Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Network regex validation for powervs cluster #2145

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Network regex validation for powervs cluster #2145

wants to merge 1 commit into from

Conversation

carmal891
Copy link
Contributor

What this PR does / why we need it:

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #1994

Special notes for your reviewer:

/area provider/ibmcloud

  1. Please confirm that if this PR changes any image versions, then that's the sole change this PR makes.

Release note:

@k8s-ci-robot k8s-ci-robot added the area/provider/ibmcloud Issues or PRs related to ibmcloud provider label Jan 27, 2025
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: carmal891
Once this PR has been reviewed and has the lgtm label, please assign mkumatag for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jan 27, 2025
@k8s-ci-robot
Copy link
Contributor

Hi @carmal891. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Jan 27, 2025
@netlify Netlify
Copy link

netlify bot commented Jan 27, 2025
edited
Loading

Deploy Preview for kubernetes-sigs-cluster-api-ibmcloud ready!

Name Link
🔨 Latest commit 3aced86
🔍 Latest deploy log https://app.netlify.com/sites/kubernetes-sigs-cluster-api-ibmcloud/deploys/6799b1bb2c3bd10008153d3f
😎 Deploy Preview https://deploy-preview-2145--kubernetes-sigs-cluster-api-ibmcloud.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@carmal891
Copy link
Contributor Author

@Karthik-K-N As discussed, set the network regex validation only for powervs cluster for now. We can further triage the any additional changes required

@Amulyam24
Copy link
Contributor

/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jan 27, 2025
@carmal891 carmal891 force-pushed the feat/powervs-with-regex-support-1994 branch from 766b208 to 646cb79 Compare January 27, 2025 12:33
Karthik-K-N
Karthik-K-N reviewed Jan 27, 2025
View reviewed changes
api/v1beta2/ibmpowervscluster_webhook.go Outdated Show resolved Hide resolved
api/v1beta2/ibmpowervscluster_webhook.go Outdated Show resolved Hide resolved
api/v1beta2/ibmpowervscluster_webhook.go Outdated Show resolved Hide resolved
api/v1beta2/ibmpowervscluster_webhook_test.go Show resolved Hide resolved
@carmal891 carmal891 force-pushed the feat/powervs-with-regex-support-1994 branch from 646cb79 to 3aced86 Compare January 29, 2025 04:42
@carmal891 carmal891 requested a review from Karthik-K-N January 29, 2025 04:43
Amulyam24
Amulyam24 reviewed Jan 30, 2025
View reviewed changes
Copy link
Contributor

@Amulyam24 Amulyam24 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Karthik-K-N, I'm not quite sure if this validation makes sense in all scenarios.

IMO using regex is ideal when a resource exists but how will this validation help when DHCP server name is not set and it will end up creating a new DHCP server with name in format DHCPSERVER<dhcp_server_name>_Private later in the flow. Isn't the main aim to check if the network regex matches the format?

cc @dharaneeshvrd

@Karthik-K-N
Copy link
Contributor

@Karthik-K-N, I'm not quite sure if this validation makes sense in all scenarios.

IMO using regex is ideal when a resource exists but how will this validation help when DHCP server name is not set and it will end up creating a new DHCP server with name in format DHCPSERVER<dhcp_server_name>_Private later in the flow. Isn't the main aim to check if the network regex matches the format?

cc @dharaneeshvrd

Correct, But currently there is no way to identify whether the network exist or not only from spec.

What we are trying to solve here is not allowing user to configure invalid network regex,

For example:

Say cluster name is powervs-cluster, spec.DHCPSserver not set , the network is set to RegEx say *.abc.$ and network does not exist,
The controller will create a network with DHCPSERVERpowervs-cluster_Private and set the network id in status, The next reconcilation continues by fetching network id from status.
The problem here is we are not at all caring what set in spec.Regex and if someone sees spec and actual resource created both are not at all related.

I think RegEx was introduced when we didn't what will be the DHCP created subnet name format. But now we have clear idea.

Should we support RegEx? or mark it as not supported?
@dharaneeshvrd @Prajyot-Parab whats your thought.

@dharaneeshvrd
Copy link
Contributor

dharaneeshvrd commented Jan 30, 2025
edited
Loading

The same case will apply to network Name as well, when network name is given and network is not present, DHCP server that get's created will have either DHCP server name or cluster name not the network name.
I think we have to decide on the priority. We have already discussed about this issue here. Once we decide on the priority and what will happen in each case(created an issue for this here), we can allow regex too. And we can document it in API description I believe.
Since we are going to allow non DHCP network also, we have to consider that situation too before removing the support for regex IMO.

@Prajyot-Parab
Copy link
Contributor

IMO

  1. we should create new resources only if name is set
  • If present fetch and use it
  • If not present, create resource using that name
  1. we should avoid creating new resources when either of ID or regex is set (Their sole purpose should be to retrieve existing resources if present and not create anything), just throw error if not present.
  2. If all three are not set -> name, id, regex, then use default value set for name of that particular resource and use that for creation.

@Karthik-K-N
Copy link
Contributor

IMO

1. we should create new resources only if name is set


* If present fetch and use it

* If not present, create resource using that name


2. we should avoid creating new resources when either of ID or regex is set (Their sole purpose should be to retrieve existing  resources if present and not create anything), just throw error if not present.

3. If all three are not set -> name, id, regex, then use default value set for name of that particular resource and use that for creation.

Yeah, I think this should be the behavior, We created #1726 to handle these scenarios.
@Amulyam24 whats your thought.

@Amulyam24
Copy link
Contributor

IMO

1. we should create new resources only if name is set


* If present fetch and use it

* If not present, create resource using that name


2. we should avoid creating new resources when either of ID or regex is set (Their sole purpose should be to retrieve existing  resources if present and not create anything), just throw error if not present.

3. If all three are not set -> name, id, regex, then use default value set for name of that particular resource and use that for creation.

Yeah, I think this should be the behavior, We created #1726 to handle these scenarios. @Amulyam24 whats your thought.

I agree. This makes sense and seems like the best way to handle new and existing resources.

Regex should only be considered when the resource already exists.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Amulyam24 Amulyam24 Amulyam24 left review comments

@Prajyot-Parab Prajyot-Parab Awaiting requested review from Prajyot-Parab

@Karthik-K-N Karthik-K-N Awaiting requested review from Karthik-K-N

Assignees
No one assigned
Labels
area/provider/ibmcloud Issues or PRs related to ibmcloud provider cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support fetching Power VS network with regular expression
6 participants
@carmal891 @k8s-ci-robot @Amulyam24 @Karthik-K-N @dharaneeshvrd @Prajyot-Parab