From 4d5b41b8db298d7acfba19f0000c9b77645cfc06 Mon Sep 17 00:00:00 2001
From: Andreas Holmsten <andreas.holmsten@gmail.com>
Date: Tue, 8 Jan 2019 05:41:54 +0100
Subject: [PATCH] Allow override of bind addr for controller-manager and
 scheduler (#3968)

* allows to override the bind addresses for controller-manager and scheduler

Useful for Prometheus metrics monitoring

* Add bind addr override support in kubeadm/v1beta1

Adds support for override of bind addresses for controller-manager
and scheduler in kubeadm/v1beta1

* Move location of bind address vars

* Remove double declaration of schedulerExtraArgs
---
 roles/kubernetes/master/defaults/main/main.yml               | 5 +++++
 .../master/templates/kubeadm-config.v1alpha3.yaml.j2         | 2 ++
 .../master/templates/kubeadm-config.v1beta1.yaml.j2          | 2 ++
 3 files changed, 9 insertions(+)

diff --git a/roles/kubernetes/master/defaults/main/main.yml b/roles/kubernetes/master/defaults/main/main.yml
index ab1106918..7ac75af85 100644
--- a/roles/kubernetes/master/defaults/main/main.yml
+++ b/roles/kubernetes/master/defaults/main/main.yml
@@ -23,6 +23,11 @@ kube_apiserver_storage_backend: etcd3
 # By default, force back to etcd2. Set to true to force etcd3 (experimental!)
 force_etcd3: false
 
+# Associated interfaces must be reachable by the rest of the cluster, and by
+# CLI/web clients.
+kube_controller_manager_bind_address: 0.0.0.0
+kube_scheduler_bind_address: 0.0.0.0
+
 # audit support
 kubernetes_audit: false
 # path to audit log file
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2
index 55861c511..2d5fb6978 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2
@@ -129,6 +129,7 @@ controllerManagerExtraArgs:
   node-monitor-period: {{ kube_controller_node_monitor_period }}
   pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }}
   node-cidr-mask-size: "{{ kube_network_node_prefix }}"
+  address: {{ kube_controller_manager_bind_address }}
 {% if kube_feature_gates %}
   feature-gates: {{ kube_feature_gates|join(',') }}
 {% endif %}
@@ -142,6 +143,7 @@ controllerManagerExtraArgs:
   cloud-config: {{ kube_config_dir }}/cloud_config
 {% endif %}
 schedulerExtraArgs:
+  address: {{ kube_scheduler_bind_address }}
 {% if kube_feature_gates %}
   feature-gates: {{ kube_feature_gates|join(',') }}
 {% endif %}
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
index ab8a5f791..3159e15d9 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
@@ -172,6 +172,7 @@ controllerManager:
     node-monitor-period: {{ kube_controller_node_monitor_period }}
     pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }}
     node-cidr-mask-size: "{{ kube_network_node_prefix }}"
+    address: {{ kube_controller_manager_bind_address }}
 {% if kube_feature_gates %}
     feature-gates: {{ kube_feature_gates|join(',') }}
 {% endif %}
@@ -205,6 +206,7 @@ controllerManager:
 {% endif %}
 scheduler:
   extraArgs:
+    address: {{ kube_controller_manager_bind_address }}
 {% if kube_feature_gates %}
     feature-gates: {{ kube_feature_gates|join(',') }}
 {% endif %}
-- 
GitLab