bootkube: use host's /etc/hosts entries#409
Conversation
invidian
force-pushed
the
invidian/bootkube-rkt-host-etc-hosts
branch
2 times, most recently
from
191810d to
8b0547d
Compare
| quay.io/kinvolk/bootkube:v0.14.0-helm-amd64 \ | ||
| --net=host \ | ||
| --dns=host \ | ||
| --hosts-entry=host \ |
There was a problem hiding this comment.
Have we verified this doesn't have side effects? Also, I believe you're proposing to add this flag to all platforms for the sake of uniformity, however does it make sense to do that on platforms which don't need this functionality? I think it might be better to only add the flag where it's needed, to minimize potential "surprises" in the future.
There was a problem hiding this comment.
Have we verified this doesn't have side effects?
I cannot come up with any possible side effects of that beside benefits. This potentially allows to also use CLC snippets for /etc/hosts for names resolving for other platforms too (if using only Terraform code, which I know we don't support).
|
The bootkube container is running with host networking so it makes sense it also uses the host's |
invidian
force-pushed
the
invidian/bootkube-rkt-host-etc-hosts
branch
2 times, most recently
from
77f9a87 to
a71cbcd
Compare
invidian
force-pushed
the
invidian/bootkube-rkt-host-etc-hosts
branch
from
a71cbcd to
358210a
Compare
Rebased. Please have a look. |
iaguis
force-pushed
the
invidian/bootkube-rkt-host-etc-hosts
branch
from
358210a to
fd1fb9f
Compare
Currently, bare metal environment requires resolvable DNS names for API server and etcd servers. For user without running DNS server locally or for testing, it would be nice to be able have some workaround for it. One would be to populate /etc/hosts of nodes with required entries. This is almost possible, using CLC snippets for controller nodes, except the bootkube, which runs in rkt container and have it's own /etc/hosts file, so health check on static kube-apiserver pod never succeeds. To make it work, rkt parameter --hosts-entry=host needs to be added. I suggest we add --hosts-entry=host to bootkube, as potential breakage impact is minimal and this will save as from exposing general bootkube_rkt_extra_args in the Terraform module/lokocfg. By the issue, it is not required to be applied on all platforms, but again, the breakage chance seems minimal and generally we should be heading towards having quite unified configurations across all the platforms, so this commit adds it to all of them. Closes #408 Signed-off-by: Mateusz Gozdek <mateusz@kinvolk.io>
iaguis
force-pushed
the
invidian/bootkube-rkt-host-etc-hosts
branch
from
fd1fb9f to
7c46641
Compare
iaguis
left a comment
iaguis
left a comment
There was a problem hiding this comment.
I rebased this again and it looks good to me.
|
Thanks @iaguis. Will merge once CI passes. |
3 participants
Currently, bare metal environment requires resolvable DNS names for API
server and etcd servers. For user without running DNS server locally or
for testing, it would be nice to be able have some workaround for it.
One would be to populate /etc/hosts of nodes with required entries.
This is almost possible, using CLC snippets for controller nodes, except
the bootkube, which runs in rkt container and have it's own /etc/hosts
file, so health check on static kube-apiserver pod never succeeds. To
make it work, rkt parameter --hosts-entry=host needs to be added.
I suggest we add --hosts-entry=host to bootkube, as potential breakage
impact is minimal and this will save as from exposing general
bootkube_rkt_extra_args in the Terraform module/lokocfg.
By the issue, it is not required to be applied on all platforms, but
again, the breakage chance seems minimal and generally we should be
heading towards having quite unified configurations across all the
platforms, so this commit adds it to all of them.
Closes #408
Signed-off-by: Mateusz Gozdek mateusz@kinvolk.io