Merge pull request #14507 from johngmyers/internalname

Stop making MasterInternalName configurable
2022-11-18 13:38:29 -08:00 · 2022-11-18 13:38:29 -08:00 · d405d4c5a2
parent d6a9e9798f 294c0a3a04
commit d405d4c5a2
211 changed files with 45 additions and 243 deletions
--- a/docs/cluster_spec.md
+++ b/docs/cluster_spec.md
@ -66,7 +66,7 @@ spec:
 *Openstack only*
 As of kOps 1.12.0 it is possible to use the load balancer internally by setting the `useForInternalApi: true`.
-This will point both `masterPublicName` and `masterInternalName` to the load balancer. You can therefore set both of these to the same value in this configuration.
+This will point `masterPublicName` to the load balancer.
 ```yaml
 spec:
--- a/docs/tutorial/upgrading-kubernetes.md
+++ b/docs/tutorial/upgrading-kubernetes.md
@ -45,7 +45,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.17.2
  masterInternalName: api.internal.simple.k8s.local
  masterPublicName: api.simple.k8s.local
  networking:
    kubenet: {}
--- a/k8s/crds/kops.k8s.io_clusters.yaml
+++ b/k8s/crds/kops.k8s.io_clusters.yaml
@ -895,9 +895,9 @@ spec:
                  DNS This is because some clouds let us define a managed zone foo.bar,
                  and then have kubernetes.dev.foo.bar, without needing to define
                  dev.foo.bar as a hosted zone. DNSZone will probably be a suffix
-                  of the MasterPublicName and MasterInternalName Note that DNSZone
+                  of the MasterPublicName. Note that DNSZone can either by the host
-                  can either by the host name of the zone (containing dots), or can
+                  name of the zone (containing dots), or can be an identifier for
-                  be an identifier for the zone.
+                  the zone.
                type: string
              docker:
                description: DockerConfig is the configuration for docker
@ -3933,8 +3933,7 @@ spec:
                  be a "spec" like stable)
                type: string
              masterInternalName:
-                description: MasterInternalName is the internal DNS name for the master
+                description: MasterInternalName is unused.
                  nodes
                type: string
              masterKubelet:
                description: MasterKubelet is the kubelet configuration for nodes
--- a/nodeup/pkg/model/context.go
+++ b/nodeup/pkg/model/context.go
@ -234,7 +234,7 @@ func (c *NodeupModelContext) BuildIssuedKubeconfig(name string, subject nodetask
 		// @note: use https even for local connections, so we can turn off the insecure port
 		kubeConfig.ServerURL = "https://127.0.0.1"
 	} else {
-		kubeConfig.ServerURL = "https://" + c.Cluster.Spec.MasterInternalName
+		kubeConfig.ServerURL = "https://" + c.Cluster.APIInternalName()
 	}
 	ctx.AddTask(kubeConfig)
 	return kubeConfig.GetConfig()
@ -278,7 +278,7 @@ func (c *NodeupModelContext) BuildBootstrapKubeconfig(name string, ctx *fi.Model
 			// @note: use https even for local connections, so we can turn off the insecure port
 			kubeConfig.ServerURL = "https://127.0.0.1"
 		} else {
-			kubeConfig.ServerURL = "https://" + c.Cluster.Spec.MasterInternalName
+			kubeConfig.ServerURL = "https://" + c.Cluster.APIInternalName()
 		}
 		err = ctx.EnsureTask(kubeConfig)
@ -323,7 +323,7 @@ func (c *NodeupModelContext) BuildBootstrapKubeconfig(name string, ctx *fi.Model
 			// This code path is used for the kubelet cert in Kubernetes 1.18 and earlier.
 			kubeConfig.ServerURL = "https://127.0.0.1"
 		} else {
-			kubeConfig.ServerURL = "https://" + c.Cluster.Spec.MasterInternalName
+			kubeConfig.ServerURL = "https://" + c.Cluster.APIInternalName()
 		}
 		err = kubeConfig.Run(nil)
--- a/nodeup/pkg/model/etc_hosts.go
+++ b/nodeup/pkg/model/etc_hosts.go
@ -37,7 +37,7 @@ func (b *EtcHostsBuilder) Build(c *fi.ModelBuilderContext) error {
 	if b.IsMaster && (b.Cluster.IsGossip() || b.Cluster.UsesNoneDNS()) {
 		task.Records = append(task.Records, nodetasks.HostRecord{
-			Hostname:  b.Cluster.Spec.MasterInternalName,
+			Hostname:  b.Cluster.APIInternalName(),
 			Addresses: []string{"127.0.0.1"},
 		})
 		if b.Cluster.Spec.MasterPublicName != "" {
@ -48,7 +48,7 @@ func (b *EtcHostsBuilder) Build(c *fi.ModelBuilderContext) error {
 		}
 	} else if b.BootConfig.APIServerIP != "" {
 		task.Records = append(task.Records, nodetasks.HostRecord{
-			Hostname:  b.Cluster.Spec.MasterInternalName,
+			Hostname:  b.Cluster.APIInternalName(),
 			Addresses: []string{b.BootConfig.APIServerIP},
 		})
 		if b.UseKopsControllerForNodeBootstrap() {
--- a/nodeup/pkg/model/kube_apiserver.go
+++ b/nodeup/pkg/model/kube_apiserver.go
@ -370,7 +370,7 @@ func (b *KubeAPIServerBuilder) writeServerCertificate(c *fi.ModelBuilderContext,
 		if b.Cluster.Spec.MasterPublicName != "" {
 			alternateNames = append(alternateNames, b.Cluster.Spec.MasterPublicName)
 		}
-		alternateNames = append(alternateNames, b.Cluster.Spec.MasterInternalName)
+		alternateNames = append(alternateNames, b.Cluster.APIInternalName())
 		alternateNames = append(alternateNames, b.Cluster.Spec.AdditionalSANs...)
 		// Load balancer IPs passed in through NodeupConfig
@ -734,7 +734,7 @@ func (b *KubeAPIServerBuilder) buildAnnotations() map[string]string {
 	if b.Cluster.Spec.API != nil {
 		if b.Cluster.Spec.API.LoadBalancer == nil || !b.Cluster.Spec.API.LoadBalancer.UseForInternalAPI {
-			annotations["dns.alpha.kubernetes.io/internal"] = b.Cluster.Spec.MasterInternalName
+			annotations["dns.alpha.kubernetes.io/internal"] = b.Cluster.APIInternalName()
 		}
 		if b.Cluster.Spec.API.DNS != nil && b.Cluster.Spec.MasterPublicName != "" {
--- a/nodeup/pkg/model/kube_proxy.go
+++ b/nodeup/pkg/model/kube_proxy.go
@ -126,7 +126,7 @@ func (b *KubeProxyBuilder) buildPod() (*v1.Pod, error) {
 			// which would mean that DNS can't rely on API to come up
 			c.Master = "https://127.0.0.1"
 		} else {
-			c.Master = "https://" + b.Cluster.Spec.MasterInternalName
+			c.Master = "https://" + b.Cluster.APIInternalName()
 		}
 	}
--- a/nodeup/pkg/model/kube_proxy_test.go
+++ b/nodeup/pkg/model/kube_proxy_test.go
@ -38,7 +38,6 @@ func TestKubeProxyBuilder_buildPod(t *testing.T) {
 	// https://pkg.go.dev/k8s.io/kops/pkg/apis/kops#KubeProxyConfig
 	cluster := &kops.Cluster{}
 	cluster.Spec.MasterInternalName = "dev-cluster"
 	cluster.Spec.KubeProxy = &kops.KubeProxyConfig{}
 	cluster.Spec.KubeProxy.Image = "kube-proxy:1.2"
--- a/nodeup/pkg/model/protokube.go
+++ b/nodeup/pkg/model/protokube.go
@ -224,7 +224,7 @@ func (t *ProtokubeBuilder) ProtokubeFlags(k8sVersion semver.Version) (*Protokube
 		}
 		// @TODO: This is hacky, but we want it so that we can have a different internal & external name
-		internalSuffix := t.Cluster.Spec.MasterInternalName
+		internalSuffix := t.Cluster.APIInternalName()
 		internalSuffix = strings.TrimPrefix(internalSuffix, "api.")
 		f.DNSInternalSuffix = fi.String(internalSuffix)
 	}
--- a/nodeup/pkg/model/tests/containerdbuilder/flatcar/cluster.yaml
+++ b/nodeup/pkg/model/tests/containerdbuilder/flatcar/cluster.yaml
@ -23,7 +23,6 @@ spec:
  iam:
    legacy: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/containerdbuilder/from_docker_19.03.11/cluster.yaml
+++ b/nodeup/pkg/model/tests/containerdbuilder/from_docker_19.03.11/cluster.yaml
@ -23,7 +23,6 @@ spec:
  iam:
    legacy: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/containerdbuilder/from_docker_19.03.14/cluster.yaml
+++ b/nodeup/pkg/model/tests/containerdbuilder/from_docker_19.03.14/cluster.yaml
@ -23,7 +23,6 @@ spec:
  iam:
    legacy: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/containerdbuilder/simple/cluster.yaml
+++ b/nodeup/pkg/model/tests/containerdbuilder/simple/cluster.yaml
@ -23,7 +23,6 @@ spec:
  iam:
    legacy: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/containerdbuilder/skipinstall/cluster.yaml
+++ b/nodeup/pkg/model/tests/containerdbuilder/skipinstall/cluster.yaml
@ -23,7 +23,6 @@ spec:
  iam:
    legacy: false
  kubernetesVersion: v1.22.3
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/dockerbuilder/docker_19.03.11/cluster.yaml
+++ b/nodeup/pkg/model/tests/dockerbuilder/docker_19.03.11/cluster.yaml
@ -24,7 +24,6 @@ spec:
  iam:
    legacy: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/dockerbuilder/healthcheck/cluster.yaml
+++ b/nodeup/pkg/model/tests/dockerbuilder/healthcheck/cluster.yaml
@ -24,7 +24,6 @@ spec:
  iam:
    legacy: false
  kubernetesVersion: v1.4.6
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/dockerbuilder/logflags/cluster.yaml
+++ b/nodeup/pkg/model/tests/dockerbuilder/logflags/cluster.yaml
@ -23,7 +23,6 @@ spec:
  iam:
    legacy: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.logflags.example.com
  masterPublicName: api.logflags.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/dockerbuilder/skipinstall/cluster.yaml
+++ b/nodeup/pkg/model/tests/dockerbuilder/skipinstall/cluster.yaml
@ -23,7 +23,6 @@ spec:
  iam:
    legacy: false
  kubernetesVersion: v1.22.6
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/golden/awsiam/cluster.yaml
+++ b/nodeup/pkg/model/tests/golden/awsiam/cluster.yaml
@ -33,7 +33,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/golden/dedicated-apiserver/cluster.yaml
+++ b/nodeup/pkg/model/tests/golden/dedicated-apiserver/cluster.yaml
@ -31,7 +31,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/golden/hooks-containerd-exec/cluster.yaml
+++ b/nodeup/pkg/model/tests/golden/hooks-containerd-exec/cluster.yaml
@ -31,7 +31,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.22.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/golden/hooks-docker-exec/cluster.yaml
+++ b/nodeup/pkg/model/tests/golden/hooks-docker-exec/cluster.yaml
@ -31,7 +31,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.22.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/golden/minimal/cluster.yaml
+++ b/nodeup/pkg/model/tests/golden/minimal/cluster.yaml
@ -31,7 +31,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.23.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/golden/side-loading/cluster.yaml
+++ b/nodeup/pkg/model/tests/golden/side-loading/cluster.yaml
@ -31,7 +31,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: https://storage.googleapis.com/kubernetes-release/release/v1.22.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/golden/without-etcd-events/cluster.yaml
+++ b/nodeup/pkg/model/tests/golden/without-etcd-events/cluster.yaml
@ -22,7 +22,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/kubelet/featuregates/cluster.yaml
+++ b/nodeup/pkg/model/tests/kubelet/featuregates/cluster.yaml
@ -26,7 +26,6 @@ spec:
      AllowExtTrafficLocalEndpoints: "false"
    podManifestPath: "/etc/kubernetes/manifests"
  kubernetesVersion: v1.24.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/kubelet/warmpool/cluster.yaml
+++ b/nodeup/pkg/model/tests/kubelet/warmpool/cluster.yaml
@ -23,7 +23,6 @@ spec:
  kubelet:
    podManifestPath: "/etc/kubernetes/manifests"
  kubernetesVersion: v1.24.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/protokube/cluster.yaml
+++ b/nodeup/pkg/model/tests/protokube/cluster.yaml
@ -27,7 +27,6 @@ spec:
  kubelet:
    hostnameOverride: master.hostname.invalid
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/updateservicebuilder/automatic/cluster.yaml
+++ b/nodeup/pkg/model/tests/updateservicebuilder/automatic/cluster.yaml
@ -27,7 +27,6 @@ spec:
  kubelet:
    hostnameOverride: master.hostname.invalid
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/nodeup/pkg/model/tests/updateservicebuilder/external/cluster.yaml
+++ b/nodeup/pkg/model/tests/updateservicebuilder/external/cluster.yaml
@ -27,7 +27,6 @@ spec:
  kubelet:
    hostnameOverride: master.hostname.invalid
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/pkg/apis/kops/cluster.go
+++ b/pkg/apis/kops/cluster.go
@ -72,8 +72,6 @@ type ClusterSpec struct {
 	Subnets []ClusterSubnetSpec `json:"subnets,omitempty"`
 	// MasterPublicName is the external DNS name for the master nodes
 	MasterPublicName string `json:"masterPublicName,omitempty"`
 	// MasterInternalName is the internal DNS name for the master nodes
 	MasterInternalName string `json:"masterInternalName,omitempty"`
 	// NetworkCIDR is the CIDR used for the AWS VPC / DO/ GCE Network, or otherwise allocated to k8s
 	// This is a real CIDR, not the internal k8s network
 	// On AWS, it maps to the VPC CIDR.  It is not required on GCE.
@ -98,7 +96,7 @@ type ClusterSpec struct {
 	// DNSZone is the DNS zone we should use when configuring DNS
 	// This is because some clouds let us define a managed zone foo.bar, and then have
 	// kubernetes.dev.foo.bar, without needing to define dev.foo.bar as a hosted zone.
-	// DNSZone will probably be a suffix of the MasterPublicName and MasterInternalName
+	// DNSZone will probably be a suffix of the MasterPublicName.
