path: root/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net
diff options
Diffstat (limited to 'kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net')
7 files changed, 870 insertions, 0 deletions
diff --git a/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/http.go b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/http.go
new file mode 100644
index 0000000..582fb9a
--- /dev/null
+++ b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/http.go
@@ -0,0 +1,235 @@
+Copyright 2016 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+See the License for the specific language governing permissions and
+limitations under the License.
+package net
+import (
+ "crypto/tls"
+ "fmt"
+ "io"
+ "net"
+ "net/http"
+ "net/url"
+ "os"
+ "strconv"
+ "strings"
+ "github.com/golang/glog"
+ "golang.org/x/net/http2"
+// IsProbableEOF returns true if the given error resembles a connection termination
+// scenario that would justify assuming that the watch is empty.
+// These errors are what the Go http stack returns back to us which are general
+// connection closure errors (strongly correlated) and callers that need to
+// differentiate probable errors in connection behavior between normal "this is
+// disconnected" should use the method.
+func IsProbableEOF(err error) bool {
+ if uerr, ok := err.(*url.Error); ok {
+ err = uerr.Err
+ }
+ switch {
+ case err == io.EOF:
+ return true
+ case err.Error() == "http: can't write HTTP request on broken connection":
+ return true
+ case strings.Contains(err.Error(), "connection reset by peer"):
+ return true
+ case strings.Contains(strings.ToLower(err.Error()), "use of closed network connection"):
+ return true
+ }
+ return false
+var defaultTransport = http.DefaultTransport.(*http.Transport)
+// SetOldTransportDefaults applies the defaults from http.DefaultTransport
+// for the Proxy, Dial, and TLSHandshakeTimeout fields if unset
+func SetOldTransportDefaults(t *http.Transport) *http.Transport {
+ if t.Proxy == nil || isDefault(t.Proxy) {
+ // http.ProxyFromEnvironment doesn't respect CIDRs and that makes it impossible to exclude things like pod and service IPs from proxy settings
+ // ProxierWithNoProxyCIDR allows CIDR rules in NO_PROXY
+ t.Proxy = NewProxierWithNoProxyCIDR(http.ProxyFromEnvironment)
+ }
+ if t.Dial == nil {
+ t.Dial = defaultTransport.Dial
+ }
+ if t.TLSHandshakeTimeout == 0 {
+ t.TLSHandshakeTimeout = defaultTransport.TLSHandshakeTimeout
+ }
+ return t
+// SetTransportDefaults applies the defaults from http.DefaultTransport
+// for the Proxy, Dial, and TLSHandshakeTimeout fields if unset
+func SetTransportDefaults(t *http.Transport) *http.Transport {
+ t = SetOldTransportDefaults(t)
+ // Allow clients to disable http2 if needed.
+ if s := os.Getenv("DISABLE_HTTP2"); len(s) > 0 {
+ glog.Infof("HTTP2 has been explicitly disabled")
+ } else {
+ if err := http2.ConfigureTransport(t); err != nil {
+ glog.Warningf("Transport failed http2 configuration: %v", err)
+ }
+ }
+ return t
+type RoundTripperWrapper interface {
+ http.RoundTripper
+ WrappedRoundTripper() http.RoundTripper
+type DialFunc func(net, addr string) (net.Conn, error)
+func Dialer(transport http.RoundTripper) (DialFunc, error) {
+ if transport == nil {
+ return nil, nil
+ }
+ switch transport := transport.(type) {
+ case *http.Transport:
+ return transport.Dial, nil
+ case RoundTripperWrapper:
+ return Dialer(transport.WrappedRoundTripper())
+ default:
+ return nil, fmt.Errorf("unknown transport type: %v", transport)
+ }
+func TLSClientConfig(transport http.RoundTripper) (*tls.Config, error) {
+ if transport == nil {
+ return nil, nil
+ }
+ switch transport := transport.(type) {
+ case *http.Transport:
+ return transport.TLSClientConfig, nil
+ case RoundTripperWrapper:
+ return TLSClientConfig(transport.WrappedRoundTripper())
+ default:
+ return nil, fmt.Errorf("unknown transport type: %v", transport)
+ }
+func FormatURL(scheme string, host string, port int, path string) *url.URL {
+ return &url.URL{
+ Scheme: scheme,
+ Host: net.JoinHostPort(host, strconv.Itoa(port)),
+ Path: path,
+ }
+func GetHTTPClient(req *http.Request) string {
+ if userAgent, ok := req.Header["User-Agent"]; ok {
+ if len(userAgent) > 0 {
+ return userAgent[0]
+ }
+ }
+ return "unknown"
+// Extracts and returns the clients IP from the given request.
