Skip to content

Commit 33a31df

Browse files
mrIncompetentkubermatic-bot
mrIncompetent
authored and
kubermatic-bot
committed
never override the hostname on AWS nodes (#372)
1 parent f71c642 commit 33a31df

22 files changed

+58
-34
lines changed

pkg/userdata/centos/testdata/kubelet-v1.10-aws.golden

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
#cloud-config
2-
hostname: node1
2+
33

44
ssh_pwauth: no
55

@@ -55,9 +55,7 @@ write_files:
5555
systemctl restart systemd-modules-load.service
5656
sysctl --system
5757

58-
# The normal way of setting it via cloud-init is broken:
59-
# https://bugs.launchpad.net/cloud-init/+bug/1662542
60-
hostnamectl set-hostname node1
58+
6159

6260
yum install -y docker-1.13.1 \
6361
ebtables \
@@ -137,7 +135,6 @@ write_files:
137135
--authentication-token-webhook=true \
138136
--cloud-provider=aws \
139137
--cloud-config=/etc/kubernetes/cloud-config \
140-
--hostname-override=node1 \
141138
--read-only-port=0 \
142139
--exit-on-lock-contention \
143140
--lock-file=/tmp/kubelet.lock \

pkg/userdata/centos/testdata/kubelet-v1.11-aws.golden

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
#cloud-config
2-
hostname: node1
2+
33

44
ssh_pwauth: no
55

@@ -55,9 +55,7 @@ write_files:
5555
systemctl restart systemd-modules-load.service
5656
sysctl --system
5757

58-
# The normal way of setting it via cloud-init is broken:
59-
# https://bugs.launchpad.net/cloud-init/+bug/1662542
60-
hostnamectl set-hostname node1
58+
6159

6260
yum install -y docker-1.13.1 \
6361
ebtables \
@@ -137,7 +135,6 @@ write_files:
137135
--authentication-token-webhook=true \
138136
--cloud-provider=aws \
139137
--cloud-config=/etc/kubernetes/cloud-config \
140-
--hostname-override=node1 \
141138
--read-only-port=0 \
142139
--exit-on-lock-contention \
143140
--lock-file=/tmp/kubelet.lock \

pkg/userdata/centos/testdata/kubelet-v1.12-aws.golden

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
#cloud-config
2-
hostname: node1
2+
33

44
ssh_pwauth: no
55

@@ -55,9 +55,7 @@ write_files:
5555
systemctl restart systemd-modules-load.service
5656
sysctl --system
5757

58-
# The normal way of setting it via cloud-init is broken:
59-
# https://bugs.launchpad.net/cloud-init/+bug/1662542
60-
hostnamectl set-hostname node1
58+
6159

6260
yum install -y docker-1.13.1 \
6361
ebtables \
@@ -136,7 +134,6 @@ write_files:
136134
--authentication-token-webhook=true \
137135
--cloud-provider=aws \
138136
--cloud-config=/etc/kubernetes/cloud-config \
139-
--hostname-override=node1 \
140137
--read-only-port=0 \
141138
--exit-on-lock-contention \
142139
--lock-file=/tmp/kubelet.lock \

pkg/userdata/centos/testdata/kubelet-v1.12-vsphere.golden

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
#cloud-config
2+
23
hostname: node1
4+
# Never set the hostname on AWS nodes. Kubernetes(kube-proxy) requires the hostname to be the private dns name
5+
36

47
ssh_pwauth: no
58

@@ -55,9 +58,11 @@ write_files:
5558
systemctl restart systemd-modules-load.service
5659
sysctl --system
5760

61+
5862
# The normal way of setting it via cloud-init is broken:
5963
# https://bugs.launchpad.net/cloud-init/+bug/1662542
6064
hostnamectl set-hostname node1
65+
6166

6267
yum install -y docker-1.13.1 \
6368
ebtables \

pkg/userdata/centos/testdata/kubelet-v1.9-aws.golden

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
#cloud-config
2-
hostname: node1
2+
33

44
ssh_pwauth: no
55

@@ -55,9 +55,7 @@ write_files:
5555
systemctl restart systemd-modules-load.service
5656
sysctl --system
5757

58-
# The normal way of setting it via cloud-init is broken:
59-
# https://bugs.launchpad.net/cloud-init/+bug/1662542
60-
hostnamectl set-hostname node1
58+
6159

6260
yum install -y docker-1.13.1 \
6361
ebtables \
@@ -137,7 +135,6 @@ write_files:
137135
--authentication-token-webhook=true \
138136
--cloud-provider=aws \
139137
--cloud-config=/etc/kubernetes/cloud-config \
140-
--hostname-override=node1 \
141138
--read-only-port=0 \
142139
--exit-on-lock-contention \
143140
--lock-file=/tmp/kubelet.lock \

pkg/userdata/centos/userdata.go

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -126,7 +126,10 @@ func (p Provider) UserData(
126126
}
127127

