Honor --hostname-override, report compatible hostname addresses with cloud provider

[liggitt]

xref #67714

7828e5d made cloud providers authoritative for the addresses reported on Node objects, so that the addresses used by the node (and requested as SANs in serving certs) could be verified via cloud provider metadata.

This had the effect of no longer reporting addresses of type Hostname for Node objects for some cloud providers. Cloud providers that have the instance hostname available in metadata should add a type: Hostname address to node status. This is being tracked in #67714

This PR does a couple other things to ease the transition to authoritative cloud providers:

• if --hostname-override is set on the kubelet, make the kubelet report that Hostname address. if it can't be verified via cloud-provider metadata (for cert approval, etc), the kubelet deployer is responsible for fixing the situation by adjusting the kubelet configuration (as they were in 1.11 and previously)
• if --hostname-override is not set, and the cloud provider didn't report a Hostname address, and the auto-detected hostname matches one of the addresses the cloud provider did report, make the kubelet report that as a Hostname address. That lets the addresses remain verifiable via cloud provider metadata, while still including a Hostname address whenever possible.

/sig node
/sig cloud-provider

/cc @mikedanese

fyi @hh

NONE

[liggitt]

/milestone v1.12

[liggitt]

/cc @smarterclayton
follow-up to 7828e5d that honors --hostname-override to keep compatibility with deployments that pre-generated certs and pinned kubelet-reported hostnames, and keeps the cloud provider authoritative otherwise

[dixudx]

/lgtm

[smarterclayton]

/approve

[liggitt]

/retest

[mikedanese]

log a warning?

[liggitt]

sure

[liggitt]

added warning messages for the hostname-override case

[mikedanese]

/lgtm

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dixudx, liggitt, mikedanese, smarterclayton

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• pkg/kubelet/OWNERS [smarterclayton]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[awly]

Nit for future PRs: https://github.com/golang/go/wiki/CodeReviewComments#comment-sentences

[k8s-github-robot]

/test all [submit-queue is verifying that this PR is safe to merge]

[k8s-github-robot]

Automatic merge from submit-queue (batch tested with PRs 67739, 65222). If you want to cherry-pick this change to another branch, please follow the instructions here.

[k8s-ci-robot]

@liggitt: The following test failed, say /retest to rerun them all:

Test name	Commit	Details	Rerun command
pull-kubernetes-kubemark-e2e-gce-big	2857de7	link	/test pull-kubernetes-kubemark-e2e-gce-big

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.