From 90e8d4c4eab7bfb66f8617dce9841acd6a0e6b1b Mon Sep 17 00:00:00 2001 From: Matthew Mosesohn Date: Mon, 3 Apr 2017 16:50:17 +0300 Subject: [PATCH] Add /var/lib/cni to kubelet Necessary to persist this directory for host-local IPAM used by Canal Add pre-upgrade task to copy /var/lib/cni out of old kubelet. --- roles/kubernetes/node/tasks/main.yml | 3 +++ roles/kubernetes/node/tasks/pre_upgrade.yml | 6 ++++++ roles/kubernetes/node/templates/kubelet-container.j2 | 1 + roles/kubernetes/node/templates/kubelet.rkt.service.j2 | 2 ++ 4 files changed, 12 insertions(+) create mode 100644 roles/kubernetes/node/tasks/pre_upgrade.yml diff --git a/roles/kubernetes/node/tasks/main.yml b/roles/kubernetes/node/tasks/main.yml index a6a9c16f2..324e38867 100644 --- a/roles/kubernetes/node/tasks/main.yml +++ b/roles/kubernetes/node/tasks/main.yml @@ -4,6 +4,9 @@ {%- if inventory_hostname in groups['kube-master'] and inventory_hostname not in groups['kube-node'] -%}true{%- else -%}false{%- endif -%} tags: facts +- include: pre_upgrade.yml + tags: kubelet + - include: install.yml tags: kubelet diff --git a/roles/kubernetes/node/tasks/pre_upgrade.yml b/roles/kubernetes/node/tasks/pre_upgrade.yml new file mode 100644 index 000000000..612dd3e6f --- /dev/null +++ b/roles/kubernetes/node/tasks/pre_upgrade.yml @@ -0,0 +1,6 @@ +--- +- name: "Pre-upgrade | copy /var/lib/cni from kubelet" + command: docker cp kubelet:/var/lib/cni /var/lib/cni + args: + creates: "/var/lib/cni" + failed_when: false diff --git a/roles/kubernetes/node/templates/kubelet-container.j2 b/roles/kubernetes/node/templates/kubelet-container.j2 index ffea01cec..70c317b78 100644 --- a/roles/kubernetes/node/templates/kubelet-container.j2 +++ b/roles/kubernetes/node/templates/kubelet-container.j2 @@ -21,6 +21,7 @@ -v {{ docker_daemon_graph }}:/var/lib/docker:rw \ -v /var/log:/var/log:rw \ -v /var/lib/kubelet:/var/lib/kubelet:shared \ + -v /var/lib/cni:/var/lib/cni:shared \ -v /var/run:/var/run:rw \ -v {{kube_config_dir}}:{{kube_config_dir}}:ro \ {{ hyperkube_image_repo }}:{{ hyperkube_image_tag}} \ diff --git a/roles/kubernetes/node/templates/kubelet.rkt.service.j2 b/roles/kubernetes/node/templates/kubelet.rkt.service.j2 index cc5af31ec..be8a13dbf 100644 --- a/roles/kubernetes/node/templates/kubelet.rkt.service.j2 +++ b/roles/kubernetes/node/templates/kubelet.rkt.service.j2 @@ -34,8 +34,10 @@ ExecStart=/usr/bin/rkt run \ {% if kube_network_plugin in ["calico", "weave", "canal"] %} --volume etc-cni,kind=host,source=/etc/cni,readOnly=true \ --volume opt-cni,kind=host,source=/opt/cni,readOnly=true \ + --volume var-lib-cni,kind=host,source=/var/lib/cni,readOnly=false \ --mount volume=etc-cni,target=/etc/cni \ --mount volume=opt-cni,target=/opt/cni \ + --mount volume=var-lib-cni,target=/var/lib/cni \ {% endif %} --mount volume=dns,target=/etc/resolv.conf \ --mount volume=etc-kubernetes,target={{ kube_config_dir }} \