First pass at fixing non-inclusive verbage.

cheftako · cheftako · commit 6b74d5e0abe9 · 2021-06-09T23:43:19.000-07:00
Switched easy fix uses of master to either control plane or fronted as
appropriate. However we still have references to the git branch and also
to a feature gate. The latter requires a backward compatible method to
fix.
Fixed easy-rsa-master as per Jefftree.
diff --git a/Makefile b/Makefile
@@ -118,9 +118,9 @@ proto/agent/agent.pb.go: proto/agent/agent.proto
 easy-rsa.tar.gz:
 	curl -L -o easy-rsa.tar.gz --connect-timeout 20 --retry 6 --retry-delay 2 https://github.com/OpenVPN/easy-rsa/archive/refs/tags/v3.0.8.tar.gz
 
-easy-rsa-master: easy-rsa.tar.gz
+easy-rsa: easy-rsa.tar.gz
 	tar xvf easy-rsa.tar.gz
-	mv easy-rsa-3.0.8 easy-rsa-master
+	mv easy-rsa-3.0.8 easy-rsa
 
 cfssl:
 	@if ! command -v cfssl &> /dev/null; then \
@@ -136,34 +136,34 @@ cfssljson:
 
 .PHONY: certs
 certs: export PATH := $(shell pwd):$(PATH)
-certs: easy-rsa-master cfssl cfssljson
+certs: easy-rsa cfssl cfssljson
 	# set up easy-rsa
-	cp -rf easy-rsa-master/easyrsa3 easy-rsa-master/master
-	cp -rf easy-rsa-master/easyrsa3 easy-rsa-master/agent
+	cp -rf easy-rsa/easyrsa3 easy-rsa/frontend
+	cp -rf easy-rsa/easyrsa3 easy-rsa/agent
 	# create the client <-> server-proxy connection certs
-	cd easy-rsa-master/master; \
+	cd easy-rsa/frontend; \
 	./easyrsa init-pki; \
 	./easyrsa --batch "--req-cn=127.0.0.1@$(date +%s)" build-ca nopass; \
-	./easyrsa --subject-alt-name="DNS:kubernetes,DNS:localhost,IP:127.0.0.1" build-server-full "proxy-master" nopass; \
+	./easyrsa --subject-alt-name="DNS:kubernetes,DNS:localhost,IP:127.0.0.1" build-server-full "proxy-frontend" nopass; \
 	./easyrsa build-client-full proxy-client nopass; \
 	echo '{"signing":{"default":{"expiry":"43800h","usages":["signing","key encipherment","client auth"]}}}' > "ca-config.json"; \
 	echo '{"CN":"proxy","names":[{"O":"system:nodes"}],"hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=pki/ca.crt -ca-key=pki/private/ca.key -config=ca-config.json - | cfssljson -bare proxy
-	mkdir -p certs/master
-	cp -r easy-rsa-master/master/pki/private certs/master
-	cp -r easy-rsa-master/master/pki/issued certs/master
-	cp easy-rsa-master/master/pki/ca.crt certs/master/issued
+	mkdir -p certs/frontend
+	cp -r easy-rsa/frontend/pki/private certs/frontend
+	cp -r easy-rsa/frontend/pki/issued certs/frontend
+	cp easy-rsa/frontend/pki/ca.crt certs/frontend/issued
 	# create the agent <-> server-proxy connection certs
-	cd easy-rsa-master/agent; \
+	cd easy-rsa/agent; \
 	./easyrsa init-pki; \
 	./easyrsa --batch "--req-cn=$(PROXY_SERVER_IP)@$(date +%s)" build-ca nopass; \
-	./easyrsa --subject-alt-name="DNS:kubernetes,DNS:localhost,IP:$(PROXY_SERVER_IP)" build-server-full "proxy-master" nopass; \
+	./easyrsa --subject-alt-name="DNS:kubernetes,DNS:localhost,IP:$(PROXY_SERVER_IP)" build-server-full "proxy-frontend" nopass; \
 	./easyrsa build-client-full proxy-agent nopass; \
 	echo '{"signing":{"default":{"expiry":"43800h","usages":["signing","key encipherment","agent auth"]}}}' > "ca-config.json"; \
 	echo '{"CN":"proxy","names":[{"O":"system:nodes"}],"hosts":[""],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=pki/ca.crt -ca-key=pki/private/ca.key -config=ca-config.json - | cfssljson -bare proxy
 	mkdir -p certs/agent
-	cp -r easy-rsa-master/agent/pki/private certs/agent
-	cp -r easy-rsa-master/agent/pki/issued certs/agent
-	cp easy-rsa-master/agent/pki/ca.crt certs/agent/issued
+	cp -r easy-rsa/agent/pki/private certs/agent
+	cp -r easy-rsa/agent/pki/issued certs/agent
+	cp easy-rsa/agent/pki/ca.crt certs/agent/issued
 
 ## --------------------------------------
 ## Docker
@@ -308,4 +308,4 @@ release-alias-tag: # Adds the tag to the last build tag. BASE_REF comes from the
 .PHONY: clean
 clean:
 	go clean -testcache
-	rm -rf proto/agent/agent.pb.go konnectivity-client/proto/client/client.pb.go easy-rsa.tar.gz easy-rsa-master cfssl cfssljson certs bin proto/agent/mocks
+	rm -rf proto/agent/agent.pb.go konnectivity-client/proto/client/client.pb.go easy-rsa.tar.gz easy-rsa cfssl cfssljson certs bin proto/agent/mocks
diff --git a/README.md b/README.md
@@ -62,10 +62,10 @@ requests on the other.
 ### GRPC Client using mTLS Proxy with dial back Agent
 
 ```
-client =HTTP over GRPC=> (:8090) proxy (:8091) <=GRPC= agent =HTTP=> http-test-server(:8000)
-  |                                                    ^
-  |                          Tunnel                    |
-  +----------------------------------------------------+
+Frontend client =HTTP over GRPC=> (:8090) proxy (:8091) <=GRPC= agent =HTTP=> http-test-server(:8000)
+  |                                                               ^
+  |                               Tunnel                          |
+  +---------------------------------------------------------------+
 ```
 
 - Start Simple test HTTP Server (Sample destination)
@@ -75,7 +75,7 @@ client =HTTP over GRPC=> (:8090) proxy (:8091) <=GRPC= agent =HTTP=> http-test-s
 
 - Start proxy service
 ```console
-./bin/proxy-server --server-ca-cert=certs/master/issued/ca.crt --server-cert=certs/master/issued/proxy-master.crt --server-key=certs/master/private/proxy-master.key --cluster-ca-cert=certs/agent/issued/ca.crt --cluster-cert=certs/agent/issued/proxy-master.crt --cluster-key=certs/agent/private/proxy-master.key
+./bin/proxy-server --server-ca-cert=certs/frontend/issued/ca.crt --server-cert=certs/frontend/issued/proxy-frontend.crt --server-key=certs/frontend/private/proxy-frontend.key --cluster-ca-cert=certs/agent/issued/ca.crt --cluster-cert=certs/agent/issued/proxy-frontend.crt --cluster-key=certs/agent/private/proxy-frontend.key
 ```
 
 - Start agent service
@@ -85,16 +85,16 @@ client =HTTP over GRPC=> (:8090) proxy (:8091) <=GRPC= agent =HTTP=> http-test-s
 
 - Run client (mTLS enabled sample client)
 ```console
-./bin/proxy-test-client --ca-cert=certs/master/issued/ca.crt --client-cert=certs/master/issued/proxy-client.crt --client-key=certs/master/private/proxy-client.key
+./bin/proxy-test-client --ca-cert=certs/frontend/issued/ca.crt --client-cert=certs/frontend/issued/proxy-client.crt --client-key=certs/frontend/private/proxy-client.key
 ```
 
