From 6566d01519abf4a854de85b896660492a1f800ee Mon Sep 17 00:00:00 2001
From: Brad Davidson <brad.davidson@rancher.com>
Date: Thu, 14 Mar 2024 19:20:20 +0000
Subject: [PATCH] Remove kube-proxy static pod manifest during agent bootstrap

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
---
 pkg/podexecutor/staticpod.go | 28 +++++++---------------------
 pkg/rke2/rke2_linux.go       |  1 -
 2 files changed, 7 insertions(+), 22 deletions(-)

diff --git a/pkg/podexecutor/staticpod.go b/pkg/podexecutor/staticpod.go
index 169a76216a..9d8d9ab203 100644
--- a/pkg/podexecutor/staticpod.go
+++ b/pkg/podexecutor/staticpod.go
@@ -118,7 +118,6 @@ type StaticPodConfig struct {
 	PSAConfigFile   string
 	KubeletPath     string
 	RuntimeEndpoint string
-	KubeProxyChan   chan struct{}
 	CISMode         bool
 	DisableETCD     bool
 	IsServer        bool
@@ -161,6 +160,13 @@ func (s *StaticPodConfig) Bootstrap(_ context.Context, nodeConfig *daemonconfig.
 	if s.IsServer {
 		return bootstrap.UpdateManifests(s.Resolver, nodeConfig, cfg)
 	}
+
+	// Remove the kube-proxy static pod manifest before starting the agent.
+	// If kube-proxy should run, the manifest will be recreated after the apiserver is up.
+	if err := staticpod.Remove(s.ManifestsDir, "kube-proxy"); err != nil {
+		logrus.Error(err)
+	}
+
 	return nil
 }
 
@@ -197,16 +203,11 @@ func (s *StaticPodConfig) Kubelet(ctx context.Context, args []string) error {
 		})
 	}()
 
-	go s.cleanupKubeProxy()
-
 	return nil
 }
 
 // KubeProxy starts Kube Proxy as a static pod.
 func (s *StaticPodConfig) KubeProxy(_ context.Context, args []string) error {
-	// close the channel so that the cleanup goroutine does not remove the pod manifest
-	close(s.KubeProxyChan)
-
 	image, err := s.Resolver.GetReference(images.KubeProxy)
 	if err != nil {
 		return err
@@ -664,21 +665,6 @@ func (s *StaticPodConfig) stopEtcd() error {
 	return nil
 }
 
-// cleanupKubeProxy waits to see if kube-proxy is run. If kube-proxy does not run and
-// close the channel within one minute of this goroutine being started by the kubelet
-// runner, then the kube-proxy static pod manifest is removed from disk. The kubelet will
-// clean up the static pod soon after.
-func (s *StaticPodConfig) cleanupKubeProxy() {
-	select {
-	case <-s.KubeProxyChan:
-		return
-	case <-time.After(time.Minute * 1):
-		if err := staticpod.Remove(s.ManifestsDir, "kube-proxy"); err != nil {
-			logrus.Error(err)
-		}
-	}
-}
-
 // chownr recursively changes the ownership of the given
 // path to the given user ID and group ID.
 func chownr(path string, uid, gid int) error {
diff --git a/pkg/rke2/rke2_linux.go b/pkg/rke2/rke2_linux.go
index 1b7b59c41c..e2889e1a82 100644
--- a/pkg/rke2/rke2_linux.go
+++ b/pkg/rke2/rke2_linux.go
@@ -140,7 +140,6 @@ func initExecutor(clx *cli.Context, cfg Config, isServer bool) (*podexecutor.Sta
 		PSAConfigFile:          podSecurityConfigFile,
 		KubeletPath:            cfg.KubeletPath,
 		RuntimeEndpoint:        containerRuntimeEndpoint,
-		KubeProxyChan:          make(chan struct{}),
 		DisableETCD:            clx.Bool("disable-etcd"),
 		IsServer:               isServer,
 		ControlPlaneResources:  *controlPlaneResources,