Commit 3c9fd433 authored by Davanum Srinivas's avatar Davanum Srinivas

Parse cluster-cidr only if it is specified

In iptables/proxier.go, there is code to check the length of the CIDR and setup nat/iptables only if the length of the string is greater than zero. However in PR #49087, strong validation was added so kube proxy currently bails out and basically mandates a valid cidr has to be specified. Let us go back to the earlier behavior.
parent 49b4a514
...@@ -58,9 +58,11 @@ func Validate(config *componentconfig.KubeProxyConfiguration) field.ErrorList { ...@@ -58,9 +58,11 @@ func Validate(config *componentconfig.KubeProxyConfiguration) field.ErrorList {
allErrs = append(allErrs, validateHostPort(config.HealthzBindAddress, newPath.Child("HealthzBindAddress"))...) allErrs = append(allErrs, validateHostPort(config.HealthzBindAddress, newPath.Child("HealthzBindAddress"))...)
allErrs = append(allErrs, validateHostPort(config.MetricsBindAddress, newPath.Child("MetricsBindAddress"))...) allErrs = append(allErrs, validateHostPort(config.MetricsBindAddress, newPath.Child("MetricsBindAddress"))...)
if config.ClusterCIDR != "" {
if _, _, err := net.ParseCIDR(config.ClusterCIDR); err != nil { if _, _, err := net.ParseCIDR(config.ClusterCIDR); err != nil {
allErrs = append(allErrs, field.Invalid(newPath.Child("ClusterCIDR"), config.ClusterCIDR, "must be a valid CIDR block (e.g. 10.100.0.0/16)")) allErrs = append(allErrs, field.Invalid(newPath.Child("ClusterCIDR"), config.ClusterCIDR, "must be a valid CIDR block (e.g. 10.100.0.0/16)"))
} }
}
if _, err := utilnet.ParsePortRange(config.PortRange); err != nil { if _, err := utilnet.ParsePortRange(config.PortRange); err != nil {
allErrs = append(allErrs, field.Invalid(newPath.Child("PortRange"), config.PortRange, "must be a valid port range (e.g. 300-2000)")) allErrs = append(allErrs, field.Invalid(newPath.Child("PortRange"), config.PortRange, "must be a valid port range (e.g. 300-2000)"))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment