From 75b13caf0bbf6e930c9c8003975470268211fe2e Mon Sep 17 00:00:00 2001
From: Matthew Mosesohn <mmosesohn@mirantis.com>
Date: Sat, 9 Sep 2017 23:41:48 +0300
Subject: [PATCH] Fix kube-apiserver status checks when changing insecure bind
 addr (#1633)

---
 roles/kubernetes-apps/ansible/tasks/main.yml    | 2 +-
 roles/kubernetes/master/handlers/main.yml       | 2 +-
 roles/kubernetes/preinstall/tasks/set_facts.yml | 4 ++++
 roles/kubespray-defaults/defaults/main.yaml     | 1 +
 4 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/roles/kubernetes-apps/ansible/tasks/main.yml b/roles/kubernetes-apps/ansible/tasks/main.yml
index 9bea815e7..c2ffd7507 100644
--- a/roles/kubernetes-apps/ansible/tasks/main.yml
+++ b/roles/kubernetes-apps/ansible/tasks/main.yml
@@ -1,7 +1,7 @@
 ---
 - name: Kubernetes Apps | Wait for kube-apiserver
   uri:
-    url: http://localhost:{{ kube_apiserver_insecure_port }}/healthz
+    url: "{{ kube_apiserver_insecure_endpoint }}/healthz"
   register: result
   until: result.status == 200
   retries: 10
diff --git a/roles/kubernetes/master/handlers/main.yml b/roles/kubernetes/master/handlers/main.yml
index e408ce04e..d6034aeb2 100644
--- a/roles/kubernetes/master/handlers/main.yml
+++ b/roles/kubernetes/master/handlers/main.yml
@@ -39,7 +39,7 @@
 
 - name: Master | wait for the apiserver to be running
   uri:
-    url: http://localhost:{{ kube_apiserver_insecure_port }}/healthz
+    url: "{{ kube_apiserver_insecure_endpoint }}/healthz"
   register: result
   until: result.status == 200
   retries: 20
diff --git a/roles/kubernetes/preinstall/tasks/set_facts.yml b/roles/kubernetes/preinstall/tasks/set_facts.yml
index 056f9edcf..96ec25499 100644
--- a/roles/kubernetes/preinstall/tasks/set_facts.yml
+++ b/roles/kubernetes/preinstall/tasks/set_facts.yml
@@ -32,6 +32,10 @@
       {%-  endif -%}
       {%- endif %}
 
+- set_fact:
+    kube_apiserver_insecure_endpoint: >-
+      http://{{ kube_apiserver_insecure_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_insecure_port }}
+
 - set_fact:
     etcd_address: "{{ ip | default(ansible_default_ipv4['address']) }}"
 
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index 84fc0ee74..e6015560a 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -92,6 +92,7 @@ kube_apiserver_ip: "{{ kube_service_addresses|ipaddr('net')|ipaddr(1)|ipaddr('ad
 # https
 kube_apiserver_port: 6443
 # http
+kube_apiserver_insecure_bind_address: 127.0.0.1
 kube_apiserver_insecure_port: 8080
 
 # Path used to store Docker data
-- 
GitLab