Remove defaults of allowed names. Updated kubeadm

roles/kubernetes/master/templates/kubeadm-config.yaml.j2

@@ -56,10 +56,6 @@ apiServerExtraArgs:
   allow-privileged: "true"
 {% if kube_version | version_compare('1.9', '>=') %}
   requestheader-client-ca-file: "{{ kube_cert_dir }}/ca.pem"
-  requestheader-allowed-names: "{{ kube_api_requestheader_allowed_names }}"
-  requestheader-extra-headers-prefix: "X-Remote-Extra-"
-  requestheader-group-headers: "X-Remote-Group"
-  requestheader-username-headers: "X-Remote-User"
   enable-aggregator-routing: "{{ kube_api_aggregator_routing }}"
   proxy-client-cert-file: "{{ kube_cert_dir }}/front-proxy-client.pem"
   proxy-client-key-file: "{{ kube_cert_dir }}/front-proxy-client-key.pem"

roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2

@@ -102,7 +102,7 @@ spec:
 {% endif %}
 {% if kube_version | version_compare('1.9', '>=') %}
     - --requestheader-client-ca-file={{ kube_cert_dir }}/ca.pem
-    - --requestheader-allowed-names={{ kube_api_requestheader_allowed_names }}
+    - --requestheader-allowed-names=front-proxy-client
     - --requestheader-extra-headers-prefix=X-Remote-Extra-
     - --requestheader-group-headers=X-Remote-Group
     - --requestheader-username-headers=X-Remote-User

roles/kubespray-defaults/defaults/main.yaml

@@ -122,8 +122,7 @@ kube_apiserver_port: 6443
 kube_apiserver_insecure_bind_address: 127.0.0.1
 kube_apiserver_insecure_port: 8080
 
-# Metrics server
-kube_api_requestheader_allowed_names: "front-proxy-client"
+# Aggregator
 kube_api_aggregator_routing: true
 
 # Path used to store Docker data