From 097dcdf47ef1fed39e184842926955cbdd833d0c Mon Sep 17 00:00:00 2001
From: Dalton Hubble <dghubble@gmail.com>
Date: Sat, 29 Jul 2017 13:26:57 -0700
Subject: [PATCH] digital-ocean: Add kubelet hostname-override flag

* Kubelets should register nodes via their private IPv4 address,
as provided by the metadata service from Digital Ocean
* By default, Kubelet exec's hostname to determine the name it should
use when registering with the apiserver. On Digital Ocean, the hostname
is not routeable by other instances. Digital Ocean does not run an
internal DNS service.
* Fixes issue where the apiserver can't reach the worker nodes. This
prevented kubectl logs and exec commands from working
---
 .../container-linux/kubernetes/cl/controller.yaml.tmpl        | 4 ++++
 digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl  | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl b/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl
index 5cf346186..f631d2809 100644
--- a/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl
+++ b/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl
@@ -23,8 +23,11 @@ systemd:
       contents: |
         [Unit]
         Description=Kubelet via Hyperkube ACI
+        Requires=coreos-metadata.service
+        After=coreos-metadata.service
         [Service]
         EnvironmentFile=/etc/kubernetes/kubelet.env
+        EnvironmentFile=/run/metadata/coreos
         Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \
           --volume=resolv,kind=host,source=/etc/resolv.conf \
           --mount volume=resolv,target=/etc/resolv.conf \
@@ -48,6 +51,7 @@ systemd:
           --network-plugin=cni \
           --lock-file=/var/run/lock/kubelet.lock \
           --exit-on-lock-contention \
+          --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
           --pod-manifest-path=/etc/kubernetes/manifests \
           --allow-privileged \
           --node-labels=node-role.kubernetes.io/master \
diff --git a/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl b/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl
index 4c967baa6..5c375f36c 100644
--- a/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl
+++ b/digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl
@@ -23,8 +23,11 @@ systemd:
       contents: |
         [Unit]
         Description=Kubelet via Hyperkube ACI
+        Requires=coreos-metadata.service
+        After=coreos-metadata.service
         [Service]
         EnvironmentFile=/etc/kubernetes/kubelet.env
+        EnvironmentFile=/run/metadata/coreos
         Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \
           --volume=resolv,kind=host,source=/etc/resolv.conf \
           --mount volume=resolv,target=/etc/resolv.conf \
@@ -48,6 +51,7 @@ systemd:
           --network-plugin=cni \
           --lock-file=/var/run/lock/kubelet.lock \
           --exit-on-lock-contention \
+          --hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
           --pod-manifest-path=/etc/kubernetes/manifests \
           --allow-privileged \
           --node-labels=node-role.kubernetes.io/node \