Merge pull request #98984 from SataQiu/fix-kubeadm-20210211

kubeadm: skip validating pod subnet against node-cidr-mask when allocate-node-cidrs is set to be false
This commit is contained in:
Kubernetes Prow Robot 2021-03-03 01:53:20 -08:00 committed by GitHub
commit b0ba6c0b76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 39 additions and 2 deletions

View File

@ -508,8 +508,10 @@ func ValidateNetworking(c *kubeadm.ClusterConfiguration, fldPath *field.Path) fi
}
if len(c.Networking.PodSubnet) != 0 {
allErrs = append(allErrs, ValidateIPNetFromString(c.Networking.PodSubnet, constants.MinimumAddressesInPodSubnet, isDualStack, field.NewPath("podSubnet"))...)
// Pod subnet was already validated, we need to validate now against the node-mask
allErrs = append(allErrs, ValidatePodSubnetNodeMask(c.Networking.PodSubnet, c, field.NewPath("podSubnet"))...)
if c.ControllerManager.ExtraArgs["allocate-node-cidrs"] != "false" {
// Pod subnet was already validated, we need to validate now against the node-mask
allErrs = append(allErrs, ValidatePodSubnetNodeMask(c.Networking.PodSubnet, c, field.NewPath("podSubnet"))...)
}
}
return allErrs
}

View File

@ -765,6 +765,41 @@ func TestGetControllerManagerCommand(t *testing.T) {
"--service-cluster-ip-range=fd03::/112",
},
},
{
name: "IPv6 networking custom extra-args for " + cpVersion,
cfg: &kubeadmapi.ClusterConfiguration{
Networking: kubeadmapi.Networking{
PodSubnet: "2001:db8::/64",
ServiceSubnet: "fd03::/112",
DNSDomain: "cluster.local",
},
ControllerManager: kubeadmapi.ControlPlaneComponent{
ExtraArgs: map[string]string{"allocate-node-cidrs": "false"},
},
CertificatesDir: testCertsDir,
KubernetesVersion: cpVersion,
},
expected: []string{
"kube-controller-manager",
"--port=0",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--allocate-node-cidrs=false",
"--cluster-cidr=2001:db8::/64",
"--service-cluster-ip-range=fd03::/112",
},
},
{
name: "dual-stack networking for " + cpVersion,
cfg: &kubeadmapi.ClusterConfiguration{