Override hostname on kubelet

kubelet gets the hostname from the system which on coreos does not include the domain name (it's the short hostname and not the FQDN). This causes the `kubernetes.io/hostname` label to mismatch the node name and is problematic when using Service Topology and potentially other features that use this label. Signed-off-by: Dimitrios Karagiannis <dhkarag@gmail.com>
utilitywarehouse · May 12, 2020 · c5e35b9 · c5e35b9
1 parent d99ca79
commit c5e35b9
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 4 deletions.
diff --git a/master.tf b/master.tf
@@ -218,6 +218,7 @@ data "template_file" "master-kubelet" {
   vars = {
     kubelet_binary_path = "/opt/bin/kubelet"
     cloud_provider      = var.cloud_provider
+    get_hostname        = var.node_name_command[var.cloud_provider]
   }
 }
 

diff --git a/resources/master-kubelet.service b/resources/master-kubelet.service
@@ -16,8 +16,9 @@ ExecStartPre=/sbin/sysctl -w net.ipv4.tcp_retries2=8
 # This is a temporal workaround this upstream Kubernetes issue:
 #  https://github.com/kubernetes/kubernetes/issues/69015
 ExecStartPre=/sbin/sysctl -w fs.inotify.max_user_watches=524288
-ExecStart=${kubelet_binary_path} \
+ExecStart=/bin/sh -c '${kubelet_binary_path} \
   --config=/etc/kubernetes/config/master-kubelet-conf.yaml \
+  --hostname-override="$(${get_hostname})" \
   --kubeconfig=/var/lib/kubelet/kubeconfig \
   --node-labels=role=master \
   --register-with-taints=node-role.kubernetes.io/master=:NoSchedule \
@@ -30,7 +31,7 @@ ExecStart=${kubelet_binary_path} \
   --tls-cert-file=/etc/kubernetes/ssl/kubelet.pem \
   --tls-private-key-file=/etc/kubernetes/ssl/kubelet-key.pem \
   --exit-on-lock-contention \
-  --v=0
+  --v=0'
 Restart=always
 RestartSec=10
 [Install]

diff --git a/resources/node-kubelet.service b/resources/node-kubelet.service
@@ -16,14 +16,15 @@ ExecStartPre=/sbin/sysctl -w net.ipv4.tcp_retries2=8
 # This is a temporal workaround this upstream Kubernetes issue:
 #  https://github.com/kubernetes/kubernetes/issues/69015
 ExecStartPre=/sbin/sysctl -w fs.inotify.max_user_watches=524288
-ExecStart=${kubelet_binary_path} \
+ExecStart=/bin/sh -c '${kubelet_binary_path} \
 %{ if cloud_provider != "" }  --cloud-provider=${cloud_provider} \
 %{ endif ~}
   --cni-bin-dir=/opt/cni/bin \
   --cni-conf-dir=/etc/cni/net.d \
   --config=/etc/kubernetes/config/node-kubelet-conf.yaml \
   --container-runtime=docker \
   --exit-on-lock-contention \
+  --hostname-override="$(${get_hostname})" \
   --kubeconfig=/var/lib/kubelet/kubeconfig \
   --network-plugin=cni \
   --node-labels=${labels} \
@@ -32,7 +33,7 @@ ExecStart=${kubelet_binary_path} \
   --lock-file=/var/run/lock/kubelet.lock \
   --tls-cert-file=/etc/kubernetes/ssl/kubelet.pem \
   --tls-private-key-file=/etc/kubernetes/ssl/kubelet-key.pem \
-  --v=0
+  --v=0'
 Restart=always
 RestartSec=10
 [Install]

diff --git a/storage-node.tf b/storage-node.tf
@@ -9,6 +9,7 @@ data "template_file" "storage-node-kubelet" {
   vars = {
     kubelet_binary_path = "/opt/bin/kubelet"
     cloud_provider      = var.cloud_provider
+    get_hostname        = var.node_name_command[var.cloud_provider]
     labels              = "role=storage-node,node.longhorn.io/create-default-disk=true"
     taints              = "storage=longhorn:NoSchedule"
   }

diff --git a/worker.tf b/worker.tf
@@ -9,6 +9,7 @@ data "template_file" "worker-kubelet" {
   vars = {
     kubelet_binary_path = "/opt/bin/kubelet"
     cloud_provider      = var.cloud_provider
+    get_hostname        = var.node_name_command[var.cloud_provider]
     labels              = "role=worker"
     taints              = ""
   }