From bd6d810d0a963055c56ad0275b4ba778d92b124b Mon Sep 17 00:00:00 2001 From: Cristian Calin <6627509+cristicalin@users.noreply.github.com> Date: Tue, 29 Jun 2021 15:28:41 +0300 Subject: [PATCH] nodelocaldns: allow binding metrics address to host IP (#7748) --- .../sample/group_vars/k8s_cluster/k8s-cluster.yml | 1 + .../ansible/templates/nodelocaldns-config.yml.j2 | 10 +++++----- .../ansible/templates/nodelocaldns-daemonset.yml.j2 | 7 +++++++ roles/kubespray-defaults/defaults/main.yaml | 1 + 4 files changed, 14 insertions(+), 5 deletions(-) diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml index c369324ff..45a9a0a1c 100644 --- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml +++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml @@ -166,6 +166,7 @@ dns_mode: coredns enable_nodelocaldns: true nodelocaldns_ip: 169.254.25.10 nodelocaldns_health_port: 9254 +nodelocaldns_bind_metrics_host_ip: false # nodelocaldns_external_zones: # - zones: # - example.com diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 index 6e6adf012..18abf8ea3 100644 --- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 @@ -17,7 +17,7 @@ data: loop bind {{ nodelocaldns_ip }} forward . {{ block['nameservers'] | join(' ') }} - prometheus :9253 + prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253 log {% if dns_etchosts | default(None) %} hosts /etc/coredns/hosts { @@ -39,7 +39,7 @@ data: forward . {{ forwardTarget }} { force_tcp } - prometheus :9253 + prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253 health {{ nodelocaldns_ip }}:{{ nodelocaldns_health_port }} {% if dns_etchosts | default(None) %} hosts /etc/coredns/hosts { @@ -56,7 +56,7 @@ data: forward . {{ forwardTarget }} { force_tcp } - prometheus :9253 + prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253 } ip6.arpa:53 { errors @@ -67,7 +67,7 @@ data: forward . {{ forwardTarget }} { force_tcp } - prometheus :9253 + prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253 } .:53 { errors @@ -76,7 +76,7 @@ data: loop bind {{ nodelocaldns_ip }} forward . {{ upstreamForwardTarget }} - prometheus :9253 + prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253 {% if dns_etchosts | default(None) %} hosts /etc/coredns/hosts { fallthrough diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 index 4d725577e..7abd28ffa 100644 --- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 @@ -41,6 +41,13 @@ spec: args: [ "-localip", "{{ nodelocaldns_ip }}", "-conf", "/etc/coredns/Corefile", "-upstreamsvc", "coredns" ] securityContext: privileged: true +{% if nodelocaldns_bind_metrics_host_ip %} + env: + - name: MY_HOST_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP +{% endif %} ports: - containerPort: 53 name: dns diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml index b3c976067..3238fcbd2 100644 --- a/roles/kubespray-defaults/defaults/main.yaml +++ b/roles/kubespray-defaults/defaults/main.yaml @@ -89,6 +89,7 @@ dns_mode: coredns enable_nodelocaldns: true nodelocaldns_ip: 169.254.25.10 nodelocaldns_health_port: 9254 +nodelocaldns_bind_metrics_host_ip: false # Should be set to a cluster IP if using a custom cluster DNS manual_dns_server: ""