Add kube anon auth settings to kubeadm config templates (#4713)

* Disable kube_api_anonymous_auth by default to secure the setup

* Disable metrics-server in addons. Health endpoint is slow and unstable

* Fix anonymous-auth missing in configuration

* Cleanup a bit

* Fix kube anon auth

roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2

@@ -50,6 +50,9 @@ certificatesDir: {{ kube_cert_dir }}
 imageRepository: {{ kube_image_repo }}
 unifiedControlPlaneImage: ""
 apiServerExtraArgs:
+{% if kube_api_anonymous_auth is defined and kube_version is version('v1.5', '>=')  %}
+  anonymous-auth: "{{ kube_api_anonymous_auth }}"
+{% endif %}
   authorization-mode: {{ authorization_modes | join(',') }}
   bind-address: {{ kube_apiserver_bind_address }}
 {% if kube_apiserver_insecure_port|string != "0" %}

roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2

@@ -47,6 +47,9 @@ imageRepository: {{ kube_image_repo }}
 useHyperKubeImage: false
 apiServer:
   extraArgs:
+{% if kube_api_anonymous_auth is defined and kube_version is version('v1.5', '>=')  %}
+    anonymous-auth: "{{ kube_api_anonymous_auth }}"
+{% endif %}
     authorization-mode: {{ authorization_modes | join(',') }}
     bind-address: {{ kube_apiserver_bind_address }}
 {% if kube_apiserver_insecure_port|string != "0" %}

tests/testcases/030_check-network.yml

@@ -90,6 +90,3 @@
     with_nested:
     - "{{ pod_names }}"
     - "{{ pod_ips }}"
-
-  - name: Delete test namespace
-    shell: "{{ bin_dir }}/kubectl delete namespace test"