Merge pull request #9977 from kadern0/issue-8790
Added validation for --insecure-registry valuespull/10024/head
Medya Ghazizadeh
GitHub
commit
c300a0545a
|
|
@ -25,6 +25,7 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
"os/user"
|
"os/user"
|
||||||
|
"regexp"
|
||||||
"runtime"
|
"runtime"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
|
@ -73,6 +74,7 @@ var (
|
||||||
insecureRegistry []string
|
insecureRegistry []string
|
||||||
apiServerNames []string
|
apiServerNames []string
|
||||||
apiServerIPs []net.IP
|
apiServerIPs []net.IP
|
||||||
|
hostRe = regexp.MustCompile(`[\w\.-]+`)
|
||||||
)
|
)
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
|
|
@ -948,6 +950,7 @@ func validateRequestedMemorySize(req int, drvName string) {
|
||||||
func validateCPUCount(drvName string) {
|
func validateCPUCount(drvName string) {
|
||||||
var cpuCount int
|
var cpuCount int
|
||||||
if driver.BareMetal(drvName) {
|
if driver.BareMetal(drvName) {
|
||||||
|
|
||||||
// Uses the gopsutil cpu package to count the number of physical cpu cores
|
// Uses the gopsutil cpu package to count the number of physical cpu cores
|
||||||
ci, err := cpu.Counts(false)
|
ci, err := cpu.Counts(false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -1092,6 +1095,8 @@ func validateFlags(cmd *cobra.Command, drvName string) {
|
||||||
}
|
}
|
||||||
|
|
||||||
validateRegistryMirror()
|
validateRegistryMirror()
|
||||||
|
validateInsecureRegistry()
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// This function validates if the --registry-mirror
|
// This function validates if the --registry-mirror
|
||||||
|
|
@ -1111,6 +1116,34 @@ func validateRegistryMirror() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// This function validates that the --insecure-registry follows one of the following formats:
|
||||||
|
// "<ip>:<port>" "<hostname>:<port>" "<network>/<netmask>"
|
||||||
|
func validateInsecureRegistry() {
|
||||||
|
if len(insecureRegistry) > 0 {
|
||||||
|
for _, addr := range insecureRegistry {
|
||||||
|
hostnameOrIP, port, err := net.SplitHostPort(addr)
|
||||||
|
if err != nil {
|
||||||
|
_, _, err := net.ParseCIDR(addr)
|
||||||
|
if err == nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if port == "" {
|
||||||
|
exit.Message(reason.Usage, "Sorry, the address provided with the --insecure-registry flag is invalid: {{.addr}}. Expected formtas are: <ip>:<port>, <hostname>:<port> or <network>/<netmask>", out.V{"addr": addr})
|
||||||
|
}
|
||||||
|
// checks both IPv4 and IPv6
|
||||||
|
ipAddr := net.ParseIP(hostnameOrIP)
|
||||||
|
if ipAddr != nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
isValidHost := hostRe.MatchString(hostnameOrIP)
|
||||||
|
if err != nil || !isValidHost {
|
||||||
|
exit.Message(reason.Usage, "Sorry, the address provided with the --insecure-registry flag is invalid: {{.addr}}. Expected formtas are: <ip>:<port>, <hostname>:<port> or <network>/<netmask>", out.V{"addr": addr})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func createNode(cc config.ClusterConfig, kubeNodeName string, existing *config.ClusterConfig) (config.ClusterConfig, config.Node, error) {
|
func createNode(cc config.ClusterConfig, kubeNodeName string, existing *config.ClusterConfig) (config.ClusterConfig, config.Node, error) {
|
||||||
// Create the initial node, which will necessarily be a control plane
|
// Create the initial node, which will necessarily be a control plane
|
||||||
if existing != nil {
|
if existing != nil {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue