Change k8s 1.6 calico manifest's ordering of service account creation #2641
Conversation
…nt first This fixes the behaviour described in kubernetes#2529 which was fixed by kubernetes#2590, by avoiding the configure-calico job all together.
k8s-ci-robot
added
the
cncf-cla: yes
|
Hi @ottoyiu. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
k8s-ci-robot
added
the
needs-ok-to-test
ottoyiu
changed the title
|
@k8s-bot ok to test |
k8s-ci-robot
removed
the
needs-ok-to-test
|
You tested by hand on which 1.6 versions? |
|
Waiting on e2e and questions about how it was tested |
|
I played around with it on 1.6.2 with the old kops prior to configure-calico was removed and couldn't seem to replicate the problem anymore after this fix. @blakebarnett mentioned service accounts, and I quickly check and found out that the manifests were put in the wrong order. By having the service accounts be created after the Daemonset of calico, the Deployment/ReplicaSet for policy-manager and the configure-calico Job previously - you were in the mercy of the scheduler really. I can test this change tomorrow morning on k8s 1.6.3, and 1.6.4 to play it safe. If you can hold off the merge after e2e testing, I'll double and triple check this change. |
|
Will mark this WIP |
|
Tested this on k8s 1.6.3 and 1.6.4 with no issues. Edit: while testing this change, figured out a related issue: |
This fixes the race-condition behaviour described in #2529 which was fixed by #2590, by
avoiding the configure-calico job all together.
This change is