Add cni bin when installing calico #9367
Conversation
k8s-ci-robot
added
kind/feature
|
There is another PR at the #9368 . I think both PRs are good to solve the issue. |
|
Please see the proposal I made in #9368 (comment) , it would make more sense to just enable the CNI plugins by default seeing as some distributions have a similar approach. |
k8s-ci-robot
added
size/M
| @@ -163,3 +163,6 @@ calico_apiserver_enabled: false | |||
| # Calico feature detect override, set "ChecksumOffloadBroken=true" to | |||
| # solve the https://github.com/projectcalico/calico/issues/3145 | |||
| calico_feature_detect_override: "" | |||
|
|
|||
| # CNI plugins support | |||
| enable_cni: true | |||
There was a problem hiding this comment.
HI @ErikJiang , Should we define it to the 'https://github.com/kubernetes-sigs/kubespray/blob/master/roles/kubespray-defaults/defaults/main.yaml#L175' as a global varable?
|
CI Flaky: https://github.com/kubernetes-sigs/kubespray/pull/9367/checks?check_run_id=8813987019 It looks like this CI Job will not download CNI-plugins, We should put the task of download cni-plugins into this job. Maybe add the following line to https://github.com/kubernetes-sigs/kubespray/blob/master/tests/files/packet_ubuntu20-calico-aio.yml#L11 |
k8s-ci-robot
added
size/S
|
/lgtm Thanks @ErikJiang |
k8s-ci-robot
added
the
lgtm
| @@ -69,6 +69,9 @@ credentials_dir: "{{ inventory_dir }}/credentials" | |||
| # Can also be set to 'cloud', which lets the cloud provider setup appropriate routing | |||
| kube_network_plugin: calico | |||
|
|
|||
| # CNI plugins support | |||
| enable_cni: true | |||
There was a problem hiding this comment.
Why still mess with this? Just remove any option to disable this and always deploy the standard CNIs, this makes for a more predictable environment.
There was a problem hiding this comment.
@cristicalin 😀 Do you mean that the enable_cni switch is unnecessary, and the cni-plugins should be permanently installed?
| - role: network_plugin/cni | ||
| when: | ||
| - enable_cni | ||
| - skip_cni is not defined |
There was a problem hiding this comment.
I am not sure why we need to have 2 options skip_cni and enable_cni.
Doesn’t enable_cni: false mean skipping cni installation?
There was a problem hiding this comment.
@oomichi When executing calico's check or reset task, the dependencies in meta will be executed first, which is not expected, so I skip by defining the skip_cni variable, and enable_cni may be redundant, I plan to delete it.
There was a problem hiding this comment.
Need to upte here to
- skip_cni is not defined or not skip_cni
for covering skip_cni: false case.
There was a problem hiding this comment.
@oomichi 😊 Thanks, I have updated.
k8s-ci-robot
added
size/XS
|
Thanks for updating! /lgtm |
k8s-ci-robot
added
the
lgtm
|
/lgtm Thanks @ErikJiang |
| @@ -0,0 +1,5 @@ | |||
| --- | |||
There was a problem hiding this comment.
I think this part should be replaced by just removing these lines: https://github.com/kubernetes-sigs/kubespray/blob/master/roles/network_plugin/meta/main.yml#L29-L31
There was a problem hiding this comment.
😀 It does achieve the same effect and is more concise, thank you very much, @cristicalin
| @@ -129,6 +129,8 @@ | |||
| include_role: | |||
| name: network_plugin/calico | |||
| tasks_from: check | |||
| vars: | |||
There was a problem hiding this comment.
If you do this, you are essentially disabling the CNI each time since it will override any value passed from ansible group vars. Why do you need to do this?
roles/reset/tasks/main.yml
Outdated
| @@ -381,6 +381,8 @@ | |||
| include_role: | |||
| name: "network_plugin/{{ kube_network_plugin }}" | |||
| tasks_from: reset | |||
| vars: | |||
There was a problem hiding this comment.
Calling the reset task should not concern any dependencies of the called roles. If CNI plugins need to be reset then the call should be made for network_plugin/cni and network_plugin/{{ kube_network_plugin }}
k8s-ci-robot
removed
the
lgtm
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
😀 Updated and PTAL. @oomichi @cristicalin |
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
k8s-ci-robot
removed
the
lgtm
|
Thanks for updating. /approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ErikJiang, oomichi The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
Thanks 👍 |
|
Thanks @ErikJiang /lgtm |
k8s-ci-robot
added
the
lgtm
floryut
added
kind/network
Signed-off-by: bo.jiang <bo.jiang@daocloud.io> Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io> Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io> Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang <bo.jiang@daocloud.io> Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
Signed-off-by: bo.jiang bo.jiang@daocloud.io
What type of PR is this?
/kind feature
What this PR does / why we need it:
When installing calico, install
cni-pluginsalong with it.Which issue(s) this PR fixes:
Fixes #9366
Special notes for your reviewer:
Does this PR introduce a user-facing change?: