Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ Distinct webhook deployments #757

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

✨ Distinct webhook deployments #757

wants to merge 1 commit into from

Conversation

akutz
Copy link
Collaborator

@akutz akutz commented Oct 18, 2024
edited
Loading

What does this PR do, and why is it needed?

This path introduces distinct webhook deployments for the admission and conversion webhooks. This is to provide a more stable and performant experience. The webhook pods will not require nearly as much memory as the controller-manager pods. Additionally, if the webhooks ever go down, it is a bad time. Admission webhooks being unavailable means no one can apply any changes to the VM Op APIs. The conversion webhooks being offline means no one can even read the VM Op APIs.

This patch also removes the vestigial use of kustomizeconfig files since they are no longer needed, having been replaced by, well, the replacements feature.

Which issue(s) is/are addressed by this PR? (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):

Fixes NA

Are there any special notes for your reviewer:

We need to:

  • Consider the impact to upgrades.
  • Validate and reserve the new ports on Supervisor.

For a full list of the changes this PR introduces, please follow the steps below:

  1. Generate the config/local/infrastructure-components-original.yaml and config/local/infrastructure-components.yaml files to compare them:

    cd "$(mktemp -d)" && \
git clone https://github.com/vmware-tanzu/vm-operator . && \
git checkout main && \
make kustomize-local && \
cp -f config/local/infrastructure-components.yaml config/local/infrastructure-components-original.yaml && \
git remote add akutz https://github.com/akutz/vm-operator && \
git fetch akutz && \
git checkout feature/webhook-deployments && \
make kustomize-local

  2. Once the two files have been generated, compare them with:

    diff -u \
  config/local/infrastructure-components-original.yaml \
  config/local/infrastructure-components.yaml

