Rename masterConfig to controlPlaneConfig

2025-07-19 09:52:49 +00:00 · 2021-06-04 20:55:08 +08:00 · 2021-06-04 20:55:08 +08:00 · 6871b2b3c7
commit 6871b2b3c7
parent a4e5239bdc
30 changed files with 224 additions and 224 deletions
--- a/test/integration/apimachinery/watch_restart_test.go
+++ b/test/integration/apimachinery/watch_restart_test.go
@ -66,11 +66,11 @@ func TestWatchRestartsIfTimeoutNotReached(t *testing.T) {
 	// Has to be longer than 5 seconds
 	timeout := 30 * time.Second

-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
 	// Timeout is set random between MinRequestTimeout and 2x
-	masterConfig.GenericConfig.MinRequestTimeout = int(timeout.Seconds()) / 4
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig.GenericConfig.MinRequestTimeout = int(timeout.Seconds()) / 4
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	config := &restclient.Config{
--- a/test/integration/apimachinery/watch_timeout_test.go
+++ b/test/integration/apimachinery/watch_timeout_test.go
@ -43,8 +43,8 @@ import (

 func TestWebsocketWatchClientTimeout(t *testing.T) {
 	// server setup
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	instance, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	instance, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	// object setup
@ -143,8 +143,8 @@ func TestWebsocketWatchClientTimeout(t *testing.T) {
 }

 func TestWatchClientTimeout(t *testing.T) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	t.Run("direct", func(t *testing.T) {
--- a/test/integration/apiserver/apiserver_test.go
+++ b/test/integration/apiserver/apiserver_test.go
@ -84,15 +84,15 @@ func setupWithResources(t *testing.T, groupVersions []schema.GroupVersion, resou
 }

 func setupWithResourcesWithOptions(t *testing.T, opts *framework.MasterConfigOptions, groupVersions []schema.GroupVersion, resources []schema.GroupVersionResource) (*httptest.Server, clientset.Interface, framework.CloseFunc) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(opts)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(opts)
 	if len(groupVersions) > 0 || len(resources) > 0 {
 		resourceConfig := controlplane.DefaultAPIResourceConfigSource()
 		resourceConfig.EnableVersions(groupVersions...)
 		resourceConfig.EnableResources(resources...)
-		masterConfig.ExtraConfig.APIResourceConfigSource = resourceConfig
+		controlPlaneConfig.ExtraConfig.APIResourceConfigSource = resourceConfig
 	}
-	masterConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	clientSet, err := clientset.NewForConfig(&restclient.Config{Host: s.URL, QPS: -1})
 	if err != nil {
@ -224,9 +224,9 @@ func Test4xxStatusCodeInvalidPatch(t *testing.T) {
 }

 func TestCacheControl(t *testing.T) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&framework.MasterConfigOptions{})
-	masterConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
-	master, _, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&framework.MasterConfigOptions{})
+	controlPlaneConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
+	master, _, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	rt, err := restclient.TransportFor(master.GenericAPIServer.LoopbackClientConfig)
--- a/test/integration/apiserver/apply/apply_test.go
+++ b/test/integration/apiserver/apply/apply_test.go
@ -52,14 +52,14 @@ import (
 func setup(t testing.TB, groupVersions ...schema.GroupVersion) (*httptest.Server, clientset.Interface, framework.CloseFunc) {
 	opts := framework.MasterConfigOptions{EtcdOptions: framework.DefaultEtcdOptions()}
 	opts.EtcdOptions.DefaultStorageMediaType = "application/vnd.kubernetes.protobuf"
-	masterConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&opts)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&opts)
 	if len(groupVersions) > 0 {
 		resourceConfig := controlplane.DefaultAPIResourceConfigSource()
 		resourceConfig.EnableVersions(groupVersions...)
-		masterConfig.ExtraConfig.APIResourceConfigSource = resourceConfig
+		controlPlaneConfig.ExtraConfig.APIResourceConfigSource = resourceConfig
 	}
-	masterConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	clientSet, err := clientset.NewForConfig(&restclient.Config{Host: s.URL, QPS: -1})
 	if err != nil {
@ -2819,13 +2819,13 @@ spec:

 func TestStopTrackingManagedFieldsOnFeatureDisabled(t *testing.T) {
 	sharedEtcd := framework.DefaultEtcdOptions()
-	masterConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&framework.MasterConfigOptions{
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&framework.MasterConfigOptions{
 		EtcdOptions: sharedEtcd,
 	})
-	masterConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
+	controlPlaneConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()

