Add KubeletConfiguration with custom resolv.conf

Change-Id: If681e42a08f756c27518b4bbfd51b9d3baf2a589
2019-08-22 17:20:19 -04:00 · 2019-08-22 17:20:19 -04:00 · e8d8e2a36e
commit e8d8e2a36e
parent 59a21bccb0
2 changed files with 57 additions and 20 deletions
--- a/ansible/site.yaml
+++ b/ansible/site.yaml
@ -69,23 +69,6 @@
        content: |
          nameserver 1.1.1.1
    - name: Drop configuration file
      become: true
      copy:
        dest: /etc/kubernetes/kubeadm.conf
        content: |
          ---
          apiVersion: kubeadm.k8s.io/v1beta2
          kind: InitConfiguration
          nodeRegistration:
            kubeletExtraArgs:
              resolv-conf: /etc/kubernetes/resolv.conf
          ---
          apiVersion: kubeadm.k8s.io/v1beta2
          kind: ClusterConfiguration
          networking:
            podSubnet: 10.244.0.0/16
 - name: Bootstrap cluster
  hosts: masters[0]
  gather_facts: false
@ -94,6 +77,12 @@
      wait_for_connection:
        timeout: 300
    - name: Drop configuration file
      become: true
      template:
        src: kubeadm.conf.j2
        dest: /etc/kubernetes/kubeadm.conf
    - name: Initialize cluster
      become: true
      shell: |
@ -120,14 +109,33 @@
      become: true
      delegate_to: "{{ groups['masters'][0] }}"
      register: kubeadm_token_create
-      shell: |
+      shell: kubeadm token create --ttl 5m --print-join-command
-        kubeadm token create --ttl 5m --print-join-command
+      when:
        - not apiserver_stat.stat.exists
    # NOTE(mnaser): There is no clean way to get the CA hash from kubeadm :(
    #               https://github.com/kubernetes/kubeadm/issues/659
    - name: Parse token and hash facts
      set_fact:
        kubeadm_apiserver: "{{ kubeadm_token_create.stdout | regex_search(regex, '\\1') | first }}"
        kubeadm_token: "{{ kubeadm_token_create.stdout | regex_search(regex, '\\2') | first }}"
        kubeadm_hash: "{{ kubeadm_token_create.stdout | regex_search(regex, '\\3') | first }}"
      vars:
        regex: 'kubeadm\s+join\s+([^\s]+)\s+--token\s+([^\s]+)\s+--discovery-token-ca-cert-hash\s+([^\s]+)'
      when:
        - not apiserver_stat.stat.exists
    - name: Drop configuration file
      become: true
      template:
        src: kubeadm.conf.j2
        dest: /etc/kubernetes/kubeadm.conf
      when:
        - not apiserver_stat.stat.exists
    - name: Join cluster
      become: true
-      shell: "{{ kubeadm_token_create.stdout }}"
+      shell: kubeadm join --config /etc/kubernetes/kubeadm.conf
      when:
        - not apiserver_stat.stat.exists
--- a/ansible/templates/kubeadm.conf.j2
+++ b/ansible/templates/kubeadm.conf.j2
@ -0,0 +1,29 @@
 ---
 apiVersion: kubeadm.k8s.io/v1beta2
 kind: ClusterConfiguration
 networking:
  podSubnet: 10.244.0.0/16
 ---
 apiVersion: kubeadm.k8s.io/v1beta2
 kind: InitConfiguration
 nodeRegistration:
  kubeletExtraArgs:
    resolv-conf: /etc/kubernetes/resolv.conf
 ---
 apiVersion: kubelet.config.k8s.io/v1beta1
 kind: KubeletConfiguration
 resolvConf: /etc/kubernetes/resolv.conf
 {% if kubeadm_token is defined %}
 ---
 apiVersion: kubeadm.k8s.io/v1beta2
 kind: JoinConfiguration
 discovery:
  bootstrapToken:
    apiServerEndpoint: {{ kubeadm_apiserver }}
    token: {{ kubeadm_token }}
    caCertHashes:
      - {{ kubeadm_hash }}
 nodeRegistration:
  kubeletExtraArgs:
    resolv-conf: /etc/kubernetes/resolv.conf
 {% endif %}