+// Looks at X-Forwarded-For header, X-Real-Ip header and request.RemoteAddr in that order.
+// Returns nil if none of them are set or is set to an invalid value.
+func GetClientIP(req *http.Request) net.IP {
+ hdr := req.Header
+ // First check the X-Forwarded-For header for requests via proxy.
+ hdrForwardedFor := hdr.Get("X-Forwarded-For")
+ if hdrForwardedFor != "" {
+ // X-Forwarded-For can be a csv of IPs in case of multiple proxies.
+ // Use the first valid one.
+ parts := strings.Split(hdrForwardedFor, ",")
+ for _, part := range parts {
+ ip := net.ParseIP(strings.TrimSpace(part))
+ if ip != nil {
+ return ip
+ }
+ }
+ }
+ // Try the X-Real-Ip header.
+ hdrRealIp := hdr.Get("X-Real-Ip")
+ if hdrRealIp != "" {
+ ip := net.ParseIP(hdrRealIp)
+ if ip != nil {
+ return ip
+ }
+ }
+ // Fallback to Remote Address in request, which will give the correct client IP when there is no proxy.
+ // Remote Address in Go's HTTP server is in the form host:port so we need to split that first.
+ host, _, err := net.SplitHostPort(req.RemoteAddr)
+ if err == nil {
+ return net.ParseIP(host)
+ }
+ // Fallback if Remote Address was just IP.
+ return net.ParseIP(req.RemoteAddr)
+var defaultProxyFuncPointer = fmt.Sprintf("%p", http.ProxyFromEnvironment)
+// isDefault checks to see if the transportProxierFunc is pointing to the default one
+func isDefault(transportProxier func(*http.Request) (*url.URL, error)) bool {
+ transportProxierPointer := fmt.Sprintf("%p", transportProxier)
+ return transportProxierPointer == defaultProxyFuncPointer
+// NewProxierWithNoProxyCIDR constructs a Proxier function that respects CIDRs in NO_PROXY and delegates if
+// no matching CIDRs are found
+func NewProxierWithNoProxyCIDR(delegate func(req *http.Request) (*url.URL, error)) func(req *http.Request) (*url.URL, error) {
+ // we wrap the default method, so we only need to perform our check if the NO_PROXY envvar has a CIDR in it
+ noProxyEnv := os.Getenv("NO_PROXY")
+ noProxyRules := strings.Split(noProxyEnv, ",")
+ cidrs := []*net.IPNet{}
+ for _, noProxyRule := range noProxyRules {
+ _, cidr, _ := net.ParseCIDR(noProxyRule)
+ if cidr != nil {
+ cidrs = append(cidrs, cidr)
+ }
+ }
+ if len(cidrs) == 0 {
+ return delegate
+ }
+ return func(req *http.Request) (*url.URL, error) {
+ host := req.URL.Host
+ // for some urls, the Host is already the host, not the host:port
+ if net.ParseIP(host) == nil {
+ var err error
+ host, _, err = net.SplitHostPort(req.URL.Host)
+ if err != nil {
+ return delegate(req)
+ }
+ }
+ ip := net.ParseIP(host)
+ if ip == nil {
+ return delegate(req)
+ }
+ for _, cidr := range cidrs {
+ if cidr.Contains(ip) {
+ return nil, nil
+ }
+ }
+ return delegate(req)
+ }
diff --git a/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/interface.go b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/interface.go
new file mode 100644
index 0000000..a1e53d2
--- /dev/null
+++ b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/interface.go
@@ -0,0 +1,278 @@
+Copyright 2016 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+See the License for the specific language governing permissions and
+limitations under the License.