 	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, genericfeatures.ServerSideApply, true)()
-	_, master, closeFn := framework.RunAnAPIServer(masterConfig)
+	_, master, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	client, err := clientset.NewForConfig(&restclient.Config{Host: master.URL, QPS: -1})
 	if err != nil {
 		t.Fatalf("Error in create clientset: %v", err)
@ -2878,7 +2878,7 @@ spec:
 	// Restart server with server-side apply disabled
 	closeFn()
 	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, genericfeatures.ServerSideApply, false)()
-	_, master, closeFn = framework.RunAnAPIServer(masterConfig)
+	_, master, closeFn = framework.RunAnAPIServer(controlPlaneConfig)
 	client, err = clientset.NewForConfig(&restclient.Config{Host: master.URL, QPS: -1})
 	if err != nil {
 		t.Fatalf("Error in create clientset: %v", err)
--- a/test/integration/apiserver/flowcontrol/concurrency_test.go
+++ b/test/integration/apiserver/flowcontrol/concurrency_test.go
@ -52,19 +52,19 @@ const (
 func setup(t testing.TB, maxReadonlyRequestsInFlight, MaxMutatingRequestsInFlight int) (*httptest.Server, *rest.Config, framework.CloseFunc) {
 	opts := framework.MasterConfigOptions{EtcdOptions: framework.DefaultEtcdOptions()}
 	opts.EtcdOptions.DefaultStorageMediaType = "application/vnd.kubernetes.protobuf"
-	masterConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&opts)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&opts)
 	resourceConfig := controlplane.DefaultAPIResourceConfigSource()
 	resourceConfig.EnableVersions(schema.GroupVersion{
 		Group:   "flowcontrol.apiserver.k8s.io",
 		Version: "v1alpha1",
 	})
-	masterConfig.GenericConfig.MaxRequestsInFlight = maxReadonlyRequestsInFlight
-	masterConfig.GenericConfig.MaxMutatingRequestsInFlight = MaxMutatingRequestsInFlight
-	masterConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
-	masterConfig.ExtraConfig.APIResourceConfigSource = resourceConfig
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig.GenericConfig.MaxRequestsInFlight = maxReadonlyRequestsInFlight
+	controlPlaneConfig.GenericConfig.MaxMutatingRequestsInFlight = MaxMutatingRequestsInFlight
+	controlPlaneConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
+	controlPlaneConfig.ExtraConfig.APIResourceConfigSource = resourceConfig
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

-	return s, masterConfig.GenericConfig.LoopbackClientConfig, closeFn
+	return s, controlPlaneConfig.GenericConfig.LoopbackClientConfig, closeFn
 }

 func TestPriorityLevelIsolation(t *testing.T) {
--- a/test/integration/apiserver/watchcache_test.go
+++ b/test/integration/apiserver/watchcache_test.go
@ -55,10 +55,10 @@ func multiEtcdSetup(t testing.TB) (clientset.Interface, framework.CloseFunc) {
 	etcdOptions.EnableWatchCache = true

 	opts := framework.MasterConfigOptions{EtcdOptions: etcdOptions}
-	masterConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&opts)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfigWithOptions(&opts)
 	// Switch off endpoints reconciler to avoid unnecessary operations.
-	masterConfig.ExtraConfig.EndpointReconcilerType = reconcilers.NoneEndpointReconcilerType
-	_, s, stopMaster := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig.ExtraConfig.EndpointReconcilerType = reconcilers.NoneEndpointReconcilerType
+	_, s, stopMaster := framework.RunAnAPIServer(controlPlaneConfig)

 	closeFn := func() {
 		stopMaster()
--- a/test/integration/auth/accessreview_test.go
+++ b/test/integration/auth/accessreview_test.go
@ -55,10 +55,10 @@ func alwaysAlice(req *http.Request) (*authenticator.Response, bool, error) {
 }

 func TestSubjectAccessReview(t *testing.T) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(alwaysAlice)
-	masterConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{}
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(alwaysAlice)
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{}
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	clientset := clientset.NewForConfigOrDie(&restclient.Config{Host: s.URL})
@ -146,14 +146,14 @@ func TestSubjectAccessReview(t *testing.T) {

 func TestSelfSubjectAccessReview(t *testing.T) {
 	username := "alice"
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(func(req *http.Request) (*authenticator.Response, bool, error) {
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(func(req *http.Request) (*authenticator.Response, bool, error) {
 		return &authenticator.Response{
 			User: &user.DefaultInfo{Name: username},
 		}, true, nil
 	})
-	masterConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{}
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{}
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	clientset := clientset.NewForConfigOrDie(&restclient.Config{Host: s.URL})
@ -229,10 +229,10 @@ func TestSelfSubjectAccessReview(t *testing.T) {
 }

 func TestLocalSubjectAccessReview(t *testing.T) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(alwaysAlice)
-	masterConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{}
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = authenticator.RequestFunc(alwaysAlice)
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = sarAuthorizer{}
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	clientset := clientset.NewForConfigOrDie(&restclient.Config{Host: s.URL})
--- a/test/integration/auth/auth_test.go
+++ b/test/integration/auth/auth_test.go
@ -439,9 +439,9 @@ func getTestRequests(namespace string) []struct {
 //
 // TODO(etune): write a fuzz test of the REST API.
 func TestAuthModeAlwaysAllow(t *testing.T) {
-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-always-allow", s, t)
@ -536,10 +536,10 @@ func getPreviousResourceVersionKey(url, id string) string {
 }

 func TestAuthModeAlwaysDeny(t *testing.T) {
-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authorization.Authorizer = authorizerfactory.NewAlwaysDenyAuthorizer()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = authorizerfactory.NewAlwaysDenyAuthorizer()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-always-deny", s, t)
@ -585,11 +585,11 @@ func (allowAliceAuthorizer) Authorize(ctx context.Context, a authorizer.Attribut
 func TestAliceNotForbiddenOrUnauthorized(t *testing.T) {
 	// This file has alice and bob in it.

