virt-api: Refactor, share and use VirtualMachineInstanceSpec defaulting code from VM validation webhook
#9103
Conversation
kubevirt-bot
added
release-note-none
|
Thanks, looks good! /lgtm |
|
@davidvossel @vladikr - This came up during downstream testing of instancetypes where we can't define resource requests at the moment and so always hit this when using hugepages. I think we can workaround this in the validation code here but please let me know if I've missed something here! |
| if vmMemory.IsZero() && spec.Domain.Memory.Guest != nil { | ||
| vmMemory = spec.Domain.Memory.Guest | ||
| vmMemoryField = field.Child("domain", "memory", "guest").String() | ||
| } |
There was a problem hiding this comment.
i wonder if similar sorts of issues like this will bite us again in the future.
Maybe we should be running our defaulter on the templated spec (the logic in vmi mutate function) in the vms-admitter.go before processing the vmi.spec there. would that potentially make sense?
There was a problem hiding this comment.
@davidvossel Yeah very true, I would however like to land the current limited approach for v0.59.0 and backport it to at least fix the hugepages corner case while working on a more complete fix for v0.60.0, I doubt that fix will be backportable tbh. Would that be acceptable in the short term?
Slightly OT but I think this class of issue also highlights the need to drive more devs and testers to use VirtualMachines as their initial starting point in tests etc rather than VirtualMachineInstances. I appreciate some of this is a hangover from how things were previously but packages/tools like libvmi that encourage the use of VirtualMachineInstances and skip VirtualMachine validation are starting to hurt us IMHO. If you agree I can take this up on the ML or some other forum (maybe something at the upcoming summit?) to highlight the need for us to exercise VirtualMachine validation more.
There was a problem hiding this comment.
I doubt that fix will be backportable tbh. Would that be acceptable in the short term?
why wouldn't the systematic fix be backportable?
There was a problem hiding this comment.
I doubt that fix will be backportable tbh. Would that be acceptable in the short term?
why wouldn't the systematic fix be backportable?
Apologies I misunderstood your suggestion, temporarily applying the defaults in the VM validation webhook would be backportable. I thought you were suggesting we apply them in the VM mutation webhook that while possible would be a pretty big behavioural change and likely result in lots of test fallout.
I'll start working on this now but I'd still like to land this ahead of v0.59.0, I can revert it later as part of the eventual fix and backports if it doesn't make it in this week.
|
/area instancetype |
Signed-off-by: Lee Yarwood <lyarwood@redhat.com>
kubevirt-bot
added
size/XL
and removed
lgtm
lyarwood
changed the title
VirtualMachineInstanceSpec defaulting code from VM validation webhook
|
/retest |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: davidvossel The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
kubevirt-bot
added
the
approved
|
/retest |
|
/hold |
kubevirt-bot
added
the
do-not-merge/hold
kubevirt-bot
removed
the
do-not-merge/hold
|
/retest Looks good, thanks! |
|
/retest-required |
|
/cherry-pick release-0.58 |
|
@0xFelix: once the present PR merges, I will cherry-pick it on top of release-0.58 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/cherry-pick release-0.53 |
|
@0xFelix: once the present PR merges, I will cherry-pick it on top of release-0.53 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Commented on the wrong PR... just ignore that. |
|
/retest-required |
|
/retest-required |
|
/retest |
|
/retest-required |
|
/retest-required |
|
/retest-required |
|
/hold |
kubevirt-bot
added
the
do-not-merge/hold
|
/unhold |
kubevirt-bot
removed
the
do-not-merge/hold
|
@lyarwood: The following test failed, say
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
@0xFelix: new pull request created: #9168 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@0xFelix: #9103 failed to apply on top of branch "release-0.53": In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
This reverts commit 48a2ade. Thanks to e7898af [1][2] we now apply defaults to a copy of the VirtualMachineInstanceSpec before running the associated validations in the VirtualMachine validation webhook. This actually resolves the original issue with enabling dedicatedCPUPlacement from instance types [3] as it ensures any guest visible memory is expressed as resources requests before we attempt to validate. As such we can drop the blocking validations from the instance type webhooks and allow `dedicatedCPUPlacement` to be set once again. [1] kubevirt#9103 [2] kubevirt#9102 [3] kubevirt#8867 Signed-off-by: Lee Yarwood <lyarwood@redhat.com>
|
/cherry-pick release-0.59 |
|
@lyarwood: new pull request created: #9172 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
This reverts commit 48a2ade. Thanks to e7898af [1][2] we now apply defaults to a copy of the VirtualMachineInstanceSpec before running the associated validations in the VirtualMachine validation webhook. This actually resolves the original issue with enabling dedicatedCPUPlacement from instance types [3] as it ensures any guest visible memory is expressed as resources requests before we attempt to validate. As such we can drop the blocking validations from the instance type webhooks and allow `dedicatedCPUPlacement` to be set once again. [1] kubevirt#9103 [2] kubevirt#9102 [3] kubevirt#8867 Signed-off-by: Lee Yarwood <lyarwood@redhat.com>
What this PR does / why we need it:
The code responsible for defaulting the
VirtualMachineInstanceSpecof aVirtualMachineInstanceis refactored and moved to a shared location for use by other webhooks such as theVirtualMachinevalidation webhook.This allows the
VirtualMachinevalidation webhook to temporarily apply the same defaults as theVirtualMachineInstancemutation webhook to a copy of theVirtualMachinebeing admitted before validating theVirtualMachineInstanceSpec.This in turn resolves issues #9102 where a valid
VirtualMachinewas rejected because this defaulting had not occurred leading to an invalidVirtualMachineInstanceSpec.Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #9102
Special notes for your reviewer:
Release note: