From 244d73bbad01b29fd574e36b048b3ca27af0b344 Mon Sep 17 00:00:00 2001
From: Alexandre Allard <alexandre.allard@scality.com>
Date: Fri, 10 Jan 2020 10:34:56 +0100
Subject: [PATCH] salt: use all etcd servers as apiserver backends

Define all clients URLs as etcd servers for API
server backend, this way, if the local etcd is
down, the API server is still able to answer.

Refs: #2080
---
 salt/metalk8s/kubernetes/apiserver/installed.sls | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/salt/metalk8s/kubernetes/apiserver/installed.sls b/salt/metalk8s/kubernetes/apiserver/installed.sls
index 1c3f790cd6..0cdcd1fa21 100644
--- a/salt/metalk8s/kubernetes/apiserver/installed.sls
+++ b/salt/metalk8s/kubernetes/apiserver/installed.sls
@@ -13,6 +13,16 @@ include:
   - .certs
 
 {%- set host = grains['metalk8s']['control_plane_ip'] %}
+{%- set etcd_servers = [] %}
+{%- if 'etcd' in pillar.metalk8s.nodes[grains.id].roles %}
+{%-   do etcd_servers.append("https://" ~ host ~ ":2379") %}
+{%- endif %}
+
+{%- for member in pillar.metalk8s.etcd.members | default([]) %}
+{%-   do etcd_servers.extend(member['client_urls']) %}
+{%- endfor %}
+
+{%- set etcd_servers = etcd_servers | unique %}
 
 Create kube-apiserver Pod manifest:
   metalk8s.static_pod_managed:
@@ -52,7 +62,7 @@ Create kube-apiserver Pod manifest:
           - --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt
           - --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt
           - --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key
-          - --etcd-servers=https://{{ grains.metalk8s.control_plane_ip }}:2379
+          - --etcd-servers={{ etcd_servers | join(",") }}
           - --insecure-port=0
           - --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
           - --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key