checkpointer: remove from bootstrap

pkg/asset/ignition/bootstrap/bootstrap.go

@@ -200,14 +200,6 @@ func (a *Bootstrap) addBootkubeFiles(dependencies asset.Parents, templateData *b
 }
 
 func (a *Bootstrap) addTemporaryBootkubeFiles(templateData *bootstrapTemplateData) {
-	podCheckpointerBootstrapDir := filepath.Join(rootDir, "pod-checkpointer-operator-bootstrap")
-	for name, data := range content.PodCheckpointerBootkubeManifests {
-		a.Config.Storage.Files = append(
-			a.Config.Storage.Files,
-			ignition.FileFromString(filepath.Join(podCheckpointerBootstrapDir, name), 0644, data),
-		)
-	}
-
 	kubeProxyBootstrapDir := filepath.Join(rootDir, "kube-proxy-operator-bootstrap")
 	for name, data := range content.KubeProxyBootkubeManifests {
 		a.Config.Storage.Files = append(

pkg/asset/ignition/bootstrap/content/bootkube.go

@@ -122,9 +122,8 @@ then
 	cp kube-scheduler-bootstrap/manifests/* manifests/
 fi
 
-# TODO: Remove this when checkpointer, kube-proxy and kube-dns are properly rendered by corresponding operators.
+# TODO: Remove this when kube-proxy and kube-dns are properly rendered by corresponding operators.
 echo "Installing temporary bootstrap manifests..."
-cp pod-checkpointer-operator-bootstrap/* manifests/
 cp kube-proxy-operator-bootstrap/* manifests/
 cp kube-dns-operator-bootstrap/* manifests/
 
@@ -225,7 +224,7 @@ podman run \
 	--network=host \
 	--entrypoint=/bootkube \
 	"{{.BootkubeImage}}" \
-	start --asset-dir=/assets --required-pods kube-system/pod-checkpointer,openshift-kube-apiserver/openshift-kube-apiserver,kube-system/kube-scheduler,kube-system/kube-controller-manager,openshift-cluster-version/cluster-version-operator
+	start --asset-dir=/assets --required-pods openshift-kube-apiserver/openshift-kube-apiserver,kube-system/kube-scheduler,kube-system/kube-controller-manager,openshift-cluster-version/cluster-version-operator
 
 # Workaround for https://github.com/opencontainers/runc/pull/1807
 touch /opt/tectonic/.bootkube.done

pkg/asset/ignition/bootstrap/content/bootkube_temporary.go

@@ -2,15 +2,6 @@ package content
 
 import "text/template"
 
-// PodCheckpointerBootkubeManifests is a map of manifests needed by pod checkpointer to install.
-// TODO: This must move to pod-checkpointer-operator renderer.
-var PodCheckpointerBootkubeManifests = map[string]string{
-	"checkpointer-role.yaml":         bootkubeCheckpointerRole,
-	"checkpointer-role-binding.yaml": bootkubeCheckpointerRoleBinding,
-	"checkpointer-sa.yaml":           bootkubeCheckpointerSA,
-	"checkpointer-daemonset.yaml":    bootkubeCheckpointerDaemonset,
-}
-
 // KubeProxyBootkubeManifests is a map of manifests needed by kube-proxy to install.
 // TODO: This must move to networking operator renderer.
 var KubeProxyBootkubeManifests = map[string]string{
@@ -53,125 +44,6 @@ spec:
 `))
 
 const (
-	bootkubeCheckpointerRole = `
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: pod-checkpointer
-  namespace: kube-system
-rules:
-- apiGroups: [""] # "" indicates the core API group
-  resources: ["pods"]
-  verbs: ["get", "watch", "list"]
-- apiGroups: [""] # "" indicates the core API group
-  resources: ["secrets", "configmaps"]
-  verbs: ["get"]
-`
-
-	bootkubeCheckpointerRoleBinding = `
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: pod-checkpointer
-  namespace: kube-system
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: pod-checkpointer
-subjects:
-- kind: ServiceAccount
-  name: pod-checkpointer
-  namespace: kube-system
-`
-
-	bootkubeCheckpointerSA = `
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  namespace: kube-system
-  name: pod-checkpointer
-`
-
-	bootkubeCheckpointerDaemonset = `
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  labels:
-    k8s-app: pod-checkpointer
-    tier: control-plane
-  name: pod-checkpointer
-  namespace: kube-system
-spec:
-  selector:
-    matchLabels:
-      tier: control-plane
-      k8s-app: pod-checkpointer
-  template:
-    metadata:
-      annotations:
-        scheduler.alpha.kubernetes.io/critical-pod: ""
-        checkpointer.alpha.coreos.com/checkpoint: "true"
-      labels:
-        k8s-app: pod-checkpointer
-        tier: control-plane
-    spec:
-      containers:
-      - command:
-        - /checkpoint
-        - --lock-file=/var/run/lock/pod-checkpointer.lock
-        - --kubeconfig=/etc/checkpointer/kubeconfig
-        - --checkpoint-grace-period=5m
-        - --container-runtime-endpoint=unix:///var/run/crio/crio.sock
-        env:
-        - name: NODE_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: spec.nodeName
-        - name: POD_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: metadata.name
-        - name: POD_NAMESPACE
-          valueFrom:
-            fieldRef:
-              fieldPath: metadata.namespace
-        image: quay.io/coreos/pod-checkpointer:9dc83e1ab3bc36ca25c9f7c18ddef1b91d4a0558
-        imagePullPolicy: Always
-        name: pod-checkpointer
-        securityContext:
-          privileged: true
-        volumeMounts:
-        - mountPath: /etc/checkpointer
-          name: kubeconfig
-        - mountPath: /etc/kubernetes
-          name: etc-kubernetes
-        - mountPath: /var/run
-          name: var-run
-      serviceAccountName: pod-checkpointer
-      hostNetwork: true
-      nodeSelector:
-        node-role.kubernetes.io/master: ""
-      restartPolicy: Always
-      tolerations:
-      - effect: NoSchedule
-        key: node-role.kubernetes.io/master
-        operator: Exists
-      volumes:
-      - name: kubeconfig
-        secret:
-          secretName: controller-manager-kubeconfig
-      - hostPath:
-          path: /etc/kubernetes
-        name: etc-kubernetes
-      - hostPath:
-          path: /var/run
-        name: var-run
-  updateStrategy:
-    rollingUpdate:
-      maxUnavailable: 1
-    type: RollingUpdate
-`
-
 	bootkubeKubeSystemRBACRoleBinding = `
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding