New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor(apiserver): disable insecure port #95856
refactor(apiserver): disable insecure port #95856
Conversation
/cc @tallclair |
498668c
to
9560174
Compare
/priority important-soon |
I don't think we want a multi-stage rollout of this... that will lead people to flip their invocations to explicitly enable the insecure port, which is not desired. |
+1 to what @liggitt said! |
e525823
to
4273e50
Compare
Leave the insecure flags intact but stop serving on insecure port.
62c3c3d
to
cfc2b33
Compare
Updated release note /lgtm |
@liggitt i think we should prefix the release note with action required. |
weird... I did with |
looks like we have to modify the release note. |
The tiller container in the armada bootstrap pod relies on the insecure port that kube-apiserver once listened on by default. The kube-apiserver ability to serve on an insecure port, deprecated since v1.10, has been removed in v1.20. [0] This change updates the armada bootstrap pod to use the secure port instead. 0: kubernetes/kubernetes#95856 Change-Id: I6a37fa4e7f97c7aaa3cd0f61b56214483a7dc217
What type of PR is this?
/kind cleanup
/kind deprecation
What this PR does / why we need it:
As @liggitt suggests #91506 (comment):
I decide to leave the insecure flags intact but make apiserver stop serving on insecure port.
Which issue(s) this PR fixes:
xref: #91506
Special notes for your reviewer:
Does this PR introduce a user-facing change?:
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: