feat: check configuration #1832
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
lut777
force-pushed
the
master
branch
2 times, most recently
from
fdec3b2
to
cf4863c
Compare
It's done. |
lut777
force-pushed
the
master
branch
2 times, most recently
from
75b922d
to
88a43d7
Compare
oilbeater
requested changes
Aug 24, 2022
pkg/controller/config.go
Outdated
| @@ -249,6 +249,10 @@ func ParseFlags() (*Configuration, error) { | |||
| return nil, err | |||
| } | |||
|
|
|||
| if err := util.CIDRConflict([]string{config.NodeSwitchCIDR, config.DefaultCIDR, config.ServiceClusterIPRange}); err != nil { | |||
There was a problem hiding this comment.
cidrCheck 和 conflictCheck 要拆开
There was a problem hiding this comment.
两个功能性函数已经拆开, 并且已经根据之前的函数功能重新简化命名并使用.
pkg/util/net.go
Outdated
| if err != nil { | ||
| return err | ||
| } | ||
| if v4 != nil { |
There was a problem hiding this comment.
不要在 cidrconflict 里检查 cidr 是否正确。否则一个子网非法,其他正常子网都会冲突无法创建
pkg/util/net.go
Outdated
| return nil | ||
| } | ||
|
|
||
| func ReturnCidr(address string) (*net.IPNet, *net.IPNet, error) { |
There was a problem hiding this comment.
Suggested change
| func ReturnCidr(address string) (*net.IPNet, *net.IPNet, error) { | |
| func ReturnCidr(cidrBlock string) (*net.IPNet, *net.IPNet, error) { |
pkg/util/net.go
Outdated
| return nil, acidr, nil | ||
| } | ||
|
|
||
| return nil, nil, fmt.Errorf("ip %v unresolvable", address) |
There was a problem hiding this comment.
Suggested change
| return nil, nil, fmt.Errorf("ip %v unresolvable", address) | |
| return nil, nil, fmt.Errorf("cidr %v unresolvable", address) |
pkg/util/net.go
Outdated
| return nil, nil, fmt.Errorf("ip %v unresolvable", address) | ||
| } | ||
|
|
||
| func checkIPV4(ip *net.IPNet) error { |
There was a problem hiding this comment.
Suggested change
| func checkIPV4(ip *net.IPNet) error { | |
| func checkIPV4Cidr(cidr *net.IPNet) error { |
pkg/util/net.go
Outdated
| return nil | ||
| } | ||
|
|
||
| func checkIPV6(ip *net.IPNet) error { |
There was a problem hiding this comment.
Suggested change
| func checkIPV6(ip *net.IPNet) error { | |
| func checkIPV6Cidr(cidr *net.IPNet) error { |
lut777
force-pushed
the
master
branch
4 times, most recently
from
c09f492
to
f2252bd
Compare
zhangzujian
reviewed
Aug 30, 2022
Comment on lines
618
to
620
| - name: Setup upterm session | ||
| uses: lhotari/action-upterm@v1 | ||
|
|
lut777
force-pushed
the
master
branch
5 times, most recently
from
77a3654
to
f7b6973
Compare
oilbeater
requested changes
Aug 30, 2022
pkg/util/net.go
Outdated
| @@ -434,3 +428,77 @@ func GatewayContains(gatewayNodeStr, gateway string) bool { | |||
| func JoinHostPort(host string, port int32) string { | |||
| return net.JoinHostPort(host, strconv.FormatInt(int64(port), 10)) | |||
| } | |||
|
|
|||
| func CheckSupCIDROverlap(a, b string) bool { | |||
There was a problem hiding this comment.
CheckSupCIDROverlap -> CIDROverlap
pkg/util/net.go
Outdated
| return false | ||
| } | ||
|
|
||
| func CheckCIDRSpec(cidr string) error { |
There was a problem hiding this comment.
CheckCIDRSpec -> CIDRGlobalUnicast
pkg/util/net.go
Outdated
| const ( | ||
| IPV4Multicast = "224.0.0.0/4" | ||
| IPV4Loopback = "127.0.0.1/8" | ||
| IPv4bcast = "255.255.255.255/32" |
pkg/util/net.go
Outdated
| IPV4Multicast = "224.0.0.0/4" | ||
| IPV4Loopback = "127.0.0.1/8" | ||
| IPv4bcast = "255.255.255.255/32" | ||
| IPv4zero = "0.0.0.0/32" |
pkg/util/net.go
Outdated
Comment on lines
23
to
28
| IPv4LinkLocalUnicast = "169.254.0.0/16" | ||
|
|
||
| IPv6unspecified = "::/128" | ||
| IPv6loopback = "::1/128" | ||
| IPV6Multicast = "ff00::/8" | ||
| IPv6linkLocalUnicast = "FE80::/10" |
There was a problem hiding this comment.
