giantswarm · marians · Jan 6, 2021 · Jan 6, 2021 · Jan 6, 2021
diff --git a/README.md b/README.md
@@ -61,16 +61,17 @@ Whenever you want to switch to using this context:
 
 #### Cluster acccess via internal networks
 
-The Internal Kubernetes API allows you to talk to Kubernetes via the internal load balancer. That can be useful for peered networks.
+The internal Kubernetes API endpoint allows you to talk to Kubernetes via the internal load balancer. That can be useful for peered networks.
+
+In case you want to use the internal Kubernetes API, pass `--internal-api=true` to gsctl when creating a kubectl config entry:
 
-In case you want to use the internal Kubernetes API, pass `--tenant-internal=true` to gsctl:
 ```nohighlight
-$ gsctl create kubeconfig -c h8d0j
+gsctl create kubeconfig -c h8d0j --internal-api=true
 ```
 
-This will render a kubeconfig with the internal Kubernetes API server address (`internal-api`).
+This will render a kubeconfig with the internal Kubernetes API host name `internal-api`, resolving to the internal load balancer.
 
-* Internal API is available only on AWS installations.
+**Note**: The internal API endpoint is available only on AWS installations.
 
 ## Install
 

diff --git a/capabilities/capabilities.go b/capabilities/capabilities.go
@@ -3,7 +3,7 @@ package capabilities
 import "github.com/Masterminds/semver"
 
 var (
-	// Autoscaling is the capability to scale tenant clusters automatically.
+	// Autoscaling is the capability to scale workload clusters automatically.
 	Autoscaling = CapabilityDefinition{
 		Name: "Autoscaling",
 		RequiredReleasePerProvider: []ReleaseProviderPair{
@@ -14,7 +14,7 @@ var (
 		},
 	}
 
-	// AvailabilityZones is the capability to spread the worker nodes of a tenant
+	// AvailabilityZones is the capability to spread the worker nodes of a workload
 	// cluster over multiple availability zones.
 	AvailabilityZones = CapabilityDefinition{
 		Name: "AvailabilityZones",
@@ -26,7 +26,7 @@ var (
 		},
 	}
 
-	// NodePools is the capabilitiy to group tenant cluster workers logically.
+	// NodePools is the capabilitiy to group workload cluster workers logically.
 	// Details get completed with API data, if the feature is available.
 	NodePools = CapabilityDefinition{
 		Name: "NodePools",

diff --git a/capabilities/service.go b/capabilities/service.go
@@ -1,5 +1,5 @@
 // Package capabilities provides an service to find out which capabilities/functions
-// a tenant cluster on the given installation will provide.
+// a workload cluster on the given installation will provide.
 package capabilities
 
 import (
@@ -10,7 +10,7 @@ import (
 )
 
 // Service provides methods to get more details on the installation's
-// and tenant cluster's capabilities.
+// and workload cluster's capabilities.
 type Service struct {
 	// allCapabilities is a list of all the capabilities this package knows about.
 	allCapabilities []CapabilityDefinition

diff --git a/commands/create/kubeconfig/command.go b/commands/create/kubeconfig/command.go
@@ -84,7 +84,7 @@ const (
 	// windows download page
 	kubectlWindowsInstallURL = "https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG.md"
 
-	// tenant internal api prefix
+	// workload cluster internal api prefix
 	tenantInternalAPIPrefix = "internal-api"
 
 	urlDelimiter = "."
@@ -105,7 +105,7 @@ type Arguments struct {
 	description       string
 	fileSystem        afero.Fs
 	force             bool
-	tenantInternal    bool
+	internalAPI       bool
 	outputFormat      string
 	scheme            string
 	selfContainedPath string
@@ -116,7 +116,7 @@ type Arguments struct {
 
 // collectArguments gathers arguments based on command line
 // flags and config and applies defaults.
-func collectArguments() (Arguments, error) {
+func collectArguments(cmd *cobra.Command) (Arguments, error) {
 	endpoint := config.Config.ChooseEndpoint(flags.APIEndpoint)
 	token := config.Config.ChooseToken(endpoint, flags.Token)
 	scheme := config.Config.ChooseScheme(endpoint, flags.Token)
@@ -137,6 +137,11 @@ func collectArguments() (Arguments, error) {
 		return Arguments{}, microerror.Mask(err)
 	}
 
+	// apply deprecated flag if used
+	if cmd.Flags().Changed("tenant-internal") && !cmd.Flags().Changed("internal-api") {
+		flags.InternalAPI = flags.TenantInternal
+	}
+
 	// hack..
 	// cobra sets defaults from other commands to the OutputFormat flag
 	// but we don't have "table" here, so if it's "table", set it to empty string
@@ -154,7 +159,7 @@ func collectArguments() (Arguments, error) {
 		description:       description,
 		fileSystem:        config.FileSystem,
 		force:             flags.Force,
-		tenantInternal:    flags.TenantInternal,
+		internalAPI:       flags.InternalAPI,
 		outputFormat:      flags.OutputFormat,
 		scheme:            scheme,
 		selfContainedPath: cmdKubeconfigSelfContained,
@@ -203,18 +208,22 @@ func init() {
 	Command.Flags().StringVarP(&cmdKubeconfigContextName, "context", "", "", "Set a custom context name. Defaults to 'giantswarm-<cluster-id>'.")
 	Command.Flags().StringVarP(&flags.CertificateOrganizations, "certificate-organizations", "", "", "A comma separated list of organizations for the issued certificates 'O' fields.")
 	Command.Flags().BoolVarP(&flags.Force, "force", "", false, "If set, --self-contained will overwrite existing files without interactive confirmation. Also, there will not be any confirmation for TTL > 30d.")
-	Command.Flags().BoolVarP(&flags.TenantInternal, "tenant-internal", "", false, "If set, kubeconfig will be rendered with internal Kubernetes API address.")
+	Command.Flags().BoolVarP(&flags.TenantInternal, "tenant-internal", "", false, "Replaced by --internal-api.")
+	Command.Flags().BoolVarP(&flags.InternalAPI, "internal-api", "", false, "If set, kubeconfig will be issued with the internal Kubernetes API address instead of the public one.")
 	Command.Flags().StringVarP(&flags.TTL, "ttl", "", "1d", "Lifetime of the created key pair, e.g. 3h. Allowed units: h, d, w, m, y.")
 	Command.Flags().StringVarP(&flags.OutputFormat, "output", "", "", fmt.Sprintf("Output format. Specifying '%s' will change output to be JSON formatted.", formatting.OutputFormatJSON))
 
 	Command.MarkFlagRequired("cluster")
+
+	// TODO: remove this flag by ~ March 2021
+	Command.Flags().MarkDeprecated("tenant-internal", "please use --internal-api instead.")
 }
 
 // createKubeconfigPreRunOutput shows our pre-check results
 func createKubeconfigPreRunOutput(cmd *cobra.Command, cmdLineArgs []string) {
 	var argsErr error
 
-	arguments, argsErr = collectArguments()
+	arguments, argsErr = collectArguments(cmd)
 	if argsErr != nil {
 		if errors.IsInvalidDurationError(argsErr) {
 			fmt.Println(color.RedString("The value passed with --ttl is invalid."))
@@ -430,7 +439,7 @@ func printJSONOutput(result createKubeconfigResult, creationErr error) {
 	}
 }
 
-// getClusterDetails fetches cluster details to get the tenant cluster API endpoint,
+// getClusterDetails fetches cluster details to get the workload cluster API endpoint,
 // and attempts first v5 and then falls back to v4.
 func getClusterDetails(clientWrapper *client.Wrapper, clusterID string, auxParams *client.AuxiliaryParams, verbose bool) (string, error) {
 	// Try v5 first, then fall back to v4.
@@ -490,7 +499,7 @@ func createKubeconfig(ctx context.Context, args Arguments) (createKubeconfigResu
 	}
 
 	// Set internal API endpoint if requested.
-	if args.tenantInternal {
+	if args.internalAPI {
 		baseEndpoint := strings.Split(result.apiEndpoint, urlDelimiter)[1:]
 		result.apiEndpoint = fmt.Sprintf("https://%s.%s", tenantInternalAPIPrefix, strings.Join(baseEndpoint, urlDelimiter))
 	}

diff --git a/commands/types/types.go b/commands/types/types.go
@@ -44,7 +44,7 @@ type NodeDefinition struct {
 	Azure   AzureSpecificDefinition `yaml:"azure,omitempty"`
 }
 
-// ClusterDefinitionV4 defines a tenant cluster spec compatible with the v4 API.
+// ClusterDefinitionV4 defines a workload cluster spec compatible with the v4 API.
 type ClusterDefinitionV4 struct {
 	Name              string            `yaml:"name,omitempty"`
 	Owner             string            `yaml:"owner,omitempty"`
@@ -54,7 +54,7 @@ type ClusterDefinitionV4 struct {
 	Workers           []NodeDefinition  `yaml:"workers,omitempty"`
 }
 
-// ClusterDefinitionV5 defines a tenant cluster spec compatible with the v5 API.
+// ClusterDefinitionV5 defines a workload cluster spec compatible with the v5 API.
 type ClusterDefinitionV5 struct {
 	APIVersion     string                `yaml:"api_version,omitempty"`
 	Name           string                `yaml:"name,omitempty"`
@@ -66,7 +66,7 @@ type ClusterDefinitionV5 struct {
 	Labels         map[string]*string    `yaml:"labels,omitempty"`
 }
 
-// ScalingDefinition defines how a tenant cluster can scale.
+// ScalingDefinition defines how a workload cluster can scale.
 type ScalingDefinition struct {
 	Min int64 `yaml:"min,omitempty"`
 	Max int64 `yaml:"max,omitempty"`

diff --git a/flags/flags.go b/flags/flags.go
@@ -21,6 +21,10 @@ var (
 	// ConfigDirPath represents the configuration path to use temporarily passed as a flag.
 	ConfigDirPath string
 
+	// InternalAPI is a flag that causes the 'create kubeconfig' and 'create keypair'
+	// command to use the workload-cluster-internal API endpoint instead of the public one.
+	InternalAPI bool
+
 	// Verbose represents the verbosity switch passed as a flag.
 	Verbose bool