Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-20 16:26:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
d356a40bc3
constellation/cli/internal/helm/charts/cilium/files/nodeinit/prestop.bash
3u13r 9478303f80 deploy cilium via helmchart (#321)
2022-08-12 10:20:19 +02:00

57 lines
2.1 KiB
Bash
Raw Blame History

#!/bin/bash
set -o errexit
set -o pipefail
set -o nounset
if stat /tmp/node-deinit.cilium.io > /dev/null 2>&1; then
exit 0
fi
echo "Waiting on pods to stop..."
if [ ! -f /etc/crictl.yaml ] || grep -q 'docker' /etc/crictl.yaml; then
# Works for COS, ubuntu
while docker ps | grep -v "node-init" | grep -q "POD_cilium"; do sleep 1; done
else
# COS-beta (with containerd). Some versions of COS have crictl in /home/kubernetes/bin.
while PATH="${PATH}:/home/kubernetes/bin" crictl ps | grep -v "node-init" | grep -q "POD_cilium"; do sleep 1; done
fi
if ip link show cilium_host; then
echo "Deleting cilium_host interface..."
ip link del cilium_host
fi
{{- if not (eq .Values.nodeinit.bootstrapFile "") }}
rm -f {{ .Values.nodeinit.bootstrapFile | quote }}
{{- end }}
rm -f /tmp/node-init.cilium.io
touch /tmp/node-deinit.cilium.io
{{- if .Values.nodeinit.reconfigureKubelet }}
# Check if we're running on a GKE containerd flavor.
GKE_KUBERNETES_BIN_DIR="/home/kubernetes/bin"
if [[ -f "${GKE_KUBERNETES_BIN_DIR}/gke" ]] && command -v containerd &>/dev/null; then
CONTAINERD_CONFIG="/etc/containerd/config.toml"
echo "Reverting changes to the containerd configuration"
sed -Ei "s/^\#(\s+conf_template)/\1/g" "${CONTAINERD_CONFIG}"
echo "Removing the kubelet wrapper"
[[ -f "${GKE_KUBERNETES_BIN_DIR}/the-kubelet" ]] && mv "${GKE_KUBERNETES_BIN_DIR}/the-kubelet" "${GKE_KUBERNETES_BIN_DIR}/kubelet"
else
echo "Changing kubelet configuration to --network-plugin=kubenet"
sed -i "s:--network-plugin=cni\ --cni-bin-dir={{ .Values.cni.binPath }}:--network-plugin=kubenet:g" /etc/default/kubelet
fi
echo "Restarting the kubelet"
systemctl restart kubelet
{{- end }}
{{- if (and .Values.gke.enabled (or .Values.enableIPv4Masquerade .Values.gke.disableDefaultSnat))}}
# If the IP-MASQ chain exists, add back default jump rule from the GKE instance configure script
if iptables -w -t nat -L IP-MASQ > /dev/null; then
iptables -w -t nat -A POSTROUTING -m comment --comment "ip-masq: ensure nat POSTROUTING directs all non-LOCAL destination traffic to our custom IP-MASQ chain" -m addrtype ! --dst-type LOCAL -j IP-MASQ
fi
{{- end }}
echo "Node de-initialization complete"
Reference in New Issue View Git Blame Copy Permalink