func (d *ServiceExternalIPs) Check() types.DiagnosticResult {
r := types.NewDiagnosticResult(ServiceExternalIPsName)
masterConfig, err := hostdiag.GetMasterConfig(r, d.MasterConfigFile)
if err != nil {
r.Info("DH2004", "Unreadable master config; skipping this diagnostic.")
return r
}
admit, reject := []*net.IPNet{}, []*net.IPNet{}
if cidrs := masterConfig.NetworkConfig.ExternalIPNetworkCIDRs; cidrs != nil {
reject, admit, err = admission.ParseCIDRRules(cidrs)
if err != nil {
r.Error("DH2007", err, fmt.Sprintf("Could not parse master config NetworkConfig.ExternalIPNetworkCIDRs: (%[1]T) %[1]v", err))
return r
}
}
services, err := d.KclusterClient.Services("").List(kapi.ListOptions{})
if err != nil {
r.Error("DH2005", err, fmt.Sprintf("Error while listing cluster services: (%[1]T) %[1]v", err))
return r
}
errList := []string{}
for _, service := range services.Items {
if len(service.Spec.ExternalIPs) == 0 {
continue
}
if len(admit) == 0 {
errList = append(errList, fmt.Sprintf("Service %s.%s specifies ExternalIPs %v, but none are permitted.", service.Namespace, service.Name, service.Spec.ExternalIPs))
continue
}
for _, ipString := range service.Spec.ExternalIPs {
ip := net.ParseIP(ipString)
if ip == nil {
continue // we don't really care for the purposes of this diagnostic
}
if admission.NetworkSlice(reject).Contains(ip) || !admission.NetworkSlice(admit).Contains(ip) {
errList = append(errList, fmt.Sprintf("Service %s.%s specifies ExternalIP %s that is not permitted by the master ExternalIPNetworkCIDRs setting.", service.Namespace, service.Name, ipString))
}
}
}
if len(errList) > 0 {
r.Error("DH2006", nil, `The following problems were found with service ExternalIPs in the cluster.
These services were created before the master ExternalIPNetworkCIDRs setting changed to exclude them.
The default ExternalIPNetworkCIDRs now excludes all ExternalIPs on services.
`+strings.Join(errList, "\n"))
}
return r
}
func (d *AggregatedLogging) CanRun() (bool, error) {
if len(d.MasterConfigFile) == 0 {
return false, errors.New("No master config file was provided")
}
if d.OsClient == nil {
return false, errors.New("Config must include a cluster-admin context to run this diagnostic")
}
if d.KubeClient == nil {
return false, errors.New("Config must include a cluster-admin context to run this diagnostic")
}
var err error
d.masterConfig, err = hostdiag.GetMasterConfig(d.result, d.MasterConfigFile)
if err != nil {
return false, errors.New("Unreadable master config; skipping this diagnostic.")
}
return true, nil
}
func (d *AggregatedLogging) CanRun() (bool, error) {
if len(d.MasterConfigFile) == 0 {
return false, errors.New("No master config file was provided")
}
if d.OsClient == nil {
return false, errors.New("Config must include a cluster-admin context to run this diagnostic")
}
if d.KubeClient == nil {
return false, errors.New("Config must include a cluster-admin context to run this diagnostic")
}
var err error
d.masterConfig, err = hostdiag.GetMasterConfig(d.result, d.MasterConfigFile)
if err != nil {
return false, errors.New("Master configuration is unreadable")
}
if d.masterConfig.AssetConfig.LoggingPublicURL == "" {
return false, errors.New("No LoggingPublicURL is defined in the master configuration")
}
return true, nil
}