 ### GRPC+UDS Client using Proxy with dial back Agent
 
 ```
-client =HTTP over GRPC+UDS=> (/tmp/uds-proxy) proxy (:8091) <=GRPC= agent =HTTP=> SimpleHTTPServer(:8000)
-  |                                                    ^
-  |                          Tunnel                    |
-  +----------------------------------------------------+
+Frontend client =HTTP over GRPC+UDS=> (/tmp/uds-proxy) proxy (:8091) <=GRPC= agent =HTTP=> SimpleHTTPServer(:8000)
+  |                                                                            ^
+  |                                     Tunnel                                 |
+  +----------------------------------------------------------------------------+
 ```
 
 - Start Simple test HTTP Server (Sample destination)
@@ -104,7 +104,7 @@ client =HTTP over GRPC+UDS=> (/tmp/uds-proxy) proxy (:8091) <=GRPC= agent =HTTP=
 
 - Start proxy service
 ```console
-./bin/proxy-server --server-port=0 --uds-name=/tmp/uds-proxy --cluster-ca-cert=certs/agent/issued/ca.crt --cluster-cert=certs/agent/issued/proxy-master.crt --cluster-key=certs/agent/private/proxy-master.key
+./bin/proxy-server --server-port=0 --uds-name=/tmp/uds-proxy --cluster-ca-cert=certs/agent/issued/ca.crt --cluster-cert=certs/agent/issued/proxy-frontend.crt --cluster-key=certs/agent/private/proxy-frontend.key
 ```
 
 - Start agent service
@@ -121,10 +121,10 @@ client =HTTP over GRPC+UDS=> (/tmp/uds-proxy) proxy (:8091) <=GRPC= agent =HTTP=
 ### HTTP-Connect Client using mTLS Proxy with dial back Agent (Either curl OR test client)
 
 ```
-client =HTTP-CONNECT=> (:8090) proxy (:8091) <=GRPC= agent =HTTP=> SimpleHTTPServer(:8000)
-  |                                                    ^
-  |                          Tunnel                    |
-  +----------------------------------------------------+
+Frontend client =HTTP-CONNECT=> (:8090) proxy (:8091) <=GRPC= agent =HTTP=> SimpleHTTPServer(:8000)
+  |                                                             ^
+  |                              Tunnel                         |
+  +-------------------------------------------------------------+
 ```
 
 - Start SimpleHTTPServer (Sample destination)
@@ -134,7 +134,7 @@ client =HTTP-CONNECT=> (:8090) proxy (:8091) <=GRPC= agent =HTTP=> SimpleHTTPSer
 
 - Start proxy service
 ```console
-./bin/proxy-server --mode=http-connect --server-ca-cert=certs/master/issued/ca.crt --server-cert=certs/master/issued/proxy-master.crt --server-key=certs/master/private/proxy-master.key --cluster-ca-cert=certs/agent/issued/ca.crt --cluster-cert=certs/agent/issued/proxy-master.crt --cluster-key=certs/agent/private/proxy-master.key
+./bin/proxy-server --mode=http-connect --server-ca-cert=certs/frontend/issued/ca.crt --server-cert=certs/frontend/issued/proxy-frontend.crt --server-key=certs/frontend/private/proxy-frontend.key --cluster-ca-cert=certs/agent/issued/ca.crt --cluster-cert=certs/agent/issued/proxy-frontend.crt --cluster-key=certs/agent/private/proxy-frontend.key
 ```
 
 - Start agent service
@@ -144,12 +144,12 @@ client =HTTP-CONNECT=> (:8090) proxy (:8091) <=GRPC= agent =HTTP=> SimpleHTTPSer
 
 - Run client (mTLS & http-connect enabled sample client)
 ```console
-./bin/proxy-test-client --mode=http-connect  --proxy-host=127.0.0.1 --ca-cert=certs/master/issued/ca.crt --client-cert=certs/master/issued/proxy-client.crt --client-key=certs/master/private/proxy-client.key
+./bin/proxy-test-client --mode=http-connect  --proxy-host=127.0.0.1 --ca-cert=certs/frontend/issued/ca.crt --client-cert=certs/frontend/issued/proxy-client.crt --client-key=certs/frontend/private/proxy-client.key
 ```
 
