control-plane: fix first_kube_control_plane delegation with kube_override_hostname (#12636)

* control-plane: fix first_kube_control_plane delegation with kube_override_hostname When kube_override_hostname is configured, the node names reported by `kubectl get nodes` differ from the inventory_hostname known to Ansible. This causes delegation failures in subsequent tasks since Ansible cannot resolve the hostname from kubectl output to an inventory host. Signed-off-by: Seena Fallah <seenafallah@gmail.com> * control-plane: remove fragile first_control_plane selection logic Current implementation breaks with kube_override_hostname and has multiple edge cases. Drop until proper kubectl-based node lookup can be implemented. Signed-off-by: Seena Fallah <seenafallah@gmail.com> --------- Signed-off-by: Seena Fallah <seenafallah@gmail.com>
2025-12-13 21:34:40 +03:00 · 2025-11-25 17:10:38 +01:00
parent 3de6fa7220
commit 5789dc839c
4 changed files with 4 additions and 22 deletions
--- a/docs/operations/nodes.md
+++ b/docs/operations/nodes.md
@@ -31,6 +31,8 @@ That's it.
 Append the new host to the inventory and run `cluster.yml`. You can NOT use `scale.yml` for that.
 **Note:** When adding new control plane nodes, always append them to the end of the `kube_control_plane` group in your inventory. Adding control plane nodes in the first position is not supported and will cause the playbook to fail.
 ### 2) Restart kube-system/nginx-proxy
 In all hosts, restart nginx-proxy pod. This pod is a local proxy for the apiserver. Kubespray will update its static config, but it needs to be restarted in order to reload.
--- a/roles/kubernetes/control-plane/tasks/define-first-kube-control.yml
+++ b/roles/kubernetes/control-plane/tasks/define-first-kube-control.yml
@@ -1,19 +0,0 @@
 ---
 - name: Check which kube-control nodes are already members of the cluster
  command: "{{ bin_dir }}/kubectl get nodes --selector=node-role.kubernetes.io/control-plane -o json"
  register: kube_control_planes_raw
  ignore_errors: true
  changed_when: false
 - name: Set fact joined_control_planes
  set_fact:
    joined_control_planes: "{{ ((kube_control_planes_raw.stdout | from_json)['items']) | default([]) | map(attribute='metadata') | map(attribute='name') | list }}"
  delegate_to: "{{ item }}"
  loop: "{{ groups['kube_control_plane'] }}"
  when: kube_control_planes_raw is succeeded
  run_once: true
 - name: Set fact first_kube_control_plane
  set_fact:
    first_kube_control_plane: "{{ joined_control_planes | default([]) | first | default(groups['kube_control_plane'] | first) }}"
--- a/roles/kubernetes/control-plane/tasks/main.yml
+++ b/roles/kubernetes/control-plane/tasks/main.yml
@@ -92,9 +92,6 @@
    - upgrade
  ignore_errors: true  # noqa ignore-errors
 - name: Define nodes already joined to existing cluster and first_kube_control_plane
  import_tasks: define-first-kube-control.yml
 - name: Include kubeadm setup
  import_tasks: kubeadm-setup.yml
--- a/roles/kubespray_defaults/defaults/main/main.yml
+++ b/roles/kubespray_defaults/defaults/main/main.yml
@@ -632,6 +632,8 @@ ssl_ca_dirs: |-
  {% endif -%}
  ]
 # used for delegating tasks on a working control plane node
 first_kube_control_plane: "{{ groups['kube_control_plane'] | first }}"
 # Vars for pointing to kubernetes api endpoints
 kube_apiserver_count: "{{ groups['kube_control_plane'] | length }}"
 kube_apiserver_address: "{{ hostvars[inventory_hostname]['main_ip'] }}"