Support multiple endpoints for cloudstack preflight check

[wongni]

Issue #, if available:

Description of changes:

Testing (if applicable):

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[eks-distro-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign abhinavmpandey08 after the PR has been reviewed.
You can assign the PR to them by writing /assign @abhinavmpandey08 in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[eks-distro-bot]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[codecov]

Codecov Report

Merging #2404 (bb9a1a2) into main (f95e2fa) will increase coverage by 0.75%.
The diff coverage is 73.77%.

❗ Current head bb9a1a2 differs from pull request most recent head 9cb173f. Consider uploading reports for the commit 9cb173f to get more accurate results

@@            Coverage Diff             @@
##             main    #2404      +/-   ##
==========================================
+ Coverage   56.54%   57.30%   +0.75%     
==========================================
  Files         305      310       +5     
  Lines       24800    25463     +663     
==========================================
+ Hits        14023    14591     +568     
- Misses       9479     9540      +61     
- Partials     1298     1332      +34     

Impacted Files	Coverage Δ
internal/pkg/api/hardware.go	0.00% <0.00%> (ø)
internal/pkg/api/tinkerbell.go	0.00% <0.00%> (ø)
internal/test/envtest/environment.go	8.47% <0.00%> (-0.15%)	⬇️
pkg/api/v1alpha1/cluster_types.go	74.42% <ø> (ø)
...g/api/v1alpha1/tinkerbelldatacenterconfig_types.go	5.26% <ø> (ø)
pkg/api/v1alpha1/tinkerbellmachineconfig_types.go	3.07% <0.00%> (-0.32%)	⬇️
pkg/api/v1alpha1/tinkerbelltemplateconfig.go	25.45% <0.00%> (ø)
pkg/cluster/client_builder.go	100.00% <ø> (ø)
pkg/cluster/fetch.go	45.00% <ø> (ø)
pkg/clusterapi/fetch.go	100.00% <ø> (ø)
... and 58 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f95e2fa...9cb173f. Read the comment docs.

[maxdrib]

1. Thanks for putting this together. We'll be tracking the work in Add support for clusters spanning across multiple Cloudstack API Endpoints  #2406
2. Another implementation to consider is instead of putting all the credentials/endpoints in a single instance of the cmk executable, if we should instead have multiple instances of the cmk executables, and each one would have its own config. I'm not sure which path is better, so I'll make a note of it in the design doc in Multi-endpoint design for cloudstack provider #2399 and await the team's input. Please have a look at that design when you get a chance and provide any feedback you may have

[maxdrib]

Could you validate that this also works e2e with CAPC for a single endpoint?

[maxdrib]

why do we need to arrange this as a map instead of a list? What additional value do we get from the labeling?

[maxdrib]

Never mind, I think a map is the right move so that we can match these Profiles to an Availability Zone for preflight checking

[maxdrib]

why are we using ProviderCmkClient instead of the executables interface?

[wongni]

ProviderCmkClient and executables.Cmk are compliant, however, it seems that the maps of them are not compliant in Golang. When I changed Cmks' type to map[string]*executables.Cmk I got this compile error.

pkg/dependencies/factory.go:270:19: cannot use f.dependencies.Cmks (type map[string]*executables.Cmk) as type map[string]cloudstack.ProviderCmkClient in argument to cloudstack.NewProvider

[maxdrib]

I guess this is an OOP issue: https://stackoverflow.com/questions/46433860/golang-using-a-defined-interface-in-a-map-value. Maybe it makes sense to contain the map entirely to be inside the Cmk struct as a map of executable objects

[maxdrib]

My concern with using ProviderCmkClient is that now we can introduce a circular dependency between dependencies -> cloudstack -> executables. The executables.Cmk interface served to decouple the two packages as I understand so I'm hesitant to break this pattern

Actually looks like we already depend on the cloudstack package here, so I guess it's ok? @vignesh-goutham do you know what the purpose of having the two separate interfaces is, between executables.Cmk and ProviderCmkClient?

[g-gaston]

It seems like executables.Cmk is a struct, right?

Either way, in general, we want to define interfaces in the consumer, so in this case that would be in the cloudstack provide package.

What I would recommend in this case is store the executables as map[string]*executables.Cmk in the deps struct and then convert the map to map[string]cloudstack.ProviderCmkClient before injecting it in the provider.

[maxdrib]

it feels counterintuitive to run multiple validators all doing the same checks. From an abstraction perspective, the validator should just be invoked once. I think the implementation detail of multiple cmk executables should not leak outside of the validator itself.

[maxdrib]

Never mind, I think a map is the right move so that we can match these Profiles to an Availability Zone for preflight checking

[wongni]

Could you validate that this also works e2e with CAPC for a single endpoint?

I was able to create a management cluster for a single endpoint.