+package net
+import (
+ "bufio"
+ "encoding/hex"
+ "fmt"
+ "io"
+ "net"
+ "os"
+ "strings"
+ "github.com/golang/glog"
+type Route struct {
+ Interface string
+ Destination net.IP
+ Gateway net.IP
+ // TODO: add more fields here if needed
+func getRoutes(input io.Reader) ([]Route, error) {
+ routes := []Route{}
+ if input == nil {
+ return nil, fmt.Errorf("input is nil")
+ }
+ scanner := bufio.NewReader(input)
+ for {
+ line, err := scanner.ReadString('\n')
+ if err == io.EOF {
+ break
+ }
+ //ignore the headers in the route info
+ if strings.HasPrefix(line, "Iface") {
+ continue
+ }
+ fields := strings.Fields(line)
+ routes = append(routes, Route{})
+ route := &routes[len(routes)-1]
+ route.Interface = fields[0]
+ ip, err := parseIP(fields[1])
+ if err != nil {
+ return nil, err
+ }
+ route.Destination = ip
+ ip, err = parseIP(fields[2])
+ if err != nil {
+ return nil, err
+ }
+ route.Gateway = ip
+ }
+ return routes, nil
+func parseIP(str string) (net.IP, error) {
+ if str == "" {
+ return nil, fmt.Errorf("input is nil")
+ }
+ bytes, err := hex.DecodeString(str)
+ if err != nil {
+ return nil, err
+ }
+ //TODO add ipv6 support
+ if len(bytes) != net.IPv4len {
+ return nil, fmt.Errorf("only IPv4 is supported")
+ }
+ bytes[0], bytes[1], bytes[2], bytes[3] = bytes[3], bytes[2], bytes[1], bytes[0]
+ return net.IP(bytes), nil
+func isInterfaceUp(intf *net.Interface) bool {
+ if intf == nil {
+ return false
+ }
+ if intf.Flags&net.FlagUp != 0 {
+ glog.V(4).Infof("Interface %v is up", intf.Name)
+ return true
+ }
+ return false
+//getFinalIP method receives all the IP addrs of a Interface
+//and returns a nil if the address is Loopback, Ipv6, link-local or nil.
+//It returns a valid IPv4 if an Ipv4 address is found in the array.
+func getFinalIP(addrs []net.Addr) (net.IP, error) {
+ if len(addrs) > 0 {
+ for i := range addrs {
+ glog.V(4).Infof("Checking addr %s.", addrs[i].String())
+ ip, _, err := net.ParseCIDR(addrs[i].String())
+ if err != nil {
+ return nil, err
+ }
+ //Only IPv4
+ //TODO : add IPv6 support
+ if ip.To4() != nil {
+ if !ip.IsLoopback() && !ip.IsLinkLocalMulticast() && !ip.IsLinkLocalUnicast() {
+ glog.V(4).Infof("IP found %v", ip)
+ return ip, nil
+ } else {
+ glog.V(4).Infof("Loopback/link-local found %v", ip)
+ }
+ } else {
+ glog.V(4).Infof("%v is not a valid IPv4 address", ip)
+ }
+ }
+ }
+ return nil, nil
+func getIPFromInterface(intfName string, nw networkInterfacer) (net.IP, error) {
+ intf, err := nw.InterfaceByName(intfName)
+ if err != nil {
+ return nil, err
+ }
+ if isInterfaceUp(intf) {
+ addrs, err := nw.Addrs(intf)
+ if err != nil {
+ return nil, err
+ }
+ glog.V(4).Infof("Interface %q has %d addresses :%v.", intfName, len(addrs), addrs)
+ finalIP, err := getFinalIP(addrs)
+ if err != nil {
+ return nil, err
+ }
+ if finalIP != nil {
+ glog.V(4).Infof("valid IPv4 address for interface %q found as %v.", intfName, finalIP)
+ return finalIP, nil
+ }
+ }
+ return nil, nil
+func flagsSet(flags net.Flags, test net.Flags) bool {
+ return flags&test != 0
+func flagsClear(flags net.Flags, test net.Flags) bool {
+ return flags&test == 0
+func chooseHostInterfaceNativeGo() (net.IP, error) {
+ intfs, err := net.Interfaces()
+ if err != nil {
+ return nil, err
+ }
+ i := 0
+ var ip net.IP
+ for i = range intfs {
+ if flagsSet(intfs[i].Flags, net.FlagUp) && flagsClear(intfs[i].Flags, net.FlagLoopback|net.FlagPointToPoint) {
+ addrs, err := intfs[i].Addrs()
+ if err != nil {
+ return nil, err
+ }
+ if len(addrs) > 0 {
+ for _, addr := range addrs {
+ if addrIP, _, err := net.ParseCIDR(addr.String()); err == nil {
+ if addrIP.To4() != nil {
+ ip = addrIP.To4()
+ if !ip.IsLinkLocalMulticast() && !ip.IsLinkLocalUnicast() {
+ break
+ }
+ }
+ }
+ }
+ if ip != nil {
+ // This interface should suffice.
