From f5ee8b71ff300c2c3cb8cea019c84e7391e2e0e8 Mon Sep 17 00:00:00 2001
From: Pat Riehecky <3534830+jcpunk@users.noreply.github.com>
Date: Thu, 8 Jun 2023 04:54:13 -0500
Subject: [PATCH] Permit custom names for API server lb/proxy containers.
 (#10166)

Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
---
 docs/ha-mode.md                                              | 5 +++--
 roles/kubernetes/node/defaults/main.yml                      | 1 +
 .../kubernetes/node/templates/manifests/haproxy.manifest.j2  | 2 +-
 .../node/templates/manifests/nginx-proxy.manifest.j2         | 2 +-
 4 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/docs/ha-mode.md b/docs/ha-mode.md
index 1bbfd3548..f961c7462 100644
--- a/docs/ha-mode.md
+++ b/docs/ha-mode.md
@@ -24,9 +24,10 @@ configured by the variable `loadbalancer_apiserver_localhost` (defaults to
 `True`. Or `False`, if there is an external `loadbalancer_apiserver` defined).
 You may also define the port the local internal loadbalancer uses by changing,
 `loadbalancer_apiserver_port`.  This defaults to the value of
-`kube_apiserver_port`. It is also important to note that Kubespray will only
+`kube_apiserver_port`.  It is also important to note that Kubespray will only
 configure kubelet and kube-proxy on non-master nodes to use the local internal
-loadbalancer.
+loadbalancer.  If you wish to control the name of the loadbalancer container,
+you can set the variable `loadbalancer_apiserver_pod_name`.
 
 If you choose to NOT use the local internal loadbalancer, you will need to
 use the [kube-vip](kube-vip.md) ansible role or configure your own loadbalancer to achieve HA. By default, it only configures a non-HA endpoint, which points to the
diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml
index 611801318..1eb288c17 100644
--- a/roles/kubernetes/node/defaults/main.yml
+++ b/roles/kubernetes/node/defaults/main.yml
@@ -92,6 +92,7 @@ loadbalancer_apiserver_memory_requests: 32M
 loadbalancer_apiserver_cpu_requests: 25m
 
 loadbalancer_apiserver_keepalive_timeout: 5m
+loadbalancer_apiserver_pod_name: "{% if loadbalancer_apiserver_type == 'nginx' %}nginx-proxy{% else %}haproxy{% endif %}"
 
 # Uncomment if you need to enable deprecated runtimes
 # kube_api_runtime_config:
diff --git a/roles/kubernetes/node/templates/manifests/haproxy.manifest.j2 b/roles/kubernetes/node/templates/manifests/haproxy.manifest.j2
index 1efcbaede..7c5097cd3 100644
--- a/roles/kubernetes/node/templates/manifests/haproxy.manifest.j2
+++ b/roles/kubernetes/node/templates/manifests/haproxy.manifest.j2
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: haproxy
+  name: {{ loadbalancer_apiserver_pod_name }}
   namespace: kube-system
   labels:
     addonmanager.kubernetes.io/mode: Reconcile
diff --git a/roles/kubernetes/node/templates/manifests/nginx-proxy.manifest.j2 b/roles/kubernetes/node/templates/manifests/nginx-proxy.manifest.j2
index 04b9b734e..16757ec9a 100644
--- a/roles/kubernetes/node/templates/manifests/nginx-proxy.manifest.j2
+++ b/roles/kubernetes/node/templates/manifests/nginx-proxy.manifest.j2
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: nginx-proxy
+  name: {{ loadbalancer_apiserver_pod_name }}
   namespace: kube-system
   labels:
     addonmanager.kubernetes.io/mode: Reconcile