Let the VM controller only delete VMIs once
If a VMI is already marked for deleteion, the VM controller is not allowed to delete the VMI again. If it does we can end up in a rythm where the vmi controller is always behind the latest modification of the object and can never remove our finalizer once the vmi pod is gone.

If a VMI is already marked for deleteion, the VM controller is not allowed to delete the VMI again. If it does we can end up in a rythm where the vmi controller is always behind the latest modification of the object and can never remove our finalizer once the vmi pod is gone.
Merge pull request #1231 from rmohr/fix-vm-vmi-controller-starving
Let the VM controller only delete VMIs once
rmohr
diff --git a/pkg/util/net/dns/sanitize.go b/pkg/util/net/dns/sanitize.go
@@ -0,0 +1,44 @@
+/*
+ * This file is part of the KubeVirt project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Copyright 2018 Red Hat, Inc.
+ *
+ */
+
+package dns
+
+import (
+	"strings"
+
+	"k8s.io/apimachinery/pkg/util/validation"
+
+	"kubevirt.io/kubevirt/pkg/api/v1"
+)
+
+// Sanitize hostname according to DNS label rules
+// If the hostname is taken from vmi.Spec.Hostname
+// then it already passed DNS label validations.
+func SanitizeHostname(vmi *v1.VirtualMachineInstance) string {
+
+	hostName := strings.Split(vmi.Name, ".")[0]
+	if len(hostName) > validation.DNS1123LabelMaxLength {
+		hostName = hostName[:validation.DNS1123LabelMaxLength]
+	}
+	if vmi.Spec.Hostname != "" {
+		hostName = vmi.Spec.Hostname
+	}
+
+	return hostName
+}
diff --git a/pkg/virt-api/validating-webhook/validating-webhook.go b/pkg/virt-api/validating-webhook/validating-webhook.go
@@ -26,12 +26,14 @@ import (
 	"io/ioutil"
 	"net/http"
 	"regexp"
+	"strings"

 	"k8s.io/apimachinery/pkg/api/resource"

 	v1beta1 "k8s.io/api/admission/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/util/validation"
 	k8sfield "k8s.io/apimachinery/pkg/util/validation/field"

 	"k8s.io/apimachinery/pkg/labels"
@@ -367,6 +369,18 @@ func ValidateVirtualMachineInstanceSpec(field *k8sfield.Path, spec *v1.VirtualMa
 		// We won't process anything over the limit
 		return causes
 	}
+	// Validate hostname according to DNS label rules
+	if spec.Hostname != "" {
+		errors := validation.IsDNS1123Label(spec.Hostname)
+		if len(errors) != 0 {
+			causes = append(causes, metav1.StatusCause{
+				Type: metav1.CauseTypeFieldValueInvalid,
+				Message: fmt.Sprintf("%s does not conform to the kubernetes DNS_LABEL rules : %s",
+					field.Child("hostname").String(), strings.Join(errors, ", ")),
+				Field: field.Child("hostname").String(),
+			})
+		}
+	}

 	// Validate memory size if values are not negative
 	if spec.Domain.Resources.Requests.Memory().Value() < 0 {
diff --git a/pkg/virt-controller/services/template.go b/pkg/virt-controller/services/template.go
@@ -32,6 +32,7 @@ import (
 	"kubevirt.io/kubevirt/pkg/api/v1"
 	"kubevirt.io/kubevirt/pkg/precond"
 	"kubevirt.io/kubevirt/pkg/registry-disk"
+	"kubevirt.io/kubevirt/pkg/util/net/dns"
 )

 const configMapName = "kube-system/kubevirt-config"
@@ -303,10 +304,7 @@ func (t *templateService) RenderLaunchManifest(vmi *v1.VirtualMachineInstance) (

 	containers = append(containers, container)

-	hostName := vmi.Name
-	if vmi.Spec.Hostname != "" {
-		hostName = vmi.Spec.Hostname
-	}
+	hostName := dns.SanitizeHostname(vmi)

