Rancher accepts negative values in cluster creation dialogue

[gaktive]

Internal reference: SURE-9603
Reported in 2.10.1

Issue description:
You can enter a negative value or zero in cpu/memory/disk fields of cluster creation dialogue which can lead to DOS of Rancher application. This is not possible in 2.8.x, but 2.9.x and 2.10.x are missing input validation.

Business impact:
By entering negative/zero values in cluster creation, Rancher application can become unavailable.

Troubleshooting steps:
Support reproduced with Harvester. In cluster management, create a cluster and enter values in cpu/memory/disk. If negative value is entered in machine count, the Harvester mutation webhook catches it and Rancher reports an error (see screenshots). In other cases it starts creating pods in fleet-default that error out with:

# kubectl logs -n fleet-default broken-pool1-c7qqw-n7q97-machine-provision-4r9cv
Downloading driver from https://192.168.153.1.sslip.io/assets/docker-machine-driver-harvester
Doing /etc/rancher/ssl
docker-machine-driver-harvester
docker-machine-driver-harvester: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, stripped
Trying to access option  which does not exist
THIS ***WILL*** CAUSE UNEXPECTED BEHAVIOR
Type assertion did not go smoothly to string for key
error setting machine configuration from flags provided: must specify disk size in harvester disk info 

This goes on until Rancher is not available. Support reported also crashes of the Rancher pods

Repro steps:

• Cluster Management > Create
• Pick Harvester
• Enter negative values in cpu/memory/disk

Workaround:
None

Actual behavior:
It is possible to enter zero or negative values in cluster creation fields

Expected behavior:
It is not possible to enter zero or negative values in cluster creation fields

Additional notes:
Interrupt able to reproduce this issue in both harvester and digital ocean clusters.

[gaktive]

/backport v2.11.1

[richard-cox]

Linking #13333