From a67a50f9c04a40b1982d8f1bcde5ae1401a45b86 Mon Sep 17 00:00:00 2001
From: champtar <champetier.etienne@gmail.com>
Date: Tue, 9 Jul 2019 00:52:01 -0700
Subject: [PATCH] nodelocaldns: allow to set health port, switch to 9254 by
 default (#4902)

8080 is a pretty common port, using nodelocaldns_ip:8080 still
prevents node processes or hostNetwork=true processes to bind to *:8080
so switch to 9254 by default (prometheus port is 9253)

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
---
 inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml       | 1 +
 .../ansible/templates/nodelocaldns-config.yml.j2              | 2 +-
 .../ansible/templates/nodelocaldns-daemonset.yml.j2           | 4 ++--
 roles/kubespray-defaults/defaults/main.yaml                   | 1 +
 4 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
index 46ab62966..92605b32d 100644
--- a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml
@@ -134,6 +134,7 @@ dns_mode: coredns
 # Enable nodelocal dns cache
 enable_nodelocaldns: true
 nodelocaldns_ip: 169.254.25.10
+nodelocaldns_health_port: 9254
 
 # Can be docker_dns, host_resolvconf or none
 resolvconf_mode: docker_dns
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
index f3a5e3142..e56cc534a 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
@@ -21,7 +21,7 @@ data:
             force_tcp
         }
         prometheus :9253
-        health {{ nodelocaldns_ip }}:8080
+        health {{ nodelocaldns_ip }}:{{ nodelocaldns_health_port }}
     }
     in-addr.arpa:53 {
         errors
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
index 96e404edc..61c8a5476 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
@@ -58,7 +58,7 @@ spec:
           httpGet:
             host: {{ nodelocaldns_ip }}
             path: /health
-            port: 8080
+            port: {{ nodelocaldns_health_port }}
             scheme: HTTP
           timeoutSeconds: 5
           successThreshold: 1
@@ -67,7 +67,7 @@ spec:
           httpGet:
             host: {{ nodelocaldns_ip }}
             path: /health
-            port: 8080
+            port: {{ nodelocaldns_health_port }}
             scheme: HTTP
           timeoutSeconds: 5
           successThreshold: 1
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index 3f135c4de..13cdce8bf 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -68,6 +68,7 @@ dns_mode: coredns
 # Enable nodelocal dns cache
 enable_nodelocaldns: true
 nodelocaldns_ip: 169.254.25.10
+nodelocaldns_health_port: 9254
 
 # Should be set to a cluster IP if using a custom cluster DNS
 manual_dns_server: ""
-- 
GitLab