From c4c1bd6bc5172fd091c3af76ebd66247fa59058c Mon Sep 17 00:00:00 2001
From: Nils Hanke <nils.hanke@outlook.com>
Date: Wed, 21 Dec 2022 11:38:58 +0100
Subject: [PATCH] Move Konnectivity socket to non-persistent /run

---
 bootstrapper/internal/kubernetes/k8sapi/kubeadm_config.go | 4 ++--
 .../internal/kubernetes/k8sapi/resources/konnectivity.go  | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/bootstrapper/internal/kubernetes/k8sapi/kubeadm_config.go b/bootstrapper/internal/kubernetes/k8sapi/kubeadm_config.go
index 53184eb03..fd5984e0c 100644
--- a/bootstrapper/internal/kubernetes/k8sapi/kubeadm_config.go
+++ b/bootstrapper/internal/kubernetes/k8sapi/kubeadm_config.go
@@ -113,8 +113,8 @@ func (c *KubdeadmConfiguration) InitConfiguration(externalCloudProvider bool, k8
 						},
 						{
 							Name:      "konnectivity-uds",
-							HostPath:  "/etc/kubernetes/konnectivity-server",
-							MountPath: "/etc/kubernetes/konnectivity-server",
+							HostPath:  "/run/konnectivity-server",
+							MountPath: "/run/konnectivity-server",
 							ReadOnly:  false,
 							PathType:  corev1.HostPathDirectoryOrCreate,
 						},
diff --git a/bootstrapper/internal/kubernetes/k8sapi/resources/konnectivity.go b/bootstrapper/internal/kubernetes/k8sapi/resources/konnectivity.go
index 4a1068700..1e32fb09d 100644
--- a/bootstrapper/internal/kubernetes/k8sapi/resources/konnectivity.go
+++ b/bootstrapper/internal/kubernetes/k8sapi/resources/konnectivity.go
@@ -60,7 +60,7 @@ func NewKonnectivityServerStaticPod() *KonnectivityServerStaticPod {
 						Args: []string{
 							"--logtostderr=true",
 							// This needs to be consistent with the value set in egressSelectorConfiguration.
-							"--uds-name=/etc/kubernetes/konnectivity-server/konnectivity-server.socket",
+							"--uds-name=/run/konnectivity-server/konnectivity-server.socket",
 							// The following two lines assume the Konnectivity server is
 							// deployed on the same machine as the apiserver, and the certs and
 							// key of the API Server are at the specified location.
@@ -119,7 +119,7 @@ func NewKonnectivityServerStaticPod() *KonnectivityServerStaticPod {
 							},
 							{
 								Name:      "konnectivity-uds",
-								MountPath: "/etc/kubernetes/konnectivity-server",
+								MountPath: "/run/konnectivity-server",
 								ReadOnly:  false,
 							},
 						},
@@ -146,7 +146,7 @@ func NewKonnectivityServerStaticPod() *KonnectivityServerStaticPod {
 						Name: "konnectivity-uds",
 						VolumeSource: corev1.VolumeSource{
 							HostPath: &corev1.HostPathVolumeSource{
-								Path: "/etc/kubernetes/konnectivity-server",
+								Path: "/run/konnectivity-server",
 								Type: &udsHostPathType,
 							},
 						},
@@ -172,7 +172,7 @@ func NewEgressSelectorConfiguration() *EgressSelectorConfiguration {
 						ProxyProtocol: "GRPC",
 						Transport: &apiserver.Transport{
 							UDS: &apiserver.UDSTransport{
-								UDSName: "/etc/kubernetes/konnectivity-server/konnectivity-server.socket",
+								UDSName: "/run/konnectivity-server/konnectivity-server.socket",
 							},
 						},
 					},