From 993b55a5617f53fb852745e9b915baeddce56bc0 Mon Sep 17 00:00:00 2001 From: Sunnatillo Date: Thu, 5 Sep 2024 14:44:14 +0300 Subject: [PATCH] Remove deprecated code Removes MetricsBindAddr flag Signed-off-by: Sunnatillo --- docs/book/src/reference/ports.md | 2 +- util/flags/manager.go | 62 ++++++++++++-------------------- util/flags/manager_test.go | 16 --------- 3 files changed, 23 insertions(+), 57 deletions(-) diff --git a/docs/book/src/reference/ports.md b/docs/book/src/reference/ports.md index 07b713bb697a..8ca485f19cd7 100644 --- a/docs/book/src/reference/ports.md +++ b/docs/book/src/reference/ports.md @@ -2,7 +2,7 @@ Name | Port Number | Description | --- | --- | --- -`metrics` | | Port that exposes the metrics. This can be customized by setting the `--metrics-bind-addr` flag when starting the manager. The default is to only listen on `localhost:8080` +`diagnostics-address` | | Port that exposes the metrics, the pprof endpoint and an endpoint. This can be customized by setting the `--diagnostics-address` flag when starting the manager. The default port is `8443`. When `insecure-diagnostics` flag is used it is defaulted to port `8080` `webhook` | `9443` | Webhook server port. To disable this set `--webhook-port` flag to `0`. `health` | `9440` | Port that exposes the health endpoint. CThis can be customized by setting the `--health-addr` flag when starting the manager. `profiler`| | Expose the pprof profiler. By default is not configured. Can set the `--profiler-address` flag. e.g. `--profiler-address 6060` diff --git a/util/flags/manager.go b/util/flags/manager.go index c3ccb88c68c4..3334991442a0 100644 --- a/util/flags/manager.go +++ b/util/flags/manager.go @@ -47,11 +47,6 @@ type ManagerOptions struct { // Metrics Options // These are used to configure the metrics server - // MetricsBindAddr is the field that stores the value of the --metrics-bind-addr flag. - // For further details, please see the description of the flag. - // - // Deprecated: This field will be removed in an upcoming release. - MetricsBindAddr string // DiagnosticsAddress is the field that stores the value of the --diagnostics-address flag. // For further details, please see the description of the flag. DiagnosticsAddress string @@ -75,11 +70,6 @@ func AddManagerOptions(fs *pflag.FlagSet, options *ManagerOptions) { "Preferred values: "+strings.Join(tlsCipherPreferredValues, ", ")+". \n"+ "Insecure values: "+strings.Join(tlsCipherInsecureValues, ", ")+".") - fs.StringVar(&options.MetricsBindAddr, "metrics-bind-addr", "", - "The address the metrics endpoint binds to.") - _ = fs.MarkDeprecated("metrics-bind-addr", "Please use --diagnostics-address instead. To continue to serve "+ - "metrics via http and without authentication/authorization set --insecure-diagnostics as well.") - fs.StringVar(&options.DiagnosticsAddress, "diagnostics-address", ":8443", "The address the diagnostics endpoint binds to. Per default metrics are served via https and with"+ "authentication/authorization. To serve via http and without authentication/authorization set --insecure-diagnostics. "+ @@ -113,40 +103,32 @@ func GetManagerOptions(options ManagerOptions) ([]func(config *tls.Config), *met }) } - // If the deprecated "--metrics-bind-addr" flag is set, continue to serve metrics via http + // If "--insecure-diagnostics" is set, serve metrics via http // and without authentication/authorization. - if options.MetricsBindAddr != "" { + if options.InsecureDiagnostics { metricsOptions = &metricsserver.Options{ - BindAddress: options.MetricsBindAddr, + BindAddress: options.DiagnosticsAddress, + SecureServing: false, } } else { - // If "--insecure-diagnostics" is set, serve metrics via http - // and without authentication/authorization. - if options.InsecureDiagnostics { - metricsOptions = &metricsserver.Options{ - BindAddress: options.DiagnosticsAddress, - SecureServing: false, - } - } else { - // If "--insecure-diagnostics" is not set, serve metrics via https - // and with authentication/authorization. As the endpoint is protected, - // we also serve pprof endpoints and an endpoint to change the log level. - metricsOptions = &metricsserver.Options{ - BindAddress: options.DiagnosticsAddress, - SecureServing: true, - FilterProvider: filters.WithAuthenticationAndAuthorization, - ExtraHandlers: map[string]http.Handler{ - // Add handler to dynamically change log level. - "/debug/flags/v": routes.StringFlagPutHandler(logs.GlogSetter), - // Add pprof handler. - "/debug/pprof/": http.HandlerFunc(pprof.Index), - "/debug/pprof/cmdline": http.HandlerFunc(pprof.Cmdline), - "/debug/pprof/profile": http.HandlerFunc(pprof.Profile), - "/debug/pprof/symbol": http.HandlerFunc(pprof.Symbol), - "/debug/pprof/trace": http.HandlerFunc(pprof.Trace), - }, - TLSOpts: tlsOptions, - } + // If "--insecure-diagnostics" is not set, serve metrics via https + // and with authentication/authorization. As the endpoint is protected, + // we also serve pprof endpoints and an endpoint to change the log level. + metricsOptions = &metricsserver.Options{ + BindAddress: options.DiagnosticsAddress, + SecureServing: true, + FilterProvider: filters.WithAuthenticationAndAuthorization, + ExtraHandlers: map[string]http.Handler{ + // Add handler to dynamically change log level. + "/debug/flags/v": routes.StringFlagPutHandler(logs.GlogSetter), + // Add pprof handler. + "/debug/pprof/": http.HandlerFunc(pprof.Index), + "/debug/pprof/cmdline": http.HandlerFunc(pprof.Cmdline), + "/debug/pprof/profile": http.HandlerFunc(pprof.Profile), + "/debug/pprof/symbol": http.HandlerFunc(pprof.Symbol), + "/debug/pprof/trace": http.HandlerFunc(pprof.Trace), + }, + TLSOpts: tlsOptions, } } diff --git a/util/flags/manager_test.go b/util/flags/manager_test.go index 9183d1ec663a..231b51a39674 100644 --- a/util/flags/manager_test.go +++ b/util/flags/manager_test.go @@ -52,22 +52,6 @@ func TestGetManagerOptions(t *testing.T) { }, wantErr: true, }, - { - name: "valid tls + metrics bind addr", - managerOptions: ManagerOptions{ - TLSMinVersion: "VersionTLS13", - TLSCipherSuites: []string{"TLS_AES_256_GCM_SHA384"}, - MetricsBindAddr: ":8080", - }, - wantTLSConfig: &tls.Config{ - MinVersion: tls.VersionTLS13, - CipherSuites: []uint16{tls.TLS_AES_256_GCM_SHA384}, - }, - wantMetricsOptions: &metricsserver.Options{ - BindAddress: ":8080", - }, - wantErr: false, - }, { name: "valid tls + insecure diagnostics + diagnostics address", managerOptions: ManagerOptions{