From bd6d810d0a963055c56ad0275b4ba778d92b124b Mon Sep 17 00:00:00 2001
From: Cristian Calin <6627509+cristicalin@users.noreply.github.com>
Date: Tue, 29 Jun 2021 15:28:41 +0300
Subject: [PATCH] nodelocaldns: allow binding metrics address to host IP
(#7748)
---
.../sample/group_vars/k8s_cluster/k8s-cluster.yml | 1 +
.../ansible/templates/nodelocaldns-config.yml.j2 | 10 +++++-----
.../ansible/templates/nodelocaldns-daemonset.yml.j2 | 7 +++++++
roles/kubespray-defaults/defaults/main.yaml | 1 +
4 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
index c369324ff..45a9a0a1c 100644
--- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
@@ -166,6 +166,7 @@ dns_mode: coredns
enable_nodelocaldns: true
nodelocaldns_ip: 169.254.25.10
nodelocaldns_health_port: 9254
+nodelocaldns_bind_metrics_host_ip: false
# nodelocaldns_external_zones:
# - zones:
# - example.com
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
index 6e6adf012..18abf8ea3 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
@@ -17,7 +17,7 @@ data:
loop
bind {{ nodelocaldns_ip }}
forward . {{ block['nameservers'] | join(' ') }}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
log
{% if dns_etchosts | default(None) %}
hosts /etc/coredns/hosts {
@@ -39,7 +39,7 @@ data:
forward . {{ forwardTarget }} {
force_tcp
}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
health {{ nodelocaldns_ip }}:{{ nodelocaldns_health_port }}
{% if dns_etchosts | default(None) %}
hosts /etc/coredns/hosts {
@@ -56,7 +56,7 @@ data:
forward . {{ forwardTarget }} {
force_tcp
}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
}
ip6.arpa:53 {
errors
@@ -67,7 +67,7 @@ data:
forward . {{ forwardTarget }} {
force_tcp
}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
}
.:53 {
errors
@@ -76,7 +76,7 @@ data:
loop
bind {{ nodelocaldns_ip }}
forward . {{ upstreamForwardTarget }}
- prometheus :9253
+ prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
{% if dns_etchosts | default(None) %}
hosts /etc/coredns/hosts {
fallthrough
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
index 4d725577e..7abd28ffa 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
@@ -41,6 +41,13 @@ spec:
args: [ "-localip", "{{ nodelocaldns_ip }}", "-conf", "/etc/coredns/Corefile", "-upstreamsvc", "coredns" ]
securityContext:
privileged: true
+{% if nodelocaldns_bind_metrics_host_ip %}
+ env:
+ - name: MY_HOST_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.hostIP
+{% endif %}
ports:
- containerPort: 53
name: dns
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index b3c976067..3238fcbd2 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -89,6 +89,7 @@ dns_mode: coredns
enable_nodelocaldns: true
nodelocaldns_ip: 169.254.25.10
nodelocaldns_health_port: 9254
+nodelocaldns_bind_metrics_host_ip: false
# Should be set to a cluster IP if using a custom cluster DNS
manual_dns_server: ""
--
GitLab