Graduate downwardMetrics to feature KV lifecycle

[jcanocan]

What this PR does

It deprecates the DownwardMetrics feature gate in favor of a configurable field: spec.downwardMetrics: {}. The configurable is disabled by default, and it brings the option to the user to enable it cluster-wide if desired. Moreover, it adds checks to block a VM starting if the feature is out of sync and runtime checks to inform the user when the feature is out of sync too.

Fixes # CNV-43919

Why we need it and why it was done in this way

The following tradeoffs were made:

The following alternatives were considered:

Links to places where the discussion took place:

Special notes for your reviewer

You can use the following steps to try it yourself:

1. Create a cluster that allows VM live migration:

export KUBEVIRT_STORAGE=rook-ceph-default
export KUBEVIRT_MEMORY_SIZE=12000M
export KUBEVIRT_NUM_NODES=2
make cluster-up

2. Create the following VM:

apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
  labels:
    special: vmi-fedora-1
  name: vmi-fedora-1
spec:
  running: false
  template:
    metadata:
      labels:
        kubevirt.io/domain: fedora-1
        kubevirt.io/vm: fedora-1
      annotations:
        descheduler.alpha.kubernetes.io/evict: "true"
    spec:      
      domain:
        devices:
          downwardMetrics: {}
          disks:
          - disk:
              bus: virtio
            name: containerdisk
          - disk:
              bus: virtio
            name: cloudinitdisk
          interfaces:
            - name: default
              masquerade: {}
        machine:
          type: ""
        resources:
          requests:
            memory: 1024M
      terminationGracePeriodSeconds: 180
      networks:
        - name: default
          pod: {}
      volumes:
      - cloudInitNoCloud:
          userData: |-
            #cloud-config
            chpasswd:
              expire: false
            password: fedora
            user: fedora
        name: cloudinitdisk
      - name: containerdisk
        containerDisk:
          image: kubevirt/fedora-cloud-container-disk-demo:latest

3. Start the VM. The VMI object will show an error stating that the feature has been not enabled and the VMI will remain in Pending state.
4. Enable the feature. The VM will start eventually.

$ ./cluster-up/kubectl.sh patch kubevirt  kubevirt -n kubevirt --type  json -p '[{"op":"add", "path":"/spec/downwardMetrics", "value": {}}]'

5. Disable the feature. The VM will continue running, and you will be able to fetch the downward metrics inside the VM as normal.

$ ./cluster-up/kubectl.sh patch kubevirt  kubevirt -n kubevirt --type  json -p '[{"op":"remove", "path":"/spec/configuration/downwardMetrics", "value": {}}]'

6. Live migrate the VM. The VM will be able to live migrate.

$ ./cluster-up/virtctl.sh migrate vmi-fedora-1

Checklist

This checklist is not enforcing, but it's a reminder of items that could be relevant to every PR.
Approvers are expected to review this list.

• Design: A design document was considered and is present (link) or not required
• PR: The PR description is expressive enough and will help future contributors
• Code: Write code that humans can understand and Keep it simple
• Refactor: You have left the code cleaner than you found it (Boy Scout Rule)
• Upgrade: Impact of this change on upgrade flows was considered and addressed if required
• Testing: New code requires new unit tests. New features and bug fixes require at least on e2e test
• Documentation: A user-guide update was considered and is present (link) or not required. You want a user-guide update if it's a user facing feature / API change.
• Community: Announcement to kubevirt-dev was considered

Release note

Deprecated `DownwardMetrics` feature gate and introduce `spec.downwardMetrics: {}` field to enable the feature (disabled by default).

[kubevirt-bot]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[kubevirt-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign alicefr for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[jcanocan]

/retest-required

[jcanocan]

Could @EdDev take a look at this, please?

[jcanocan]

v2: VM do not start, i.e., it does not create a VMI object, if an invalid configuration is detected.

[0xFelix]

IsDownwardMetricsEnabled and DownwardMetricsEnabled are very similar names that can easily be confused. Can you give it another name?

[jcanocan]

Changed it to IsDownwardMetricsFeatureEnabled.

[0xFelix]

errors.New is sufficient.

[jcanocan]

Done

[0xFelix]

fmt.Errorf("DownwardMetrics feature is not enabled")

Make this a const or a custom error in the downwardmetrics pkg?

[jcanocan]

Done. I've also replaced all occurrences of this string with the custom error variable.

[0xFelix]

Should be reset to original value, i.e. reset the KV object after? I think we have helpers for that.

[jcanocan]

What would be the benefit of reset the entire KV object? IMHO, if we are only changing one specific value, it makes sense to just reset that value back.

[0xFelix]

This enables the feature which should be off by default for everyone else? I don't think this is good practice.

