From 5f18fe739e9a9f5052cca2576ff6ea090feb8448 Mon Sep 17 00:00:00 2001 From: Injun Baeg Date: Tue, 6 Aug 2024 16:50:50 +0900 Subject: [PATCH] Restart kube-proxy pods only on configmap changes (#11401) --- roles/kubernetes/kubeadm/tasks/main.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/roles/kubernetes/kubeadm/tasks/main.yml b/roles/kubernetes/kubeadm/tasks/main.yml index 2cb271a9e..2b5778726 100644 --- a/roles/kubernetes/kubeadm/tasks/main.yml +++ b/roles/kubernetes/kubeadm/tasks/main.yml @@ -158,6 +158,17 @@ - loadbalancer_apiserver is defined notify: Kubeadm | restart kubelet +- name: Get current resourceVersion of kube-proxy configmap + command: "{{ kubectl }} get configmap kube-proxy -n kube-system -o jsonpath='{.metadata.resourceVersion}'" + register: original_configmap_resource_version + run_once: true + delegate_to: "{{ groups['kube_control_plane'] | first }}" + delegate_facts: false + when: + - kube_proxy_deployed + tags: + - kube-proxy + # FIXME(mattymo): Need to point to localhost, otherwise masters will all point # incorrectly to first master, creating SPoF. - name: Update server field in kube-proxy kubeconfig @@ -194,6 +205,17 @@ tags: - kube-proxy +- name: Get new resourceVersion of kube-proxy configmap + command: "{{ kubectl }} get configmap kube-proxy -n kube-system -o jsonpath='{.metadata.resourceVersion}'" + register: new_configmap_resource_version + run_once: true + delegate_to: "{{ groups['kube_control_plane'] | first }}" + delegate_facts: false + when: + - kube_proxy_deployed + tags: + - kube-proxy + - name: Set ca.crt file permission file: path: "{{ kube_cert_dir }}/ca.crt" @@ -210,6 +232,7 @@ - kubeadm_config_api_fqdn is not defined or loadbalancer_apiserver is defined - kubeadm_discovery_address != kube_apiserver_endpoint | replace("https://", "") or loadbalancer_apiserver is defined - kube_proxy_deployed + - original_configmap_resource_version.stdout != new_configmap_resource_version.stdout tags: - kube-proxy