From 557fcd28d557d95b50877be803e9a1ea187297d5 Mon Sep 17 00:00:00 2001 From: Manuel Buil Date: Mon, 31 Oct 2022 09:05:04 +0100 Subject: [PATCH] Change the priority of address types depending on flannel-external-ip Signed-off-by: Manuel Buil --- .../metrics-server/metrics-server-deployment.yaml | 2 +- pkg/daemons/control/server.go | 6 +++++- pkg/deploy/zz_generated_bindata.go | 2 +- pkg/server/server.go | 11 +++++++++++ 4 files changed, 18 insertions(+), 3 deletions(-) diff --git a/manifests/metrics-server/metrics-server-deployment.yaml b/manifests/metrics-server/metrics-server-deployment.yaml index 1ec64c5057..c9b7421095 100644 --- a/manifests/metrics-server/metrics-server-deployment.yaml +++ b/manifests/metrics-server/metrics-server-deployment.yaml @@ -43,7 +43,7 @@ spec: args: - --cert-dir=/tmp - --secure-port=10250 - - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname + - --kubelet-preferred-address-types=%{PREFERRED_ADDRESS_TYPES}% - --kubelet-use-node-status-port - --metric-resolution=15s resources: diff --git a/pkg/daemons/control/server.go b/pkg/daemons/control/server.go index 1e7667651e..a68bb24a36 100644 --- a/pkg/daemons/control/server.go +++ b/pkg/daemons/control/server.go @@ -182,7 +182,11 @@ func apiServer(ctx context.Context, cfg *config.Control) error { argsMap["kubelet-certificate-authority"] = runtime.ServerCA argsMap["kubelet-client-certificate"] = runtime.ClientKubeAPICert argsMap["kubelet-client-key"] = runtime.ClientKubeAPIKey - argsMap["kubelet-preferred-address-types"] = "InternalIP,ExternalIP,Hostname" + if cfg.FlannelExternalIP { + argsMap["kubelet-preferred-address-types"] = "ExternalIP,InternalIP,Hostname" + } else { + argsMap["kubelet-preferred-address-types"] = "InternalIP,ExternalIP,Hostname" + } argsMap["requestheader-client-ca-file"] = runtime.RequestHeaderCA argsMap["requestheader-allowed-names"] = deps.RequestHeaderCN argsMap["proxy-client-cert-file"] = runtime.ClientAuthProxyCert diff --git a/pkg/deploy/zz_generated_bindata.go b/pkg/deploy/zz_generated_bindata.go index eefd7cf847..ebe0d5abbd 100644 --- a/pkg/deploy/zz_generated_bindata.go +++ b/pkg/deploy/zz_generated_bindata.go @@ -231,7 +231,7 @@ func metricsServerMetricsApiserviceYaml() (*asset, error) { return a, nil } -var _metricsServerMetricsServerDeploymentYaml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xb4\x55\x41\x6f\x1b\x39\x0f\xbd\xfb\x57\x10\xfe\xd0\xdb\xa7\xd8\xee\xa2\xdd\xc5\x00\x39\x04\x89\xdb\x06\x68\xb2\x46\xec\x2e\xd0\x53\xa1\x68\xe8\x58\x88\x24\x6a\x49\x8e\x9b\xd9\xa2\xff\x7d\x21\x4f\x3a\x9d\x49\x93\xa2\x8b\xdd\xce\x69\xc0\x47\x3e\x3e\x92\x12\x65\x8c\x99\xd8\xec\xff\x40\x16\x4f\xa9\x82\xfd\x62\x72\xeb\x53\x5d\xc1\x1a\x79\xef\x1d\x9e\x38\x47\x4d\xd2\x49\x44\xb5\xb5\x55\x5b\x4d\x00\x92\x8d\x58\x41\x44\x65\xef\xc4\x08\xf2\x1e\xf9\xde\x2c\xd9\x3a\xac\xe0\xb6\xb9\x46\x23\xad\x28\xc6\xc9\xc3\x0c\x36\x67\x99\xf5\x69\xce\x30\x07\x6a\x23\xfe\xab\x14\x00\xc1\x5e\x63\x90\x12\x09\x70\xfb\x9b\x18\x9b\xf3\x37\xe1\x92\xd1\x15\x0f\xc1\x80\x4e\x89\x3b\xef\x68\xd5\xed\xde\x0e\xc2\x9f\x26\x00\x50\x8c\x39\x58\xc5\xfb\xd0\x81\xe0\xf2\x3d\x21\xba\x7c\x61\x94\xe0\x7b\x29\x00\xbe\xe8\x2c\x5f\x66\x4f\xec\xb5\x3d\x0d\x56\xe4\xf2\xc0\x3f\xed\x8a\x36\x89\x6a\x34\x8e\xbd\x7a\x67\xc3\xf4\xde\x5f\x46\x53\xbb\x7c\x5a\x90\x52\x40\xb6\xea\x29\x0d\x54\x19\xb8\xc5\xb6\x82\xe9\xe9\x3d\xeb\x49\x5d\x53\x92\xdf\x53\x68\xa7\xbd\x0f\x00\xe5\x12\x49\x5c\xc1\x74\x79\xe7\x45\x65\xfa\x0d\xc1\x41\x1b\x53\xc0\xa3\x32\x26\x4e\xa8\x28\x47\x9e\x66\x8e\x92\x32\x05\x93\x83\x4d\xf8\x83\x9c\x00\xb8\xdd\xa2\xd3\x0a\xa6\x97\xb4\x76\x3b\xac\x9b\x80\x3f\x9e\x32\x5a\x51\xe4\xff\x22\xd7\x9e\x42\x13\xb1\x6f\xd7\xff\x20\x96\x1e\x83\x4f\xa0\x31\x83\x10\x7c\x44\x70\x36\x81\xd8\x2d\x86\x16\x1a\x41\xd8\x32\x45\x23\x8e\xcb\x19\x03\x1f\xed\x0d\x0a\xd8\x54\xcf\x88\x81\xd1\xd6\x86\x52\x68\xa1\x34\xc5\xfa\x84\x2c\x93\x2f\x25\x75\x27\x49\x63\x36\xb5\xe7\x5e\x1d\xc6\xac\xed\x99\xe7\x0a\x3e\x7d\xbe\x37\x7e\x8d\xad\x1e\x04\x3f\x3a\x75\xe8\x44\x54\xf0\xec\xd3\xfa\xfd\x7a\xb3\xbc\xf8\x70\xb6\x7c\x75\xf2\xee\xed\xe6\xc3\xd5\xf2\xf5\xf9\x7a\x73\xf5\xfe\xf3\x33\xb6\xc9\xed\x90\x67\xd1\x33\x13\x63\x6d\xc6\x4c\xd5\x7e\x7e\xf4\xf2\x68\xd1\x13\x5a\xbe\x19\x9d\x20\x63\x1c\xb2\x16\xdd\xc7\x33\x8d\x79\x84\x08\xba\x86\xd1\x64\x62\x3d\x5e\xcc\x9f\xbf\x98\x8f\xd0\x32\xb7\x80\x6a\x32\xe3\x16\xb9\x64\xb6\x75\xcd\x28\x62\xb4\xcd\x28\xc7\xe7\x49\x91\x93\x0d\xe7\xab\xff\x2f\xef\xfa\xdf\x37\x24\x5a\x2a\x7e\x94\xaa\x11\xec\xee\x89\xa8\xd5\x46\x0e\x99\x47\x8e\x5d\x6d\x86\x51\x28\x34\xe5\x36\x1c\x2f\x5e\x48\xef\x51\xcc\x0d\x3b\x1c\x14\x58\x8c\x7f\x36\x28\x3a\xb2\x01\xb8\xdc\x54\xb0\x98\xcf\xe3\xc8\x1a\x31\x12\xb7\x15\xfc\x3a\xbf\xf0\x3d\x50\x44\x8c\x5a\xd6\x0d\x6c\xa7\x9a\x65\x10\xdd\x8f\x76\x45\xac\x85\x7b\xd8\xaf\xb2\x19\x48\xc9\x51\xa8\x60\x73\xba\x1a\x28\xb6\xb5\x4f\x28\xb2\x62\xba\xc6\xa1\xc4\x42\xff\x1a\x75\xac\x3a\x5b\xdd\x55\x30\x2b\x51\xed\x5f\x63\xe4\x90\xf4\xa1\x26\x00\x71\x3b\x2c\x6a\xdf\x6c\x36\xab\xf5\x00\xf1\xc9\xab\xb7\xe1\x0c\x83\x6d\xd7\xe8\x28\xd5\x52\xc1\x48\x2f\xb2\xa7\xba\x87\x9e\x0f\x20\xf5\x11\xa9\xd1\x1e\x5b\x0c\x30\x69\x9c\x43\x91\xcd\x8e\x51\x76\x14\xea\x31\xba\xb5\x3e\x34\x8c\x03\xf4\x97\x1e\x0d\x7e\x8f\xff\xb8\x13\x25\xe8\x27\x34\xe2\xe5\x77\x3a\xb1\x98\xff\xf4\x56\x1c\xee\x5d\x79\x45\x28\x29\xde\xe9\xf8\x34\xdb\xba\x2c\xf8\x2b\x22\x7d\xe5\x03\x76\x8f\x4b\x05\xca\x0d\x0e\xdd\x9a\x74\x22\x97\x94\x8a\xdb\xe3\xe0\x3b\x41\x3e\xdc\x80\x61\x39\x36\x04\xfa\xb8\x62\xbf\xf7\x01\x6f\x70\x29\xce\x86\xc3\x9b\x53\xc1\xd6\x06\xf9\xca\xd1\xad\xd6\x8b\xb2\x4f\x1f\xb9\x19\x0f\xf7\x20\x74\x9b\x77\xd5\x8d\xac\x2c\x99\xbf\x03\x00\x00\xff\xff\x74\x6c\x64\x11\xc6\x08\x00\x00") +var _metricsServerMetricsServerDeploymentYaml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xb4\x55\x4d\x6f\x1b\x47\x0c\xbd\xeb\x57\x10\x2a\x7c\x1c\x4b\x4a\x91\xb4\x58\xc0\x07\x23\x5a\xa7\x05\x62\x57\xd0\x2a\x05\x7c\x32\xc6\xb3\x94\x35\xf0\x7c\x95\xe4\x2a\xd9\x1a\xfe\xef\xc5\x68\x95\xcd\xae\x63\x07\x29\xda\xcc\x91\x8f\x7c\x7c\x43\x0e\x39\x4a\xa9\x89\x4e\xf6\x4f\x24\xb6\x31\x14\xb0\x5f\x4c\xee\x6d\xa8\x0b\xa8\x90\xf6\xd6\xe0\xb9\x31\xb1\x09\x32\xf1\x28\xba\xd6\xa2\x8b\x09\x40\xd0\x1e\x0b\xf0\x28\x64\x0d\x2b\x46\xda\x23\x1d\xcd\x9c\xb4\xc1\x02\xee\x9b\x5b\x54\xdc\xb2\xa0\x9f\x3c\xcd\xa0\x53\xe2\x59\x9f\x66\x89\xc9\xc5\xd6\xe3\x7f\x4a\x01\xe0\xf4\x2d\x3a\xce\x91\x00\xf7\xbf\xb2\xd2\x29\x7d\x15\xce\x09\x4d\xf6\x60\x74\x68\x24\x52\xe7\xed\xb5\x98\xdd\xfb\x41\xf8\xcb\x04\x00\x82\x3e\x39\x2d\x78\x0c\x1d\x08\xce\xe7\x05\xd1\xf9\xb8\x51\x82\x6f\xa5\x00\xf8\xac\x33\x9f\x44\x36\x92\x95\xf6\xad\xd3\xcc\x57\x07\xfe\x69\x77\x69\x15\x62\x8d\xca\x90\x15\x6b\xb4\x9b\x1e\xfd\x79\xd4\xb5\xab\x97\x05\x49\x74\x48\x5a\x6c\x0c\x03\x55\x0a\xee\xb1\x2d\x60\xfa\xf6\xc8\x7a\x5e\xd7\x31\xf0\x1f\xc1\xb5\xd3\xde\x07\x20\xa6\x1c\x19\xa9\x80\x69\xf9\xc9\xb2\xf0\xf4\x2b\x82\x83\x36\x8a\x0e\x4f\x73\x9b\x28\xa0\x20\x9f\xda\x38\x33\x31\x08\x45\xa7\x92\xd3\x01\xbf\x93\x13\x00\xb7\x5b\x34\x52\xc0\xf4\x2a\x56\x66\x87\x75\xe3\xf0\xfb\x53\x7a\xcd\x82\xf4\x7f\xe4\xda\x47\xd7\x78\xec\xcb\xf5\x13\xf8\x5c\x63\xb0\x01\xc4\x27\xe0\x08\x1f\x11\x8c\x0e\xc0\x7a\x8b\xae\x85\x86\x11\xb6\x14\xbd\x62\x43\xf9\x8d\x81\xf5\xfa\x0e\x19\x74\xa8\x67\x91\x80\x50\xd7\x2a\x06\xd7\x42\x2e\x8a\xb6\x01\x89\x27\x9f\xaf\xd4\xbd\x24\xf1\x49\xd5\x96\x7a\x75\xe8\x93\xb4\x4b\x4b\x05\x3c\x3c\x1e\x8d\x5f\x62\x8b\x27\xc1\xcf\x76\x1d\x3a\x11\x05\x9c\x3c\x54\xd7\xd5\xa6\xbc\xbc\x59\x96\x17\xe7\x1f\xde\x6f\x6e\xd6\xe5\xbb\xdf\xab\xcd\xfa\xfa\xf1\x84\x74\x30\x3b\xa4\x99\xb7\x44\x91\xb0\x56\x63\xa6\x62\x3f\x3f\x7d\x73\xba\xe8\x09\x35\xdd\x8d\x5e\x90\x52\x06\x49\xb2\xee\xb3\x99\xf8\x34\x42\x18\x4d\x43\xa8\x52\x24\x39\x5b\xcc\x5f\xbd\x9e\x8f\xd0\xdc\x37\x87\xa2\x12\xe1\x16\x29\x67\xd6\x75\x4d\xc8\xac\xa4\x4d\xc8\x67\x27\x0f\xab\x75\x79\x51\xae\xd7\xe5\xf2\xe6\x7c\xb9\x5c\x97\x55\x75\xb