On certain cloud providers like digital ocean the public interface has multiple addresses, one of which is a link-local address that points to a metadata server. The node is supposed to come up and contact the metadata server to bootstrap the public interface with a real address. At this point, the interface has 2 addresses, eg (from irc debugging): https://dpaste.de/T8s0/raw.

Looks like we create the kubernets endpoint using the first, link-local address and it always gets rejected. The kubernetes master service creation can keep failing (and re-checking for a valid public ip) when this happens because it knows link-local is not allowed: https://github.com/GoogleCloudPlatform/kubernetes/blob/master/pkg/master/controller.go#L97