[jcanocan]

If we don't enable it by default, live migration downwardMetric tests will need to run on serial because we are updating the KubeVirt CR. In the past, in order to allow these test to run on parallel, we enabled the downwardMetrics FG by default in the tests. This is why I've included this.

[0xFelix]

The test is marked as Serial already? I'd rather not enable something globally to avoid Serial just for a single test.

[jcanocan]

This is the particular test I'm referring to: https://github.com/kubevirt/kubevirt/pull/12650/files#diff-5034f7c82b377dd518dd147554ad7df560b0cc667f1f0aa08e7a632d1436237aR471
It's just two tests, but if we disabled the feature globally, we need to make them Serial. I'm not against it, whatever we consider best.

[0xFelix]

If the tests require it to be enabled but it is not by default, then they should be Serial.

[0xFelix]

Use libkubevirt.UpdateKubeVirtConfigValueAndWait and drop updateKubevirtSpec.

[jcanocan]

As far as I was able to understand, UpdateKubeVirtConfigValueAndWait will just update the kv.Spec.Configuration, while the downwardMetrics configurable is under kv.Spec. Therefore, if I use UpdateKubeVirtConfigValueAndWait the change won't be reflected.

[0xFelix]

I see, can libkubevirt be updated to do what we want?

[jcanocan]

We are updating the kv.Spec, that's what updateKubevirtSpec is already doing. Sorry, maybe I'm missing something here. Could you please elaborate a bit more?

[0xFelix]

Still, can libkubevirt be used instead? And the Disable/Enable helpers should live closer to where they are used. We should not grow tests/utils.go at all.

[0xFelix]

That is a good question.

@xpivarc @fossedihelm Can you help us shed some light on this? Will the VMs/VMIs be resynced at some point?

[0xFelix]

Also, can you please highlight a bit more that this is a breaking change?

The feature moves from being enabled to being disabled by default.

[0xFelix]

Yet another piece of feedback: Could you please split deprecation of the FG and adding the new configurable into separate PRs?

[jcanocan]

Also, can you please highlight a bit more that this is a breaking change?

The feature moves from being enabled to being disabled by default.

Currently, the feature is disabled by default. If the user does not enable the FG, the feature keeps disabled. However, it is true that users with the feature already enabled need some manual action or if they reboot a VM, it would fail to start.

[jcanocan]

Yet another piece of feedback: Could you please split deprecation of the FG and adding the new configurable into separate PRs?

I would like to keep it the same PR if possible. If we deprecate the FG and then add the new configurable in a separate PR, it would create a gap in which the FG will be enabled by default. I would like to avoid this scenario by all means. This is because having this feature enabled by default could be considered a security issue.

[kubevirt-bot]

@jcanocan: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-kubevirt-fuzz	bceced8	link	false	/test pull-kubevirt-fuzz
pull-kubevirt-e2e-k8s-1.31-sig-compute	bceced8	link	true	/test pull-kubevirt-e2e-k8s-1.31-sig-compute
pull-kubevirt-e2e-k8s-1.31-sig-storage	bceced8	link	true	/test pull-kubevirt-e2e-k8s-1.31-sig-storage
pull-kubevirt-check-tests-for-flakes	bceced8	link	false	/test pull-kubevirt-check-tests-for-flakes

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[kubevirt-bot]

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[0xFelix]

Use `downwardmetrics.DownwardMetricsNotEnabledError here too?

The use of fmt.Error with static strings looks weird.

[0xFelix]

Suggested change

	var DownwardMetricsNotEnabledError = errors.New("DownwardMetrics feature is not enabled")
	var NotEnabledError = errors.New("DownwardMetrics feature is not enabled")

When used as downwardmetrics.NotEnabledError this avoids repetition.

[0xFelix]

Suggested change

	VirtualMachineInstanceConfigurationOutOfSync VirtualMachineInstanceConditionType = "FeatureConfigurationOutOfSync"
	VirtualMachineInstanceConfigurationOutOfSync VirtualMachineInstanceConditionType = "ConfigurationOutOfSync"

[0xFelix]

I see. Still it looks strange to me that we enable DownwardMetrics globally in the test setup and then again in the BeforeEach of these tests.

[0xFelix]

Assert the condition on the VM instead and try once to get the VMI expecting an IsNotFound error as not to prolong the test unnecessarily?

[0xFelix]

Same as above, it looks strange to me that we call this in BeforeEach/AfterEach and in the global test setup.

[0xFelix]

The test is marked as Serial already? I'd rather not enable something globally to avoid Serial just for a single test.

[0xFelix]

I see, can libkubevirt be updated to do what we want?

[jcanocan]

Since the potential concerns about the breaking change that this implies. Let's split the graduation in multiple releases/PRs.

[jcanocan]

/close

[kubevirt-bot]

@jcanocan: Closed this PR.

In response to this:

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.