From a67a50f9c04a40b1982d8f1bcde5ae1401a45b86 Mon Sep 17 00:00:00 2001 From: champtar Date: Tue, 9 Jul 2019 00:52:01 -0700 Subject: [PATCH] nodelocaldns: allow to set health port, switch to 9254 by default (#4902) 8080 is a pretty common port, using nodelocaldns_ip:8080 still prevents node processes or hostNetwork=true processes to bind to *:8080 so switch to 9254 by default (prometheus port is 9253) Signed-off-by: Etienne Champetier --- inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml | 1 + .../ansible/templates/nodelocaldns-config.yml.j2 | 2 +- .../ansible/templates/nodelocaldns-daemonset.yml.j2 | 4 ++-- roles/kubespray-defaults/defaults/main.yaml | 1 + 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml index 46ab62966..92605b32d 100644 --- a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml +++ b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml @@ -134,6 +134,7 @@ dns_mode: coredns # Enable nodelocal dns cache enable_nodelocaldns: true nodelocaldns_ip: 169.254.25.10 +nodelocaldns_health_port: 9254 # Can be docker_dns, host_resolvconf or none resolvconf_mode: docker_dns diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 index f3a5e3142..e56cc534a 100644 --- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 @@ -21,7 +21,7 @@ data: force_tcp } prometheus :9253 - health {{ nodelocaldns_ip }}:8080 + health {{ nodelocaldns_ip }}:{{ nodelocaldns_health_port }} } in-addr.arpa:53 { errors diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 index 96e404edc..61c8a5476 100644 --- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 +++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 @@ -58,7 +58,7 @@ spec: httpGet: host: {{ nodelocaldns_ip }} path: /health - port: 8080 + port: {{ nodelocaldns_health_port }} scheme: HTTP timeoutSeconds: 5 successThreshold: 1 @@ -67,7 +67,7 @@ spec: httpGet: host: {{ nodelocaldns_ip }} path: /health - port: 8080 + port: {{ nodelocaldns_health_port }} scheme: HTTP timeoutSeconds: 5 successThreshold: 1 diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml index 3f135c4de..13cdce8bf 100644 --- a/roles/kubespray-defaults/defaults/main.yaml +++ b/roles/kubespray-defaults/defaults/main.yaml @@ -68,6 +68,7 @@ dns_mode: coredns # Enable nodelocal dns cache enable_nodelocaldns: true nodelocaldns_ip: 169.254.25.10 +nodelocaldns_health_port: 9254 # Should be set to a cluster IP if using a custom cluster DNS manual_dns_server: ""