 - Run curl client (curl using a mTLS http-connect proxy)
 ```console
-curl -v -p --proxy-key certs/master/private/proxy-client.key --proxy-cert certs/master/issued/proxy-client.crt --proxy-cacert certs/master/issued/ca.crt --proxy-cert-type PEM -x https://127.0.0.1:8090  http://localhost:8000```
+curl -v -p --proxy-key certs/frontend/private/proxy-client.key --proxy-cert certs/frontend/issued/proxy-client.crt --proxy-cacert certs/frontend/issued/ca.crt --proxy-cert-type PEM -x https://127.0.0.1:8090  http://localhost:8000
 ```
 
 ### Running on kubernetes
diff --git a/cmd/agent/main.go b/cmd/agent/main.go
@@ -50,4 +50,3 @@ func main() {
 		os.Exit(1)
 	}
 }
-
diff --git a/cmd/server/app/server.go b/cmd/server/app/server.go
@@ -87,16 +87,16 @@ func (p *Proxy) run(o *options.ProxyRunOptions) error {
 		KubernetesClient:       k8sClient,
 		AuthenticationAudience: o.AuthenticationAudience,
 	}
-	klog.V(1).Infoln("Starting master server for client connections.")
+	klog.V(1).Infoln("Starting frontend server for client connections.")
 	ps, err := server.GenProxyStrategiesFromStr(o.ProxyStrategies)
 	if err != nil {
 		return err
 	}
 	server := server.NewProxyServer(o.ServerID, ps, int(o.ServerCount), authOpt)
 
-	masterStop, err := p.runMasterServer(ctx, o, server)
+	frontendStop, err := p.runFrontendServer(ctx, o, server)
 	if err != nil {
-		return fmt.Errorf("failed to run the master server: %v", err)
+		return fmt.Errorf("failed to run the frontend server: %v", err)
 	}
 
 	klog.V(1).Infoln("Starting agent server for tunnel connections.")
@@ -119,8 +119,8 @@ func (p *Proxy) run(o *options.ProxyRunOptions) error {
 	<-stopCh
 	klog.V(1).Infoln("Shutting down server.")
 
-	if masterStop != nil {
-		masterStop()
+	if frontendStop != nil {
+		frontendStop()
 	}
 
 	return nil
@@ -155,14 +155,14 @@ func getUDSListener(ctx context.Context, udsName string) (net.Listener, error) {
 	return lis, nil
 }
 
-func (p *Proxy) runMasterServer(ctx context.Context, o *options.ProxyRunOptions, server *server.ProxyServer) (StopFunc, error) {
+func (p *Proxy) runFrontendServer(ctx context.Context, o *options.ProxyRunOptions, server *server.ProxyServer) (StopFunc, error) {
 	if o.UdsName != "" {
-		return p.runUDSMasterServer(ctx, o, server)
+		return p.runUDSFrontendServer(ctx, o, server)
 	}
-	return p.runMTLSMasterServer(ctx, o, server)
+	return p.runMTLSFrontendServer(ctx, o, server)
 }
 
-func (p *Proxy) runUDSMasterServer(ctx context.Context, o *options.ProxyRunOptions, s *server.ProxyServer) (StopFunc, error) {
+func (p *Proxy) runUDSFrontendServer(ctx context.Context, o *options.ProxyRunOptions, s *server.ProxyServer) (StopFunc, error) {
 	if o.DeleteUDSFile {
 		if err := os.Remove(o.UdsName); err != nil && !os.IsNotExist(err) {
 			klog.ErrorS(err, "failed to delete file", "file", o.UdsName)
@@ -237,7 +237,7 @@ func (p *Proxy) getTLSConfig(caFile, certFile, keyFile string) (*tls.Config, err
 	return tlsConfig, nil
 }
 
