[external-lb]: kubelet.conf server address and kube-proxy api-server …

…address fix (kubernetes-sigs#10490) * [external-lb-kubeconfig]: fix server address in worker kubelet.conf Signed-off-by: Ugur Ozturk <[email protected]> * [external-lb-kubeconfig]: fix server address in kube-proxy Signed-off-by: Furkan Pehlivan <[email protected]> --------- Signed-off-by: Ugur Ozturk <[email protected]> Signed-off-by: Furkan Pehlivan <[email protected]> Co-authored-by: Furkan Pehlivan <[email protected]>
pedro-peter · May 8, 2024 · dcd1608 · dcd1608
1 parent 1739170
commit dcd1608
Showing 1 changed file with 29 additions and 2 deletions.
diff --git a/roles/kubernetes/kubeadm/tasks/main.yml b/roles/kubernetes/kubeadm/tasks/main.yml
@@ -129,6 +129,17 @@
     - kubeadm_discovery_address != kube_apiserver_endpoint | replace("https://", "")
   notify: Kubeadm | restart kubelet
 
+- name: Update server field in kubelet kubeconfig - external lb
+  lineinfile:
+    dest: "{{ kube_config_dir }}/kubelet.conf"
+    regexp: '^    server: https'
+    line: '    server: {{ kube_apiserver_endpoint }}'
+    backup: yes
+  when:
+    - not is_kube_master
+    - loadbalancer_apiserver is defined
+  notify: Kubeadm | restart kubelet
+
 # FIXME(mattymo): Need to point to localhost, otherwise masters will all point
 #                 incorrectly to first master, creating SPoF.
 - name: Update server field in kube-proxy kubeconfig
@@ -149,6 +160,22 @@
   tags:
     - kube-proxy
 
+- name: Update server field in kube-proxy kubeconfig - external lb
+  shell: >-
+    set -o pipefail && {{ kubectl }} get configmap kube-proxy -n kube-system -o yaml
+    | sed 's#server:.*#server: {{kube_apiserver_endpoint}}#g'
+    | {{ kubectl }} replace -f -
+  args:
+    executable: /bin/bash
+  run_once: true
+  delegate_to: "{{ groups['kube_control_plane'] | first }}"
+  delegate_facts: false
+  when:
+    - kube_proxy_deployed
+    - loadbalancer_apiserver is defined
+  tags:
+    - kube-proxy
+
 - name: Set ca.crt file permission
   file:
     path: "{{ kube_cert_dir }}/ca.crt"
@@ -162,8 +189,8 @@
   delegate_to: "{{ groups['kube_control_plane'] | first }}"
   delegate_facts: false
   when:
-    - kubeadm_config_api_fqdn is not defined
-    - kubeadm_discovery_address != kube_apiserver_endpoint | replace("https://", "")
+    - kubeadm_config_api_fqdn is not defined or loadbalancer_apiserver is defined
+    - kubeadm_discovery_address != kube_apiserver_endpoint | replace("https://", "") or loadbalancer_apiserver is defined
     - kube_proxy_deployed
   tags:
     - kube-proxy