As per documentation, the cloud-provider flag should not be passed to
controller-manager when using cloud-controller. However, the legacy
cloud-related controllers still need to be explicitly disabled to
prevent errors from being logged.
Fixing this also prevents controller-manager from creating the
cloud-controller-manager service account that needed extra RBAC.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Resolves warning 2 from #2471.
As per https://github.com/kubernetes/cloud-provider/issues/12 the
ClusterID requirement was never really followed through on, so the
flag is probably going to be removed in the future.
One side-effect of this is that the core k8s cloud-controller-manager
also wants to watch nodes, and needs RBAC to do so.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Related to #1908
Will be fixed upstream by
https://github.com/rancher/local-path-provisioner/pull/135/ but we're
not going to update the LPP image right now since it's undergoing some
changes that we don't want to pick up at the moment.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
Configure Traefik to update the Ingress Resources `loadBalancer` status.
This would provide users with at least following benefits:
1. It drastically simplifies the way one can quickly determine the relevant IP for a certain Ingress Resource, without the person deploying that Ingress needing to know how or where the LoadBalancer comes from.
2. Let's assume a User that has only permission to work in one specific namespace and is not allowed to *list* or *read* services from the `kube-system` namespace, for such a User this change would basically empower them to access the relevant information without being bottlenecked by another.
3. Allow tools like [external-dns](https://github.com/kubernetes-incubator/external-dns) to dynamically register all the available Ingress Resources with one of the Supported DNS Providers such as a local [CoreDNS](https://coredns.io).
Allow the kubelet resolv-conf flag to be set, or automatically
discovered from /etc/resolv.conf & /run/systemd/resolve/resolv.conf if
no loopback devices are present, or create our own which points to
nameserver 8.8.8.8