From 3c33ceab04334aa110d5413c69b10c0c183f2a9b Mon Sep 17 00:00:00 2001
From: pacoxu <paco.xu@daocloud.io>
Date: Mon, 1 Mar 2021 14:17:18 +0800
Subject: [PATCH] log a warning if ipv6 site-local addresses is using as it
 shouldn't be deprecated

Signed-off-by: pacoxu <paco.xu@daocloud.io>
Co-authored-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
Co-authored-by: Lubomir I. Ivanov <neolit123@gmail.com>
---
 cmd/kubeadm/app/apis/kubeadm/validation/validation.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go
index 28203e2b67b..fb3329a3aac 100644
--- a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go
+++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go
@@ -32,6 +32,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	bootstrapapi "k8s.io/cluster-bootstrap/token/api"
 	bootstraputil "k8s.io/cluster-bootstrap/token/util"
+	"k8s.io/klog/v2"
 	"k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
 	kubeadmapiv1beta2 "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2"
 	kubeadmcmdoptions "k8s.io/kubernetes/cmd/kubeadm/app/cmd/options"
@@ -399,6 +400,12 @@ func ValidateIPNetFromString(subnetStr string, minAddrs int64, isDualStack bool,
 		if numAddresses < minAddrs {
 			allErrs = append(allErrs, field.Invalid(fldPath, s.String(), fmt.Sprintf("subnet with %d address(es) is too small, the minimum is %d", numAddresses, minAddrs)))
 		}
+
+		// Warn when the subnet is in site-local range - i.e. contains addresses that belong to fec0::/10
+		_, siteLocalNet, _ := net.ParseCIDR("fec0::/10")
+		if siteLocalNet.Contains(s.IP) || s.Contains(siteLocalNet.IP) {
+			klog.Warningf("the subnet %v contains IPv6 site-local addresses that belong to fec0::/10 which has been deprecated by rfc3879", s)
+		}
 	}
 	return allErrs
 }