daemonset deployment: drop peer-pods config handling

controllers/daemonset_reconcile.go

@@ -22,9 +22,6 @@ import (
 )
 
 const (
-	peerPodsConfigInstallDaemonSetName = "osc-config-sync"
-	peerPodsConfigDaemonSetLabel       = "kataconfiguration.openshift.io/osc-config-sync"
-
 	kataInstallDaemonSetName       = "osc-rpm"
 	kataInstallationDaemonSetLabel = "kataconfiguration.openshift.io/kata-ds-rpm-install"
 )
@@ -50,13 +47,6 @@ const (
 	KataUninstalled        KataInstallationDaemonSetState = "uninstalled"
 )
 
-type PeerPodsConfigDaemonSetState string
-
-const (
-	PeerPodsConfigRemoving PeerPodsConfigDaemonSetState = "removing"
-	PeerPodsConfigRemoved  PeerPodsConfigDaemonSetState = "removed"
-)
-
 // KataDaemonSetAction defines the possible actions that can be performed by Kata installation DaemonSet.
 type KataDaemonSetAction string
 
@@ -169,18 +159,6 @@ func (r *KataConfigOpenShiftReconciler) processKataConfigDeleteRequestDaemonSet(
 			return ctrl.Result{Requeue: true, RequeueAfter: time.Second * 15}, err
 		}
 
-		// Wait for the osc-config-sync to delete the configuration files
-		// The daemonset will change the node label when the removal is completed and will trigger reconciliation
-		removalInProgress, err := r.isPeerPodsConfigRemovalInProgress()
-		if err != nil {
-			return ctrl.Result{Requeue: true, RequeueAfter: 15 * time.Second}, err
-		}
-
-		if removalInProgress {
-			r.Log.Info("Waiting for OSC Config sync DaemonSet to finish PeerPods Config removal")
-			return ctrl.Result{}, nil
-		}
-
 		// Handle podvm image deletion
 		res, err := r.deletePodVMImage()
 		if res != nil {
@@ -218,70 +196,6 @@ func (r *KataConfigOpenShiftReconciler) processKataConfigDeleteRequestDaemonSet(
 	return ctrl.Result{}, nil
 }
 
-func (r *KataConfigOpenShiftReconciler) isPeerPodsConfigRemovalInProgress() (bool, error) {
-	removed, err := r.isKataNodePoolInState(peerPodsConfigDaemonSetLabel, string(PeerPodsConfigRemoved))
-	if err != nil {
-		return false, err
-	}
-
-	return !removed, nil
-}
-
-func (r *KataConfigOpenShiftReconciler) deletePeedPodsConfigDaemonSet() error {
-	// Delete osc-config-sync-install daemonset
-	copyPeerPodsConfigDaemonSet, err := r.daemonSetForPeerPodsConfig(InstallKata)
-	if err != nil {
-		r.Log.Error(err, "failed getting DaemonSet for peerpods config copy")
-		return err
-	}
-
-	err = r.Client.Delete(context.TODO(), copyPeerPodsConfigDaemonSet)
-	if err != nil {
-		if k8serrors.IsNotFound(err) {
-			r.Log.Info("peerpods config copy daemonset was already deleted")
-		} else {
-			r.Log.Error(err, "error when deleting peerpods config copy Daemonset, try again")
-			return err
-		}
-	}
-
-	// Create osc-config-sync-uninstall daemonset
-	removePeerPodsConfigDaemonSet, err := r.daemonSetForPeerPodsConfig(UninstallKata)
-	if err != nil {
-		r.Log.Error(err, "failed getting DaemonSet for peerpods config removal")
-		return err
-	}
-
-	if err := controllerutil.SetControllerReference(r.kataConfig, removePeerPodsConfigDaemonSet, r.Scheme); err != nil {
-		r.Log.Error(err, "Failed setting ControllerReference for peer-pods configuration removal DaemonSet")
-		return err
-	}
-
-	foundPeerPodsConfigDaemonSet := &appsv1.DaemonSet{}
-	err = r.Client.Get(context.TODO(), types.NamespacedName{Name: removePeerPodsConfigDaemonSet.Name, Namespace: removePeerPodsConfigDaemonSet.Namespace}, foundPeerPodsConfigDaemonSet)
-	if err != nil {
-		if k8serrors.IsNotFound(err) {
-			r.Log.Info("Creating a new peer-pods configuration removal daemonset", "removePeerPodsConfigDaemonSet.Namespace", removePeerPodsConfigDaemonSet.Namespace, "removePeerPodsConfigDaemonSet.Name", removePeerPodsConfigDaemonSet.Name)
-			err = r.Client.Create(context.TODO(), removePeerPodsConfigDaemonSet)
-			if err != nil {
-				r.Log.Error(err, "error when creating peer-pods configuration daemonset")
-				return err
-			}
-		} else {
-			r.Log.Error(err, "could not get peer-pods configuration daemonset, try again")
-			return err
-		}
-	} else {
-		r.Log.Info("Updating peer-pods configuration daemonset", "removePeerPodsConfigDaemonSet.Namespace", removePeerPodsConfigDaemonSet.Namespace, "removePeerPodsConfigDaemonSet.Name", removePeerPodsConfigDaemonSet.Name)
-		err = r.Client.Update(context.TODO(), removePeerPodsConfigDaemonSet)
-		if err != nil {
-			r.Log.Error(err, "error when updating peer-pods configuration daemonset")
-			return err
-		}
-	}
-	return nil
-}
-
 func (r *KataConfigOpenShiftReconciler) processKataConfigInstallRequestDaemonSet() (ctrl.Result, error) {
 	r.Log.Info("Kata installation in progress")
 
