calico deployment fails with latest update

[stoeps13]

Hi, installing with the latest updates and trying to update Kubernetes to 1.25.1, but the calico deployment fails:

TASK [install-network-addons : Install the Pod network add on as per documentation] *****************************************************************************************************************************************************************************************************************************************************************************************************************************************************
fatal: [cnx8-ora-cp.stoeps.home]: FAILED! => {"changed": true, "cmd": ["kubectl", "apply", "-f", "https://projectcalico.docs.tigera.io/archive/v3.23/manifests/rbac/rbac-kdd-calico.yaml"], "delta": "0:00:00.687803", "end": "2023-02-08 10:01:03.139791", "msg": "non-zero return code", "rc": 1, "start": "2023-02-08 10:01:02.451988", "stderr": "error: unable to read URL \"https://projectcalico.docs.tigera.io/archive/v3.23/manifests/rbac/rbac-kdd-calico.yaml\", server reported 404 Not Found, status code=404", "stderr_lines": ["error: unable to read URL \"https://projectcalico.docs.tigera.io/archive/v3.23/manifests/rbac/rbac-kdd-calico.yaml\", server reported 404 Not Found, status code=404"], "stdout": "", "stdout_lines": []}

I tested with defaults, latest and 3.25 but all fail with the same error. I checked the calico page and it seems they changed to an operator to create the network. Regards Christoph

[nitinjagjivan]

Calico was down. It's back now.

[nitin@***** ~]$ kubectl apply -f https://projectcalico.docs.tigera.io/archive/v3.23/manifests/rbac/rbac-kdd-calico.yaml clusterrole.rbac.authorization.k8s.io/calico-kube-controllers unchanged clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers unchanged clusterrole.rbac.authorization.k8s.io/calico-node unchanged clusterrolebinding.rbac.authorization.k8s.io/calico-node unchanged

[stoeps13]

3.25 and latest still fail, but thanks, I'll go with 3.23 for the moment

[sabrina-yee]

That's right, we investigated 3.24 when doing K8s 1.25 and concluded that the role needs more work due to the refactoring done in Calico so the default is set to 3.23 for now.

[K8SLIKE]

Kubernetes,calico-node Keep restarting？Can it be solved?

[nitinjagjivan]

Could you please mention OS, k8s version, ctr version? It works well on centos7, k8s v1.25 and ctr v1.6.9.

@K8SLIKE could you please try this - https://kubernetes.io/docs/setup/production-environment/container-runtimes/#containerd-systemd

[K8SLIKE]

@nitinjagjivan centos7，arm，K8S1.19,Binary offline installation

[sabrina-yee]

@nitinjagjivan centos7，arm，K8S1.19,Binary offline installation

It's hard to tell without error messages but this repo expects installing on x86 architecture. Also K8s 1.19 is quite old, I'd recommend using 1.25 on x86 which has been tested.

[nitinjagjivan]

@stoeps13 Latest release supports Calico v1.25 [May 2023 cnx8cr2 release] [#272]

[stoeps13]

Thanks for the info @nitinjagjivan but the curl call

2 │ - name: Download the Calico networking manifest for the Kubernetes API datastore 3 │ command: curl https://raw.githubusercontent.com/projectcalico/calico/v{{ __calico_version }}/manifests/calico.yaml -O 4 │ when: 5 │ - inventory_hostname == groups['k8s_masters'][0]

here generates a broken calico.yml:

cat calico.yaml 404: Not Found

curl https://raw.githubusercontent.com/projectcalico/calico/v3.25/manifests/calico.yaml 404: Not Found

[nitinjagjivan]

@stoeps13 curl https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifests/calico.yaml should work.

Default value for '__calico_version' is changed now- https://github.com/HCL-TECH-SOFTWARE/connections-automation/blob/main/roles/third_party/kubernetes/install-network-addons/vars/main.yml#L2

[stoeps13]

Thanks! Ah 3 digits, 3.25.1 is the latest 3.25 version

[stoeps13]

Works with variable and default