  3. The diff should look just like the following:

    --- config/local/infrastructure-components-original.yaml	2024-10-18 11:53:52.157161044 -0500
+++ config/local/infrastructure-components.yaml	2024-10-18 11:53:55.289031554 -0500
@@ -291,7 +291,7 @@
     webhook:
       clientConfig:
         service:
-          name: vmware-system-vmop-webhook-service
+          name: vmware-system-vmop-conversion-webhook-service
           namespace: vmware-system-vmop
           path: /convert
       conversionReviewVersions:
@@ -2069,7 +2069,7 @@
     webhook:
       clientConfig:
         service:
-          name: vmware-system-vmop-webhook-service
+          name: vmware-system-vmop-conversion-webhook-service
           namespace: vmware-system-vmop
           path: /convert
       conversionReviewVersions:
@@ -2759,7 +2759,7 @@
     webhook:
       clientConfig:
         service:
-          name: vmware-system-vmop-webhook-service
+          name: vmware-system-vmop-conversion-webhook-service
           namespace: vmware-system-vmop
           path: /convert
       conversionReviewVersions:
@@ -3663,7 +3663,7 @@
     webhook:
       clientConfig:
         service:
-          name: vmware-system-vmop-webhook-service
+          name: vmware-system-vmop-conversion-webhook-service
           namespace: vmware-system-vmop
           path: /convert
       conversionReviewVersions:
@@ -6621,7 +6621,7 @@
     webhook:
       clientConfig:
         service:
-          name: vmware-system-vmop-webhook-service
+          name: vmware-system-vmop-conversion-webhook-service
           namespace: vmware-system-vmop
           path: /convert
       conversionReviewVersions:
@@ -12098,7 +12098,7 @@
     webhook:
       clientConfig:
         service:
-          name: vmware-system-vmop-webhook-service
+          name: vmware-system-vmop-conversion-webhook-service
           namespace: vmware-system-vmop
           path: /convert
       conversionReviewVersions:
@@ -12640,7 +12640,7 @@
     webhook:
       clientConfig:
         service:
-          name: vmware-system-vmop-webhook-service
+          name: vmware-system-vmop-conversion-webhook-service
           namespace: vmware-system-vmop
           path: /convert
       conversionReviewVersions:
@@ -13686,6 +13686,19 @@
 apiVersion: v1
 kind: Service
 metadata:
+  name: vmware-system-vmop-admission-webhook-service
+  namespace: vmware-system-vmop
+spec:
+  ports:
+  - name: https
+    port: 443
+    targetPort: https
+  selector:
+    webhook: admission
+---
+apiVersion: v1
+kind: Service
+metadata:
   labels:
     control-plane: controller-manager
   name: vmware-system-vmop-controller-manager-metrics-service
@@ -13701,6 +13714,19 @@
 apiVersion: v1
 kind: Service
 metadata:
+  name: vmware-system-vmop-conversion-webhook-service
+  namespace: vmware-system-vmop
+spec:
+  ports:
+  - name: https
+    port: 443
+    targetPort: https
+  selector:
+    webhook: conversion
+---
+apiVersion: v1
+kind: Service
+metadata:
   labels:
     app: web-console-validator
   name: vmware-system-vmop-web-console-validator
@@ -13713,18 +13739,82 @@
   selector:
     app: web-console-validator
 ---
-apiVersion: v1
-kind: Service
+apiVersion: apps/v1
+kind: Deployment
 metadata:
-  name: vmware-system-vmop-webhook-service
+  labels:
+    controller-tools.k8s.io: "1.0"
+    webhook: admission
+  name: vmware-system-vmop-admission-webhook
   namespace: vmware-system-vmop
 spec:
-  ports:
-  - name: https
-    port: 443
-    targetPort: webhook-server
   selector:
-    control-plane: controller-manager
+    matchLabels:
+      controller-tools.k8s.io: "1.0"
+      webhook: admission
+  template:
+    metadata:
+      labels:
+        controller-tools.k8s.io: "1.0"
+        name: vmoperator-admission-webhook
+        webhook: admission
+    spec:
+      containers:
+      - args:
+        - --enable-leader-election=false
+        - --health-addr=127.0.0.1:9446