 	// Note that DNSZone can either by the host name of the zone (containing dots),
 	// or can be an identifier for the zone.
 	DNSZone string `json:"dnsZone,omitempty"`
@ -803,10 +801,6 @@ func (c *Cluster) FillDefaults() error {
 		return fmt.Errorf("cluster Name not set in FillDefaults")
 	}
 	if c.Spec.MasterInternalName == "" {
 		c.Spec.MasterInternalName = "api.internal." + c.ObjectMeta.Name
 	}
 	return nil
 }
@ -920,6 +914,10 @@ func (c *Cluster) UsesNoneDNS() bool {
 	return false
 }
 func (c *Cluster) APIInternalName() string {
 	return "api.internal." + c.ObjectMeta.Name
 }
 func (c *ClusterSpec) IsIPv6Only() bool {
 	return utils.IsIPv6CIDR(c.NonMasqueradeCIDR)
 }
--- a/pkg/apis/kops/v1alpha2/cluster.go
+++ b/pkg/apis/kops/v1alpha2/cluster.go
@ -72,7 +72,8 @@ type ClusterSpec struct {
 	Project string `json:"project,omitempty"`
 	// MasterPublicName is the external DNS name for the master nodes
 	MasterPublicName string `json:"masterPublicName,omitempty"`
-	// MasterInternalName is the internal DNS name for the master nodes
+	// MasterInternalName is unused.
 	// +k8s:conversion-gen=false
 	MasterInternalName string `json:"masterInternalName,omitempty"`
 	// NetworkCIDR is the CIDR used for the AWS VPC / GCE Network, or otherwise allocated to k8s
 	// This is a real CIDR, not the internal k8s network
@ -97,7 +98,7 @@ type ClusterSpec struct {
 	// DNSZone is the DNS zone we should use when configuring DNS
 	// This is because some clouds let us define a managed zone foo.bar, and then have
 	// kubernetes.dev.foo.bar, without needing to define dev.foo.bar as a hosted zone.
-	// DNSZone will probably be a suffix of the MasterPublicName and MasterInternalName
+	// DNSZone will probably be a suffix of the MasterPublicName.
 	// Note that DNSZone can either by the host name of the zone (containing dots),
 	// or can be an identifier for the zone.
 	DNSZone string `json:"dnsZone,omitempty"`
--- a/pkg/apis/kops/v1alpha2/zz_generated.conversion.go
+++ b/pkg/apis/kops/v1alpha2/zz_generated.conversion.go
@ -2446,7 +2446,7 @@ func autoConvert_v1alpha2_ClusterSpec_To_kops_ClusterSpec(in *ClusterSpec, out *
 	}
 	// INFO: in.Project opted out of conversion generation
 	out.MasterPublicName = in.MasterPublicName
-	out.MasterInternalName = in.MasterInternalName
+	// INFO: in.MasterInternalName opted out of conversion generation
 	out.NetworkCIDR = in.NetworkCIDR
 	out.AdditionalNetworkCIDRs = in.AdditionalNetworkCIDRs
 	out.NetworkID = in.NetworkID
@ -2870,7 +2870,6 @@ func autoConvert_kops_ClusterSpec_To_v1alpha2_ClusterSpec(in *kops.ClusterSpec,
 		out.Subnets = nil
 	}
 	out.MasterPublicName = in.MasterPublicName
 	out.MasterInternalName = in.MasterInternalName
 	out.NetworkCIDR = in.NetworkCIDR
 	out.AdditionalNetworkCIDRs = in.AdditionalNetworkCIDRs
 	out.NetworkID = in.NetworkID
--- a/pkg/apis/kops/v1alpha3/cluster.go
+++ b/pkg/apis/kops/v1alpha3/cluster.go
@ -68,8 +68,6 @@ type ClusterSpec struct {
 	Subnets []ClusterSubnetSpec `json:"subnets,omitempty"`
 	// MasterPublicName is the external DNS name for the master nodes
 	MasterPublicName string `json:"masterPublicName,omitempty"`
 	// MasterInternalName is the internal DNS name for the master nodes
 	MasterInternalName string `json:"masterInternalName,omitempty"`
 	// NetworkCIDR is the CIDR used for the AWS VPC / GCE Network, or otherwise allocated to k8s
 	// This is a real CIDR, not the internal k8s network
 	// On AWS, it maps to the VPC CIDR.  It is not required on GCE.
@ -93,7 +91,7 @@ type ClusterSpec struct {
 	// DNSZone is the DNS zone we should use when configuring DNS
 	// This is because some clouds let us define a managed zone foo.bar, and then have
 	// kubernetes.dev.foo.bar, without needing to define dev.foo.bar as a hosted zone.
-	// DNSZone will probably be a suffix of the MasterPublicName and MasterInternalName
+	// DNSZone will probably be a suffix of the MasterPublicName.
 	// Note that DNSZone can either by the host name of the zone (containing dots),
 	// or can be an identifier for the zone.
 	DNSZone string `json:"dnsZone,omitempty"`
--- a/pkg/apis/kops/v1alpha3/zz_generated.conversion.go
+++ b/pkg/apis/kops/v1alpha3/zz_generated.conversion.go
@ -2555,7 +2555,6 @@ func autoConvert_v1alpha3_ClusterSpec_To_kops_ClusterSpec(in *ClusterSpec, out *
 		out.Subnets = nil
 	}
 	out.MasterPublicName = in.MasterPublicName
 	out.MasterInternalName = in.MasterInternalName
 	out.NetworkCIDR = in.NetworkCIDR
 	out.AdditionalNetworkCIDRs = in.AdditionalNetworkCIDRs
 	out.NetworkID = in.NetworkID
@ -2978,7 +2977,6 @@ func autoConvert_kops_ClusterSpec_To_v1alpha3_ClusterSpec(in *kops.ClusterSpec,
 		out.Subnets = nil
 	}
 	out.MasterPublicName = in.MasterPublicName
 	out.MasterInternalName = in.MasterInternalName
 	out.NetworkCIDR = in.NetworkCIDR
 	out.AdditionalNetworkCIDRs = in.AdditionalNetworkCIDRs
 	out.NetworkID = in.NetworkID
--- a/pkg/kubeconfig/create_kubecfg.go
+++ b/pkg/kubeconfig/create_kubecfg.go
@ -37,10 +37,7 @@ func BuildKubecfg(cluster *kops.Cluster, keyStore fi.Keystore, secretStore fi.Se
 	var master string
 	if internal {
-		master = cluster.Spec.MasterInternalName
+		master = cluster.APIInternalName()
 		if master == "" {
 			master = "api.internal." + clusterName
 		}
 	} else {
 		master = cluster.Spec.MasterPublicName
 		if master == "" {
--- a/pkg/kubeconfig/create_kubecfg_test.go
+++ b/pkg/kubeconfig/create_kubecfg_test.go
@ -17,7 +17,6 @@ limitations under the License.
 package kubeconfig
 import (
 	"fmt"
 	"testing"
 	"time"
@ -121,7 +120,6 @@ func (f fakeKeyStore) MirrorTo(basedir vfs.Path) error {
 func buildMinimalCluster(clusterName string, masterPublicName string, lbCert bool, nlb bool) *kops.Cluster {
 	cluster := testutils.BuildMinimalCluster(clusterName)
 	cluster.Spec.MasterPublicName = masterPublicName
 	cluster.Spec.MasterInternalName = fmt.Sprintf("internal.%v", masterPublicName)
 	cluster.Spec.KubernetesVersion = "1.24.0"
 	cluster.Spec.API = &kops.AccessSpec{
 		LoadBalancer: &kops.LoadBalancerAccessSpec{},
@ -324,7 +322,7 @@ func TestBuildKubecfg(t *testing.T) {
 			},
 			want: &KubeconfigBuilder{
 				Context: "testcluster",
-				Server:  "https://internal.testcluster.test.com",
+				Server:  "https://api.internal.testcluster",
 				CACerts: []byte(nextCertificate + certData),
 				User:    "testcluster",
 			},
--- a/pkg/model/awsmodel/dns.go
+++ b/pkg/model/awsmodel/dns.go
@ -129,11 +129,11 @@ func (b *DNSModelBuilder) Build(c *fi.ModelBuilderContext) error {
 				return err
 			}
-			// Using EnsureTask as MasterInternalName and MasterPublicName could be the same
+			// Using EnsureTask as APIInternalName() and MasterPublicName could be the same
 			{
 				err := c.EnsureTask(&awstasks.DNSName{
-					Name:               fi.String(b.Cluster.Spec.MasterInternalName),
+					Name:               fi.String(b.Cluster.APIInternalName()),
-					ResourceName:       fi.String(b.Cluster.Spec.MasterInternalName),
+					ResourceName:       fi.String(b.Cluster.APIInternalName()),
 					Lifecycle:          b.Lifecycle,
 					Zone:               b.LinkToDNSZone(),
 					ResourceType:       fi.String("A"),
@ -145,8 +145,8 @@ func (b *DNSModelBuilder) Build(c *fi.ModelBuilderContext) error {
 			}
 			if b.UseIPv6ForAPI() {
 				err := c.EnsureTask(&awstasks.DNSName{
-					Name:               fi.String(b.Cluster.Spec.MasterInternalName + "-AAAA"),
+					Name:               fi.String(b.Cluster.APIInternalName() + "-AAAA"),
-					ResourceName:       fi.String(b.Cluster.Spec.MasterInternalName),
+					ResourceName:       fi.String(b.Cluster.APIInternalName()),
 					Lifecycle:          b.Lifecycle,
 					Zone:               b.LinkToDNSZone(),
 					ResourceType:       fi.String("AAAA"),
--- a/pkg/model/components/discovery.go
+++ b/pkg/model/components/discovery.go
@ -74,7 +74,7 @@ func (b *DiscoveryOptionsBuilder) BuildOptions(o interface{}) error {
 			if supportsPublicJWKS(clusterSpec) && clusterSpec.MasterPublicName != "" {
 				serviceAccountIssuer = "https://" + clusterSpec.MasterPublicName
 			} else {
-				serviceAccountIssuer = "https://" + clusterSpec.MasterInternalName
+				serviceAccountIssuer = "https://api.internal." + b.ClusterName
 			}
 		}
 		kubeAPIServer.ServiceAccountIssuer = &serviceAccountIssuer
--- a/pkg/model/components/etcdmanager/model.go
+++ b/pkg/model/components/etcdmanager/model.go
@ -294,7 +294,7 @@ func (b *EtcdManagerBuilder) buildPod(etcdCluster kops.EtcdClusterSpec, instance
 	dnsInternalSuffix := ""
 	if b.Cluster.IsGossip() {
 		// @TODO: This is hacky, but we want it so that we can have a different internal & external name
-		dnsInternalSuffix = b.Cluster.Spec.MasterInternalName
+		dnsInternalSuffix = b.Cluster.APIInternalName()
 		dnsInternalSuffix = strings.TrimPrefix(dnsInternalSuffix, "api.")
 	}
@ -316,7 +316,7 @@ func (b *EtcdManagerBuilder) buildPod(etcdCluster kops.EtcdClusterSpec, instance
 	case "cilium":
 		if !featureflag.APIServerNodes.Enabled() {
-			clientHost = b.Cluster.Spec.MasterInternalName
+			clientHost = b.Cluster.APIInternalName()
 		}
 	default:
 		return nil, fmt.Errorf("unknown etcd cluster key %q", etcdCluster.Name)
--- a/pkg/model/components/etcdmanager/tests/interval/cluster.yaml
+++ b/pkg/model/components/etcdmanager/tests/interval/cluster.yaml
@ -34,7 +34,6 @@ spec:
    backups:
      backupStore: memfs://clusters.example.com/minimal.example.com/backups/etcd-events
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/pkg/model/components/etcdmanager/tests/minimal/cluster.yaml
+++ b/pkg/model/components/etcdmanager/tests/minimal/cluster.yaml
@ -29,7 +29,6 @@ spec:
    backups:
      backupStore: memfs://clusters.example.com/minimal.example.com/backups/etcd-events
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/pkg/model/components/etcdmanager/tests/overwrite_settings/cluster.yaml
+++ b/pkg/model/components/etcdmanager/tests/overwrite_settings/cluster.yaml
@ -39,7 +39,6 @@ spec:
    backups:
      backupStore: memfs://clusters.example.com/minimal.example.com/backups/etcd-events
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/pkg/model/components/etcdmanager/tests/proxy/cluster.yaml
+++ b/pkg/model/components/etcdmanager/tests/proxy/cluster.yaml
@ -33,7 +33,6 @@ spec:
    backups:
      backupStore: memfs://clusters.example.com/minimal.example.com/backups/etcd-events
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/pkg/model/components/kubeapiserver/tests/minimal/cluster.yaml
+++ b/pkg/model/components/kubeapiserver/tests/minimal/cluster.yaml
@ -10,7 +10,6 @@ spec:
  cloudProvider: aws
  configBase: memfs://clusters.example.com/minimal.example.com
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/pkg/testutils/cluster.go
+++ b/pkg/testutils/cluster.go
@ -37,7 +37,6 @@ func BuildMinimalCluster(clusterName string) *kops.Cluster {
 	c.Spec.Containerd = &kops.ContainerdConfig{}
 	c.Spec.MasterPublicName = fmt.Sprintf("api.%v", clusterName)
 	c.Spec.MasterInternalName = fmt.Sprintf("internal.api.%v", clusterName)
 	c.Spec.KubernetesAPIAccess = []string{"0.0.0.0/0"}
 	c.Spec.SSHAccess = []string{"0.0.0.0/0"}
--- a/tests/e2e/scenarios/podidentitywebhook/cluster.yaml.tmpl
+++ b/tests/e2e/scenarios/podidentitywebhook/cluster.yaml.tmpl
@ -30,7 +30,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: {{.kubernetesVersion}}
  masterInternalName: api.internal.{{.clusterName}}
  masterPublicName: api.{{.clusterName}}
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/e2e/templates/apiserver-dns-none.yaml.tmpl
+++ b/tests/e2e/templates/apiserver-dns-none.yaml.tmpl
@ -26,7 +26,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: {{.kubernetesVersion}}
  masterInternalName: api.internal.{{.clusterName}}
  networkCIDR: 172.20.0.0/16
  networking:
    calico: {}
--- a/tests/e2e/templates/apiserver.yaml.tmpl
+++ b/tests/e2e/templates/apiserver.yaml.tmpl
@ -22,7 +22,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: {{.kubernetesVersion}}
  masterInternalName: api.internal.{{.clusterName}}
  masterPublicName: api.{{.clusterName}}
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/e2e/templates/many-addons.yaml.tmpl
+++ b/tests/e2e/templates/many-addons.yaml.tmpl
@ -35,7 +35,6 @@ spec:
    provider: CoreDNS
    nodeLocalDNS:
      enabled: true
  masterInternalName: api.internal.{{.clusterName}}
  masterPublicName: api.{{.clusterName}}
  metricsServer:
    enabled: true
--- a/tests/e2e/templates/simple.yaml.tmpl
+++ b/tests/e2e/templates/simple.yaml.tmpl
@ -22,7 +22,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: {{.kubernetesVersion}}
  masterInternalName: api.internal.{{.clusterName}}
  masterPublicName: api.{{.clusterName}}
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/e2e/templates/staticcpumanagerpolicy.tmpl
+++ b/tests/e2e/templates/staticcpumanagerpolicy.tmpl
@ -32,7 +32,6 @@ spec:
      ephemeral-storage: 1Gi
      memory: 120Mi
  kubernetesVersion: {{.kubernetesVersion}}
  masterInternalName: api.internal.{{.clusterName}}
  masterPublicName: api.{{.clusterName}}
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/aws/v1alpha2.yaml
+++ b/tests/integration/conversion/aws/v1alpha2.yaml
@ -42,7 +42,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/aws/v1alpha3.yaml
+++ b/tests/integration/conversion/aws/v1alpha3.yaml
@ -41,7 +41,6 @@ spec:
  kubernetesAPIAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/azure/v1alpha2.yaml
+++ b/tests/integration/conversion/azure/v1alpha2.yaml
@ -39,7 +39,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/azure/v1alpha3.yaml
+++ b/tests/integration/conversion/azure/v1alpha3.yaml
@ -37,7 +37,6 @@ spec:
  kubernetesAPIAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/canal/v1alpha2.yaml
+++ b/tests/integration/conversion/canal/v1alpha2.yaml
@ -33,7 +33,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/canal/v1alpha3.yaml
+++ b/tests/integration/conversion/canal/v1alpha3.yaml
@ -33,7 +33,6 @@ spec:
  kubernetesAPIAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/cilium/v1alpha2.yaml
+++ b/tests/integration/conversion/cilium/v1alpha2.yaml
@ -33,7 +33,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/cilium/v1alpha3.yaml
+++ b/tests/integration/conversion/cilium/v1alpha3.yaml
@ -33,7 +33,6 @@ spec:
  kubernetesAPIAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/do/v1alpha2.yaml
+++ b/tests/integration/conversion/do/v1alpha2.yaml
@ -32,7 +32,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/do/v1alpha3.yaml
+++ b/tests/integration/conversion/do/v1alpha3.yaml
@ -31,7 +31,6 @@ spec:
  kubernetesAPIAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/gce/v1alpha2.yaml
+++ b/tests/integration/conversion/gce/v1alpha2.yaml
@ -32,7 +32,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/gce/v1alpha3.yaml
+++ b/tests/integration/conversion/gce/v1alpha3.yaml
@ -32,7 +32,6 @@ spec:
  kubernetesAPIAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/minimal/legacy-v1alpha2.yaml
+++ b/tests/integration/conversion/minimal/legacy-v1alpha2.yaml
@ -33,7 +33,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/minimal/v1alpha2.yaml
+++ b/tests/integration/conversion/minimal/v1alpha2.yaml
@ -33,7 +33,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/minimal/v1alpha3.yaml
+++ b/tests/integration/conversion/minimal/v1alpha3.yaml
@ -33,7 +33,6 @@ spec:
  kubernetesAPIAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/openstack/v1alpha2.yaml
+++ b/tests/integration/conversion/openstack/v1alpha2.yaml
@ -48,7 +48,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/conversion/openstack/v1alpha3.yaml
+++ b/tests/integration/conversion/openstack/v1alpha3.yaml
@ -46,7 +46,6 @@ spec:
  kubernetesAPIAccess:
  - 0.0.0.0/0
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/additionalobjects/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/additionalobjects/data/aws_s3_object_cluster-completed.spec_content
@ -167,7 +167,6 @@ spec:
  - 0.0.0.0/0
  - ::/0
  kubernetesVersion: 1.23.0
  masterInternalName: api.internal.additionalobjects.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/apiservernodes/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/apiservernodes/data/aws_s3_object_cluster-completed.spec_content
@ -156,7 +156,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.22.0
  masterInternalName: api.internal.minimal.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_cluster-completed.spec_content
@ -147,7 +147,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/aws-lb-controller/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/aws-lb-controller/in-v1alpha2.yaml
@ -27,7 +27,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/bastionadditional_user-data/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/bastionadditional_user-data/data/aws_s3_object_cluster-completed.spec_content
@ -144,7 +144,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.bastionuserdata.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/complex/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/complex/data/aws_s3_object_cluster-completed.spec_content
@ -195,7 +195,6 @@ spec:
  - 1.1.1.0/24
  - pl-44444444
  kubernetesVersion: 1.24.0
  masterInternalName: api.internal.complex.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/complex/in-legacy-v1alpha2.yaml
+++ b/tests/integration/update_cluster/complex/in-legacy-v1alpha2.yaml
@ -51,7 +51,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.24.0
  masterInternalName: api.internal.complex.example.com
  masterPublicName: api.complex.example.com
  networkCIDR: 172.20.0.0/16
  additionalNetworkCIDRs:
--- a/tests/integration/update_cluster/complex/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/complex/in-v1alpha2.yaml
@ -51,7 +51,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.24.0
  masterInternalName: api.internal.complex.example.com
  masterPublicName: api.complex.example.com
  networkCIDR: 172.20.0.0/16
  additionalNetworkCIDRs:
--- a/tests/integration/update_cluster/compress/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/compress/data/aws_s3_object_cluster-completed.spec_content
@ -142,7 +142,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.compress.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/compress/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/compress/in-v1alpha2.yaml
@ -22,7 +22,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.compress.example.com
  masterPublicName: api.compress.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/containerd-custom/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/containerd-custom/in-v1alpha2.yaml
@ -32,7 +32,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.containerd.example.com
  masterPublicName: api.containerd.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/containerd/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/containerd/in-v1alpha2.yaml
