluster_setup - tags: etcd-pre-upgrade - - include: check_certs.yml when: cert_management == "script" tags: [etcd-secrets, facts] diff --git a/roles/etcd/tasks/pre_upgrade.yml b/roles/etcd/tasks/pre_upgrade.yml deleted file mode 100644 index c08aee621..000000000 --- a/roles/etcd/tasks/pre_upgrade.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- -- name: "Pre-upgrade | check for etcd-proxy unit file" - stat: - path: /etc/systemd/system/etcd-proxy.service - register: etcd_proxy_service_file - tags: facts - -- name: "Pre-upgrade | check for etcd-proxy init script" - stat: - path: /etc/init.d/etcd-proxy - register: etcd_proxy_init_script - tags: facts - -- name: "Pre-upgrade | stop etcd-proxy if service defined" - service: - name: etcd-proxy - state: stopped - when: (etcd_proxy_service_file.stat.exists|default(False) or etcd_proxy_init_script.stat.exists|default(False)) - -- name: "Pre-upgrade | remove etcd-proxy service definition" - file: - path: "{{ item }}" - state: absent - when: (etcd_proxy_service_file.stat.exists|default(False) or etcd_proxy_init_script.stat.exists|default(False)) - with_items: - - /etc/systemd/system/etcd-proxy.service - - /etc/init.d/etcd-proxy - -- name: "Pre-upgrade | find etcd-proxy container" - command: "{{ docker_bin_dir }}/docker ps -aq --filter 'name=etcd-proxy*'" - register: etcd_proxy_container - changed_when: false - failed_when: false - -- name: "Pre-upgrade | remove etcd-proxy if it exists" - command: "{{ docker_bin_dir }}/docker rm -f {{item}}" - with_items: "{{etcd_proxy_container.stdout_lines|default()}}" - -- name: "Pre-upgrade | see if etcdctl is installed" - stat: - path: "{{ bin_dir }}/etcdctl" - register: etcdctl_installed - -- name: "Pre-upgrade | check if member list is non-SSL" - command: "{{ bin_dir }}/etcdctl --no-sync --peers={{ etcd_access_addresses | regex_replace('https','http') }} member list" - register: etcd_member_list - retries: 10 - delay: 3 - until: etcd_member_list.rc != 2 - run_once: true - when: etcdctl_installed.stat.exists - changed_when: false - failed_when: false - -- name: "Pre-upgrade | change peer names to SSL" - shell: >- - {{ bin_dir }}/etcdctl --no-sync --peers={{ etcd_access_addresses | regex_replace('https','http') }} member list | - awk -F"[: =]" '{print "{{ bin_dir }}/etcdctl --peers={{ etcd_access_addresses | regex_replace('https','http') }} member update "$1" https:"$7":"$8}' | bash - run_once: true - when: 'etcdctl_installed.stat.exists and etcd_member_list.rc == 0 and "http://" in etcd_member_list.stdout' diff --git a/roles/kubernetes/master/tasks/main.yml b/roles/kubernetes/master/tasks/main.yml index 24a3a495a..452463118 100644 --- a/roles/kubernetes/master/tasks/main.yml +++ b/roles/kubernetes/master/tasks/main.yml @@ -85,6 +85,3 @@ dest: "{{ kube_manifest_dir }}/kube-controller-manager.manifest" notify: Master | wait for kube-controller-manager tags: kube-controller-manager - -- include: post-upgrade.yml - tags: k8s-post-upgrade diff --git a/roles/kubernetes/master/tasks/post-upgrade.yml b/roles/kubernetes/master/tasks/post-upgrade.yml deleted file mode 100644 index 221bf542d..000000000 --- a/roles/kubernetes/master/tasks/post-upgrade.