+        - --metrics-addr=0
+        - --profiler-address=0
+        command:
+        - /manager
+        env:
+        - name: VMOP_CONTAINER_TYPE
+          value: admission-webhook
+        - name: WEBHOOK_SERVICE_NAMESPACE
+          value: vmware-system-vmop
+        - name: WEBHOOK_SERVICE_NAME
+          value: vmware-system-vmop-admission-webhook-service
+        - name: WEBHOOK_SECRET_NAMESPACE
+          value: vmware-system-vmop
+        - name: WEBHOOK_SECRET_NAME
+          value: webhook-server-cert
+        - name: WEBHOOK_SECRET_VOLUME_MOUNT_PATH
+          value: /tmp/k8s-webhook-server/serving-certs
+        - name: WEBHOOK_SERVICE_CONTAINER_PORT
+          value: "9878"
+        image: vmoperator-controller:latest
+        imagePullPolicy: Never
+        name: manager
+        ports:
+        - containerPort: 9446
+          name: health-probe
+          protocol: TCP
+        - containerPort: 9878
+          name: https
+          protocol: TCP
+        readinessProbe:
+          httpGet:
+            path: /readyz
+            port: health-probe
+        resources:
+          limits:
+            cpu: 200m
+            memory: 200Mi
+          requests:
+            cpu: 100m
+            memory: 75Mi
+        volumeMounts:
+        - mountPath: /tmp/k8s-webhook-server/serving-certs
+          name: cert
+          readOnly: true
+      nodeSelector:
+        node-role.kubernetes.io/control-plane: ""
+      terminationGracePeriodSeconds: 10
+      volumes:
+      - name: cert
+        secret:
+          defaultMode: 420
+          secretName: webhook-server-cert
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -13758,6 +13848,7 @@
       containers:
       - args:
         - --metrics-addr=127.0.0.1:8080
+        - --health-addr=127.0.0.1:9445
         command:
         - /manager
         env:
@@ -13827,25 +13918,12 @@
           valueFrom:
             fieldRef:
               fieldPath: spec.serviceAccountName
-        - name: WEBHOOK_SERVICE_NAMESPACE
-          value: vmware-system-vmop
-        - name: WEBHOOK_SERVICE_NAME
-          value: vmware-system-vmop-webhook-service
-        - name: WEBHOOK_SECRET_NAMESPACE
-          value: vmware-system-vmop
-        - name: WEBHOOK_SECRET_NAME
-          value: webhook-server-cert
-        - name: WEBHOOK_SECRET_VOLUME_MOUNT_PATH
-          value: /tmp/k8s-webhook-server/serving-certs
-        - name: WEBHOOK_SERVICE_CONTAINER_PORT
-          value: "9878"
+        - name: VMOP_CONTAINER_TYPE
+          value: controller-manager
         image: vmoperator-controller:latest
         imagePullPolicy: Never
         name: manager
         ports:
-        - containerPort: 9878
-          name: webhook-server
-          protocol: TCP
         - containerPort: 9445
           name: health-probe
           protocol: TCP
@@ -13860,10 +13938,6 @@
           requests:
             cpu: 100m
             memory: 75Mi
-        volumeMounts:
-        - mountPath: /tmp/k8s-webhook-server/serving-certs
-          name: cert
-          readOnly: true
       - args:
         - --secure-listen-address=0.0.0.0:8443
         - --upstream=http://127.0.0.1:8080/
@@ -13889,6 +13963,78 @@
         key: kubeadmNode
         operator: Equal
         value: master
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    controller-tools.k8s.io: "1.0"
+    webhook: conversion
+  name: vmware-system-vmop-conversion-webhook
+  namespace: vmware-system-vmop
+spec:
+  selector:
+    matchLabels:
+      controller-tools.k8s.io: "1.0"
+      webhook: conversion
+  template:
+    metadata:
+      labels:
+        controller-tools.k8s.io: "1.0"
+        name: vmoperator-conversion-webhook
+        webhook: conversion
+    spec:
+      containers:
+      - args:
+        - --enable-leader-election=false
+        - --health-addr=127.0.0.1:9447
+        - --metrics-addr=0
+        - --profiler-address=0
+        command:
+        - /manager
