Skip to content
This repository has been archived by the owner on Oct 13, 2023. It is now read-only.

[18.09] backport default-addr-pool-mask-length param max value check #73

Merged
merged 2 commits into from
Oct 11, 2018
Merged

[18.09] backport default-addr-pool-mask-length param max value check #73

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9816bfc
Global Default AddressPool - Update
selansen Aug 30, 2018
9406f36
Fix for default-addr-pool-mask-length param max value check
selansen Oct 2, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 36 additions & 0 deletions daemon/cluster/listen_addr.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package cluster // import "github.com/docker/docker/daemon/cluster"
import (
"fmt"
"net"
"strings"
)

const (
Expand Down Expand Up @@ -87,6 +88,41 @@ func (c *Cluster) resolveAdvertiseAddr(advertiseAddr, listenAddrPort string) (st
return systemAddr.String(), listenAddrPort, nil
}

// validateDefaultAddrPool validates default address pool
// it also strips white space from the string before validation
func validateDefaultAddrPool(defaultAddrPool []string, size uint32) error {
if defaultAddrPool == nil {
// defaultAddrPool is not defined
return nil
}
//if size is not set, then we use default value 24
if size == 0 {
size = 24
}
// We allow max value as 29. We can have 8 IP addresses for max value 29
// If we allow 30, then we will get only 4 IP addresses. But with latest
// libnetwork LB scale implementation, we use total of 4 IP addresses for internal use.
// Hence keeping 29 as max value, we will have 8 IP addresses. This will be
// smallest subnet that can be used in overlay network.
if size > 29 {
return fmt.Errorf("subnet size is out of range: %d", size)
}
for i := range defaultAddrPool {
// trim leading and trailing white spaces
defaultAddrPool[i] = strings.TrimSpace(defaultAddrPool[i])
_, b, err := net.ParseCIDR(defaultAddrPool[i])
if err != nil {
return fmt.Errorf("invalid base pool %s: %v", defaultAddrPool[i], err)
}
ones, _ := b.Mask.Size()
if size < uint32(ones) {
return fmt.Errorf("invalid CIDR: %q. Subnet size is too small for pool: %d", defaultAddrPool[i], size)
}
}

return nil
}

func resolveDataPathAddr(dataPathAddr string) (string, error) {
if dataPathAddr == "" {
// dataPathAddr is not defined
Expand Down
4 changes: 4 additions & 0 deletions daemon/cluster/swarm.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,10 @@ func (c *Cluster) Init(req types.InitRequest) (string, error) {
}
}

//Validate Default Address Pool input
if err := validateDefaultAddrPool(req.DefaultAddrPool, req.SubnetSize); err != nil {
return "", err
}
nr, err := c.newNodeRunner(nodeStartConfig{
forceNewCluster: req.ForceNewCluster,
autolock: req.AutoLockManagers,
Expand Down
2 changes: 1 addition & 1 deletion integration/network/service_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -355,7 +355,7 @@ func TestServiceWithDefaultAddressPoolInit(t *testing.T) {
d.Stop(t)

// Clean up , set it back to original one to make sure other tests don't fail
ipAddr = []string{"10.10.0.0/8"}
ipAddr = []string{"10.0.0.0/8"}
ops = append(ops, daemon.WithSwarmDefaultAddrPool(ipAddr))
ops = append(ops, daemon.WithSwarmDefaultAddrPoolSubnetSize(24))
d = swarm.NewSwarm(t, testEnv, ops...)
Expand Down