Kubelet csr approver fixes (#10165)

* Fix upgrade-path for kubelet-csr-approver

Fixes an error when you enable kubelet-csr-approver when upgrading.
It hangs waiting for the certificate to be approved since the
kubelet-csr-approver is not installed yet.

* Add missing package when using helm role
pull/10167/head
James 2023-06-06 09:27:00 +00:00 committed by GitHub
parent 18d84db41c
commit 4c76feb574
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 38 additions and 1 deletions

View File

@ -84,6 +84,7 @@
roles: roles:
- { role: kubespray-defaults } - { role: kubespray-defaults }
- { role: upgrade/pre-upgrade, tags: pre-upgrade } - { role: upgrade/pre-upgrade, tags: pre-upgrade }
- { role: kubernetes-apps/kubelet-csr-approver, tags: kubelet-csr-approver }
- { role: container-engine, tags: "container-engine", when: deploy_container_engine } - { role: container-engine, tags: "container-engine", when: deploy_container_engine }
- { role: kubernetes/node, tags: node } - { role: kubernetes/node, tags: node }
- { role: kubernetes/control-plane, tags: master, upgrade_cluster_setup: true } - { role: kubernetes/control-plane, tags: master, upgrade_cluster_setup: true }
@ -104,7 +105,6 @@
- { role: kubernetes-apps/external_cloud_controller, tags: external-cloud-controller } - { role: kubernetes-apps/external_cloud_controller, tags: external-cloud-controller }
- { role: network_plugin, tags: network } - { role: network_plugin, tags: network }
- { role: kubernetes-apps/network_plugin, tags: network } - { role: kubernetes-apps/network_plugin, tags: network }
- { role: kubernetes-apps/kubelet-csr-approver, tags: kubelet-csr-approver }
- { role: kubernetes-apps/policy_controller, tags: policy-controller } - { role: kubernetes-apps/policy_controller, tags: policy-controller }
- name: Finally handle worker upgrades, based on given batch size - name: Finally handle worker upgrades, based on given batch size

View File

@ -1,4 +1,23 @@
--- ---
- name: Helm | Gather os specific variables
include_vars: "{{ item }}"
with_first_found:
- files:
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_version|lower|replace('/', '_') }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_release }}.yml"
- "{{ ansible_distribution|lower }}-{{ ansible_distribution_major_version|lower|replace('/', '_') }}.yml"
- "{{ ansible_distribution|lower }}.yml"
- "{{ ansible_os_family|lower }}.yml"
- defaults.yml
paths:
- ../vars
skip: true
- name: Helm | Install PyYaml
package:
name: "{{ pyyaml_package }}"
state: present
- name: Helm | Download helm - name: Helm | Download helm
include_tasks: "../../../download/tasks/download_file.yml" include_tasks: "../../../download/tasks/download_file.yml"
vars: vars:

View File

@ -0,0 +1,2 @@
---
pyyaml_package: PyYAML

View File

@ -0,0 +1,2 @@
---
pyyaml_package: python3-pyyaml

View File

@ -0,0 +1,2 @@
---
pyyaml_package: PyYAML

View File

@ -0,0 +1,2 @@
---
pyyaml_package: python3-yaml

View File

@ -0,0 +1,2 @@
---
pyyaml_package: python3-pyyaml

View File

@ -0,0 +1,2 @@
---
pyyaml_package: python3-pyyaml

View File

@ -0,0 +1,2 @@
---
pyyaml_package: PyYAML

View File

@ -0,0 +1,2 @@
---
pyyaml_package: PyYAML

View File

@ -0,0 +1,2 @@
---
pyyaml_package: python3-yaml