From 639e0bfb7a8188d50df2b826e1fa80063fce2eb2 Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Mon, 23 Oct 2017 15:34:50 -0400 Subject: [PATCH] Deprecate the SSH Tunneling functionality in API Server As part of the effort to move in-tree cloud providers out of kubernetes main repository, we have identified that kube apiserver should stop using --cloud-provider and --cloud-config parameters. One of the main users of the parameters above is the SSH Tunneling functionality which is used only in the GCE scenarios. We need to deprecate these flags now and remove them in a year per discussion on mailing list. With this change, `ssh-user` and `ssh-keyfile` are now considered deprecated and we can remove it in the future. This means that SSH tunnel functionality used in Google Container Engine for the Master -> Cluster communication will no longer be available in the future. --- cmd/kube-apiserver/app/options/options.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cmd/kube-apiserver/app/options/options.go b/cmd/kube-apiserver/app/options/options.go index 727edd15edf..04d19980adc 100644 --- a/cmd/kube-apiserver/app/options/options.go +++ b/cmd/kube-apiserver/app/options/options.go @@ -153,11 +153,15 @@ func (s *ServerRunOptions) AddFlags(fs *pflag.FlagSet) { fs.BoolVar(&s.EnableLogsHandler, "enable-logs-handler", s.EnableLogsHandler, "If true, install a /logs handler for the apiserver logs.") + // Deprecated in release 1.9 fs.StringVar(&s.SSHUser, "ssh-user", s.SSHUser, "If non-empty, use secure SSH proxy to the nodes, using this user name") + fs.MarkDeprecated("ssh-user", "This flag will be removed in a future version.") + // Deprecated in release 1.9 fs.StringVar(&s.SSHKeyfile, "ssh-keyfile", s.SSHKeyfile, "If non-empty, use secure SSH proxy to the nodes, using this user keyfile") + fs.MarkDeprecated("ssh-keyfile", "This flag will be removed in a future version.") fs.Int64Var(&s.MaxConnectionBytesPerSec, "max-connection-bytes-per-sec", s.MaxConnectionBytesPerSec, ""+ "If non-zero, throttle each user connection to this number of bytes/sec. "+