k8s-version-upgrade: ignore CoreDNS preflight on kubeadm upgrade plan too
All checks were successful
ci/woodpecker/push/default Pipeline was successful
All checks were successful
ci/woodpecker/push/default Pipeline was successful
The prior commit added the CoreDNS ignore/skip flags only to `kubeadm upgrade
apply`, but `kubeadm upgrade plan` runs the SAME CoreDNS preflight. Once master's
kubeadm binary is on the target version (the first attempt's apt step already
bumps it), both plan calls fail on the Keel-drifted CoreDNS 1.12.4 under
set -euo pipefail and abort:
- preflight Job step 4 (upgrade-step.sh) — `plan` output is grepped for the
target version; the failing pipeline killed the whole preflight.
- update_k8s.sh master path line 85 — bare `plan` before the apply.
Both now pass --ignore-preflight-errors=CoreDNSMigration,CoreDNSUnsupportedPlugins.
Verified read-only on master: plan exits 0 and still emits
"kubeadm upgrade apply v1.34.9".
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Viktor Barzin
parent
037a609f27
commit
bfb86e653f
2 changed files with 10 additions and 3 deletions
|
|
@ -82,7 +82,10 @@ sudo apt-get install -y "kubeadm=$RELEASE-*"
|
||||||
|
|
||||||
if [[ "$ROLE" == "master" ]]; then
|
if [[ "$ROLE" == "master" ]]; then
|
||||||
echo "==> Master path: kubeadm upgrade plan + apply"
|
echo "==> Master path: kubeadm upgrade plan + apply"
|
||||||
sudo kubeadm upgrade plan
|
# `plan` runs the same CoreDNS preflight as `apply`, so once master's kubeadm
|
||||||
|
# is on the new version it fails here too (under set -e) — ignore the same
|
||||||
|
# two CoreDNS checks. See the apply block below for the full rationale.
|
||||||
|
sudo kubeadm upgrade plan --ignore-preflight-errors=CoreDNSMigration,CoreDNSUnsupportedPlugins
|
||||||
# The first apply may fail with "static Pod hash for component <X> did
|
# The first apply may fail with "static Pod hash for component <X> did
|
||||||
# not change after 5m0s" — kubeadm's 5min wait for the kubelet to reload
|
# not change after 5m0s" — kubeadm's 5min wait for the kubelet to reload
|
||||||
# a static pod is too tight on our cluster (apiserver-to-kubelet status
|
# a static pod is too tight on our cluster (apiserver-to-kubelet status
|
||||||
|
|
|
||||||
|
|
@ -325,9 +325,13 @@ phase_preflight() {
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# 4. kubeadm upgrade plan matches target
|
# 4. kubeadm upgrade plan matches target. `plan` runs the same CoreDNS
|
||||||
|
# preflight as `apply`; once master's kubeadm is on the new version it errors
|
||||||
|
# on a Keel-drifted CoreDNS (start version unsupported) and, under pipefail,
|
||||||
|
# aborts this whole check. Ignore the two CoreDNS checks here too so plan
|
||||||
|
# still emits its "kubeadm upgrade apply vX.Y.Z" line. (See update_k8s.sh.)
|
||||||
local plan_target
|
local plan_target
|
||||||
plan_target=$(ssh "${SSH_OPTS[@]}" "wizard@k8s-master$NODE_DOMAIN" 'sudo kubeadm upgrade plan' \
|
plan_target=$(ssh "${SSH_OPTS[@]}" "wizard@k8s-master$NODE_DOMAIN" 'sudo kubeadm upgrade plan --ignore-preflight-errors=CoreDNSMigration,CoreDNSUnsupportedPlugins' \
|
||||||
| grep -oE 'kubeadm upgrade apply v[0-9]+\.[0-9]+\.[0-9]+' \
|
| grep -oE 'kubeadm upgrade apply v[0-9]+\.[0-9]+\.[0-9]+' \
|
||||||
| grep -oE 'v[0-9]+\.[0-9]+\.[0-9]+' | head -1 | tr -d v)
|
| grep -oE 'v[0-9]+\.[0-9]+\.[0-9]+' | head -1 | tr -d v)
|
||||||
if [ "$plan_target" != "$TARGET_VERSION" ]; then
|
if [ "$plan_target" != "$TARGET_VERSION" ]; then
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue