The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/7766
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
From e90cd6e0e6a7539e0e721d1ec12ab1bec9260732 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Tue, 11 Aug 2020 13:43:41 +0100
Subject: [PATCH 1/4] doc/networks: dns.search clarification
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
doc/networks.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/doc/networks.md b/doc/networks.md
index e33e7b5ab4..1574f6781f 100644
--- a/doc/networks.md
+++ b/doc/networks.md
@@ -68,7 +68,7 @@ bridge.hwaddr | string | -
| -
bridge.mode | string | - | standard
| Bridge operation mode ("standard" or "fan")
bridge.mtu | integer | - | 1500
| Bridge MTU (default varies if tunnel or fan setup)
dns.domain | string | - | lxd
| Domain to advertise to DHCP clients and use for DNS
resolution
-dns.search | string | - | -
| Full comma separated domain search list, defaulting to
dns.domain
+dns.search | string | - | -
| Full comma separated domain search list, defaulting to
`dns.domain` value
dns.mode | string | - | managed
| DNS registration mode ("none" for no DNS record, "managed"
for LXD generated static records or "dynamic" for client generated records)
fan.overlay\_subnet | string | fan mode |
240.0.0.0/8 | Subnet to use as the overlay for the FAN (CIDR
notation)
fan.type | string | fan mode | vxlan
| The tunneling type for the FAN ("vxlan" or "ipip")
From 27d1d4906471453b2fff66740b7a6b9c58b5ee9c Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Tue, 11 Aug 2020 15:05:48 +0100
Subject: [PATCH 2/4] lxd/network/driver/bridge: Validates
bridge.external_interfaces using validate.Optional() helper
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/network/driver_bridge.go | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/lxd/network/driver_bridge.go b/lxd/network/driver_bridge.go
index 56d6260b95..bdae1e5a94 100644
--- a/lxd/network/driver_bridge.go
+++ b/lxd/network/driver_bridge.go
@@ -148,11 +148,7 @@ func (n *bridge) Validate(config map[string]string) error {
"bridge.driver": func(value string) error {
return validate.IsOneOf(value, []string{"native",
"openvswitch"})
},
- "bridge.external_interfaces": func(value string) error {
- if value == "" {
- return nil
- }
-
+ "bridge.external_interfaces": validate.Optional(func(value
string) error {
for _, entry := range strings.Split(value, ",") {
entry = strings.TrimSpace(entry)
if err := validInterfaceName(entry); err != nil
{
@@ -161,7 +157,7 @@ func (n *bridge) Validate(config map[string]string) error {
}
return nil
- },
+ }),
"bridge.hwaddr": validate.Optional(validate.IsNetworkMAC),
"bridge.mtu": validate.Optional(validate.IsInt64),
"bridge.mode": func(value string) error {
From 6ed1012386d6a370877a4e5ae3d9fefdd452eb2e Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Tue, 11 Aug 2020 15:31:51 +0100
Subject: [PATCH 3/4] shared/validate: Adds network IP range validators
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
shared/validate/validate.go | 58 +++++++++++++++++++++++++++++++++++++
1 file changed, 58 insertions(+)
diff --git a/shared/validate/validate.go b/shared/validate/validate.go
index 236b3e0431..c631995e6f 100644
--- a/shared/validate/validate.go
+++ b/shared/validate/validate.go
@@ -313,6 +313,64 @@ func IsNetworkV6List(value string) error {
return nil
}
+// IsNetworkRangeV4 validates an IPv4 range in the format "start-end".
+func IsNetworkRangeV4(value string) error {
+ ips := strings.SplitN(value, "-", 2)
+ if len(ips) != 2 {
+ return fmt.Errorf("IP range must contain start and end IP
addresses")
+ }
+
+ for _, ip := range ips {
+ err := IsNetworkAddressV4(ip)
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+// IsNetworkRangeV4List validates a comma delimited list of IPv4 ranges.
+func IsNetworkRangeV4List(value string) error {
+ for _, ipRange := range strings.Split(value, ",") {
+ err := IsNetworkRangeV4(strings.TrimSpace(ipRange))
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+// IsNetworkRangeV6 validates an IPv6 range in the format "start-end".
+func IsNetworkRangeV6(value string) error {
+ ips := strings.SplitN(value, "-", 2)
+ if len(ips) != 2 {
+ return fmt.Errorf("IP range must contain start and end IP
addresses")
+ }
+
+ for _, ip := range ips {
+ err := IsNetworkAddressV6(ip)
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+// IsNetworkRangeV6List validates a comma delimited list of IPv6 ranges.
+func IsNetworkRangeV6List(value string) error {
+ for _, ipRange := range strings.Split(value, ",") {
+ err := IsNetworkRangeV6(strings.TrimSpace(ipRange))
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
// IsNetworkVLAN validates a VLAN ID.
func IsNetworkVLAN(value string) error {
vlanID, err := strconv.Atoi(value)
From d0d35b66ed3ec3430a05e13fa65dfbde81ef0e57 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Tue, 11 Aug 2020 15:32:10 +0100
Subject: [PATCH 4/4] lxd/network/driver/bridge: Adds DHCP IP range validation
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/network/driver_bridge.go | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lxd/network/driver_bridge.go b/lxd/network/driver_bridge.go
index bdae1e5a94..30ab38014d 100644
--- a/lxd/network/driver_bridge.go
+++ b/lxd/network/driver_bridge.go
@@ -192,7 +192,7 @@ func (n *bridge) Validate(config map[string]string) error {
"ipv4.dhcp": validate.Optional(validate.IsBool),
"ipv4.dhcp.gateway":
validate.Optional(validate.IsNetworkAddressV4),
"ipv4.dhcp.expiry": validate.IsAny,
- "ipv4.dhcp.ranges": validate.IsAny,
+ "ipv4.dhcp.ranges":
validate.Optional(validate.IsNetworkRangeV4List),
"ipv4.routes":
validate.Optional(validate.IsNetworkV4List),
"ipv4.routing": validate.Optional(validate.IsBool),
@@ -212,7 +212,7 @@ func (n *bridge) Validate(config map[string]string) error {
"ipv6.dhcp": validate.Optional(validate.IsBool),
"ipv6.dhcp.expiry": validate.IsAny,
"ipv6.dhcp.stateful": validate.Optional(validate.IsBool),
- "ipv6.dhcp.ranges": validate.IsAny,
+ "ipv6.dhcp.ranges":
validate.Optional(validate.IsNetworkRangeV6List),
"ipv6.routes":
validate.Optional(validate.IsNetworkV6List),
"ipv6.routing": validate.Optional(validate.IsBool),
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
