Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add check for tenant existence #72

Merged
merged 1 commit into from
Sep 30, 2024
Merged

Add check for tenant existence #72

merged 1 commit into from
Sep 30, 2024

Conversation

MaIT-HgA
Copy link
Contributor

@MaIT-HgA MaIT-HgA commented Sep 23, 2024
edited
Loading

  • Tenancy check is added in getting available IP and prefix
  • Failed tenancy check doesn't imply reconcile error but create a k8s Event
  • Test cases for the tenant check are added in unit tests
  • Not-found Netbox error "type" is added in utils
  • Error in some functions are updated with the new error "type"
  • Manual system testing is done.

Close #39

@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from 12f3faa to 35dc096 Compare September 24, 2024 13:43
@MaIT-HgA MaIT-HgA marked this pull request as ready for review September 24, 2024 14:10
bruelea
bruelea requested changes Sep 24, 2024
View reviewed changes
Copy link
Collaborator

@bruelea bruelea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The check is only required if a new ip address is assigned. Instead of directly checking this in the reconcile loop we could check it in the GetAvailableIpAddressClaim (

netbox-operator/pkg/netbox/api/ip_address_claim.go

Line 59 in 508165e

func (r *NetboxClient) GetAvailableIpAddressByClaim(ipAddressClaim *models.IPAddressClaim) (*models.IPAddress, error) {
) function.

@bruelea
Copy link
Collaborator

bruelea commented Sep 24, 2024

It would be great to have this check also for the prefix claims.

@henrybear327 henrybear327 force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from 35dc096 to 5d01e7b Compare September 24, 2024 17:42
@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from 5d01e7b to f14e969 Compare September 25, 2024 05:27
@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch 5 times, most recently from 388ccc8 to 234c73b Compare September 25, 2024 13:30
@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch 3 times, most recently from b8ddaf8 to 0650ea1 Compare September 26, 2024 10:06
@MaIT-HgA MaIT-HgA requested a review from bruelea September 26, 2024 10:10
@faebr
Copy link
Contributor

faebr commented Sep 26, 2024
edited
Loading

I just did a manual check, in my opinion the operator should not log the stack trace when the tenant is not found. This makes it look like a reconciler error. Its ok when the loglevel is error but adding the stack trace is not needed.
Example:
2024-09-26T13:48:31+02:00 INFO reconcile loop started {"controller": "ipaddressclaim", "controllerGroup": "netbox.dev", "controllerKind": "IpAddressClaim", "IpAddressClaim": {"name":"ipaddressclaim-sample-2","namespace":"default"}, "namespace": "default", "name": "ipaddressclaim-sample-2", "reconcileID": "6d11f8c1-78bf-44ca-a2b7-01b42f3d7459"}

2024-09-26T13:48:31+02:00 ERROR Reconciler error {"controller": "ipaddressclaim", "controllerGroup": "netbox.dev", "controllerKind": "IpAddressClaim", "IpAddressClaim": {"name":"ipaddressclaim-sample-2","namespace":"default"}, "namespace": "default", "name": "ipaddressclaim-sample-2", "reconcileID": "6d11f8c1-78bf-44ca-a2b7-01b42f3d7459", "error": "tenant not found"}

sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler /Users/taascfas/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:316 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem /Users/taascfas/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:263 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.2 /Users/taascfas/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:224

Also when a claim succeeds a status condition is set, would it make sense to also set a status condition when tenant is not found?

I see that this is the same when the parent-prefix does not exist, could we also change this? @bruelea @alexandernorth @jstudler
2024-09-26T13:54:05+02:00 ERROR Reconciler error {"controller": "ipaddressclaim", "controllerGroup": "netbox.dev", "controllerKind": "IpAddressClaim", "IpAddressClaim": {"name":"ipaddressclaim-sample","namespace":"default"}, "namespace": "default", "name": "ipaddressclaim-sample", "reconcileID": "7204d041-cc55-40d4-80d1-bc252fcbcdd3", "error": "parent prefix not found"}

sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler /Users/taascfas/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:316 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem /Users/taascfas/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:263 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.2 /Users/taascfas/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:224

@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from a68bb3c to eb769b8 Compare September 26, 2024 14:57
@bruelea
Copy link
Collaborator

bruelea commented Sep 27, 2024

Also when a claim succeeds a status condition is set, would it make sense to also set a status condition when tenant is not found?

Agree, the status condition should be updated too. In #74 this is implemented.

@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch 2 times, most recently from 2c62b6f to 4d91930 Compare September 27, 2024 07:23
@MaIT-HgA
Copy link
Contributor Author

MaIT-HgA commented Sep 27, 2024
edited
Loading

the status condition and the events will be implemented in #74

@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch 4 times, most recently from 7423717 to 68774ac Compare September 27, 2024 12:46
@jstudler
Copy link
Contributor

Maybe I'm getting it wrong but wouldn't the simplest solution be to just add a function like e.g. "TenantExists" which takes a tenant string and returns a bool and then check this in e.g. https://github.com/netbox-community/netbox-operator/blob/main/internal/controller/ipaddressclaim_controller.go#L79 and https://github.com/netbox-community/netbox-operator/blob/main/internal/controller/ipaddress_controller.go#L103 (and the respective location in the prefix controllers)? It's kind of a config validation and should happen early in the process. If it doesn't exist, we write a log entry and exit.

