From 57fef8f75e18cdbbbae6fa2528c2a183020d561c Mon Sep 17 00:00:00 2001
From: Matthew Mosesohn <matthew.mosesohn@gmail.com>
Date: Tue, 3 Dec 2019 22:56:58 +0300
Subject: [PATCH] Allow customizing kubelet healthz port and bind addr (#5403)

Change-Id: I1634ba2d2d3337243ffcdea86750003a559f2576
---
 roles/kubernetes/node/defaults/main.yml                     | 6 ++++++
 .../node/templates/kubelet-config.v1beta1.yaml.j2           | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml
index a59573405..ebf52220f 100644
--- a/roles/kubernetes/node/defaults/main.yml
+++ b/roles/kubernetes/node/defaults/main.yml
@@ -84,6 +84,12 @@ kube_override_hostname: >-
 # The read-only port for the Kubelet to serve on with no authentication/authorization.
 kube_read_only_port: 0
 
+# Port for healthz for Kubelet
+kubelet_healthz_port: 10248
+
+# Bind address for healthz for Kubelet
+kubelet_healthz_bind_address: 127.0.0.1
+
 # sysctl_file_path to add sysctl conf to
 sysctl_file_path: "/etc/sysctl.d/99-sysctl.conf"
 
diff --git a/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2 b/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
index ec7cbfe44..ec83e9d54 100644
--- a/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
+++ b/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
@@ -27,6 +27,8 @@ cgroupDriver: {{ kubelet_cgroup_driver|default(kubelet_cgroup_driver_detected) }
 maxPods: {{ kubelet_max_pods }}
 address: {{ kubelet_bind_address }}
 readOnlyPort: {{ kube_read_only_port }}
+healthzPort: {{ kubelet_healthz_port }}
+healthzBindAddress: {{ kubelet_healthz_bind_address }}
 kubeletCgroups: {{ kubelet_kubelet_cgroups }}
 clusterDomain: {{ dns_domain }}
 {% if kubelet_rotate_certificates|bool %}