Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kube-proxymetricsBindAddress potentially lost on upgrade #386

Closed
mnaser opened this issue Jun 6, 2024 · 1 comment · Fixed by #391
Closed

kube-proxymetricsBindAddress potentially lost on upgrade #386

mnaser opened this issue Jun 6, 2024 · 1 comment · Fixed by #391

Comments

@mnaser
Copy link
Member

mnaser commented Jun 6, 2024

I am noticing that potentially metricsBindAddres is getting lost on cluster upgrades, so potentially we can add into this.
@mnaser mnaser changed the title kube-proxy metricsBindAddress potentially lost on upgrade kube-proxymetricsBindAddress potentially lost on upgrade Jun 6, 2024
@jessica-hofmeister
Copy link

on creating a new cluster, we checked the configmap for kube-proxy in the kube-system namespace.
The metrics bind address is showing as empty upon create.
metricsBindAddress: ""

Per @mnaser's request, here is the contents of the kubeadm.yaml file found in /run/kubeadm

sudo cat kubeadm.yaml 
---
apiServer:
  certSANs:
  - kube-qy42f
  - kube-qy42f.magnum-system
  - kube-qy42f.magnum-system.svc
  - kube-qy42f.magnum-system.svc.cluster.local
  extraArgs:
    audit-log-maxage: "30"
    audit-log-maxbackup: "10"
    audit-log-maxsize: "100"
    audit-log-path: /var/log/audit/kube-apiserver-audit.log
    audit-policy-file: /etc/kubernetes/audit-policy/apiserver-audit-policy.yaml
    authentication-token-webhook-config-file: /etc/kubernetes/webhooks/webhookconfig.yaml
    authorization-mode: Node,RBAC,Webhook
    authorization-webhook-config-file: /etc/kubernetes/webhooks/webhookconfig.yaml
    cloud-provider: external
    profiling: "false"
    tls-cipher-suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
  extraVolumes:
  - hostPath: /etc/kubernetes/webhooks
    mountPath: /etc/kubernetes/webhooks
    name: webhooks
  - hostPath: /etc/kubernetes/audit-policy
    mountPath: /etc/kubernetes/audit-policy
    name: audit-policy
  - hostPath: /var/log/kubernetes/audit
    mountPath: /var/log/audit
    name: audit-logs
apiVersion: kubeadm.k8s.io/v1beta3
clusterName: kube-qy42f
controlPlaneEndpoint: 10.10.10.108:6443
controllerManager:
  extraArgs:
    bind-address: 0.0.0.0
    cloud-provider: external
    profiling: "false"
dns: {}
etcd:
  local:
    dataDir: ""
    extraArgs:
      listen-metrics-urls: http://0.0.0.0:2381
kind: ClusterConfiguration
kubernetesVersion: v1.27.4
networking:
  dnsDomain: cluster.local
  podSubnet: 10.100.0.0/16
  serviceSubnet: 10.254.0.0/16
scheduler:
  extraArgs:
    bind-address: 0.0.0.0
    profiling: "false"

---
apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
localAPIEndpoint: {}
nodeRegistration:
  imagePullPolicy: IfNotPresent
  kubeletExtraArgs:
    cloud-provider: external
    tls-cipher-suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
  name: 'kube-qy42f-control-plane-7hz2r-8dbbf'
  taints: null

@mnaser mnaser linked a pull request Jun 12, 2024 that will close this issue
Run configure-kube-proxy.sh #391
Merged
@mnaser mnaser mentioned this issue Jun 12, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Run configure-kube-proxy.sh vexxhost/magnum-cluster-api
2 participants
@mnaser @jessica-hofmeister