Wrong ip addr in kubeconfig file on ec2 instance
I was testing stackspin on an ec2 instance, and noticed that the kubeconfig cert was issued for the internal IP rather than the external IP and therefore I'm getting:
$ kc get node
Unable to connect to the server: x509: certificate is valid for 10.0.0.21, 10.43.0.1, 127.0.0.1, not 52.58.18.134
I was confused because we already fixed this in !360 (closed), but then I realized that although we configure the (external) IP in .flux.env like this:
# IP address of the cluster
ip_address=1.2.3.4
it will get overridden by this variable in ansible/group_vars/all/stackspin.yml
:
ip_address: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
That's weird because the ip_address
is only used in ansible for a single purpose, namely the kubeconfig cert:
❯ grep ip_address -ir ansible
ansible/roles/setup-kubernetes/tasks/k3s.yml: line: " server: https://{{ ip_address }}:6443"
ansible/group_vars/all/stackspin.yml:ip_address: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
ansible/group_vars/all/stackspin.yml: server_args: "--disable traefik --disable local-storage --disable servicelb --kube-apiserver-arg=event-ttl=48h0m0s --tls-san {{ ip_address }}"
Edited by Varac