Revert "scheduler: align with ctrl-managers and apiservers, add https+auth in options"

cmd/controller-manager/app/insecure_serving.go

@@ -30,8 +30,6 @@ import (
 type InsecureServingInfo struct {
 	// Listener is the secure server network listener.
 	Listener net.Listener
-	// optional server name for log messages
-	Name string
 }
 
 // Serve starts an insecure http server with the given handler. It fails only if
@@ -43,10 +41,6 @@ func (s *InsecureServingInfo) Serve(handler http.Handler, shutdownTimeout time.D
 		MaxHeaderBytes: 1 << 20,
 	}
 
-	if len(s.Name) > 0 {
-		glog.Infof("Serving %s insecurely on %s", s.Name, s.Listener.Addr())
-	} else {
-		glog.Infof("Serving insecurely on %s", s.Listener.Addr())
-	}
+	glog.Infof("Serving insecurely on %s", s.Listener.Addr())
 	return server.RunServer(insecureServer, s.Listener, shutdownTimeout, stopCh)
 }

cmd/controller-manager/app/options/insecure_serving.go

@@ -23,6 +23,7 @@ import (
 	"github.com/spf13/pflag"
 	"k8s.io/apiserver/pkg/server/options"
 	genericcontrollermanager "k8s.io/kubernetes/cmd/controller-manager/app"
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
 )
 
 // InsecureServingOptions are for creating an unauthenticated, unauthorized, insecure port.
@@ -38,20 +39,16 @@ type InsecureServingOptions struct {
 	// either Listener or BindAddress/BindPort/BindNetwork is set,
 	// if Listener is set, use it and omit BindAddress/BindPort/BindNetwork.
 	Listener net.Listener
-
-	// ListenFunc can be overridden to create a custom listener, e.g. for mocking in tests.
-	// It defaults to options.CreateListener.
-	ListenFunc func(network, addr string) (net.Listener, int, error)
 }
 
 // Validate ensures that the insecure port values within the range of the port.
 func (s *InsecureServingOptions) Validate() []error {
+	errors := []error{}
+
 	if s == nil {
 		return nil
 	}
 
-	errors := []error{}
-
 	if s.BindPort < 0 || s.BindPort > 32767 {
 		errors = append(errors, fmt.Errorf("--insecure-port %v must be between 0 and 32767, inclusive. 0 for turning off insecure (HTTP) port", s.BindPort))
 	}
@@ -64,10 +61,20 @@ func (s *InsecureServingOptions) AddFlags(fs *pflag.FlagSet) {
 	if s == nil {
 		return
 	}
+}
 
-	fs.IPVar(&s.BindAddress, "address", s.BindAddress, "DEPRECATED: the IP address on which to listen for the --port port (set to 0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces). See --bind-address instead.")
+// AddDeprecatedFlags adds deprecated flags related to insecure serving for controller manager to the specified FlagSet.
+// TODO: remove it until kops stop using `--address`
+func (s *InsecureServingOptions) AddDeprecatedFlags(fs *pflag.FlagSet) {
+	if s == nil {
+		return
+	}
+
+	fs.IPVar(&s.BindAddress, "address", s.BindAddress,
+		"DEPRECATED: the IP address on which to listen for the --port port. See --bind-address instead.")
 	// MarkDeprecated hides the flag from the help. We don't want that:
 	// fs.MarkDeprecated("address", "see --bind-address instead.")
+
 	fs.IntVar(&s.BindPort, "port", s.BindPort, "DEPRECATED: the port on which to serve HTTP insecurely without authentication and authorization. If 0, don't serve HTTPS at all. See --secure-port instead.")
 	// MarkDeprecated hides the flag from the help. We don't want that:
 	// fs.MarkDeprecated("port", "see --secure-port instead.")
@@ -75,7 +82,7 @@ func (s *InsecureServingOptions) AddFlags(fs *pflag.FlagSet) {
 
 // ApplyTo adds InsecureServingOptions to the insecureserverinfo amd kube-controller manager configuration.
 // Note: the double pointer allows to set the *InsecureServingInfo to nil without referencing the struct hosting this pointer.
-func (s *InsecureServingOptions) ApplyTo(c **genericcontrollermanager.InsecureServingInfo) error {
+func (s *InsecureServingOptions) ApplyTo(c **genericcontrollermanager.InsecureServingInfo, cfg *componentconfig.KubeCloudSharedConfiguration) error {
 	if s == nil {
 		return nil
 	}
@@ -85,12 +92,8 @@ func (s *InsecureServingOptions) ApplyTo(c **genericcontrollermanager.InsecureSe
 
 	if s.Listener == nil {
 		var err error
-		listen := options.CreateListener
-		if s.ListenFunc != nil {
-			listen = s.ListenFunc
-		}
 		addr := net.JoinHostPort(s.BindAddress.String(), fmt.Sprintf("%d", s.BindPort))
-		s.Listener, s.BindPort, err = listen(s.BindNetwork, addr)
+		s.Listener, s.BindPort, err = options.CreateListener(s.BindNetwork, addr)
 		if err != nil {
 			return fmt.Errorf("failed to create listener: %v", err)
 		}
@@ -100,5 +103,10 @@ func (s *InsecureServingOptions) ApplyTo(c **genericcontrollermanager.InsecureSe
 		Listener: s.Listener,
 	}
 
+	// sync back to component config
+	// TODO: find more elegant way than synching back the values.
+	cfg.Port = int32(s.BindPort)
+	cfg.Address = s.BindAddress.String()
+
 	return nil
 }

cmd/controller-manager/app/options/options.go

@@ -225,6 +225,7 @@ func (o *GenericControllerManagerOptions) AddFlags(fs *pflag.FlagSet) {
 	o.ServiceController.AddFlags(fs)
 	o.SecureServing.AddFlags(fs)
 	o.InsecureServing.AddFlags(fs)
+	o.InsecureServing.AddDeprecatedFlags(fs)
 	o.Authentication.AddFlags(fs)
 	o.Authorization.AddFlags(fs)
 }
@@ -303,7 +304,7 @@ func (o *GenericControllerManagerOptions) ApplyTo(c *genericcontrollermanager.Co
 	if err := o.SecureServing.ApplyTo(&c.SecureServing); err != nil {
 		return err
 	}
-	if err := o.InsecureServing.ApplyTo(&c.InsecureServing); err != nil {
+	if err := o.InsecureServing.ApplyTo(&c.InsecureServing, &c.ComponentConfig.KubeCloudShared); err != nil {
 		return err
 	}
 	if err := o.Authentication.ApplyTo(&c.Authentication, c.SecureServing, nil); err != nil {
@@ -313,11 +314,6 @@ func (o *GenericControllerManagerOptions) ApplyTo(c *genericcontrollermanager.Co
 		return err
 	}
 
-	// sync back to component config
-	// TODO: find more elegant way than synching back the values.
-	c.ComponentConfig.KubeCloudShared.Port = int32(o.InsecureServing.BindPort)
-	c.ComponentConfig.KubeCloudShared.Address = o.InsecureServing.BindAddress.String()
-
 	var err error
 	c.Kubeconfig, err = clientcmd.BuildConfigFromFlags(o.Master, o.Kubeconfig)
 	if err != nil {