Add validation that PodCIDR(s) matches the network specified in the net-conf.json
#1556
Conversation
AlexPykavy
force-pushed
the
master
branch
2 times, most recently
from
af2b115 to
f45c162
Compare
|
Hi @manuelbuil , unfortunately |
Yes, let's try again :) |
|
As it turned out, the problem was on my side and the tests helped to detect it. However troubleshooting them was quite difficult, so I decided to make some improvements. |
subnet/kube/kube.go
Outdated
| @@ -453,3 +461,9 @@ func (ksm *kubeSubnetManager) setNodeNetworkUnavailableFalse(ctx context.Context | |||
| _, err = ksm.client.CoreV1().Nodes().PatchStatus(ctx, ksm.nodeName, patch) | |||
| return err | |||
| } | |||
|
|
|||
| func ContainsCIDR(ipnet1, ipnet2 *net.IPNet) bool { | |||
There was a problem hiding this comment.
can you write a unit test around this function please
|
@AlexPykavy write a unit test around your ContainsCIDR func and this is able to be merged. |
…net-conf.json` Because otherwise flannel will be not configured correctly. For instance, in our case `iptables` forwarding rules have been created for the default subnet from the `net-conf.json` config while actual PodCIDR was different. Creds to: - https://stackoverflow.com/questions/40406230/net-ipnet-inside-other-net-ipnet
Because many users won't delve into documentation when they see a one-line installation command in the `README.md`.
To make `/opt/bin/flanneld` the main process inside the container and thereby be able to check its status and stop tests & extract logs in case of the failure.
To make sure that it works as expected.
This will also enable `Test_newAnnotations` tests besides mine.
|
@luthermonson , completely agree with you) Added as suggested, so could you please trigger a build to make sure that it works as we expect? |
|
@manuelbuil, @luthermonson, tests pass. Can we merge this? |
I'm fine. Waiting on @luthermonson |
Faced issue that
iptablesforwarding rules have been created for the default subnet from thenet-conf.jsonconfig while actual PodCIDR was different.