Merge pull request 'disable-multus' (#117) from disable-multus into main

Reviewed-on: #117
2025-05-30 11:09:36 +00:00 · 2025-05-30 11:09:36 +00:00 · 33307fccce
commit 33307fccce
parent d3036ad1ac 09a2ead705
5 changed files with 34 additions and 6 deletions
--- a/admin/hooks-1.32.sh
+++ b/admin/hooks-1.32.sh
@ -2,7 +2,10 @@

 # All things BEFORE the first controller / control plane upgrade
 pre_control_plane_upgrade_cluster() {
-  echo
+  if [ "$PLATFORM" != "gke" ];then
+    # patch multus DS to ONLY run pods on 1.31 controllers
+    kubectl patch ds kube-multus-ds -n kube-system -p '{"spec": {"template": {"spec": {"nodeSelector": {"node.kubernetes.io/kubezero.version": "v1.31.6"}}}}}' || true
+  }
 }


@ -16,7 +19,16 @@ post_control_plane_upgrade_cluster() {
 pre_cluster_upgrade_final() {
  set +e

-  echo
+  if [ "$PLATFORM" != "gke" ];then
+    # cleanup multus
+    kubectl delete clusterrolebinding multus
+    kubectl delete clusterrole multus
+    kubectl delete serviceaccount multus -n kube-system
+    kubectl delete cm multus-cni-config -n kube-system
+    kubectl delete ds kube-multus-ds -n kube-system
+    kubectl delete NetworkAttachmentDefinition cilium
+    kubectl delete crd network-attachment-definitions.k8s.cni.cncf.io
+  fi

  set -e
 }
--- a/admin/libhelm.sh
+++ b/admin/libhelm.sh
@ -95,6 +95,20 @@ function ensure_kubezero_secret_key() {
 }


+function ensure_kubezero_secret_key() {
+  local secret="$(kubectl get secret -n $ns $secret -o yaml)"
+  local key
+  local val
+
+  for key in $1; do
+    val=$(echo $secret | yq ".data.\"$key\""
+    if [ "$val" == "null" ]; then
+      set_kubezero_secret $key ""
+    fi
+  done
+}
+
+
 function set_kubezero_secret() {
  local key="$1"
  local val="$2"
--- a/charts/kubezero-network/values.yaml
+++ b/charts/kubezero-network/values.yaml
@ -43,7 +43,7 @@ cilium:
    binPath: "/usr/libexec/cni"
    logFile: /var/log/cilium-cni.log
    #-- Ensure this is false if multus is enabled
-    exclusive: false
+    exclusive: true

  cluster:
    # This should match the second octet of clusterPoolIPv4PodCIDRList
@ -91,9 +91,11 @@ cilium:
    - key: node-role.kubernetes.io/control-plane
      effect: NoSchedule
    # the operator removes the taints,
-    # so we need to break chicken egg on single controller
+    # so we need to break chicken egg
    - key: node.cilium.io/agent-not-ready
      effect: NoSchedule
+    - key: node.kubernetes.io/not-ready
+      effect: NoSchedule

    nodeSelector:
      node-role.kubernetes.io/control-plane: ""
--- a/charts/kubezero/templates/network.yaml
+++ b/charts/kubezero/templates/network.yaml
@ -1,6 +1,6 @@
 {{- define "network-values" }}
 multus:
-  enabled: true
+  enabled: false
  clusterNetwork: "cilium"

 # {{- if eq .Values.global.platform "aws" }}
--- a/charts/kubezero/values.yaml
+++ b/charts/kubezero/values.yaml
@ -32,7 +32,7 @@ addons:
 network:
  enabled: true
  retain: true
-  targetRevision: 0.5.8
+  targetRevision: 0.5.9
  cilium:
    cluster: {}