fix(patches): Ensure resulting NutanixMachineTemplate patches are clean #1236
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
remove subnet and cluster
we shouldn't be injecting extraneous values: this is confusing for debugging behaviour.
add new failure domain and meta mutation debug log.
This was referenced Jul 23, 2025
thunderboltsid
requested review from
jimmidyson,
dlipovetsky,
dkoshkin,
supershal and
yanhua121
dkoshkin
approved these changes
Jul 23, 2025
jimmidyson
approved these changes
Jul 24, 2025
jimmidyson
pushed a commit
that referenced
this pull request
Jul 24, 2025
Use XOR instead of OR for cluster and subnet presence check against failure domains on control plane and worker overrides. **How has this been tested?** Tested in conjunction with #1236 in #1226 * Create a cluster with control plane and machine deployments with failure domains with cluster and subnet variables also set in controlPlane machineDetails and machineDeployment variables overrides. ```yaml apiVersion: cluster.x-k8s.io/v1beta1 kind: Cluster metadata: labels: cluster.x-k8s.io/cluster-name: nkp-sid-caren cluster.x-k8s.io/provider: nutanix name: nkp-sid-caren spec: ... topology: class: nutanix-quick-start controlPlane: metadata: {} replicas: 3 variables: - name: clusterConfig value: ... controlPlane: nutanix: failureDomains: - fd-1 - fd-2 - fd-3 machineDetails: bootType: uefi cluster: type: name name: ncn-dev-sandbox subnets: - type: name name: vlan173 imageLookup: baseOS: rocky-9.6 format: nkp-{{.BaseOS}}-release-{{.K8sVersion}}-* memorySize: 4Gi systemDiskSize: 40Gi vcpuSockets: 2 vcpusPerSocket: 1 ... - name: workerConfig value: nutanix: machineDetails: bootType: uefi cluster: name: ncn-dev-sandbox type: name imageLookup: baseOS: rocky-9.6 format: nkp-{{.BaseOS}}-release-{{.K8sVersion}}-* memorySize: 4Gi subnets: - name: vlan173 type: name systemDiskSize: 40Gi vcpuSockets: 2 vcpusPerSocket: 1 version: 1.33.1 workers: machineDeployments: - class: default-worker failureDomain: fd-1 metadata: annotations: cluster.x-k8s.io/cluster-api-autoscaler-node-group-max-size: "1" cluster.x-k8s.io/cluster-api-autoscaler-node-group-min-size: "1" name: md-0 variables: overrides: - name: workerConfig value: nutanix: machineDetails: bootType: uefi cluster: type: name name: ncn-dev-sandbox subnets: - type: name name: vlan173 imageLookup: baseOS: rocky-9.6 format: nkp-{{.BaseOS}}-release-{{.K8sVersion}}-* memorySize: 8Gi systemDiskSize: 80Gi vcpuSockets: 8 vcpusPerSocket: 1 ``` and expect failures from the webhook ```sh $ k apply -f nkp-sid-caren-neg.yaml ... Error from server (Forbidden): error when creating "nkp-sid-caren-neg.yaml": admission webhook "cluster-validator.caren.nutanix.com" denied the request: [spec.topology.variables.clusterConfig.value.controlPlane.nutanix.machineDetails.cluster: Forbidden: "cluster" must not be set when failureDomains are configured., spec.topology.variables.clusterConfig.value.controlPlane.nutanix.machineDetails.subnets: Forbidden: "subnets" must not be set when failureDomains are configured., spec.topology.workers.machineDeployments.variables.overrides.workerConfig.value.nutanix.machineDetails.cluster: Forbidden: "cluster" must not be set when failureDomain is configured., spec.topology.workers.machineDeployments.variables.overrides.workerConfig.value.nutanix.machineDetails.subnets: Forbidden: "subnets" must not be set when failureDomain is configured.] ``` * Create a cluster without failure domains with a machine deployment with cluster and subnet not set ```yaml apiVersion: cluster.x-k8s.io/v1beta1 kind: Cluster metadata: labels: cluster.x-k8s.io/cluster-name: nkp-sid-caren-no-fd cluster.x-k8s.io/provider: nutanix name: nkp-sid-caren-no-fd spec: ... topology: class: nutanix-quick-start controlPlane: metadata: {} replicas: 3 variables: - name: clusterConfig value: ... controlPlane: nutanix: machineDetails: bootType: uefi imageLookup: baseOS: rocky-9.6 format: nkp-{{.BaseOS}}-release-{{.K8sVersion}}-* memorySize: 4Gi systemDiskSize: 40Gi vcpuSockets: 2 vcpusPerSocket: 1 ... - name: workerConfig value: nutanix: machineDetails: bootType: uefi cluster: name: ncn-dev-sandbox type: name imageLookup: baseOS: rocky-9.6 format: nkp-{{.BaseOS}}-release-{{.K8sVersion}}-* memorySize: 4Gi subnets: - name: vlan173 type: name systemDiskSize: 40Gi vcpuSockets: 2 vcpusPerSocket: 1 version: 1.33.1 workers: machineDeployments: - class: default-worker metadata: annotations: cluster.x-k8s.io/cluster-api-autoscaler-node-group-max-size: "1" cluster.x-k8s.io/cluster-api-autoscaler-node-group-min-size: "1" name: md-0 variables: overrides: - name: workerConfig value: nutanix: machineDetails: bootType: uefi imageLookup: baseOS: rocky-9.6 format: nkp-{{.BaseOS}}-release-{{.K8sVersion}}-* memorySize: 8Gi cluster: type: name name: ncn-dev-sandbox subnets: - type: name name: vlan173 systemDiskSize: 80Gi vcpuSockets: 8 vcpusPerSocket: 1 - class: default-worker metadata: annotations: cluster.x-k8s.io/cluster-api-autoscaler-node-group-max-size: "1" cluster.x-k8s.io/cluster-api-autoscaler-node-group-min-size: "1" name: md-1 variables: overrides: - name: workerConfig value: nutanix: machineDetails: bootType: uefi imageLookup: baseOS: rocky-9.6 format: nkp-{{.BaseOS}}-release-{{.K8sVersion}}-* memorySize: 8Gi systemDiskSize: 80Gi vcpuSockets: 8 vcpusPerSocket: 1 ``` and expect failures from webhook ```sh $ k apply -f no-fd-neg.yaml ... Error from server (Forbidden): error when creating "no-fd-neg.yaml": admission webhook "cluster-validator.caren.nutanix.com" denied the request: [spec.topology.variables.clusterConfig.value.controlPlane.nutanix.machineDetails.cluster: Required value: "cluster" must be set when failureDomains are not configured., spec.topology.variables.clusterConfig.value.controlPlane.nutanix.machineDetails.subnets: Required value: "subnets" must be set when failureDomains are not configured., spec.topology.workers.machineDeployments.variables.overrides.workerConfig.value.nutanix.machineDetails.cluster: Required value: "cluster" must be set when failureDomain is not configured., spec.topology.workers.machineDeployments.variables.overrides.workerConfig.value.nutanix.machineDetails.subnets: Required value: "subnets" must be set when failureDomain is not configured.] ```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
These changes ensure the resulting NutanixMachineTemplate patches also reflect
the XOR between failureDomains and cluster/subnets.
How has this been tested?
Tested in conjunction with #1233 in #1226
make dev.run-on-kindand see default NutanixMachineTemplates when management cluster is created and observe no placeholder cluster and subnet fieldsObserve the generated NutanixMachineTemplate has cluster and subnets set correctly
Observe the generated NutanixMachineTemplate does not have cluster and subnet set