128128
const ctTemplate = `#cloud-config
129+
{{ if ne .CloudProvider "aws" }}
129130
hostname: {{ .MachineSpec.Name }}
131+
# Never set the hostname on AWS nodes. Kubernetes(kube-proxy) requires the hostname to be the private dns name
132+
{{ end }}
130133
131134
{{- if .OSConfig.DistUpgradeOnBoot }}
132135
package_upgrade: true
@@ -181,9 +184,11 @@ write_files:
181184
systemctl restart systemd-modules-load.service
182185
sysctl --system
183186
187+
{{ if ne .CloudProvider "aws" }}
184188
# The normal way of setting it via cloud-init is broken:
185189
# https://bugs.launchpad.net/cloud-init/+bug/1662542
186190
hostnamectl set-hostname {{ .MachineSpec.Name }}
191+
{{ end }}
187192
188193
yum install -y docker-1.13.1 \
189194
ebtables \

pkg/userdata/coreos/testdata/v1.9.2-disable-auto-update-aws.golden

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -128,17 +128,6 @@
128128
},
129129
"mode": 420
130130
},
131-
{
132-
"filesystem": "root",
133-
"group": {},
134-
"path": "/etc/hostname",
135-
"user": {},
136-
"contents": {
137-
"source": "data:,node1",
138-
"verification": {}
139-
},
140-
"mode": 384
141-
},
142131
{
143132
"filesystem": "root",
144133
"group": {
@@ -220,7 +209,7 @@
220209
"name": "kubelet-healthcheck.service"
221210
},
222211
{
223-
"contents": "[Unit]\nDescription=Kubernetes Kubelet\nRequires=docker.service\nAfter=docker.service\n[Service]\nTimeoutStartSec=5min\nEnvironment=KUBELET_IMAGE=docker://k8s.gcr.io/hyperkube-amd64:v1.9.2\nEnvironment=\"RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \\\n --insecure-options=image \\\n --volume=resolv,kind=host,source=/etc/resolv.conf \\\n --mount volume=resolv,target=/etc/resolv.conf \\\n --volume cni-bin,kind=host,source=/opt/cni/bin \\\n --mount volume=cni-bin,target=/opt/cni/bin \\\n --volume cni-conf,kind=host,source=/etc/cni/net.d \\\n --mount volume=cni-conf,target=/etc/cni/net.d \\\n --volume etc-kubernetes,kind=host,source=/etc/kubernetes \\\n --mount volume=etc-kubernetes,target=/etc/kubernetes \\\n --volume var-log,kind=host,source=/var/log \\\n --mount volume=var-log,target=/var/log \\\n --volume var-lib-calico,kind=host,source=/var/lib/calico \\\n --mount volume=var-lib-calico,target=/var/lib/calico\"\nExecStartPre=/bin/mkdir -p /var/lib/calico\nExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests\nExecStartPre=/bin/mkdir -p /etc/cni/net.d\nExecStartPre=/bin/mkdir -p /opt/cni/bin\nExecStartPre=-/usr/bin/rkt rm --uuid-file=/var/cache/kubelet-pod.uuid\nExecStartPre=-/bin/rm -rf /var/lib/rkt/cas/tmp/\nExecStart=/usr/lib/coreos/kubelet-wrapper \\\n --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf \\\n --kubeconfig=/etc/kubernetes/kubelet.conf \\\n --pod-manifest-path=/etc/kubernetes/manifests \\\n --allow-privileged=true \\\n --network-plugin=cni \\\n --cni-conf-dir=/etc/cni/net.d \\\n --cni-bin-dir=/opt/cni/bin \\\n --authorization-mode=Webhook \\\n --client-ca-file=/etc/kubernetes/pki/ca.crt \\\n --cadvisor-port=0 \\\n --rotate-certificates=true \\\n --cert-dir=/etc/kubernetes/pki \\\n --authentication-token-webhook=true \\\n --cloud-provider=aws \\\n --cloud-config=/etc/kubernetes/cloud-config \\\n --hostname-override=node1 \\\n --read-only-port=0 \\\n --exit-on-lock-contention \\\n --lock-file=/tmp/kubelet.lock \\\n --anonymous-auth=false \\\n --protect-kernel-defaults=true \\\n --cluster-dns=10.10.10.10 \\\n --cluster-domain=cluster.local\nExecStop=-/usr/bin/rkt stop --uuid-file=/var/cache/kubelet-pod.uuid\nRestart=always\nRestartSec=10\n[Install]\nWantedBy=multi-user.target\n",
212+
"contents": "[Unit]\nDescription=Kubernetes Kubelet\nRequires=docker.service\nAfter=docker.service\n[Service]\nTimeoutStartSec=5min\nEnvironment=KUBELET_IMAGE=docker://k8s.gcr.io/hyperkube-amd64:v1.9.2\nEnvironment=\"RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \\\n --insecure-options=image \\\n --volume=resolv,kind=host,source=/etc/resolv.conf \\\n --mount volume=resolv,target=/etc/resolv.conf \\\n --volume cni-bin,kind=host,source=/opt/cni/bin \\\n --mount volume=cni-bin,target=/opt/cni/bin \\\n --volume cni-conf,kind=host,source=/etc/cni/net.d \\\n --mount volume=cni-conf,target=/etc/cni/net.d \\\n --volume etc-kubernetes,kind=host,source=/etc/kubernetes \\\n --mount volume=etc-kubernetes,target=/etc/kubernetes \\\n --volume var-log,kind=host,source=/var/log \\\n --mount volume=var-log,target=/var/log \\\n --volume var-lib-calico,kind=host,source=/var/lib/calico \\\n --mount volume=var-lib-calico,target=/var/lib/calico\"\nExecStartPre=/bin/mkdir -p /var/lib/calico\nExecStartPre=/bin/mkdir -p /etc/kubernetes/manifests\nExecStartPre=/bin/mkdir -p /etc/cni/net.d\nExecStartPre=/bin/mkdir -p /opt/cni/bin\nExecStartPre=-/usr/bin/rkt rm --uuid-file=/var/cache/kubelet-pod.uuid\nExecStartPre=-/bin/rm -rf /var/lib/rkt/cas/tmp/\nExecStart=/usr/lib/coreos/kubelet-wrapper \\\n --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf \\\n --kubeconfig=/etc/kubernetes/kubelet.conf \\\n --pod-manifest-path=/etc/kubernetes/manifests \\\n --allow-privileged=true \\\n --network-plugin=cni \\\n --cni-conf-dir=/etc/cni/net.d \\\n --cni-bin-dir=/opt/cni/bin \\\n --authorization-mode=Webhook \\\n --client-ca-file=/etc/kubernetes/pki/ca.crt \\\n --cadvisor-port=0 \\\n --rotate-certificates=true \\\n --cert-dir=/etc/kubernetes/pki \\\n --authentication-token-webhook=true \\\n --cloud-provider=aws \\\n --cloud-config=/etc/kubernetes/cloud-config \\\n --read-only-port=0 \\\n --exit-on-lock-contention \\\n --lock-file=/tmp/kubelet.lock \\\n --anonymous-auth=false \\\n --protect-kernel-defaults=true \\\n --cluster-dns=10.10.10.10 \\\n --cluster-domain=cluster.local\nExecStop=-/usr/bin/rkt stop --uuid-file=/var/cache/kubelet-pod.uuid\nRestart=always\nRestartSec=10\n[Install]\nWantedBy=multi-user.target\n",
224213
"enabled": true,
225214
"name": "kubelet.service"
226215
}

