Merge pull request #41759 from luxas/kubeadm_change_flag

Automatic merge from submit-queue (batch tested with PRs 41709, 41685, 41754, 41759, 37237)

kubeadm: Add the --use-service-account-credentials to controller-manager

**What this PR does / why we need it**:

As outlined in https://docs.google.com/document/d/1PqI--ql3LQsA69fEvRq1nQWgiIoE5Dyftja5Um9ML7Q/edit, the controller-manager should run with `--use-service-account-credentials` for new clusters.

Also removing a totally unnecessary flag

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```
@dmmcquay @deads2k @liggitt @mikedanese

cmd/kubeadm/app/master/manifests.go

@@ -37,7 +37,6 @@ import (
 
 // Static pod definitions in golang form are included below so that `kubeadm init` can get going.
 const (
-	DefaultClusterName     = "kubernetes"
 	DefaultCloudConfigPath = "/etc/kubernetes/cloud-config"
 
 	etcd                  = "etcd"
@@ -387,12 +386,12 @@ func getControllerManagerCommand(cfg *kubeadmapi.MasterConfiguration, selfHosted
 		"--address=127.0.0.1",
 		"--leader-elect",
 		"--master=127.0.0.1:8080",
-		"--cluster-name="+DefaultClusterName,
 		"--root-ca-file="+getCertFilePath(kubeadmconstants.CACertName),
 		"--service-account-private-key-file="+getCertFilePath(kubeadmconstants.ServiceAccountPrivateKeyName),
 		"--cluster-signing-cert-file="+getCertFilePath(kubeadmconstants.CACertName),
 		"--cluster-signing-key-file="+getCertFilePath(kubeadmconstants.CAKeyName),
 		"--insecure-experimental-approve-all-kubelet-csrs-for-group="+kubeadmconstants.CSVTokenBootstrapGroup,
+		"--use-service-account-credentials",
 	)
 
 	if cfg.CloudProvider != "" {

cmd/kubeadm/app/master/manifests_test.go

@@ -481,12 +481,12 @@ func TestGetControllerManagerCommand(t *testing.T) {
 				"--address=127.0.0.1",
 				"--leader-elect",
 				"--master=127.0.0.1:8080",
-				"--cluster-name=" + DefaultClusterName,
 				"--root-ca-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--service-account-private-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/sa.key",
 				"--cluster-signing-cert-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--cluster-signing-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.key",
 				"--insecure-experimental-approve-all-kubelet-csrs-for-group=kubeadm:kubelet-bootstrap",
+				"--use-service-account-credentials",
 			},
 		},
 		{
@@ -496,12 +496,12 @@ func TestGetControllerManagerCommand(t *testing.T) {
 				"--address=127.0.0.1",
 				"--leader-elect",
 				"--master=127.0.0.1:8080",
-				"--cluster-name=" + DefaultClusterName,
 				"--root-ca-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--service-account-private-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/sa.key",
 				"--cluster-signing-cert-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--cluster-signing-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.key",
 				"--insecure-experimental-approve-all-kubelet-csrs-for-group=kubeadm:kubelet-bootstrap",
+				"--use-service-account-credentials",
 				"--cloud-provider=foo",
 			},
 		},
@@ -512,12 +512,12 @@ func TestGetControllerManagerCommand(t *testing.T) {
 				"--address=127.0.0.1",
 				"--leader-elect",
 				"--master=127.0.0.1:8080",
-				"--cluster-name=" + DefaultClusterName,
 				"--root-ca-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--service-account-private-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/sa.key",
 				"--cluster-signing-cert-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--cluster-signing-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.key",
 				"--insecure-experimental-approve-all-kubelet-csrs-for-group=kubeadm:kubelet-bootstrap",
+				"--use-service-account-credentials",
 				"--allocate-node-cidrs=true",
 				"--cluster-cidr=bar",
 			},