From c92868c054dc03fd1f3a4e7c9f6bc2687ae2c142 Mon Sep 17 00:00:00 2001
From: Karim Naufal <rimkashox@gmail.com>
Date: Thu, 3 Mar 2022 19:08:12 +0100
Subject: [PATCH] fixed TLS handshake error on agents

---
 .gitignore        | 1 +
 agents.tf         | 4 ++--
 control_planes.tf | 1 -
 init.tf           | 1 -
 locals.tf         | 2 --
 5 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/.gitignore b/.gitignore
index 16bc502..458f192 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@ kubeconfig.yaml-e
 terraform.tfvars
 plans.yaml
 traefik_config.yaml
+kured.yaml
diff --git a/agents.tf b/agents.tf
index da4c4f5..10912ec 100644
--- a/agents.tf
+++ b/agents.tf
@@ -44,11 +44,11 @@ resource "null_resource" "agents" {
   provisioner "file" {
     content = yamlencode({
       node-name     = module.agents[each.key].name
-      server        = "https://${local.first_control_plane_network_ipv4}:6443"
+      server        = "https://${module.control_planes[0].private_ipv4_address}:6443"
       token         = random_password.k3s_token.result
       kubelet-arg   = "cloud-provider=external"
       flannel-iface = "eth1"
-      node-ip       = module.agents[each.key].ipv4_address
+      node-ip       = module.agents[each.key].private_ipv4_address
       node-label    = var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []
     })
     destination = "/tmp/config.yaml"
diff --git a/control_planes.tf b/control_planes.tf
index 7c31d4b..34cf4bf 100644
--- a/control_planes.tf
+++ b/control_planes.tf
@@ -53,7 +53,6 @@ resource "null_resource" "control_planes" {
       kubelet-arg              = "cloud-provider=external"
       node-ip                  = module.control_planes[count.index].private_ipv4_address
       advertise-address        = module.control_planes[count.index].private_ipv4_address
-      tls-san                  = module.control_planes[count.index].private_ipv4_address
       node-taint               = var.allow_scheduling_on_control_plane ? [] : ["node-role.kubernetes.io/master:NoSchedule"]
       node-label               = var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []
     })
diff --git a/init.tf b/init.tf
index ee9134b..87e624e 100644
--- a/init.tf
+++ b/init.tf
@@ -18,7 +18,6 @@ resource "null_resource" "first_control_plane" {
       kubelet-arg              = "cloud-provider=external"
       node-ip                  = module.control_planes[0].private_ipv4_address
       advertise-address        = module.control_planes[0].private_ipv4_address
-      tls-san                  = module.control_planes[0].private_ipv4_address
       node-taint               = var.allow_scheduling_on_control_plane ? [] : ["node-role.kubernetes.io/master:NoSchedule"]
       node-label               = var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []
     })
diff --git a/locals.tf b/locals.tf
index 6ebbe16..1e77fa2 100644
--- a/locals.tf
+++ b/locals.tf
@@ -1,6 +1,4 @@
 locals {
-  first_control_plane_network_ipv4 = module.control_planes[0].private_ipv4_address
-
   ssh_public_key = trimspace(file(var.public_key))
   # ssh_private_key is either the contents of var.private_key or null to use a ssh agent.
   ssh_private_key = var.private_key == null ? null : trimspace(file(var.private_key))