Skip to content

Commit 5d507a3

Browse files
rsafonsecarsafonseca
committed
fix validations
Signed-off-by: Rafael da Fonseca <rafael.fonseca@wildlifestudios.com>
1 parent 63de898 commit 5d507a3

File tree

2 files changed

+35
-7
lines changed

2 files changed

+35
-7
lines changed

pkg/apis/kops/validation/validation.go

Lines changed: 13 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1839,14 +1839,21 @@ func validateNodeLocalDNS(spec *kops.ClusterSpec, fldpath *field.Path) field.Err
18391839
}
18401840
}
18411841

1842-
if (spec.KubeProxy != nil && spec.KubeProxy.ProxyMode == "ipvs") || spec.Networking.Cilium != nil {
1843-
if spec.Kubelet != nil && spec.Kubelet.ClusterDNS != "" && spec.Kubelet.ClusterDNS != spec.KubeDNS.NodeLocalDNS.LocalIP {
1844-
allErrs = append(allErrs, field.Forbidden(fldpath.Child("kubelet", "clusterDNS"), "Kubelet ClusterDNS must be set to the default IP address for LocalIP"))
1842+
// Helper function to validate ClusterDNS settings
1843+
validateClusterDNS := func(kubelet *kops.KubeletConfigSpec, expectedIP string, fieldName string) {
1844+
if kubelet != nil && kubelet.ClusterDNS != "" && kubelet.ClusterDNS != expectedIP {
1845+
allErrs = append(allErrs, field.Forbidden(fldpath.Child("kubelet", "clusterDNS"),
1846+
fmt.Sprintf("%s ClusterDNS must be set to %s but it was set to %s", fieldName, expectedIP, kubelet.ClusterDNS)))
18451847
}
1848+
}
18461849

1847-
if spec.ControlPlaneKubelet != nil && spec.ControlPlaneKubelet.ClusterDNS != "" && spec.ControlPlaneKubelet.ClusterDNS != spec.KubeDNS.NodeLocalDNS.LocalIP {
1848-
allErrs = append(allErrs, field.Forbidden(fldpath.Child("kubelet", "clusterDNS"), "ControlPlaneKubelet ClusterDNS must be set to the default IP address for LocalIP"))
1849-
}
1850+
// When cilium is used, Node Local DNS pods use the service with a cilium LRP
1851+
if spec.Networking.Cilium != nil || fi.ValueOf(spec.KubeDNS.NodeLocalDNS.CiliumBPFCompatibility) {
1852+
validateClusterDNS(spec.Kubelet, spec.KubeDNS.ServerIP, "Kubelet")
1853+
validateClusterDNS(spec.ControlPlaneKubelet, spec.KubeDNS.ServerIP, "ControlPlaneKubelet")
1854+
} else if spec.KubeProxy != nil && spec.KubeProxy.ProxyMode == "ipvs" {
1855+
validateClusterDNS(spec.Kubelet, spec.KubeDNS.NodeLocalDNS.LocalIP, "Kubelet")
1856+
validateClusterDNS(spec.ControlPlaneKubelet, spec.KubeDNS.NodeLocalDNS.LocalIP, "ControlPlaneKubelet")
18501857
}
18511858

18521859
return allErrs

pkg/apis/kops/validation/validation_test.go

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1456,12 +1456,13 @@ func Test_Validate_NodeLocalDNS(t *testing.T) {
14561456
{
14571457
Input: kops.ClusterSpec{
14581458
Kubelet: &kops.KubeletConfigSpec{
1459-
ClusterDNS: "169.254.20.10",
1459+
ClusterDNS: "100.64.0.10",
14601460
},
14611461
KubeProxy: &kops.KubeProxyConfig{
14621462
ProxyMode: "iptables",
14631463
},
14641464
KubeDNS: &kops.KubeDNSConfig{
1465+
ServerIP: "100.64.0.10",
14651466
Provider: "CoreDNS",
14661467
NodeLocalDNS: &kops.NodeLocalDNSConfig{
14671468
Enabled: fi.PtrTo(true),
@@ -1474,6 +1475,26 @@ func Test_Validate_NodeLocalDNS(t *testing.T) {
14741475
},
14751476
ExpectedErrors: []string{},
14761477
},
1478+
{
1479+
Input: kops.ClusterSpec{
1480+
Kubelet: &kops.KubeletConfigSpec{
1481+
ClusterDNS: "100.64.0.10",
1482+
},
1483+
KubeProxy: &kops.KubeProxyConfig{
1484+
ProxyMode: "iptables",
1485+
},
1486+
KubeDNS: &kops.KubeDNSConfig{
1487+
ServerIP: "100.64.0.10",
1488+
Provider: "CoreDNS",
1489+
NodeLocalDNS: &kops.NodeLocalDNSConfig{
1490+
Enabled: fi.PtrTo(true),
1491+
LocalIP: "169.254.20.10",
1492+
CiliumBPFCompatibility: fi.PtrTo(true),
1493+
},
1494+
},
1495+
},
1496+
ExpectedErrors: []string{},
1497+
},
14771498
}
14781499

14791500
for _, g := range grid {

0 commit comments

Comments
 (0)