@@ -314,15 +228,6 @@ func (r *KataConfigOpenShiftReconciler) processKataConfigInstallRequestDaemonSet
 		return ctrl.Result{}, err
 	}
 
-	// If peerpods are enabled create the daemonset that will copy the related config files
-	if r.kataConfig.Spec.EnablePeerPods {
-		err := r.addPeerPodsConfigDaemonSet()
-		if err != nil {
-			r.Log.Error(err, "Adding peerpods configs daemonset failed")
-			return ctrl.Result{Requeue: true, RequeueAfter: 15 * time.Second}, err
-		}
-	}
-
 	// Add finalizer for this CR
 	if !contains(r.kataConfig.GetFinalizers(), kataConfigFinalizer) {
 		if err := r.addFinalizer(); err != nil {
@@ -417,133 +322,6 @@ func (r *KataConfigOpenShiftReconciler) processKataConfigInstallRequestDaemonSet
 	return ctrl.Result{}, nil
 }
 
-func (r *KataConfigOpenShiftReconciler) addPeerPodsConfigDaemonSet() error {
-	peerPodsConfigDaemonSet, err := r.daemonSetForPeerPodsConfig(InstallKata)
-	if err != nil {
-		return err
-	}
-
-	if err := controllerutil.SetControllerReference(r.kataConfig, peerPodsConfigDaemonSet, r.Scheme); err != nil {
-		r.Log.Error(err, "Failed setting ControllerReference for peer-pods configuration DaemonSet")
-		return err
-	}
-
-	foundPeerPodsConfigDaemonSet := &appsv1.DaemonSet{}
-	err = r.Client.Get(context.TODO(), types.NamespacedName{Name: peerPodsConfigDaemonSet.Name, Namespace: peerPodsConfigDaemonSet.Namespace}, foundPeerPodsConfigDaemonSet)
-	if err != nil {
-		if k8serrors.IsNotFound(err) {
-			r.Log.Info("Creating a new peer-pods configuration installation daemonset", "peerPodsConfigDaemonSet.Namespace", peerPodsConfigDaemonSet.Namespace, "peerPodsConfigDaemonSet.Name", peerPodsConfigDaemonSet.Name)
-			err = r.Client.Create(context.TODO(), peerPodsConfigDaemonSet)
-			if err != nil {
-				r.Log.Error(err, "error when creating peer-pods configuration daemonset")
-				return err
-			}
-		} else {
-			r.Log.Error(err, "could not get peer-pods configuration daemonset, try again")
-			return err
-		}
-	} else {
-		r.Log.Info("Updating peer-pods configuration daemonset", "peerPodsConfigDaemonSet.Namespace", peerPodsConfigDaemonSet.Namespace, "peerPodsConfigDaemonSet.Name", peerPodsConfigDaemonSet.Name)
-		err = r.Client.Update(context.TODO(), peerPodsConfigDaemonSet)
-		if err != nil {
-			r.Log.Error(err, "error when updating peer-pods configuration daemonset")
-			return err
-		}
-	}
-
-	// TODO: Check for errors
-
-	return nil
-}
-
-// daemonSetForPeerPodsConfig creates a DaemonSet for peer-pods configuration.
-// The Daemonset will copy or remove the peer-pods configuration files based on the given action.
-func (r *KataConfigOpenShiftReconciler) daemonSetForPeerPodsConfig(action KataDaemonSetAction) (*appsv1.DaemonSet, error) {
-	cliImageString, err := GetImageForComponent(cliImageName, r.Client)
-	if err != nil {
-		r.Log.Info("couldn't get image", "err", err)
-		return nil, err
-	}
-
-	var (
-		runPrivileged       = true
-		runAsUser     int64 = 0
-		nodeSelector        = r.getNodeSelectorAsMap()
-	)
-
-	name := peerPodsConfigInstallDaemonSetName + "-" + string(action)
-	daemonsetLabelSelectors := map[string]string{
-		"name": name,
-	}
-
-	volumeMounts := r.volumeMountsForRegistries()
-	volumes := r.volumesForRegistries()
-
-	return &appsv1.DaemonSet{
-		TypeMeta: metav1.TypeMeta{
-			APIVersion: "apps/v1",
-			Kind:       "DaemonSet",
-		},
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      name,
-			Namespace: OperatorNamespace,
-		},
-		Spec: appsv1.DaemonSetSpec{
-			Selector: &metav1.LabelSelector{
-				MatchLabels: daemonsetLabelSelectors,
-			},
-			UpdateStrategy: appsv1.DaemonSetUpdateStrategy{
-				Type: "RollingUpdate",
-				RollingUpdate: &appsv1.RollingUpdateDaemonSet{
-					MaxUnavailable: &intstr.IntOrString{
-						Type:   intstr.Int,
-						IntVal: 1,
-					},
-				},
-			},
-			Template: corev1.PodTemplateSpec{
-				ObjectMeta: metav1.ObjectMeta{
-					Labels: daemonsetLabelSelectors,
-				},
-				Spec: corev1.PodSpec{
-					ServiceAccountName: "default",
-					NodeSelector:       nodeSelector,
-					HostPID:            true,
-					Containers: []corev1.Container{
-						{
-							Name:            "config-sync",
-							Image:           daemonSetImage,
-							ImagePullPolicy: corev1.PullIfNotPresent,
-							SecurityContext: &corev1.SecurityContext{
-								Privileged: &runPrivileged,
-								RunAsUser:  &runAsUser,
-							},
-							Command: []string{"/bin/bash", "/scripts/osc-configs-script.sh"},
-							Args:    []string{string(action)},
-							Env: []corev1.EnvVar{
-								{
-									Name: "NODE_NAME",
-									ValueFrom: &corev1.EnvVarSource{
-										FieldRef: &corev1.ObjectFieldSelector{
-											FieldPath: "spec.nodeName",
-										},
-									},
-								},
-								{
-									Name:  "CLI_IMAGE",
-									Value: cliImageString,
-								},
-							},
-							VolumeMounts: volumeMounts,
-						},
-					},
-					Volumes: volumes,
-				},
-			},
-		},
-	}, nil
-}
-
 // daemonSetForKataInstall creates a DaemonSet for installing or uninstalling Kata based on the specified action.
 // It uses two container images: one for the Kata binaries (extensionImageString) and another for kubectl/cli tools (cliImageString).
 // The DaemonSet's Pod contains three containers: one installs the binaries, one modifies the node labels, and one sets the runtime log level.
@@ -934,7 +712,6 @@ func (r *KataConfigOpenShiftReconciler) unlabelNodesDaemonSet(nodeSelector label
 		if _, ok := node.Labels["node-role.kubernetes.io/kata-oc"]; ok {
 			delete(node.Labels, "node-role.kubernetes.io/kata-oc")
 			delete(node.Labels, kataInstallationDaemonSetLabel)
-			delete(node.Labels, peerPodsConfigDaemonSetLabel)
 			err := r.Client.Update(context.TODO(), &node)
 			if err != nil {
 				r.Log.Error(err, "Error when removing labels from node", "node", node)