[maxdrib]

I've updated this logic since and added unit tests fyi

[maxdrib]

why do we need this check? It feels like Global shouldn't be required as we move towards deprecating the old schema, right?

[wongni]

Removed

[maxdrib]

could we add a newline here at the end of these files?

[wongni]

Done

[maxdrib]

I think the traditional way to check if a key is present is https://stackoverflow.com/questions/2050391/how-to-check-if-a-map-contains-a-key-in-go instead of cmk == nil

[wongni]

Done

[maxdrib]

shouldn't this return error if datacenterConfig is nil?

[maxdrib]

bump

[maxdrib]

If we convert to the new schema using the SetDefaults method, we won't need this function. Then we'll know that going into the validator, we only have to check the new fields, not the old ones. Although, once you change to using the new schema, you basically have to use it throughout the entire provider and controller or else everything will be broken. Maybe this is a good way to split up the code changes into more reasonable changes. If we go with that approach, the PR's will be:

1. Add new fields to the interface
2. This PR, which does preflight checking for both the old CloudstackDatacenterConfig schema and the new schema, but uses old CloudstackDatacenterConfig attributes when generating the CAPI/CAPC templates
3. Third PR, which will invoke the SetDefaults method any time we're deserializing a CloudstackDatacenterConfig and then exclusively use the new fields through the provider and controller, but generating CAPI/CAPC templates for v0.4.5
4. Fourth PR, which will support CAPC v0.5 for template generation

Does that sound reasonable?

[wongni]

Sounds good to me.

[maxdrib]

why do we want to do this? It'll make testing harder, and we're already calling this method from cloudstack.go. This way it's harder to tell which method is misbehaving if there's a dependency between them.

[wongni]

Removing...

[maxdrib]

I think it would be good to check that the cmk exists in the map again

[wongni]

Done

[maxdrib]

it feels weird to call a public function twice. Can we save this as a variable instead of calling it a second time?

[wongni]

Done

[maxdrib]

it seems like we should refactor this to only check if a single zone is present, not multiple. That'll require less error handling below as well

[maxdrib]

Looks like there are some conflicts to resolve. Overall, minor comments and the logic looks good to me. Nice job

[maxdrib]

bump

[maxdrib]

bump

[g-gaston]

Interesting, what do we need this for?

[wongni]

Please check #2404 (comment)

[g-gaston]

Curious, why name the returned error if there is only one?
I don't think we need that

[wongni]

I named the returned error to aggregate errors when cleaning up resources from multiple endpoints.

[g-gaston]

I think it makes more sense to have this with a defer next to the initialization
Curious why you changed it?

[wongni]

We have a cmk per endpoint. We want to close cmk after cleaning up resources from one endpoint.

[g-gaston]

What's the point of aggregating errors if we are only doing it once?

[wongni]

When we have multiple cloudstack endpoints to clean up resources we want to continue even if it encounters an error in order to clean up as many resource as possible. Multierr is useful in this case.

[g-gaston]

It seems like executables.Cmk is a struct, right?

Either way, in general, we want to define interfaces in the consumer, so in this case that would be in the cloudstack provide package.

What I would recommend in this case is store the executables as map[string]*executables.Cmk in the deps struct and then convert the map to map[string]cloudstack.ProviderCmkClient before injecting it in the provider.

[g-gaston]

Curious, why do we receive the zone as v1alpha1.CloudStackZone in some methods and as a string in others?

[wongni]

CloudStackZone is passed into ValidateZonePresent to validate zone by either ID or name. However, other resources are validated in the single resolved zone using zone ID string.

[g-gaston]

Do we need the check now that only id is being passed?

[wongni]

When a network ID is defined we use it to list networks. In this case, we expected to have one network returned because the ID is unique. When a network ID is not defined we list all networks in the zone and filter with the network name passed in.

[g-gaston]

Don't need a context here

[wongni]

Good point

[eks-distro-bot]

@wongni: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
eks-anywhere-presubmit	9cb173f	link	true	/test eks-anywhere-presubmit
eks-anywhere-release-tooling-test-presubmit	9cb173f	link	true	/test eks-anywhere-release-tooling-test-presubmit
eks-anywhere-attribution-files-presubmit	9cb173f	link	true	/test eks-anywhere-attribution-files-presubmit
eks-anywhere-cluster-controller-tooling-presubmit	9cb173f	link	true	/test eks-anywhere-cluster-controller-tooling-presubmit
eks-anywhere-docs-presubmit	9cb173f	link	true	/test eks-anywhere-docs-presubmit
eks-anywhere-mocks-presubmits	9cb173f	link	true	/test eks-anywhere-mocks-presubmits
eks-anywhere-e2e-presubmit	9cb173f	link	true	/test eks-anywhere-e2e-presubmit
eks-anywhere-release-tooling-presubmit	9cb173f	link	true	/test eks-anywhere-release-tooling-presubmit

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[wongni]

Created a new one based on the latest main branch: #2559