feat: permit specifying API server DNS name

closes #158 Signed-off-by: Clément Nussbaumer <[email protected]>
postfinance · Sep 30, 2024 · 545d7b6 · 545d7b6
1 parent b87a8ee
commit 545d7b6
Show file tree

Hide file tree

Showing 6 changed files with 20 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -125,6 +125,7 @@ The following command can be used to install kubenurse with Helm: `helm upgrade
 | histogram_buckets                  | Sets `KUBENURSE_HISTOGRAM_BUCKETS` environment variable                                                              |                                    |
 | extra_ca                           | Sets `KUBENURSE_EXTRA_CA` environment variable                                                                       |                                    |
 | extra_checks                       | Sets `KUBENURSE_EXTRA_CHECKS` environment variable                                                                   |                                    |
+| kubernetes_service_dns             | Sets `KUBERNETES_SERVICE_DNS` environment variable                                                                   |                                    |
 | check_api_server_direct            | Sets `KUBENURSE_CHECK_API_SERVER_DIRECT` environment variable                                                        | `true`                             |
 | check_api_server_dns               | Sets `KUBENURSE_CHECK_API_SERVER_DNS` environment variable                                                           | `true`                             |
 | check_me_ingress                   | Sets `KUBENURSE_CHECK_ME_INGRESS` environment variable                                                               | `true`                             |
@@ -169,6 +170,10 @@ Following variables are injected to the Pod by Kubernetes and should not be defi
 - `KUBERNETES_SERVICE_HOST`: Host to communicate to the kube-apiserver
 - `KUBERNETES_SERVICE_PORT`: Port to communicate to the kube-apiserver
 
+The DNS name of the API server can be configured with the
+`KUBERNETES_SERVICE_DNS` environment variable, and it defaults to
+`kubernetes.default.svc.cluster.local`.
+
 </details>
 
 ## HTTP Endpoints

diff --git a/helm/kubenurse/templates/daemonset.yaml b/helm/kubenurse/templates/daemonset.yaml
@@ -55,6 +55,8 @@ spec:
           value: {{ default (printf "http://%s.%s.svc.cluster.local:%.f" $fullName .Release.Namespace .Values.service.port) .Values.service_url }}
         - name: KUBENURSE_INSECURE
           value: {{ .Values.insecure  | quote }}
+        - name: KUBERNETES_SERVICE_DNS
+          value: {{ .Values.kubernetes_service_dns  | quote }}
         - name: KUBENURSE_ALLOW_UNSCHEDULABLE
           value: {{ .Values.allow_unschedulable  | quote }}
         - name: KUBENURSE_NAMESPACE

diff --git a/helm/kubenurse/values.yaml b/helm/kubenurse/values.yaml
@@ -33,6 +33,8 @@ serviceMonitor:
 insecure: true
 # KUBENURSE_SERVICE_URL
 service_url: ""
+# KUBERNETES_SERVICE_DNS
+kubernetes_service_dns: "kubernetes.default.svc.cluster.local"
 # KUBENURSE_ALLOW_UNSCHEDULABLE
 allow_unschedulable: false
 # KUBENURSE_NEIGHBOUR_FILTER

diff --git a/internal/kubenurse/server.go b/internal/kubenurse/server.go
@@ -154,6 +154,7 @@ func New(c client.Client) (*Server, error) { //nolint:funlen // TODO: use a flag
 	chk.KubenurseServiceURL = os.Getenv("KUBENURSE_SERVICE_URL")
 	chk.KubernetesServiceHost = os.Getenv("KUBERNETES_SERVICE_HOST")
 	chk.KubernetesServicePort = os.Getenv("KUBERNETES_SERVICE_PORT")
+	chk.KubernetesServiceDNS = getOrDefault("KUBERNETES_SERVICE_DNS", "kubernetes.default.svc.cluster.local")
 	chk.KubenurseNamespace = os.Getenv("KUBENURSE_NAMESPACE")
 	chk.NeighbourFilter = os.Getenv("KUBENURSE_NEIGHBOUR_FILTER")
 	neighLimit := os.Getenv("KUBENURSE_NEIGHBOUR_LIMIT")
@@ -307,3 +308,11 @@ func (s *Server) Shutdown() error {
 
 	return nil
 }
+
+func getOrDefault(envVar, defaultVal string) string {
+	if val := os.Getenv(envVar); len(val) > 0 {
+		return val
+	}
+
+	return defaultVal
+}
diff --git a/internal/servicecheck/servicecheck.go b/internal/servicecheck/servicecheck.go
@@ -152,7 +152,7 @@ func (c *Checker) APIServerDNS(ctx context.Context) string {
 		return skippedStr
 	}
 
-	apiurl := fmt.Sprintf("https://kubernetes.default.svc.cluster.local:%s/version", c.KubernetesServicePort)
+	apiurl := fmt.Sprintf("https://%s:%s/version", c.KubernetesServiceDNS, c.KubernetesServicePort)
 
 	return c.doRequest(ctx, apiurl, false)
 }

diff --git a/internal/servicecheck/types.go b/internal/servicecheck/types.go
@@ -29,6 +29,7 @@ type Checker struct {
 	ShutdownDuration time.Duration
 
 	// Kubernetes API
+	KubernetesServiceDNS     string
 	KubernetesServiceHost    string
 	KubernetesServicePort    string
 	SkipCheckAPIServerDirect bool