diff --git a/config/crd/bases/anywhere.eks.amazonaws.com_nutanixdatacenterconfigs.yaml b/config/crd/bases/anywhere.eks.amazonaws.com_nutanixdatacenterconfigs.yaml index ded7fd662d6a..ddcf876d2e87 100644 --- a/config/crd/bases/anywhere.eks.amazonaws.com_nutanixdatacenterconfigs.yaml +++ b/config/crd/bases/anywhere.eks.amazonaws.com_nutanixdatacenterconfigs.yaml @@ -43,13 +43,6 @@ spec: bundle for users that configured their Prism Central with certificates from non-publicly trusted CAs type: string - ccmExcludeNodeIPs: - description: CcmExcludeIPs is the optional list of IP addresses that - should be excluded from the CCM IP pool for nodes. List should be - valid IP addresses and IP address ranges. - items: - type: string - type: array credentialRef: description: CredentialRef is the reference to the secret name that contains the credentials for the Nutanix Prism Central. The namespace diff --git a/pkg/api/v1alpha1/nutanixdatacenterconfig_types.go b/pkg/api/v1alpha1/nutanixdatacenterconfig_types.go index 5da81ed804eb..2ab1b77467f3 100644 --- a/pkg/api/v1alpha1/nutanixdatacenterconfig_types.go +++ b/pkg/api/v1alpha1/nutanixdatacenterconfig_types.go @@ -47,11 +47,6 @@ type NutanixDatacenterConfigSpec struct { // FailureDomains is the optional list of failure domains for the Nutanix Datacenter. // +optional FailureDomains []NutanixDatacenterFailureDomain `json:"failureDomains,omitempty"` - - // CcmExcludeIPs is the optional list of IP addresses that should be excluded from the CCM IP pool for nodes. - // List should be valid IP addresses and IP address ranges. - // +optional - CcmExcludeNodeIPs []string `json:"ccmExcludeNodeIPs,omitempty"` } // NutanixDatacenterFailureDomain defines the failure domain for the Nutanix Datacenter. diff --git a/pkg/api/v1alpha1/zz_generated.deepcopy.go b/pkg/api/v1alpha1/zz_generated.deepcopy.go index 5a695cb89ebd..b595f09e020a 100644 --- a/pkg/api/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/api/v1alpha1/zz_generated.deepcopy.go @@ -2019,11 +2019,6 @@ func (in *NutanixDatacenterConfigSpec) DeepCopyInto(out *NutanixDatacenterConfig (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.CcmExcludeNodeIPs != nil { - in, out := &in.CcmExcludeNodeIPs, &out.CcmExcludeNodeIPs - *out = make([]string, len(*in)) - copy(*out, *in) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NutanixDatacenterConfigSpec. diff --git a/pkg/providers/nutanix/template.go b/pkg/providers/nutanix/template.go index 3820294831e8..124b2e010c13 100644 --- a/pkg/providers/nutanix/template.go +++ b/pkg/providers/nutanix/template.go @@ -6,7 +6,6 @@ import ( "fmt" "log" "net" - "strings" "sigs.k8s.io/yaml" @@ -526,32 +525,6 @@ func generateNutanixFailureDomains(eksNutanixFailureDomains []v1alpha1.NutanixDa return failureDomains } -func incrementIP(ip net.IP) { - for i := len(ip) - 1; i >= 0; i-- { - ip[i]++ - if ip[i] > 0 { - break - } - } -} - -func compareIP(ip1, ip2 net.IP) (int, error) { - if len(ip1) != len(ip2) { - return -1, fmt.Errorf("IP addresses are not the same protocol") - } - - for i := 0; i < len(ip1); i++ { - if ip1[i] < ip2[i] { - return -1, nil - } - if ip1[i] > ip2[i] { - return 1, nil - } - } - - return 0, nil -} - func addKubeVipToIgnoredNodeIPsList(clusterSpec *cluster.Spec, result []string) []string { kubeVipStr := clusterSpec.Cluster.Spec.ControlPlaneConfiguration.Endpoint.Host if kubeVipStr != "" { @@ -567,92 +540,10 @@ func addKubeVipToIgnoredNodeIPsList(clusterSpec *cluster.Spec, result []string) return