Drop canal network_plugin (#10100)

According to the canal github[1] the repo is not maintained over 5 years.
In addition, the README says
```
  Originally, we thought we might more deeply integrate the two projects
  (possibly even going as far as a rebranding!). However, over time it
  became clear that that wasn't really necessary to fulfil our goal of
  making them work well together. Ultimately, we decided to focus on
  adding features to both projects rather than doing work just to
  combine them.
```
So it is difficult to support canal by Kubespray at this situation.

[1]: https://github.com/projectcalico/canal

README.md

@@ -169,7 +169,6 @@ Note: Upstart/SysV init based OS types are not supported.
 - Network Plugin
   - [cni-plugins](https://github.com/containernetworking/plugins) v1.2.0
   - [calico](https://github.com/projectcalico/calico) v3.25.1
-  - [canal](https://github.com/projectcalico/canal) (given calico/flannel versions)
   - [cilium](https://github.com/cilium/cilium) v1.13.0
   - [flannel](https://github.com/flannel-io/flannel) v0.21.4
   - [kube-ovn](https://github.com/alauda/kube-ovn) v1.10.7
@@ -233,8 +232,6 @@ You can choose among ten network plugins. (default: `calico`, except Vagrant use
     and overlay networks, with or without BGP. Calico uses the same engine to enforce network policy for hosts,
     pods, and (if using Istio and Envoy) applications at the service mesh layer.
 
-- [canal](https://github.com/projectcalico/canal): a composition of calico and flannel plugins.
-
 - [cilium](http://docs.cilium.io/en/latest/): layer 3/4 networking (as well as layer 7 to protect and secure application protocols), supports dynamic insertion of BPF bytecode into the Linux kernel to implement security services, networking and visibility logic.
 
 - [weave](docs/weave.md): Weave is a lightweight container overlay network that doesn't require an external K/V database cluster.

docs/ansible.md

@@ -135,7 +135,6 @@ The following tags are defined in playbooks:
 | bootstrap-os                   | Anything related to host OS configuration             |
 | calico                         | Network plugin Calico                                 |
 | calico_rr                      | Configuring Calico route reflector                    |
-| canal                          | Network plugin Canal                                  |
 | cephfs-provisioner             | Configuring CephFS                                    |
 | cert-manager                   | Configuring certificate manager for K8s               |
 | cilium                         | Network plugin Cilium                                 |

roles/download/defaults/main.yml

@@ -1525,7 +1525,7 @@ downloads:
     - k8s_cluster
 
   flannel:
-    enabled: "{{ kube_network_plugin == 'flannel' or kube_network_plugin == 'canal' }}"
+    enabled: "{{ kube_network_plugin == 'flannel' }}"
     container: true
     repo: "{{ flannel_image_repo }}"
     tag: "{{ flannel_image_tag }}"
@@ -1534,7 +1534,7 @@ downloads:
     - k8s_cluster
 
   flannel_init:
-    enabled: "{{ kube_network_plugin == 'flannel' or kube_network_plugin == 'canal' }}"
+    enabled: "{{ kube_network_plugin == 'flannel' }}"
     container: true
     repo: "{{ flannel_init_image_repo }}"
     tag: "{{ flannel_init_image_tag }}"
@@ -1543,7 +1543,7 @@ downloads:
     - k8s_cluster
 
   calicoctl:
-    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
+    enabled: "{{ kube_network_plugin == 'calico' }}"
     file: true
     version: "{{ calico_ctl_version }}"
     dest: "{{ local_release_dir }}/calicoctl"
@@ -1558,7 +1558,7 @@ downloads:
     - k8s_cluster
 
   calico_node:
-    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
+    enabled: "{{ kube_network_plugin == 'calico' }}"
     container: true
     repo: "{{ calico_node_image_repo }}"
     tag: "{{ calico_node_image_tag }}"
@@ -1567,7 +1567,7 @@ downloads:
     - k8s_cluster
 
   calico_cni:
-    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
+    enabled: "{{ kube_network_plugin == 'calico' }}"
     container: true
     repo: "{{ calico_cni_image_repo }}"
     tag: "{{ calico_cni_image_tag }}"
@@ -1576,7 +1576,7 @@ downloads:
     - k8s_cluster
 
   calico_flexvol:
-    enabled: "{{ kube_network_plugin == 'calico' or kube_network_plugin == 'canal' }}"
+    enabled: "{{ kube_network_plugin == 'calico' }}"
     container: true
     repo: "{{ calico_flexvol_image_repo }}"
     tag: "{{ calico_flexvol_image_tag }}"
@@ -1585,7 +1585,7 @@ downloads:
     - k8s_cluster
 
   calico_policy:
-    enabled: "{{ enable_network_policy and kube_network_plugin in ['calico', 'canal'] }}"
+    enabled: "{{ enable_network_policy and kube_network_plugin in ['calico'] }}"
     container: true
     repo: "{{ calico_policy_image_repo }}"
     tag: "{{ calico_policy_image_tag }}"

roles/etcd/tasks/check_certs.yml

@@ -84,7 +84,7 @@
         {% if not loop.last %}{{','}}{% endif %}
       {% endfor %}]
   when:
-    - kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
+    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
     - force_etcd_cert_refresh or not item in etcdcert_master.files|map(attribute='path') | list
 

roles/etcd/tasks/gen_certs_script.yml

@@ -67,7 +67,7 @@
   run_once: yes
   delegate_to: "{{ groups['etcd'][0] }}"
   when:
-    - kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
+    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
     - gen_certs|default(false)
   notify: set etcd_secret_changed
@@ -124,7 +124,7 @@
   when:
     - inventory_hostname in groups['etcd']
     - inventory_hostname != groups['etcd'][0]
-    - kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
+    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
   notify: set etcd_secret_changed
 
