Issue
When provisioning a cluster with nodeletctl with a single master and single worker, when passed a configuration
that specifies port 6443 for the Kubernetes Api Port a cluster is produced with the k8s api listening on port 443.
This behavior impacts operations in two ways:
- Users cannot deploy an Ingress controllers that listen on port 443.
- Users cannot use templated kubeconfig without manually modifying to use port 443
How to reproduce
allowWorkloadsOnMaster: false
clusterName: airctl-mgmt
k8sApiPort: 6443
masterIp: 10.5.50.10
masterVipEnabled: true
masterVipVrouterId: 101
nodeletPkg: /opt/pf9/artifacts/nodelet.tar.gz
privileged: true
sshUser: ubuntu
masterVipInterface: ens3
calicoV4Interface: ens3
mtu: 9001
masterNodes:
- nodeName: ip-10-5-50-209.us-west-2.compute.internal
nodeIP: 10.5.50.209
workerNodes:
- nodeName: ip-10-5-50-18.us-west-2.compute.internal
nodeIP: 10.5.50.18Observed Behavior
ubuntu@ip-10-5-50-209:~$ sudo netstat -nlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 10.5.50.209:2380 0.0.0.0:* LISTEN 17253/etcd
tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN 17253/etcd
tcp 0 0 127.0.0.1:10249 0.0.0.0:* LISTEN 18644/kube-proxy
tcp 0 0 127.0.0.1:10248 0.0.0.0:* LISTEN 21955/kubelet
tcp 0 0 127.0.0.1:9977 0.0.0.0:* LISTEN 17896/bouncerd
tcp 0 0 127.0.0.1:41065 0.0.0.0:* LISTEN 16295/containerd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1264/sshd: /usr/sbi
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 465/systemd-resolve
tcp6 0 0 :::22 :::* LISTEN 1264/sshd: /usr/sbi
tcp6 0 0 :::443 :::* LISTEN 19008/kube-apiserve
tcp6 0 0 :::10251 :::* LISTEN 19067/kube-schedule
tcp6 0 0 :::10250 :::* LISTEN 21955/kubelet
tcp6 0 0 :::10252 :::* LISTEN 18968/kube-controll
tcp6 0 0 :::10257 :::* LISTEN 18968/kube-controll
tcp6 0 0 :::10256 :::* LISTEN 18644/kube-proxy
tcp6 0 0 :::10259 :::* LISTEN 19067/kube-schedule
tcp6 0 0 :::4001 :::* LISTEN 17253/etcd
udp 0 0 127.0.0.53:53 0.0.0.0:* 465/systemd-resolve
udp 0 0 10.5.50.209:68 0.0.0.0:* 462/systemd-network
raw 0 0 0.0.0.0:51 0.0.0.0:* 7 21405/keepalived
raw 0 0 0.0.0.0:51 0.0.0.0:* 7 21405/keepalived
raw6 0 0 :::58 :::* 7 462/systemd-network
Suspected Root Cause
K8S_API_PORT is hard-coded to port 443 in workerNodeletConfigTmpl and does not use {{ .K8sApiPort }}
Issue
When provisioning a cluster with nodeletctl with a single master and single worker, when passed a configuration
that specifies port 6443 for the Kubernetes Api Port a cluster is produced with the k8s api listening on port 443.
This behavior impacts operations in two ways:
How to reproduce
Observed Behavior
Suspected Root Cause
K8S_API_PORT is hard-coded to port 443 in
workerNodeletConfigTmpland does not use{{ .K8sApiPort }}nodelet/nodeletctl/pkg/nodeletctl/templates.go
Line 156 in 7a52c3d