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -- name: "Post-upgrade | stop kubelet on all masters" - service: - name: kubelet - state: stopped - delegate_to: "{{item}}" - with_items: "{{groups['kube-master']}}" - when: needs_etcd_migration|bool - run_once: true - -- name: "Post-upgrade | Pause for kubelet stop" - pause: - seconds: 10 - when: needs_etcd_migration|bool - -- name: "Post-upgrade | start kubelet on all masters" - service: - name: kubelet - state: started - delegate_to: "{{item}}" - with_items: "{{groups['kube-master']}}" - when: needs_etcd_migration|bool - run_once: true - -- name: "Post-upgrade | etcd3 upgrade | purge etcd2 k8s data" - command: "{{ bin_dir }}/etcdctl --endpoints={{ etcd_access_addresses }} rm -r /registry" - environment: - ETCDCTL_API: 2 - delegate_to: "{{groups['etcd'][0]}}" - run_once: true - when: kube_apiserver_storage_backend == "etcd3" and needs_etcd_migration|bool|default(false) diff --git a/roles/kubernetes/master/tasks/pre-upgrade.yml b/roles/kubernetes/master/tasks/pre-upgrade.yml index 604659279..7cd650cbd 100644 --- a/roles/kubernetes/master/tasks/pre-upgrade.yml +++ b/roles/kubernetes/master/tasks/pre-upgrade.yml @@ -1,38 +1,4 @@ --- -- name: "Pre-upgrade | check for kube-apiserver unit file" - stat: - path: /etc/systemd/system/kube-apiserver.service - register: kube_apiserver_service_file - tags: [facts, kube-apiserver] - -- name: "Pre-upgrade | check for kube-apiserver init script" - stat: - path: /etc/init.d/kube-apiserver - register: kube_apiserver_init_script - tags: [facts, kube-apiserver] - -- name: "Pre-upgrade | stop kube-apiserver if service defined" - service: - name: kube-apiserver - state: stopped - when: (kube_apiserver_service_file.stat.exists|default(False) or kube_apiserver_init_script.stat.exists|default(False)) - tags: kube-apiserver - -- name: "Pre-upgrade | remove kube-apiserver service definition" - file: - path: "{{ item }}" - state: absent - when: (kube_apiserver_service_file.stat.exists|default(False) or kube_apiserver_init_script.stat.exists|default(False)) - with_items: - - /etc/systemd/system/kube-apiserver.service - - /etc/init.d/kube-apiserver - tags: kube-apiserver - -- name: "Pre-upgrade | See if kube-apiserver manifest exists" - stat: - path: /etc/kubernetes/manifests/kube-apiserver.manifest - register: kube_apiserver_manifest - - name: "Pre-upgrade | etcd3 upgrade | see if old config exists" command: "{{ bin_dir }}/etcdctl --peers={{ etcd_access_addresses }} ls /registry/minions" environment: @@ -47,19 +13,6 @@ kube_apiserver_storage_backend: "etcd2" when: old_data_exists.rc == 0 and not force_etcd3|bool -- name: "Pre-upgrade | etcd3 upgrade | see if data was already migrated" - command: "{{ bin_dir }}/etcdctl --endpoints={{ etcd_access_addresses }} get --limit=1 --prefix=true /registry/minions" - environment: - ETCDCTL_API: 3 - register: data_migrated - delegate_to: "{{groups['etcd'][0]}}" - when: kube_apiserver_storage_backend == "etcd3" - failed_when: false - -- name: "Pre-upgrade | etcd3 upgrade | set needs_etcd_migration" - set_fact: - needs_etcd_migration: "{{ force_etcd3|default(false) and kube_apiserver_storage_backend == 'etcd3' and data_migrated.stdout_lines|length == 0 and old_data_exists.rc == 0 }}" - - name: "Pre-upgrade | Delete master manifests on all kube-masters" file: path: "/etc/kubernetes/manifests/{{item[1]}}.manifest" @@ -69,7 +22,7 @@ - "{{groups['kube-master']}}" - ["kube-apiserver", "kube-controller-manager", "kube-scheduler"] register: kube_apiserver_manifest_replaced - when: (secret_changed|default(false) or etcd_secret_changed|default(false) or needs_etcd_migration|bool) and kube_apiserver_manifest.stat.exists + when: (secret_changed|default(false) or etcd_secret_changed|default(false)) - name: "Pre-upgrade | Delete master containers forcefully on all kube-masters" shell: "docker ps -f name=k8s-{{item}}* -q | xargs --no-run-if-empty docker rm -f" @@ -77,34 +30,5 @@ with_nested: - "{{groups['kube-master']}}" - ["kube-apiserver", "kube-controller-manager", "kube-scheduler"] - register: kube_apiserver_manifest_replaced - when: (secret_changed|default(false) or etcd_secret_changed|default(false) or needs_etcd_migration|bool) and kube_apiserver_manifest.stat.exists - run_once: true - -- name: "Pre-upgrade | etcd3 upgrade | stop etcd" - service: - name: etcd - state: stopped - delegate_to: "{{item}}" - with_items: "{{groups['etcd']}}" - when: needs_etcd_migration|bool - run_once: true - -- name: "Pre-upgrade | etcd3 upgrade | migrate data" - command: "{{ bin_dir }}/etcdctl migrate --data-dir=\"{{ etcd_data_dir }}\" --wal-dir=\"{{ etcd_data_dir }}/member/wal\"" - environment: - ETCDCTL_API: 3 - delegate_to: "{{item}}" - with_items: "{{groups['etcd']}}" - register: etcd_migrated - when: needs_etcd_migration|bool - run_once: true - -- name: "Pre-upgrade | etcd3 upgrade | start etcd" - service: - name: etcd - state: started - delegate_to: "{{item}}" - with_items: "{{groups['etcd']}}" - when: needs_etcd_migration|bool + when: kube_apiserver_manifest_replaced.changed run_once: true diff --git a/roles/kubernetes/preinstall/tasks/gitinfos.yml b/roles/kubernetes/preinstall/tasks/gitinfos.yml deleted file mode 100644 index 323c0babf..000000000 --- a/roles/kubernetes/preinstall/tasks/gitinfos.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# Deploy git infos -# ---------------- -- name: 'GIT | Install script for collecting git info' - template: - src: "{{ role_path }}/gen-gitinfos.sh" - dest: "{{ bin_dir }}/gen-gitinfos.sh" - mode: a+rwx - -- name: 'GIT | generate git informations' - local_action: command {{ role_path }}/gen-gitinfos.sh global - register: gitinfo - check_mode: no - -- name: 'GIT | copy ansible information' - template: - src: ansible_git.j2 - dest: /etc/.ansible.ini - backup: yes - -- name: 'GIT | generate diff file' - local_action: command {{ role_path }}/gen-gitinfos.sh diff - register: gitdiff - check_mode: no - -- name: 'GIT | copy git diff file' - copy: - content: "{{ gitdiff.stdout }}" - dest: /etc/.git-ansible.diff - backup: yes diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml index 65716816e..620aae35f 100644 --- a/roles/kubernetes/preinstall/tasks/main.yml +++ b/roles/kubernetes/preinstall/tasks/main.yml @@ -16,10 +16,6 @@ become: true tags: bootstrap-os -- include: gitinfos.yml - when: run_gitinfos - tags: facts - - include: set_facts.yml tags: facts diff --git a/roles/network_plugin/weave/tasks/main.yml b/roles/network_plugin/weave/tasks/main.yml index 38895ab40..462278e94 100644 --- a/roles/network_plugin/weave/tasks/main.yml +++ b/roles/network_plugin/weave/tasks/main.yml @@ -1,6 +1,4 @@ --- -- include: pre-upgrade.yml - - include: seed.yml when: weave_mode_seed diff --git a/roles/network_plugin/weave/tasks/pre-upgrade.yml b/roles/network_plugin/weave/tasks/pre-upgrade.yml deleted file mode 100644 index bcf3c2af2..000000000 --- a/roles/network_plugin/weave/tasks/pre-upgrade.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -- name: Weave pre-upgrade | Stop legacy weave - command: weave stop - failed_when: false - -- name: Weave pre-upgrade | Stop legacy systemd weave services - service: - name: "{{ item }}" - enabled: no - state: stopped - with_items: - - weaveexpose - - weaveproxy - - weave - failed_when: false - -- name: Weave pre-upgrade | Purge legacy systemd weave systemd unit files - file: - path: "{{ item }}" - state: absent - register: purged_weave_systemd_units - with_items: - - "/etc/systemd/system/weaveexpose.service" - - "/etc/systemd/system/weaveproxy.service" - - "/etc/systemd/system/weave.service" - -- name: Weave pre-upgrade | Reload systemd - command: systemctl daemon-reload - when: ansible_service_mgr == "systemd" and purged_weave_systemd_units.changed - -- name: Weave pre-upgrade | Purge legacy weave configs and binary - file: - path: "{{ item }}" - state: absent - with_items: - - "{{ bin_dir }}/weave" - - "/etc/weave.env" - -- name: Weave pre-upgrade | Purge legacy weave docker containers - shell: "docker ps -af 'name=^/weave.