Merge pull request #55578 from xiangpengzhao/validatePodCidr

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Validate podCIDR of node spec. **Release note**: ```release-note NONE ```
2017-11-14 23:12:58 -08:00
parent ebe8ea73fd f903b7a85c
commit 86480fc0af
3 changed files with 53 additions and 14 deletions
--- a/pkg/apis/core/validation/validation.go
+++ b/pkg/apis/core/validation/validation.go
@@ -3532,7 +3532,12 @@ func ValidateNode(node *core.Node) field.ErrorList {
 		allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "configSource"), "configSource may only be set if the DynamicKubeletConfig feature gate is enabled)"))
 	}

-	// TODO(rjnagal): Ignore PodCIDR till its completely implemented.
+	if len(node.Spec.PodCIDR) != 0 {
+		_, err := ValidateCIDR(node.Spec.PodCIDR)
+		if err != nil {
+			allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "podCIDR"), node.Spec.PodCIDR, "not a valid CIDR"))
+		}
+	}
 	return allErrs
 }

@@ -4526,3 +4531,12 @@ func validateStorageNodeAffinityAnnotation(annotations map[string]string, fldPat
 	}
 	return policySpecified, allErrs
 }
+
+// ValidateCIDR validates whether a CIDR matches the conventions expected by net.ParseCIDR
+func ValidateCIDR(cidr string) (*net.IPNet, error) {
+	_, net, err := net.ParseCIDR(cidr)
+	if err != nil {
+		return nil, err
+	}
+	return net, nil
+}