Logic to replace kube proxy (or not)

2025-04-12 01:15:45 +02:00 · 2024-01-10 16:16:17 -07:00 · 2024-01-10 16:16:17 -07:00 · 3fa74ece8c
commit 3fa74ece8c
parent 7da0060f92
1 changed files with 31 additions and 5 deletions
--- a/tasks/control-plane-setup.yml
+++ b/tasks/control-plane-setup.yml
@ -9,6 +9,14 @@
    src: "kubeadm-kubelet-config.j2"
    dest: "{{ kubernetes_kubeadm_kubelet_config_file_path }}"

+- name: Determine if we are deploying kube-proxy
+  set_fact:
+    replace_kube_proxy: >
+      (kubernetes_pod_network.cni == 'cilium') and
+      (kubernetes_cilium_values is defined) and
+      (kubernetes_cilium_values.kubeProxyReplacement is defined) and
+      (kubernetes_cilium_values.kubeProxyReplacement)
+
 - name: Initialize Kubernetes control plane with kubeadm init
  command: >
    kubeadm init
@ -18,7 +26,7 @@
  when: >
    (not kubernetes_init_stat.stat.exists) and
    (kubernetes_ignore_preflight_errors is not defined) and
-    (not kubernetes_cilium_values.kubeProxyReplacement)
+    (not replace_kube_proxy)

 - name: Initialize Kubernetes control plane with kubeadm init and ignore_preflight_errors
  command: >
@ -30,7 +38,7 @@
  when: >
    (not kubernetes_init_stat.stat.exists) and
    (kubernetes_ignore_preflight_errors is defined) and
-    (not kubernetes_cilium_values.kubeProxyReplacement)
+    (not replace_kube_proxy)

 - name: Initialize Kubernetes control plane with kubeadm init without kube-proxy
  command: >
@ -42,7 +50,7 @@
  when: >
    (not kubernetes_init_stat.stat.exists) and
    (kubernetes_ignore_preflight_errors is not defined) and
-    (kubernetes_cilium_values.kubeProxyReplacement)
+    (replace_kube_proxy)

 - name: Initialize Kubernetes control plane with kubeadm init without kube-proxy and ignore_preflight_errors
  command: >
@ -54,8 +62,8 @@
  register: kubeadmin_init
  when: >
    (not kubernetes_init_stat.stat.exists) and
-    (kubernetes_ignore_preflight_errors is defined) and
-    (kubernetes_cilium_values.kubeProxyReplacement)
+    (kubernetes_ignore_preflight_errors is defined)
+    (replace_kube_proxy)

 - name: Print the init output to screen.
  debug:
@ -146,6 +154,22 @@
  delay: 5

 - name: Configure Cilium networking
+  command: >
+    /usr/local/bin/cilium install
+    --version {{ kubernetes_cilium_version }}
+    --datapath-mode {{ kubernetes_cilium_datapath }}
+    --values /tmp/cilium_helm.yaml
+  when:
+    - kubernetes_pod_network.cni == 'cilium'
+    - not kubernetes_init_stat.stat.exists
+    - not replace_kube_proxy
+  register: cilium_result
+  changed_when: "'Error' not in cilium_result.stdout"
+  until: cilium_result is not failed
+  retries: 20
+  delay: 5
+
+- name: Configure Cilium networking and replace kube-proxy
  command: >
    /usr/local/bin/cilium install
    --version {{ kubernetes_cilium_version }}
@ -156,6 +180,8 @@
  when:
    - kubernetes_pod_network.cni == 'cilium'
    - not kubernetes_init_stat.stat.exists
+    - replace_kube_proxy
+
  register: cilium_result
  changed_when: "'Error' not in cilium_result.stdout"
  until: cilium_result is not failed