-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
-	masterConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-alice-not-forbidden", s, t)
@ -655,10 +655,10 @@ func TestAliceNotForbiddenOrUnauthorized(t *testing.T) {
 // should receive "Forbidden".
 func TestBobIsForbidden(t *testing.T) {
 	// This file has alice and bob in it.
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
-	masterConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-bob-forbidden", s, t)
@ -698,11 +698,11 @@ func TestBobIsForbidden(t *testing.T) {
 func TestUnknownUserIsUnauthorized(t *testing.T) {
 	// This file has alice and bob in it.

-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
-	masterConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-unknown-unauthorized", s, t)
@ -760,11 +760,11 @@ func (impersonateAuthorizer) Authorize(ctx context.Context, a authorizer.Attribu
 }

 func TestImpersonateIsForbidden(t *testing.T) {
-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
-	masterConfig.GenericConfig.Authorization.Authorizer = impersonateAuthorizer{}
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = impersonateAuthorizer{}
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-impersonate-forbidden", s, t)
@ -907,11 +907,11 @@ func (a *trackingAuthorizer) Authorize(ctx context.Context, attributes authorize
 func TestAuthorizationAttributeDetermination(t *testing.T) {
 	trackingAuthorizer := &trackingAuthorizer{}

-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
-	masterConfig.GenericConfig.Authorization.Authorizer = trackingAuthorizer
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = trackingAuthorizer
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-attribute-determination", s, t)
@ -973,11 +973,11 @@ func TestNamespaceAuthorization(t *testing.T) {
 	a := newAuthorizerWithContents(t, `{"namespace": "auth-namespace"}
 `)

-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
-	masterConfig.GenericConfig.Authorization.Authorizer = a
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = a
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-namespace", s, t)
@ -1071,11 +1071,11 @@ func TestKindAuthorization(t *testing.T) {
 	a := newAuthorizerWithContents(t, `{"resource": "services"}
 `)

-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
-	masterConfig.GenericConfig.Authorization.Authorizer = a
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = a
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-kind", s, t)
@ -1155,11 +1155,11 @@ func TestReadOnlyAuthorization(t *testing.T) {
 	// This file has alice and bob in it.
 	a := newAuthorizerWithContents(t, `{"readonly": true}`)

-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
-	masterConfig.GenericConfig.Authorization.Authorizer = a
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = getTestTokenAuth()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = a
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-read-only", s, t)
@ -1232,11 +1232,11 @@ func testWebhookTokenAuthenticator(customDialer bool, t *testing.T) {
 		t.Fatalf("error starting webhook token authenticator server: %v", err)
 	}

-	// Set up a master
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authentication.Authenticator = authenticator
-	masterConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	// Set up an API server
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = authenticator
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("auth-webhook-token", s, t)
--- a/test/integration/auth/bootstraptoken_test.go
+++ b/test/integration/auth/bootstraptoken_test.go
@ -116,10 +116,10 @@ func TestBootstrapTokenAuth(t *testing.T) {
 	for _, test := range tests {

 		authenticator := bearertoken.New(bootstrap.NewTokenAuthenticator(bootstrapSecrets{test.secret}))
-		// Set up a master
-		masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-		masterConfig.GenericConfig.Authentication.Authenticator = authenticator
-		_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+		// Set up an API server
+		controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+		controlPlaneConfig.GenericConfig.Authentication.Authenticator = authenticator
+		_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 		defer closeFn()

 		ns := framework.CreateTestingNamespace("auth-bootstrap-token", s, t)
--- a/test/integration/auth/rbac_test.go
+++ b/test/integration/auth/rbac_test.go
@ -519,9 +519,9 @@ func TestRBAC(t *testing.T) {

 	for i, tc := range tests {
 		// Create an API Server.
-		masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-		masterConfig.GenericConfig.Authorization.Authorizer = newRBACAuthorizer(t, masterConfig)
-		masterConfig.GenericConfig.Authentication.Authenticator = bearertoken.New(tokenfile.New(map[string]*user.DefaultInfo{
+		controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+		controlPlaneConfig.GenericConfig.Authorization.Authorizer = newRBACAuthorizer(t, controlPlaneConfig)
+		controlPlaneConfig.GenericConfig.Authentication.Authenticator = bearertoken.New(tokenfile.New(map[string]*user.DefaultInfo{
 			superUser:                          {Name: "admin", Groups: []string{"system:masters"}},
 			"any-rolebinding-writer":           {Name: "any-rolebinding-writer"},
 			"any-rolebinding-writer-namespace": {Name: "any-rolebinding-writer-namespace"},
@ -534,8 +534,8 @@ func TestRBAC(t *testing.T) {
 			"limitrange-patcher":               {Name: "limitrange-patcher"},
 			"user-with-no-permissions":         {Name: "user-with-no-permissions"},
 		}))
-		masterConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
-		_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+		controlPlaneConfig.GenericConfig.OpenAPIConfig = framework.DefaultOpenAPIConfig()
+		_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 		defer closeFn()

 		clientConfig := &restclient.Config{Host: s.URL, ContentConfig: restclient.ContentConfig{NegotiatedSerializer: legacyscheme.Codecs}}
@ -642,12 +642,12 @@ func TestRBAC(t *testing.T) {
 func TestBootstrapping(t *testing.T) {
 	superUser := "admin/system:masters"

-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authorization.Authorizer = newRBACAuthorizer(t, masterConfig)
-	masterConfig.GenericConfig.Authentication.Authenticator = bearertoken.New(tokenfile.New(map[string]*user.DefaultInfo{
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = newRBACAuthorizer(t, controlPlaneConfig)
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = bearertoken.New(tokenfile.New(map[string]*user.DefaultInfo{
 		superUser: {Name: "admin", Groups: []string{"system:masters"}},
 	}))
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	clientset := clientset.NewForConfigOrDie(&restclient.Config{BearerToken: superUser, Host: s.URL})
@ -703,12 +703,12 @@ func TestDiscoveryUpgradeBootstrapping(t *testing.T) {

 	superUser := "admin/system:masters"

-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authorization.Authorizer = newRBACAuthorizer(t, masterConfig)
-	masterConfig.GenericConfig.Authentication.Authenticator = bearertoken.New(tokenfile.New(map[string]*user.DefaultInfo{
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = newRBACAuthorizer(t, controlPlaneConfig)
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = bearertoken.New(tokenfile.New(map[string]*user.DefaultInfo{
 		superUser: {Name: "admin", Groups: []string{"system:masters"}},
 	}))
-	_, s, tearDownFn := framework.RunAnAPIServer(masterConfig)
+	_, s, tearDownFn := framework.RunAnAPIServer(controlPlaneConfig)

 	client := clientset.NewForConfigOrDie(&restclient.Config{BearerToken: superUser, Host: s.URL})

@ -752,7 +752,7 @@ func TestDiscoveryUpgradeBootstrapping(t *testing.T) {

 	// Check that upgraded API servers inherit `system:public-info-viewer` settings from
 	// `system:discovery`, and respect auto-reconciliation annotations.
-	_, s, tearDownFn = framework.RunAnAPIServer(masterConfig)
+	_, s, tearDownFn = framework.RunAnAPIServer(controlPlaneConfig)

 	client = clientset.NewForConfigOrDie(&restclient.Config{BearerToken: superUser, Host: s.URL})

--- a/test/integration/auth/svcaccttoken_test.go
+++ b/test/integration/auth/svcaccttoken_test.go
@ -83,10 +83,10 @@ func TestServiceAccountTokenCreate(t *testing.T) {
 	gcs := &clientset.Clientset{}

 	// Start the server
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authorization.Authorizer = authorizerfactory.NewAlwaysAllowAuthorizer()
-	masterConfig.GenericConfig.Authentication.APIAudiences = aud
-	masterConfig.GenericConfig.Authentication.Authenticator = bearertoken.New(
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = authorizerfactory.NewAlwaysAllowAuthorizer()
+	controlPlaneConfig.GenericConfig.Authentication.APIAudiences = aud
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = bearertoken.New(
 		serviceaccount.JWTTokenAuthenticator(
 			[]string{iss},
 			[]interface{}{&pk},
@ -110,16 +110,16 @@ func TestServiceAccountTokenCreate(t *testing.T) {
 	if err != nil {
 		t.Fatalf("err: %v", err)
 	}
-	masterConfig.ExtraConfig.ServiceAccountIssuer = tokenGenerator
-	masterConfig.ExtraConfig.ServiceAccountMaxExpiration = maxExpirationDuration
-	masterConfig.GenericConfig.Authentication.APIAudiences = aud
-	masterConfig.ExtraConfig.ExtendExpiration = true
+	controlPlaneConfig.ExtraConfig.ServiceAccountIssuer = tokenGenerator
+	controlPlaneConfig.ExtraConfig.ServiceAccountMaxExpiration = maxExpirationDuration
+	controlPlaneConfig.GenericConfig.Authentication.APIAudiences = aud
+	controlPlaneConfig.ExtraConfig.ExtendExpiration = true

-	masterConfig.ExtraConfig.ServiceAccountIssuerURL = iss
-	masterConfig.ExtraConfig.ServiceAccountJWKSURI = ""
-	masterConfig.ExtraConfig.ServiceAccountPublicKeys = []interface{}{&pk}
+	controlPlaneConfig.ExtraConfig.ServiceAccountIssuerURL = iss
+	controlPlaneConfig.ExtraConfig.ServiceAccountJWKSURI = ""
+	controlPlaneConfig.ExtraConfig.ServiceAccountPublicKeys = []interface{}{&pk}

-	master, _, closeFn := framework.RunAnAPIServer(masterConfig)
+	master, _, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	cs, err := clientset.NewForConfig(master.GenericAPIServer.LoopbackClientConfig)
@ -372,7 +372,7 @@ func TestServiceAccountTokenCreate(t *testing.T) {
 			ObjectMeta: sa.ObjectMeta,
 		}
 		_, pc := serviceaccount.Claims(coresa, nil, nil, 0, 0, nil)
-		tok, err := masterConfig.ExtraConfig.ServiceAccountIssuer.GenerateToken(sc, pc)
+		tok, err := controlPlaneConfig.ExtraConfig.ServiceAccountIssuer.GenerateToken(sc, pc)
 		if err != nil {
 			t.Fatalf("err signing expired token: %v", err)
 		}
--- a/test/integration/cronjob/cronjob_test.go
+++ b/test/integration/cronjob/cronjob_test.go
@ -38,8 +38,8 @@ import (
 )

 func setup(t *testing.T) (*httptest.Server, framework.CloseFunc, *cronjob.Controller, *job.Controller, informers.SharedInformerFactory, clientset.Interface, restclient.Config) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, server, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, server, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: server.URL}
 	clientSet, err := clientset.NewForConfig(&config)
--- a/test/integration/daemonset/daemonset_test.go
+++ b/test/integration/daemonset/daemonset_test.go
@ -52,8 +52,8 @@ import (
 var zero = int64(0)

 func setup(t *testing.T) (*httptest.Server, framework.CloseFunc, *daemon.DaemonSetsController, informers.SharedInformerFactory, clientset.Interface) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, server, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, server, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: server.URL}
 	clientSet, err := clientset.NewForConfig(&config)
--- a/test/integration/defaulttolerationseconds/defaulttolerationseconds_test.go
+++ b/test/integration/defaulttolerationseconds/defaulttolerationseconds_test.go
@ -31,10 +31,10 @@ import (
 )

 func TestAdmission(t *testing.T) {
-	masterConfig := framework.NewControlPlaneConfig()
-	masterConfig.GenericConfig.EnableProfiling = true
-	masterConfig.GenericConfig.AdmissionControl = defaulttolerationseconds.NewDefaultTolerationSeconds()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.EnableProfiling = true
+	controlPlaneConfig.GenericConfig.AdmissionControl = defaulttolerationseconds.NewDefaultTolerationSeconds()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	client := clientset.NewForConfigOrDie(&restclient.Config{Host: s.URL, ContentConfig: restclient.ContentConfig{GroupVersion: &schema.GroupVersion{Group: "", Version: "v1"}}})
--- a/test/integration/deployment/util.go
+++ b/test/integration/deployment/util.go
@ -103,8 +103,8 @@ func newDeployment(name, ns string, replicas int32) *apps.Deployment {

 // dcSetup sets up necessities for Deployment integration test, including master, apiserver, informers, and clientset
 func dcSetup(t *testing.T) (*httptest.Server, framework.CloseFunc, *replicaset.ReplicaSetController, *deployment.DeploymentController, informers.SharedInformerFactory, clientset.Interface) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: s.URL}
 	clientSet, err := clientset.NewForConfig(&config)
@ -135,8 +135,8 @@ func dcSetup(t *testing.T) (*httptest.Server, framework.CloseFunc, *replicaset.R
 // dcSimpleSetup sets up necessities for Deployment integration test, including master, apiserver,
 // and clientset, but not controllers and informers
 func dcSimpleSetup(t *testing.T) (*httptest.Server, framework.CloseFunc, clientset.Interface) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: s.URL}
 	clientSet, err := clientset.NewForConfig(&config)
--- a/test/integration/endpoints/endpoints_test.go
+++ b/test/integration/endpoints/endpoints_test.go
@ -33,8 +33,8 @@ import (
 )

 func TestEndpointUpdates(t *testing.T) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, server, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, server, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	config := restclient.Config{Host: server.URL}
--- a/test/integration/endpointslice/endpointslicemirroring_test.go
+++ b/test/integration/endpointslice/endpointslicemirroring_test.go
@ -39,8 +39,8 @@ import (
 )

 func TestEndpointSliceMirroring(t *testing.T) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, server, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, server, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	config := restclient.Config{Host: server.URL}
@ -233,8 +233,8 @@ func TestEndpointSliceMirroring(t *testing.T) {
 }

 func TestEndpointSliceMirroringUpdates(t *testing.T) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, server, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, server, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	config := restclient.Config{Host: server.URL}
--- a/test/integration/evictions/evictions_test.go
+++ b/test/integration/evictions/evictions_test.go
@ -421,8 +421,8 @@ func newV1Eviction(ns, evictionName string, deleteOption metav1.DeleteOptions) *
 }

 func rmSetup(t *testing.T) (*httptest.Server, framework.CloseFunc, *disruption.DisruptionController, informers.SharedInformerFactory, clientset.Interface) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: s.URL}
 	clientSet, err := clientset.NewForConfig(&config)
--- a/test/integration/framework/master_utils.go
+++ b/test/integration/framework/master_utils.go
@ -259,14 +259,14 @@ func NewIntegrationTestControlPlaneConfig() *controlplane.Config {
 // NewIntegrationTestControlPlaneConfigWithOptions returns the control plane config appropriate for most integration tests
 // configured with the provided options.
 func NewIntegrationTestControlPlaneConfigWithOptions(opts *MasterConfigOptions) *controlplane.Config {
-	masterConfig := NewControlPlaneConfigWithOptions(opts)
-	masterConfig.GenericConfig.PublicAddress = net.ParseIP("192.168.10.4")
-	masterConfig.ExtraConfig.APIResourceConfigSource = controlplane.DefaultAPIResourceConfigSource()
+	controlPlaneConfig := NewControlPlaneConfigWithOptions(opts)
+	controlPlaneConfig.GenericConfig.PublicAddress = net.ParseIP("192.168.10.4")
+	controlPlaneConfig.ExtraConfig.APIResourceConfigSource = controlplane.DefaultAPIResourceConfigSource()

 	// TODO: get rid of these tests or port them to secure serving
-	masterConfig.GenericConfig.SecureServing = &genericapiserver.SecureServingInfo{Listener: fakeLocalhost443Listener{}}
+	controlPlaneConfig.GenericConfig.SecureServing = &genericapiserver.SecureServingInfo{Listener: fakeLocalhost443Listener{}}

-	return masterConfig
+	return controlPlaneConfig
 }

 // MasterConfigOptions are the configurable options for a new integration test master config.
@ -342,12 +342,12 @@ func NewControlPlaneConfigWithOptions(opts *MasterConfigOptions) *controlplane.C
 type CloseFunc func()

 // RunAnAPIServer starts a API server with the provided config.
-func RunAnAPIServer(masterConfig *controlplane.Config) (*controlplane.Instance, *httptest.Server, CloseFunc) {
-	if masterConfig == nil {
-		masterConfig = NewControlPlaneConfig()
-		masterConfig.GenericConfig.EnableProfiling = true
+func RunAnAPIServer(controlPlaneConfig *controlplane.Config) (*controlplane.Instance, *httptest.Server, CloseFunc) {
+	if controlPlaneConfig == nil {
+		controlPlaneConfig = NewControlPlaneConfig()
+		controlPlaneConfig.GenericConfig.EnableProfiling = true
 	}
-	return startAPIServerOrDie(masterConfig, nil, nil)
+	return startAPIServerOrDie(controlPlaneConfig, nil, nil)
 }

 // RunAnAPIServerUsingServer starts up an instance using the provided config on the specified server.
--- a/test/integration/job/job_test.go
+++ b/test/integration/job/job_test.go
@ -607,8 +607,8 @@ func createJobWithDefaults(ctx context.Context, clientSet clientset.Interface, n
 }

 func setup(t *testing.T, nsBaseName string) (framework.CloseFunc, *restclient.Config, clientset.Interface, *v1.Namespace) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, server, apiServerCloseFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, server, apiServerCloseFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: server.URL}
 	clientSet, err := clientset.NewForConfig(&config)
--- a/test/integration/master/synthetic_master_test.go
+++ b/test/integration/master/synthetic_master_test.go
@ -140,58 +140,58 @@ func TestEmptyList(t *testing.T) {
 }

 func initStatusForbiddenControlPlaneConfig() *controlplane.Config {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.Authorization.Authorizer = authorizerfactory.NewAlwaysDenyAuthorizer()
-	return masterConfig
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = authorizerfactory.NewAlwaysDenyAuthorizer()
+	return controlPlaneConfig
 }

 func initUnauthorizedControlPlaneConfig() *controlplane.Config {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
 	tokenAuthenticator := tokentest.New()
 	tokenAuthenticator.Tokens[AliceToken] = &user.DefaultInfo{Name: "alice", UID: "1"}
 	tokenAuthenticator.Tokens[BobToken] = &user.DefaultInfo{Name: "bob", UID: "2"}
-	masterConfig.GenericConfig.Authentication.Authenticator = group.NewGroupAdder(bearertoken.New(tokenAuthenticator), []string{user.AllAuthenticated})
-	masterConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
-	return masterConfig
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = group.NewGroupAdder(bearertoken.New(tokenAuthenticator), []string{user.AllAuthenticated})
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = allowAliceAuthorizer{}
+	return controlPlaneConfig
 }

