Upgrade trident templates for version 24.02.0
Upgrade trident yaml templates, generated by tridentctl 24.02.0 with the following command: tridentctl -n trident install --generate-custom-yaml Some of the templates have been changed to make them compatible with StarlingX. The parts of the code that have been changed are marked with an "STX_change" comment. To support upgrading from k8s v1.24 to newer versions, it was necessary to verify and remove trident PSPs after installation. Additionally, the snapshot-controller role has been removed, as it already runs in bootstrap. Test Plan: - PASS: Fresh install on SX/DX/Standard with Trident 24.02.0 - PASS: Backup in AIO-SX with Trident 23.10.0 and restore with Trident 24.02.0 and tested if the backend and PVCs created using Trident 23.10.0 still worked. - PASS: Upgraded Trident to version 24.02.0 rerunning ansible-playbook and tested if the information stored in Netapp persisted. - PASS: Tested with k8s v1.24.4 to v1.29.2 (Fresh install for each version of k8s and also upgrading k8s from v1.24) Story: 2011080 Task: 49786 Depends-On: https://review.opendev.org/c/starlingx/integ/+/914094 Change-Id: I7d0ee191bf4db86f3fbc4d28f0b46e4c0f9f4c45 Signed-off-by: Erickson Silva de Oliveira <Erickson.SilvadeOliveira@windriver.com>
This commit is contained in:
parent
0309a77a5d
commit
666657b9ba
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
#
|
||||
# Copyright (c) 2020-2023 Wind River Systems, Inc.
|
||||
# Copyright (c) 2020-2024 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
@ -45,13 +45,13 @@ trident_clean_folder: true
|
|||
|
||||
# Images that need to be pulled to the local registry
|
||||
trident_images:
|
||||
- docker.io/netapp/trident:23.10.0
|
||||
- docker.io/netapp/trident-autosupport:23.10
|
||||
- registry.k8s.io/sig-storage/csi-provisioner:v3.6.0
|
||||
- registry.k8s.io/sig-storage/csi-attacher:v4.4.0
|
||||
- registry.k8s.io/sig-storage/csi-resizer:v1.9.0
|
||||
- registry.k8s.io/sig-storage/csi-snapshotter:v6.3.0
|
||||
- registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.9.0
|
||||
- docker.io/netapp/trident:24.02.0
|
||||
- docker.io/netapp/trident-autosupport:24.02
|
||||
- registry.k8s.io/sig-storage/csi-provisioner:v4.0.0
|
||||
- registry.k8s.io/sig-storage/csi-attacher:v4.5.0
|
||||
- registry.k8s.io/sig-storage/csi-resizer:v1.9.3
|
||||
- registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3
|
||||
- registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0
|
||||
|
||||
# OVERRIDE FILES DIRECTORY
|
||||
# ========================
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
#
|
||||
# Copyright (c) 2020 Wind River Systems, Inc.
|
||||
# Copyright (c) 2020,2024 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
@ -15,5 +15,4 @@
|
|||
- { role: common/prepare-env }
|
||||
- { role: common/get-kube-version, become: yes }
|
||||
- { role: roles/common/push-docker-images, become: yes }
|
||||
- { role: roles/k8s-storage-backends/snapshot-controller, become: yes }
|
||||
- { role: roles/k8s-storage-backends/netapp, become: yes }
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
#
|
||||
# Copyright (c) 2020,2023 Wind River Systems, Inc.
|
||||
# Copyright (c) 2020,2023-2024 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
@ -41,7 +41,7 @@
|
|||
command: >-
|
||||
kubectl --kubeconfig=/etc/kubernetes/admin.conf
|
||||
-n {{ trident_namespace }}
|
||||
delete storageclasses {{ storage_class.metadata.name }}
|
||||
delete storageclass {{ storage_class.metadata.name }}
|
||||
failed_when: false
|
||||
|
||||
- name: Create K8s StorageClass
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
---
|
||||
#
|
||||
# Copyright (c) 2024 Wind River Systems, Inc.
|
||||
#
|
||||
# SUB-TASKS DESCRIPTION:
|
||||
# These tasks delete Trident's PodSecurityPolicy when the Kubernetes version is lower than v1.25.3
|
||||
#
|
||||
|
||||
- name: Get all pod security policies
|
||||
command: kubectl get psp -o jsonpath='{.items[*].metadata.name}'
|
||||
environment:
|
||||
KUBECONFIG: "/etc/kubernetes/admin.conf"
|
||||
failed_when: false
|
||||
register: kubectl_get_psp_result
|
||||
|
||||
- name: Delete trident pod security policies
|
||||
command: kubectl delete psp {{ item }}
|
||||
environment:
|
||||
KUBECONFIG: "/etc/kubernetes/admin.conf"
|
||||
with_items: "{{ kubectl_get_psp_result.stdout }}"
|
||||
when: "'trident' in item"
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
#
|
||||
# Copyright (c) 2020-2023 Wind River Systems, Inc.
|
||||
# Copyright (c) 2020-2024 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
@ -90,6 +90,10 @@
|
|||
tridentctl_rest_response.rc != 0) or
|
||||
trident_force_reinstall
|
||||
|
||||
- name: Delete pod security policies
|
||||
include_tasks: delete-pod-security-policies.yml
|
||||
when: kubernetes_long_version is version('v1.25.3', '<')
|
||||
|
||||
# Configure NetApp backends
|
||||
- name: Configure tbc secret
|
||||
include_tasks: configure-trident-backend-config-secret.yml
|
||||
|
|
|
@ -7,10 +7,13 @@ Some of the templates have been changed to make them compatible with StarlingX
|
|||
The parts of the code that have been changes are marked with an "STX_change" comment.
