diff --git a/pkg/asset/ignition/bootstrap/bootstrap.go b/pkg/asset/ignition/bootstrap/bootstrap.go index 6e521f977bd..cb4780e1a26 100644 --- a/pkg/asset/ignition/bootstrap/bootstrap.go +++ b/pkg/asset/ignition/bootstrap/bootstrap.go @@ -200,14 +200,6 @@ func (a *Bootstrap) addBootkubeFiles(dependencies asset.Parents, templateData *b } func (a *Bootstrap) addTemporaryBootkubeFiles(templateData *bootstrapTemplateData) { - podCheckpointerBootstrapDir := filepath.Join(rootDir, "pod-checkpointer-operator-bootstrap") - for name, data := range content.PodCheckpointerBootkubeManifests { - a.Config.Storage.Files = append( - a.Config.Storage.Files, - ignition.FileFromString(filepath.Join(podCheckpointerBootstrapDir, name), 0644, data), - ) - } - kubeProxyBootstrapDir := filepath.Join(rootDir, "kube-proxy-operator-bootstrap") for name, data := range content.KubeProxyBootkubeManifests { a.Config.Storage.Files = append( diff --git a/pkg/asset/ignition/bootstrap/content/bootkube.go b/pkg/asset/ignition/bootstrap/content/bootkube.go index 905ff775b36..2d06a841db4 100644 --- a/pkg/asset/ignition/bootstrap/content/bootkube.go +++ b/pkg/asset/ignition/bootstrap/content/bootkube.go @@ -122,9 +122,8 @@ then cp kube-scheduler-bootstrap/manifests/* manifests/ fi -# TODO: Remove this when checkpointer, kube-proxy and kube-dns are properly rendered by corresponding operators. +# TODO: Remove this when kube-proxy and kube-dns are properly rendered by corresponding operators. echo "Installing temporary bootstrap manifests..." -cp pod-checkpointer-operator-bootstrap/* manifests/ cp kube-proxy-operator-bootstrap/* manifests/ cp kube-dns-operator-bootstrap/* manifests/ @@ -225,7 +224,7 @@ podman run \ --network=host \ --entrypoint=/bootkube \ "{{.BootkubeImage}}" \ - start --asset-dir=/assets --required-pods kube-system/pod-checkpointer,openshift-kube-apiserver/openshift-kube-apiserver,kube-system/kube-scheduler,kube-system/kube-controller-manager,openshift-cluster-version/cluster-version-operator + start --asset-dir=/assets --required-pods openshift-kube-apiserver/openshift-kube-apiserver,kube-system/kube-scheduler,kube-system/kube-controller-manager,openshift-cluster-version/cluster-version-operator # Workaround for https://github.com/opencontainers/runc/pull/1807 touch /opt/tectonic/.bootkube.done diff --git a/pkg/asset/ignition/bootstrap/content/bootkube_temporary.go b/pkg/asset/ignition/bootstrap/content/bootkube_temporary.go index 7a75ecf8d8b..475c59c8c85 100644 --- a/pkg/asset/ignition/bootstrap/content/bootkube_temporary.go +++ b/pkg/asset/ignition/bootstrap/content/bootkube_temporary.go @@ -2,15 +2,6 @@ package content import "text/template" -// PodCheckpointerBootkubeManifests is a map of manifests needed by pod checkpointer to install. -// TODO: This must move to pod-checkpointer-operator renderer. -var PodCheckpointerBootkubeManifests = map[string]string{ - "checkpointer-role.yaml": bootkubeCheckpointerRole, - "checkpointer-role-binding.yaml": bootkubeCheckpointerRoleBinding, - "checkpointer-sa.yaml": bootkubeCheckpointerSA, - "checkpointer-daemonset.yaml": bootkubeCheckpointerDaemonset, -} - // KubeProxyBootkubeManifests is a map of manifests needed by kube-proxy to install. // TODO: This must move to networking operator renderer. var KubeProxyBootkubeManifests = map[string]string{ @@ -53,125 +44,6 @@ spec: `)) const ( - bootkubeCheckpointerRole = ` -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: pod-checkpointer - namespace: kube-system -rules: -- apiGroups: [""] # "" indicates the core API group - resources: ["pods"] - verbs: ["get", "watch", "list"] -- apiGroups: [""] # "" indicates the core API group - resources: ["secrets", "configmaps"] - verbs: ["get"] -` - - bootkubeCheckpointerRoleBinding = ` -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: pod-checkpointer - namespace: kube-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: pod-checkpointer -subjects: -- kind: ServiceAccount - name: pod-checkpointer - namespace: kube-system -` - - bootkubeCheckpointerSA = ` -apiVersion: v1 -kind: ServiceAccount -metadata: - namespace: kube-system - name: pod-checkpointer -` - - bootkubeCheckpointerDaemonset = ` -apiVersion: apps/v1 -kind: DaemonSet -metadata: - labels: - k8s-app: pod-checkpointer - tier: control-plane - name: pod-checkpointer - namespace: kube-system -spec: - selector: - matchLabels: - tier: control-plane - k8s-app: pod-checkpointer - template: - metadata: - annotations: - scheduler.alpha.kubernetes.io/critical-pod: "" - checkpointer.alpha.coreos.com/checkpoint: "true" - labels: - k8s-app: pod-checkpointer - tier: control-plane - spec: - containers: - - command: - - /checkpoint - - --lock-file=/var/run/lock/pod-checkpointer.lock - - --kubeconfig=/etc/checkpointer/kubeconfig - - --checkpoint-grace-period=5m - - --container-runtime-endpoint=unix:///var/run/crio/crio.sock - env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: quay.io/coreos/pod-checkpointer:9dc83e1ab3bc36ca25c9f7c18ddef1b91d4a0558 - imagePullPolicy: Always - name: pod-checkpointer - securityContext: - privileged: true - volumeMounts: - - mountPath: /etc/checkpointer - name: kubeconfig - - mountPath: /etc/kubernetes - name: etc-kubernetes - - mountPath: /var/run - name: var-run - serviceAccountName: pod-checkpointer - hostNetwork: true - nodeSelector: - node-role.kubernetes.io/master: "" - restartPolicy: Always - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - volumes: - - name: kubeconfig - secret: - secretName: controller-manager-kubeconfig - - hostPath: - path: /etc/kubernetes - name: etc-kubernetes - - hostPath: - path: /var/run - name: var-run - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate -` - bootkubeKubeSystemRBACRoleBinding = ` apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding