Skip to content

Commit

Permalink
Add validation ingressVIP of same IP family with Machine Network
Browse files Browse the repository at this point in the history
  • Loading branch information
@ardaguclu
ardaguclu authored and openshift-cherrypick-robot committed Nov 12, 2021
1 parent 15c95bc commit 82bd69b
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 0 deletions.
9 changes: 9 additions & 0 deletions pkg/types/validation/installconfig.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,15 @@ func validateNetworkingIPVersion(n *types.Networking, p *types.Platform) field.E
if apiVIPIPFamily != presence["machineNetwork"].Primary {
allErrs = append(allErrs, field.Invalid(field.NewPath("networking", "baremetal", "apiVIP"), p.BareMetal.APIVIP, "VIP for the API must be of the same IP family with machine network's primary IP Family for dual-stack IPv4/IPv6"))
}

ingressVIPIPFamily := corev1.IPv6Protocol
if net.ParseIP(p.BareMetal.IngressVIP).To4() != nil {
ingressVIPIPFamily = corev1.IPv4Protocol
}

if ingressVIPIPFamily != presence["machineNetwork"].Primary {
allErrs = append(allErrs, field.Invalid(field.NewPath("networking", "baremetal", "ingressVIP"), p.BareMetal.IngressVIP, "VIP for the Ingress must be of the same IP family with machine network's primary IP Family for dual-stack IPv4/IPv6"))
}
case p.None != nil:
default:
allErrs = append(allErrs, field.Invalid(field.NewPath("networking"), "DualStack", "dual-stack IPv4/IPv6 is not supported for this platform, specify only one type of address"))
Expand Down
13 changes: 13 additions & 0 deletions pkg/types/validation/installconfig_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -662,6 +662,19 @@ func TestValidateInstallConfig(t *testing.T) {
}(),
expectedError: `^\[platform\.baremetal\.ingressVIP: Invalid value: "test": "test" is not a valid IP, platform\.baremetal\.ingressVIP: Invalid value: "test": IP expected to be in one of the machine networks: 10.0.0.0/16]$`,
},
{
name: "baremetal Ingress VIP set to an incorrect IP Family",
installConfig: func() *types.InstallConfig {
c := validInstallConfig()
c.Networking = validDualStackNetworkingConfig()
c.Platform = types.Platform{
BareMetal: validBareMetalPlatform(),
}
c.Platform.BareMetal.IngressVIP = "ffd0::"
return c
}(),
expectedError: `networking.baremetal.ingressVIP: Invalid value: "ffd0::": VIP for the Ingress must be of the same IP family with machine network's primary IP Family for dual-stack IPv4/IPv6`,
},
{
name: "baremetal Ingress VIP set to an incorrect value",
installConfig: func() *types.InstallConfig {
Expand Down

0 comments on commit 82bd69b

Please sign in to comment.