kubeadm: Control plane config moved to substructs

In v1alpha3's, control plane component config options were nested directly into
the ClusterConfiguration structure. This is cluttering the config structure and
makes it hard to maintain. Therefore the control plane config options must be
separated into different substructures in order to graduate the format to beta.

This change does the following:

- Introduces a new structure called ControlPlaneComponent, that contains fields
  common to all control plane component types. These are currently extra args
  and extra volumes.

- Introduce a new structure called APIServer that contains
  ControlPlaneComponent and APIServerCertSANs field (from ClusterConfiguration)

- Replace all API Server, Scheduler and Controller Manager options in
  ClusterConfiguration with APIServer, ControllerManager and Scheduler fields
  of APIServer and ControlPlaneComponent types.

Signed-off-by: Rostislav M. Georgiev <rostislavg@vmware.com>

cmd/kubeadm/app/apis/kubeadm/types.go

@@ -81,33 +81,15 @@ type ClusterConfiguration struct {
 	// could be used for assigning a stable DNS to the control plane.
 	ControlPlaneEndpoint string
 
-	// APIServerExtraArgs is a set of extra flags to pass to the API Server or override
+	// APIServer contains extra settings for the API server control plane component
-	// default ones in form of <flagname>=<value>.
+	APIServer APIServer
-	// TODO: This is temporary and ideally we would like to switch all components to
-	// use ComponentConfig + ConfigMaps.
-	APIServerExtraArgs map[string]string
-	// ControllerManagerExtraArgs is a set of extra flags to pass to the Controller Manager
-	// or override default ones in form of <flagname>=<value>
-	// TODO: This is temporary and ideally we would like to switch all components to
-	// use ComponentConfig + ConfigMaps.
-	ControllerManagerExtraArgs map[string]string
-	// SchedulerExtraArgs is a set of extra flags to pass to the Scheduler or override
-	// default ones in form of <flagname>=<value>
-	// TODO: This is temporary and ideally we would like to switch all components to
-	// use ComponentConfig + ConfigMaps.
-	SchedulerExtraArgs map[string]string
 
-	// APIServerExtraVolumes is an extra set of host volumes mounted to the API server.
+	// ControllerManager contains extra settings for the controller manager control plane component
-	APIServerExtraVolumes []HostPathMount
+	ControllerManager ControlPlaneComponent
-	// ControllerManagerExtraVolumes is an extra set of host volumes mounted to the
+
-	// Controller Manager.
+	// Scheduler contains extra settings for the scheduler control plane component
-	ControllerManagerExtraVolumes []HostPathMount
+	Scheduler ControlPlaneComponent
-	// SchedulerExtraVolumes is an extra set of host volumes mounted to the scheduler.
-	SchedulerExtraVolumes []HostPathMount
 
-	// APIServerCertSANs sets extra Subject Alternative Names for the API Server
-	// signing cert.
-	APIServerCertSANs []string
 	// CertificatesDir specifies where to store or look for all required certificates.
 	CertificatesDir string
 
@@ -133,6 +115,23 @@ type ClusterConfiguration struct {
 	ClusterName string
 }
 
+// ControlPlaneComponent holds settings common to control plane component of the cluster
+type ControlPlaneComponent struct {
+	// ExtraArgs is an extra set of flags to pass to the control plane component.
+	ExtraArgs map[string]string
+
+	// ExtraVolumes is an extra set of host volumes, mounted to the control plane component.
+	ExtraVolumes []HostPathMount
+}
+
+// APIServer holds settings necessary for API server deployments in the cluster
+type APIServer struct {
+	ControlPlaneComponent
+
+	// CertSANs sets extra Subject Alternative Names for the API Server signing cert.
+	CertSANs []string
+}
+
 // ComponentConfigs holds known internal ComponentConfig types for other components
 type ComponentConfigs struct {
 	// Kubelet holds the ComponentConfiguration for the kubelet

cmd/kubeadm/app/apis/kubeadm/v1alpha3/conversion.go

@@ -17,6 +17,8 @@ limitations under the License.
 package v1alpha3
 
 import (
+	"unsafe"
+
 	"k8s.io/apimachinery/pkg/conversion"
 	"k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
 )
@@ -76,3 +78,39 @@ func Convert_kubeadm_JoinConfiguration_To_v1alpha3_JoinConfiguration(in *kubeadm
 
 	return nil
 }
+
+func Convert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in *ClusterConfiguration, out *kubeadm.ClusterConfiguration, s conversion.Scope) error {
+	if err := autoConvert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in, out, s); err != nil {
+		return err
+	}
+
+	out.APIServer.ExtraArgs = in.APIServerExtraArgs
+	out.APIServer.ExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes))
+	out.APIServer.CertSANs = in.APIServerCertSANs
+
+	out.ControllerManager.ExtraArgs = in.ControllerManagerExtraArgs
+	out.ControllerManager.ExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes))
+
+	out.Scheduler.ExtraArgs = in.SchedulerExtraArgs
+	out.Scheduler.ExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes))
+
+	return nil
+}
+
+func Convert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in *kubeadm.ClusterConfiguration, out *ClusterConfiguration, s conversion.Scope) error {
+	if err := autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in, out, s); err != nil {
+		return err
+	}
+
+	out.APIServerExtraArgs = in.APIServer.ExtraArgs
+	out.APIServerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.APIServer.ExtraVolumes))
+	out.APIServerCertSANs = in.APIServer.CertSANs
+
+	out.ControllerManagerExtraArgs = in.ControllerManager.ExtraArgs
+	out.ControllerManagerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.ControllerManager.ExtraVolumes))
+
+	out.SchedulerExtraArgs = in.Scheduler.ExtraArgs
+	out.SchedulerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.Scheduler.ExtraVolumes))
+
+	return nil
+}

cmd/kubeadm/app/apis/kubeadm/v1alpha3/zz_generated.conversion.go

@@ -177,11 +177,21 @@ func RegisterConversions(s *runtime.Scheme) error {
 	}); err != nil {
 		return err
 	}
+	if err := s.AddConversionFunc((*kubeadm.ClusterConfiguration)(nil), (*ClusterConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(a.(*kubeadm.ClusterConfiguration), b.(*ClusterConfiguration), scope)
+	}); err != nil {
+		return err
+	}
 	if err := s.AddConversionFunc((*kubeadm.JoinConfiguration)(nil), (*JoinConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
 		return Convert_kubeadm_JoinConfiguration_To_v1alpha3_JoinConfiguration(a.(*kubeadm.JoinConfiguration), b.(*JoinConfiguration), scope)
 	}); err != nil {
 		return err
 	}
+	if err := s.AddConversionFunc((*ClusterConfiguration)(nil), (*kubeadm.ClusterConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(a.(*ClusterConfiguration), b.(*kubeadm.ClusterConfiguration), scope)
+	}); err != nil {
+		return err
+	}
 	if err := s.AddConversionFunc((*JoinConfiguration)(nil), (*kubeadm.JoinConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
 		return Convert_v1alpha3_JoinConfiguration_To_kubeadm_JoinConfiguration(a.(*JoinConfiguration), b.(*kubeadm.JoinConfiguration), scope)
 	}); err != nil {
@@ -297,13 +307,13 @@ func autoConvert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(i
 	}
 	out.KubernetesVersion = in.KubernetesVersion
 	out.ControlPlaneEndpoint = in.ControlPlaneEndpoint
-	out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs))
+	// WARNING: in.APIServerExtraArgs requires manual conversion: does not exist in peer-type
-	out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs))
+	// WARNING: in.ControllerManagerExtraArgs requires manual conversion: does not exist in peer-type
-	out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs))
+	// WARNING: in.SchedulerExtraArgs requires manual conversion: does not exist in peer-type
-	out.APIServerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes))
+	// WARNING: in.APIServerExtraVolumes requires manual conversion: does not exist in peer-type
-	out.ControllerManagerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes))
+	// WARNING: in.ControllerManagerExtraVolumes requires manual conversion: does not exist in peer-type
-	out.SchedulerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes))
+	// WARNING: in.SchedulerExtraVolumes requires manual conversion: does not exist in peer-type
-	out.APIServerCertSANs = *(*[]string)(unsafe.Pointer(&in.APIServerCertSANs))
+	// WARNING: in.APIServerCertSANs requires manual conversion: does not exist in peer-type
 	out.CertificatesDir = in.CertificatesDir
 	out.ImageRepository = in.ImageRepository
 	out.UnifiedControlPlaneImage = in.UnifiedControlPlaneImage
@@ -315,11 +325,6 @@ func autoConvert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(i
 	return nil
 }
 
-// Convert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration is an autogenerated conversion function.
-func Convert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in *ClusterConfiguration, out *kubeadm.ClusterConfiguration, s conversion.Scope) error {
-	return autoConvert_v1alpha3_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in, out, s)
-}
-
 func autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in *kubeadm.ClusterConfiguration, out *ClusterConfiguration, s conversion.Scope) error {
 	// INFO: in.ComponentConfigs opted out of conversion generation
 	if err := Convert_kubeadm_Etcd_To_v1alpha3_Etcd(&in.Etcd, &out.Etcd, s); err != nil {
@@ -330,13 +335,9 @@ func autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(i
 	}
 	out.KubernetesVersion = in.KubernetesVersion
 	out.ControlPlaneEndpoint = in.ControlPlaneEndpoint
-	out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs))
+	// WARNING: in.APIServer requires manual conversion: does not exist in peer-type
-	out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs))
+	// WARNING: in.ControllerManager requires manual conversion: does not exist in peer-type
-	out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs))
+	// WARNING: in.Scheduler requires manual conversion: does not exist in peer-type
-	out.APIServerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes))
-	out.ControllerManagerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes))
-	out.SchedulerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes))
-	out.APIServerCertSANs = *(*[]string)(unsafe.Pointer(&in.APIServerCertSANs))
 	out.CertificatesDir = in.CertificatesDir
 	out.ImageRepository = in.ImageRepository
 	// INFO: in.CIImageRepository opted out of conversion generation
@@ -349,11 +350,6 @@ func autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(i
 	return nil
 }
 
-// Convert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration is an autogenerated conversion function.
-func Convert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in *kubeadm.ClusterConfiguration, out *ClusterConfiguration, s conversion.Scope) error {
-	return autoConvert_kubeadm_ClusterConfiguration_To_v1alpha3_ClusterConfiguration(in, out, s)
-}
-
 func autoConvert_v1alpha3_ClusterStatus_To_kubeadm_ClusterStatus(in *ClusterStatus, out *kubeadm.ClusterStatus, s conversion.Scope) error {
 	out.APIEndpoints = *(*map[string]kubeadm.APIEndpoint)(unsafe.Pointer(&in.APIEndpoints))
 	return nil

cmd/kubeadm/app/apis/kubeadm/v1beta1/doc.go

@@ -200,33 +200,36 @@ limitations under the License.
 // 	  dnsDomain: "cluster.local"
 // 	kubernetesVersion: "v1.12.0"
 // 	controlPlaneEndpoint: "10.100.0.1:6443"
-// 	apiServerExtraArgs:
+//	apiServer:
+//	  extraArgs:
 //	    authorization-mode: "Node,RBAC"
-// 	controllerManagerExtraArgs:
+//	  extraVolumes:
-// 	  node-cidr-mask-size: 20
-// 	schedulerExtraArgs:
-// 	  address: "10.100.0.1"
-// 	apiServerExtraVolumes:
 //	  - name: "some-volume"
 //	    hostPath: "/etc/some-path"
 //	    mountPath: "/etc/some-pod-path"
 //	    writable: true
 //	    pathType: File
-// 	controllerManagerExtraVolumes:
+//	  certSANs:
-// 	- name: "some-volume"
-// 	  hostPath: "/etc/some-path"
-// 	  mountPath: "/etc/some-pod-path"
-// 	  writable: true
-// 	  pathType: File
-// 	schedulerExtraVolumes:
-// 	- name: "some-volume"
-// 	  hostPath: "/etc/some-path"
-// 	  mountPath: "/etc/some-pod-path"
-// 	  writable: true
-// 	  pathType: File
-// 	apiServerCertSANs:
 //	  - "10.100.1.1"
 //	  - "ec2-10-100-0-1.compute-1.amazonaws.com"
+//	controllerManager:
+//	  extraArgs:
+//	    node-cidr-mask-size: 20
+//	  extraVolumes:
+//	  - name: "some-volume"
+//	    hostPath: "/etc/some-path"
+//	    mountPath: "/etc/some-pod-path"
+//	    writable: true
+//	    pathType: File
+//	scheduler:
+//	  extraArgs:
+//	    address: "10.100.0.1"
+//	  extraVolumes:
+//	  - name: "some-volume"
+//	    hostPath: "/etc/some-path"
+//	    mountPath: "/etc/some-pod-path"
+//	    writable: true
+//	    pathType: File
 //	certificatesDir: "/etc/kubernetes/pki"
 //	imageRepository: "k8s.gcr.io"
 //	unifiedControlPlaneImage: "k8s.gcr.io/controlplane:v1.12.0"

cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go

@@ -77,32 +77,15 @@ type ClusterConfiguration struct {
 	// could be used for assigning a stable DNS to the control plane.
 	ControlPlaneEndpoint string `json:"controlPlaneEndpoint"`
 
-	// APIServerExtraArgs is a set of extra flags to pass to the API Server or override
+	// APIServer contains extra settings for the API server control plane component
-	// default ones in form of <flagname>=<value>.
+	APIServer APIServer `json:"apiServer,omitempty"`
-	// TODO: This is temporary and ideally we would like to switch all components to
-	// use ComponentConfig + ConfigMaps.
-	APIServerExtraArgs map[string]string `json:"apiServerExtraArgs,omitempty"`
-	// ControllerManagerExtraArgs is a set of extra flags to pass to the Controller Manager
-	// or override default ones in form of <flagname>=<value>
-	// TODO: This is temporary and ideally we would like to switch all components to
-	// use ComponentConfig + ConfigMaps.
-	ControllerManagerExtraArgs map[string]string `json:"controllerManagerExtraArgs,omitempty"`
-	// SchedulerExtraArgs is a set of extra flags to pass to the Scheduler or override
-	// default ones in form of <flagname>=<value>
-	// TODO: This is temporary and ideally we would like to switch all components to
-	// use ComponentConfig + ConfigMaps.
-	SchedulerExtraArgs map[string]string `json:"schedulerExtraArgs,omitempty"`
 
-	// APIServerExtraVolumes is an extra set of host volumes mounted to the API server.
+	// ControllerManager contains extra settings for the controller manager control plane component
-	APIServerExtraVolumes []HostPathMount `json:"apiServerExtraVolumes,omitempty"`
+	ControllerManager ControlPlaneComponent `json:"controllerManager,omitempty"`
-	// ControllerManagerExtraVolumes is an extra set of host volumes mounted to the
+
-	// Controller Manager.
+	// Scheduler contains extra settings for the scheduler control plane component
-	ControllerManagerExtraVolumes []HostPathMount `json:"controllerManagerExtraVolumes,omitempty"`
+	Scheduler ControlPlaneComponent `json:"scheduler,omitempty"`
-	// SchedulerExtraVolumes is an extra set of host volumes mounted to the scheduler.
-	SchedulerExtraVolumes []HostPathMount `json:"schedulerExtraVolumes,omitempty"`
 
-	// APIServerCertSANs sets extra Subject Alternative Names for the API Server signing cert.
-	APIServerCertSANs []string `json:"apiServerCertSANs,omitempty"`
 	// CertificatesDir specifies where to store or look for all required certificates.
 	CertificatesDir string `json:"certificatesDir"`
 
@@ -122,6 +105,23 @@ type ClusterConfiguration struct {
 	ClusterName string `json:"clusterName,omitempty"`
 }
 
+// ControlPlaneComponent holds settings common to control plane component of the cluster
+type ControlPlaneComponent struct {
+	// ExtraArgs is an extra set of flags to pass to the control plane component.
+	ExtraArgs map[string]string `json:"extraArgs,omitempty"`
+
+	// ExtraVolumes is an extra set of host volumes, mounted to the control plane component.
+	ExtraVolumes []HostPathMount `json:"extraVolumes,omitempty"`
+}
+
+// APIServer holds settings necessary for API server deployments in the cluster
+type APIServer struct {
+	ControlPlaneComponent `json:",inline"`
+
+	// CertSANs sets extra Subject Alternative Names for the API Server signing cert.
+	CertSANs []string `json:"certSANs,omitempty"`
+}
+
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 
 // ClusterStatus contains the cluster status. The ClusterStatus will be stored in the kubeadm-config

cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.conversion.go

@@ -47,6 +47,16 @@ func RegisterConversions(s *runtime.Scheme) error {
 	}); err != nil {
 		return err
 	}
+	if err := s.AddGeneratedConversionFunc((*APIServer)(nil), (*kubeadm.APIServer)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1beta1_APIServer_To_kubeadm_APIServer(a.(*APIServer), b.(*kubeadm.APIServer), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*kubeadm.APIServer)(nil), (*APIServer)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_kubeadm_APIServer_To_v1beta1_APIServer(a.(*kubeadm.APIServer), b.(*APIServer), scope)
+	}); err != nil {
+		return err
+	}
 	if err := s.AddGeneratedConversionFunc((*AuditPolicyConfiguration)(nil), (*kubeadm.AuditPolicyConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error {
 		return Convert_v1beta1_AuditPolicyConfiguration_To_kubeadm_AuditPolicyConfiguration(a.(*AuditPolicyConfiguration), b.(*kubeadm.AuditPolicyConfiguration), scope)
 	}); err != nil {
@@ -107,6 +117,16 @@ func RegisterConversions(s *runtime.Scheme) error {
 	}); err != nil {
 		return err
 	}
+	if err := s.AddGeneratedConversionFunc((*ControlPlaneComponent)(nil), (*kubeadm.ControlPlaneComponent)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(a.(*ControlPlaneComponent), b.(*kubeadm.ControlPlaneComponent), scope)
+	}); err != nil {
+		return err
+	}
+	if err := s.AddGeneratedConversionFunc((*kubeadm.ControlPlaneComponent)(nil), (*ControlPlaneComponent)(nil), func(a, b interface{}, scope conversion.Scope) error {
+		return Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(a.(*kubeadm.ControlPlaneComponent), b.(*ControlPlaneComponent), scope)
+	}); err != nil {
+		return err
+	}
 	if err := s.AddGeneratedConversionFunc((*Discovery)(nil), (*kubeadm.Discovery)(nil), func(a, b interface{}, scope conversion.Scope) error {
 		return Convert_v1beta1_Discovery_To_kubeadm_Discovery(a.(*Discovery), b.(*kubeadm.Discovery), scope)
 	}); err != nil {
@@ -232,6 +252,32 @@ func Convert_kubeadm_APIEndpoint_To_v1beta1_APIEndpoint(in *kubeadm.APIEndpoint,
 	return autoConvert_kubeadm_APIEndpoint_To_v1beta1_APIEndpoint(in, out, s)
 }
 
