digital-ocean: Add kubelet hostname-override flag

* Kubelets should register nodes via their private IPv4 address, as provided by the metadata service from Digital Ocean * By default, Kubelet exec's hostname to determine the name it should use when registering with the apiserver. On Digital Ocean, the hostname is not routeable by other instances. Digital Ocean does not run an internal DNS service. * Fixes issue where the apiserver can't reach the worker nodes. This prevented kubectl logs and exec commands from working
2017-07-29 13:26:57 -07:00 · 2017-07-29 13:26:57 -07:00 · 097dcdf47e
parent efff7497eb
commit 097dcdf47e
2 changed files with 8 additions and 0 deletions
--- a/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl
+++ b/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl
@ -23,8 +23,11 @@ systemd:
      contents: |
        [Unit]
        Description=Kubelet via Hyperkube ACI
+        Requires=coreos-metadata.service
+        After=coreos-metadata.service
        [Service]
        EnvironmentFile=/etc/kubernetes/kubelet.env
+        EnvironmentFile=/run/metadata/coreos
        Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \
          --volume=resolv,kind=host,source=/etc/resolv.conf \
          --mount volume=resolv,target=/etc/resolv.conf \
@ -48,6 +51,7 @@ systemd:
          --network-plugin=cni \
          --lock-file=/var/run/lock/kubelet.lock \
          --exit-on-lock-contention \
+          --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
          --pod-manifest-path=/etc/kubernetes/manifests \
          --allow-privileged \
          --node-labels=node-role.kubernetes.io/master \
--- a/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl
+++ b/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl
@ -23,8 +23,11 @@ systemd:
      contents: |
        [Unit]
        Description=Kubelet via Hyperkube ACI
+        Requires=coreos-metadata.service
+        After=coreos-metadata.service
        [Service]
        EnvironmentFile=/etc/kubernetes/kubelet.env
+        EnvironmentFile=/run/metadata/coreos
        Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \
          --volume=resolv,kind=host,source=/etc/resolv.conf \
          --mount volume=resolv,target=/etc/resolv.conf \
@ -48,6 +51,7 @@ systemd:
          --network-plugin=cni \
          --lock-file=/var/run/lock/kubelet.lock \
          --exit-on-lock-contention \
+          --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
          --pod-manifest-path=/etc/kubernetes/manifests \
          --allow-privileged \
          --node-labels=node-role.kubernetes.io/node \