-func (p *Proxy) runMTLSMasterServer(ctx context.Context, o *options.ProxyRunOptions, s *server.ProxyServer) (StopFunc, error) {
+func (p *Proxy) runMTLSFrontendServer(ctx context.Context, o *options.ProxyRunOptions, s *server.ProxyServer) (StopFunc, error) {
 	var stop StopFunc
 
 	var tlsConfig *tls.Config
@@ -277,7 +277,7 @@ func (p *Proxy) runMTLSMasterServer(ctx context.Context, o *options.ProxyRunOpti
 		go func() {
 			err := server.ListenAndServeTLS("", "") // empty files defaults to tlsConfig
 			if err != nil {
-				klog.ErrorS(err, "failed to listen on master port")
+				klog.ErrorS(err, "failed to listen on frontend port")
 			}
 		}()
 	}
@@ -371,4 +371,3 @@ func (p *Proxy) runHealthServer(o *options.ProxyRunOptions, server *server.Proxy
 
 	return nil
 }
-
diff --git a/cmd/server/main.go b/cmd/server/main.go
@@ -51,4 +51,3 @@ func main() {
 		os.Exit(1)
 	}
 }
-
diff --git a/cmd/test-server/main.go b/cmd/test-server/main.go
@@ -111,17 +111,17 @@ func (p *TestServer) run(o *TestServerRunOptions) error {
 	defer cancel()
 
 	klog.Info("Starting test http server for client requests.")
-	masterStop, err := p.runMasterServer(ctx, o)
+	testStop, err := p.runTestServer(ctx, o)
 	if err != nil {
-		return fmt.Errorf("failed to run the master server: %v", err)
+		return fmt.Errorf("failed to run the test server: %v", err)
 	}
 
 	stopCh := SetupSignalHandler()
 	<-stopCh
 	klog.Info("Shutting down server.")
 
-	if masterStop != nil {
-		masterStop()
+	if testStop != nil {
+		testStop()
 	}
 
 	return nil
@@ -187,7 +187,7 @@ func sleepReturnSuccess(w http.ResponseWriter, req *http.Request) {
 	returnSuccess(w, req)
 }
 
-func (p *TestServer) runMasterServer(ctx context.Context, o *TestServerRunOptions) (StopFunc, error) {
+func (p *TestServer) runTestServer(ctx context.Context, o *TestServerRunOptions) (StopFunc, error) {
 	muxHandler := http.NewServeMux()
 	muxHandler.HandleFunc("/success", returnSuccess)
 	muxHandler.HandleFunc("/sleep", sleepReturnSuccess)
diff --git a/examples/kubernetes/README.md b/examples/kubernetes/README.md
@@ -32,7 +32,7 @@ CLUSTER_KEY=/etc/srv/kubernetes/pki/apiserver.key
 ```
 
 # Register SERVER_TOKEN in [static-token-file](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#static-token-file)
-Append the output of the following line to the [static-token-file](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#static-token-file) and restart **kube-apiserver** on the master
+Append the output of the following line to the [static-token-file](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#static-token-file) and restart **kube-apiserver** on the control plane.
 ```bash
 echo "${SERVER_TOKEN},system:konnectivity-server,uid:system:konnectivity-server"
 ```
@@ -46,7 +46,7 @@ K8S_API_PID=$(sudo crictl ps | grep kube-apiserver | awk '{ print $1; }')
 sudo crictl stop ${K8S_API_PID}
 ```
 
-# Save following config at /etc/srv/kubernetes/konnectivity-server/kubeconfig on master VM
+# Save following config at /etc/srv/kubernetes/konnectivity-server/kubeconfig on control plane VM
 ```bash
 SERVER_TOKEN=${SERVER_TOKEN} envsubst < examples/kubernetes/kubeconfig
 ```
diff --git a/pkg/features/features.go b/pkg/features/features.go
@@ -25,6 +25,7 @@ const (
 	// NodeToMasterTraffic enables the traffic initiated in the agents side
 	// to flow to the server side e.g. Kubelet to KAS and pods to KAS traffic
 	// (KEP-2025).
+	// TODO (#issues/232) Determine how to safely fix the feature gate name.
 	NodeToMasterTraffic featuregate.Feature = "NodeToMasterTraffic"
 )
 
diff --git a/pkg/server/metrics/metrics.go b/pkg/server/metrics/metrics.go
@@ -45,7 +45,7 @@ var (
 type ServerMetrics struct {
 	latencies   *prometheus.HistogramVec
 	connections *prometheus.GaugeVec
-	backend *prometheus.GaugeVec
+	backend     *prometheus.GaugeVec
 }
 
