digital-ocean: Add kubelet hostname-override flag

* Kubelets should register nodes via their private IPv4 address, as provided by the metadata service from Digital Ocean * By default, Kubelet exec's hostname to determine the name it should use when registering with the apiserver. On Digital Ocean, the hostname is not routeable by other instances. Digital Ocean does not run an internal DNS service. * Fixes issue where the apiserver can't reach the worker nodes. This prevented kubectl logs and exec commands from working
poseidon · Jul 29, 2017 · 097dcdf · 097dcdf
1 parent efff749
commit 097dcdf
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl b/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl
@@ -23,8 +23,11 @@ systemd:
       contents: |
         [Unit]
         Description=Kubelet via Hyperkube ACI
+        Requires=coreos-metadata.service
+        After=coreos-metadata.service
         [Service]
         EnvironmentFile=/etc/kubernetes/kubelet.env
+        EnvironmentFile=/run/metadata/coreos
         Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \
           --volume=resolv,kind=host,source=/etc/resolv.conf \
           --mount volume=resolv,target=/etc/resolv.conf \
@@ -48,6 +51,7 @@ systemd:
           --network-plugin=cni \
           --lock-file=/var/run/lock/kubelet.lock \
           --exit-on-lock-contention \
+          --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
           --pod-manifest-path=/etc/kubernetes/manifests \
           --allow-privileged \
           --node-labels=node-role.kubernetes.io/master \

diff --git a/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl b/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl
@@ -23,8 +23,11 @@ systemd:
       contents: |
         [Unit]
         Description=Kubelet via Hyperkube ACI
+        Requires=coreos-metadata.service
+        After=coreos-metadata.service
         [Service]
         EnvironmentFile=/etc/kubernetes/kubelet.env
+        EnvironmentFile=/run/metadata/coreos
         Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \
           --volume=resolv,kind=host,source=/etc/resolv.conf \
           --mount volume=resolv,target=/etc/resolv.conf \
@@ -48,6 +51,7 @@ systemd:
           --network-plugin=cni \
           --lock-file=/var/run/lock/kubelet.lock \
           --exit-on-lock-contention \
+          --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
           --pod-manifest-path=/etc/kubernetes/manifests \
           --allow-privileged \
           --node-labels=node-role.kubernetes.io/node \