e9f795c5ce
* Fixes an issue where apiserver and friends (controller manager, scheduler) were prevented from restarting after manifests/secrets are changed. This occurred when a replaced kubelet doesn't reconcile new master manifests, which caused old master component versions to linger during deployment. In my case this was causing upgrades from k8s 1.6/1.7 -> k8s 1.8 to fail * Improves transitions from kubelet container to host kubelet by preventing issues where kubelet container reappeared during the deployment
31 lines
1.1 KiB
YAML
31 lines
1.1 KiB
YAML
---
|
|
- name: "Pre-upgrade | etcd3 upgrade | see if old config exists"
|
|
command: "{{ bin_dir }}/etcdctl --peers={{ etcd_access_addresses }} ls /registry/minions"
|
|
environment:
|
|
ETCDCTL_API: 2
|
|
register: old_data_exists
|
|
delegate_to: "{{groups['etcd'][0]}}"
|
|
changed_when: false
|
|
when: kube_apiserver_storage_backend == "etcd3"
|
|
failed_when: false
|
|
|
|
- name: "Pre-upgrade | etcd3 upgrade | use etcd2 unless forced to etcd3"
|
|
set_fact:
|
|
kube_apiserver_storage_backend: "etcd2"
|
|
when: old_data_exists.rc == 0 and not force_etcd3|bool
|
|
|
|
- name: "Pre-upgrade | Delete master manifests"
|
|
file:
|
|
path: "/etc/kubernetes/manifests/{{item}}.manifest"
|
|
state: absent
|
|
with_items:
|
|
- ["kube-apiserver", "kube-controller-manager", "kube-scheduler"]
|
|
register: kube_apiserver_manifest_replaced
|
|
when: (secret_changed|default(false) or etcd_secret_changed|default(false))
|
|
|
|
- name: "Pre-upgrade | Delete master containers forcefully"
|
|
shell: "docker ps -af name=k8s_{{item}}* -q | xargs --no-run-if-empty docker rm -f"
|
|
with_items:
|
|
- ["kube-apiserver", "kube-controller-manager", "kube-scheduler"]
|
|
when: kube_apiserver_manifest_replaced.changed
|
|
run_once: true
|