Skip to content

Commit

Permalink
Merge pull request #5073 from k8s-infra-cherrypick-robot/cherry-pick-…
Browse files Browse the repository at this point in the history
…5072-to-release-2.6

[release-2.6] 🌱 chore: change name of prevent deletion label
  • Loading branch information
k8s-ci-robot authored Jul 30, 2024
2 parents b38488d + ec0b236 commit 6db1244
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 5 deletions.
6 changes: 6 additions & 0 deletions api/v1beta2/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,12 @@ import (
clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
)

const (
// PreventDeletionLabel can be used in situations where preventing delation is allowed. The docs
// and the CRD will call this out where its allowed.
PreventDeletionLabel = "aws.cluster.x-k8s.io/prevent-deletion"
)

// AWSResourceReference is a reference to a specific AWS resource by ID or filters.
// Only one of ID or Filters may be specified. Specifying more than one will result in
// a validation error.
Expand Down
4 changes: 2 additions & 2 deletions docs/book/src/topics/eks/pod-networking.md
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ spec:
disableVPCCNI: true
```

If you are replacing Amazon VPC CNI with your own helm managed instance, you will need to set `AWSManagedControlPlane.spec.disableVPCCNI` to `true` and add `"prevent-deletion": "true"` label on the Daemonset. This label is needed so `aws-node` daemonset is not reaped during CNI reconciliation.
If you are replacing Amazon VPC CNI with your own helm managed instance, you will need to set `AWSManagedControlPlane.spec.disableVPCCNI` to `true` and add `"aws.cluster.x-k8s.io/prevent-deletion": "true"` label on the Daemonset. This label is needed so `aws-node` daemonset is not reaped during CNI reconciliation.

The following example shows how to label your aws-node Daemonset.

Expand All @@ -114,7 +114,7 @@ metadata:
app.kubernetes.io/name: aws-node
app.kubernetes.io/version: v1.15.1
helm.sh/chart: aws-vpc-cni-1.15.1
prevent-deletion: true
aws.cluster.x-k8s.io/prevent-deletion: true
```

> You cannot set **disableVPCCNI** to true if you are using the VPC CNI addon.
Expand Down
6 changes: 3 additions & 3 deletions pkg/cloud/services/awsnode/cni.go
Original file line number Diff line number Diff line change
Expand Up @@ -273,12 +273,12 @@ func (s *Service) deleteResource(ctx context.Context, remoteClient client.Client
s.scope.Debug(fmt.Sprintf("resource %s was not found, no action", key))
return nil
}
// Don't delete if the `prevent-deletion` label exists. It could be there because CAPA added it (see below),
// Don't delete if the "PreventDeletionLabel" label exists. It could be there because CAPA added it (see below),
// or because it was added externally, for example if a custom version of AWS CNI was already installed.
// Either way, CAPA should not delete such a labelled CNI installation.
labels := obj.GetLabels()
if _, exists := labels["prevent-deletion"]; exists {
s.scope.Debug(fmt.Sprintf("resource %s has 'prevent-deletion' label, skipping deletion", key))
if _, exists := labels[infrav1.PreventDeletionLabel]; exists {
s.scope.Debug(fmt.Sprintf("resource %s has '%s' label, skipping deletion", key, infrav1.PreventDeletionLabel))
return nil
}
// Delete the resource
Expand Down

0 comments on commit 6db1244

Please sign in to comment.