Skip to content

Commit b3e0768

Browse files
aaurenaauren
committed
fix(options): make clusterIP specification similar to other options
1 parent a31511d commit b3e0768

File tree

4 files changed

+37
-43
lines changed

4 files changed

+37
-43
lines changed

docs/user-guide.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ Usage of kube-router:
9393
--run-router Enables Pod Networking -- Advertises and learns the routes to Pods via iBGP. (default true)
9494
--run-service-proxy Enables Service Proxy -- sets up IPVS for Kubernetes Services. (default true)
9595
--runtime-endpoint string Path to CRI compatible container runtime socket (used for DSR mode). Currently known working with containerd.
96-
--service-cluster-ip-range string CIDR value from which service cluster IPs are assigned. If dual-stack is used, this can be a comma-separated list of CIDR value. Default: 10.96.0.0/12 (default "10.96.0.0/12")
96+
--service-cluster-ip-range strings CIDR values from which service cluster IPs are assigned (can be specified up to 2 times) (default [10.96.0.0/12])
9797
--service-external-ip-range strings Specify external IP CIDRs that are used for inter-cluster communication (can be specified multiple times)
9898
--service-node-port-range string NodePort range specified with either a hyphen or colon (default "30000-32767")
9999
-v, --v string log level for V logs (default "0")

pkg/controllers/netpol/network_policy_controller.go

+5-10
Original file line numberDiff line numberDiff line change
@@ -741,16 +741,11 @@ func NewNetworkPolicyController(clientset kubernetes.Interface,
741741
npc.fullSyncRequestChan = make(chan struct{}, 1)
742742

743743
// Validate and parse ClusterIP service range
744-
if config.ClusterIPCIDR == "" {
745-
return nil, fmt.Errorf("parameter --service-cluster-ip-range is empty")
746-
}
747-
clusterIPCIDRList := strings.Split(config.ClusterIPCIDR, ",")
748-
749-
if len(clusterIPCIDRList) == 0 {
744+
if len(config.ClusterIPCIDRs) == 0 {
750745
return nil, fmt.Errorf("failed to get parse --service-cluster-ip-range parameter, the list is empty")
751746
}
752747

753-
_, primaryIpnet, err := net.ParseCIDR(strings.TrimSpace(clusterIPCIDRList[0]))
748+
_, primaryIpnet, err := net.ParseCIDR(strings.TrimSpace(config.ClusterIPCIDRs[0]))
754749
if err != nil {
755750
return nil, fmt.Errorf("failed to get parse --service-cluster-ip-range parameter: %w", err)
756751
}
@@ -770,9 +765,9 @@ func NewNetworkPolicyController(clientset kubernetes.Interface,
770765
}
771766
}
772767

773-
if len(clusterIPCIDRList) > 1 {
768+
if len(config.ClusterIPCIDRs) > 1 {
774769
if config.EnableIPv4 && config.EnableIPv6 {
775-
_, secondaryIpnet, err := net.ParseCIDR(strings.TrimSpace(clusterIPCIDRList[1]))
770+
_, secondaryIpnet, err := net.ParseCIDR(strings.TrimSpace(config.ClusterIPCIDRs[1]))
776771
if err != nil {
777772
return nil, fmt.Errorf("failed to get parse --service-cluster-ip-range parameter: %v", err)
778773
}
@@ -791,7 +786,7 @@ func NewNetworkPolicyController(clientset kubernetes.Interface,
791786
"dual-stack must be enabled to provide two addresses")
792787
}
793788
}
794-
if len(clusterIPCIDRList) > 2 {
789+
if len(config.ClusterIPCIDRs) > 2 {
795790
return nil, fmt.Errorf("too many CIDRs provided in --service-cluster-ip-range parameter, only two " +
796791
"addresses are allowed at once for dual-stack")
797792
}

pkg/controllers/netpol/network_policy_controller_test.go

+27-27
Original file line numberDiff line numberDiff line change
@@ -275,10 +275,10 @@ func testForMissingOrUnwanted(t *testing.T, targetMsg string, got []podInfo, wan
275275
}
276276
}
277277

