From b86ad89dda7d6c042b94e0d7321cb902be1e6607 Mon Sep 17 00:00:00 2001
From: John Mulligan <jmulligan@redhat.com>
Date: Mon, 29 Aug 2022 10:03:01 -0400
Subject: [PATCH] qa/tasks/kubeadm: set up tigera resources via kubectl create

Fixes: https://tracker.ceph.com/issues/57268

The tigera operator for the calico CNI has some pretty large resource
definitions. The length of the definitions can cause the "client side
apply", the default mode for `kubectl apply ....`, to fail due to the
length of the needed annotation that would result:

```
2022-08-22T20:24:55.636 INFO:teuthology.orchestra.run.smithi087.stdout:clusterrolebinding.rbac.authorization.k8s.io/tigera-operator created
2022-08-22T20:24:55.670 INFO:teuthology.orchestra.run.smithi087.stdout:deployment.apps/tigera-operator created
2022-08-22T20:24:55.671 INFO:teuthology.orchestra.run.smithi087.stderr:The CustomResourceDefinition "installations.operator.tigera.io" is invalid: metadata.annotations: Too long: must have at most 262144 bytes
2022-08-22T20:24:55.674 DEBUG:teuthology.orchestra.run:got remote process result: 1
```

There are two simple options for avoiding this error. One is to use
`kubectl create`. The create command will not make this lengthy
annotation. It will fail if any of the resources already exist. The
other option is to use server-side apply, via the `kubectl apply
--server-side ...` command. It is new in k8s 1.18. It will not create
the annotation either.

The block of code setting up the CNI already uses `kubectl create` to
create the custom resources that configure the tigera operator.
Therefore it should be safe to assume the block of code in question
doesn't need to be idempotent and we can also use `kubectl create`
elsewhere in the same block.

Signed-off-by: John Mulligan <jmulligan@redhat.com>
(cherry picked from commit f8b0511d6c45977f2f7925769cf570a82ea447bc)
---
 qa/tasks/kubeadm.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qa/tasks/kubeadm.py b/qa/tasks/kubeadm.py
index 2b967f5569f5..9f147c6e77c4 100644
--- a/qa/tasks/kubeadm.py
+++ b/qa/tasks/kubeadm.py
@@ -403,7 +403,7 @@ def pod_network(ctx, config):
 
     elif pnet == 'calico':
         _kubectl(ctx, config, [
-            'apply', '-f',
+            'create', '-f',
             'https://docs.projectcalico.org/manifests/tigera-operator.yaml'
         ])
         cr = {
-- 
2.47.3