apiserver: support egress selection name 'controlplane' and deprecate 'master'

Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>

cmd/kube-apiserver/app/server.go

@@ -562,7 +562,7 @@ func BuildAuthorizer(s *options.ServerRunOptions, EgressSelector *egressselector
 	authorizationConfig := s.Authorization.ToAuthorizationConfig(versionedInformers)
 
 	if EgressSelector != nil {
-		egressDialer, err := EgressSelector.Lookup(egressselector.Master.AsNetworkContext())
+		egressDialer, err := EgressSelector.Lookup(egressselector.ControlPlane.AsNetworkContext())
 		if err != nil {
 			return nil, nil, err
 		}

pkg/kubeapiserver/options/authentication.go

@@ -477,7 +477,7 @@ func (o *BuiltInAuthenticationOptions) ApplyTo(authInfo *genericapiserver.Authen
 	)
 
 	if egressSelector != nil {
-		egressDialer, err := egressSelector.Lookup(egressselector.Master.AsNetworkContext())
+		egressDialer, err := egressSelector.Lookup(egressselector.ControlPlane.AsNetworkContext())
 		if err != nil {
 			return err
 		}

staging/src/k8s.io/apiserver/pkg/apis/apiserver/types.go

@@ -62,7 +62,8 @@ type EgressSelectorConfiguration struct {
 // EgressSelection provides the configuration for a single egress selection client.
 type EgressSelection struct {
 	// Name is the name of the egress selection.
-	// Currently supported values are "Master", "Etcd" and "Cluster"
+	// Currently supported values are "ControlPlane", "Master", "Etcd" and "Cluster"
+	// The "Master" egress selector is deprecated in favor of "ControlPlane"
 	Name string
 
 	// Connection is the exact information used to configure the egress selection

staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1/types.go

@@ -62,7 +62,8 @@ type EgressSelectorConfiguration struct {
 // EgressSelection provides the configuration for a single egress selection client.
 type EgressSelection struct {
 	// name is the name of the egress selection.
-	// Currently supported values are "Master", "Etcd" and "Cluster"
+	// Currently supported values are "ControlPlane", "Master", "Etcd" and "Cluster"
+	// The "Master" egress selector is deprecated in favor of "ControlPlane"
 	Name string `json:"name"`
 
 	// connection is the exact information used to configure the egress selection

staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1beta1/types.go

@@ -33,7 +33,8 @@ type EgressSelectorConfiguration struct {
 // EgressSelection provides the configuration for a single egress selection client.
 type EgressSelection struct {
 	// name is the name of the egress selection.
-	// Currently supported values are "Master", "Etcd" and "Cluster"
+	// Currently supported values are "ControlPlane", "Master", "Etcd" and "Cluster"
+	// The "Master" egress selector is deprecated in favor of "ControlPlane"
 	Name string `json:"name"`
 
 	// connection is the exact information used to configure the egress selection

staging/src/k8s.io/apiserver/pkg/server/egressselector/egress_selector.go

@@ -51,8 +51,8 @@ type EgressSelector struct {
 type EgressType int
 
 const (
-	// Master is the EgressType for traffic intended to go to the control plane.
+	// ControlPlane is the EgressType for traffic intended to go to the control plane.
-	Master EgressType = iota
+	ControlPlane EgressType = iota
 	// Etcd is the EgressType for traffic intended to go to Kubernetes persistence store.
 	Etcd
 	// Cluster is the EgressType for traffic intended to go to the system being managed by Kubernetes.
@@ -73,8 +73,8 @@ type Lookup func(networkContext NetworkContext) (utilnet.DialFunc, error)
 // String returns the canonical string representation of the egress type
 func (s EgressType) String() string {
 	switch s {
-	case Master:
+	case ControlPlane:
-		return "master"
+		return "controlplane"
 	case Etcd:
 		return "etcd"
 	case Cluster:
@@ -91,8 +91,12 @@ func (s EgressType) AsNetworkContext() NetworkContext {
 
 func lookupServiceName(name string) (EgressType, error) {
 	switch strings.ToLower(name) {
+	// 'master' is deprecated, interpret "master" as controlplane internally until removed in v1.22.
 	case "master":
-		return Master, nil
+		klog.Warning("EgressSelection name 'master' is deprecated, use 'controlplane' instead")
+		return ControlPlane, nil
+	case "controlplane":
+		return ControlPlane, nil
 	case "etcd":
 		return Etcd, nil
 	case "cluster":
@@ -364,5 +368,6 @@ func (cs *EgressSelector) Lookup(networkContext NetworkContext) (utilnet.DialFun
 		// The round trip wrapper will over-ride the dialContext method appropriately
 		return nil, nil
 	}
+
 	return cs.egressToDialer[networkContext.EgressSelectionName], nil
 }

staging/src/k8s.io/apiserver/pkg/server/egressselector/egress_selector_test.go

@@ -90,7 +90,7 @@ func TestEgressSelector(t *testing.T) {
 					nil,
 				},
 				{
-					Master,
+					ControlPlane,
 					validateDirectDialer,
 					nil,
 					nil,

staging/src/k8s.io/apiserver/pkg/server/options/audit.go

@@ -306,7 +306,7 @@ func (o *AuditOptions) ApplyTo(
 			klog.V(2).Info("No audit policy file provided, no events will be recorded for webhook backend")
 		} else {
 			if c.EgressSelector != nil {
-				egressDialer, err := c.EgressSelector.Lookup(egressselector.Master.AsNetworkContext())
+				egressDialer, err := c.EgressSelector.Lookup(egressselector.ControlPlane.AsNetworkContext())
 				if err != nil {
 					return err
 				}

staging/src/k8s.io/apiserver/pkg/util/webhook/authentication.go

@@ -55,7 +55,7 @@ func NewDefaultAuthenticationInfoResolverWrapper(
 				}
 
 				if egressSelector != nil {
-					networkContext := egressselector.Master.AsNetworkContext()
+					networkContext := egressselector.ControlPlane.AsNetworkContext()
 					var egressDialer utilnet.DialFunc
 					egressDialer, err = egressSelector.Lookup(networkContext)