From 7bebd70e114b4fc3db538fa5a1bebe7e1688f7d9 Mon Sep 17 00:00:00 2001
From: Jo Rhett <geek@jorhett.com>
Date: Sat, 9 Dec 2023 14:32:46 -0800
Subject: [PATCH] Fix calico-tigera installation problems (#639)

Fix calico-tigera installation problems

Update network preinstall and provider target URLs
Use `kubectl create` to avoid metadata length limitations
---
 README.md                         | 2 +-
 manifests/kube_addons.pp          | 4 ++--
 spec/classes/kube_addons_spec.rb  | 4 ++--
 tooling/kube_tool.rb              | 2 +-
 tooling/kube_tool/other_params.rb | 4 ++--
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index d5f3b92d..7292d765 100644
--- a/README.md
+++ b/README.md
@@ -64,7 +64,7 @@ The above parameters are:
 * `VERSION`: The version of Kubernetes to deploy. Must follow X.Y.Z format. ([Check kubeadm regex rule](https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/util/version.go#L43) for more information)
 * `CONTAINER_RUNTIME`: The container runtime Kubernetes uses. Set this value to `docker` (officially supported) or `cri_containerd`. Advanced Kubernetes users can use `cri_containerd`, however this requires an increased understanding of Kubernetes, specifically when running applications in a HA cluster. To run a HA cluster and access your applications, an external load balancer is required in front of your cluster. Setting this up is beyond the scope of this module. For more information, see the Kubernetes [documentation](https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/).
 * `CNI_PROVIDER`: The CNI network to install. Set this value to `weave`, `flannel`, `calico` or `cilium`.
-* `CNI_PROVIDER_VERSION` The CNI version to use. `calico` and `cilium` uses this variable to reference the correct deployment file. Current version `cilium` is `1.4.3`, calico is `3.18`
+* `CNI_PROVIDER_VERSION` The CNI version to use. `calico`, `calico-tigera`, and `cilium` providers use this variable to reference the correct deployment file. Current version `cilium` is `1.4.3`, calico is `3.18`, calico-tigera is `3.26.0`
 * `ETCD_INITIAL_CLUSTER`: The server hostnames and IPs in the form of `hostname:ip`. When in production, include three, five, or seven nodes for etcd.
 * `ETCD_IP`: The IP each etcd member listens on. We recommend passing the fact for the interface to be used by the cluster.
 * `KUBE_API_ADVERTISE_ADDRESS`: The IP each etcd/apiserver instance uses on each controller. We recommend passing the fact for the interface to be used by the cluster.
diff --git a/manifests/kube_addons.pp b/manifests/kube_addons.pp
index 646697d7..b4cf98fe 100644
--- a/manifests/kube_addons.pp
+++ b/manifests/kube_addons.pp
@@ -79,7 +79,7 @@
       'calico-tigera': {
         if $cni_network_preinstall {
           exec { 'Install cni network (preinstall)':
-            command     => ['kubectl', 'apply', '-f', $cni_network_preinstall],
+            command     => ['kubectl', 'create', '-f', $cni_network_preinstall],
             onlyif      => $exec_onlyif,
             unless      => 'kubectl -n tigera-operator get deployments | egrep "^tigera-operator"',
             environment => $env,
@@ -110,7 +110,7 @@
       }
       'flannel': {
         exec { 'Install cni network provider':
-          command     => ['kubectl', 'apply', '-f', $cni_network_provider],
+          command     => ['kubectl', 'create', '-f', $cni_network_provider],
           onlyif      => $exec_onlyif,
           unless      => 'kubectl -n kube-flannel get daemonset | egrep "^kube-flannel"',
           environment => $env,
diff --git a/spec/classes/kube_addons_spec.rb b/spec/classes/kube_addons_spec.rb
index 880f4ff1..9338cefc 100644
--- a/spec/classes/kube_addons_spec.rb
+++ b/spec/classes/kube_addons_spec.rb
@@ -73,7 +73,7 @@
         when 'calico-tigera'
           it {
             expect(subject).to contain_exec('Install cni network (preinstall)').with({
-                                                                                       command: ['kubectl', 'apply', '-f', 'https://foo.test/tigera-operator'],
+                                                                                       command: ['kubectl', 'create', '-f', 'https://foo.test/tigera-operator'],
                                                                                        onlyif: 'kubectl get nodes'
                                                                                      })
           }
@@ -86,7 +86,7 @@
             expect(subject).to contain_exec('Install cni network provider').with(
               {
                 onlyif: ['kubectl get nodes'],
-                command: ['kubectl', 'apply', '-f', "https://#{provider}.test"],
+                command: ['kubectl', 'create', '-f', "https://#{provider}.test"],
                 unless: ['kubectl -n kube-flannel get daemonset | egrep "^kube-flannel"']
               },
             )
diff --git a/tooling/kube_tool.rb b/tooling/kube_tool.rb
index c86424cf..49faf19f 100755
--- a/tooling/kube_tool.rb
+++ b/tooling/kube_tool.rb
@@ -15,7 +15,7 @@ def self.parse_args
       o.string '-v', '--version', 'The Kubernetes version to install', default: ENV.fetch('VERSION', nil)
       o.string '-r', '--container_runtime', 'The container runtime to use. This can only be "docker" or "cri_containerd"', default: ENV.fetch('CONTAINER_RUNTIME', nil)
       o.string '-c', '--cni_provider', 'The networking provider to use, flannel, weave, calico, calico-tigera or cilium are supported', default: ENV.fetch('CNI_PROVIDER', nil)
-      o.string '-p', '--cni_provider_version', 'The networking provider version to use, calico and cilium will use this to reference the correct deployment download link',
+      o.string '-p', '--cni_provider_version', 'The networking provider version to use, calico, calico-tigera, and cilium will use this to reference the correct deployment download link',
                default: ENV.fetch('CNI_PROVIDER_VERSION', nil)
       o.string '-t', '--etcd_ip', 'The IP address etcd will listen on', default: ENV.fetch('ETCD_IP', nil)
       o.string '-i', '--etcd_initial_cluster', 'The list of servers in the etcd cluster', default: ENV.fetch('ETCD_INITIAL_CLUSTER', nil)
diff --git a/tooling/kube_tool/other_params.rb b/tooling/kube_tool/other_params.rb
index 8e56ccae..ff956673 100644
--- a/tooling/kube_tool/other_params.rb
+++ b/tooling/kube_tool/other_params.rb
@@ -30,8 +30,8 @@ def self.create(opts)
       cni_network_provider = "https://docs.projectcalico.org/archive/v#{opts[:cni_provider_version]}/manifests/calico.yaml"
       cni_pod_cidr = '192.168.0.0/16'
     when 'calico-tigera'
-      cni_network_preinstall = 'https://docs.projectcalico.org/manifests/tigera-operator.yaml'
-      cni_network_provider = 'https://docs.projectcalico.org/manifests/custom-resources.yaml'
+      cni_network_preinstall = "https://raw.githubusercontent.com/projectcalico/calico/v#{opts[:cni_provider_version]}/manifests/tigera-operator.yaml"
+      cni_network_provider = "https://raw.githubusercontent.com/projectcalico/calico/v#{opts[:cni_provider_version]}/manifests/custom-resources.yaml"
       cni_pod_cidr = '192.168.0.0/16'
     when 'cilium'
       cni_pod_cidr = '10.244.0.0/16'