3\xb9\x5e\x95\xd5\xe3\xc9\xb3\x3c\x0d\x63\x37\x24\x2c\x5a\x1a\x3e\xa4\x1d\x39\x76\x17\x53\x84\x1c\x5d\x93\x47\xe1\x6c\xf1\x9a\x7b\x8f\x6c\x6e\xc8\xe0\xe0\x76\xd9\xf8\x57\x83\x2c\x23\x1b\x80\x49\x4d\x01\x8b\xf9\xdc\x8f\xac\x1e\x7d\xa4\xb6\x80\x5f\xe6\x97\xb6\x07\xb2\x88\x51\xbd\xba\x6e\xed\x44\x12\x0f\xa2\xfb\xbe\xae\x22\x49\xe6\x1e\x16\x2b\xaf\x85\x28\xd1\x44\x57\xc0\xe6\xed\x6a\xa0\x58\xd7\x36\x20\xf3\x8a\xe2\x2d\x0e\x25\x66\xfa\x77\x28\x63\xd5\x49\xcb\xae\x80\x59\x8e\x6a\xff\x1e\x23\x87\xa4\x4f\x35\x01\xb0\xd9\x61\x56\xfb\xdb\x66\xb3\xaa\x06\x88\x0d\x56\xac\x76\x4b\x74\xba\xad\xd0\xc4\x50\x73\x01\x23\xbd\x48\x36\xd6\x3d\xf4\x6a\x00\x89\xf5\x18\x1b\xe9\xb1\xc5\x00\xe3\xc6\x18\x64\xde\xec\x08\x79\x17\x5d\x3d\x46\xb7\xda\xba\x86\x70\x80\xfe\xdc\xa3\xce\xee\xf1\x5f\x57\x22\x07\xfd\x80\x42\xbc\xf9\x46\x25\x16\xf3\x1f\x5e\x8a\xc3\xd0\xe5\x2f\x24\x06\xc1\x4f\x32\x7e\xcd\xba\xce\xdb\x7d\x1d\xa3\x5c\x58\x87\xdd\xcf\x52\x80\x50\x83\x43\xb7\x26\x9c\xf3\x55\x0c\xd9\xed\x79\xf0\x03\x23\x1d\x26\x60\x78\x1d\xed\x5c\xfc\xb8\x22\xbb\xb7\x0e\xef\xb0\x64\xa3\xdd\xe1\xc3\x29\x60\xab\x1d\x7f\xe1\xe8\xf6\xea\x65\x5e\xa6\xcf\x4c\xc6\xd3\x25\x08\xdd\xda\x5d\x75\x2d\xcb\x1b\xe6\x9f\x00\x00\x00\xff\xff\x23\x10\x3e\xbf\xc3\x08\x00\x00") func metricsServerMetricsServerDeploymentYamlBytes() ([]byte, error) { return bindataRead( diff --git a/pkg/server/server.go b/pkg/server/server.go index d15e88906b..a9ea872ca9 100644 --- a/pkg/server/server.go +++ b/pkg/server/server.go @@ -241,6 +241,7 @@ func stageFiles(ctx context.Context, sc *Context, controlConfig *config.Control) "%{DEFAULT_LOCAL_STORAGE_PATH}%": controlConfig.DefaultLocalStoragePath, "%{SYSTEM_DEFAULT_REGISTRY}%": registryTemplate(controlConfig.SystemDefaultRegistry), "%{SYSTEM_DEFAULT_REGISTRY_RAW}%": controlConfig.SystemDefaultRegistry, + "%{PREFERRED_ADDRESS_TYPES}%": addrTypesPrioTemplate(controlConfig.FlannelExternalIP), } skip := controlConfig.Skips @@ -270,6 +271,16 @@ func registryTemplate(registry string) string { return registry + "/" } +// addressTypesTemplate prioritizes ExternalIP addresses if we are in the multi-cloud env where +// cluster traffic flows over the external IPs only +func addrTypesPrioTemplate(flannelExternal bool) string { + if flannelExternal { + return "ExternalIP,InternalIP,Hostname" + } + + return "InternalIP,ExternalIP,Hostname" +} + // isHelmChartTraefikV1 checks for an existing HelmChart resource with spec.chart containing traefik-1, // as deployed by the legacy chart (https://%{KUBERNETES_API}%/static/charts/traefik-1.81.0.tgz) func isHelmChartTraefikV1(sc *Context) bool {