-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bind address for kube scheduler and controller manager #180
Comments
👋 hi @adamhackl ! i think we can handle this with an extra cluster template label called thoughts on this approach? |
That would be a great solution for us. Could you also do something similar for the metricsBindAddress for kube-proxy? Thank you! |
I think this needs to wait till #182 is done, without it, none of those ports will be exposed inside the cluster. |
@mnaser that should be also implemented for etcd and kube-proxy … as they are also configured to 127.0.0.1 and can therefore not be scraped by Prometheus.
etcd can be handled with this isssue. If kube-proxy should be tracked with a second can be the case. #182 seems to be done already. |
Alright, so I went over the different components:
from a security perspective, if we change those to in this case, to verify, after updating
..and for
for for I think I'm al in favour of sane defaults that work out of the box, most Kubernetes clusters will want/neeed upon making the following changes:
i tried to deploy
success... so i think we'll want to make the following adjustments: apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
controllerManager:
extraArgs:
bind-address: 0.0.0.0
scheduler:
extraArgs:
bind-address: 0.0.0.0
etcd:
local:
extraArgs:
listen-metrics-urls: http://0.0.0.0:2381
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
metricsBindAddress: "0.0.0.0:10249" once we have these set in place, users will get a much better experience out of the box and it will allow them to get something like |
seems custom kubeproxyconfig is not supported in capi kubernetes-sigs/cluster-api#4512 |
In order for Prometheus to properly scrape the health endpoints of kube-scheduler and kube-controller-manager, the --bind-address needs to be set to 0.0.0.0 or the control plane node IP. Clusters are currently deploying with the default of 127.0.0.1, which does not work in this case. Is there any way we can change the default setting or configure an override so clusters deploy this way instead of having to update the configuration post-deploy?
Thank you!
The text was updated successfully, but these errors were encountered: