nodelocaldns: allow binding metrics address to host IP (#7748)

2021-06-29 15:28:41 +03:00 · 2021-06-29 15:28:41 +03:00 · bd6d810d0a
parent e3850fbbbc
commit bd6d810d0a
4 changed files with 14 additions and 5 deletions
--- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
@ -166,6 +166,7 @@ dns_mode: coredns
 enable_nodelocaldns: true
 nodelocaldns_ip: 169.254.25.10
 nodelocaldns_health_port: 9254
+nodelocaldns_bind_metrics_host_ip: false
 # nodelocaldns_external_zones:
 # - zones:
 #   - example.com
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
@ -17,7 +17,7 @@ data:
        loop
        bind {{ nodelocaldns_ip }}
        forward . {{ block['nameservers'] | join(' ') }}
-        prometheus :9253
+        prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
        log
 {% if dns_etchosts | default(None) %}
        hosts /etc/coredns/hosts {
@ -39,7 +39,7 @@ data:
        forward . {{ forwardTarget }} {
            force_tcp
        }
-        prometheus :9253
+        prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
        health {{ nodelocaldns_ip }}:{{ nodelocaldns_health_port }}
 {% if dns_etchosts | default(None) %}
        hosts /etc/coredns/hosts {
@ -56,7 +56,7 @@ data:
        forward . {{ forwardTarget }} {
            force_tcp
        }
-        prometheus :9253
+        prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
    }
    ip6.arpa:53 {
        errors
@ -67,7 +67,7 @@ data:
        forward . {{ forwardTarget }} {
            force_tcp
        }
-        prometheus :9253
+        prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
    }
    .:53 {
        errors
@ -76,7 +76,7 @@ data:
        loop
        bind {{ nodelocaldns_ip }}
        forward . {{ upstreamForwardTarget }}
-        prometheus :9253
+        prometheus {% if nodelocaldns_bind_metrics_host_ip %}{$MY_HOST_IP}{% endif %}:9253
 {% if dns_etchosts | default(None) %}
        hosts /etc/coredns/hosts {
          fallthrough
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
@ -41,6 +41,13 @@ spec:
        args: [ "-localip", "{{ nodelocaldns_ip }}", "-conf", "/etc/coredns/Corefile", "-upstreamsvc", "coredns" ]
        securityContext:
          privileged: true
+{% if nodelocaldns_bind_metrics_host_ip %}
+        env:
+          - name: MY_HOST_IP
+            valueFrom:
+              fieldRef:
+                fieldPath: status.hostIP
+{% endif %}
        ports:
        - containerPort: 53
          name: dns
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@ -89,6 +89,7 @@ dns_mode: coredns
 enable_nodelocaldns: true
 nodelocaldns_ip: 169.254.25.10
 nodelocaldns_health_port: 9254
+nodelocaldns_bind_metrics_host_ip: false

 # Should be set to a cluster IP if using a custom cluster DNS
 manual_dns_server: ""