Changes

Summary

  1. Move a stray bit of ClusterNetwork validation to right place (commit: 46ea608) (details)
  2. Abstract out ClusterNetwork-vs-local-networks test (commit: 444afbb) (details)
  3. Abstract out ClusterNetwork-vs-cluster-objects test (commit: 64ec2dc) (details)
  4. Reorganize ClusterNetwork creating/updating/validating (commit: e4e5d21) (details)
Commit 46ea608fea2617a4227bfcc3462c6df96efbb0f0 by danw
Move a stray bit of ClusterNetwork validation to right place
(commit: 46ea608)
The file was modifiedpkg/sdn/api/validation/validation_test.go (diff)
The file was modifiedpkg/sdn/plugin/master.go (diff)
The file was modifiedtest/integration/etcd_storage_path_test.go (diff)
The file was modifiedpkg/sdn/api/validation/validation.go (diff)
Commit 444afbb005ee0c7aa377405c3e93c17da8260a72 by danw
Abstract out ClusterNetwork-vs-local-networks test
Move the "ClusterNetwork doesn't conflict with local networks" code into
the NetworkInfo object, and add a unit test for it.
Logically it doesn't make sense to do this test on the master, since
it's only a problem for nodes (and the nodes don't necessarily all have
the same local networks as the master). However, we can't start making
this a fatal error on nodes now, since it's possible for a node to
more-or-less function with a local network that overlaps
serviceNetworkCIDR, or with a local network that overlaps a
currently-unused portion of clusterNetworkCIDR (and we know people have
done this in the past). So we run the check on nodes now, but make it a
non-fatal error.
Also, we continue to do the check, and have it be fatal, on the master,
so that at least in cases where the master and nodes do have the same
local networks, we'll catch any errors at cluster install time.
(commit: 444afbb)
The file was modifiedpkg/sdn/plugin/common.go (diff)
The file was addedpkg/sdn/plugin/common_test.go
The file was modifiedpkg/sdn/plugin/node.go (diff)
The file was modifiedpkg/sdn/plugin/master.go (diff)
Commit 64ec2dcc5cb7409c8211f20cf76ff8ee45f7bdf1 by danw
Abstract out ClusterNetwork-vs-cluster-objects test
Move the "ClusterNetwork doesn't conflict with existing Services and
HostSubnets" code into the NetworkInfo object, and add a unit test for
it.
Also, for completeness, validate Pods too. (This won't break working
clusters on upgrade because the check only runs when ClusterNetwork
changes. Also, the next commit makes this test non-fatal anyway.)
(commit: 64ec2dc)
The file was modifiedpkg/sdn/plugin/common.go (diff)
The file was modifiedpkg/sdn/plugin/common_test.go (diff)
The file was modifiedpkg/sdn/plugin/master.go (diff)
Commit e4e5d211a57a576845d2d9cda77b43aeb01ddedd by danw
Reorganize ClusterNetwork creating/updating/validating
1. The "default" ClusterNetwork object is now required (by validation)
to match the networking configuration that the master was started with,
effectively making it read-only (other than labels, annotations, etc).
Previously it was possible for a cluster admin to modify the object at
runtime, but neither the master nor any currently-running nodes would
pick up the change, and if the admin forgot to also make an identical
change to the on-disk config as well, then on next restart the master
would either overwrite the ClusterNetwork object with the old values, or
else fail to start if the reversion would be considered an illegal
config change.
2. If the master is restarted with a new networking config that does not
match the existing "default" ClusterNetwork object, then the SDN master
code will check if it's an allowed change (eg, to a
larger-but-overlapping clusterNetworkCIDR) and exit with an error if
not. (This is the same as the old behavior; the checking has just been
moved from ValidateClusterNetworkUpdate() to StartMaster().)
3. If the master is restarted and a "default" ClusterNetwork doesn't
exist, then any networking config will be accepted, even if it appears
to be incompatible with existing HostSubnet/Pod/Service objects. (The
master will warn loudly at startup in this case, but will keep running;
previously it would exit with an error, but this made certain kinds of
changes needlessly difficult for people who knew what they were doing,
without really doing that much to stop people who didn't know what they
were doing.)
4. ClusterNetwork objects other than "default" can now be modified
freely; validation only checks that they are syntactically correct.
(commit: e4e5d21)
The file was addedpkg/sdn/plugin/master_test.go
The file was modifiedpkg/sdn/api/validation/validation.go (diff)
The file was modifiedpkg/sdn/api/validation/validation_test.go (diff)
The file was modifiedpkg/sdn/plugin/master.go (diff)