[MANOPD-77175] add ignorePreflightErrors support

documentation/Installation.md

@@ -1022,6 +1022,29 @@ services:
 
 **Note**: Those parameters remain in manifests files after Kubernetes upgrade. That is the proper way to preserve custom settings for system services.
 
+During init, join, ugrade procedures kubeadm runs `preflight` procedure to do some preliminary checks. In case of any error kubeadm stops working. Sometimes it is necessary to ignore some preflight errors to deploy or upgrade successfully.
+
+KubeMarine allows to configure kubeadm preflight errors to be ignored.
+
+Example:
+
+```yaml
+services:
+  kubeadm:
+  kubeadm_flags:
+    ignorePreflightErrors: Port-6443,CoreDNSUnsupportedPlugins,DirAvailable--var-lib-etcd
+```
+
+**Note**: Default settings for `ignorePreflightErrors` are:
+
+```yaml
+services:
+  kubeadm:
+  kubeadm_flags:
+    ignorePreflightErrors: Port-6443,CoreDNSUnsupportedPlugins
+```
+
+
 #### Kubernetes version
 
 By default, the `1.20.2` version of the Kubernetes is installed. See the table of supported versions for details in [Supported versions section](#supported-versions). However, we recommend that you explicitly specify the version you are about to install. This version applies into all the dependent parameters - images, binaries, rpms, configurations: all these are downloaded and used according to your choice. To specify the version, use the following parameter as in example:

kubemarine/kubernetes/__init__.py

@@ -195,6 +195,15 @@ def enrich_inventory(inventory, cluster):
     if not any_worker_found:
         raise KME("KME0004")
 
+    # check ignorePreflightErrors value and add mandatory errors from defaults.yaml if they're absent
+    with open(utils.get_resource_absolute_path('resources/configurations/defaults.yaml', script_relative=True), 'r') \
+            as stream:
+        default_preflight_errors = yaml.safe_load(stream)["services"]["kubeadm_flags"]["ignorePreflightErrors"].split(",")
+    preflight_errors = inventory["services"]["kubeadm_flags"]["ignorePreflightErrors"].split(",")
+
+    preflight_errors.extend(default_preflight_errors)
+    inventory["services"]["kubeadm_flags"]["ignorePreflightErrors"] = ",".join(set(preflight_errors))
+
     return inventory
 
 
@@ -405,9 +414,11 @@ def join_control_plane(group, node, join_dict):
 
     # ! ETCD on control-planes can't be initialized in async way, that is why it is necessary to disable async mode !
     log.debug('Joining control-plane \'%s\'...' % node['name'])
+
     node['connection'].sudo("kubeadm join "
                             " --config=/etc/kubernetes/join-config.yaml"
-                            " --ignore-preflight-errors=Port-6443 --v=5",
+                            " --ignore-preflight-errors='" + group.cluster.inventory['services']['kubeadm_flags']['ignorePreflightErrors'] + "'"
+                            " --v=5",
                             is_async=False, hide=False)
 
     log.debug("Patching apiServer bind-address for control-plane %s" % node['name'])
@@ -483,7 +494,7 @@ def init_first_control_plane(group):
     result = first_control_plane_group.sudo("kubeadm init"
                                      " --upload-certs"
                                      " --config=/etc/kubernetes/init-config.yaml"
-                                     " --ignore-preflight-errors=Port-6443"
+                                     " --ignore-preflight-errors='" + group.cluster.inventory['services']['kubeadm_flags']['ignorePreflightErrors'] + "'"
                                      " --v=5",
                                      hide=False)
 
@@ -612,10 +623,11 @@ def init_workers(group):
 
     group.cluster.log.debug('Joining workers...')
     return group.sudo(
-        "kubeadm join --config=/etc/kubernetes/join-config.yaml --ignore-preflight-errors=Port-6443 --v=5",
+        "kubeadm join --config=/etc/kubernetes/join-config.yaml"
+        " --ignore-preflight-errors='" + group.cluster.inventory['services']['kubeadm_flags']['ignorePreflightErrors'] + "'"
+        " --v=5",
         is_async=False, hide=False)
 
-
 def apply_labels(group):
     log = group.cluster.log
 
@@ -683,7 +695,6 @@ def get_kubeadm_config(inventory):
     kubeadm = yaml.dump(inventory["services"]["kubeadm"], default_flow_style=False)
     return f'{kubeadm_kubelet}---\n{kubeadm}'
 
-
 def upgrade_first_control_plane(version, upgrade_group, cluster, drain_timeout=None, grace_period=None):
     first_control_plane = cluster.nodes['control-plane'].get_first_member(provide_node_configs=True)
 
@@ -693,7 +704,8 @@ def upgrade_first_control_plane(version, upgrade_group, cluster, drain_timeout=N
 
     cluster.log.debug("Upgrading first control-plane \"%s\"" % first_control_plane)
 
-    flags = "-f --certificate-renewal=true --ignore-preflight-errors=CoreDNSUnsupportedPlugins"
+    flags = "-f --certificate-renewal=true --ignore-preflight-errors='%s'" % cluster.inventory['services']['kubeadm_flags']['ignorePreflightErrors']
+
     if patch_kubeadm_configmap(first_control_plane, cluster):
         flags += " --config /tmp/kubeadm_config.yaml"
 

kubemarine/resources/configurations/defaults.yaml

@@ -14,6 +14,8 @@ services:
     protectKernelDefaults: true
     podPidsLimit: 4096
     cgroupDriver: systemd
+  kubeadm_flags:
+    ignorePreflightErrors: Port-6443,CoreDNSUnsupportedPlugins
   kubeadm:
     apiVersion: kubeadm.k8s.io/v1beta2
     kind: ClusterConfiguration