@ -23,7 +23,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.containerd.example.com
  masterPublicName: api.containerd.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/digit/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/digit/data/aws_s3_object_cluster-completed.spec_content
@ -164,7 +164,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.123.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/digit/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/digit/in-v1alpha2.yaml
@ -44,7 +44,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.123.example.com
  masterPublicName: api.123.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/docker-custom/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/docker-custom/in-v1alpha2.yaml
@ -29,7 +29,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.docker.example.com
  masterPublicName: api.docker.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/existing_iam/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/existing_iam/data/aws_s3_object_cluster-completed.spec_content
@ -150,7 +150,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.existing-iam.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/existing_iam_cloudformation/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/existing_iam_cloudformation/in-v1alpha2.yaml
@ -22,7 +22,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/existing_sg/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/existing_sg/data/aws_s3_object_cluster-completed.spec_content
@ -153,7 +153,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.existingsg.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/existing_sg/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/existing_sg/in-v1alpha2.yaml
@ -33,7 +33,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.existingsg.example.com
  masterPublicName: api.existingsg.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/external_dns/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/external_dns/data/aws_s3_object_cluster-completed.spec_content
@ -142,7 +142,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/external_dns/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/external_dns/in-v1alpha2.yaml
@ -24,7 +24,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/external_dns_irsa/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/external_dns_irsa/data/aws_s3_object_cluster-completed.spec_content
@ -143,7 +143,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/external_dns_irsa/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/external_dns_irsa/in-v1alpha2.yaml
@ -25,7 +25,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/externallb/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/externallb/data/aws_s3_object_cluster-completed.spec_content
@ -142,7 +142,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.externallb.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/externallb/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/externallb/in-v1alpha2.yaml
@ -22,7 +22,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.externallb.example.com
  masterPublicName: api.externallb.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/externalpolicies/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/externalpolicies/data/aws_s3_object_cluster-completed.spec_content
@ -159,7 +159,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.externalpolicies.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/externalpolicies/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/externalpolicies/in-v1alpha2.yaml
@ -34,7 +34,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.externalpolicies.example.com
  masterPublicName: api.externalpolicies.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/tests/integration/update_cluster/ha/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/ha/data/aws_s3_object_cluster-completed.spec_content
@ -150,7 +150,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.ha.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/ha_gce/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/ha_gce/data/aws_s3_object_cluster-completed.spec_content
@ -154,7 +154,6 @@ spec:
  - 0.0.0.0/0
  - ::/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.ha-gce.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/irsa/data/aws_s3_object_cluster-completed.spec_content
+++ b/tests/integration/update_cluster/irsa/data/aws_s3_object_cluster-completed.spec_content
@ -171,7 +171,6 @@ spec:
  kubernetesApiAccess:
  - 0.0.0.0/0
  kubernetesVersion: 1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterKubelet:
    anonymousAuth: false
    cgroupDriver: systemd
--- a/tests/integration/update_cluster/irsa/in-v1alpha2.yaml
+++ b/tests/integration/update_cluster/irsa/in-v1alpha2.yaml
@ -51,7 +51,6 @@ spec:
  kubelet:
    anonymousAuth: false
  kubernetesVersion: v1.21.0
  masterInternalName: api.internal.minimal.example.com
  masterPublicName: api.minimal.example.com
  networkCIDR: 172.20.0.0/16
  networking:
--- a/Show More
+++ b/Show More