From ff8efd3139c893f845bce7e4b1a5158aac6b3bbd Mon Sep 17 00:00:00 2001
From: Nemo <me@captnemo.in>
Date: Sun, 27 Jan 2019 20:07:52 +0530
Subject: [PATCH] fix etcd, c-m, and node label/taints for kubelet

---
 modules/bootkube/main.tf     | 4 ++++
 modules/etcd/main.tf         | 2 +-
 modules/kubelet/main.tf      | 8 +++++++-
 modules/kubelet/variables.tf | 6 ++++++
 4 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/modules/bootkube/main.tf b/modules/bootkube/main.tf
index 710506e..d26ca7f 100644
--- a/modules/bootkube/main.tf
+++ a/modules/bootkube/main.tf
@@ -62,6 +62,10 @@
     content = "${file("${var.asset-dir}/tls/service-account.pub")}"
   }
   upload {
+    file    = "/home/.bootkube/tls/service-account.key"
+    content = "${file("${var.asset-dir}/tls/service-account.key")}"
+  }
+  upload {
     content = "${file("${var.asset-dir}/tls/ca.key")}"
     file    = "/home/.bootkube/tls/ca.key"
   }
diff --git a/modules/etcd/main.tf b/modules/etcd/main.tf
index 595215a..6001622 100644
--- a/modules/etcd/main.tf
+++ a/modules/etcd/main.tf
@@ -46,7 +46,7 @@
 
   env = [
     "ETCD_NAME=${var.node_name}",
-    "ETCD_DATA_DIR=/var/lib/etcd",
+    "ETCD_DATA_DIR=/etcd-data",
     "ETCD_ADVERTISE_CLIENT_URLS=https://${var.domain}:2379",
     "ETCD_INITIAL_ADVERTISE_PEER_URLS=https://${var.domain}:2380",
     "ETCD_LISTEN_CLIENT_URLS=https://0.0.0.0:2379",
diff --git a/modules/kubelet/main.tf b/modules/kubelet/main.tf
index b85ca93..62cc7af 100644
--- a/modules/kubelet/main.tf
+++ a/modules/kubelet/main.tf
@@ -101,8 +101,10 @@
     "--anonymous-auth=false",
     "--authentication-token-webhook",
     "--authorization-mode=Webhook",
-    "--cert-dir=/var/lib/kubelet/pki",
+
+    # "--cert-dir=/var/lib/kubelet/pki",
     "--client-ca-file=/etc/kubernetes/ca.crt",
+
     "--cluster_dns=${var.dns_ip}",
     "--cluster_domain=${var.k8s_host}",
 
@@ -117,6 +119,8 @@
     "--node-labels=node-role.kubernetes.io/master",
     "--pod-manifest-path=/etc/kubernetes/manifests",
     "--read-only-port=0",
+    "--register-with-taints=${var.node_taints}",
+    "--node-labels=${var.node_label}",
     "--rotate-certificates",
   ]
   host {
@@ -125,8 +129,6 @@
   }
 
   # TODO
-  # "--register-with-taints=${var.node_taints}",
-  # "--node-labels=${var.node_label}",
 
   network_mode = "host"
   privileged   = true
diff --git a/modules/kubelet/variables.tf b/modules/kubelet/variables.tf
index 0426c4d..788f03f 100644
--- a/modules/kubelet/variables.tf
+++ a/modules/kubelet/variables.tf
@@ -5,7 +5,11 @@
 
 variable "node_label" {
   description = "kubelet version"
-  default     = "node.kubernetes.io/master"
+  default     = "node-role.kubernetes.io/master"
+}
+
+variable "node_taints" {
+  default = "node-role.kubernetes.io/master=:NoSchedule"
 }
 
 variable "depends_on" {
--
rgit 0.1.5