Skip to content

Checking current calico version cause error #12179

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
chushev-cyoda opened this issue May 1, 2025 · 3 comments · May be fixed by #12183
Open

Checking current calico version cause error #12179

chushev-cyoda opened this issue May 1, 2025 · 3 comments · May be fixed by #12183
Labels
kind/bug Categorizes issue or PR as related to a bug. Ubuntu 22

Comments

@chushev-cyoda
Copy link

chushev-cyoda commented May 1, 2025
edited
Loading

What happened?

Playbook cluster.yml failed on the "Assert that current calico version is enough for upgrade" task
In my understanding task "Get current calico version" return nothing

What did you expect to happen?

playbook cluster.yml reconfigure something (changes in kube-apiserver configuration) in working k8s cluster

How can we reproduce it (as minimally and precisely as possible)?

Run cluster.yml playbook (as user, with --become) or any other playbooks which runs "Check that current calico version is enough for upgrade" task.

OS

Ubuntu 22

Version of Ansible

ansible [core 2.16.14]

Version of Python

Python 3.10.12

Version of Kubespray (commit)

2.27

Network plugin used

calico

Full inventory with variables

without any changes in calico variables

Command used to invoke ansible

ansible-playbook -i inventory/prod/hosts.yaml cluster.yml -u myuser -b --check --diff

Output of ansible run

TASK [network_plugin/calico : Assert that current calico version is enough for upgrade] ****************************************************************************************
fatal: [node1]: FAILED! => {"msg": "The conditional check 'calico_version_on_server.stdout is version(calico_min_version_required, '>=')' failed. The error was: Input version value cannot be empty"}

Anything else we need to know

The problem is in this part of code

- name: Check that current calico version is enough for upgrade
  run_once: true
  delegate_to: "{{ groups['kube_control_plane'][0] }}"
  when: calicoctl_sh_exists.stat.exists and calico_ready.rc == 0
  block:
    - name: Get current calico version
      shell: "set -o pipefail && {{ bin_dir }}/calicoctl.sh version | grep 'Client Version:' | awk '{ print $3}'"
      args:
        executable: /bin/bash
      register: calico_version_on_server
      changed_when: false

    - name: Assert that current calico version is enough for upgrade
      assert:
        that:
          - calico_version_on_server.stdout is version(calico_min_version_required, '>=')
        msg: >
          Your version of calico is not fresh enough for upgrade.
          Minimum version is {{ calico_min_version_required }} supported by the previous kubespray release.
          But current version is {{ calico_version_on_server.stdout }}.

I do test, and this:
shell: "set -o pipefail && {{ bin_dir }}/calicoctl.sh version | grep 'Client Version:' | awk '{ print $3}'"
is not working on my environment.

Even this:

    - name: Get current calico version
      shell: "/usr/local/bin/calicoctl.sh version"
      register: temp
      become: true

     - debug:
        var: temp.stdout

return nothing.

If I run it on my master node I got the answer:
$ sudo /usr/local/bin/calicoctl.sh version
Client Version: v3.29.1
Git commit: ddfc3b1ea
Cluster Version: v3.29.1
Cluster Type: kdd,k8s,bgp,kubeadm

So the problem is somewhere here.
@chushev-cyoda chushev-cyoda added the kind/bug Categorizes issue or PR as related to a bug. label May 1, 2025
@VannTen
Copy link
Contributor

VannTen commented May 2, 2025

Any chance you can reproduce with more verbosity from ansible ? (adding -vvv (as much as needed) to the command line)

@chushev-cyoda
Copy link
Author

Escalation succeeded
<10.0.1.41> (0, b'\n{"changed": false, "stdout": "", "stderr": "", "rc": 0, "cmd": "set -o pipefail && /usr/local/bin/calicoctl.sh version | grep 'Client Version:' | awk '{ print $3}'", "start": null, "end": null, "delta": null, "msg": "Command would have run if not in check mode", "skipped": true, "invocation": {"module_args": {"executable": "/bin/bash", "_raw_params": "set -o pipefail && /usr/local/bin/calicoctl.sh version | grep 'Client Version:' | awk '{ print $3}'", "_uses_shell": true, "expand_argument_vars": true, "stdin_add_newline": true, "strip_empty_ends": true, "argv": null, "chdir": null, "creates": null, "removes": null, "stdin": null}}}\n', b'')

@chushev-cyoda
Copy link
Author

In my understanding this is not a bug, its an ansible feature. It's not running any scripts in a check mode (--check) considering this may change the system status.
But maybe there is other way of checking calico version which will work in ansible check mode...

@chushev-cyoda chushev-cyoda linked a pull request May 2, 2025 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. Ubuntu 22
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix: Ensure Calico version check runs in --check mode chushev-cyoda/kubespray
2 participants
@VannTen @chushev-cyoda