Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: validates PC IP is outside Load Balancer IP Range #1001

Merged
merged 3 commits into from
Dec 18, 2024
Merged

fix: validates PC IP is outside Load Balancer IP Range #1001

merged 3 commits into from
Dec 18, 2024

Conversation

manoj-nutanix
Copy link
Contributor

@manoj-nutanix manoj-nutanix commented Dec 12, 2024
edited
Loading

What problem does this PR solve?:

webhook errors out if NUTANIX_ENDPOINT IP falls in Load Balancer IP Range. It only implements dumb check which compares PC IP with Load Balancer IP Range. It's complex to achieve with CEL so going with webhook as we'll need to use regex(isIP() func is not working for cluster variables) to extract IP from PC URL and do string compare which not robust as we can do error handling through webhook.

Which issue(s) this PR fixes:
Fixes #
https://jira.nutanix.com/browse/NCN-102628

How Has This Been Tested?:

Special notes for your reviewer:

✗ clusterctl generate cluster ${CLUSTER_NAME} \  --from ${CLUSTER_FILE} \
  --kubernetes-version ${KUBERNETES_VERSION} \
  --worker-machine-count 1 | \
  kubectl apply --server-side -f -
secret/nutanix-cluster-cilium-helm-addon-dockerhub-credentials serverside-applied
secret/nutanix-cluster-cilium-helm-addon-pc-creds-for-csi serverside-applied
Warning: Detected changes to resource nutanix-cluster-cilium-helm-addon-pc-creds which is currently being deleted.
secret/nutanix-cluster-cilium-helm-addon-pc-creds serverside-applied
Error from server (Forbidden): admission webhook "cluster-validator.caren.nutanix.com" denied the request: prism central IP "198.18.1.1" must not be part of MetalLB address range "198.18.1.1"-"198.18.1.10"

@github-actions github-actions bot added the fix label Dec 12, 2024
@manoj-nutanix manoj-nutanix mentioned this pull request Dec 13, 2024
Closed
@github-actions github-actions bot added fix and removed fix labels Dec 13, 2024
dkoshkin
dkoshkin approved these changes Dec 16, 2024
View reviewed changes
Copy link
Contributor

@dkoshkin dkoshkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good!

api/v1alpha1/nutanix_clusterconfig_types.go Show resolved Hide resolved
pkg/webhook/cluster/nutanix_validator.go Outdated Show resolved Hide resolved
pkg/webhook/cluster/nutanix_validator.go Outdated Show resolved Hide resolved
pkg/webhook/cluster/nutanix_validator.go Outdated Show resolved Hide resolved
@manoj-nutanix manoj-nutanix changed the title fix: validates NUTANIX_ENDPOINT does not fall in the Load Balancer IP Range fix: validates PC IP is outside Load Balancer IP Range Dec 18, 2024
@github-actions github-actions bot added fix and removed fix labels Dec 18, 2024
@manoj-nutanix manoj-nutanix merged commit ffb7bb2 into main Dec 18, 2024
24 checks passed
@manoj-nutanix manoj-nutanix deleted the NCN-102628 branch December 18, 2024 13:43
@github-actions github-actions bot mentioned this pull request Dec 18, 2024
Merged
dkoshkin added a commit that referenced this pull request Jan 16, 2025
@dkoshkin @github-actions
release(main): v0.25.0 (#999)
5b2008a 
🤖 I have created a release *beep* *boop*
---


## 0.25.0 (2025-01-16)

<!-- Release notes generated using configuration in .github/release.yaml
at main -->

## What's Changed
### Exciting New Features 🎉
* feat: Virtual IP configuration to set different address/port by
@dkoshkin in
#986
* feat: update addon versions by @dkoshkin in
#997
* feat: COSI controller Addon by @dkoshkin in
#1008
### Fixes 🔧
* fix: check HelmReleaseReadyCondition when status is up-to-date by
@dkoshkin in
#989
* fix: update CoreDNS mapping file by @dkoshkin in
#998
* fix: validates PC IP is outside Load Balancer IP Range by
@manoj-nutanix in
#1001
* fix: update COSI controller image to fix CVEs by @dkoshkin in
#1012
* fix(deps): Update Nutanix CCM Version by @thunderboltsid in
#1016
* fix: update AWS CCM to latest versions by @dkoshkin in
#1013
### Other Changes
* refactor: new waiter functionality in helmAddonApplier by @dkoshkin in
#988
* build: Properly ignore ntnx API client from dependabot by @jimmidyson
in
#995


**Full Changelog**:
v0.24.0...v0.25.0

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thunderboltsid thunderboltsid thunderboltsid approved these changes

@dkoshkin dkoshkin dkoshkin approved these changes

@jimmidyson jimmidyson Awaiting requested review from jimmidyson

@dlipovetsky dlipovetsky Awaiting requested review from dlipovetsky

@faiq faiq Awaiting requested review from faiq

Assignees
No one assigned
Labels
fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@manoj-nutanix @dkoshkin @thunderboltsid