All the variables should use camelcase
pkg/util/net.go
Outdated
| func CheckCIDRSpec(cidr string) error { | ||
| for _, cidrBlock := range strings.Split(cidr, ",") { | ||
| if CheckSupCIDROverlap(cidrBlock, IPv4bcast) { | ||
| return fmt.Errorf("%s conflict with v4 boardcast cidr %s", cidr, IPv4bcast) |
pkg/util/net.go
Outdated
| return fmt.Errorf("%s conflict with v4 localnet cidr %s", cidr, IPv4zero) | ||
| } | ||
| if CheckSupCIDROverlap(cidrBlock, IPv4LinkLocalUnicast) { | ||
| return fmt.Errorf("%s conflict with v4 locallink cidr %s", cidr, IPv4LinkLocalUnicast) |
pkg/util/net.go
Outdated
| return fmt.Errorf("%s conflict with vv6 multicast cidr %s", cidr, IPV6Multicast) | ||
| } | ||
| if CheckSupCIDROverlap(cidrBlock, IPv6linkLocalUnicast) { | ||
| return fmt.Errorf("%s conflict with v6 locallink cidr %s", cidr, IPv6linkLocalUnicast) |
pkg/util/net.go
Outdated
| return nil | ||
| } | ||
|
|
||
| func CheckCIDRsAll(cidrs []string) error { |
There was a problem hiding this comment.
CheckCIDRsAll -> CheckSystemCIDR
pkg/util/net.go
Outdated
Comment on lines
491
to
498
| if i == (lenth - 1) { | ||
| break | ||
| } | ||
| c := i + 1 | ||
| for c < lenth { | ||
| if CheckSupCIDROverlap(cidr, cidrs[c]) { | ||
| err := fmt.Errorf("cidr %s is conflict with cidr %s", cidr, cidrs[c]) | ||
| return err | ||
| } | ||
| c += 1 | ||
| } |
There was a problem hiding this comment.
Suggested change
| if i == (lenth - 1) { | |
| break | |
| } | |
| c := i + 1 | |
| for c < lenth { | |
| if CheckSupCIDROverlap(cidr, cidrs[c]) { | |
| err := fmt.Errorf("cidr %s is conflict with cidr %s", cidr, cidrs[c]) | |
| return err | |
| } | |
| c += 1 | |
| } | |
| for j := range cidrs { | |
| if j == i { | |
| continue | |
| } | |
| if CheckSupCIDROverlap(cidr, cidrs[c]) { | |
| err := fmt.Errorf("cidr %s is conflict with cidr %s", cidr, cidrs[c]) | |
| return err | |
| } | |
| } |
oilbeater
requested changes
Aug 31, 2022
pkg/util/net.go
Outdated
Comment on lines
19
to
20
| IPV4Multicast = "224.0.0.0/4" | ||
| IPV4Loopback = "127.0.0.1/8" |
pkg/util/net.go
Outdated
|
|
||
| IPv6Unspecified = "::/128" | ||
| IPv6Loopback = "::1/128" | ||
| IPV6Multicast = "ff00::/8" |
pkg/util/net.go
Outdated
| return fmt.Errorf("%s conflict with v6 loopback cidr %s", cidr, IPv6Loopback) | ||
| } | ||
| if CIDROverlap(cidrBlock, IPV6Multicast) { | ||
| return fmt.Errorf("%s conflict with vv6 multicast cidr %s", cidr, IPV6Multicast) |
pkg/controller/config.go
Outdated
| @@ -249,6 +249,10 @@ func ParseFlags() (*Configuration, error) { | |||
| return nil, err | |||
| } | |||
|
|
|||
| if err := util.CheckSystemCIDR([]string{config.NodeSwitchCIDR, config.DefaultCIDR, config.ServiceClusterIPRange}); err != nil { | |||
| return nil, err | |||
There was a problem hiding this comment.
klog.Errorf("check system cidr failed, %v", err)
oilbeater
approved these changes
Aug 31, 2022
lut777
added a commit
that referenced
this pull request
Aug 31, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of this PR
Examples of user facing changes:
Now controller will check network CIDRs before initialization, and illegal CIDR will lead to fatal error.
Which issue(s) this PR fixes:
Fixes #1813