Merge pull request #53749 from dims/relax-cluster-cidr-validation

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Parse cluster-cidr only if it is specified

xref https://github.com/kubernetes/kubernetes/issues/53570#issuecomment-335943956



**What this PR does / why we need it**:

In iptables/proxier.go, there is code to check the length of the
CIDR and setup nat/iptables only if the length of the string is
greater than zero. However in PR #49087, strong validation was
added so kube proxy currently bails out and basically mandates
a valid cidr has to be specified. Let us go back to the earlier
behavior.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```

cmd/kube-proxy/app/validation.go

@@ -58,9 +58,11 @@ func Validate(config *componentconfig.KubeProxyConfiguration) field.ErrorList {
 	allErrs = append(allErrs, validateHostPort(config.HealthzBindAddress, newPath.Child("HealthzBindAddress"))...)
 	allErrs = append(allErrs, validateHostPort(config.MetricsBindAddress, newPath.Child("MetricsBindAddress"))...)
 
+	if config.ClusterCIDR != "" {
 		if _, _, err := net.ParseCIDR(config.ClusterCIDR); err != nil {
 			allErrs = append(allErrs, field.Invalid(newPath.Child("ClusterCIDR"), config.ClusterCIDR, "must be a valid CIDR block (e.g. 10.100.0.0/16)"))
 		}
+	}
 
 	if _, err := utilnet.ParsePortRange(config.PortRange); err != nil {
 		allErrs = append(allErrs, field.Invalid(newPath.Child("PortRange"), config.PortRange, "must be a valid port range (e.g. 300-2000)"))