 func TestStatus(t *testing.T) {
 	testCases := []struct {
-		name         string
-		masterConfig *controlplane.Config
-		statusCode   int
-		reqPath      string
-		reason       string
-		message      string
+		name               string
+		controlPlaneConfig *controlplane.Config
+		statusCode         int
+		reqPath            string
+		reason             string
+		message            string
 	}{
 		{
-			name:         "404",
-			masterConfig: nil,
-			statusCode:   http.StatusNotFound,
-			reqPath:      "/apis/batch/v1/namespaces/default/jobs/foo",
-			reason:       "NotFound",
-			message:      `jobs.batch "foo" not found`,
+			name:               "404",
+			controlPlaneConfig: nil,
+			statusCode:         http.StatusNotFound,
+			reqPath:            "/apis/batch/v1/namespaces/default/jobs/foo",
+			reason:             "NotFound",
+			message:            `jobs.batch "foo" not found`,
 		},
 		{
-			name:         "403",
-			masterConfig: initStatusForbiddenControlPlaneConfig(),
-			statusCode:   http.StatusForbidden,
-			reqPath:      "/apis",
-			reason:       "Forbidden",
-			message:      `forbidden: User "" cannot get path "/apis": Everything is forbidden.`,
+			name:               "403",
+			controlPlaneConfig: initStatusForbiddenControlPlaneConfig(),
+			statusCode:         http.StatusForbidden,
+			reqPath:            "/apis",
+			reason:             "Forbidden",
+			message:            `forbidden: User "" cannot get path "/apis": Everything is forbidden.`,
 		},
 		{
-			name:         "401",
-			masterConfig: initUnauthorizedControlPlaneConfig(),
-			statusCode:   http.StatusUnauthorized,
-			reqPath:      "/apis",
-			reason:       "Unauthorized",
-			message:      `Unauthorized`,
+			name:               "401",
+			controlPlaneConfig: initUnauthorizedControlPlaneConfig(),
+			statusCode:         http.StatusUnauthorized,
+			reqPath:            "/apis",
+			reason:             "Unauthorized",
+			message:            `Unauthorized`,
 		},
 	}

 	for _, tc := range testCases {
-		_, s, closeFn := framework.RunAnAPIServer(tc.masterConfig)
+		_, s, closeFn := framework.RunAnAPIServer(tc.controlPlaneConfig)
 		defer closeFn()

 		u := s.URL + tc.reqPath
--- a/test/integration/namespace/ns_conditions_test.go
+++ b/test/integration/namespace/ns_conditions_test.go
@ -165,8 +165,8 @@ func jsonToUnstructured(stub, version, kind string) (*unstructured.Unstructured,
 }

 func namespaceLifecycleSetup(t *testing.T) (framework.CloseFunc, *namespace.NamespaceController, informers.SharedInformerFactory, clientset.Interface, dynamic.Interface) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: s.URL}
 	config.QPS = 10000
--- a/test/integration/quota/quota_test.go
+++ b/test/integration/quota/quota_test.go
@ -75,9 +75,9 @@ func TestQuota(t *testing.T) {
 	admission.SetQuotaConfiguration(qca)
 	defer close(admissionCh)

-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.AdmissionControl = admission
-	_, _, closeFn := framework.RunAnAPIServerUsingServer(masterConfig, s, h)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.AdmissionControl = admission
+	_, _, closeFn := framework.RunAnAPIServerUsingServer(controlPlaneConfig, s, h)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("quotaed", s, t)
@ -275,9 +275,9 @@ func TestQuotaLimitedResourceDenial(t *testing.T) {
 	admission.SetQuotaConfiguration(qca)
 	defer close(admissionCh)

-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	masterConfig.GenericConfig.AdmissionControl = admission
-	_, _, closeFn := framework.RunAnAPIServerUsingServer(masterConfig, s, h)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.AdmissionControl = admission
+	_, _, closeFn := framework.RunAnAPIServerUsingServer(controlPlaneConfig, s, h)
 	defer closeFn()

 	ns := framework.CreateTestingNamespace("quota", s, t)
--- a/test/integration/replicaset/replicaset_test.go
+++ b/test/integration/replicaset/replicaset_test.go
@ -118,8 +118,8 @@ func newMatchingPod(podName, namespace string) *v1.Pod {
 }

 func rmSetup(t *testing.T) (*httptest.Server, framework.CloseFunc, *replicaset.ReplicaSetController, informers.SharedInformerFactory, clientset.Interface) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: s.URL}
 	clientSet, err := clientset.NewForConfig(&config)
@ -140,8 +140,8 @@ func rmSetup(t *testing.T) (*httptest.Server, framework.CloseFunc, *replicaset.R
 }

 func rmSimpleSetup(t *testing.T) (*httptest.Server, framework.CloseFunc, clientset.Interface) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: s.URL}
 	clientSet, err := clientset.NewForConfig(&config)
--- a/test/integration/replicationcontroller/replicationcontroller_test.go
+++ b/test/integration/replicationcontroller/replicationcontroller_test.go
@ -111,8 +111,8 @@ func newMatchingPod(podName, namespace string) *v1.Pod {
 }

 func rmSetup(t *testing.T) (*httptest.Server, framework.CloseFunc, *replication.ReplicationManager, informers.SharedInformerFactory, clientset.Interface) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: s.URL}
 	clientSet, err := clientset.NewForConfig(&config)
--- a/test/integration/service/loadbalancer_test.go
+++ b/test/integration/service/loadbalancer_test.go
@ -36,8 +36,8 @@ import (
 func Test_ServiceLoadBalancerDisableAllocateNodePorts(t *testing.T) {
 	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.ServiceLBNodePortControl, true)()

-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, server, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, server, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	config := restclient.Config{Host: server.URL}
@ -80,8 +80,8 @@ func Test_ServiceLoadBalancerDisableAllocateNodePorts(t *testing.T) {
 func Test_ServiceLoadBalancerEnableThenDisableAllocatedNodePorts(t *testing.T) {
 	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.ServiceLBNodePortControl, true)()

