Merge pull request #106860 from knight42/refactor/remove-ctrlmgr-insecure-port

refactor: remove the insecure flags in controller-manager
2025-07-21 10:51:29 +00:00 · 2021-12-09 08:06:16 -08:00 · 2021-12-09 08:06:16 -08:00 · cb0e11a296
commit cb0e11a296
parent c16b2afc1d c73d96ac87
2 changed files with 0 additions and 35 deletions
--- a/cmd/kube-controller-manager/app/controllermanager.go
+++ b/cmd/kube-controller-manager/app/controllermanager.go
@ -30,7 +30,6 @@ import (
 	"time"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
@ -91,18 +90,6 @@ const (
 	ExternalLoops
 )
 // TODO: delete this check after insecure flags removed in v1.24
 func checkNonZeroInsecurePort(fs *pflag.FlagSet) error {
 	val, err := fs.GetInt("port")
 	if err != nil {
 		return err
 	}
 	if val != 0 {
 		return fmt.Errorf("invalid port value %d: only zero is allowed", val)
 	}
 	return nil
 }
 // NewControllerManagerCommand creates a *cobra.Command object with default parameters
 func NewControllerManagerCommand() *cobra.Command {
 	s, err := options.NewKubeControllerManagerOptions()
@ -138,12 +125,6 @@ controller, and serviceaccounts controller.`,
 			}
 			cliflag.PrintFlags(cmd.Flags())
 			err := checkNonZeroInsecurePort(cmd.Flags())
 			if err != nil {
 				fmt.Fprintf(os.Stderr, "%v\n", err)
 				os.Exit(1)
 			}
 			c, err := s.Config(KnownControllers(), ControllersDisabledByDefault.List())
 			if err != nil {
 				fmt.Fprintf(os.Stderr, "%v\n", err)
--- a/cmd/kube-controller-manager/app/options/options.go
+++ b/cmd/kube-controller-manager/app/options/options.go
@ -22,7 +22,6 @@ import (
 	"fmt"
 	"net"
 	"github.com/spf13/pflag"
 	v1 "k8s.io/api/core/v1"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	apiserveroptions "k8s.io/apiserver/pkg/server/options"
@ -222,20 +221,6 @@ func NewDefaultComponentConfig() (kubectrlmgrconfig.KubeControllerManagerConfigu
 	return internal, nil
 }
 // TODO: remove these insecure flags in v1.24
 func addDummyInsecureFlags(fs *pflag.FlagSet) {
 	var (
 		bindAddr = net.IPv4(127, 0, 0, 1)
 		bindPort = 0
 	)
 	fs.IPVar(&bindAddr, "address", bindAddr,
 		"The IP address on which to serve the insecure --port (set to 0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces).")
 	fs.MarkDeprecated("address", "This flag has no effect now and will be removed in v1.24.")
 	fs.IntVar(&bindPort, "port", bindPort, "The port on which to serve unsecured, unauthenticated access. Set to 0 to disable.")
 	fs.MarkDeprecated("port", "This flag has no effect now and will be removed in v1.24.")
 }
 // Flags returns flags for a specific APIServer by section name
 func (s *KubeControllerManagerOptions) Flags(allControllers []string, disabledByDefaultControllers []string) cliflag.NamedFlagSets {
 	fss := cliflag.NamedFlagSets{}
@ -244,7 +229,6 @@ func (s *KubeControllerManagerOptions) Flags(allControllers []string, disabledBy
 	s.ServiceController.AddFlags(fss.FlagSet("service controller"))
 	s.SecureServing.AddFlags(fss.FlagSet("secure serving"))
 	addDummyInsecureFlags(fss.FlagSet("insecure serving"))
 	s.Authentication.AddFlags(fss.FlagSet("authentication"))
 	s.Authorization.AddFlags(fss.FlagSet("authorization"))