 // newServerMetrics create a new ServerMetrics, configured with default metric names.
@@ -80,14 +80,14 @@ func newServerMetrics() *ServerMetrics {
 		},
 		[]string{},
 	)
-	
+
 	prometheus.MustRegister(latencies)
 	prometheus.MustRegister(connections)
 	prometheus.MustRegister(backend)
 	return &ServerMetrics{
-		latencies: latencies,
+		latencies:   latencies,
 		connections: connections,
-		backend: backend,
+		backend:     backend,
 	}
 }
 

Original file line number	Diff line number	Diff line change
`@@ -50,4 +50,3 @@ func main() {`
`50`	`50`	`os.Exit(1)`
`51`	`51`	`}`
`52`	`52`	`}`
`53`		`-`
Original file line number	Diff line number	Diff line change
`@@ -87,16 +87,16 @@ func (p Proxy) run(o options.ProxyRunOptions) error {`
`87`	`87`	`KubernetesClient: k8sClient,`
`88`	`88`	`AuthenticationAudience: o.AuthenticationAudience,`
`89`	`89`	`}`
`90`		`- klog.V(1).Infoln("Starting master server for client connections.")`
	`90`	`+ klog.V(1).Infoln("Starting frontend server for client connections.")`
`91`	`91`	`ps, err := server.GenProxyStrategiesFromStr(o.ProxyStrategies)`
`92`	`92`	`if err != nil {`
`93`	`93`	`return err`
`94`	`94`	`}`
`95`	`95`	`server := server.NewProxyServer(o.ServerID, ps, int(o.ServerCount), authOpt)`
`96`	`96`
`97`		`- masterStop, err := p.runMasterServer(ctx, o, server)`
	`97`	`+ frontendStop, err := p.runFrontendServer(ctx, o, server)`
`98`	`98`	`if err != nil {`
`99`		`- return fmt.Errorf("failed to run the master server: %v", err)`
	`99`	`+ return fmt.Errorf("failed to run the frontend server: %v", err)`
`100`	`100`	`}`
`101`	`101`
`102`	`102`	`klog.V(1).Infoln("Starting agent server for tunnel connections.")`
`@@ -119,8 +119,8 @@ func (p Proxy) run(o options.ProxyRunOptions) error {`
`119`	`119`	`<-stopCh`
`120`	`120`	`klog.V(1).Infoln("Shutting down server.")`
`121`	`121`
`122`		`- if masterStop != nil {`
`123`		`- masterStop()`
	`122`	`+ if frontendStop != nil {`
	`123`	`+ frontendStop()`
`124`	`124`	`}`
`125`	`125`
`126`	`126`	`return nil`
`@@ -155,14 +155,14 @@ func getUDSListener(ctx context.Context, udsName string) (net.Listener, error) {`
`155`	`155`	`return lis, nil`
`156`	`156`	`}`
`157`	`157`
`158`		`-func (p Proxy) runMasterServer(ctx context.Context, o options.ProxyRunOptions, server *server.ProxyServer) (StopFunc, error) {`
	`158`	`+func (p Proxy) runFrontendServer(ctx context.Context, o options.ProxyRunOptions, server *server.ProxyServer) (StopFunc, error) {`
`159`	`159`	`if o.UdsName != "" {`
`160`		`- return p.runUDSMasterServer(ctx, o, server)`
	`160`	`+ return p.runUDSFrontendServer(ctx, o, server)`
`161`	`161`	`}`
`162`		`- return p.runMTLSMasterServer(ctx, o, server)`
	`162`	`+ return p.runMTLSFrontendServer(ctx, o, server)`
`163`	`163`	`}`
`164`	`164`
`165`		`-func (p Proxy) runUDSMasterServer(ctx context.Context, o options.ProxyRunOptions, s *server.ProxyServer) (StopFunc, error) {`