+ break
+ }
+ }
+ }
+ }
+ if ip == nil {
+ return nil, fmt.Errorf("no acceptable interface from host")
+ }
+ glog.V(4).Infof("Choosing interface %s (IP %v) as default", intfs[i].Name, ip)
+ return ip, nil
+//ChooseHostInterface is a method used fetch an IP for a daemon.
+//It uses data from /proc/net/route file.
+//For a node with no internet connection ,it returns error
+//For a multi n/w interface node it returns the IP of the interface with gateway on it.
+func ChooseHostInterface() (net.IP, error) {
+ inFile, err := os.Open("/proc/net/route")
+ if err != nil {
+ if os.IsNotExist(err) {
+ return chooseHostInterfaceNativeGo()
+ }
+ return nil, err
+ }
+ defer inFile.Close()
+ var nw networkInterfacer = networkInterface{}
+ return chooseHostInterfaceFromRoute(inFile, nw)
+type networkInterfacer interface {
+ InterfaceByName(intfName string) (*net.Interface, error)
+ Addrs(intf *net.Interface) ([]net.Addr, error)
+type networkInterface struct{}
+func (_ networkInterface) InterfaceByName(intfName string) (*net.Interface, error) {
+ intf, err := net.InterfaceByName(intfName)
+ if err != nil {
+ return nil, err
+ }
+ return intf, nil
+func (_ networkInterface) Addrs(intf *net.Interface) ([]net.Addr, error) {
+ addrs, err := intf.Addrs()
+ if err != nil {
+ return nil, err
+ }
+ return addrs, nil
+func chooseHostInterfaceFromRoute(inFile io.Reader, nw networkInterfacer) (net.IP, error) {
+ routes, err := getRoutes(inFile)
+ if err != nil {
+ return nil, err
+ }
+ zero := net.IP{0, 0, 0, 0}
+ var finalIP net.IP
+ for i := range routes {
+ //find interface with gateway
+ if routes[i].Destination.Equal(zero) {
+ glog.V(4).Infof("Default route transits interface %q", routes[i].Interface)
+ finalIP, err := getIPFromInterface(routes[i].Interface, nw)
+ if err != nil {
+ return nil, err
+ }
+ if finalIP != nil {
+ glog.V(4).Infof("Choosing IP %v ", finalIP)
+ return finalIP, nil
+ }
+ }
+ }
+ glog.V(4).Infof("No valid IP found")
+ if finalIP == nil {
+ return nil, fmt.Errorf("Unable to select an IP.")
+ }
+ return nil, nil
+// If bind-address is usable, return it directly
+// If bind-address is not usable (unset,, or loopback), we will use the host's default
+// interface.
+func ChooseBindAddress(bindAddress net.IP) (net.IP, error) {
+ if bindAddress == nil || bindAddress.IsUnspecified() || bindAddress.IsLoopback() {
+ hostIP, err := ChooseHostInterface()
+ if err != nil {
+ return nil, err
+ }
+ bindAddress = hostIP
+ }
+ return bindAddress, nil
diff --git a/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/port_range.go b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/port_range.go
new file mode 100644
index 0000000..6afdbf2
--- /dev/null
+++ b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/port_range.go
@@ -0,0 +1,108 @@
+Copyright 2015 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+See the License for the specific language governing permissions and
+limitations under the License.
+package net
+import (
+ "fmt"
+ "strconv"
+ "strings"
+// PortRange represents a range of TCP/UDP ports. To represent a single port,
+// set Size to 1.
+type PortRange struct {
+ Base int
+ Size int
+// Contains tests whether a given port falls within the PortRange.
+func (pr *PortRange) Contains(p int) bool {
+ return (p >= pr.Base) && ((p - pr.Base) < pr.Size)
+// String converts the PortRange to a string representation, which can be
+// parsed by PortRange.Set or ParsePortRange.
+func (pr PortRange) String() string {
+ if pr.Size == 0 {
+ return ""
+ }
+ return fmt.Sprintf("%d-%d", pr.Base, pr.Base+pr.Size-1)
+// Set parses a string of the form "min-max", inclusive at both ends, and
+// sets the PortRange from it. This is part of the flag.Value and pflag.Value
+// interfaces.
+func (pr *PortRange) Set(value string) error {
+ value = strings.TrimSpace(value)
+ // TODO: Accept "80" syntax
+ // TODO: Accept "80+8" syntax
+ if value == "" {
+ pr.Base = 0
+ pr.Size = 0
+ return nil
+ }
+ hyphenIndex := strings.Index(value, "-")
+ if hyphenIndex == -1 {
+ return fmt.Errorf("expected hyphen in port range")
+ }
+ var err error
+ var low int
+ var high int
+ low, err = strconv.Atoi(value[:hyphenIndex])
+ if err == nil {
+ high, err = strconv.Atoi(value[hyphenIndex+1:])
+ }
+ if err != nil {
+ return fmt.Errorf("unable to parse port range: %s", value)
+ }
+ if high < low {
+ return fmt.Errorf("end port cannot be less than start port: %s", value)
+ }
+ pr.Base = low
+ pr.Size = 1 + high - low
+ return nil
+// Type returns a descriptive string about this type. This is part of the
+// pflag.Value interface.
+func (*PortRange) Type() string {
+ return "portRange"
+// ParsePortRange parses a string of the form "min-max", inclusive at both
+// ends, and initializs a new PortRange from it.
+func ParsePortRange(value string) (*PortRange, error) {
+ pr := &PortRange{}
+ err := pr.Set(value)
+ if err != nil {
+ return nil, err
+ }
+ return pr, nil
+func ParsePortRangeOrDie(value string) *PortRange {
+ pr, err := ParsePortRange(value)
+ if err != nil {
+ panic(fmt.Sprintf("couldn't parse port range %q: %v", value, err))
+ }
+ return pr
diff --git a/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/port_split.go b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/port_split.go
new file mode 100644
index 0000000..29c985e
--- /dev/null
+++ b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/port_split.go
@@ -0,0 +1,77 @@
+Copyright 2015 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+See the License for the specific language governing permissions and
+limitations under the License.
+package net
+import (
+ "strings"
+ "k8s.io/kubernetes/pkg/util/sets"
+var validSchemes = sets.NewString("http", "https", "")
+// SplitSchemeNamePort takes a string of the following forms:
+// * "<name>", returns "", "<name>","", true
+// * "<name>:<port>", returns "", "<name>","<port>",true
+// * "<scheme>:<name>:<port>", returns "<scheme>","<name>","<port>",true
+// Name must be non-empty or valid will be returned false.
+// Scheme must be "http" or "https" if specified
+// Port is returned as a string, and it is not required to be numeric (could be
+// used for a named port, for example).
+func SplitSchemeNamePort(id string) (scheme, name, port string, valid bool) {
+ parts := strings.Split(id, ":")
+ switch len(parts) {
+ case 1:
+ name = parts[0]
+ case 2:
+ name = parts[0]
+ port = parts[1]
+ case 3:
+ scheme = parts[0]
+ name = parts[1]
+ port = parts[2]
+ default:
+ return "", "", "", false
+ }
+ if len(name) > 0 && validSchemes.Has(scheme) {
+ return scheme, name, port, true
+ } else {
+ return "", "", "", false
+ }
+// JoinSchemeNamePort returns a string that specifies the scheme, name, and port:
+// * "<name>"
+// * "<name>:<port>"
+// * "<scheme>:<name>:<port>"
+// None of the parameters may contain a ':' character
+// Name is required
+// Scheme must be "", "http", or "https"
+func JoinSchemeNamePort(scheme, name, port string) string {
+ if len(scheme) > 0 {
+ // Must include three segments to specify scheme
+ return scheme + ":" + name + ":" + port
+ }
+ if len(port) > 0 {
+ // Must include two segments to specify port
+ return name + ":" + port
+ }
+ // Return name alone
+ return name
diff --git a/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/sets/README.md b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/sets/README.md
new file mode 100644
index 0000000..b0f238a
--- /dev/null
+++ b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/sets/README.md
@@ -0,0 +1,17 @@
+This package contains hand-coded set implementations that should be similar to
+the autogenerated ones in `pkg/util/sets`.