controllers/openshift_controller.go

@@ -1595,13 +1595,6 @@ func (eh *NodeEventHandler) Update(ctx context.Context, event event.UpdateEvent,
 			foundRelevantChange = true
 			log.Info("kataconfiguration.openshift.io/kata-ds-rpm-install changed", "old", kataStateOld, "new", kataStateNew)
 		}
-
-		peerPodsStateOld := nodeOld.GetLabels()[peerPodsConfigDaemonSetLabel]
-		peerPodsStateNew := nodeNew.GetLabels()[peerPodsConfigDaemonSetLabel]
-		if peerPodsStateOld != peerPodsStateNew {
-			foundRelevantChange = true
-			log.Info("kataconfiguration.openshift.io/osc-config-sync changed", "old", peerPodsStateOld, "new", peerPodsStateNew)
-		}
 	} else {
 		// no need to check the second return value of the indexing operation
 		// as "" is not a valid machineconfiguration.openshift.io/state value

controllers/peerpods.go

@@ -309,15 +309,6 @@ func (r *KataConfigOpenShiftReconciler) disablePeerPodsMiscConfigs() error {
 		}
 	}
 
-	if r.DeploymentMode == DaemonSetMode {
-		// We want to make sure that the osc-config-sync ds removal successfully started
-		// So we will try again in case of an error
-		err = r.deletePeedPodsConfigDaemonSet()
-		if err != nil {
-			return err
-		}
-	}
-
 	// Delete mutating webhook deployment
 	err = r.deleteMutatingWebhookDeployment()
 	if err != nil {

scripts/kata-install/Dockerfile

@@ -1,12 +1,8 @@
 FROM registry.access.redhat.com/ubi9/skopeo:9.6-1760517870
 
-RUN mkdir -p /files
-
-ADD 50-kata-remote configuration-remote.toml /files/
-
 RUN mkdir -p /scripts
 
-ADD osc-kata-install.sh osc-configs-script.sh osc-log-level.sh lib.sh /scripts/
+ADD osc-kata-install.sh osc-log-level.sh lib.sh /scripts/
 
 RUN curl -sSL "https://github.com/opencontainers/umoci/releases/download/v0.4.7/umoci.amd64" -o "/usr/local/bin/umoci" &&\
     chmod +x "/usr/local/bin/umoci"