From 097dcdf47ef1fed39e184842926955cbdd833d0c Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Sat, 29 Jul 2017 13:26:57 -0700 Subject: [PATCH] digital-ocean: Add kubelet hostname-override flag * Kubelets should register nodes via their private IPv4 address, as provided by the metadata service from Digital Ocean * By default, Kubelet exec's hostname to determine the name it should use when registering with the apiserver. On Digital Ocean, the hostname is not routeable by other instances. Digital Ocean does not run an internal DNS service. * Fixes issue where the apiserver can't reach the worker nodes. This prevented kubectl logs and exec commands from working --- .../container-linux/kubernetes/cl/controller.yaml.tmpl | 4 ++++ digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl b/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl index 5cf34618..f631d280 100644 --- a/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl +++ b/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl @@ -23,8 +23,11 @@ systemd: contents: | [Unit] Description=Kubelet via Hyperkube ACI + Requires=coreos-metadata.service + After=coreos-metadata.service [Service] EnvironmentFile=/etc/kubernetes/kubelet.env + EnvironmentFile=/run/metadata/coreos Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \ --volume=resolv,kind=host,source=/etc/resolv.conf \ --mount volume=resolv,target=/etc/resolv.conf \ @@ -48,6 +51,7 @@ systemd: --network-plugin=cni \ --lock-file=/var/run/lock/kubelet.lock \ --exit-on-lock-contention \ + --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \ --pod-manifest-path=/etc/kubernetes/manifests \ --allow-privileged \ --node-labels=node-role.kubernetes.io/master \ diff --git a/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl b/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl index 4c967baa..5c375f36 100644 --- a/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl +++ b/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl @@ -23,8 +23,11 @@ systemd: contents: | [Unit] Description=Kubelet via Hyperkube ACI + Requires=coreos-metadata.service + After=coreos-metadata.service [Service] EnvironmentFile=/etc/kubernetes/kubelet.env + EnvironmentFile=/run/metadata/coreos Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \ --volume=resolv,kind=host,source=/etc/resolv.conf \ --mount volume=resolv,target=/etc/resolv.conf \ @@ -48,6 +51,7 @@ systemd: --network-plugin=cni \ --lock-file=/var/run/lock/kubelet.lock \ --exit-on-lock-contention \ + --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \ --pod-manifest-path=/etc/kubernetes/manifests \ --allow-privileged \ --node-labels=node-role.kubernetes.io/node \