--- # Reference https://docs.tigera.io/calico/3.25/operations/operator-migration # Script creation of imageset: https://docs.tigera.io/calico/latest/operations/image-options/imageset#create-an-imageset # above may pull sha for arch of machine who ran the script - name: Try / Catch vars: operator_manifests: - Deployment-manifest-Calico_Operator.yaml.j2 - Installation-manifest-Calico_Cluster.yaml.j2 - FelixConfiguration-manifest-Calico_Cluster.yaml - IPPool-manifest-Calico_Cluster.yaml.j2 - APIServer-manifest-Calico_Cluster.yaml # - calico.yaml.j2 block: - name: Check for calico deployment manifest ansible.builtin.stat: name: /var/lib/rancher/k3s/server/manifests/calico.yaml become: true register: file_calico_yaml_metadata - name: Move Calico Manifest from addons directory ansible.builtin.command: cmd: mv /var/lib/rancher/k3s/server/manifests/calico.yaml /tmp/ become: true changed_when: false when: file_calico_yaml_metadata.stat.exists - name: Remove addon from Kubernetes ansible.builtin.command: cmd: kubectl delete addon -n kube-system calico become: true changed_when: false when: file_calico_yaml_metadata.stat.exists - name: Uninstall Calico ansible.builtin.command: cmd: kubectl delete -f /tmp/calico.yaml become: true changed_when: false when: file_calico_yaml_metadata.stat.exists - name: Copy Manifest for addition ansible.builtin.template: src: "{{ item }}" dest: "/tmp/{{ item | lower | replace('.j2', '') }}" mode: '744' become: true loop: "{{ operator_manifests }}" - name: Try / Catch block: - name: Apply Operator Manifests ansible.builtin.command: cmd: "kubectl create -f /tmp/{{ item | lower | replace('.j2', '') }}" become: true changed_when: false diff: true failed_when: > {{ 'Error from server' in operator_manifest_stdout.stderr }} loop: "{{ operator_manifests }}" register: operator_manifest_stdout rescue: - name: TRACE - Operator manifest apply ansible.builtin.debug: msg: "{{ operator_manifest_stdout }}" - name: Apply Operator Manifests - "Rescue" ansible.builtin.command: cmd: "kubectl replace -f /tmp/{{ item | lower | replace('.j2', '') }}" become: true changed_when: false diff: true failed_when: > {{ 'Error from server' in operator_manifest_stdout.stderr and 'ensure CRDs are installed first' in operator_manifest_stdout.stderr }} loop: "{{ operator_manifests }}" register: operator_manifest_stdout - name: TRACE - Operator manifest apply. Rescued ansible.builtin.debug: msg: "{{ operator_manifest_stdout }}" - name: Fetch Calico Kubectl Plugin ansible.builtin.uri: url: |- https://github.com/projectcalico/calico/releases/download/{{ nfc_kubernetes_calico_version }}/calicoctl-linux- {%- if cpu_arch.key == 'aarch64' -%} arm64 {%- else -%} amd64 {%- endif %} status_code: - 200 - 304 dest: "/tmp/kubectl-calico.{{ cpu_arch.key }}" mode: '777' owner: root group: 'root' become: true delegate_to: localhost loop: "{{ nfc_kubernetes_install_architectures | dict2items }}" loop_control: loop_var: cpu_arch vars: ansible_connection: local - name: Add calico Plugin ansible.builtin.copy: src: "/tmp/kubectl-calico.{{ ansible_architecture }}" dest: /usr/local/bin/kubectl-calico mode: '770' owner: root group: 'root' become: true when: inventory_hostname in groups['kubernetes_master'] - name: Setup Automagic Host Endpoints ansible.builtin.shell: cmd: |- kubectl calico \ patch kubecontrollersconfiguration \ default --patch='{"spec": {"controllers": {"node": {"hostEndpoint": {"autoCreate": "Enabled"}}}}}' executable: bash become: true changed_when: false failed_when: false # fixme - name: Remove calico migration label ansible.builtin.shell: cmd: |- kubectl label \ {{ inventory_hostname }} \ projectcalico.org/operator-node-migration- executable: bash become: true delegate_to: "{{ kubernetes_config.cluster.prime.name }}" changed_when: false failed_when: false loop: "{{ groups[kubernetes_config.cluster.group_name] }}" # kubectl label node ip-10-229-92-202.eu-west-1.compute.internal projectcalico.org/operator-node-migration- # migration started rescue: - name: Remove Operator Manifests ansible.builtin.command: cmd: "kubectl delete -f /tmp/{{ item | lower | replace('.j2', '') }}" become: true changed_when: false failed_when: false loop: "{{ operator_manifests }}" when: file_calico_yaml_metadata.stat.exists # Only rescue if it was a migration - name: Move Calico Manifest from addons directory ansible.builtin.command: cmd: mv /tmp/calico.yaml /var/lib/rancher/k3s/server/manifests/ become: true changed_when: false when: file_calico_yaml_metadata.stat.exists - name: Re-install Calico ansible.builtin.command: cmd: kubectl apply -f /var/lib/rancher/k3s/server/manifests/calico.yaml become: true changed_when: false when: file_calico_yaml_metadata.stat.exists always: - name: Remove Operator Manifests files ansible.builtin.file: name: "/tmp/{{ item | lower | replace('.j2', '') }}" state: absent become: true changed_when: false loop: "{{ operator_manifests }}" - name: Clean-up Temp File ansible.builtin.file: name: /tmp/calico.yaml state: absent become: true when: file_calico_yaml_metadata.stat.exists