+func autoConvert_v1beta1_APIServer_To_kubeadm_APIServer(in *APIServer, out *kubeadm.APIServer, s conversion.Scope) error {
+	if err := Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(&in.ControlPlaneComponent, &out.ControlPlaneComponent, s); err != nil {
+		return err
+	}
+	out.CertSANs = *(*[]string)(unsafe.Pointer(&in.CertSANs))
+	return nil
+}
+
+// Convert_v1beta1_APIServer_To_kubeadm_APIServer is an autogenerated conversion function.
+func Convert_v1beta1_APIServer_To_kubeadm_APIServer(in *APIServer, out *kubeadm.APIServer, s conversion.Scope) error {
+	return autoConvert_v1beta1_APIServer_To_kubeadm_APIServer(in, out, s)
+}
+
+func autoConvert_kubeadm_APIServer_To_v1beta1_APIServer(in *kubeadm.APIServer, out *APIServer, s conversion.Scope) error {
+	if err := Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(&in.ControlPlaneComponent, &out.ControlPlaneComponent, s); err != nil {
+		return err
+	}
+	out.CertSANs = *(*[]string)(unsafe.Pointer(&in.CertSANs))
+	return nil
+}
+
+// Convert_kubeadm_APIServer_To_v1beta1_APIServer is an autogenerated conversion function.
+func Convert_kubeadm_APIServer_To_v1beta1_APIServer(in *kubeadm.APIServer, out *APIServer, s conversion.Scope) error {
+	return autoConvert_kubeadm_APIServer_To_v1beta1_APIServer(in, out, s)
+}
+
 func autoConvert_v1beta1_AuditPolicyConfiguration_To_kubeadm_AuditPolicyConfiguration(in *AuditPolicyConfiguration, out *kubeadm.AuditPolicyConfiguration, s conversion.Scope) error {
 	out.Path = in.Path
 	out.LogDir = in.LogDir
@@ -343,13 +389,15 @@ func autoConvert_v1beta1_ClusterConfiguration_To_kubeadm_ClusterConfiguration(in
 	}
 	out.KubernetesVersion = in.KubernetesVersion
 	out.ControlPlaneEndpoint = in.ControlPlaneEndpoint
-	out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs))
+	if err := Convert_v1beta1_APIServer_To_kubeadm_APIServer(&in.APIServer, &out.APIServer, s); err != nil {
-	out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs))
+		return err
-	out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs))
+	}
-	out.APIServerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes))
+	if err := Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(&in.ControllerManager, &out.ControllerManager, s); err != nil {
-	out.ControllerManagerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes))
+		return err
-	out.SchedulerExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes))
+	}
-	out.APIServerCertSANs = *(*[]string)(unsafe.Pointer(&in.APIServerCertSANs))
+	if err := Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(&in.Scheduler, &out.Scheduler, s); err != nil {
+		return err
+	}
 	out.CertificatesDir = in.CertificatesDir
 	out.ImageRepository = in.ImageRepository
 	out.UnifiedControlPlaneImage = in.UnifiedControlPlaneImage
@@ -376,13 +424,15 @@ func autoConvert_kubeadm_ClusterConfiguration_To_v1beta1_ClusterConfiguration(in
 	}
 	out.KubernetesVersion = in.KubernetesVersion
 	out.ControlPlaneEndpoint = in.ControlPlaneEndpoint
-	out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs))
+	if err := Convert_kubeadm_APIServer_To_v1beta1_APIServer(&in.APIServer, &out.APIServer, s); err != nil {
-	out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs))
+		return err
-	out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs))
+	}
-	out.APIServerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.APIServerExtraVolumes))
+	if err := Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(&in.ControllerManager, &out.ControllerManager, s); err != nil {
-	out.ControllerManagerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.ControllerManagerExtraVolumes))
+		return err
-	out.SchedulerExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.SchedulerExtraVolumes))
+	}
-	out.APIServerCertSANs = *(*[]string)(unsafe.Pointer(&in.APIServerCertSANs))
+	if err := Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(&in.Scheduler, &out.Scheduler, s); err != nil {
+		return err
+	}
 	out.CertificatesDir = in.CertificatesDir
 	out.ImageRepository = in.ImageRepository
 	// INFO: in.CIImageRepository opted out of conversion generation
@@ -420,6 +470,28 @@ func Convert_kubeadm_ClusterStatus_To_v1beta1_ClusterStatus(in *kubeadm.ClusterS
 	return autoConvert_kubeadm_ClusterStatus_To_v1beta1_ClusterStatus(in, out, s)
 }
 
+func autoConvert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(in *ControlPlaneComponent, out *kubeadm.ControlPlaneComponent, s conversion.Scope) error {
+	out.ExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ExtraArgs))
+	out.ExtraVolumes = *(*[]kubeadm.HostPathMount)(unsafe.Pointer(&in.ExtraVolumes))
+	return nil
+}
+
+// Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent is an autogenerated conversion function.
+func Convert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(in *ControlPlaneComponent, out *kubeadm.ControlPlaneComponent, s conversion.Scope) error {
+	return autoConvert_v1beta1_ControlPlaneComponent_To_kubeadm_ControlPlaneComponent(in, out, s)
+}
+
+func autoConvert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(in *kubeadm.ControlPlaneComponent, out *ControlPlaneComponent, s conversion.Scope) error {
+	out.ExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ExtraArgs))
+	out.ExtraVolumes = *(*[]HostPathMount)(unsafe.Pointer(&in.ExtraVolumes))
+	return nil
+}
+
+// Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent is an autogenerated conversion function.
+func Convert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(in *kubeadm.ControlPlaneComponent, out *ControlPlaneComponent, s conversion.Scope) error {
+	return autoConvert_kubeadm_ControlPlaneComponent_To_v1beta1_ControlPlaneComponent(in, out, s)
+}
+
 func autoConvert_v1beta1_Discovery_To_kubeadm_Discovery(in *Discovery, out *kubeadm.Discovery, s conversion.Scope) error {
 	out.BootstrapToken = (*kubeadm.BootstrapTokenDiscovery)(unsafe.Pointer(in.BootstrapToken))
 	out.File = (*kubeadm.FileDiscovery)(unsafe.Pointer(in.File))

cmd/kubeadm/app/apis/kubeadm/v1beta1/zz_generated.deepcopy.go

@@ -42,6 +42,28 @@ func (in *APIEndpoint) DeepCopy() *APIEndpoint {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *APIServer) DeepCopyInto(out *APIServer) {
+	*out = *in
+	in.ControlPlaneComponent.DeepCopyInto(&out.ControlPlaneComponent)
+	if in.CertSANs != nil {
+		in, out := &in.CertSANs, &out.CertSANs
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServer.
+func (in *APIServer) DeepCopy() *APIServer {
+	if in == nil {
+		return nil
+	}
+	out := new(APIServer)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *AuditPolicyConfiguration) DeepCopyInto(out *AuditPolicyConfiguration) {
 	*out = *in
@@ -146,47 +168,9 @@ func (in *ClusterConfiguration) DeepCopyInto(out *ClusterConfiguration) {
 	out.TypeMeta = in.TypeMeta
 	in.Etcd.DeepCopyInto(&out.Etcd)
 	out.Networking = in.Networking
-	if in.APIServerExtraArgs != nil {
+	in.APIServer.DeepCopyInto(&out.APIServer)
-		in, out := &in.APIServerExtraArgs, &out.APIServerExtraArgs
+	in.ControllerManager.DeepCopyInto(&out.ControllerManager)
-		*out = make(map[string]string, len(*in))
+	in.Scheduler.DeepCopyInto(&out.Scheduler)
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.ControllerManagerExtraArgs != nil {
-		in, out := &in.ControllerManagerExtraArgs, &out.ControllerManagerExtraArgs
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.SchedulerExtraArgs != nil {
-		in, out := &in.SchedulerExtraArgs, &out.SchedulerExtraArgs
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.APIServerExtraVolumes != nil {
-		in, out := &in.APIServerExtraVolumes, &out.APIServerExtraVolumes
-		*out = make([]HostPathMount, len(*in))
-		copy(*out, *in)
-	}
-	if in.ControllerManagerExtraVolumes != nil {
-		in, out := &in.ControllerManagerExtraVolumes, &out.ControllerManagerExtraVolumes
-		*out = make([]HostPathMount, len(*in))
-		copy(*out, *in)
-	}
-	if in.SchedulerExtraVolumes != nil {
-		in, out := &in.SchedulerExtraVolumes, &out.SchedulerExtraVolumes
-		*out = make([]HostPathMount, len(*in))
-		copy(*out, *in)
-	}
-	if in.APIServerCertSANs != nil {
-		in, out := &in.APIServerCertSANs, &out.APIServerCertSANs
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
 	in.AuditPolicyConfiguration.DeepCopyInto(&out.AuditPolicyConfiguration)
 	if in.FeatureGates != nil {
 		in, out := &in.FeatureGates, &out.FeatureGates
@@ -248,6 +232,34 @@ func (in *ClusterStatus) DeepCopyObject() runtime.Object {
 	return nil
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ControlPlaneComponent) DeepCopyInto(out *ControlPlaneComponent) {
+	*out = *in
+	if in.ExtraArgs != nil {
+		in, out := &in.ExtraArgs, &out.ExtraArgs
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.ExtraVolumes != nil {
+		in, out := &in.ExtraVolumes, &out.ExtraVolumes
+		*out = make([]HostPathMount, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControlPlaneComponent.
+func (in *ControlPlaneComponent) DeepCopy() *ControlPlaneComponent {
+	if in == nil {
+		return nil
+	}
+	out := new(ControlPlaneComponent)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Discovery) DeepCopyInto(out *Discovery) {
 	*out = *in

cmd/kubeadm/app/apis/kubeadm/validation/validation.go

@@ -57,7 +57,7 @@ func ValidateInitConfiguration(c *kubeadm.InitConfiguration) field.ErrorList {
 func ValidateClusterConfiguration(c *kubeadm.ClusterConfiguration) field.ErrorList {
 	allErrs := field.ErrorList{}
 	allErrs = append(allErrs, ValidateNetworking(&c.Networking, field.NewPath("networking"))...)
-	allErrs = append(allErrs, ValidateCertSANs(c.APIServerCertSANs, field.NewPath("apiServerCertSANs"))...)
+	allErrs = append(allErrs, ValidateAPIServer(&c.APIServer, field.NewPath("apiServer"))...)
 	allErrs = append(allErrs, ValidateAbsolutePath(c.CertificatesDir, field.NewPath("certificatesDir"))...)
 	allErrs = append(allErrs, ValidateFeatureGates(c.FeatureGates, field.NewPath("featureGates"))...)
 	allErrs = append(allErrs, ValidateHostPort(c.ControlPlaneEndpoint, field.NewPath("controlPlaneEndpoint"))...)
@@ -66,6 +66,13 @@ func ValidateClusterConfiguration(c *kubeadm.ClusterConfiguration) field.ErrorLi
 	return allErrs
 }
 
+// ValidateAPIServer validates a APIServer object and collects all encountered errors
+func ValidateAPIServer(a *kubeadm.APIServer, fldPath *field.Path) field.ErrorList {
+	allErrs := field.ErrorList{}
+	allErrs = append(allErrs, ValidateCertSANs(a.CertSANs, fldPath.Child("certSANs"))...)
+	return allErrs
+}
+
 // ValidateJoinConfiguration validates node configuration and collects all encountered errors
 func ValidateJoinConfiguration(c *kubeadm.JoinConfiguration) field.ErrorList {
 	allErrs := field.ErrorList{}

cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go

@@ -44,6 +44,28 @@ func (in *APIEndpoint) DeepCopy() *APIEndpoint {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *APIServer) DeepCopyInto(out *APIServer) {
+	*out = *in
+	in.ControlPlaneComponent.DeepCopyInto(&out.ControlPlaneComponent)
+	if in.CertSANs != nil {
+		in, out := &in.CertSANs, &out.CertSANs
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIServer.
+func (in *APIServer) DeepCopy() *APIServer {
+	if in == nil {
+		return nil
+	}
+	out := new(APIServer)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *AuditPolicyConfiguration) DeepCopyInto(out *AuditPolicyConfiguration) {
 	*out = *in
@@ -149,47 +171,9 @@ func (in *ClusterConfiguration) DeepCopyInto(out *ClusterConfiguration) {
 	in.ComponentConfigs.DeepCopyInto(&out.ComponentConfigs)
 	in.Etcd.DeepCopyInto(&out.Etcd)
 	out.Networking = in.Networking
-	if in.APIServerExtraArgs != nil {
+	in.APIServer.DeepCopyInto(&out.APIServer)
-		in, out := &in.APIServerExtraArgs, &out.APIServerExtraArgs
+	in.ControllerManager.DeepCopyInto(&out.ControllerManager)
-		*out = make(map[string]string, len(*in))
+	in.Scheduler.DeepCopyInto(&out.Scheduler)
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.ControllerManagerExtraArgs != nil {
-		in, out := &in.ControllerManagerExtraArgs, &out.ControllerManagerExtraArgs
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.SchedulerExtraArgs != nil {
-		in, out := &in.SchedulerExtraArgs, &out.SchedulerExtraArgs
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.APIServerExtraVolumes != nil {
-		in, out := &in.APIServerExtraVolumes, &out.APIServerExtraVolumes
-		*out = make([]HostPathMount, len(*in))
-		copy(*out, *in)
-	}
-	if in.ControllerManagerExtraVolumes != nil {
-		in, out := &in.ControllerManagerExtraVolumes, &out.ControllerManagerExtraVolumes
-		*out = make([]HostPathMount, len(*in))
-		copy(*out, *in)
-	}
-	if in.SchedulerExtraVolumes != nil {
-		in, out := &in.SchedulerExtraVolumes, &out.SchedulerExtraVolumes
-		*out = make([]HostPathMount, len(*in))
-		copy(*out, *in)
-	}
-	if in.APIServerCertSANs != nil {
-		in, out := &in.APIServerCertSANs, &out.APIServerCertSANs
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
 	in.AuditPolicyConfiguration.DeepCopyInto(&out.AuditPolicyConfiguration)
 	if in.FeatureGates != nil {
 		in, out := &in.FeatureGates, &out.FeatureGates
@@ -277,6 +261,34 @@ func (in *ComponentConfigs) DeepCopy() *ComponentConfigs {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ControlPlaneComponent) DeepCopyInto(out *ControlPlaneComponent) {
+	*out = *in
+	if in.ExtraArgs != nil {
+		in, out := &in.ExtraArgs, &out.ExtraArgs
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.ExtraVolumes != nil {
+		in, out := &in.ExtraVolumes, &out.ExtraVolumes
+		*out = make([]HostPathMount, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControlPlaneComponent.
+func (in *ControlPlaneComponent) DeepCopy() *ControlPlaneComponent {
+	if in == nil {
+		return nil
+	}
+	out := new(ControlPlaneComponent)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Discovery) DeepCopyInto(out *Discovery) {
 	*out = *in

cmd/kubeadm/app/cmd/init.go

@@ -214,7 +214,7 @@ func AddInitConfigFlags(flagSet *flag.FlagSet, cfg *kubeadmapiv1beta1.InitConfig
 		`The path where to save and store the certificates.`,
 	)
 	flagSet.StringSliceVar(
-		&cfg.APIServerCertSANs, "apiserver-cert-extra-sans", cfg.APIServerCertSANs,
+		&cfg.APIServer.CertSANs, "apiserver-cert-extra-sans", cfg.APIServer.CertSANs,
 		`Optional extra Subject Alternative Names (SANs) to use for the API Server serving certificate. Can be both IP addresses and DNS names.`,
 	)
 	flagSet.StringVar(

cmd/kubeadm/app/cmd/upgrade/common_test.go

@@ -43,12 +43,14 @@ func TestPrintConfiguration(t *testing.T) {
 				},
 			},
 			expectedBytes: []byte(`[upgrade/config] Configuration used:
+	apiServer: {}
 	apiVersion: kubeadm.k8s.io/v1beta1
 	auditPolicy:
 	  logDir: ""
 	  path: ""
 	certificatesDir: ""
 	controlPlaneEndpoint: ""
+	controllerManager: {}
 	etcd:
 	  local:
 	    dataDir: /some/path
@@ -60,6 +62,7 @@ func TestPrintConfiguration(t *testing.T) {
 	  dnsDomain: ""
 	  podSubnet: ""
 	  serviceSubnet: ""
+	scheduler: {}
 	unifiedControlPlaneImage: ""
 `),
 		},
@@ -76,12 +79,14 @@ func TestPrintConfiguration(t *testing.T) {
 				},
 			},
 			expectedBytes: []byte(`[upgrade/config] Configuration used:
+	apiServer: {}
 	apiVersion: kubeadm.k8s.io/v1beta1
 	auditPolicy:
 	  logDir: ""
 	  path: ""
 	certificatesDir: ""
 	controlPlaneEndpoint: ""
+	controllerManager: {}
 	etcd:
 	  external:
 	    caFile: ""
@@ -96,6 +101,7 @@ func TestPrintConfiguration(t *testing.T) {
 	  dnsDomain: ""
 	  podSubnet: ""
 	  serviceSubnet: 10.96.0.1/12
+	scheduler: {}
 	unifiedControlPlaneImage: ""
 `),
 		},

cmd/kubeadm/app/phases/certs/doc.go

@@ -23,7 +23,7 @@ package certs
 	INPUTS:
 		From InitConfiguration
 			.API.AdvertiseAddress is an optional parameter that can be passed for an extra addition to the SAN IPs
-			.APIServerCertSANs is an optional parameter for adding DNS names and IPs to the API Server serving cert SAN
+			.APIServer.CertSANs is an optional parameter for adding DNS names and IPs to the API Server serving cert SAN
 			.Etcd.Local.ServerCertSANs is an optional parameter for adding DNS names and IPs to the etcd serving cert SAN
 			.Etcd.Local.PeerCertSANs is an optional parameter for adding DNS names and IPs to the etcd peer cert SAN
 			.Networking.DNSDomain is needed for knowing which DNS name the internal Kubernetes service has

cmd/kubeadm/app/phases/controlplane/manifests.go

@@ -193,11 +193,11 @@ func getAPIServerCommand(cfg *kubeadmapi.InitConfiguration) []string {
 			defaultArguments["audit-log-maxage"] = fmt.Sprintf("%d", *cfg.AuditPolicyConfiguration.LogMaxAge)
 		}
 	}
-	if cfg.APIServerExtraArgs == nil {
+	if cfg.APIServer.ExtraArgs == nil {
-		cfg.APIServerExtraArgs = map[string]string{}
+		cfg.APIServer.ExtraArgs = map[string]string{}
 	}
-	cfg.APIServerExtraArgs["authorization-mode"] = getAuthzModes(cfg.APIServerExtraArgs["authorization-mode"])
+	cfg.APIServer.ExtraArgs["authorization-mode"] = getAuthzModes(cfg.APIServer.ExtraArgs["authorization-mode"])
-	command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.APIServerExtraArgs)...)
+	command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.APIServer.ExtraArgs)...)
 
 	return command
 }
@@ -302,7 +302,7 @@ func getControllerManagerCommand(cfg *kubeadmapi.InitConfiguration, k8sVersion *
 	}
 
 	command := []string{"kube-controller-manager"}
-	command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.ControllerManagerExtraArgs)...)
+	command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.ControllerManager.ExtraArgs)...)
 
 	return command
 }
@@ -316,7 +316,7 @@ func getSchedulerCommand(cfg *kubeadmapi.InitConfiguration) []string {
 	}
 
 	command := []string{"kube-scheduler"}
-	command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.SchedulerExtraArgs)...)
+	command = append(command, kubeadmutil.BuildArgumentListFromMap(defaultArguments, cfg.Scheduler.ExtraArgs)...)
 	return command
 }
 

cmd/kubeadm/app/phases/controlplane/manifests_test.go

@@ -444,14 +444,16 @@ func TestGetAPIServerCommand(t *testing.T) {
 			},
 		},
 		{
-			name: "test APIServerExtraArgs works as expected",
+			name: "test APIServer.ExtraArgs works as expected",
 			cfg: &kubeadmapi.InitConfiguration{
 				APIEndpoint: kubeadmapi.APIEndpoint{BindPort: 123, AdvertiseAddress: "1.2.3.4"},
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
 					Networking:      kubeadmapi.Networking{ServiceSubnet: "bar"},
 					CertificatesDir: testCertsDir,
 					FeatureGates:    map[string]bool{features.DynamicKubeletConfig: true, features.Auditing: true},
-					APIServerExtraArgs: map[string]string{
+					APIServer: kubeadmapi.APIServer{
+						ControlPlaneComponent: kubeadmapi.ControlPlaneComponent{
+							ExtraArgs: map[string]string{
 								"service-cluster-ip-range": "baz",
 								"advertise-address":        "9.9.9.9",
 								"audit-policy-file":        "/etc/config/audit.yaml",
@@ -459,6 +461,8 @@ func TestGetAPIServerCommand(t *testing.T) {
 							},
 						},
 					},
+				},
+			},
 			expected: []string{
 				"kube-apiserver",
 				"--insecure-port=0",
@@ -500,11 +504,15 @@ func TestGetAPIServerCommand(t *testing.T) {
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
 					Networking:      kubeadmapi.Networking{ServiceSubnet: "bar"},
 					CertificatesDir: testCertsDir,
-					APIServerExtraArgs: map[string]string{
+					APIServer: kubeadmapi.APIServer{
+						ControlPlaneComponent: kubeadmapi.ControlPlaneComponent{
+							ExtraArgs: map[string]string{
 								"authorization-mode": authzmodes.ModeABAC,
 							},
 						},
 					},
+				},
+			},
 			expected: []string{
 				"kube-apiserver",
 				"--insecure-port=0",
@@ -542,11 +550,15 @@ func TestGetAPIServerCommand(t *testing.T) {
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
 					Networking:      kubeadmapi.Networking{ServiceSubnet: "bar"},
 					CertificatesDir: testCertsDir,
-					APIServerExtraArgs: map[string]string{
+					APIServer: kubeadmapi.APIServer{
+						ControlPlaneComponent: kubeadmapi.ControlPlaneComponent{
+							ExtraArgs: map[string]string{
 								"insecure-port": "1234",
 							},
 						},
 					},
+				},
+			},
 			expected: []string{
 				"kube-apiserver",
 				"--insecure-port=1234",
@@ -584,11 +596,15 @@ func TestGetAPIServerCommand(t *testing.T) {
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
 					Networking:      kubeadmapi.Networking{ServiceSubnet: "bar"},
 					CertificatesDir: testCertsDir,
-					APIServerExtraArgs: map[string]string{
+					APIServer: kubeadmapi.APIServer{
+						ControlPlaneComponent: kubeadmapi.ControlPlaneComponent{
+							ExtraArgs: map[string]string{
 								"authorization-mode": authzmodes.ModeWebhook,
 							},
 						},
 					},
+				},
+			},
 			expected: []string{
 				"kube-apiserver",
 				"--insecure-port=0",
@@ -711,7 +727,9 @@ func TestGetControllerManagerCommand(t *testing.T) {
 			name: "custom extra-args for v1.12.0-beta.2",
 			cfg: &kubeadmapi.ClusterConfiguration{
 				Networking: kubeadmapi.Networking{PodSubnet: "10.0.1.15/16"},
-				ControllerManagerExtraArgs: map[string]string{"node-cidr-mask-size": "20"},
+				ControllerManager: kubeadmapi.ControlPlaneComponent{
+					ExtraArgs: map[string]string{"node-cidr-mask-size": "20"},
+				},
 				CertificatesDir:   testCertsDir,
 				KubernetesVersion: "v1.12.0-beta.2",
 			},
@@ -808,7 +826,9 @@ func TestGetControllerManagerCommand(t *testing.T) {
 			name: "custom extra-args for v1.11.3",
 			cfg: &kubeadmapi.ClusterConfiguration{
 				Networking: kubeadmapi.Networking{PodSubnet: "10.0.1.15/16"},
-				ControllerManagerExtraArgs: map[string]string{"node-cidr-mask-size": "20"},
+				ControllerManager: kubeadmapi.ControlPlaneComponent{
+					ExtraArgs: map[string]string{"node-cidr-mask-size": "20"},
+				},
 				CertificatesDir:   testCertsDir,
 				KubernetesVersion: "v1.11.3",
 			},

