✨Adds a new controller to synchronize labels between BMHs and K Nodes

[Arvinderpal]

Introduces a new controller in CAPM3 to synchronize a specific set of labels placed on a BMH with those on the corresponding Kubernetes Node running on that BMH.

Design Proposal: metal3-io/metal3-docs#149

Example 1: Labels on BMH are added to the K Node

1. Add prefix annotation to Metal3Cluster:

 kubectl annotate metal3cluster test1 metal3.io/metal3-label-sync-prefixes=my-prefix.metal3.io,foo.bar -n=metal3 --overwrite

2. Add labels to BareMetalHost:

kubectl label baremetalhosts node-0 my-prefix.metal3.io/rack=xyz-123 -n=metal3
kubectl label baremetalhosts node-0 foo.bar/xyz=abc -n=metal3

3. You should now see labels show up on the K Node:

kubectl get baremetalhosts --show-labels -n=metal3
kubectl get nodes --show-labels

Example 2: Label changes directly on K Node will be reconciled:

1. Add label directly to node. The label will be removed at the next reconcile cycle:

kubectl label node test1-h4vjt my-prefix.metal3.io/color=blue

2. Delete label from Node. The label will be re-added at next reconcile cycle:

kubectl label node test1-h4vjt my-prefix.metal3.io/rack-

[metal3-io-bot]

Hi @Arvinderpal. Thanks for your PR.

I'm waiting for a metal3-io member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[maelk]

/ok-to-test
Can you please add a condition to not reconcile paused objects ?

[Arvinderpal]

/ok-to-test
Can you please add a condition to not reconcile paused objects ?

@maelk I added the pause check for the BareMetalHost, Cluster and Metal3Cluster. Thanks.

[Arvinderpal]

@dhellmann @maelk @zaneb
This PR is ready for an initial review. PTAL.
I have also updated the description with how to try out this feature.

[maelk]

do you need all those permissions ? I would highly recommend to trim them down

[Arvinderpal]

Yes, you're right. I will only keep the read operations -- they are needed to fetch the kubeconfig of the target cluster.

[maelk]

You should check on the presence of the annotation, not on the value. There might be other values set by the user (or empty string) so we should not care for it when checking for pause (like in capi)

[Arvinderpal]

Done.

[Arvinderpal]

@maelk Thanks for the review. Please take another look.

[Arvinderpal]

Yes, you're right. I will only keep the read operations -- they are needed to fetch the kubeconfig of the target cluster.

[Arvinderpal]

Done.

[Arvinderpal]

@dhellmann @zaneb PTAL.
Much appreciated.

[digambar15]

Hey, @Arvinderpal Can you fix unit test issues ? Otherwise this patch looks good.

[Arvinderpal]

/retest

[Arvinderpal]

@fmuyassarov PTAL at this PR.
Also, I can't seem to issue the /retest command. I wonder if you can allow that?

[furkatgofurov7]

Seems you inserted the word inside the code block, and it did not work.

/retest

[fmuyassarov]

Looks good to me, just some nits

[maelk]

One last comment, otherwise looks good to me

[maelk]

I'm wondering if we should rather use "continue" here to not block the reconciliation on one machine. For example a user has scaled out a machine deployment but does not have enough BMH. If that machine is first in the list, it will always return on line 311. Using continue, would allow us to get past that.

[Arvinderpal]

@maelk That's a good point. I had thought about this too and took the more conservative route. In addition to line 311, should we also use continue for 316 and 321?

[maelk]

yes, I think for all exit conditions, we should instead use "continue"

[Arvinderpal]

Done.

[maelk]

what about line 306. There could be situations (though hopefully not frequent) where a machine was created without metal3machine (yet ?). We should probably use continue there too, no ?

[Arvinderpal]

@maelk The if statement above "if m.Spec.InfrastructureRef.Name == nil", should catch the case where Machine exists but Metal3Machine does not. I suppose there is a rare corner case where InfrastructureRef is updated but Metal3Machine is not yet created. I will make the change.

[kashifest]

/lgtm

[Arvinderpal]

@fmuyassarov Can you issue /test-integration? Seems to get ignored when I issue it.

/test-integration

[kashifest]

/test-integration
/test golint

[fmuyassarov]

/lgtm
/cc @maelk @kashifest

[maelk]

@Arvinderpal I have a nit, however, I think it could be good to go as is, and fixed afterwards, as you wish. I will approve the PR and put a hold. if you want to merge it and fix after, that's ok by me, since it's a detail, then jut remove the hold. But if you fix it in this PR, you'll just need another lgtm.
/approve
/hold

[metal3-io-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Arvinderpal, digambar15, maelk

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [maelk]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[maelk]

Hum, my comment is not easily visible, it is regarding lne 306, where we should probably use a continue too.

[Arvinderpal]

/retest

[Arvinderpal]

Can someone kick off /test-integration for me?
I have addressed all the open issues, so we should be in good shape to merge.

[kashifest]

/test-integration

[kashifest]

/lgtm

[Arvinderpal]

@maelk @fmuyassarov PTAL. Should be ready to merge.

[fmuyassarov]

/hold cancel

[fmuyassarov]

/test golint