kubeadm: set kube-apiserver advertise address using downward API

2017-11-20 13:45:50 -05:00 · 2017-11-20 13:45:50 -05:00 · 49e01b05e7
parent 18758f502c
commit 49e01b05e7
3 changed files with 106 additions and 2 deletions
--- a/cmd/kubeadm/app/phases/selfhosting/podspec_mutation.go
+++ b/cmd/kubeadm/app/phases/selfhosting/podspec_mutation.go
@ -18,6 +18,7 @@ package selfhosting

 import (
 	"path/filepath"
+	"strings"

 	"k8s.io/api/core/v1"
 	kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants"
@ -42,6 +43,7 @@ func GetDefaultMutators() map[string][]PodSpecMutatorFunc {
 			addNodeSelectorToPodSpec,
 			setMasterTolerationOnPodSpec,
 			setRightDNSPolicyOnPodSpec,
+			setHostIPOnPodSpec,
 		},
 		kubeadmconstants.KubeControllerManager: {
 			addNodeSelectorToPodSpec,
@ -101,6 +103,26 @@ func setMasterTolerationOnPodSpec(podSpec *v1.PodSpec) {
 	podSpec.Tolerations = append(podSpec.Tolerations, kubeadmconstants.MasterToleration)
 }

+// setHostIPOnPodSpec sets the environment variable HOST_IP using downward API
+func setHostIPOnPodSpec(podSpec *v1.PodSpec) {
+	envVar := v1.EnvVar{
+		Name: "HOST_IP",
+		ValueFrom: &v1.EnvVarSource{
+			FieldRef: &v1.ObjectFieldSelector{
+				FieldPath: "status.hostIP",
+			},
+		},
+	}
+
+	podSpec.Containers[0].Env = append(podSpec.Containers[0].Env, envVar)
+
+	for i := range podSpec.Containers[0].Command {
+		if strings.Contains(podSpec.Containers[0].Command[i], "advertise-address") {
+			podSpec.Containers[0].Command[i] = "--advertise-address=$(HOST_IP)"
+		}
+	}
+}
+
 // setRightDNSPolicyOnPodSpec makes sure the self-hosted components can look up things via kube-dns if necessary
 func setRightDNSPolicyOnPodSpec(podSpec *v1.PodSpec) {
 	podSpec.DNSPolicy = v1.DNSClusterFirstWithHostNet
--- a/cmd/kubeadm/app/phases/selfhosting/podspec_mutation_test.go
+++ b/cmd/kubeadm/app/phases/selfhosting/podspec_mutation_test.go
@ -33,8 +33,36 @@ func TestMutatePodSpec(t *testing.T) {
 	}{
 		{
 			component: kubeadmconstants.KubeAPIServer,
-			podSpec:   &v1.PodSpec{},
+			podSpec: &v1.PodSpec{
+				Containers: []v1.Container{
+					{
+						Name: "kube-apiserver",
+						Command: []string{
+							"--advertise-address=10.0.0.1",
+						},
+					},
+				},
+			},
 			expected: v1.PodSpec{
+				Containers: []v1.Container{
+					{
+						Name: "kube-apiserver",
+						Command: []string{
+							"--advertise-address=$(HOST_IP)",
+						},
+						Env: []v1.EnvVar{
+							{
+								Name: "HOST_IP",
+								ValueFrom: &v1.EnvVarSource{
+									FieldRef: &v1.ObjectFieldSelector{
+										FieldPath: "status.hostIP",
+									},
+								},
+							},
+						},
+					},
+				},
+
 				NodeSelector: map[string]string{
 					kubeadmconstants.LabelNodeRoleMaster: "",
 				},
@ -185,6 +213,55 @@ func TestSetRightDNSPolicyOnPodSpec(t *testing.T) {
 	}
 }

+func TestSetHostIPOnPodSpec(t *testing.T) {
+	var tests = []struct {
+		podSpec  *v1.PodSpec
+		expected v1.PodSpec
+	}{
+		{
+			podSpec: &v1.PodSpec{
+				Containers: []v1.Container{
+					{
+						Name: "kube-apiserver",
+						Command: []string{
+							"--advertise-address=10.0.0.1",
+						},
+						Env: []v1.EnvVar{},
+					},
+				},
+			},
+			expected: v1.PodSpec{
+				Containers: []v1.Container{
+					{
+						Name: "kube-apiserver",
+						Command: []string{
+							"--advertise-address=$(HOST_IP)",
+						},
+						Env: []v1.EnvVar{
+							{
+								Name: "HOST_IP",
+								ValueFrom: &v1.EnvVarSource{
+									FieldRef: &v1.ObjectFieldSelector{
+										FieldPath: "status.hostIP",
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for _, rt := range tests {
+		setHostIPOnPodSpec(rt.podSpec)
+
+		if !reflect.DeepEqual(*rt.podSpec, rt.expected) {
+			t.Errorf("failed setHostIPOnPodSpec:\nexpected:\n%v\nsaw:\n%v", rt.expected, *rt.podSpec)
+		}
+	}
+}
+
 func TestSetSelfHostedVolumesForAPIServer(t *testing.T) {
 	hostPathDirectoryOrCreate := v1.HostPathDirectoryOrCreate
 	var tests = []struct {
--- a/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go
+++ b/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go
@ -134,7 +134,7 @@ spec:
        - --service-cluster-ip-range=10.96.0.0/12
        - --tls-cert-file=/etc/kubernetes/pki/apiserver.crt
        - --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
-        - --advertise-address=192.168.1.115
+        - --advertise-address=$(HOST_IP)
        - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
        - --insecure-port=0
        - --experimental-bootstrap-token-auth=true
@ -148,6 +148,11 @@ spec:
        - --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key
        - --authorization-mode=Node,RBAC
        - --etcd-servers=http://127.0.0.1:2379
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
        image: gcr.io/google_containers/kube-apiserver-amd64:v1.7.4
        livenessProbe:
          failureThreshold: 8