Merge pull request #56084 from andrewsykim/kubeadm/400

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

kubeadm: set kube-apiserver advertise address using downward API

**What this PR does / why we need it**:
Sets kube-apiserver --advertise-address using downward API for self-hosted Kubernetes with kubeadm. 

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes # https://github.com/kubernetes/kubeadm/issues/400

**Special notes for your reviewer**:
@luxas mentioned something about losing the ability to customize advertise address via kubeadm, didn't really take that into consideration yet but I can definitely make the necessary changes if needed. 

**Release note**:
```release-note
kubeadm: set kube-apiserver advertise address using downward API
```

cmd/kubeadm/app/phases/selfhosting/podspec_mutation.go

@@ -18,6 +18,7 @@ package selfhosting
 
 import (
 	"path/filepath"
+	"strings"
 
 	"k8s.io/api/core/v1"
 	kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants"
@@ -42,6 +43,7 @@ func GetDefaultMutators() map[string][]PodSpecMutatorFunc {
 			addNodeSelectorToPodSpec,
 			setMasterTolerationOnPodSpec,
 			setRightDNSPolicyOnPodSpec,
+			setHostIPOnPodSpec,
 		},
 		kubeadmconstants.KubeControllerManager: {
 			addNodeSelectorToPodSpec,
@@ -101,6 +103,26 @@ func setMasterTolerationOnPodSpec(podSpec *v1.PodSpec) {
 	podSpec.Tolerations = append(podSpec.Tolerations, kubeadmconstants.MasterToleration)
 }
 
+// setHostIPOnPodSpec sets the environment variable HOST_IP using downward API
+func setHostIPOnPodSpec(podSpec *v1.PodSpec) {
+	envVar := v1.EnvVar{
+		Name: "HOST_IP",
+		ValueFrom: &v1.EnvVarSource{
+			FieldRef: &v1.ObjectFieldSelector{
+				FieldPath: "status.hostIP",
+			},
+		},
+	}
+
+	podSpec.Containers[0].Env = append(podSpec.Containers[0].Env, envVar)
+
+	for i := range podSpec.Containers[0].Command {
+		if strings.Contains(podSpec.Containers[0].Command[i], "advertise-address") {
+			podSpec.Containers[0].Command[i] = "--advertise-address=$(HOST_IP)"
+		}
+	}
+}
+
 // setRightDNSPolicyOnPodSpec makes sure the self-hosted components can look up things via kube-dns if necessary
 func setRightDNSPolicyOnPodSpec(podSpec *v1.PodSpec) {
 	podSpec.DNSPolicy = v1.DNSClusterFirstWithHostNet

cmd/kubeadm/app/phases/selfhosting/podspec_mutation_test.go

@@ -33,8 +33,36 @@ func TestMutatePodSpec(t *testing.T) {
 	}{
 		{
 			component: kubeadmconstants.KubeAPIServer,
-			podSpec:   &v1.PodSpec{},
+			podSpec: &v1.PodSpec{
+				Containers: []v1.Container{
+					{
+						Name: "kube-apiserver",
+						Command: []string{
+							"--advertise-address=10.0.0.1",
+						},
+					},
+				},
+			},
 			expected: v1.PodSpec{
+				Containers: []v1.Container{
+					{
+						Name: "kube-apiserver",
+						Command: []string{
+							"--advertise-address=$(HOST_IP)",
+						},
+						Env: []v1.EnvVar{
+							{
+								Name: "HOST_IP",
+								ValueFrom: &v1.EnvVarSource{
+									FieldRef: &v1.ObjectFieldSelector{
+										FieldPath: "status.hostIP",
+									},
+								},
+							},
+						},
+					},
+				},
+
 				NodeSelector: map[string]string{
 					kubeadmconstants.LabelNodeRoleMaster: "",
 				},
@@ -185,6 +213,55 @@ func TestSetRightDNSPolicyOnPodSpec(t *testing.T) {
 	}
 }
 
+func TestSetHostIPOnPodSpec(t *testing.T) {
+	var tests = []struct {
+		podSpec  *v1.PodSpec
+		expected v1.PodSpec
+	}{
+		{
+			podSpec: &v1.PodSpec{
+				Containers: []v1.Container{
+					{
+						Name: "kube-apiserver",
+						Command: []string{
+							"--advertise-address=10.0.0.1",
+						},
+						Env: []v1.EnvVar{},
+					},
+				},
+			},
+			expected: v1.PodSpec{
+				Containers: []v1.Container{
+					{
+						Name: "kube-apiserver",
+						Command: []string{
+							"--advertise-address=$(HOST_IP)",
+						},
+						Env: []v1.EnvVar{
+							{
+								Name: "HOST_IP",
+								ValueFrom: &v1.EnvVarSource{
+									FieldRef: &v1.ObjectFieldSelector{
+										FieldPath: "status.hostIP",
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for _, rt := range tests {
+		setHostIPOnPodSpec(rt.podSpec)
+
+		if !reflect.DeepEqual(*rt.podSpec, rt.expected) {
+			t.Errorf("failed setHostIPOnPodSpec:\nexpected:\n%v\nsaw:\n%v", rt.expected, *rt.podSpec)
+		}
+	}
+}
+
 func TestSetSelfHostedVolumesForAPIServer(t *testing.T) {
 	hostPathDirectoryOrCreate := v1.HostPathDirectoryOrCreate
 	var tests = []struct {

cmd/kubeadm/app/phases/selfhosting/selfhosting_test.go

@@ -134,7 +134,7 @@ spec:
         - --service-cluster-ip-range=10.96.0.0/12
         - --tls-cert-file=/etc/kubernetes/pki/apiserver.crt
         - --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt
-        - --advertise-address=192.168.1.115
+        - --advertise-address=$(HOST_IP)
         - --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt
         - --insecure-port=0
         - --experimental-bootstrap-token-auth=true
@@ -148,6 +148,11 @@ spec:
         - --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key
         - --authorization-mode=Node,RBAC
         - --etcd-servers=http://127.0.0.1:2379
+        env:
+        - name: HOST_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
         image: gcr.io/google_containers/kube-apiserver-amd64:v1.7.4
         livenessProbe:
           failureThreshold: 8