From 29771b73c1844efb07760b995dd5e4e990fae335 Mon Sep 17 00:00:00 2001
From: Ole Markus With <o.with@sportradar.com>
Date: Thu, 16 Sep 2021 07:46:16 +0200
Subject: [PATCH] Use TLS for kubescheduler health check as of k8s 1.23

---
 nodeup/pkg/model/kube_scheduler.go | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/nodeup/pkg/model/kube_scheduler.go b/nodeup/pkg/model/kube_scheduler.go
index e76772d790..293dc01d3d 100644
--- a/nodeup/pkg/model/kube_scheduler.go
+++ b/nodeup/pkg/model/kube_scheduler.go
@@ -218,18 +218,22 @@ func (b *KubeSchedulerBuilder) buildPod(kubeScheduler *kops.KubeSchedulerConfig)
 		image = strings.Replace(image, "-amd64", "-"+string(b.Architecture), 1)
 	}
 
+	healthAction := &v1.HTTPGetAction{
+		Host: "127.0.0.1",
+		Path: "/healthz",
+		Port: intstr.FromInt(10251),
+	}
+	if b.IsKubernetesGTE("1.23") {
+		healthAction.Port = intstr.FromInt(10259)
+		healthAction.Scheme = v1.URISchemeHTTPS
+	}
+
 	container := &v1.Container{
 		Name:  "kube-scheduler",
 		Image: image,
 		Env:   proxy.GetProxyEnvVars(b.Cluster.Spec.EgressProxy),
 		LivenessProbe: &v1.Probe{
-			Handler: v1.Handler{
-				HTTPGet: &v1.HTTPGetAction{
-					Host: "127.0.0.1",
-					Path: "/healthz",
-					Port: intstr.FromInt(10251),
-				},
-			},
+			Handler:             v1.Handler{HTTPGet: healthAction},
 			InitialDelaySeconds: 15,
 			TimeoutSeconds:      15,
 		},