From 245454855dfc34b633db3a8b87a79bb5ecd18917 Mon Sep 17 00:00:00 2001
From: Lihai Tu <92532497+tu1h@users.noreply.github.com>
Date: Tue, 30 Apr 2024 18:46:30 +0800
Subject: [PATCH] Add additional checking for calico rr cluster_id (#11112)

Signed-off-by: tu1h <lihai.tu@daocloud.io>
---
 roles/network_plugin/calico/tasks/check.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/network_plugin/calico/tasks/check.yml b/roles/network_plugin/calico/tasks/check.yml
index de67b154e..95dcfa673 100644
--- a/roles/network_plugin/calico/tasks/check.yml
+++ b/roles/network_plugin/calico/tasks/check.yml
@@ -82,11 +82,12 @@
           Minimum version is {{ calico_min_version_required }} supported by the previous kubespray release.
           But current version is {{ calico_version_on_server.stdout }}.
 
-- name: "Check that cluster_id is set if calico_rr enabled"
+- name: "Check that cluster_id is set and a valid IPv4 address if calico_rr enabled"
   assert:
     that:
       - cluster_id is defined
-    msg: "A unique cluster_id is required if using calico_rr"
+      - cluster_id is ansible.utils.ipv4
+    msg: "A unique cluster_id is required if using calico_rr, and it must be a valid IPv4 address"
   when:
     - peer_with_calico_rr
     - inventory_hostname == groups['kube_control_plane'][0]
-- 
GitLab