From b1f3034051f4acf47294b0eb8df4544b0b94a6b0 Mon Sep 17 00:00:00 2001 From: "Lubomir I. Ivanov" Date: Thu, 5 May 2022 23:39:23 +0300 Subject: [PATCH] kubeadm: only taint CP nodes when the legacy "master" taint is present During upgrade when a CP node is missing the old / legacy "master" taint, assume the user has manually removed it to allow workloads to schedule. In such cases do not re-taint the node with the new "control-plane" taint. --- cmd/kubeadm/app/phases/upgrade/postupgrade.go | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/cmd/kubeadm/app/phases/upgrade/postupgrade.go b/cmd/kubeadm/app/phases/upgrade/postupgrade.go index 5d2977396d7..55828597310 100644 --- a/cmd/kubeadm/app/phases/upgrade/postupgrade.go +++ b/cmd/kubeadm/app/phases/upgrade/postupgrade.go @@ -253,16 +253,20 @@ func AddNewControlPlaneTaint(client clientset.Interface) error { } for _, n := range nodes.Items { - // Check if the node has the taint already and skip it if so - hasTaint := false + // Check if the node has the old / new taints + hasOldTaint := false + hasNewTaint := false for _, t := range n.Spec.Taints { - if t.String() == kubeadmconstants.ControlPlaneTaint.String() { - hasTaint = true - break + switch t.String() { + case kubeadmconstants.OldControlPlaneTaint.String(): + hasOldTaint = true + case kubeadmconstants.ControlPlaneTaint.String(): + hasNewTaint = true } } - // If the node does not have the taint, patch it - if !hasTaint { + // If the old taint is present and the new taint is missing, patch the node with the new taint. + // When the old taint is missing, assume the user has manually untainted the node and take no action. + if !hasNewTaint && hasOldTaint { err = apiclient.PatchNode(client, n.Name, func(n *v1.Node) { n.Spec.Taints = append(n.Spec.Taints, kubeadmconstants.ControlPlaneTaint) })