cmd/kubeadm/app/phases/controlplane/volumes.go

@@ -99,9 +99,9 @@ func getHostPathVolumesForTheControlPlane(cfg *kubeadmapi.InitConfiguration) con
 
 	// Merge user defined mounts and ensure unique volume and volume mount
 	// names
-	mounts.AddExtraHostPathMounts(kubeadmconstants.KubeAPIServer, cfg.APIServerExtraVolumes)
+	mounts.AddExtraHostPathMounts(kubeadmconstants.KubeAPIServer, cfg.APIServer.ExtraVolumes)
-	mounts.AddExtraHostPathMounts(kubeadmconstants.KubeControllerManager, cfg.ControllerManagerExtraVolumes)
+	mounts.AddExtraHostPathMounts(kubeadmconstants.KubeControllerManager, cfg.ControllerManager.ExtraVolumes)
-	mounts.AddExtraHostPathMounts(kubeadmconstants.KubeScheduler, cfg.SchedulerExtraVolumes)
+	mounts.AddExtraHostPathMounts(kubeadmconstants.KubeScheduler, cfg.Scheduler.ExtraVolumes)
 
 	return mounts
 }

cmd/kubeadm/app/phases/upgrade/staticpods_test.go

@@ -63,8 +63,9 @@ apiEndpoint:
 apiVersion: kubeadm.k8s.io/v1beta1
 kind: ClusterConfiguration
 
-apiServerCertSANs: null
+apiServer:
-apiServerExtraArgs: null
+  certSANs: null
+  extraArgs: null
 certificatesDir: %s
 controllerManagerExtraArgs: null
 etcd:

cmd/kubeadm/app/util/config/common_test.go

@@ -228,19 +228,21 @@ func TestLowercaseSANs(t *testing.T) {
 		t.Run(test.name, func(t *testing.T) {
 			cfg := &kubeadmapiv1beta1.InitConfiguration{
 				ClusterConfiguration: kubeadmapiv1beta1.ClusterConfiguration{
-					APIServerCertSANs: test.in,
+					APIServer: kubeadmapiv1beta1.APIServer{
+						CertSANs: test.in,
+					},
 				},
 			}
 
-			LowercaseSANs(cfg.APIServerCertSANs)
+			LowercaseSANs(cfg.APIServer.CertSANs)
 
-			if len(cfg.APIServerCertSANs) != len(test.out) {
+			if len(cfg.APIServer.CertSANs) != len(test.out) {
-				t.Fatalf("expected %d elements, got %d", len(test.out), len(cfg.APIServerCertSANs))
+				t.Fatalf("expected %d elements, got %d", len(test.out), len(cfg.APIServer.CertSANs))
 			}
 
 			for i, expected := range test.out {
-				if cfg.APIServerCertSANs[i] != expected {
+				if cfg.APIServer.CertSANs[i] != expected {
-					t.Errorf("expected element %d to be %q, got %q", i, expected, cfg.APIServerCertSANs[i])
+					t.Errorf("expected element %d to be %q, got %q", i, expected, cfg.APIServer.CertSANs[i])
 				}
 			}
 		})

cmd/kubeadm/app/util/config/initconfiguration.go

@@ -150,7 +150,7 @@ func SetClusterDynamicDefaults(cfg *kubeadmapi.ClusterConfiguration, advertiseAd
 	}
 
 	// Downcase SANs. Some domain names (like ELBs) have capitals in them.
-	LowercaseSANs(cfg.APIServerCertSANs)
+	LowercaseSANs(cfg.APIServer.CertSANs)
 	return nil
 }
 

cmd/kubeadm/app/util/config/testdata/conversion/master/internal.yaml

@@ -1,10 +1,11 @@
 APIEndpoint:
   AdvertiseAddress: 192.168.2.2
   BindPort: 6443
-APIServerCertSANs: null
+APIServer:
-APIServerExtraArgs:
+  CertSANs: null
+  ExtraArgs:
     authorization-mode: Node,RBAC,Webhook
-APIServerExtraVolumes: null
+  ExtraVolumes: null
 AuditPolicyConfiguration:
   LogDir: /var/log/kubernetes/audit
   LogMaxAge: 2
@@ -159,8 +160,9 @@ ComponentConfigs:
     TLSPrivateKeyFile: ""
     VolumeStatsAggPeriod: 1m0s
 ControlPlaneEndpoint: ""
-ControllerManagerExtraArgs: null
+ControllerManager:
-ControllerManagerExtraVolumes: null
+  ExtraArgs: null
+  ExtraVolumes: null
 Etcd:
   External: null
   Local:
@@ -183,6 +185,7 @@ NodeRegistration:
   Taints:
   - effect: NoSchedule
     key: node-role.kubernetes.io/master
-SchedulerExtraArgs: null
+Scheduler:
-SchedulerExtraVolumes: null
+  ExtraArgs: null
+  ExtraVolumes: null
 UnifiedControlPlaneImage: ""