-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, server, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, server, closeFn := framework.RunAnAPIServer(controlPlaneConfig)
 	defer closeFn()

 	config := restclient.Config{Host: server.URL}
--- a/test/integration/serviceaccount/service_account_test.go
+++ b/test/integration/serviceaccount/service_account_test.go
@ -400,12 +400,12 @@ func startServiceAccountTestServer(t *testing.T) (*clientset.Clientset, restclie
 	serviceAccountAdmission.SetExternalKubeClientSet(externalRootClientset)
 	serviceAccountAdmission.SetExternalKubeInformerFactory(externalInformers)

-	masterConfig := framework.NewControlPlaneConfig()
-	masterConfig.GenericConfig.EnableIndex = true
-	masterConfig.GenericConfig.Authentication.Authenticator = authenticator
-	masterConfig.GenericConfig.Authorization.Authorizer = authorizer
-	masterConfig.GenericConfig.AdmissionControl = serviceAccountAdmission
-	_, _, kubeAPIServerCloseFn := framework.RunAnAPIServerUsingServer(masterConfig, apiServer, h)
+	controlPlaneConfig := framework.NewControlPlaneConfig()
+	controlPlaneConfig.GenericConfig.EnableIndex = true
+	controlPlaneConfig.GenericConfig.Authentication.Authenticator = authenticator
+	controlPlaneConfig.GenericConfig.Authorization.Authorizer = authorizer
+	controlPlaneConfig.GenericConfig.AdmissionControl = serviceAccountAdmission
+	_, _, kubeAPIServerCloseFn := framework.RunAnAPIServerUsingServer(controlPlaneConfig, apiServer, h)

 	// Start the service account and service account token controllers
 	stopCh := make(chan struct{})
--- a/test/integration/statefulset/util.go
+++ b/test/integration/statefulset/util.go
@ -159,8 +159,8 @@ func newStatefulSetPVC(name string) v1.PersistentVolumeClaim {

 // scSetup sets up necessities for Statefulset integration test, including master, apiserver, informers, and clientset
 func scSetup(t *testing.T) (*httptest.Server, framework.CloseFunc, *statefulset.StatefulSetController, informers.SharedInformerFactory, clientset.Interface) {
-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
-	_, s, closeFn := framework.RunAnAPIServer(masterConfig)
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
+	_, s, closeFn := framework.RunAnAPIServer(controlPlaneConfig)

 	config := restclient.Config{Host: s.URL}
 	clientSet, err := clientset.NewForConfig(&config)
--- a/test/integration/util/util.go
+++ b/test/integration/util/util.go
@ -336,13 +336,13 @@ func InitTestMaster(t *testing.T, nsPrefix string, admission admission.Interface
 		h.M.GenericAPIServer.Handler.ServeHTTP(w, req)
 	}))

-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()

 	if admission != nil {
-		masterConfig.GenericConfig.AdmissionControl = admission
+		controlPlaneConfig.GenericConfig.AdmissionControl = admission
 	}

-	_, testCtx.HTTPServer, testCtx.CloseFn = framework.RunAnAPIServerUsingServer(masterConfig, s, h)
+	_, testCtx.HTTPServer, testCtx.CloseFn = framework.RunAnAPIServerUsingServer(controlPlaneConfig, s, h)

 	if nsPrefix != "default" {
 		testCtx.NS = framework.CreateTestingNamespace(nsPrefix+string(uuid.NewUUID()), s, t)
--- a/test/integration/volumescheduling/util.go
+++ b/test/integration/volumescheduling/util.go
@ -71,7 +71,7 @@ func initTestMaster(t *testing.T, nsPrefix string, admission admission.Interface
 		h.M.GenericAPIServer.Handler.ServeHTTP(w, req)
 	}))

-	masterConfig := framework.NewIntegrationTestControlPlaneConfig()
+	controlPlaneConfig := framework.NewIntegrationTestControlPlaneConfig()
 	resourceConfig := controlplane.DefaultAPIResourceConfigSource()
 	if utilfeature.DefaultFeatureGate.Enabled(features.CSIStorageCapacity) {
 		resourceConfig.EnableVersions(schema.GroupVersion{
@ -79,13 +79,13 @@ func initTestMaster(t *testing.T, nsPrefix string, admission admission.Interface
 			Version: "v1alpha1",
 		})
 	}
-	masterConfig.ExtraConfig.APIResourceConfigSource = resourceConfig
+	controlPlaneConfig.ExtraConfig.APIResourceConfigSource = resourceConfig

 	if admission != nil {
-		masterConfig.GenericConfig.AdmissionControl = admission
+		controlPlaneConfig.GenericConfig.AdmissionControl = admission
 	}

-	_, testCtx.httpServer, testCtx.closeFn = framework.RunAnAPIServerUsingServer(masterConfig, s, h)
+	_, testCtx.httpServer, testCtx.closeFn = framework.RunAnAPIServerUsingServer(controlPlaneConfig, s, h)

 	if nsPrefix != "default" {
 		testCtx.ns = framework.CreateTestingNamespace(nsPrefix+string(uuid.NewUUID()), s, t)