+We can't simply use net.IPNet as a map-key in Go (because it contains a
+We could use the same workaround we use here (a string representation as the
+key) to autogenerate sets. If we do that, or decide on an alternate approach,
+we should replace the implementations in this package with the autogenerated
+It is expected that callers will alias this import as `netsets`
+i.e. `import netsets "k8s.io/kubernetes/pkg/util/net/sets"`
diff --git a/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/sets/ipnet.go b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/sets/ipnet.go
new file mode 100644
index 0000000..5b6fe93
--- /dev/null
+++ b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/sets/ipnet.go
@@ -0,0 +1,119 @@
+Copyright 2016 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+See the License for the specific language governing permissions and
+limitations under the License.
+package sets
+import (
+ "net"
+ "strings"
+type IPNet map[string]*net.IPNet
+func ParseIPNets(specs ...string) (IPNet, error) {
+ ipnetset := make(IPNet)
+ for _, spec := range specs {
+ spec = strings.TrimSpace(spec)
+ _, ipnet, err := net.ParseCIDR(spec)
+ if err != nil {
+ return nil, err
+ }
+ k := ipnet.String() // In case of normalization
+ ipnetset[k] = ipnet
+ }
+ return ipnetset, nil
+// Insert adds items to the set.
+func (s IPNet) Insert(items ...*net.IPNet) {
+ for _, item := range items {
+ s[item.String()] = item
+ }
+// Delete removes all items from the set.
+func (s IPNet) Delete(items ...*net.IPNet) {
+ for _, item := range items {
+ delete(s, item.String())
+ }
+// Has returns true if and only if item is contained in the set.
+func (s IPNet) Has(item *net.IPNet) bool {
+ _, contained := s[item.String()]
+ return contained
+// HasAll returns true if and only if all items are contained in the set.
+func (s IPNet) HasAll(items ...*net.IPNet) bool {
+ for _, item := range items {
+ if !s.Has(item) {
+ return false
+ }
+ }
+ return true
+// Difference returns a set of objects that are not in s2
+// For example:
+// s1 = {a1, a2, a3}
+// s2 = {a1, a2, a4, a5}
+// s1.Difference(s2) = {a3}
+// s2.Difference(s1) = {a4, a5}
+func (s IPNet) Difference(s2 IPNet) IPNet {
+ result := make(IPNet)
+ for k, i := range s {
+ _, found := s2[k]
+ if found {
+ continue
+ }
+ result[k] = i
+ }
+ return result
+// StringSlice returns a []string with the String representation of each element in the set.
+// Order is undefined.
+func (s IPNet) StringSlice() []string {
+ a := make([]string, 0, len(s))
+ for k := range s {
+ a = append(a, k)
+ }
+ return a
+// IsSuperset returns true if and only if s1 is a superset of s2.
+func (s1 IPNet) IsSuperset(s2 IPNet) bool {
+ for k := range s2 {
+ _, found := s1[k]
+ if !found {
+ return false
+ }
+ }
+ return true
+// Equal returns true if and only if s1 is equal (as a set) to s2.
+// Two sets are equal if their membership is identical.
+// (In practice, this means same elements, order doesn't matter)
+func (s1 IPNet) Equal(s2 IPNet) bool {
+ return len(s1) == len(s2) && s1.IsSuperset(s2)
+// Len returns the size of the set.
+func (s IPNet) Len() int {
+ return len(s)
diff --git a/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/util.go b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/util.go
new file mode 100644
index 0000000..1348f4d
--- /dev/null
+++ b/kube2msb/src/vendor/k8s.io/kubernetes/pkg/util/net/util.go
@@ -0,0 +1,36 @@
+Copyright 2016 The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+ http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+See the License for the specific language governing permissions and
+limitations under the License.
+package net
+import (
+ "net"
+ "reflect"
+// IPNetEqual checks if the two input IPNets are representing the same subnet.
+// For example,
+// and are the same subnet.
+// and are not the same subnet.
+func IPNetEqual(ipnet1, ipnet2 *net.IPNet) bool {
+ if ipnet1 == nil || ipnet2 == nil {
+ return false
+ }
+ if reflect.DeepEqual(ipnet1.Mask, ipnet2.Mask) && ipnet1.Contains(ipnet2.IP) && ipnet2.Contains(ipnet1.IP) {
+ return true
+ }
+ return false