+        env:
+        - name: VMOP_CONTAINER_TYPE
+          value: conversion-webhook
+        - name: WEBHOOK_SERVICE_NAMESPACE
+          value: vmware-system-vmop
+        - name: WEBHOOK_SERVICE_NAME
+          value: vmware-system-vmop-conversion-webhook-service
+        - name: WEBHOOK_SECRET_NAMESPACE
+          value: vmware-system-vmop
+        - name: WEBHOOK_SECRET_NAME
+          value: webhook-server-cert
+        - name: WEBHOOK_SECRET_VOLUME_MOUNT_PATH
+          value: /tmp/k8s-webhook-server/serving-certs
+        - name: WEBHOOK_SERVICE_CONTAINER_PORT
+          value: "9879"
+        image: vmoperator-controller:latest
+        imagePullPolicy: Never
+        name: manager
+        ports:
+        - containerPort: 9447
+          name: health-probe
+          protocol: TCP
+        - containerPort: 9879
+          name: https
+          protocol: TCP
+        readinessProbe:
+          httpGet:
+            path: /readyz
+            port: health-probe
+        resources:
+          limits:
+            cpu: 200m
+            memory: 200Mi
+          requests:
+            cpu: 100m
+            memory: 75Mi
+        volumeMounts:
+        - mountPath: /tmp/k8s-webhook-server/serving-certs
+          name: cert
+          readOnly: true
+      nodeSelector:
+        node-role.kubernetes.io/control-plane: ""
+      terminationGracePeriodSeconds: 10
       volumes:
       - name: cert
         secret:
@@ -13962,8 +14108,10 @@
   namespace: vmware-system-vmop
 spec:
   dnsNames:
-  - vmware-system-vmop-webhook-service.vmware-system-vmop.svc
-  - vmware-system-vmop-webhook-service.vmware-system-vmop.svc.cluster.local
+  - vmware-system-vmop-admission-webhook-service.vmware-system-vmop.svc
+  - vmware-system-vmop-admission-webhook-service.vmware-system-vmop.svc.cluster.local
+  - vmware-system-vmop-conversion-webhook-service.vmware-system-vmop.svc
+  - vmware-system-vmop-conversion-webhook-service.vmware-system-vmop.svc.cluster.local
   issuerRef:
     kind: Issuer
     name: vmware-system-vmop-selfsigned-issuer
@@ -13991,7 +14139,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-mutate-vmoperator-vmware-com-v1alpha3-virtualmachine
   failurePolicy: Fail
@@ -14012,7 +14160,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-mutate-vmoperator-vmware-com-v1alpha3-virtualmachinereplicaset
   failurePolicy: Fail
@@ -14042,7 +14190,7 @@
   - v1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-validate--v1-persistentvolumeclaim
   failurePolicy: Fail
@@ -14064,7 +14212,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-validate-vmoperator-vmware-com-v1alpha3-virtualmachine
   failurePolicy: Fail
@@ -14085,7 +14233,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-validate-vmoperator-vmware-com-v1alpha3-virtualmachineclass
   failurePolicy: Fail
@@ -14106,7 +14254,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-validate-vmoperator-vmware-com-v1alpha3-virtualmachinepublishrequest
   failurePolicy: Fail
@@ -14127,7 +14275,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-validate-vmoperator-vmware-com-v1alpha3-virtualmachinereplicaset
   failurePolicy: Fail
@@ -14148,7 +14296,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-validate-vmoperator-vmware-com-v1alpha3-virtualmachineservice
   failurePolicy: Fail
@@ -14169,7 +14317,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-validate-vmoperator-vmware-com-v1alpha3-virtualmachinesetresourcepolicy
   failurePolicy: Fail
@@ -14190,7 +14338,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-validate-vmoperator-vmware-com-v1alpha1-webconsolerequest
   failurePolicy: Fail
@@ -14211,7 +14359,7 @@
   - v1beta1
   clientConfig:
     service:
-      name: vmware-system-vmop-webhook-service
+      name: vmware-system-vmop-admission-webhook-service
       namespace: vmware-system-vmop
       path: /default-validate-vmoperator-vmware-com-v1alpha3-virtualmachinewebconsolerequest
   failurePolicy: Fail

