From 2ba178c92c19bad48da800e106c73a50f742fc0d Mon Sep 17 00:00:00 2001 From: SataQiu Date: Mon, 1 Mar 2021 11:19:47 +0800 Subject: [PATCH] kubeadm: skip validating pod subnet against node-cidr-mask when allocate-node-cidrs is set to be false --- .../app/apis/kubeadm/validation/validation.go | 6 ++-- .../app/phases/controlplane/manifests_test.go | 35 +++++++++++++++++++ 2 files changed, 39 insertions(+), 2 deletions(-) diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go index 91297ed8624..d2c19ed6811 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go @@ -501,8 +501,10 @@ func ValidateNetworking(c *kubeadm.ClusterConfiguration, fldPath *field.Path) fi } if len(c.Networking.PodSubnet) != 0 { allErrs = append(allErrs, ValidateIPNetFromString(c.Networking.PodSubnet, constants.MinimumAddressesInPodSubnet, isDualStack, field.NewPath("podSubnet"))...) - // Pod subnet was already validated, we need to validate now against the node-mask - allErrs = append(allErrs, ValidatePodSubnetNodeMask(c.Networking.PodSubnet, c, field.NewPath("podSubnet"))...) + if c.ControllerManager.ExtraArgs["allocate-node-cidrs"] != "false" { + // Pod subnet was already validated, we need to validate now against the node-mask + allErrs = append(allErrs, ValidatePodSubnetNodeMask(c.Networking.PodSubnet, c, field.NewPath("podSubnet"))...) + } } return allErrs } diff --git a/cmd/kubeadm/app/phases/controlplane/manifests_test.go b/cmd/kubeadm/app/phases/controlplane/manifests_test.go index ee45269e9e6..337ba52149e 100644 --- a/cmd/kubeadm/app/phases/controlplane/manifests_test.go +++ b/cmd/kubeadm/app/phases/controlplane/manifests_test.go @@ -765,6 +765,41 @@ func TestGetControllerManagerCommand(t *testing.T) { "--service-cluster-ip-range=fd03::/112", }, }, + { + name: "IPv6 networking custom extra-args for " + cpVersion, + cfg: &kubeadmapi.ClusterConfiguration{ + Networking: kubeadmapi.Networking{ + PodSubnet: "2001:db8::/64", + ServiceSubnet: "fd03::/112", + DNSDomain: "cluster.local", + }, + ControllerManager: kubeadmapi.ControlPlaneComponent{ + ExtraArgs: map[string]string{"allocate-node-cidrs": "false"}, + }, + CertificatesDir: testCertsDir, + KubernetesVersion: cpVersion, + }, + expected: []string{ + "kube-controller-manager", + "--port=0", + "--bind-address=127.0.0.1", + "--leader-elect=true", + "--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", + "--root-ca-file=" + testCertsDir + "/ca.crt", + "--service-account-private-key-file=" + testCertsDir + "/sa.key", + "--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", + "--cluster-signing-key-file=" + testCertsDir + "/ca.key", + "--use-service-account-credentials=true", + "--controllers=*,bootstrapsigner,tokencleaner", + "--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", + "--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", + "--client-ca-file=" + testCertsDir + "/ca.crt", + "--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", + "--allocate-node-cidrs=false", + "--cluster-cidr=2001:db8::/64", + "--service-cluster-ip-range=fd03::/112", + }, + }, { name: "dual-stack networking for " + cpVersion, cfg: &kubeadmapi.ClusterConfiguration{