|
||||
|
||||
Files changed:
|
||||
- trident-controller-clusterrolebinding.yaml.j2
|
||||
- trident-controller-role.yaml.j2
|
||||
- trident-controller-rolebinding.yaml.j2
|
||||
- trident-controller-serviceaccount.yaml.j2
|
||||
- trident-daemonset.yaml.j2
|
||||
- trident-clusterrolebinding.yaml.j2
|
||||
- trident-namespace.yaml.j2
|
||||
- trident-serviceaccount.yaml.j2
|
||||
- trident-deployment.yaml.j2
|
||||
- trident-service.yaml.j2
|
||||
- trident-namespace.yaml.j2
|
||||
- trident-node-linux-serviceaccount.yaml.j2
|
||||
- trident-resourcequota.yaml.j2
|
||||
- trident-service.yaml.j2
|
||||
|
|
|
@ -4,8 +4,8 @@ kind: DaemonSet
|
|||
metadata:
|
||||
name: trident-node-linux
|
||||
labels:
|
||||
kubectl.kubernetes.io/default-container: trident-main
|
||||
app: node.csi.trident.netapp.io
|
||||
kubectl.kubernetes.io/default-container: trident-main
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
|
@ -32,7 +32,7 @@ spec:
|
|||
add:
|
||||
- SYS_ADMIN
|
||||
# STX_change: pull image from local registry
|
||||
image: {{ local_registry }}/docker.io/netapp/trident:23.10.0
|
||||
image: {{ local_registry }}/docker.io/netapp/trident:24.02.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /trident_orchestrator
|
||||
|
@ -52,6 +52,8 @@ spec:
|
|||
- "--https_rest"
|
||||
- "--https_port=17546"
|
||||
- "--enable_force_detach=false"
|
||||
- "--iscsi_self_healing_interval=5m0s"
|
||||
- "--iscsi_self_healing_wait_time=7m0s"
|
||||
#- -debug
|
||||
startupProbe:
|
||||
httpGet:
|
||||
|
@ -113,7 +115,7 @@ spec:
|
|||
readOnly: true
|
||||
- name: driver-registrar
|
||||
# STX_change: pull image from local registry
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.9.0
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- "--v=2"
|
||||
|
|
|
@ -22,7 +22,7 @@ spec:
|
|||
containers:
|
||||
- name: trident-main
|
||||
# STX_change: pull image from local registry
|
||||
image: {{ local_registry }}/docker.io/netapp/trident:23.10.0
|
||||
image: {{ local_registry }}/docker.io/netapp/trident:24.02.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
runAsNonRoot: false
|
||||
|
@ -92,7 +92,7 @@ spec:
|
|||
|
||||
- name: trident-autosupport
|
||||
# STX_change: pull image from local registry
|
||||
image: {{ local_registry }}/docker.io/netapp/trident-autosupport:23.10
|
||||
image: {{ local_registry }}/docker.io/netapp/trident-autosupport:24.02
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
capabilities:
|
||||
|
@ -113,7 +113,7 @@ spec:
|
|||
mountPath: /asup
|
||||
- name: csi-provisioner
|
||||
# STX_change: pull image from local registry
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-provisioner:v3.6.0
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-provisioner:v4.0.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
capabilities:
|
||||
|
@ -133,7 +133,7 @@ spec:
|
|||
mountPath: /var/lib/csi/sockets/pluginproxy/
|
||||
- name: csi-attacher
|
||||
# STX_change: pull image from local registry
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-attacher:v4.4.0
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-attacher:v4.5.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
capabilities:
|
||||
|
@ -152,7 +152,7 @@ spec:
|
|||
mountPath: /var/lib/csi/sockets/pluginproxy/
|
||||
- name: csi-resizer
|
||||
# STX_change: pull image from local registry
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-resizer:v1.9.0
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-resizer:v1.9.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
args:
|
||||
- "--v=2"
|
||||
|
@ -166,7 +166,7 @@ spec:
|
|||
mountPath: /var/lib/csi/sockets/pluginproxy/
|
||||
- name: csi-snapshotter
|
||||
# STX_change: pull image from local registry
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-snapshotter:v6.3.0
|
||||
image: {{ local_registry }}/registry.k8s.io/sig-storage/csi-snapshotter:v6.3.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
securityContext:
|
||||
capabilities:
|
||||
|
|
Loading…
Reference in New Issue