Make sure the node's IP addresses is set in noProxy #5824
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
votdev
added
kind/enhancement
votdev
force-pushed
the
issue_4282_noproxy
branch
3 times, most recently
from
c43b488
to
80790ce
Compare
votdev
force-pushed
the
issue_4282_noproxy
branch
from
80790ce
to
79612d1
Compare
|
Hi @votdev, Thanks! |
votdev
added a commit
to votdev/go-common
that referenced
this pull request
May 21, 2024
Relates to: harvester/harvester#5824 Signed-off-by: Volker Theile <vtheile@suse.com>
|
votdev
force-pushed
the
issue_4282_noproxy
branch
2 times, most recently
from
9477113
to
cf05de8
Compare
Yu-Jack
reviewed
May 27, 2024
votdev
force-pushed
the
issue_4282_noproxy
branch
from
cf05de8
to
3d0122a
Compare
Relates to: harvester#4282 Signed-off-by: Volker Theile <vtheile@suse.com>
votdev
force-pushed
the
issue_4282_noproxy
branch
from
3d0122a
to
b7dec9d
Compare
FrankYang0529
approved these changes
May 29, 2024
|
LGTM. |
|
@Mergifyio backport v1.2 v1.3 |
✅ Backports have been created
|
This was referenced Jun 3, 2024
votdev
added a commit
that referenced
this pull request
Jun 3, 2024
votdev
added a commit
that referenced
this pull request
Jun 3, 2024
bk201
pushed a commit
that referenced
this pull request
Jun 4, 2024
FrankYang0529
pushed a commit
that referenced
this pull request
Jun 5, 2024
bk201
pushed a commit
to bk201/harvester
that referenced
this pull request
Jun 6, 2024
…arvester#5936) Relates to: harvester#4282 Signed-off-by: Volker Theile <vtheile@suse.com> (cherry picked from commit d06f6a7) Co-authored-by: Volker Theile <vtheile@suse.com>
bk201
pushed a commit
that referenced
this pull request
Jun 6, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem:
If you configure httpProxy and httpsProxy, you must also put Harvester node's CIDR into noProxy, otherwise, the Harvester cluster will be broken.
Solution:
Add a webhook to validate the user input; it should reject if the node IP is not included in the no_proxy CIDR range.
Related Issue:
#4282
Test plan:
The test plan assumes that several hosts are available in the cluster. For the following test cases, the hosts with the following IP addresses are involved:
Case 1:
Advanced>Settingsand then selectEdit Settingsforhttp-proxy.Save.noProxy should contain the node's IP addresses or CIDR. The node(s) 192.168.0.30, 192.168.0.31, 192.168.0.32 are not covered.is displayed.Case 2:
Advanced>Settingsand then selectEdit Settingsforhttp-proxy.192.168.0.0/27in theno-proxyform field.Save.noProxy should contain the node's IP addresses or CIDR. The node(s) 192.168.0.32 are not covered.is displayed.Case 3:
Advanced>Settingsand then selectEdit Settingsforhttp-proxy.192.168.0.0/24in theno-proxyform field.Save.Settingspage.Case 4:
Advanced>Settingsand then selectEdit Settingsforhttp-proxy.192.168.0.30, 192.168.0.31, 192.168.0.32in theno-proxyform field.Save.Settingspage.