migration

package
v1.36.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 26, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddBindingForKubeSystemNode

func AddBindingForKubeSystemNode(crb *rbacv1.ClusterRoleBinding)

AddBindingForKubeSystemNode updates the ClusterRoleBinding passed in to also bind the service account in the kube-system namespace to the Role. Without this, when the new ClusterRoleBinding overwrites the previous role binding the kube-system calico-node account would lose permissions for accessing the datastore.

func ClusterRoleBindingForKubeSystemNode added in v1.30.3

func ClusterRoleBindingForKubeSystemNode() *rbacv1.ClusterRoleBinding

We create a cluster role and cluster role binding to give the kube-system calico-node permissions to create serviceaccount tokens. This is needed to make sure that the down-level calico-node maintains the permissions it needs in order to launch, since the calico-node clusterrole is shared with the operator resource and the operator removes this permission on upgrade (instead delegating this power to the cni-plugin in the calico-system namespace).

This logic can likely be removed after Calico v3.35, as we'll no longer need to support upgrading from versions where calico-node needed this permission.

func ClusterRoleForKubeSystemNode added in v1.30.3

func ClusterRoleForKubeSystemNode() *rbacv1.ClusterRole

func LimitDaemonSetToMigratedNodes

func LimitDaemonSetToMigratedNodes(ds *appsv1.DaemonSet)

LimitDaemonSetToMigratedNodes updates the ds DaemonSet passed in with a nodeSelector that will only allow pods to be schedueled on nodes with the key:value projectcalico.org/operator-node-migration:migrated. This is to ensure that only one kube-system calico-node or the new calico-node pod will attempt to run on one node at a time.

func SetTyphaAntiAffinity

func SetTyphaAntiAffinity(d *appsv1.Deployment)

SetTyphaAntiAffinity updates the Deployment passed in with a PodAntiAffinity to ensure the new typha pods will not be scheduled to the same nodes as the 'old' typha pods.

Types

type Converter added in v1.12.0

type Converter interface {
	Convert() (*operatorv1.Installation, error)
}

Converter converts an unmanaged Calico install into an Installation resource which represents said install. It will return an error if the unmanaged install cannot be represented by an Installation resource.

type CoreNamespaceMigration

type CoreNamespaceMigration struct {
	// contains filtered or unexported fields
}

func (*CoreNamespaceMigration) CleanupMigration

func (m *CoreNamespaceMigration) CleanupMigration(ctx context.Context, log logr.Logger) error

CleanupMigration ensures all labels used during the migration are removed and any migration resources are stopped.

func (*CoreNamespaceMigration) NeedCleanup

func (m *CoreNamespaceMigration) NeedCleanup() bool

NeedCleanup returns if the migration has been marked completed or not. If cleanup is needed then we need to make sure that all our labels have been removed from the nodes. We could check if the label is present on any nodes but it is almost the same operation to call the remove so we'll assume there are labels if we have not removed them previously.

func (*CoreNamespaceMigration) NeedsCoreNamespaceMigration

func (m *CoreNamespaceMigration) NeedsCoreNamespaceMigration(ctx context.Context) (bool, error)

NeedsCoreNamespaceMigration returns true if any components still exist in the kube-system namespace. It checks the following in the kube-system namespace: calico-kube-controllers deployment, typha deployment, or calico-node deployment

func (*CoreNamespaceMigration) Run

Run will update old deployments and daemonsets, label nodes, migrate the calio-node pods on each node from the old pod to the new one, then clean up. The expectation is that this function will do the majority of the migration before returning (the exception being label clean up on the nodes), if there is an error it will be returned and the

type NamespaceMigration added in v1.14.0

type NamespaceMigration interface {
	NeedsCoreNamespaceMigration(ctx context.Context) (bool, error)
	Run(ctx context.Context, log logr.Logger) error
	NeedCleanup() bool
	CleanupMigration(ctx context.Context, log logr.Logger) error
}

func NewCoreNamespaceMigration

func NewCoreNamespaceMigration(cfg *rest.Config) (NamespaceMigration, error)

NewCoreNamespaceMigration initializes a CoreNamespaceMigration and returns a handle to it.

type StringPatch

type StringPatch struct {
	Op    string `json:"op"`
	Path  string `json:"path"`
	Value string `json:"value"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL