From 3c9fd43385a526fe3451dcfc6a2b90ee8f0876e7 Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Wed, 11 Oct 2017 16:48:48 -0400 Subject: [PATCH] Parse cluster-cidr only if it is specified In iptables/proxier.go, there is code to check the length of the CIDR and setup nat/iptables only if the length of the string is greater than zero. However in PR #49087, strong validation was added so kube proxy currently bails out and basically mandates a valid cidr has to be specified. Let us go back to the earlier behavior. --- cmd/kube-proxy/app/validation.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cmd/kube-proxy/app/validation.go b/cmd/kube-proxy/app/validation.go index 4b3715db211..f899bd35c71 100644 --- a/cmd/kube-proxy/app/validation.go +++ b/cmd/kube-proxy/app/validation.go @@ -58,8 +58,10 @@ func Validate(config *componentconfig.KubeProxyConfiguration) field.ErrorList { allErrs = append(allErrs, validateHostPort(config.HealthzBindAddress, newPath.Child("HealthzBindAddress"))...) allErrs = append(allErrs, validateHostPort(config.MetricsBindAddress, newPath.Child("MetricsBindAddress"))...) - if _, _, err := net.ParseCIDR(config.ClusterCIDR); err != nil { - allErrs = append(allErrs, field.Invalid(newPath.Child("ClusterCIDR"), config.ClusterCIDR, "must be a valid CIDR block (e.g. 10.100.0.0/16)")) + if config.ClusterCIDR != "" { + if _, _, err := net.ParseCIDR(config.ClusterCIDR); err != nil { + allErrs = append(allErrs, field.Invalid(newPath.Child("ClusterCIDR"), config.ClusterCIDR, "must be a valid CIDR block (e.g. 10.100.0.0/16)")) + } } if _, err := utilnet.ParsePortRange(config.PortRange); err != nil {