278-
func newMinimalKubeRouterConfig(clusterIPCIDR string, nodePortRange string, hostNameOverride string, externalIPs []string, enableIPv6 bool) *options.KubeRouterConfig {
278+
func newMinimalKubeRouterConfig(clusterIPCIDRs []string, nodePortRange string, hostNameOverride string, externalIPs []string, enableIPv6 bool) *options.KubeRouterConfig {
279279
kubeConfig := options.NewKubeRouterConfig()
280-
if clusterIPCIDR != "" {
281-
kubeConfig.ClusterIPCIDR = clusterIPCIDR
280+
if len(clusterIPCIDRs) > 0 && clusterIPCIDRs[0] != "" {
281+
kubeConfig.ClusterIPCIDRs = clusterIPCIDRs
282282
}
283283
if nodePortRange != "" {
284284
kubeConfig.NodePortRange = nodePortRange
@@ -750,145 +750,145 @@ func TestNetworkPolicyController(t *testing.T) {
750750
testCases := []tNetPolConfigTestCase{
751751
{
752752
"Default options are successful",
753-
newMinimalKubeRouterConfig("", "", "node", nil, false),
753+
newMinimalKubeRouterConfig([]string{""}, "", "node", nil, false),
754754
false,
755755
"",
756756
},
757757
{
758758
"Missing nodename fails appropriately",
759-
newMinimalKubeRouterConfig("", "", "", nil, false),
759+
newMinimalKubeRouterConfig([]string{""}, "", "", nil, false),
760760
true,
761761
"failed to identify the node by NODE_NAME, hostname or --hostname-override",
762762
},
763763
{
764764
"Test bad cluster CIDR (not properly formatting ip address)",
765-
newMinimalKubeRouterConfig("10.10.10", "", "node", nil, false),
765+
newMinimalKubeRouterConfig([]string{"10.10.10"}, "", "node", nil, false),
766766
true,
767767
"failed to get parse --service-cluster-ip-range parameter: invalid CIDR address: 10.10.10",
768768
},
769769
{
770770
"Test bad cluster CIDR (not using an ip address)",
771-
newMinimalKubeRouterConfig("foo", "", "node", nil, false),
771+
newMinimalKubeRouterConfig([]string{"foo"}, "", "node", nil, false),
772772
true,
773773
"failed to get parse --service-cluster-ip-range parameter: invalid CIDR address: foo",
774774
},
775775
{
776776
"Test bad cluster CIDR (using an ip address that is not a CIDR)",
777-
newMinimalKubeRouterConfig("10.10.10.10", "", "node", nil, false),
777+
newMinimalKubeRouterConfig([]string{"10.10.10.10"}, "", "node", nil, false),
778778
true,
779779
"failed to get parse --service-cluster-ip-range parameter: invalid CIDR address: 10.10.10.10",
780780
},
781781
{
782782
"Test bad cluster CIDRs (using more than 2 ip addresses, including 2 ipv4)",
783-
newMinimalKubeRouterConfig("10.96.0.0/12,10.244.0.0/16,2001:db8:42:1::/112", "", "node", nil, false),
783+
newMinimalKubeRouterConfig([]string{"10.96.0.0/12", "10.244.0.0/16", "2001:db8:42:1::/112"}, "", "node", nil, false),
784784
true,
785785
"too many CIDRs provided in --service-cluster-ip-range parameter: dual-stack must be enabled to provide two addresses",
786786
},
787787
{
788788
"Test bad cluster CIDRs (using more than 2 ip addresses, including 2 ipv6)",
789-
newMinimalKubeRouterConfig("10.96.0.0/12,2001:db8:42:0::/56,2001:db8:42:1::/112", "", "node", nil, false),
789+
newMinimalKubeRouterConfig([]string{"10.96.0.0/12", "2001:db8:42:0::/56", "2001:db8:42:1::/112"}, "", "node", nil, false),
790790
true,
791791
"too many CIDRs provided in --service-cluster-ip-range parameter: dual-stack must be enabled to provide two addresses",
792792
},
793793
{
794794
"Test good cluster CIDR (using single IP with a /32)",
795-
newMinimalKubeRouterConfig("10.10.10.10/32", "", "node", nil, false),
795+
newMinimalKubeRouterConfig([]string{"10.10.10.10/32"}, "", "node", nil, false),
796796
false,
797797
"",
798798
},
799799
{
800800
"Test good cluster CIDR (using normal range with /24)",
801-
newMinimalKubeRouterConfig("10.10.10.0/24", "", "node", nil, false),
801+
newMinimalKubeRouterConfig([]string{"10.10.10.0/24"}, "", "node", nil, false),
802802
false,
803803
"",
804804
},
805805
{
806806
"Test good cluster CIDR (using ipv6)",
807-
newMinimalKubeRouterConfig("2001:db8:42:1::/112", "", "node", []string{"2001:db8:42:1::/112"}, true),
807+
newMinimalKubeRouterConfig([]string{"2001:db8:42:1::/112"}, "", "node", []string{"2001:db8:42:1::/112"}, true),
808808
false,
809809
"",
810810
},
811811
{
812812
"Test good cluster CIDRs (with dual-stack)",
813-
newMinimalKubeRouterConfig("10.96.0.0/12,2001:db8:42:1::/112", "", "node", []string{"10.96.0.0/12", "2001:db8:42:1::/112"}, true),
813+
newMinimalKubeRouterConfig([]string{"10.96.0.0/12", "2001:db8:42:1::/112"}, "", "node", []string{"10.96.0.0/12", "2001:db8:42:1::/112"}, true),
814814
false,
815815
"",
816816
},
817817
{
818818
"Test bad node port specification (using commas)",
819-
newMinimalKubeRouterConfig("", "8080,8081", "node", nil, false),
819+
newMinimalKubeRouterConfig([]string{""}, "8080,8081", "node", nil, false),
820820
true,
821821
"failed to parse node port range given: '8080,8081' please see specification in help text",
822822
},
823823
{
824824
"Test bad node port specification (not using numbers)",
825-
newMinimalKubeRouterConfig("", "foo:bar", "node", nil, false),
825+
newMinimalKubeRouterConfig([]string{""}, "foo:bar", "node", nil, false),
826826
true,
827827
"failed to parse node port range given: 'foo:bar' please see specification in help text",
828828
},
829829
{
830830
"Test bad node port specification (using anything in addition to range)",
831-
newMinimalKubeRouterConfig("", "8080,8081-8090", "node", nil, false),
831+
newMinimalKubeRouterConfig([]string{""}, "8080,8081-8090", "node", nil, false),
832832
true,
833833
"failed to parse node port range given: '8080,8081-8090' please see specification in help text",
834834
},
835835
{
836836
"Test bad node port specification (using reversed range)",
837-
newMinimalKubeRouterConfig("", "8090-8080", "node", nil, false),
837+
newMinimalKubeRouterConfig([]string{""}, "8090-8080", "node", nil, false),
838838
true,
839839
"port 1 is greater than or equal to port 2 in range given: '8090-8080'",
840840
},
841841
{
842842
"Test bad node port specification (port out of available range)",
843-
newMinimalKubeRouterConfig("", "132000-132001", "node", nil, false),
843+
newMinimalKubeRouterConfig([]string{""}, "132000-132001", "node", nil, false),
844844
true,
845845
"could not parse first port number from range given: '132000-132001'",
846846
},
847847
{
848848
"Test good node port specification (using colon separator)",
849-
newMinimalKubeRouterConfig("", "8080:8090", "node", nil, false),
849+
newMinimalKubeRouterConfig([]string{""}, "8080:8090", "node", nil, false),
850850
false,
851851
"",
852852
},
853853
{
854854
"Test good node port specification (using hyphen separator)",
855-
newMinimalKubeRouterConfig("", "8080-8090", "node", nil, false),
855+
newMinimalKubeRouterConfig([]string{""}, "8080-8090", "node", nil, false),
856856
false,
857857
"",
858858
},
859859
{
860860
"Test bad external IP CIDR (not properly formatting ip address)",
861-
newMinimalKubeRouterConfig("", "", "node", []string{"199.10.10"}, false),
861+
newMinimalKubeRouterConfig([]string{""}, "", "node", []string{"199.10.10"}, false),
862862
true,
863863
"failed to get parse --service-external-ip-range parameter: '199.10.10'. Error: invalid CIDR address: 199.10.10",
864864
},
865865
{
866866
"Test bad external IP CIDR (not using an ip address)",
867-
newMinimalKubeRouterConfig("", "", "node", []string{"foo"}, false),
867+
newMinimalKubeRouterConfig([]string{""}, "", "node", []string{"foo"}, false),
868868
true,
869869
"failed to get parse --service-external-ip-range parameter: 'foo'. Error: invalid CIDR address: foo",
870870
},
871871
{
872872
"Test bad external IP CIDR (using an ip address that is not a CIDR)",
873-
newMinimalKubeRouterConfig("", "", "node", []string{"199.10.10.10"}, false),
873+
newMinimalKubeRouterConfig([]string{""}, "", "node", []string{"199.10.10.10"}, false),
874874
true,
875875
"failed to get parse --service-external-ip-range parameter: '199.10.10.10'. Error: invalid CIDR address: 199.10.10.10",
876876
},
877877
{
878878
"Test bad external IP CIDR (making sure that it processes all items in the list)",
879-
newMinimalKubeRouterConfig("", "", "node", []string{"199.10.10.10/32", "199.10.10.11"}, false),
879+
newMinimalKubeRouterConfig([]string{""}, "", "node", []string{"199.10.10.10/32", "199.10.10.11"}, false),
880880
true,
881881
"failed to get parse --service-external-ip-range parameter: '199.10.10.11'. Error: invalid CIDR address: 199.10.10.11",
882882
},
883883
{
884884
"Test good external IP CIDR (using single IP with a /32)",
885-
newMinimalKubeRouterConfig("", "", "node", []string{"199.10.10.10/32"}, false),
885+
newMinimalKubeRouterConfig([]string{""}, "", "node", []string{"199.10.10.10/32"}, false),
886886
false,
887887
"",
888888
},
889889
{
890890
"Test good external IP CIDR (using normal range with /24)",
891-
newMinimalKubeRouterConfig("", "", "node", []string{"199.10.10.10/24"}, false),
891+
newMinimalKubeRouterConfig([]string{""}, "", "node", []string{"199.10.10.10/24"}, false),
892892
false,
893893
"",
894894
},

