Closed mnaser closed 3 weeks ago
on creating a new cluster, we checked the configmap for kube-proxy in the kube-system namespace.
The metrics bind address is showing as empty upon create.
metricsBindAddress: ""
Per @mnaser's request, here is the contents of the kubeadm.yaml file found in /run/kubeadm
sudo cat kubeadm.yaml
---
apiServer:
certSANs:
- kube-qy42f
- kube-qy42f.magnum-system
- kube-qy42f.magnum-system.svc
- kube-qy42f.magnum-system.svc.cluster.local
extraArgs:
audit-log-maxage: "30"
audit-log-maxbackup: "10"
audit-log-maxsize: "100"
audit-log-path: /var/log/audit/kube-apiserver-audit.log
audit-policy-file: /etc/kubernetes/audit-policy/apiserver-audit-policy.yaml
authentication-token-webhook-config-file: /etc/kubernetes/webhooks/webhookconfig.yaml
authorization-mode: Node,RBAC,Webhook
authorization-webhook-config-file: /etc/kubernetes/webhooks/webhookconfig.yaml
cloud-provider: external
profiling: "false"
tls-cipher-suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
extraVolumes:
- hostPath: /etc/kubernetes/webhooks
mountPath: /etc/kubernetes/webhooks
name: webhooks
- hostPath: /etc/kubernetes/audit-policy
mountPath: /etc/kubernetes/audit-policy
name: audit-policy
- hostPath: /var/log/kubernetes/audit
mountPath: /var/log/audit
name: audit-logs
apiVersion: kubeadm.k8s.io/v1beta3
clusterName: kube-qy42f
controlPlaneEndpoint: 10.10.10.108:6443
controllerManager:
extraArgs:
bind-address: 0.0.0.0
cloud-provider: external
profiling: "false"
dns: {}
etcd:
local:
dataDir: ""
extraArgs:
listen-metrics-urls: http://0.0.0.0:2381
kind: ClusterConfiguration
kubernetesVersion: v1.27.4
networking:
dnsDomain: cluster.local
podSubnet: 10.100.0.0/16
serviceSubnet: 10.254.0.0/16
scheduler:
extraArgs:
bind-address: 0.0.0.0
profiling: "false"
---
apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
localAPIEndpoint: {}
nodeRegistration:
imagePullPolicy: IfNotPresent
kubeletExtraArgs:
cloud-provider: external
tls-cipher-suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
name: 'kube-qy42f-control-plane-7hz2r-8dbbf'
taints: null
I am noticing that potentially
metricsBindAddres
is getting lost on cluster upgrades, so potentially we can add into this.