do a better job of validating IP family of kube-proxy config

[danwinship]

What type of PR is this?

/kind bug
/kind cleanup

What this PR does / why we need it:

spun out of #118408; this centralizes figuring out what mode kube-proxy is running in (single-stack IPv4, single-stack IPv6, dual-stack IPv4-primary or dual-stack IPv6-primary), and then checks that the configuration actually makes sense for that mode.

Alas, we don't want to retroactively make previously-working configurations be broken, so we merely warn rather than erroring out on most errors.

Does this PR introduce a user-facing change?

Kube-proxy will now warn at startup if the configuration seems inconsistent
with respect to IP families. (For example, if you have an IPv4 node IP, but
`--cluster-cidr` is IPv6.)

/sig network
/assign @aojea

[k8s-ci-robot]

This issue is currently awaiting triage.

If a SIG or subproject determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: danwinship

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• cmd/kube-proxy/OWNERS [danwinship]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[thockin]

LTGM - I would take the localmode tweak as a followup or in here (or argue me down) and if 0.0.0.0 works.

oops, gofmt fail.

[k8s-ci-robot]

LGTM label has been added.

Git tree hash: 03fc27b9a595d5d8944b853d2b44b0368d50c519

[thockin]

Does this handle "0.0.0.0:" and ":" correctly? It reads as 4 but accepts on 6, too:

$ cat main.go 
package main

import (
	"fmt"
	"net"
	"os"
)

func main() {
	l, err := net.Listen("tcp", "0.0.0.0:9376")
	if err != nil {
		fmt.Println(err)
		os.Exit(1)
	}
	l.Accept()
	fmt.Println("done")
}

$ go run main.go &
[1] 3125929

$ netcat -6 localhost 9376
done

[1]+  Done                    go run main.go

$ go run main.go &
[1] 3126055

$ netcat -4 localhost 9376
done

[1]+  Done                    go run main.go

[danwinship]

sorry, yes, I addressed that in the update: badBindAddress checks ip.IsUnspecified() now, and considers that acceptable regardless of family; the unit tests check that.

[danwinship]

/retest-required

[aojea]

Kubernetes e2e suite: [It] [sig-cli] Kubectl client Simple pod should contain last line of the log expand_less 23s
{ failed [FAILED] Expected
: failed to create fsnotify watcher: too many open files
to contain substring

/test pull-kubernetes-e2e-gce

[aojea]

/lgtm

[k8s-ci-robot]

LGTM label has been added.

Git tree hash: a3f6223e2717fa56956a1ea195cfda0608ae7aae

[aojea]

Kubernetes e2e suite: [It] [sig-network] HostPort validates that there is no conflict between pods with same hostPort but different hostIP and protocol [LinuxOnly] [Conformance] expand_less 54s
{ failed [FAILED] Told to stop trying after 2.032s.
The phase of Pod e2e-host-exec is Failed which is unexpected.
In [It] at: test/e2e/framework/pod/pod_client.go:104 @ 07/03/23 12:56:06.107

🤔 👀
unrelated to this but I start to see some unexpected tests failing with "pod phases" errors

/test pull-kubernetes-conformance-kind-ga-only-parallel

[aojea]

/hold cancel

[CecileRobertMichon]

@danwinship I just opened #120999

I believe this PR causes kube-proxy to fail to start with Azure single stack IPv6 in v1.28+

This same configuration wasn't causing issues before