[external-lb]: kubelet.conf server address and kube-proxy api-server address fix (#10490)

* [external-lb-kubeconfig]: fix server address in worker kubelet.conf

Signed-off-by: Ugur Ozturk <ugurozturk918@gmail.com>

* [external-lb-kubeconfig]: fix server address in kube-proxy

Signed-off-by: Furkan Pehlivan <furkanpehlivan34@gmail.com>

---------

Signed-off-by: Ugur Ozturk <ugurozturk918@gmail.com>
Signed-off-by: Furkan Pehlivan <furkanpehlivan34@gmail.com>
Co-authored-by: Furkan Pehlivan <furkanpehlivan34@gmail.com>
pull/10533/head
Ugur Can Ozturk 2023-10-17 09:45:00 +02:00 committed by GitHub
parent 3e522a9f59
commit 8cce6df80a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 29 additions and 2 deletions

View File

@ -129,6 +129,17 @@
- kubeadm_discovery_address != kube_apiserver_endpoint | replace("https://", "") - kubeadm_discovery_address != kube_apiserver_endpoint | replace("https://", "")
notify: Kubeadm | restart kubelet notify: Kubeadm | restart kubelet
- name: Update server field in kubelet kubeconfig - external lb
lineinfile:
dest: "{{ kube_config_dir }}/kubelet.conf"
regexp: '^ server: https'
line: ' server: {{ kube_apiserver_endpoint }}'
backup: yes
when:
- not is_kube_master
- loadbalancer_apiserver is defined
notify: Kubeadm | restart kubelet
# FIXME(mattymo): Need to point to localhost, otherwise masters will all point # FIXME(mattymo): Need to point to localhost, otherwise masters will all point
# incorrectly to first master, creating SPoF. # incorrectly to first master, creating SPoF.
- name: Update server field in kube-proxy kubeconfig - name: Update server field in kube-proxy kubeconfig
@ -149,6 +160,22 @@
tags: tags:
- kube-proxy - kube-proxy
- name: Update server field in kube-proxy kubeconfig - external lb
shell: >-
set -o pipefail && {{ kubectl }} get configmap kube-proxy -n kube-system -o yaml
| sed 's#server:.*#server: {{kube_apiserver_endpoint}}#g'
| {{ kubectl }} replace -f -
args:
executable: /bin/bash
run_once: true
delegate_to: "{{ groups['kube_control_plane'] | first }}"
delegate_facts: false
when:
- kube_proxy_deployed
- loadbalancer_apiserver is defined
tags:
- kube-proxy
- name: Set ca.crt file permission - name: Set ca.crt file permission
file: file:
path: "{{ kube_cert_dir }}/ca.crt" path: "{{ kube_cert_dir }}/ca.crt"
@ -162,8 +189,8 @@
delegate_to: "{{ groups['kube_control_plane'] | first }}" delegate_to: "{{ groups['kube_control_plane'] | first }}"
delegate_facts: false delegate_facts: false
when: when:
- kubeadm_config_api_fqdn is not defined - kubeadm_config_api_fqdn is not defined or loadbalancer_apiserver is defined
- kubeadm_discovery_address != kube_apiserver_endpoint | replace("https://", "") - kubeadm_discovery_address != kube_apiserver_endpoint | replace("https://", "") or loadbalancer_apiserver is defined
- kube_proxy_deployed - kube_proxy_deployed
tags: tags:
- kube-proxy - kube-proxy