pkg/options/options.go

+4-5
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ type KubeRouterConfig struct {
2828
CacheSyncTimeout time.Duration
2929
CleanupConfig bool
3030
ClusterAsn uint
31-
ClusterIPCIDR string
31+
ClusterIPCIDRs []string
3232
DisableSrcDstCheck bool
3333
EnableCNI bool
3434
EnableiBGP bool
@@ -84,7 +84,7 @@ func NewKubeRouterConfig() *KubeRouterConfig {
8484
BGPGracefulRestartTime: 90 * time.Second,
8585
BGPHoldTime: 90 * time.Second,
8686
CacheSyncTimeout: 1 * time.Minute,
87-
ClusterIPCIDR: "10.96.0.0/12",
87+
ClusterIPCIDRs: []string{"10.96.0.0/12"},
8888
EnableOverlay: true,
8989
IPTablesSyncPeriod: 5 * time.Minute,
9090
IpvsGracefulPeriod: 30 * time.Second,
@@ -215,9 +215,8 @@ func (s *KubeRouterConfig) AddFlags(fs *pflag.FlagSet) {
215215
fs.StringVar(&s.RuntimeEndpoint, "runtime-endpoint", "",
216216
"Path to CRI compatible container runtime socket (used for DSR mode). Currently known working with "+
217217
"containerd.")
218-
fs.StringVar(&s.ClusterIPCIDR, "service-cluster-ip-range", s.ClusterIPCIDR,
219-
"CIDR value from which service cluster IPs are assigned. "+
220-
"If dual-stack is used, this can be a comma-separated list of CIDR value. Default: 10.96.0.0/12")
218+
fs.StringSliceVar(&s.ClusterIPCIDRs, "service-cluster-ip-range", s.ClusterIPCIDRs,
219+
"CIDR values from which service cluster IPs are assigned (can be specified up to 2 times)")
221220
fs.StringSliceVar(&s.ExternalIPCIDRs, "service-external-ip-range", s.ExternalIPCIDRs,
222221
"Specify external IP CIDRs that are used for inter-cluster communication "+
223222
"(can be specified multiple times)")

0 commit comments

Comments
 (0)