How to change kube-proxy config?

Asked 20/1, 2021 at 9:18 Answered 20/1, 2021 at 11:56

I've tried to change kube-proxy configMap and kube-proxy command to set metricsBindAddress but kubernetes resets these changes(without any warnings) after couple seconds.

kubectl edit cm kube-proxy-config -n kube-system => add metricsBindAddress => wait couple seconds and open the config - there is empty metricsBindAddress
kubectl edit ds kube-proxy -n kube-system => add --metrics-bind-address to command => wait couple seconds => the command was reset to default

How to change kube-proxy config and keep these changes ?

Kubernetes version 1.17

UPDATE(as you can, after several seconds metricsBindAddress was changed to empty string):

UPDATE 2(pay attention on metricsBinAddress, it's changed after ~40-50 seconds):

FINAL UPDATE: Answer from cloud provider(Yandex) - kube-proxy pod it is on the host's network, so to prevent security problems, it listens exclusively on the loopback address and therefore the parameter will be reset

p.s. https://github.com/helm/charts/tree/master/stable/prometheus-operator#kubeproxy - I want to make kube-proxy accessible by prometheus

Delk answered 20/1, 2021 at 9:18 Comment(6)

I am using version 1.18 and editing the metricsBindAddress is working fine. – Isoclinal 20/1, 2021 at 9:55

@AlifBiswas my collegue also try and he has the same problem. can you change metricsBindAddress, wait couple seconds and try to change again? in my and collegue case it show "" instead of the address I set – Delk 20/1, 2021 at 9:59

Still showing the same. By the way, The helm chart you mentioned in the post is deprecated. Are you sure this is not causing any problem? – Isoclinal 20/1, 2021 at 10:2

@AlifBiswas no, I don't think the deprecated chart can reset kube-proxy config. Maybe it's my cloud provider.. Thank you – Delk 20/1, 2021 at 10:5

What exactly version are you using on your cluster? I tried on v1.17.17 and have only kube-proxy configmap and you are editing configmap named kube-proxy-config. What environment you are using, its local or cloud env? Are you using some specific configuration or it's fresh cluster and you just wanted to edit kube-proxy configmap? – Lanfri 20/1, 2021 at 16:29

@Lanfri

Server Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.12", GitCommit:"5ec472285121eb6c451e515bc0a7201413872fa3", GitTreeState:"clean", BuildDate:"2020-09-16T13:32:12Z", GoVersion:"go1.13.15", Compiler:"gc", Platform:"linux/amd64"}

Depending on the cluster, the relevant part config.conf will be in ConfigMap kube-system/kube-proxy or kube-system/kube-proxy-config

I am posting this Community Wiki because root cause of the issue has been determined.

Usually to change of metricsBindAddress: can be achieved by editing ConfigMap and delete kube-proxy pod or use rollout restart on DaemonSet.

Root cause of this issue was that this change was blocked by OP's environment - Yandex Cloud.

OP received feedback from Yandex Support

kube-proxy pod it is on the host's network, so to prevent security problems, it listens exclusively on the loopback address and therefore the parameter will be reset

Lanfri answered 20/1, 2021 at 9:19 Comment(0)

First edit:

kubectl edit cm/kube-proxy -n kube-system

.....
metricsBindAddress: 0.0.0.0:10249
.....

Then,

kubectl rollout restart ds kube-proxy -n kube-system

You have to restart the pods otherwise they do not get the configuration. You can check the status by:

kubectl rollout status ds kube-proxy -n kube-system

Neuropsychiatry answered 20/1, 2021 at 11:56 Comment(1)

I did it several times , but metricsBindAddress resets. I've updated first post, you can see what am I talking about – Delk 20/1, 2021 at 14:7