Update kubeadm-config

Author: kvaps

deploy/helm/kubernetes/manifests/coredns.yaml

@@ -72,7 +72,7 @@ data:
             lameduck 5s
         }
         ready
-        kubernetes cluster.local in-addr.arpa ip6.arpa {
+        kubernetes {{ .Values.networking.dnsDomain }} in-addr.arpa ip6.arpa {
             pods insecure
             fallthrough in-addr.arpa ip6.arpa
             ttl 30

deploy/helm/kubernetes/templates/_helpers.tpl

@@ -63,15 +63,15 @@ Generate etcd servers list.
 {{- end -}}
 
 {{/*
-Take the first IP address from the serviceClusterIPRange for the kube-dns service.
+Take the first IP address from the serviceSubnet for the kube-dns service.
 */}}
 {{- define "kubernetes.getCoreDNS" -}}
-  {{- $octetsList := splitList "." .Values.apiServer.serviceClusterIPRange -}}
+  {{- $octetsList := splitList "." .Values.networking.serviceSubnet -}}
   {{- printf "%d.%d.%d.%d" (index $octetsList 0 | int) (index $octetsList 1 | int) (index $octetsList 2 | int) 10 -}}
 {{- end -}}
 
 {{- define "kubernetes.getAPIAddress" -}}
-  {{- $octetsList := splitList "." .Values.apiServer.serviceClusterIPRange -}}
+  {{- $octetsList := splitList "." .Values.networking.serviceSubnet -}}
   {{- printf "%d.%d.%d.%d" (index $octetsList 0 | int) (index $octetsList 1 | int) (index $octetsList 2 | int) 1 -}}
 {{- end -}}
 

deploy/helm/kubernetes/templates/apiserver-deployment.yaml

@@ -95,11 +95,11 @@ spec:
         - --requestheader-username-headers=X-Remote-User
         - --secure-port={{ .Values.apiServer.port }}
         - --service-account-key-file=/pki/sa/tls.crt
-        - --service-cluster-ip-range={{ .Values.apiServer.serviceClusterIPRange }}
+        - --service-cluster-ip-range={{ .Values.networking.serviceSubnet }}
         - --tls-cert-file=/pki/apiserver-server/tls.crt
         - --tls-private-key-file=/pki/apiserver-server/tls.key
         - --egress-selector-config-file=/etc/kubernetes/egress-selector-configuration.yaml
-        - --service-account-issuer=https://kubernetes.default.svc.cluster.local
+        - --service-account-issuer=https://kubernetes.default.svc.{{ .Values.networking.dnsDomain }}
         - --service-account-signing-key-file=/pki/sa/tls.key
         {{- if .Values.konnectivityAgent.enabled }}
         - --api-audiences=system:konnectivity-server

deploy/helm/kubernetes/templates/controller-manager-deployment.yaml

@@ -87,6 +87,11 @@ spec:
         - --use-service-account-credentials=true
         - --tls-cert-file=/pki/controller-manager-server/tls.crt
         - --tls-private-key-file=/pki/controller-manager-server/tls.key
+        - --service-cluster-ip-range={{ .Values.networking.serviceSubnet }}
+        {{ with .Values.networking.podSubnet }}
+        --allocate-node-cidrs=true
+        - --cluster-cidr={{ . }}
+        {{- end }}
         {{- range $key, $value := .Values.controllerManager.extraArgs }}
         - --{{ $key }}={{ $value }}
         {{- end }}

deploy/helm/kubernetes/templates/kubeadm-config.yaml

@@ -7,11 +7,17 @@ metadata:
   name: {{ $fullName }}-kubeadm-config
 data:
   kubeadmcfg.yaml: |+
-    apiVersion: kubeadm.k8s.io/v1beta2
+    apiVersion: kubeadm.k8s.io/v1beta3
     kind: ClusterConfiguration
     {{- if .Values.controlPlaneEndpoint }}
     controlPlaneEndpoint: {{ .Values.controlPlaneEndpoint }}
     {{- else }}
     controlPlaneEndpoint: {{ $fullName }}-apiserver:{{ .Values.apiServer.service.port }}
     {{- end }}
+    {{- with .Values.networking }}
+    networking:
+      dnsDomain: {{ .dnsDomain }}
+      podSubnet: {{ .podSubnet }}
+      serviceSubnet: {{ .serviceSubnet }}
+    {{- end }}
 {{- end }}

deploy/helm/kubernetes/values.yaml

@@ -1,4 +1,8 @@
 controlPlaneEndpoint:
+networking:
+  dnsDomain: cluster.local
+  serviceSubnet: 10.96.0.0/12
+  podSubnet: #10.112.0.0/12
 
 persistence:
   enabled: true
@@ -120,8 +124,6 @@ apiServer:
     dnsNames: []
     ipAddresses: []
 
-  serviceClusterIPRange: 10.96.0.0/12
-
   extraArgs: {}
     # advertise-address is required for kube-proxy
     #advertise-address: 10.9.8.10