From 49e01b05e7791d8bbb4863f83c0b2f420cec73ab Mon Sep 17 00:00:00 2001 From: andrewsykim Date: Mon, 20 Nov 2017 13:45:50 -0500 Subject: [PATCH] kubeadm: set kube-apiserver advertise address using downward API --- .../phases/selfhosting/podspec_mutation.go | 22 ++++++ .../selfhosting/podspec_mutation_test.go | 79 ++++++++++++++++++- .../phases/selfhosting/selfhosting_test.go | 7 +- 3 files changed, 106 insertions(+), 2 deletions(-) diff --git a/cmd/kubeadm/app/phases/selfhosting/podspec_mutation.go b/cmd/kubeadm/app/phases/selfhosting/podspec_mutation.go index 78c54fd51b..fd01d8c391 100644 --- a/cmd/kubeadm/app/phases/selfhosting/podspec_mutation.go +++ b/cmd/kubeadm/app/phases/selfhosting/podspec_mutation.go @@ -18,6 +18,7 @@ package selfhosting import ( "path/filepath" + "strings" "k8s.io/api/core/v1" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" @@ -42,6 +43,7 @@ func GetDefaultMutators() map[string][]PodSpecMutatorFunc { addNodeSelectorToPodSpec, setMasterTolerationOnPodSpec, setRightDNSPolicyOnPodSpec, + setHostIPOnPodSpec, }, kubeadmconstants.KubeControllerManager: { addNodeSelectorToPodSpec, @@ -101,6 +103,26 @@ func setMasterTolerationOnPodSpec(podSpec *v1.PodSpec) { podSpec.Tolerations = append(podSpec.Tolerations, kubeadmconstants.MasterToleration) } +// setHostIPOnPodSpec sets the environment variable HOST_IP using downward API +func setHostIPOnPodSpec(podSpec *v1.PodSpec) { + envVar := v1.EnvVar{ + Name: "HOST_IP", + ValueFrom: &v1.EnvVarSource{ + FieldRef: &v1.ObjectFieldSelector{ + FieldPath: "status.hostIP", + }, + }, + } + + podSpec.Containers[0].Env = append(podSpec.Containers[0].Env, envVar) + + for i := range podSpec.Containers[0].Command { + if strings.Contains(podSpec.Containers[0].Command[i], "advertise-address") { + podSpec.Containers[0].Command[i] = "--advertise-address=$(HOST_IP)" + } + } +} + // setRightDNSPolicyOnPodSpec makes sure the self-hosted components can look up things via kube-dns if necessary func setRightDNSPolicyOnPodSpec(podSpec *v1.PodSpec) { podSpec.DNSPolicy = v1.DNSClusterFirstWithHostNet diff --git a/cmd/kubeadm/app/phases/selfhosting/podspec_mutation_test.go b/cmd/kubeadm/app/phases/selfhosting/podspec_mutation_test.go index 391ea4bad0..6a5f1da8a8 100644 --- a/cmd/kubeadm/app/phases/selfhosting/podspec_mutation_test.go +++ b/cmd/kubeadm/app/phases/selfhosting/podspec_mutation_test.go @@ -33,8 +33,36 @@ func TestMutatePodSpec(t *testing.T) { }{ { component: kubeadmconstants.KubeAPIServer, - podSpec: &v1.PodSpec{}, + podSpec: &v1.PodSpec{ + Containers: []v1.Container{ + { + Name: "kube-apiserver", + Command: []string{ + "--advertise-address=10.0.0.1", + }, + }, + }, + }, expected: v1.PodSpec{ + Containers: []v1.Container{ + { + Name: "kube-apiserver", + Command: []string{ + "--advertise-address=$(HOST_IP)", + }, + Env: []v1.EnvVar{ + { + Name: "HOST_IP", + ValueFrom: &v1.EnvVarSource{ + FieldRef: &v1.ObjectFieldSelector{ + FieldPath: "status.hostIP", + }, + }, + }, + }, + }, + }, + NodeSelector: map[string]string{ kubeadmconstants.LabelNodeRoleMaster: "", }, @@ -185,6 +213,55 @@ func TestSetRightDNSPolicyOnPodSpec(t *testing.T) { } } +func TestSetHostIPOnPodSpec(t *testing.T) { + var tests = []struct { + podSpec *v1.PodSpec + expected v1.PodSpec + }{ + { + podSpec: &v1.PodSpec{ + Containers: []v1.Container{ + { + Name: "kube-apiserver", + Command: []string{ + "--advertise-address=10.0.0.1", + }, + Env: []v1.EnvVar{}, + }, + }, + }, + expected: v1.PodSpec{ + Containers: []v1.Container{ + { + Name: "kube-apiserver", + Command: []string{ + "--advertise-address=$(HOST_IP)", + }, + Env: []v1.EnvVar{ + { + Name: "HOST_IP", + ValueFrom: &v1.EnvVarSource{ + FieldRef: &v1.ObjectFieldSelector{ + FieldPath: "status.hostIP", + }, + }, + }, + }, + }, + }, + }, + }, + } + + for _, rt := range tests { + setHostIPOnPodSpec(rt.podSpec) + + if !reflect.DeepEqual(*rt.podSpec, rt.expected) { + t.Errorf("failed setHostIPOnPodSpec:\nexpected:\n%v\nsaw:\n%v", rt.expected, *rt.podSpec) + } + } +} + func TestSetSelfHostedVolumesForAPIServer(t *testing.T) { hostPathDirectoryOrCreate := v1.HostPathDirectoryOrCreate var tests = []struct { diff --git a/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go b/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go index 8a6ebff8df..9b1b3306b5 100644 --- a/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go +++ b/cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go @@ -134,7 +134,7 @@ spec: - --service-cluster-ip-range=10.96.0.0/12 - --tls-cert-file=/etc/kubernetes/pki/apiserver.crt - --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt - - --advertise-address=192.168.1.115 + - --advertise-address=$(HOST_IP) - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt - --insecure-port=0 - --experimental-bootstrap-token-auth=true @@ -148,6 +148,11 @@ spec: - --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key - --authorization-mode=Node,RBAC - --etcd-servers=http://127.0.0.1:2379 + env: + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP image: gcr.io/google_containers/kube-apiserver-amd64:v1.7.4 livenessProbe: failureThreshold: 8