Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restoring PrefixClaim ignores prefixLength #82

Open
2 tasks done
jstudler opened this issue Oct 1, 2024 · 0 comments
Open
2 tasks done

Restoring PrefixClaim ignores prefixLength #82

jstudler opened this issue Oct 1, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@jstudler
Copy link
Contributor

jstudler commented Oct 1, 2024

Bug report criteria

  • This bug report is not security related, security issues should be disclosed privately via netbox operator maintainers.
  • Existing open issues have been checked and this is not a duplicate.

What happened?

If there is a mismatch of .spec.prefixLength and the prefix length of the Prefix in NetBox that would be restored, it will restore it and the PrefixClaim/Prefix in the Kubernetes API will inconsistent (.spec.prefixLength and the length of .status.prefix don't match).

What did you expect to happen?

The Prefix should not be restored, the controller should have failed. RestoreExistingPrefixByHash() should contain a check and return an error if the length does not match.

How can we reproduce it (as minimally and precisely as possible)?

Make sure config/samples/netbox_v1_prefixclaim.yaml has preserveInNetbox set to true.

# Create the PrefixClaim
kubectl apply -f config/samples/netbox_v1_prefixclaim.yaml

# Make sure .spec.prefixLength matches with the mask
kubectl get px,pxc
NAME                                   PREFIX       READY   ID    URL
prefix.netbox.dev/prefixclaim-sample   2.0.4.0/28   True    104   http://netbox.default.svc.cluster.local/ipam/prefixes/104

NAME                                        PREFIX       READY   PREFIXASSIGNED
prefixclaim.netbox.dev/prefixclaim-sample   2.0.4.0/28   True    True

# Delete the PrefixClaim
kubectl delete -f config/samples/netbox_v1_ipaddressclaim.yaml

# Then manually change the Prefix Length in NetBox (e.g. to /24)

# Apply the sample PrefixClaim again ("restore" the PrefixClaim)
kubectl apply -f config/samples/netbox_v1_prefixclaim.yaml

# Now the PrefixClaim has the wrong mask!
kubectl get px,pxc
NAME                                   PREFIX       READY   ID    URL
prefix.netbox.dev/prefixclaim-sample   2.0.4.0/24   True    104   http://netbox.default.svc.cluster.local/ipam/prefixes/104

NAME                                        PREFIX       READY   PREFIXASSIGNED
prefixclaim.netbox.dev/prefixclaim-sample   2.0.4.0/24   True    True

# Or more detailed (shortened):
kubectl get pxc prefixclaim-sample -oyaml
apiVersion: netbox.dev/v1
kind: PrefixClaim
metadata:
  name: prefixclaim-sample
  namespace: default
spec:
  parentPrefix: 2.0.0.0/16
  prefixLength: /28
  preserveInNetbox: true
status:
  conditions:
  - lastTransitionTime: "2024-10-01T10:40:35Z"
    message: New prefix fetched from NetBox and prefix CR was created
    reason: PrefixCRCreated
    status: "True"
    type: PrefixAssigned
  - lastTransitionTime: "2024-10-01T10:40:36Z"
    message: PrefixClaim Resource is ready
    reason: PrefixClaimResourceReady
    status: "True"
    type: Ready
  prefix: 2.0.4.0/24

Netbox operator version

docker pull ghcr.io/netbox-community/netbox-operator:sha-d3d6f7e

Netbox operator configuration (command line flags or environment variables)

No response

Relevant log output

No response

Anything else we need to know?

No response
@jstudler jstudler added the bug Something isn't working label Oct 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jstudler