github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
818925cc25
kubernetes/pkg/cloudprovider/utils.go
Justin Santa Barbara 818925cc25 Openstack null-support for load balancer source 
We return an error if the user specifies a non 0.0.0.0/0 load balancer
source restriction on OpenStack, where we can't enforce the restriction
(currently).
2016-02-29 19:32:15 -05:00

100 lines
2.5 KiB
Go
Raw Blame History

/*
Copyright 2016 The Kubernetes Authors All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package cloudprovider
import (
"fmt"
"net"
"strings"
)
const (
defaultLBSourceRange = "0.0.0.0/0"
)
type IPNetSet map[string]*net.IPNet
func ParseIPNetSet(specs []string) (IPNetSet, error) {
ipnetset := make(IPNetSet)
for _, spec := range specs {
spec = strings.TrimSpace(spec)
_, ipnet, err := net.ParseCIDR(spec)
if err != nil {
return nil, err
}
k := ipnet.String() // In case of normalization
ipnetset[k] = ipnet
}
return ipnetset, nil
}
// StringSlice returns a []string with the String representation of each element in the set.
// Order is undefined.
func (s IPNetSet) StringSlice() []string {
a := make([]string, 0, len(s))
for k := range s {
a = append(a, k)
}
return a
}
// Equal checks if two IPNetSets are equal (ignoring order)
func (l IPNetSet) Equal(r IPNetSet) bool {
if len(l) != len(r) {
return false
}
for k := range l {
_, found := r[k]
if !found {
return false
}
}
return true
}
// Len returns the size of the set.
func (s IPNetSet) Len() int {
return len(s)
}
// GetSourceRangeAnnotations verifies and parses the LBAnnotationAllowSourceRange annotation from a service,
// extracting the source ranges to allow, and if not present returns a default (allow-all) value.
func GetSourceRangeAnnotations(annotation map[string]string) (IPNetSet, error) {
val := annotation[LBAnnotationAllowSourceRange]
val = strings.TrimSpace(val)
if val == "" {
val = defaultLBSourceRange
}
specs := strings.Split(val, ",")
ipnets, err := ParseIPNetSet(specs)
if err != nil {
return nil, fmt.Errorf("Service annotation %s:%s is not valid. Expecting a comma-separated list of source IP ranges. For example, 10.0.0.0/24,192.168.2.0/24", LBAnnotationAllowSourceRange, val)
}
return ipnets, nil
}
// IsAllowAll checks whether the IPNetSet contains the default allow-all policy
func IsAllowAll(ipnets IPNetSet) bool {
for _, s := range ipnets.StringSlice() {
if s == "0.0.0.0/0" {
return true
}
}
return false
}
Reference in New Issue View Git Blame Copy Permalink