登入
golang
/
flannel
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: f55995ee04
分支列表 標籤列表
flannel
/
vendor
/
k8s.io
/
kubernetes
/
pkg
/
api
/
service
/
util.go

util.go 2.3 KB
文件歷史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. /*
    2. 

  2. Copyright 2016 The Kubernetes Authors.
    3. 

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5. you may not use this file except in compliance with the License.
    6. 

  6. You may obtain a copy of the License at
    7. 

  7. 

  8.     http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. 

  10. Unless required by applicable law or agreed to in writing, software
    11. 

  11. distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13. See the License for the specific language governing permissions and
    14. 

  14. limitations under the License.
    15. 

  15. */
    16. 

  16. 

  17. package service
    18. 

  18. 

  19. import (
    20. 

  20. 	"fmt"
    21. 

  21. 	"strings"
    22. 

  22. 

  23. 	"k8s.io/kubernetes/pkg/api"
    24. 

  24. 	netsets "k8s.io/kubernetes/pkg/util/net/sets"
    25. 

  25. )
    26. 

  26. 

  27. const (
    28. 

  28. 	defaultLoadBalancerSourceRanges = "0.0.0.0/0"
    29. 

  29. )
    30. 

  30. 

  31. // IsAllowAll checks whether the netsets.IPNet allows traffic from 0.0.0.0/0
    32. 

  32. func IsAllowAll(ipnets netsets.IPNet) bool {
    33. 

  33. 	for _, s := range ipnets.StringSlice() {
    34. 

  34. 		if s == "0.0.0.0/0" {
    35. 

  35. 			return true
    36. 

  36. 		}
    37. 

  37. 	}
    38. 

  38. 	return false
    39. 

  39. }
    40. 

  40. 

  41. // GetLoadBalancerSourceRanges first try to parse and verify LoadBalancerSourceRanges field from a service.
    42. 

  42. // If the field is not specified, turn to parse and verify the AnnotationLoadBalancerSourceRangesKey annotation from a service,
    43. 

  43. // extracting the source ranges to allow, and if not present returns a default (allow-all) value.
    44. 

  44. func GetLoadBalancerSourceRanges(service *api.Service) (netsets.IPNet, error) {
    45. 

  45. 	var ipnets netsets.IPNet
    46. 

  46. 	var err error
    47. 

  47. 	// if SourceRange field is specified, ignore sourceRange annotation
    48. 

  48. 	if len(service.Spec.LoadBalancerSourceRanges) > 0 {
    49. 

  49. 		specs := service.Spec.LoadBalancerSourceRanges
    50. 

  50. 		ipnets, err = netsets.ParseIPNets(specs...)
    51. 

  51. 

  52. 		if err != nil {
    53. 

  53. 			return nil, fmt.Errorf("service.Spec.LoadBalancerSourceRanges: %v is not valid. Expecting a list of IP ranges. For example, 10.0.0.0/24. Error msg: %v", specs, err)
    54. 

  54. 		}
    55. 

  55. 	} else {
    56. 

  56. 		val := service.Annotations[AnnotationLoadBalancerSourceRangesKey]
    57. 

  57. 		val = strings.TrimSpace(val)
    58. 

  58. 		if val == "" {
    59. 

  59. 			val = defaultLoadBalancerSourceRanges
    60. 

  60. 		}
    61. 

  61. 		specs := strings.Split(val, ",")
    62. 

  62. 		ipnets, err = netsets.ParseIPNets(specs...)
    63. 

  63. 		if err != nil {
    64. 

  64. 			return nil, fmt.Errorf("%s: %s is not valid. Expecting a comma-separated list of source IP ranges. For example, 10.0.0.0/24,192.168.2.0/24", AnnotationLoadBalancerSourceRangesKey, val)
    65. 

  65. 		}
    66. 

  66. 	}
    67. 

  67. 	return ipnets, nil
    68. 

  68. }
    69.