How to set/change endpoints conected to kubernetes.default.svc service

5/21/2021

I have kubernetes multi control plane cluster bootstrapped by command:

kubeadm init --config kubeadm-config.yaml

kubeadm-config.yaml contains:

apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: stable
controlPlaneEndpoint: "10.10.10.120:6443"
apiServer:
  extraArgs:
    secure-port: "8080"
    advertise-address: "10.10.10.121"

Why endpoints connected to kubernetes.default.svc service point to 10.10.10.121:8080 instead to 10.10.10.120:6443 ?

Can I change this or maybe I made some mistake while control plane bootstrap ?

# kubectl describe endpoints kubernetes 
Name:         kubernetes
Namespace:    default
Labels:       <none>
Annotations:  <none>
Subsets:
  Addresses:          10.10.10.121
  NotReadyAddresses:  <none>
  Ports:
    Name   Port  Protocol
    ----   ----  --------
    https  8080  TCP

Events:  <none>
-- Piotr Rotter
kube-apiserver
kubeadm
kubernetes

2 Answers

5/24/2021

I know where was problem

On all master nodes in kube-apiserver manifest was:

# cat /etc/kubernetes/manifests/kube-apiserver.yaml 
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    component: kube-apiserver
    tier: control-plane
  name: kube-apiserver
  namespace: kube-system
spec:
  containers:
  - command:
    - kube-apiserver
    - --advertise-address=10.10.10.121

I fixed it and now is ok:

# kubectl describe endpoints kubernetes 
Name:         kubernetes
Namespace:    default
Labels:       <none>
Annotations:  <none>
Subsets:
  Addresses:          10.10.10.121,10.10.10.122,10.10.10.123
  NotReadyAddresses:  <none>
  Ports:
    Name   Port  Protocol
    ----   ----  --------
    https  8080  TCP

Events:  <none>

Question: Why kubeadm join set advertise-address equal 10.10.10.121 on all nodes even that in kubeadm-config.yaml was set proper ip address, ex on node 2:

apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: stable
controlPlaneEndpoint: "10.10.10.120:6443"
apiServer:
  extraArgs:
    secure-port: "8080"
    advertise-address: "10.10.10.122"
-- Piotr Rotter
Source: StackOverflow

5/21/2021

This is managed internally by kube-apiserver and I have a vague memory that it only updates if the Service doesn't exist? You can try deleting the service/endpoints/slices and restarting the whole cluster.

-- coderanger
Source: StackOverflow