More flexible way of setting external address

[errordeveloper]

Currently one can set external address of the master either via a specific IP or rely on very opinionated default interface selection mechanism (util.ChooseHostInterface()). It would be very handy to override this via exact interface name as well as DNS.

There are currently two flags, --advertise-address and --external-hostname. It is a little surprising that setting --external-hostname still doesn't affect what the external address will be, however may be all that's needed is --external-interface...

I am running apiserver in a container on Weave and it's Docker's eth0 that util.ChooseHostInterface() currenly favours, as that's what has the default route, but that's not my cross-host network. Weave adds ethwe interface and I'd like to use whatever IP that gets. Right now I have to add a wrapper which gets IP of ethwe and passes it to --advertise-address, which is in fact just a call to hostname -i (see weaveworks/weave#68). Perhaps, a simple mechanism, like hostname -i, is what would work more like other programs out there?

[thockin]

We went back-and-forth on hostname -i - I forget the exact reason we
didn't try that first. I'm happy to revisit if we think we have a better
heuristic. Or we could (sigh) add more flags.

On Mon, Nov 2, 2015 at 6:26 PM, Ilya Dmitrichenko [email protected]
wrote:

Currently one can set external address of the master either via a specific
IP or rely on very opinionated default interface selection mechanism (
util.ChooseHostInterface()). It would be very handy to override this via
exact interface name as well as DNS.

There are currently two flags, --advertise-address and --external-hostname.
It is a little surprising that setting --external-hostname still doesn't
affect what the external address will be, however may be all that's needed
is --external-interface...

I am running apiserver in a container on Weave and it's Docker's eth0
that util.ChooseHostInterface() currenly favours, as that's what has the
default route, but that's not my cross-host network. Weave adds ethwe
interface and I'd like to use whatever IP that gets. Right now I have to
add a wrapper which gets IP of ethwe and passes it to --advertise-address,
which is in fact just a call to hostname -i (see weaveworks/weave#68
weaveworks/weave#68). Perhaps, a simple
mechanism, like hostname -i, is what would work more like other programs
out there?

—
Reply to this email directly or view it on GitHub
#16706.

[errordeveloper]

I see. Well, I don't think hostname -i is ideal either, the whole notion of "default interface" is relative anyway. I think it's best to provide full control in situation where the address itself is not known ahead of time, so a flag setting the specific interface would be the way of providing that level of control.

[lavalamp]

Happy to look at a PR for this.

[lavalamp]

@resouer I can't promise speedy reviews, but you are welcome to take a stab at this.

@errordeveloper is there no way you can run a script to discover the correct address and then pass it in? I'm just trying to think of ways to avoid adding more flags.

[resouer]

@lavalamp I am also hesitate to add a more flags. So watch this to see if any work around ...

[errordeveloper]

@lavalamp I am using a script already:

CMD weave_ip=$(hostname -i) ; \
    /hyperkube apiserver \
      --insecure-bind-address=$weave_ip \
      --advertise-address=$weave_ip \
      --external-hostname=kube-apiserver.weave.local \
      --port=8080 \
      --etcd-servers=$ETCD_CLUSTER \
      --service-cluster-ip-range=10.16.0.0/12 \
      --cloud-provider=$CLOUD_PROVIDER \
      --logtostderr=true

[errordeveloper]

However, I just thought it'd be much nicer to have one of the these two:

a) Allow passing DNS name instead of IP address:

      --insecure-bind-address=kube-apiserver.weave.local \
      --advertise-address=kube-apiserver.weave.local \
      --external-hostname=kube-apiserver.weave.local \
      --port=8080 \

b) Allow passing interface name instead of exact IP address:

      --insecure-bind-address=eth1 \
      --advertise-address=eth1 \
      --external-hostname=kube-apiserver.weave.local \
      --port=8080 \

Although, in both cases I'm not sure why I would have to pass all these flags with the same value an a shortcut would be even much nicer!

[errordeveloper]

Of course, I can stick with what I have. I might make a pull-request to add a helper script in the upstream container image, if people think it's appropriate.

[resouer]

Personally, I prefer your work around than adding a new flag :)

[lavalamp]

Yeah, I prefer your work-around to more flags or more functionality for the existing flags.

[errordeveloper]

Closing, as a high-level problem like this should probably be solved in kubeadm.