pkg/userdata/coreos/userdata.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -318,11 +318,13 @@ storage:
318318
yes
319319
{{ end }}
320320
321+
{{ if ne .CloudProvider "aws" }}
321322
- path: /etc/hostname
322323
filesystem: root
323324
mode: 0600
324325
contents:
325326
inline: '{{ .MachineSpec.Name }}'
327+
{{- end }}
326328
327329
- path: /etc/ssh/sshd_config
328330
filesystem: root

pkg/userdata/helper/kubelet.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ const (
2727
--cloud-provider={{ .CloudProvider }} \
2828
--cloud-config=/etc/kubernetes/cloud-config \
2929
{{- end }}
30-
{{- if .Hostname }}
30+
{{- if and (.Hostname) (ne .CloudProvider "aws") }}
3131
--hostname-override={{ .Hostname }} \
3232
{{- end }}
3333
--read-only-port=0 \

pkg/userdata/helper/testdata/kublet_systemd_unit_cloud-provider-set.golden

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,6 @@ ExecStart=/opt/bin/kubelet $KUBELET_EXTRA_ARGS \
2828
--authentication-token-webhook=true \
2929
--cloud-provider=aws \
3030
--cloud-config=/etc/kubernetes/cloud-config \
31-
--hostname-override=some-test-node \
3231
--read-only-port=0 \
3332
--exit-on-lock-contention \
3433
--lock-file=/tmp/kubelet.lock \

0 commit comments

Comments
 (0)