Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't remove Kubernetes certificates and containerd if skipped #1002

Merged
merged 1 commit into from
Jan 24, 2025
+19 −15
Merged

Don't remove Kubernetes certificates and containerd if skipped #1002

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 19 additions & 15 deletions src/k8s/pkg/k8sd/app/hooks_remove.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,27 +115,31 @@ func (a *App) onPreRemove(ctx context.Context, s state.State, force bool) (rerr
}
}

// Perform all cleanup steps regardless of if this is a worker node or control plane.
// Trying to detect the node type is not reliable as the node might have been marked as worker
// or not, depending on which step it failed.
log.Info("Cleaning up worker certificates")
if _, err := setup.EnsureWorkerPKI(snap, &pki.WorkerNodePKI{}); err != nil {
log.Error(err, "failed to cleanup worker certificates")
}

log.Info("Removing worker node mark")
if err := snaputil.MarkAsWorkerNode(snap, false); err != nil {
if !errors.Is(err, os.ErrNotExist) {
log.Error(err, "failed to unmark node as worker")
}
}

log.Info("Cleaning up control plane certificates")
if _, err := setup.EnsureControlPlanePKI(snap, &pki.ControlPlanePKI{}); err != nil {
log.Error(err, "failed to cleanup control plane certificates")
}

// NOTE(claudiub): We should only remove the certificates only if we're stopping the Kubernetes
// services as well. Removing them without stopping the services will result in the services
// being paralyzed and unable to continue their function, including potential Pod evictions
// started by CAPI.
if _, ok := cfg.Annotations.Get(apiv1_annotations.AnnotationSkipStopServicesOnRemove); !ok {
// Perform all cleanup steps regardless of if this is a worker node or control plane.
// Trying to detect the node type is not reliable as the node might have been marked as worker
// or not, depending on which step it failed.
log.Info("Cleaning up worker certificates")
if _, err := setup.EnsureWorkerPKI(snap, &pki.WorkerNodePKI{}); err != nil {
log.Error(err, "failed to cleanup worker certificates")
}

log.Info("Cleaning up control plane certificates")
if _, err := setup.EnsureControlPlanePKI(snap, &pki.ControlPlanePKI{}); err != nil {
log.Error(err, "failed to cleanup control plane certificates")
}

log.Info("Stopping worker services")
if err := snaputil.StopWorkerServices(ctx, snap); err != nil {
log.Error(err, "Failed to stop worker services")
Expand All @@ -150,9 +154,9 @@ func (a *App) onPreRemove(ctx context.Context, s state.State, force bool) (rerr
if err := snaputil.StopK8sDqliteServices(ctx, snap); err != nil {
log.Error(err, "Failed to stop k8s-dqlite service")
}
}

tryCleanupContainerdPaths(log, snap)
tryCleanupContainerdPaths(log, snap)
}

return nil
}
Expand Down
Loading