From 15cb6752978d5106c36657aa940e85b07e18c3a0 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Sat, 7 Dec 2024 09:35:57 -0600
Subject: [PATCH] r/kubelet: Pass --config arg to service

The systemd unit configuration installed by Fedora's _kubeadm_ package
does not pass the `--config` argument to the kubelet service.  Without
this argument, the kubelet will not read the configuration file
generated by `kubeadm` from the `kubelet-config` ConfigMap.  Thus,
various features will not work correctly, including server TLS
bootstrap.
---
 roles/kubelet/files/extra-args.systemd.conf |  2 ++
 roles/kubelet/handlers/main.yml             |  5 +++++
 roles/kubelet/tasks/main.yml                | 22 +++++++++++++++++++++
 3 files changed, 29 insertions(+)
 create mode 100644 roles/kubelet/files/extra-args.systemd.conf

diff --git a/roles/kubelet/files/extra-args.systemd.conf b/roles/kubelet/files/extra-args.systemd.conf
new file mode 100644
index 0000000..0325cb5
--- /dev/null
+++ b/roles/kubelet/files/extra-args.systemd.conf
@@ -0,0 +1,2 @@
+[Service]
+Environment=KUBELET_EXTRA_ARGS='--config=/var/lib/kubelet/config.yaml'
diff --git a/roles/kubelet/handlers/main.yml b/roles/kubelet/handlers/main.yml
index 93535f4..7525c9a 100644
--- a/roles/kubelet/handlers/main.yml
+++ b/roles/kubelet/handlers/main.yml
@@ -9,3 +9,8 @@
 - name: swapoff -a
   command:
     swapoff -a
+
+- name: restart kubelet
+  service:
+    name: kubelet
+    state: restarted
diff --git a/roles/kubelet/tasks/main.yml b/roles/kubelet/tasks/main.yml
index 1722819..27b4ca6 100644
--- a/roles/kubelet/tasks/main.yml
+++ b/roles/kubelet/tasks/main.yml
@@ -84,6 +84,28 @@
   tags:
   - cni
 
+- name: ensure kubelet.service drop-in configuration directory exists
+  file:
+    path: /etc/systemd/system/kubelet.service.d
+    owner: root
+    group: root
+    mode: u=rwx,go=rx
+    state: directory
+  tags:
+  - systemd
+- name: ensure kubelet.service extra args are configured
+  copy:
+    src: extra-args.systemd.conf
+    dest: /etc/systemd/system/kubelet.service.d/60-extra-args.conf
+    owner: root
+    group: root
+    mode: u=rw,go=r
+  notify:
+  - reload systemd
+  - restart kubelet
+  tags:
+  - systemd
+
 - name: ensure kubelet service is enabled
   service:
     name: kubelet