	`165`	`+func (p Proxy) runUDSFrontendServer(ctx context.Context, o options.ProxyRunOptions, s *server.ProxyServer) (StopFunc, error) {`
`166`	`166`	`if o.DeleteUDSFile {`
`167`	`167`	`if err := os.Remove(o.UdsName); err != nil && !os.IsNotExist(err) {`
`168`	`168`	`klog.ErrorS(err, "failed to delete file", "file", o.UdsName)`
`@@ -237,7 +237,7 @@ func (p Proxy) getTLSConfig(caFile, certFile, keyFile string) (tls.Config, err`
`237`	`237`	`return tlsConfig, nil`
`238`	`238`	`}`
`239`	`239`
`240`		`-func (p Proxy) runMTLSMasterServer(ctx context.Context, o options.ProxyRunOptions, s *server.ProxyServer) (StopFunc, error) {`
	`240`	`+func (p Proxy) runMTLSFrontendServer(ctx context.Context, o options.ProxyRunOptions, s *server.ProxyServer) (StopFunc, error) {`
`241`	`241`	`var stop StopFunc`
`242`	`242`
`243`	`243`	`var tlsConfig *tls.Config`
`@@ -277,7 +277,7 @@ func (p Proxy) runMTLSMasterServer(ctx context.Context, o options.ProxyRunOpti`
`277`	`277`	`go func() {`
`278`	`278`	`err := server.ListenAndServeTLS("", "") // empty files defaults to tlsConfig`
`279`	`279`	`if err != nil {`
`280`		`- klog.ErrorS(err, "failed to listen on master port")`
	`280`	`+ klog.ErrorS(err, "failed to listen on frontend port")`
`281`	`281`	`}`
`282`	`282`	`}()`
`283`	`283`	`}`
`@@ -371,4 +371,3 @@ func (p Proxy) runHealthServer(o options.ProxyRunOptions, server *server.Proxy`
`371`	`371`
`372`	`372`	`return nil`
`373`	`373`	`}`
`374`		`-`
Original file line number	Diff line number	Diff line change
`@@ -51,4 +51,3 @@ func main() {`
`51`	`51`	`os.Exit(1)`
`52`	`52`	`}`
`53`	`53`	`}`
`54`		`-`
Original file line number	Diff line number	Diff line change
`@@ -25,6 +25,7 @@ const (`
`25`	`25`	`// NodeToMasterTraffic enables the traffic initiated in the agents side`
`26`	`26`	`// to flow to the server side e.g. Kubelet to KAS and pods to KAS traffic`
`27`	`27`	`// (KEP-2025).`
	`28`	`+ // TODO (#issues/232) Determine how to safely fix the feature gate name.`
`28`	`29`	`NodeToMasterTraffic featuregate.Feature = "NodeToMasterTraffic"`
`29`	`30`	`)`
`30`	`31`
Original file line number	Diff line number	Diff line change
`@@ -45,7 +45,7 @@ var (`
`45`	`45`	`type ServerMetrics struct {`
`46`	`46`	`latencies *prometheus.HistogramVec`
`47`	`47`	`connections *prometheus.GaugeVec`
`48`		`- backend *prometheus.GaugeVec`
	`48`	`+ backend *prometheus.GaugeVec`
`49`	`49`	`}`
`50`	`50`
`51`	`51`	`// newServerMetrics create a new ServerMetrics, configured with default metric names.`
`@@ -80,14 +80,14 @@ func newServerMetrics() *ServerMetrics {`
`80`	`80`	`},`
`81`	`81`	`[]string{},`
`82`	`82`	`)`
`83`		`-`
	`83`	`+`
`84`	`84`	`prometheus.MustRegister(latencies)`
`85`	`85`	`prometheus.MustRegister(connections)`
`86`	`86`	`prometheus.MustRegister(backend)`
`87`	`87`	`return &ServerMetrics{`
`88`		`- latencies: latencies,`
	`88`	`+ latencies: latencies,`
`89`	`89`	`connections: connections,`
`90`		`- backend: backend,`
	`90`	`+ backend: backend,`
`91`	`91`	`}`
`92`	`92`	`}`
`93`	`93`