From 13fdd5f22ec37513cde86b0c3c6a367bc0d8db72 Mon Sep 17 00:00:00 2001 From: Pedro Coutinho Date: Tue, 16 Jul 2024 15:50:14 -0700 Subject: [PATCH] Fix non-HPC Calico for Windows issues The windows upgrade code was cleaned up in https://github.com/projectcalico/calico/pull/7857, but there were leftover calls to it in node-service.ps1, leading to errors: flag provided but not defined: -should-install-windows-upgrade In addition to that, the token refresher, when run in a non-HPC scenario, would fail (on top of being unnecessary in non-HPC since that already requires the kubeconfig to be copied into the windows host): 2024-07-16 20:38:31.133 [FATAL][5064] cni-config-monitor/token_watch.go 59: Failed to read service account namespace file error=open /var/run/secrets/kubernetes.io/serviceaccount/namespace: The system cannot find the path specified. These were masked by the fact that logs are complex to get in non-HPC windows (requires RDP access into the host machine, so e2e failures retrieve nothing), and kubectl get nodes would show the windows nodes as 'Ready' even though these errors were occurring. --- .../CalicoWindows/node/node-service.ps1 | 20 +++++++------------ .../CalicoWindows/upgrade/upgrade-service.ps1 | 18 ----------------- 2 files changed, 7 insertions(+), 31 deletions(-) delete mode 100644 node/windows-packaging/CalicoWindows/upgrade/upgrade-service.ps1 diff --git a/node/windows-packaging/CalicoWindows/node/node-service.ps1 b/node/windows-packaging/CalicoWindows/node/node-service.ps1 index 38dbecf8417..1bcd9607c74 100644 --- a/node/windows-packaging/CalicoWindows/node/node-service.ps1 +++ b/node/windows-packaging/CalicoWindows/node/node-service.ps1 @@ -197,7 +197,10 @@ while ($True) if ($LastExitCode -EQ 0) { Write-Host "Calico node initialisation succeeded; monitoring kubelet for restarts..." - Restart-TokenRefresher + # Token refresher only needs to run in hostprocess containers + if ($env:CONTAINER_SANDBOX_MOUNT_POINT) { + Restart-TokenRefresher + } break } @@ -212,19 +215,10 @@ while ($True) $kubeletPid = -1 } - # Upgrade service is not needed if node is running in a hostprocess container. - if (-not $env:CONTAINER_SANDBOX_MOUNT_POINT) { - if (!(Get-UpgradeService)) { - # If upgrade service has not been running, check if we should run upgrade service. - .\calico-node.exe -should-install-windows-upgrade - if ($LastExitCode -EQ 0) { - Install-UpgradeService - Start-Service CalicoUpgrade - } - } + # Token refresher only needs to run in hostprocess containers + if ($env:CONTAINER_SANDBOX_MOUNT_POINT) { + Ensure-TokenRefresher } - Ensure-TokenRefresher - Start-Sleep 10 } diff --git a/node/windows-packaging/CalicoWindows/upgrade/upgrade-service.ps1 b/node/windows-packaging/CalicoWindows/upgrade/upgrade-service.ps1 deleted file mode 100644 index 60c2949ccc6..00000000000 --- a/node/windows-packaging/CalicoWindows/upgrade/upgrade-service.ps1 +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright (c) 2021 Tigera, Inc. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http:#www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This script is run from the main Calico folder. -. .\config.ps1 - -.\calico-node.exe -upgrade-windows