You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We deployed a CR file as below with spec.pd.service.loadBalancerSourceRanges equals to an "invalidIP" (basically a random string which does not comply to correct IP format).
What did you expect to see?
We expected to see an error message indicating that the IP we set was invalid, as we found in the source code that validateService is used to "validate LoadBalancerSourceRanges field from service", and an error message should be thrown if LoadBalancerSourceRanges contains invalid IP.
What did you see instead?
This invalid IP was silently rejected and we did not see any error messages indicating why this IP was rejected.
Additional comment
We found that Service under PD is not validated when validating PD spec. And we consider it necessary to call validateService in validatePDSpec, which can validate Service.LoadBalancerSourceRanges under PD.
The text was updated successfully, but these errors were encountered:
Bug Report
What version of Kubernetes are you using?
What version of TiDB Operator are you using?
What storage classes exist in the Kubernetes cluster and what are used for PD/TiKV pods?
$ kubectl get sc NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE standard (default) [rancher.io/local-path](http://rancher.io/local-path) Delete WaitForFirstConsumer false 40m $ kubectl get pvc -n {tidb-cluster-namespace} NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE pd-advanced-tidb-pd-0 Bound pvc-b566858b-bf4e-4e33-b31e-5d7feb7397b1 10Gi RWO standard 10m pd-advanced-tidb-pd-1 Bound pvc-df70980f-12cf-499f-8ad7-e41cac98c5d0 10Gi RWO standard 10m pd-advanced-tidb-pd-2 Bound pvc-d41691d8-feb5-4e21-b282-1ece1851cffa 10Gi RWO standard 10m tikv-advanced-tidb-tikv-0 Bound pvc-42e652d6-2400-4ae8-b790-cef8466e4566 100Gi RWO standard 10m tikv-advanced-tidb-tikv-1 Bound pvc-5af08c43-e02d-433c-896a-b85ad568d1ca 100Gi RWO standard 10m tikv-advanced-tidb-tikv-2 Bound pvc-652761b6-9fff-4080-b13d-9e364062cddc 100Gi RWO standard 10m
What's the status of the TiDB cluster pods?
What did you do?
We deployed a CR file as below with
spec.pd.service.loadBalancerSourceRanges
equals to an "invalidIP" (basically a random string which does not comply to correct IP format).The CR file
What did you expect to see?
We expected to see an error message indicating that the IP we set was invalid, as we found in the source code that
validateService
is used to "validate LoadBalancerSourceRanges field from service", and an error message should be thrown ifLoadBalancerSourceRanges
contains invalid IP.What did you see instead?
This invalid IP was silently rejected and we did not see any error messages indicating why this IP was rejected.
Additional comment
We found that
Service
under PD is not validated when validating PD spec. And we consider it necessary to callvalidateService
invalidatePDSpec
, which can validateService.LoadBalancerSourceRanges
under PD.The text was updated successfully, but these errors were encountered: