kubernetes-sigs · k8s-ci-robot · Mar 19, 2021 · Mar 13, 2021 · Mar 13, 2021 · Mar 14, 2021
diff --git a/docs/offline-environment.md b/docs/offline-environment.md
@@ -28,6 +28,8 @@ cni_download_url: "{{ files_repo }}/kubernetes/cni/cni-plugins-linux-{{ image_ar
 crictl_download_url: "{{ files_repo }}/kubernetes/cri-tools/crictl-{{ crictl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz"
 # If using Calico
 calicoctl_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_ctl_version }}/calicoctl-linux-{{ image_arch }}"
+# If using Calico with kdd
+calico_crds_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_version }}.tar.gz"
 
 # CentOS/Redhat
 ## Docker / Containerd

diff --git a/inventory/sample/group_vars/k8s-cluster/offline.yml b/inventory/sample/group_vars/k8s-cluster/offline.yml
@@ -32,6 +32,8 @@
 
 # [Optional] Calico: If using Calico network plugin
 # calicoctl_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_ctl_version }}/calicoctl-linux-{{ image_arch }}"
+# [Optional] Calico with kdd: If using Calico network plugin with kdd datastore
+# calico_crds_download_url: "{{ files_repo }}/kubernetes/calico/{{ calico_version }}.tar.gz"
 
 ## CentOS/Redhat
 ### For EL7, base and extras repo must be available, for EL8, baseos and appstream

diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
@@ -98,6 +98,7 @@ kubeadm_download_url: "https://storage.googleapis.com/kubernetes-release/release
 etcd_download_url: "https://github.com/coreos/etcd/releases/download/{{ etcd_version }}/etcd-{{ etcd_version }}-linux-{{ image_arch }}.tar.gz"
 cni_download_url: "https://github.com/containernetworking/plugins/releases/download/{{ cni_version }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
 calicoctl_download_url: "https://github.com/projectcalico/calicoctl/releases/download/{{ calico_ctl_version }}/calicoctl-linux-{{ image_arch }}"
+calico_crds_download_url: "https://github.com/projectcalico/calico/archive/{{ calico_version }}.tar.gz"
 crictl_download_url: "https://github.com/kubernetes-sigs/cri-tools/releases/download/{{ crictl_version }}/crictl-{{ crictl_version }}-{{ ansible_system | lower }}-{{ image_arch }}.tar.gz"
 helm_download_url: "https://get.helm.sh/helm-{{ helm_version }}-linux-{{ image_arch }}.tar.gz"
 
@@ -420,6 +421,9 @@ calicoctl_binary_checksums:
   arm64:
     v3.16.8: 3d6569c54dbe1f1d2220824aaedb10e87631808ca3153eed3d2475d03bd81661
     v3.15.2: 49165f9e4ad55402248b578310fcf68a57363f54e66be04ac24be9714899b4d5
+calico_crds_archive_checksums:
+  v3.16.8: f3c2b87c560fc0114d07ef21214429c2c228431c75ea3ad28a23b12722531771
+  v3.15.2: 82e7122ec04a89c89861b8377c39ae357c7cdbbf60b5f0f1b8fc18ba6bda7dc2
 
 helm_archive_checksums:
   arm:
@@ -441,6 +445,7 @@ kubelet_binary_checksum: "{{ kubelet_checksums[image_arch][kube_version] }}"
 kubectl_binary_checksum: "{{ kubectl_checksums[image_arch][kube_version] }}"
 kubeadm_binary_checksum: "{{ kubeadm_checksums[image_arch][kubeadm_version] }}"
 calicoctl_binary_checksum: "{{ calicoctl_binary_checksums[image_arch][calico_ctl_version] }}"
+calico_crds_archive_checksum: "{{ calico_crds_archive_checksums[calico_version] }}"
 crictl_binary_checksum: "{{ crictl_checksums[image_arch][crictl_version] }}"
 helm_archive_checksum: "{{ helm_archive_checksums[image_arch][helm_version] }}"
 
@@ -791,6 +796,23 @@ downloads:
     groups:
     - k8s-cluster
 
+  calico_crds:
+    file: true
+    enabled: "{{ kube_network_plugin == 'calico' and calico_datastore == 'kdd' }}"
+    version: "{{ calico_version }}"
+    dest: "{{ local_release_dir }}/calico-{{ calico_version }}-kdd-crds/{{ calico_version }}.tar.gz"
+    sha256: "{{ calico_crds_archive_checksum }}"
+    url: "{{ calico_crds_download_url }}"
+    unarchive: true
+    unarchive_extra_opts:
+    - "--strip=6"
+    - "--wildcards"
+    - "*/_includes/charts/calico/crds/kdd/"
+    owner: "root"
+    mode: "0755"
+    groups:
+    - kube-master
+
   weave_kube:
     enabled: "{{ kube_network_plugin == 'weave' }}"
     container: true

diff --git a/roles/download/tasks/extract_file.yml b/roles/download/tasks/extract_file.yml
@@ -6,5 +6,6 @@
     owner: "{{ download.owner | default(omit) }}"
     mode: "{{ download.mode | default(omit) }}"
     copy: no
+    extra_opts: "{{ download.unarchive_extra_opts|default(omit) }}"
   when:
     - download.unarchive | default(false)
diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml
@@ -110,33 +110,35 @@
     - calico_pool_cidr_ipv6 is defined
     - enable_dual_stack_networks
 
-- name: Calico | Create calico manifests for kdd
-  template:
-    src: "{{ item.file }}.j2"
-    dest: "{{ kube_config_dir }}/{{ item.file }}"
-  with_items:
-    - {name: calico, file: kdd-crds.yml, type: kdd}
-  register: calico_node_kdd_manifest
+- block:
+    - name: Calico | Remove unwanted annotations and creationTimestamp keys from metadata in Calico manifests
+      # noqa 303 - sed avoids using nested loop
+      shell: >-
+        sed -E -i
+        -e '/^\s{2,4}creationTimestamp: null$/d'
+        -e '/^\s{2,4}annotations:/{:1;/\(devel\)$/!{N;b 1}; /.*/d}'
+        {{ local_release_dir }}/calico-{{ calico_version }}-kdd-crds/*.yaml
+      when:
+        - calico_version is version('v3.17.0', '<')
+
+    - name: Calico | Create calico manifests for kdd
+      assemble:
+        src: "{{ local_release_dir }}/calico-{{ calico_version }}-kdd-crds"
+        dest: "{{ kube_config_dir }}/kdd-crds.yml"
+        regexp: ".*\\.yaml"
+        remote_src: true
+
+    - name: Calico | Create Calico Kubernetes datastore resources
+      kube:
+        kubectl: "{{ bin_dir }}/kubectl"
+        filename: "{{ kube_config_dir }}/kdd-crds.yml"
+        state: "latest"
+      when:
+        - inventory_hostname == groups['kube-master'][0]
   when:
     - inventory_hostname in groups['kube-master']
     - calico_datastore == "kdd"
 
-- name: Calico | Create Calico Kubernetes datastore resources
-  kube:
-    name: "{{ item.item.name }}"
-    namespace: "kube-system"
-    kubectl: "{{ bin_dir }}/kubectl"
-    resource: "{{ item.item.type }}"
-    filename: "{{ kube_config_dir }}/{{ item.item.file }}"
-    state: "latest"
-  with_items:
-    - "{{ calico_node_kdd_manifest.results }}"
-  when:
-    - inventory_hostname == groups['kube-master'][0]
-    - not item is skipped
-  loop_control:
-    label: "{{ item.item.file }}"
-
 - name: Calico | Configure calico network pool
   command:
     cmd: "{{ bin_dir }}/calicoctl.sh apply -f -"
@@ -327,7 +329,6 @@
     state: "latest"
   with_items:
     - "{{ calico_node_manifests.results }}"
-    - "{{ calico_node_kdd_manifest.results }}"
     - "{{ calico_node_typha_manifest.results }}"
   when:
     - inventory_hostname == groups['kube-master'][0]