diff --git a/pkg/proxy/ipvs/proxier.go b/pkg/proxy/ipvs/proxier.go index 2d8796ae480..9b6f66ad14e 100644 --- a/pkg/proxy/ipvs/proxier.go +++ b/pkg/proxy/ipvs/proxier.go @@ -327,21 +327,6 @@ func (r *realIPGetter) BindedIPs() (sets.String, error) { // Proxier implements proxy.Provider var _ proxy.Provider = &Proxier{} -// parseExcludedCIDRs parses the input strings and returns net.IPNet -// The validation has been done earlier so the error condition will never happen under normal conditions -func parseExcludedCIDRs(excludeCIDRs []string) []*net.IPNet { - var cidrExclusions []*net.IPNet - for _, excludedCIDR := range excludeCIDRs { - _, n, err := net.ParseCIDR(excludedCIDR) - if err != nil { - klog.Errorf("Error parsing exclude CIDR %q, err: %v", excludedCIDR, err) - continue - } - cidrExclusions = append(cidrExclusions, n) - } - return cidrExclusions -} - // NewProxier returns a new Proxier given an iptables and ipvs Interface instance. // Because of the iptables and ipvs logic, it is assumed that there is only a single Proxier active on a machine. // An error will be returned if it fails to update or acquire the initial lock. @@ -462,6 +447,9 @@ func NewProxier(ipt utiliptables.Interface, klog.Warningf("IP Family: %s, NodePortAddresses of wrong family; %s", ipFamily, strings.Join(ips, ",")) } + // excludeCIDRs has been validated before, here we just parse it to IPNet list + parsedExcludeCIDRs, _ := utilnet.ParseCIDRs(excludeCIDRs) + proxier := &Proxier{ ipFamily: ipFamily, portsMap: make(map[utilnet.LocalPort]utilnet.Closeable), @@ -471,7 +459,7 @@ func NewProxier(ipt utiliptables.Interface, endpointsChanges: proxy.NewEndpointChangeTracker(hostname, nil, ipFamily, recorder, endpointSlicesEnabled, nil), syncPeriod: syncPeriod, minSyncPeriod: minSyncPeriod, - excludeCIDRs: parseExcludedCIDRs(excludeCIDRs), + excludeCIDRs: parsedExcludeCIDRs, iptables: ipt, masqueradeAll: masqueradeAll, masqueradeMark: masqueradeMark, diff --git a/pkg/proxy/ipvs/proxier_test.go b/pkg/proxy/ipvs/proxier_test.go index 5b2654cc763..62d4b91fc25 100644 --- a/pkg/proxy/ipvs/proxier_test.go +++ b/pkg/proxy/ipvs/proxier_test.go @@ -3818,7 +3818,8 @@ func TestCleanLegacyService(t *testing.T) { ipt := iptablestest.NewFake() ipvs := ipvstest.NewFake() ipset := ipsettest.NewFake(testIPSetVersion) - fp := NewFakeProxier(ipt, ipvs, ipset, nil, parseExcludedCIDRs([]string{"3.3.3.0/24", "4.4.4.0/24"}), false, v1.IPv4Protocol) + excludeCIDRs, _ := utilnet.ParseCIDRs([]string{"3.3.3.0/24", "4.4.4.0/24"}) + fp := NewFakeProxier(ipt, ipvs, ipset, nil, excludeCIDRs, false, v1.IPv4Protocol) // All ipvs services that were processed in the latest sync loop. activeServices := map[string]bool{"ipvs0": true, "ipvs1": true} @@ -4018,7 +4019,8 @@ func TestCleanLegacyRealServersExcludeCIDRs(t *testing.T) { ipvs := ipvstest.NewFake() ipset := ipsettest.NewFake(testIPSetVersion) gtm := NewGracefulTerminationManager(ipvs) - fp := NewFakeProxier(ipt, ipvs, ipset, nil, parseExcludedCIDRs([]string{"4.4.4.4/32"}), false, v1.IPv4Protocol) + excludeCIDRs, _ := utilnet.ParseCIDRs([]string{"4.4.4.4/32"}) + fp := NewFakeProxier(ipt, ipvs, ipset, nil, excludeCIDRs, false, v1.IPv4Protocol) fp.gracefuldeleteManager = gtm vs := &utilipvs.VirtualServer{ @@ -4072,7 +4074,8 @@ func TestCleanLegacyService6(t *testing.T) { ipt := iptablestest.NewFake() ipvs := ipvstest.NewFake() ipset := ipsettest.NewFake(testIPSetVersion) - fp := NewFakeProxier(ipt, ipvs, ipset, nil, parseExcludedCIDRs([]string{"3000::/64", "4000::/64"}), false, v1.IPv4Protocol) + excludeCIDRs, _ := utilnet.ParseCIDRs([]string{"3000::/64", "4000::/64"}) + fp := NewFakeProxier(ipt, ipvs, ipset, nil, excludeCIDRs, false, v1.IPv4Protocol) fp.nodeIP = net.ParseIP("::1") // All ipvs services that were processed in the latest sync loop.