fix: validate if subnet cidr conflicts with svc ip

kubeovn · May 7, 2020 · 86c443e · 86c443e
1 parent ccb1050
commit 86c443e
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/pkg/util/validator.go b/pkg/util/validator.go
@@ -3,6 +3,7 @@ package util
 import (
 	"fmt"
 	"net"
+	"os"
 	"strconv"
 	"strings"
 
@@ -51,6 +52,11 @@ func ValidateSubnet(subnet kubeovnv1.Subnet) error {
 		return fmt.Errorf("%s is not a valid gateway type", gwType)
 	}
 
+	k8sApiServer := os.Getenv("KUBERNETES_SERVICE_HOST")
+	if k8sApiServer != "" && CIDRContainIP(subnet.Spec.CIDRBlock, k8sApiServer) {
+		return fmt.Errorf("subnet %s cidr %s conflicts with k8s apiserver svc ip %s", subnet.Name, subnet.Spec.CIDRBlock, k8sApiServer)
+	}
+
 	return nil
 }