diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
index c369324ff45625c439f7ee0c1f5293067eb2f1a5..45a9a0a1cdab0c589f14d294316198ab6a080217 100644
--- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
@@ -166,6 +166,7 @@ dns_mode: coredns
enable_nodelocaldns: true
nodelocaldns_ip: 169.254.25.10
nodelocaldns_health_port: 9254
+nodelocaldns_bind_metrics_host_ip: false
# nodelocaldns_external_zones:
# - zones:
# - example.com
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
index 6e6adf0125fcd849559a0c8d12b99ddf27f0ea35..18abf8ea33b693cf4d9f867b2621b9e5496b936d 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
@@ -17,7 +17,7 @@ data:
loop
bind {{ nodelocaldns_ip }}
forward . {{ block['nameservers'] | join(' ') }}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
log
{% if dns_etchosts | default(None) %}
hosts /etc/coredns/hosts {
@@ -39,7 +39,7 @@ data:
forward . {{ forwardTarget }} {
force_tcp
}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
health {{ nodelocaldns_ip }}:{{ nodelocaldns_health_port }}
{% if dns_etchosts | default(None) %}
hosts /etc/coredns/hosts {
@@ -56,7 +56,7 @@ data:
forward . {{ forwardTarget }} {
force_tcp
}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
}
ip6.arpa:53 {
errors
@@ -67,7 +67,7 @@ data:
forward . {{ forwardTarget }} {
force_tcp
}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
}
.:53 {
errors
@@ -76,7 +76,7 @@ data:
loop
bind {{ nodelocaldns_ip }}
forward . {{ upstreamForwardTarget }}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
{% if dns_etchosts | default(None) %}
hosts /etc/coredns/hosts {
fallthrough
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
index 4d725577e7edbe8554c3033041fef2369d75b9f4..7abd28ffab57cd5dbcbab496649d02d4d2dc2544 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
@@ -41,6 +41,13 @@ spec:
args: [ "-localip", "{{ nodelocaldns_ip }}", "-conf", "/etc/coredns/Corefile", "-upstreamsvc", "coredns" ]
securityContext:
privileged: true
+{% if nodelocaldns_bind_metrics_host_ip %}
+ env:
+ - name: MY_HOST_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.hostIP
+{% endif %}
ports:
- containerPort: 53
name: dns
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index b3c9760670d4d1cdcbd83b9695b3993f0eb3fa42..3238fcbd29526a56b410e598ba2f13d0df68f30f 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -89,6 +89,7 @@ dns_mode: coredns
enable_nodelocaldns: true
nodelocaldns_ip: 169.254.25.10
nodelocaldns_health_port: 9254
+nodelocaldns_bind_metrics_host_ip: false
# Should be set to a cluster IP if using a custom cluster DNS
manual_dns_server: ""