From 1de7cf083ba2a9c5217cdcc5c1cefcbdf08129b1 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Thu, 16 Sep 2021 11:34:17 +0200
Subject: kubernetes/kubeadm: add support for 1.22

---
 roles/kubernetes/addons/metrics-server/tasks/main.yml       | 1 +
 roles/kubernetes/kubeadm/master/tasks/net_kube-router.yml   | 1 +
 roles/kubernetes/kubeadm/master/tasks/net_kubeguard.yml     | 1 +
 roles/kubernetes/kubeadm/master/tasks/primary-master.yml    | 6 ++++--
 roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2 | 2 ++
 5 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/roles/kubernetes/addons/metrics-server/tasks/main.yml b/roles/kubernetes/addons/metrics-server/tasks/main.yml
index fb725a87..5236e4e3 100644
--- a/roles/kubernetes/addons/metrics-server/tasks/main.yml
+++ b/roles/kubernetes/addons/metrics-server/tasks/main.yml
@@ -9,6 +9,7 @@
     src: "components.{{ kubernetes_metrics_server_version }}.yml.j2"
     dest: /etc/kubernetes/addons/metrics-server/config.yml
 
+  ## TODO: move to server-side apply (GA since 1.22)
 - name: install metrics-server onto the cluster
   command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/addons/metrics-server/config.yml
   register: kube_metrics_server_apply_result
diff --git a/roles/kubernetes/kubeadm/master/tasks/net_kube-router.yml b/roles/kubernetes/kubeadm/master/tasks/net_kube-router.yml
index 5368b6f5..0a216414 100644
--- a/roles/kubernetes/kubeadm/master/tasks/net_kube-router.yml
+++ b/roles/kubernetes/kubeadm/master/tasks/net_kube-router.yml
@@ -4,6 +4,7 @@
     src: "net_kube-router/config.{{ kubernetes_network_plugin_version }}.yml.j2"
     dest: /etc/kubernetes/network-plugin.yml
 
+  ## TODO: move to server-side apply (GA since 1.22)
 - name: install kube-router on to the cluster
   command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/network-plugin.yml
   register: kube_router_apply_result
diff --git a/roles/kubernetes/kubeadm/master/tasks/net_kubeguard.yml b/roles/kubernetes/kubeadm/master/tasks/net_kubeguard.yml
index f364fb5f..a572ca89 100644
--- a/roles/kubernetes/kubeadm/master/tasks/net_kubeguard.yml
+++ b/roles/kubernetes/kubeadm/master/tasks/net_kubeguard.yml
@@ -7,6 +7,7 @@
       src: "net_kubeguard/kube-router.{{ kubernetes_network_plugin_version }}.yml.j2"
       dest: /etc/kubernetes/network-plugin.yml
 
+    ## TODO: move to server-side apply (GA since 1.22)
   - name: install kubeguard (kube-router) on to the cluster
     command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/network-plugin.yml
     register: kubeguard_apply_result
diff --git a/roles/kubernetes/kubeadm/master/tasks/primary-master.yml b/roles/kubernetes/kubeadm/master/tasks/primary-master.yml
index 463821ff..6fb63d09 100644
--- a/roles/kubernetes/kubeadm/master/tasks/primary-master.yml
+++ b/roles/kubernetes/kubeadm/master/tasks/primary-master.yml
@@ -4,6 +4,7 @@
     path: /etc/kubernetes/kubelet.conf
   register: kubeconfig_kubelet_stats
 
+  ## TODO: switch to kubeadm config version v1beta3 (available since 1.22)
 - name: generate kubeadm.config
   template:
     src: kubeadm.config.j2
@@ -27,8 +28,8 @@
   - name: initialize kubernetes master and store log
     block:
     - name: initialize kubernetes master
-      command: "kubeadm init --config /etc/kubernetes/kubeadm.config --node-name {{ inventory_hostname }} --cri-socket {{ kubernetes_cri_socket }}{% if kubernetes_network_plugin_replaces_kube_proxy %} --skip-phases addon/kube-proxy{% endif %} --skip-token-print"
-  #    command: "kubeadm init --config /etc/kubernetes/kubeadm.config --cri-socket {{ kubernetes_cri_socket }}{% if kubernetes_network_plugin_replaces_kube_proxy %} --skip-phases addon/kube-proxy{% endif %} --token '{{ kubeadm_token_generate.stdout }}' --token-ttl 42m --skip-token-print"
+      command: "kubeadm init --config /etc/kubernetes/kubeadm.config --node-name {{ inventory_hostname }}{% if kubernetes_network_plugin_replaces_kube_proxy %} --skip-phases addon/kube-proxy{% endif %} --skip-token-print"
+  #    command: "kubeadm init --config /etc/kubernetes/kubeadm.config --node-name {{ inventory_hostname }}{% if kubernetes_network_plugin_replaces_kube_proxy %} --skip-phases addon/kube-proxy{% endif %} --token '{{ kubeadm_token_generate.stdout }}' --token-ttl 42m --skip-token-print"
       args:
         creates: /etc/kubernetes/pki/ca.crt
       register: kubeadm_init
@@ -117,6 +118,7 @@
     src: node-local-dns.yml.j2
     dest: /etc/kubernetes/node-local-dns.yml
 
+  ## TODO: move to server-side apply (GA since 1.22)
 - name: install  node-local dns cache
   command: kubectl --kubeconfig /etc/kubernetes/admin.conf apply -f /etc/kubernetes/node-local-dns.yml
   register: kube_node_local_dns_apply_result
diff --git a/roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2 b/roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2
index e141492f..2fa98ed6 100644
--- a/roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2
+++ b/roles/kubernetes/kubeadm/master/templates/kubeadm.config.j2
@@ -11,6 +11,8 @@ localAPIEndpoint:
 {% if kubernetes_overlay_node_ip is defined %}
   advertiseAddress: {{ kubernetes_overlay_node_ip }}
 {% endif %}
+nodeRegistration:
+  criSocket: {{ kubernetes_cri_socket }}
 ---
 apiVersion: kubeadm.k8s.io/v1beta2
 kind: ClusterConfiguration
-- 
cgit v1.2.3