func (oc *OsdnController) validateNetworkConfig(clusterNetwork, serviceNetwork *net.IPNet) error {
// TODO: Instead of hardcoding 'tun0' and 'lbr0', get it from common place.
// This will ensure both the kube/multitenant scripts and master validations use the same name.
hostIPNets, err := netutils.GetHostIPNetworks([]string{"tun0", "lbr0"})
if err != nil {
return err
}
errList := []error{}
// Ensure cluster and service network don't overlap with host networks
for _, ipNet := range hostIPNets {
if ipNet.Contains(clusterNetwork.IP) {
errList = append(errList, fmt.Errorf("Error: Cluster IP: %s conflicts with host network: %s", clusterNetwork.IP.String(), ipNet.String()))
}
if clusterNetwork.Contains(ipNet.IP) {
errList = append(errList, fmt.Errorf("Error: Host network with IP: %s conflicts with cluster network: %s", ipNet.IP.String(), clusterNetwork.String()))
}
if ipNet.Contains(serviceNetwork.IP) {
errList = append(errList, fmt.Errorf("Error: Service IP: %s conflicts with host network: %s", serviceNetwork.String(), ipNet.String()))
}
if serviceNetwork.Contains(ipNet.IP) {
errList = append(errList, fmt.Errorf("Error: Host network with IP: %s conflicts with service network: %s", ipNet.IP.String(), serviceNetwork.String()))
}
}
// Ensure each host subnet is within the cluster network
subnets, err := oc.Registry.GetSubnets()
if err != nil {
return fmt.Errorf("Error in initializing/fetching subnets: %v", err)
}
for _, sub := range subnets {
subnetIP, _, err := net.ParseCIDR(sub.Subnet)
if err != nil {
errList = append(errList, fmt.Errorf("Failed to parse network address: %s", sub.Subnet))
continue
}
if !clusterNetwork.Contains(subnetIP) {
errList = append(errList, fmt.Errorf("Error: Existing node subnet: %s is not part of cluster network: %s", sub.Subnet, clusterNetwork.String()))
}
}
// Ensure each service is within the services network
services, err := oc.Registry.GetServices()
if err != nil {
return err
}
for _, svc := range services {
if !serviceNetwork.Contains(net.ParseIP(svc.Spec.ClusterIP)) {
errList = append(errList, fmt.Errorf("Error: Existing service with IP: %s is not part of service network: %s", svc.Spec.ClusterIP, serviceNetwork.String()))
}
}
return kerrors.NewAggregate(errList)
}
func (master *OsdnMaster) validateNetworkConfig(ni *NetworkInfo) error {
hostIPNets, err := netutils.GetHostIPNetworks([]string{TUN, LBR})
if err != nil {
return err
}
errList := []error{}
// Ensure cluster and service network don't overlap with host networks
for _, ipNet := range hostIPNets {
if ipNet.Contains(ni.ClusterNetwork.IP) {
errList = append(errList, fmt.Errorf("Error: Cluster IP: %s conflicts with host network: %s", ni.ClusterNetwork.IP.String(), ipNet.String()))
}
if ni.ClusterNetwork.Contains(ipNet.IP) {
errList = append(errList, fmt.Errorf("Error: Host network with IP: %s conflicts with cluster network: %s", ipNet.IP.String(), ni.ClusterNetwork.String()))
}
if ipNet.Contains(ni.ServiceNetwork.IP) {
errList = append(errList, fmt.Errorf("Error: Service IP: %s conflicts with host network: %s", ni.ServiceNetwork.String(), ipNet.String()))
}
if ni.ServiceNetwork.Contains(ipNet.IP) {
errList = append(errList, fmt.Errorf("Error: Host network with IP: %s conflicts with service network: %s", ipNet.IP.String(), ni.ServiceNetwork.String()))
}
}
// Ensure each host subnet is within the cluster network
subnets, err := master.registry.GetSubnets()
if err != nil {
return fmt.Errorf("Error in initializing/fetching subnets: %v", err)
}
for _, sub := range subnets {
subnetIP, _, err := net.ParseCIDR(sub.Subnet)
if err != nil {
errList = append(errList, fmt.Errorf("Failed to parse network address: %s", sub.Subnet))
continue
}
if !ni.ClusterNetwork.Contains(subnetIP) {
errList = append(errList, fmt.Errorf("Error: Existing node subnet: %s is not part of cluster network: %s", sub.Subnet, ni.ClusterNetwork.String()))
}
}
// Ensure each service is within the services network
services, err := master.registry.GetServices()
if err != nil {
return err
}
for _, svc := range services {
if !ni.ServiceNetwork.Contains(net.ParseIP(svc.Spec.ClusterIP)) {
errList = append(errList, fmt.Errorf("Error: Existing service with IP: %s is not part of service network: %s", svc.Spec.ClusterIP, ni.ServiceNetwork.String()))
}
}
return kerrors.NewAggregate(errList)
}
func (oc *OvsController) validateNetworkConfig(clusterNetworkCIDR, serviceNetworkCIDR string, subnetsInUse []string) error {
// TODO: Instead of hardcoding 'tun0' and 'lbr0', get it from common place.
// This will ensure both the kube/multitenant scripts and master validations use the same name.
hostIPNets, err := netutils.GetHostIPNetworks([]string{"tun0", "lbr0"})
if err != nil {
return err
}
errList := []error{}
if err := oc.validateClusterNetwork(clusterNetworkCIDR, subnetsInUse, hostIPNets); err != nil {
errList = append(errList, err)
}
if err := oc.validateServiceNetwork(serviceNetworkCIDR, hostIPNets); err != nil {
errList = append(errList, err)
}
return kerrors.NewAggregate(errList)
}