 	// TODO use constants for podLabels
 	pod := k8sv1.Pod{
diff --git a/pkg/virt-controller/watch/vm.go b/pkg/virt-controller/watch/vm.go
@@ -295,7 +295,7 @@ func (c *VMController) startVMI(vm *virtv1.VirtualMachine) error {
 }

 func (c *VMController) stopVMI(vm *virtv1.VirtualMachine, vmi *virtv1.VirtualMachineInstance) error {
-	if vmi == nil {
+	if vmi == nil || vmi.DeletionTimestamp != nil {
 		// nothing to do
 		return nil
 	}
diff --git a/pkg/virt-controller/watch/vm_test.go b/pkg/virt-controller/watch/vm_test.go
@@ -167,6 +167,18 @@ var _ = Describe("VirtualMachine", func() {
 			testutils.ExpectEvent(recorder, SuccessfulDeleteVirtualMachineReason)
 		})

+		It("should not delete the VirtualMachineInstance again if it is already marked for deletion", func() {
+			vm, vmi := DefaultVirtualMachine(false)
+			vmi.DeletionTimestamp = now()
+
+			addVirtualMachine(vm)
+			vmiFeeder.Add(vmi)
+
+			vmInterface.EXPECT().Update(gomock.Any()).Times(1).Return(vm, nil)
+
+			controller.Execute()
+		})
+
 		It("should ignore non-matching VMIs", func() {
 			vm, vmi := DefaultVirtualMachine(true)

diff --git a/pkg/virt-launcher/virtwrap/manager.go b/pkg/virt-launcher/virtwrap/manager.go
@@ -39,6 +39,7 @@ import (
 	"kubevirt.io/kubevirt/pkg/ephemeral-disk"
 	"kubevirt.io/kubevirt/pkg/log"
 	"kubevirt.io/kubevirt/pkg/registry-disk"
+	"kubevirt.io/kubevirt/pkg/util/net/dns"
 	"kubevirt.io/kubevirt/pkg/virt-launcher/virtwrap/api"
 	"kubevirt.io/kubevirt/pkg/virt-launcher/virtwrap/cli"
 	domainerrors "kubevirt.io/kubevirt/pkg/virt-launcher/virtwrap/errors"
@@ -85,10 +86,7 @@ func (l *LibvirtDomainManager) preStartHook(vmi *v1.VirtualMachineInstance, doma
 	// generate cloud-init data
 	cloudInitData := cloudinit.GetCloudInitNoCloudSource(vmi)
 	if cloudInitData != nil {
-		hostname := vmi.Name
-		if vmi.Spec.Hostname != "" {
-			hostname = vmi.Spec.Hostname
-		}
+		hostname := dns.SanitizeHostname(vmi)

 		err := cloudinit.GenerateLocalData(vmi.Name, hostname, vmi.Namespace, cloudInitData)
 		if err != nil {
diff --git a/tests/utils.go b/tests/utils.go
@@ -62,6 +62,7 @@ import (
 	"kubevirt.io/kubevirt/pkg/controller"
 	"kubevirt.io/kubevirt/pkg/kubecli"
 	"kubevirt.io/kubevirt/pkg/log"
+	"kubevirt.io/kubevirt/pkg/util/net/dns"
 	"kubevirt.io/kubevirt/pkg/virt-controller/services"
 	"kubevirt.io/kubevirt/pkg/virtctl"
 )
@@ -1184,10 +1185,7 @@ func LoggedInCirrosExpecter(vmi *v1.VirtualMachineInstance) (expect.Expecter, er
 	if err != nil {
 		return nil, err
 	}
-	vmiName := vmi.Name
-	if vmi.Spec.Hostname != "" {
-		vmiName = vmi.Spec.Hostname
-	}
+	hostName := dns.SanitizeHostname(vmi)

 	// Do not login, if we already logged in
 	err = expecter.Send("\n")
@@ -1205,7 +1203,7 @@ func LoggedInCirrosExpecter(vmi *v1.VirtualMachineInstance) (expect.Expecter, er
 		&expect.BSnd{S: "\n"},
 		&expect.BExp{R: "login as 'cirros' user. default password: 'gocubsgo'. use 'sudo' for root."},
 		&expect.BSnd{S: "\n"},
-		&expect.BExp{R: vmiName + " login:"},
+		&expect.BExp{R: hostName + " login:"},
 		&expect.BSnd{S: "cirros\n"},
 		&expect.BExp{R: "Password:"},
 		&expect.BSnd{S: "gocubsgo\n"},