feat: Enforce quota for instances via Milo project control planes#115
Merged
scotwells merged 1 commit intoMay 27, 2026
Merged
Conversation
Previously, InstanceReconciler wrote ResourceClaim objects against the local deployment cluster via managementCluster.GetClient(). Those claims were never seen by the Milo quota system, leaving every Instance in QuotaGranted=Unknown indefinitely. This change routes claim creation and deletion to the correct Milo project control plane for each instance using a new ProjectQuotaClientManager that builds per-project REST clients by rewriting the host path — mirroring the URL construction already used by the milomulticluster provider. The management-cluster claim watch is replaced with a multicluster Watches call so that grant/denial status changes in project control planes re-trigger instance reconciles. Claims are stamped with a source-cluster label (discovery.clusterName) so each edge controller only reacts to the claims it created. Co-Authored-By: Claude <claude@anthropic.com>
scotwells
merged commit c27ad39
into
feat/federated-deployment-scheduling
9 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Instances were silently bypassing quota enforcement because ResourceClaim objects were being written to the local deployment cluster instead of the Milo project control plane that owns the quota ledger. As a result, the Milo quota system never saw the claims, every Instance remained in
QuotaGranted=Unknownindefinitely, and ResourceClaim objects accumulated in the wrong cluster without any evaluation.This PR fixes quota enforcement end-to-end for instances: claims are now routed to the correct Milo project control plane for each project, the quota system evaluates them, and status changes (granted or denied) flow back to trigger instance reconciles.
Key behaviors:
compute.datumapis.com/source-cluster) so that multiple edge controllers sharing the same project control planes only react to their own claims.QuotaGrantedcondition on instances now reflects real quota decisions from Milo rather than stayingUnknown.discovery.clusterNamefield is required in the server config when running in Milo mode; startup fails fast with a clear error if it is absent.Test plan
discovery.clusterNameand confirm instances transition out ofQuotaGranted=Unknowndiscovery.clusterNameset and confirm startup fails with a descriptive errorgo test ./...