result } -func addCIDRToIgnoredNodeIPsList(cidr string, result []string) []string { - ip, ipNet, err := net.ParseCIDR(cidr) - if err != nil { - // log error and continue - log.Printf("error parsing CIDR %s: %v", cidr, err) - return result - } - - // Add all ip addresses in the range to the list - for ip := ip.Mask(ipNet.Mask); ipNet.Contains(ip); incrementIP(ip) { - if ip != nil { - result = append(result, ip.String()) - } - } - - return result -} - -func addIPRangeToIgnoredNodeIPsList(ipRangeStr string, result []string) []string { - // Parse the range - ipRange := strings.Split(ipRangeStr, "-") - if len(ipRange) != 2 { - // log error and return - log.Printf("error parsing range %s: expected 2 values, got %d", ipRangeStr, len(ipRange)) - return result - } - - // Parse the start and end of the range - start := net.ParseIP(strings.TrimSpace(ipRange[0])) - end := net.ParseIP(strings.TrimSpace(ipRange[1])) - if start == nil || end == nil { - // log error and return - log.Printf("error parsing range %s: invalid IP address", ipRangeStr) - return result - } - - cmp, err := compareIP(start, end) - if err != nil { - // log error and return - log.Printf("error comparing IP addresses %s and %s: %v", start.String(), end.String(), err) - return result - } - - if cmp >= 0 { - // swap start and end if start is greater than end - start, end = end, start - } - - // Add all ip addresses in the range to the list - for ip := start; !ip.Equal(end); incrementIP(ip) { - result = append(result, ip.String()) - } - - result = append(result, end.String()) - - return result -} - -func addIPAddressToIgnoredNodeIPsList(ipAddrStr string, result []string) []string { - ip := net.ParseIP(ipAddrStr) - if ip == nil { - // log error and return - log.Printf("error parsing IP address %s", ipAddrStr) - return result - } - - result = append(result, ip.String()) - return result -} - func generateCcmIgnoredNodeIPsList(clusterSpec *cluster.Spec) []string { result := make([]string, 0) - // Add kube-vip to the list result = addKubeVipToIgnoredNodeIPsList(clusterSpec, result) - for _, IPAddrOrRange := range clusterSpec.NutanixDatacenter.Spec.CcmExcludeNodeIPs { - addrOrRange := strings.TrimSpace(IPAddrOrRange) - if strings.Contains(addrOrRange, "/") { - result = addCIDRToIgnoredNodeIPsList(addrOrRange, result) - } else if strings.Contains(addrOrRange, "-") { - result = addIPRangeToIgnoredNodeIPsList(addrOrRange, result) - } else { - result = addIPAddressToIgnoredNodeIPsList(addrOrRange, result) - } - } - return result } diff --git a/pkg/providers/nutanix/template_test.go b/pkg/providers/nutanix/template_test.go index 5d799cb7fa3c..757ee81a9bf6 100644 --- a/pkg/providers/nutanix/template_test.go +++ b/pkg/providers/nutanix/template_test.go @@ -730,66 +730,10 @@ func TestTemplateBuilderCcmExcludeNodeIPs(t *testing.T) { for _, tc := range []struct { Input string Output string - ChangeFn func(clusterSpec *cluster.Spec) *cluster.Spec }{ { Input: "testdata/eksa-cluster-ccm-exclude-node-ips.yaml", Output: "testdata/expected_cluster_ccm_exclude_node_ips.yaml", - ChangeFn: func(clusterSpec *cluster.Spec) *cluster.Spec { - excludeNodeIPs := []string{ - "127.100.200.101", - "10.10.10.10-10.10.10.13", - "10.123.0.0/29", - } - clusterSpec.NutanixDatacenter.Spec.CcmExcludeNodeIPs = excludeNodeIPs - - return clusterSpec - }, - }, - { - Input: "testdata/eksa-cluster-ccm-exclude-node-ips.yaml", - Output: "testdata/expected_cluster_ccm_exclude_node_ips.yaml", - ChangeFn: func(clusterSpec *cluster.Spec) *cluster.Spec { - excludeNodeIPs := []string{ - "127.100.200.101", - "10.10.10.10-10.10.10.13", - "10.123.0.0/29", - "10.10.10.20-10.10.10.30-10.10.20.30", - } - clusterSpec.NutanixDatacenter.Spec.CcmExcludeNodeIPs = excludeNodeIPs - - return clusterSpec - }, - }, - { - Input: "testdata/eksa-cluster-ccm-exclude-node-ips.yaml", - Output: "testdata/expected_cluster_ccm_exclude_node_ips.yaml", - ChangeFn: func(clusterSpec *cluster.Spec) *cluster.Spec { - excludeNodeIPs := []string{ - "127.100.200.101", - "10.10.10.10-10.10.10.13", - "10.123.0.0/29", - "244.244.1", - } - clusterSpec.NutanixDatacenter.Spec.CcmExcludeNodeIPs = excludeNodeIPs - - return clusterSpec - }, - }, - { - Input: "testdata/eksa-cluster-ccm-exclude-node-ips.yaml", - Output: "testdata/expected_cluster_ccm_exclude_node_ips.yaml", - ChangeFn: func(clusterSpec *cluster.Spec) *cluster.Spec { - excludeNodeIPs := []string{ - "127.100.200.101", - "10.10.10.10-10.10.10.13", - "10.123.0.0/29", - "10.21.0.5/55", - } - clusterSpec.NutanixDatacenter.Spec.CcmExcludeNodeIPs = excludeNodeIPs - - return clusterSpec - }, }, } { clusterSpec := test.NewFullClusterSpec(t, tc.Input) @@ -800,8 +744,6 @@ func TestTemplateBuilderCcmExcludeNodeIPs(t *testing.T) { t.Setenv(constants.EksaNutanixPasswordKey, "password") creds := GetCredsFromEnv() - clusterSpec = tc.ChangeFn(clusterSpec) - bldr := NewNutanixTemplateBuilder(&clusterSpec.NutanixDatacenter.Spec, &machineCfg.Spec, nil, map[string]anywherev1.NutanixMachineConfigSpec{}, creds, time.Now) diff --git a/pkg/providers/nutanix/testdata/expected_cluster_ccm_exclude_node_ips.yaml b/pkg/providers/nutanix/testdata/expected_cluster_ccm_exclude_node_ips.yaml index e4861d272932..f620f2421a02 100644 --- a/pkg/providers/nutanix/testdata/expected_cluster_ccm_exclude_node_ips.yaml +++ b/pkg/providers/nutanix/testdata/expected_cluster_ccm_exclude_node_ips.yaml @@ -401,7 +401,7 @@ data: "topologyDiscovery": { "type": "Prism" }, - "ignoredNodeIPs": ["10.199.199.1", "127.100.200.101", "10.10.10.10", "10.10.10.11", "10.10.10.12", "10.10.10.13", "10.123.0.0", "10.123.0.1", "10.123.0.2", "10.123.0.3", "10.123.0.4", "10.123.0.5", "10.123.0.6", "10.123.0.7"] + "ignoredNodeIPs": ["10.199.199.1"] } --- apiVersion: rbac.authorization.k8s.io/v1 diff --git a/pkg/providers/nutanix/validator.go b/pkg/providers/nutanix/validator.go index 3846a6547f13..827d91b20652 100644 --- a/pkg/providers/nutanix/validator.go +++ b/pkg/providers/nutanix/validator.go @@ -3,7 +3,6 @@ package nutanix import ( "context" "fmt" - "net" "net/http" "regexp" "strconv" @@ -132,62 +131,6 @@ func (v *Validator) ValidateDatacenterConfig(ctx context.Context, client Client, return err } - if config.Spec.CcmExcludeNodeIPs != nil { - if err := v.validateCcmExcludeNodeIPs(config.Spec.CcmExcludeNodeIPs); err != nil { - return err - } - } - - return nil -} - -func (v *Validator) validateIPRangeForCcmExcludeNodeIPs(ipRange string) error { - ipRangeStr := strings.TrimSpace(ipRange) - rangeParts := strings.Split(ipRangeStr, "-") - if len(rangeParts) != 2 { - return fmt.Errorf("invalid IP range %s", ipRangeStr) - } - startIP := net.ParseIP(strings.TrimSpace(rangeParts[0])) - if startIP == nil { - return fmt.Errorf("invalid start IP address %s", rangeParts[0]) - } - endIP := net.ParseIP(strings.TrimSpace(rangeParts[1])) - if endIP == nil { - return fmt.Errorf("invalid end IP address %s", rangeParts[1]) - } - cmp, err := compareIP(startIP, endIP) - if err != nil { - return err - } - if cmp > 0 { - return fmt.Errorf("start IP address %s is greater than end IP address %s", startIP.String(), endIP.String()) - } - - return nil -} - -func (v *Validator) validateCcmExcludeNodeIPs(ccmExcludeNodeIPs []string) error { - for _, ipOrIPRange := range ccmExcludeNodeIPs { - if strings.Contains(ipOrIPRange, "/") { - cidrStr := strings.TrimSpace(ipOrIPRange) - _, _, err := net.ParseCIDR(cidrStr) - if err != nil { - return fmt.Errorf("invalid CIDR %s: %v", cidrStr, err) - } - } else if strings.Contains(ipOrIPRange, "-") { - err := v.validateIPRangeForCcmExcludeNodeIPs(ipOrIPRange) - if err != nil { - return err - } - } else { - ipStr := strings.TrimSpace(ipOrIPRange) - ip := net.ParseIP(ipStr) - if ip == nil { - return fmt.Errorf("invalid IP address %s", ipStr) - } - } - } - return nil } diff --git a/pkg/providers/nutanix/validator_test.go b/pkg/providers/nutanix/validator_test.go index bf01fce74ee7..e0609c415923 100644 --- a/pkg/providers/nutanix/validator_test.go +++ b/pkg/providers/nutanix/validator_test.go @@ -59,24 +59,6 @@ var nutanixDatacenterConfigSpecWithFailureDomainInvalidCluster string //go:embed testdata/datacenterConfig_with_failure_domains_invalid_subnet.yaml var nutanixDatacenterConfigSpecWithFailureDomainInvalidSubnet string -//go:embed testdata/datacenterConfig_with_ccm_exclude_node_ips.yaml -var nutanixDatacenterConfigSpecWithCCMExcludeNodeIPs string - -//go:embed testdata/datacenterConfig_with_ccm_exclude_node_ips_invalid_cidr.yaml -var nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidCIDR string - -//go:embed testdata/datacenterConfig_with_ccm_exclude_node_ips_invalid_ip.yaml -var nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidIP string - -//go:embed testdata/datacenterConfig_with_ccm_exclude_node_ips_invalid_ip_range1.yaml -var nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidIPRange1 string - -//go:embed testdata/datacenterConfig_with_ccm_exclude_node_ips_invalid_ip_range2.yaml -var nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidIPRange2 string - -//go:embed testdata/datacenterConfig_with_ccm_exclude_node_ips_invalid_ip_range3.yaml -var nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidIPRange3 string - func fakeClusterList() *v3.ClusterListIntentResponse { return &v3.ClusterListIntentResponse{ Entities: []*v3.ClusterIntentResponse{ @@ -739,36 +721,6 @@ func TestNutanixValidatorValidateDatacenterConfig(t *testing.T) { dcConfFile: nutanixDatacenterConfigSpecWithFailureDomainInvalidSubnet, expectErr: true, }, - { - name: "valid ccmExcludeNodeIPs", - dcConfFile: nutanixDatacenterConfigSpecWithCCMExcludeNodeIPs, - expectErr: false, - }, - { - name: "ccmExcludeNodeIPs invalid CIDR", - dcConfFile: nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidCIDR, - expectErr: true, - }, - { - name: "ccmExcludeNodeIPs invalid IP", - dcConfFile: nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidIP, - expectErr: true, - }, - { - name: "ccmExcludeNodeIPs invalid IP range: wrong number of IPs", - dcConfFile: nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidIPRange1, - expectErr: true, - }, - { - name: "ccmExcludeNodeIPs invalid IP range: wrong IP range", - dcConfFile: nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidIPRange2, - expectErr: true, - }, - { - name: "ccmExcludeNodeIPs invalid IP range: wrong IP types", - dcConfFile: nutanixDatacenterConfigSpecWithCCMExcludeNodeIPsInvalidIPRange3, - expectErr: true, - }, } ctrl := gomock.NewController(t)