diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/BUILD b/cmd/kubeadm/app/apis/kubeadm/validation/BUILD index f1cc58fe17..62a7ebc660 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/BUILD +++ b/cmd/kubeadm/app/apis/kubeadm/validation/BUILD @@ -5,6 +5,7 @@ licenses(["notice"]) load( "@io_bazel_rules_go//go:def.bzl", "go_library", + "go_test", ) go_library( @@ -14,6 +15,7 @@ go_library( deps = [ "//cmd/kubeadm/app/apis/kubeadm:go_default_library", "//cmd/kubeadm/app/constants:go_default_library", + "//pkg/registry/core/service/ipallocator:go_default_library", "//vendor:k8s.io/apimachinery/pkg/util/validation/field", ], ) @@ -30,3 +32,11 @@ filegroup( srcs = [":package-srcs"], tags = ["automanaged"], ) + +go_test( + name = "go_default_test", + srcs = ["validation_test.go"], + library = ":go_default_library", + tags = ["automanaged"], + deps = ["//vendor:k8s.io/apimachinery/pkg/util/validation/field"], +) diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go index 0fc7805411..8afc92e82d 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation.go @@ -17,12 +17,12 @@ limitations under the License. package validation import ( - "math" "net" "k8s.io/apimachinery/pkg/util/validation/field" "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" + "k8s.io/kubernetes/pkg/registry/core/service/ipallocator" ) func ValidateMasterConfiguration(c *kubeadm.MasterConfiguration) field.ErrorList { @@ -79,8 +79,7 @@ func ValidateServiceSubnet(subnet string, fldPath *field.Path) field.ErrorList { if err != nil { return field.ErrorList{field.Invalid(fldPath, nil, "couldn't parse the service subnet")} } - cidrBytesMask, _ := svcSubnet.Mask.Size() - numAddresses := int32(math.Pow(2, float64(32-cidrBytesMask))) + numAddresses := ipallocator.RangeSize(svcSubnet) if numAddresses < kubeadmconstants.MinimumAddressesInServiceSubnet { return field.ErrorList{field.Invalid(fldPath, nil, "service subnet is too small")} } diff --git a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go index 5ea16980bb..8fb314efde 100644 --- a/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go +++ b/cmd/kubeadm/app/apis/kubeadm/validation/validation_test.go @@ -1,3 +1,19 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package validation import ( @@ -15,8 +31,9 @@ func TestValidateServiceSubnet(t *testing.T) { {"", nil, false}, {"this is not a cidr", nil, false}, // not a CIDR {"10.0.0.1", nil, false}, // not a CIDR - {"192.0.2.0/1", nil, false}, // CIDR too smal - {"192.0.2.0/24", nil, true}, + {"10.96.0.1/29", nil, false}, // CIDR too small, only 8 addresses and we require at least 10 + {"10.96.0.1/28", nil, true}, // a /28 subnet is ok because it can contain 16 addresses + {"10.96.0.1/12", nil, true}, // the default subnet should obviously pass as well } for _, rt := range tests { actual := ValidateServiceSubnet(rt.s, rt.f)