@@ -139,7 +139,7 @@
   when:
     - inventory_hostname in groups['etcd']
     - inventory_hostname != groups['etcd'][0]
-    - kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
+    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
   loop_control:
     label: "{{ item.item }}"
@@ -151,7 +151,7 @@
 
 - include_tasks: gen_nodes_certs_script.yml
   when:
-    - kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
+    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
     - inventory_hostname in groups['k8s_cluster'] and
         sync_certs|default(false) and inventory_hostname not in groups['etcd']

roles/etcd/tasks/main.yml

@@ -19,7 +19,7 @@
 
 - include_tasks: upd_ca_trust.yml
   when:
-    - kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
+    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
     - inventory_hostname in groups['k8s_cluster']
   tags:
@@ -31,7 +31,7 @@
   changed_when: false
   check_mode: no
   when:
-    - kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
+    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
     - inventory_hostname in groups['k8s_cluster']
   tags:
@@ -42,7 +42,7 @@
   set_fact:
     etcd_client_cert_serial: "{{ etcd_client_cert_serial_result.stdout.split('=')[1] }}"
   when:
-    - kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
+    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
     - inventory_hostname in groups['k8s_cluster']
   tags:

roles/kubernetes-apps/network_plugin/meta/main.yml

@@ -5,11 +5,6 @@ dependencies:
     tags:
       - calico
 
-  - role: kubernetes-apps/network_plugin/canal
-    when: kube_network_plugin == 'canal'
-    tags:
-      - canal
-
   - role: kubernetes-apps/network_plugin/flannel
     when: kube_network_plugin == 'flannel'
     tags:

roles/kubernetes-apps/policy_controller/calico/defaults/main.yml

@@ -8,4 +8,3 @@ calico_policy_controller_deployment_nodeselector: "kubernetes.io/os: linux"
 
 # SSL
 calico_cert_dir: "/etc/calico/certs"
-canal_cert_dir: "/etc/canal/certs"

roles/kubernetes-apps/policy_controller/calico/tasks/main.yml

@@ -1,13 +1,4 @@
 ---
-- name: Set cert dir
-  set_fact:
-    calico_cert_dir: "{{ canal_cert_dir }}"
-  when:
-    - kube_network_plugin == 'canal'
-  tags:
-    - facts
-    - canal
-
 - name: Create calico-kube-controllers manifests
   template:
     src: "{{ item.file }}.j2"

roles/kubernetes-apps/policy_controller/meta/main.yml

@@ -2,7 +2,7 @@
 dependencies:
   - role: policy_controller/calico
     when:
-      - kube_network_plugin in ['calico', 'canal']
+      - kube_network_plugin in ['calico']
       - enable_network_policy
     tags:
       - policy-controller

roles/kubernetes/kubeadm/tasks/main.yml

@@ -172,5 +172,5 @@
   when:
     - etcd_deployment_type == "kubeadm"
     - inventory_hostname not in groups['kube_control_plane']
-    - kube_network_plugin in ["calico", "flannel", "canal", "cilium"] or cilium_deploy_additionally | default(false) | bool
+    - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"

roles/kubernetes/preinstall/tasks/0040-verify-settings.yml

@@ -30,7 +30,7 @@
 
 - name: Stop if unknown network plugin
   assert:
-    that: kube_network_plugin in ['calico', 'canal', 'flannel', 'weave', 'cloud', 'cilium', 'cni', 'kube-ovn', 'kube-router', 'macvlan', 'custom_cni']
+    that: kube_network_plugin in ['calico', 'flannel', 'weave', 'cloud', 'cilium', 'cni', 'kube-ovn', 'kube-router', 'macvlan', 'custom_cni']
     msg: "{{ kube_network_plugin }} is not supported"
   when:
     - kube_network_plugin is defined

roles/kubernetes/preinstall/tasks/0050-create_directories.yml

@@ -78,14 +78,13 @@
     - "/opt/cni/bin"
     - "/var/lib/calico"
   when:
-    - kube_network_plugin in ["calico", "weave", "canal", "flannel", "cilium", "kube-ovn", "kube-router", "macvlan"]
+    - kube_network_plugin in ["calico", "weave", "flannel", "cilium", "kube-ovn", "kube-router", "macvlan"]
     - inventory_hostname in groups['k8s_cluster']
   tags:
     - network
     - cilium
     - calico
     - weave
-    - canal
     - kube-ovn
     - kube-router
     - bootstrap-os