Please add a release note if necessary:

Move the admission and conversion webhooks into their own pods

@github-actions github-actions bot added the size/XL Denotes a PR that changes 500-999 lines. label Oct 18, 2024
@akutz akutz force-pushed the feature/webhook-deployments branch 3 times, most recently from 5bb8b75 to 68b8aca Compare October 18, 2024 16:52
@akutz
Distinct webhook deployments
877034e 
This path introduces distinct webhook deployments for the
admission and conversion webhooks. This is to provide a more
stable and performant experience. The webhook pods will not require
nearly as much memory as the controller-manager pods. Additionally,
if the webhooks ever go down, it is a bad time. Admission webhooks
being unavailable means no one can apply any changes to the VM Op
APIs. The conversion webhooks being offline means no one can even
*read* the VM Op APIs.
@akutz akutz force-pushed the feature/webhook-deployments branch from 68b8aca to 877034e Compare October 18, 2024 16:54
@github-actions GitHub Actions
Copy link

Code Coverage

Package Line Rate Health
github.com/vmware-tanzu/vm-operator/controllers/contentlibrary/clustercontentlibraryitem 82%
github.com/vmware-tanzu/vm-operator/controllers/contentlibrary/contentlibraryitem 85%
github.com/vmware-tanzu/vm-operator/controllers/contentlibrary/utils 97%
github.com/vmware-tanzu/vm-operator/controllers/infra/capability/configmap 86%
github.com/vmware-tanzu/vm-operator/controllers/infra/capability/crd 93%
github.com/vmware-tanzu/vm-operator/controllers/infra/configmap 71%
github.com/vmware-tanzu/vm-operator/controllers/infra/node 77%
github.com/vmware-tanzu/vm-operator/controllers/infra/secret 77%
github.com/vmware-tanzu/vm-operator/controllers/infra/validatingwebhookconfiguration 85%
github.com/vmware-tanzu/vm-operator/controllers/infra/zone 76%
github.com/vmware-tanzu/vm-operator/controllers/storageclass 94%
github.com/vmware-tanzu/vm-operator/controllers/storagepolicyquota 97%
github.com/vmware-tanzu/vm-operator/controllers/util/encoding 73%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachine/storagepolicyusage 99%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachine/virtualmachine 86%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachine/volume 86%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachineclass 75%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinepublishrequest 81%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinereplicaset 67%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachineservice 83%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachineservice/providers 92%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinesetresourcepolicy 80%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinewebconsolerequest/v1alpha1 72%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinewebconsolerequest/v1alpha1/conditions 88%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinewebconsolerequest/v1alpha1/patch 78%
github.com/vmware-tanzu/vm-operator/controllers/virtualmachinewebconsolerequest/v1alpha2 73%
github.com/vmware-tanzu/vm-operator/pkg/bitmask 100%
github.com/vmware-tanzu/vm-operator/pkg/builder 95%
github.com/vmware-tanzu/vm-operator/pkg/conditions 88%
github.com/vmware-tanzu/vm-operator/pkg/config 100%
github.com/vmware-tanzu/vm-operator/pkg/config/capabilities 100%
github.com/vmware-tanzu/vm-operator/pkg/config/env 100%
github.com/vmware-tanzu/vm-operator/pkg/context/generic 100%
github.com/vmware-tanzu/vm-operator/pkg/context/operation 100%
github.com/vmware-tanzu/vm-operator/pkg/patch 78%
github.com/vmware-tanzu/vm-operator/pkg/prober 91%
github.com/vmware-tanzu/vm-operator/pkg/prober/probe 90%
github.com/vmware-tanzu/vm-operator/pkg/prober/worker 77%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere 75%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/client 80%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/clustermodules 71%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/config 89%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/contentlibrary 74%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/credentials 100%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/network 80%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/placement 79%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/session 71%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/storage 44%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/sysprep 100%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/vcenter 82%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/virtualmachine 84%
github.com/vmware-tanzu/vm-operator/pkg/providers/vsphere/vmlifecycle 67%
github.com/vmware-tanzu/vm-operator/pkg/record 78%
github.com/vmware-tanzu/vm-operator/pkg/topology 91%
github.com/vmware-tanzu/vm-operator/pkg/util 87%
github.com/vmware-tanzu/vm-operator/pkg/util/annotations 100%
github.com/vmware-tanzu/vm-operator/pkg/util/cloudinit 89%
github.com/vmware-tanzu/vm-operator/pkg/util/cloudinit/validate 91%
github.com/vmware-tanzu/vm-operator/pkg/util/image 100%
github.com/vmware-tanzu/vm-operator/pkg/util/kube 88%
github.com/vmware-tanzu/vm-operator/pkg/util/kube/cource 100%
github.com/vmware-tanzu/vm-operator/pkg/util/kube/internal 100%
github.com/vmware-tanzu/vm-operator/pkg/util/kube/spq 100%
github.com/vmware-tanzu/vm-operator/pkg/util/paused 100%
github.com/vmware-tanzu/vm-operator/pkg/util/ptr 100%
github.com/vmware-tanzu/vm-operator/pkg/util/resize 97%
github.com/vmware-tanzu/vm-operator/pkg/util/vmopv1 92%
github.com/vmware-tanzu/vm-operator/pkg/util/vsphere/client 64%
github.com/vmware-tanzu/vm-operator/pkg/util/vsphere/vm 79%
github.com/vmware-tanzu/vm-operator/pkg/util/vsphere/watcher 86%
github.com/vmware-tanzu/vm-operator/pkg/vmconfig 95%
github.com/vmware-tanzu/vm-operator/pkg/vmconfig/crypto 98%
github.com/vmware-tanzu/vm-operator/pkg/webconsolevalidation 100%
github.com/vmware-tanzu/vm-operator/services/vm-watcher 91%
github.com/vmware-tanzu/vm-operator/webhooks/common 100%
github.com/vmware-tanzu/vm-operator/webhooks/persistentvolumeclaim/validation 95%
github.com/vmware-tanzu/vm-operator/webhooks/unifiedstoragequota/validation 92%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachine/mutation 87%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachine/validation 95%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachineclass/mutation 62%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachineclass/validation 89%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinepublishrequest/validation 92%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinereplicaset/validation 90%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachineservice/mutation 67%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachineservice/validation 92%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinesetresourcepolicy/validation 89%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinewebconsolerequest/v1alpha1/validation 92%
github.com/vmware-tanzu/vm-operator/webhooks/virtualmachinewebconsolerequest/v1alpha2/validation 92%
Summary 83% (10381 / 12498)

Minimum allowed line rate is 79%

@JoyceXiaojun
Copy link

Overall looks good to me from upgrade perspective. Shouldn't be any port conflict since we don't explicitly delete any deployment and re-deploy with the same port. We should test upgrade path from last release to main with this change for verification.

One minor thing: should add two new deployment names here when validating component health during upgrade: https://gitlab-vmw.devops.broadcom.net/core-build/cayman_vm-operator/-/blob/vmware-main/vm-operator/wcp_patch/upgrade/gc_component_upgrade.py#L20

Thanks for the change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aruneshpa aruneshpa Awaiting requested review from aruneshpa

@bryanv bryanv Awaiting requested review from bryanv

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
cla-not-required size/XL Denotes a PR that changes 500-999 lines.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@akutz @JoyceXiaojun @vmwclabot