From 6a40cec3b0bed28dc3a9956904c11673caf584d7 Mon Sep 17 00:00:00 2001 From: Vincent Palmer Date: Mon, 4 Dec 2017 09:04:31 +0100 Subject: [PATCH] Fixes issue with etcd DNS resolution via locally provided nameserver. When restarting masters, `etcd-member.service` fails to be able to reverse lookup the names of the TLS nodes as DNS hasn't been defined yet. As a side effect causes some issues with CLUO deployed ;) ``` Dec 04 07:27:16 node0.cluster.com etcd-wrapper[875]: 2017-12-04 07:27:16.092239 I | etcdmain: rejected connection from "192.168.15.13:44308" (tls: "192.168.15.13" does not match any of DNSNames ["node0.int.cluster.com" "node3.int.cluster.com" "*.kube-etcd.kube-system.svc.cluster.local" "kube-etcd-client.kube-system.svc.cluster.local"]) ``` --- aws/container-linux/kubernetes/cl/controller.yaml.tmpl | 1 + bare-metal/container-linux/kubernetes/cl/controller.yaml.tmpl | 1 + digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl | 1 + .../kubernetes/controllers/cl/controller.yaml.tmpl | 1 + 4 files changed, 4 insertions(+) diff --git a/aws/container-linux/kubernetes/cl/controller.yaml.tmpl b/aws/container-linux/kubernetes/cl/controller.yaml.tmpl index 90bba3371..090c7fedb 100644 --- a/aws/container-linux/kubernetes/cl/controller.yaml.tmpl +++ b/aws/container-linux/kubernetes/cl/controller.yaml.tmpl @@ -41,6 +41,7 @@ systemd: ExecStart=/bin/sh -c 'while ! /usr/bin/grep '^[^#[:space:]]' /etc/resolv.conf > /dev/null; do sleep 1; done' [Install] RequiredBy=kubelet.service + RequiredBy=etcd-member.service - name: kubelet.service enable: true contents: | diff --git a/bare-metal/container-linux/kubernetes/cl/controller.yaml.tmpl b/bare-metal/container-linux/kubernetes/cl/controller.yaml.tmpl index 2207bdac7..1f364ec38 100644 --- a/bare-metal/container-linux/kubernetes/cl/controller.yaml.tmpl +++ b/bare-metal/container-linux/kubernetes/cl/controller.yaml.tmpl @@ -50,6 +50,7 @@ systemd: ExecStart=/bin/sh -c 'while ! /usr/bin/grep '^[^#[:space:]]' /etc/resolv.conf > /dev/null; do sleep 1; done' [Install] RequiredBy=kubelet.service + RequiredBy=etcd-member.service - name: kubelet.service contents: | [Unit] diff --git a/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl b/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl index 20d8e565d..1cbfad2af 100644 --- a/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl +++ b/digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl @@ -50,6 +50,7 @@ systemd: ExecStart=/bin/sh -c 'while ! /usr/bin/grep '^[^#[:space:]]' /etc/resolv.conf > /dev/null; do sleep 1; done' [Install] RequiredBy=kubelet.service + RequiredBy=etcd-member.service - name: kubelet.service contents: | [Unit] diff --git a/google-cloud/container-linux/kubernetes/controllers/cl/controller.yaml.tmpl b/google-cloud/container-linux/kubernetes/controllers/cl/controller.yaml.tmpl index 611adc096..b4be0d50c 100644 --- a/google-cloud/container-linux/kubernetes/controllers/cl/controller.yaml.tmpl +++ b/google-cloud/container-linux/kubernetes/controllers/cl/controller.yaml.tmpl @@ -41,6 +41,7 @@ systemd: ExecStart=/bin/sh -c 'while ! /usr/bin/grep '^[^#[:space:]]' /etc/resolv.conf > /dev/null; do sleep 1; done' [Install] RequiredBy=kubelet.service + RequiredBy=etcd-member.service - name: kubelet.service enable: true contents: |