*' -q | xargs --no-run-if-empty docker rm -f" - retries: 3 - failed_when: false diff --git a/roles/uploads/defaults/main.yml b/roles/uploads/defaults/main.yml deleted file mode 100644 index b3df52d5e..000000000 --- a/roles/uploads/defaults/main.yml +++ /dev/null @@ -1,58 +0,0 @@ ---- -local_release_dir: /tmp - -# Versions -etcd_version: v3.0.17 -calico_version: v2.5.0 -calico_cni_version: v1.10.0 -weave_version: v2.0.1 - -# Download URL's -etcd_download_url: "https://github.com/coreos/etcd/releases/download/{{ etcd_version }}/etcd-{{ etcd_version }}-linux-amd64.tar.gz" -calico_cni_download_url: "https://github.com/projectcalico/calico-cni/releases/download/{{calico_cni_version}}/calico" -calico_cni_ipam_download_url: "https://github.com/projectcalico/calico-cni/releases/download/{{calico_cni_version}}/calico-ipam" -weave_download_url: "https://github.com/weaveworks/weave/releases/download/{{weave_version}}/weave" - -# Checksums -calico_cni_checksum: "c72abd0d7ee88376952e43999bcbfa7958171708108bd3f1087c599115350b46" -calico_cni_ipam_checksum: "280fdb1d80f11904adc11760a9a5f3ae29b2aaf911ff0163a8da25646e757413" -weave_checksum: "311f5fe25036c774c3ea9975e033f67e1f3c5afbe8b5693a1d36d51c94ac31c4" -etcd_checksum: "274c46a7f8d26f7ae99d6880610f54933cbcf7f3beafa19236c52eb5df8c7a0b" - -downloads: - - name: calico-cni-plugin - dest: calico/bin/calico - version: "{{calico_cni_version}}" - sha256: "{{ calico_cni_checksum }}" - source_url: "{{ calico_cni_download_url }}" - url: "{{ calico_cni_download_url }}" - owner: "root" - mode: "0755" - - - name: calico-cni-plugin-ipam - dest: calico/bin/calico-ipam - version: "{{calico_cni_version}}" - sha256: "{{ calico_cni_ipam_checksum }}" - source_url: "{{ calico_cni_ipam_download_url }}" - url: "{{ calico_cni_ipam_download_url }}" - owner: "root" - mode: "0755" - - - name: weave - dest: weave/bin/weave - version: "{{weave_version}}" - source_url: "{{weave_download_url}}" - url: "{{weave_download_url}}" - sha256: "{{ weave_checksum }}" - owner: "root" - mode: "0755" - - - name: etcd - version: "{{etcd_version}}" - dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz" - sha256: "{{ etcd_checksum }}" - source_url: "{{ etcd_download_url }}" - url: "{{ etcd_download_url }}" - unarchive: true - owner: "etcd" - mode: "0755" diff --git a/roles/uploads/tasks/main.yml b/roles/uploads/tasks/main.yml deleted file mode 100644 index a770020c2..000000000 --- a/roles/uploads/tasks/main.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- name: Create dest directories - file: - path: "{{local_release_dir}}/{{item.dest|dirname}}" - state: directory - recurse: yes - with_items: '{{downloads}}' - -- name: Download items - get_url: - url: "{{item.source_url}}" - dest: "{{local_release_dir}}/{{item.dest}}" - sha256sum: "{{item.sha256 | default(omit)}}" - owner: "{{ item.owner|default(omit) }}" - mode: "{{ item.mode|default(omit) }}" - with_items: '{{downloads}}' - -- name: uploads items - gc_storage: - bucket: kargo - object: "{{item.version}}_{{item.name}}" - src: "{{ local_release_dir }}/{{item.dest}}" - mode: put - permission: public-read - gs_access_key: 'changeme' - gs_secret_key: 'changeme' - with_items: '{{downloads}}' diff --git a/uploads.yml b/uploads.yml deleted file mode 100644 index 5544f4588..000000000 --- a/uploads.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- hosts: localhost - roles: - - {role: uploads} - -# TEST download -- hosts: localhost - vars: - local_release_dir: /tmp/from_gcloud - roles: - - {role: download} \ No newline at end of file