Fix kube_hostname_override inconsistencies (#4185)

inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml

@@ -111,6 +111,13 @@ kube_proxy_nodeport_addresses: >-
   []
   {%- endif -%}
 
+# If non-empty, will use this string as identification instead of the actual hostname
+#kube_override_hostname: >-
+#  {%- if cloud_provider is defined and cloud_provider in [ 'aws' ] -%}
+#  {%- else -%}
+#  {{ inventory_hostname }}
+#  {%- endif -%}
+
 ## Encrypting Secret Data at Rest (experimental)
 kube_encrypt_secret_data: false
 

roles/kubernetes/kubeadm/defaults/main.yml

@@ -1,3 +1,10 @@
 ---
 # discovery_timeout modifies the discovery timeout
 discovery_timeout: 5m0s
+
+# If non-empty, will use this string as identification instead of the actual hostname
+kube_override_hostname: >-
+  {%- if cloud_provider is defined and cloud_provider in [ 'aws' ] -%}
+  {%- else -%}
+  {{ inventory_hostname }}
+  {%- endif -%}

roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha2.j2

@@ -15,7 +15,7 @@ discoveryTokenAPIServers:
 {% endif %}
 discoveryTokenUnsafeSkipCAVerification: true
 nodeRegistration:
-  name: {{ inventory_hostname  }}
+  name: {{ kube_override_hostname }}
 {% if container_manager == 'crio' %}
   criSocket: /var/run/crio/crio.sock
 {% elif container_manager == 'rkt' %}

roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1alpha3.j2

@@ -15,7 +15,7 @@ discoveryTokenAPIServers:
 {% endif %}
 discoveryTokenUnsafeSkipCAVerification: true
 nodeRegistration:
-  name: {{ inventory_hostname  }}
+  name: {{ kube_override_hostname }}
 {% if container_manager == 'crio' %}
   criSocket: /var/run/crio/crio.sock
 {% elif container_manager == 'rkt' %}

roles/kubernetes/kubeadm/templates/kubeadm-client.conf.v1beta1.j2

@@ -13,7 +13,7 @@ discovery:
   tlsBootstrapToken: {{ kubeadm_token }}
 caCertPath: {{ kube_cert_dir }}/ca.crt
 nodeRegistration:
-  name: {{ inventory_hostname  }}
+  name: {{ kube_override_hostname }}
 {% if container_manager == 'crio' %}
   criSocket: /var/run/crio/crio.sock
 {% elif container_manager == 'rkt' %}

roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2

@@ -254,6 +254,7 @@ conntrack:
  tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
 enableProfiling: {{ kube_proxy_enable_profiling }}
 healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
+hostnameOverride: {{ kube_override_hostname }}
 iptables:
  masqueradeAll: {{ kube_proxy_masquerade_all }}
  masqueradeBit: {{ kube_proxy_masquerade_bit }}

roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2

@@ -259,6 +259,7 @@ conntrack:
  tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
 enableProfiling: {{ kube_proxy_enable_profiling }}
 healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
+hostnameOverride: {{ kube_override_hostname }}
 iptables:
  masqueradeAll: {{ kube_proxy_masquerade_all }}
  masqueradeBit: {{ kube_proxy_masquerade_bit }}

roles/kubespray-defaults/defaults/main.yaml

@@ -157,6 +157,13 @@ kube_apiserver_port: 6443
 kube_apiserver_insecure_bind_address: 127.0.0.1
 kube_apiserver_insecure_port: 0
 
+# If non-empty, will use this string as identification instead of the actual hostname
+kube_override_hostname: >-
+  {%- if cloud_provider is defined and cloud_provider in [ 'aws' ] -%}
+  {%- else -%}
+  {{ inventory_hostname }}
+  {%- endif -%}
+
 # dynamic kubelet configuration
 dynamic_kubelet_configuration: false
 

roles/win_nodes/kubernetes_patch/files/hostnameOverride-patch.json

@@ -1,22 +0,0 @@
-[
-    {
-        "op": "add",
-        "path": "/spec/template/spec/containers/0/env",
-        "value": [
-            {
-                "name": "NODE_NAME",
-                "valueFrom": {
-                    "fieldRef": {
-                        "apiVersion": "v1",
-                        "fieldPath": "spec.nodeName"
-                    }
-                }
-            }
-        ]
-    },
-    {
-        "op": "add",
-        "path": "/spec/template/spec/containers/0/command/-",
-        "value": "--hostname-override=${NODE_NAME}"
-    }
-]

roles/win_nodes/kubernetes_patch/tasks/main.yml

@@ -7,33 +7,6 @@
     recurse: yes
   tags: [init, cni]
 
-- name: Apply kube-proxy hostnameOverride
-  block:
-    - name: Copy kube-proxy daemonset hostnameOverride patch
-      copy:
-        src: hostnameOverride-patch.json
-        dest: "{{ kubernetes_user_manifests_path }}/hostnameOverride-patch.json"
-
-    - name: Check current command for kube-proxy daemonset
-      shell: "{{bin_dir}}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf get ds kube-proxy --namespace=kube-system -o jsonpath='{.spec.template.spec.containers[0].command}'"
-      register: current_kube_proxy_command
-
-    - name: Apply hostnameOverride patch for kube-proxy daemonset
-      shell: "{{bin_dir}}/kubectl --kubeconfig {{ kube_config_dir }}/admin.conf patch ds kube-proxy --namespace=kube-system --type=json -p \"$(cat hostnameOverride-patch.json)\""
-      args:
-        chdir: "{{ kubernetes_user_manifests_path }}"
-      register: patch_kube_proxy_command
-      when: not current_kube_proxy_command.stdout is search("--hostname-override=${NODE_NAME}")
-
-    - debug: msg={{ patch_kube_proxy_command.stdout_lines }}
-      when: patch_kube_proxy_command is not skipped
-
-    - debug: msg={{ patch_kube_proxy_command.stderr_lines }}
-      when: patch_kube_proxy_command is not skipped
-  tags: init
-  when:
-    - not kube_proxy_remove
-
 - name: Apply kube-proxy nodeselector
   block:
     - name: Copy kube-proxy daemonset nodeselector patch