cmd/kubeadm/app/util/config/testdata/conversion/master/v1beta1.yaml

@@ -18,7 +18,8 @@ nodeRegistration:
   - effect: NoSchedule
     key: node-role.kubernetes.io/master
 ---
-apiServerExtraArgs:
+apiServer:
+  extraArgs:
     authorization-mode: Node,RBAC,Webhook
 apiVersion: kubeadm.k8s.io/v1beta1
 auditPolicy:
@@ -28,6 +29,7 @@ auditPolicy:
 certificatesDir: /etc/kubernetes/pki
 clusterName: kubernetes
 controlPlaneEndpoint: ""
+controllerManager: {}
 etcd:
   local:
     dataDir: /var/lib/etcd
@@ -39,6 +41,7 @@ networking:
   dnsDomain: cluster.local
   podSubnet: ""
   serviceSubnet: 10.96.0.0/12
+scheduler: {}
 unifiedControlPlaneImage: ""
 ---
 apiVersion: kubeproxy.config.k8s.io/v1alpha1

cmd/kubeadm/app/util/config/testdata/defaulting/master/defaulted.yaml

@@ -18,6 +18,7 @@ nodeRegistration:
   - effect: NoSchedule
     key: node-role.kubernetes.io/master
 ---
+apiServer: {}
 apiVersion: kubeadm.k8s.io/v1beta1
 auditPolicy:
   logDir: /var/log/kubernetes/audit
@@ -26,6 +27,7 @@ auditPolicy:
 certificatesDir: /var/lib/kubernetes/pki
 clusterName: kubernetes
 controlPlaneEndpoint: ""
+controllerManager: {}
 etcd:
   local:
     dataDir: /var/lib/etcd
@@ -37,6 +39,7 @@ networking:
   dnsDomain: cluster.global
   podSubnet: 10.148.0.0/16
   serviceSubnet: 10.196.0.0/12
+scheduler: {}
 unifiedControlPlaneImage: ""
 ---
 apiVersion: kubeproxy.config.k8s.io/v1alpha1

cmd/kubeadm/app/util/pkiutil/pki_helpers.go

@@ -301,7 +301,7 @@ func GetAPIServerAltNames(cfg *kubeadmapi.InitConfiguration) (*certutil.AltNames
 		}
 	}
 
-	appendSANsToAltNames(altNames, cfg.APIServerCertSANs, kubeadmconstants.APIServerCertName)
+	appendSANsToAltNames(altNames, cfg.APIServer.CertSANs, kubeadmconstants.APIServerCertName)
 
 	return altNames, nil
 }

cmd/kubeadm/app/util/pkiutil/pki_helpers_test.go

@@ -450,7 +450,9 @@ func TestGetAPIServerAltNames(t *testing.T) {
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
 					ControlPlaneEndpoint: "api.k8s.io:6443",
 					Networking:           kubeadmapi.Networking{ServiceSubnet: "10.96.0.0/12", DNSDomain: "cluster.local"},
-					APIServerCertSANs:    []string{"10.1.245.94", "10.1.245.95", "1.2.3.L", "invalid,commas,in,DNS"},
+					APIServer: kubeadmapi.APIServer{
+						CertSANs: []string{"10.1.245.94", "10.1.245.95", "1.2.3.L", "invalid,commas,in,DNS"},
+					},
 				},
 				NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: "valid-hostname"},
 			},
@@ -464,7 +466,9 @@ func TestGetAPIServerAltNames(t *testing.T) {
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
 					ControlPlaneEndpoint: "4.5.6.7:6443",
 					Networking:           kubeadmapi.Networking{ServiceSubnet: "10.96.0.0/12", DNSDomain: "cluster.local"},
-					APIServerCertSANs:    []string{"10.1.245.94", "10.1.245.95", "1.2.3.L", "invalid,commas,in,DNS"},
+					APIServer: kubeadmapi.APIServer{
+						CertSANs: []string{"10.1.245.94", "10.1.245.95", "1.2.3.L", "invalid,commas,in,DNS"},
+					},
 				},
 				NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: "valid-hostname"},
 			},

cmd/kubeadm/app/util/staticpod/utils.go

@@ -246,11 +246,11 @@ func GetProbeAddress(cfg *kubeadmapi.InitConfiguration, componentName string) st
 			return cfg.APIEndpoint.AdvertiseAddress
 		}
 	case componentName == kubeadmconstants.KubeControllerManager:
-		if addr, exists := cfg.ControllerManagerExtraArgs[kubeControllerManagerAddressArg]; exists {
+		if addr, exists := cfg.ControllerManager.ExtraArgs[kubeControllerManagerAddressArg]; exists {
 			return addr
 		}
 	case componentName == kubeadmconstants.KubeScheduler:
-		if addr, exists := cfg.SchedulerExtraArgs[kubeSchedulerAddressArg]; exists {
+		if addr, exists := cfg.Scheduler.ExtraArgs[kubeSchedulerAddressArg]; exists {
 			return addr
 		}
 	case componentName == kubeadmconstants.Etcd:

cmd/kubeadm/app/util/staticpod/utils_test.go

@@ -128,7 +128,9 @@ func TestComponentProbe(t *testing.T) {
 			name: "valid IPv4 controller-manager probe",
 			cfg: &kubeadmapi.InitConfiguration{
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
-					ControllerManagerExtraArgs: map[string]string{"address": "1.2.3.4"},
+					ControllerManager: kubeadmapi.ControlPlaneComponent{
+						ExtraArgs: map[string]string{"address": "1.2.3.4"},
+					},
 				},
 			},
 			component: kubeadmconstants.KubeControllerManager,
@@ -141,7 +143,9 @@ func TestComponentProbe(t *testing.T) {
 			name: "valid IPv6 controller-manager probe",
 			cfg: &kubeadmapi.InitConfiguration{
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
-					ControllerManagerExtraArgs: map[string]string{"address": "2001:db8::1"},
+					ControllerManager: kubeadmapi.ControlPlaneComponent{
+						ExtraArgs: map[string]string{"address": "2001:db8::1"},
+					},
 				},
 			},
 			component: kubeadmconstants.KubeControllerManager,
@@ -154,7 +158,9 @@ func TestComponentProbe(t *testing.T) {
 			name: "valid IPv4 scheduler probe",
 			cfg: &kubeadmapi.InitConfiguration{
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
-					SchedulerExtraArgs: map[string]string{"address": "1.2.3.4"},
+					Scheduler: kubeadmapi.ControlPlaneComponent{
+						ExtraArgs: map[string]string{"address": "1.2.3.4"},
+					},
 				},
 			},
 			component: kubeadmconstants.KubeScheduler,
@@ -167,7 +173,9 @@ func TestComponentProbe(t *testing.T) {
 			name: "valid IPv6 scheduler probe",
 			cfg: &kubeadmapi.InitConfiguration{
 				ClusterConfiguration: kubeadmapi.ClusterConfiguration{
-					SchedulerExtraArgs: map[string]string{"address": "2001:db8::1"},
+					Scheduler: kubeadmapi.ControlPlaneComponent{
+						ExtraArgs: map[string]string{"address": "2001:db8::1"},
+					},
 				},
 			},
 			component: kubeadmconstants.KubeScheduler,