With the proposed solution it will create a lease and add other complexity that we don't need. wdyt @MaIT-HgA @faebr @bruelea ?

@henrybear327 henrybear327 removed their request for review September 27, 2024 13:55
@bruelea
Copy link
Collaborator

bruelea commented Sep 27, 2024

Maybe I'm getting it wrong but wouldn't the simplest solution be to just add a function like e.g. "TenantExists" which takes a tenant string and returns a bool and then check this in e.g. https://github.com/netbox-community/netbox-operator/blob/main/internal/controller/ipaddressclaim_controller.go#L79 and https://github.com/netbox-community/netbox-operator/blob/main/internal/controller/ipaddress_controller.go#L103 (and the respective location in the prefix controllers)? It's kind of a config validation and should happen early in the process. If it doesn't exist, we write a log entry and exit.

With the proposed solution it will create a lease and add other complexity that we don't need. wdyt @MaIT-HgA @faebr @bruelea ?

That would work too. The motivation to do the check if the tenant exists was that the check is only required if the IP is not yet assigned (#72 (review)). We could check the "IPAssigned" status condition in the reconcile loop and check if the tenant exists if the status condition is "false".

@jstudler
Copy link
Contributor

Maybe I'm getting it wrong but wouldn't the simplest solution be to just add a function like e.g. "TenantExists" which takes a tenant string and returns a bool and then check this in e.g. https://github.com/netbox-community/netbox-operator/blob/main/internal/controller/ipaddressclaim_controller.go#L79 and https://github.com/netbox-community/netbox-operator/blob/main/internal/controller/ipaddress_controller.go#L103 (and the respective location in the prefix controllers)? It's kind of a config validation and should happen early in the process. If it doesn't exist, we write a log entry and exit.
With the proposed solution it will create a lease and add other complexity that we don't need. wdyt @MaIT-HgA @faebr @bruelea ?

That would work too. The motivation to do the check if the tenant exists was that the check is only required if the IP is not yet assigned (#72 (review)). We could check the "IPAssigned" status condition in the reconcile loop and check if the tenant exists if the status condition is "false".

True, this is a valid concern for the (rare?) case that the tenant is removed from NetBox after the ip/ipc/px/pxc resource(s) have been sucessfully created. So maybe we keep it as is.

@MaIT-HgA
Copy link
Contributor Author

MaIT-HgA commented Sep 27, 2024
edited
Loading

Maybe I'm getting it wrong but wouldn't the simplest solution be to just add a function like e.g. "TenantExists" which takes a tenant string and returns a bool and then check this in e.g. https://github.com/netbox-community/netbox-operator/blob/main/internal/controller/ipaddressclaim_controller.go#L79 and https://github.com/netbox-community/netbox-operator/blob/main/internal/controller/ipaddress_controller.go#L103 (and the respective location in the prefix controllers)? It's kind of a config validation and should happen early in the process. If it doesn't exist, we write a log entry and exit.

With the proposed solution it will create a lease and add other complexity that we don't need. wdyt @MaIT-HgA @faebr @bruelea ?

This is what what I did at the very beginning but then @bruelea suggested to do it in the function getting available IP/prefix since we only need to do the check for new ip assignment

@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from ec1803d to 46ac25c Compare September 27, 2024 14:29
@MaIT-HgA MaIT-HgA marked this pull request as draft September 27, 2024 14:34
@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from 46ac25c to ecbbec2 Compare September 30, 2024 06:41
@MaIT-HgA MaIT-HgA marked this pull request as ready for review September 30, 2024 06:53
@MaIT-HgA MaIT-HgA requested a review from bruelea September 30, 2024 07:47
@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from a2717e9 to ce930f7 Compare September 30, 2024 09:04
@MaIT-HgA MaIT-HgA requested a review from jstudler September 30, 2024 09:07
@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from ce930f7 to 1800450 Compare September 30, 2024 09:09
@MaIT-HgA
Copy link
Contributor Author

Finalizer changes is removed from this MR and will be in another MR

@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from 1800450 to 21bd119 Compare September 30, 2024 09:27
@MaIT-HgA MaIT-HgA force-pushed the fix/no-ip-assignment-with-non-existing-tenant branch from 21bd119 to 261e07b Compare September 30, 2024 09:29
@MaIT-HgA MaIT-HgA mentioned this pull request Sep 30, 2024
Merged
@MaIT-HgA MaIT-HgA added the bug Something isn't working label Sep 30, 2024
bruelea
bruelea approved these changes Sep 30, 2024
View reviewed changes
Copy link
Collaborator

@bruelea bruelea left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

@MaIT-HgA MaIT-HgA merged commit 41fd2a4 into main Sep 30, 2024
5 checks passed
@MaIT-HgA MaIT-HgA deleted the fix/no-ip-assignment-with-non-existing-tenant branch September 30, 2024 11:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@faebr faebr faebr left review comments

@bruelea bruelea bruelea approved these changes

@jstudler jstudler Awaiting requested review from jstudler

Assignees

@MaIT-HgA MaIT-HgA

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

IP assigned when owner does not exist in Netbox
4 participants
@MaIT-HgA @bruelea @faebr @jstudler