cloudstack Enforce strict host tag check

trafficstars

Description

Documentation PR: https://github.com/apache/cloudstack-documentation/pull/398

Currently, an administrator can break host tag compatibility for a VM administrator by certain operations:

deploy/start VM on a specific host
migrate VM
restore VM
scale VM

This PR allows the user to specify tags which must be checked during these operations.

Global Settings

vm.strict.host.tags - A comma-separated list of tags for strict host check (Default - empty)
vm.strict.resource.limit.host.tag.check - Determines whether the resource limits tags are considered strict or not (Default - true)

During the above operations, we now check and throw an error if host tags compatibility is being broken for tags specified in vm.strict.host.tags. If vm.strict.resource.limit.host.tag.check is set to true, tags set in resource.limit.host.tags are also checked during these operations.

Types of changes

[ ] Breaking change (fix or feature that would cause existing functionality to change)
[ ] New feature (non-breaking change which adds functionality)
[ ] Bug fix (non-breaking change which fixes an issue)
[x] Enhancement (improves an existing feature and functionality)
[ ] Cleanup (Code refactoring and cleanup, that may add test cases)
[ ] build/CI

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

[ ] Major
[x] Minor

Screenshots (if appropriate):

How Has This Been Tested?

Manually tested

How did you try to break this feature and the system with this change?

Apr 30 '24 16:04 vishesh92

Codecov Report

Attention: Patch coverage is 62.66667% with 28 lines in your changes missing coverage. Please review.

Project coverage is 15.28%. Comparing base (19f9635) to head (73d6888). Report is 103 commits behind head on main.

Files	Patch %	Lines
.../src/main/java/com/cloud/vm/UserVmManagerImpl.java	47.05%	18 Missing :warning:
...rver/src/main/java/com/cloud/vm/UserVmManager.java	63.63%	2 Missing and 2 partials :warning:
...ne/schema/src/main/java/com/cloud/host/HostVO.java	88.88%	0 Missing and 3 partials :warning:
...om/cloud/deploy/DeploymentPlanningManagerImpl.java	0.00%	1 Missing and 1 partial :warning:
.../apache/cloudstack/vm/UnmanagedVMsManagerImpl.java	0.00%	1 Missing :warning:

Additional details and impacted files

@@            Coverage Diff             @@
##               main    #9017    +/-   ##
==========================================
  Coverage     15.28%   15.28%            
- Complexity    11535    11542     +7     
==========================================
  Files          5424     5424            
  Lines        474334   474390    +56     
  Branches      60970    61603   +633     
==========================================
+ Hits          72498    72524    +26     
- Misses       393778   393810    +32     
+ Partials       8058     8056     -2

Flag	Coverage Δ
uitests	`4.25% <ø> (ø)`
unittests	`16.02% <62.66%> (+<0.01%)`	:arrow_up:

Flags with carried forward coverage won't be shown. Click here to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

Apr 30 '24 17:04 codecov-commenter

@blueorangutan package

Apr 30 '24 20:04 vishesh92

@vishesh92 a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

Apr 30 '24 20:04 blueorangutan

Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 9491

Apr 30 '24 22:04 blueorangutan

@blueorangutan test

May 01 '24 05:05 vishesh92

@vishesh92 a [SL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

May 01 '24 05:05 blueorangutan

@blueorangutan package

May 01 '24 17:05 vishesh92

@vishesh92 a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

May 01 '24 17:05 blueorangutan

Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 9507

May 01 '24 18:05 blueorangutan

@blueorangutan test

May 01 '24 18:05 vishesh92

@vishesh92 a [SL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

May 01 '24 18:05 blueorangutan

[SF] Trillian test result (tid-10102) Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7 Total time taken: 47445 seconds Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr9017-t10102-kvm-centos7.zip Smoke tests completed. 128 look OK, 4 have errors, 0 did not run Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_01_events_resource	`Error`	426.75	test_events_resource.py
test_01_restore_vm	`Error`	0.25	test_restore_vm.py
test_02_restore_vm_allocated_root	`Error`	0.15	test_restore_vm.py
ContextSuite context=TestRestoreVM>:teardown	`Error`	1.35	test_restore_vm.py
test_02_trigger_shutdown	`Failure`	346.70	test_safe_shutdown.py
test_02_restore_vm_strict_tags_failure	`Failure`	41.64	test_vm_strict_host_tags.py
test_02_scale_vm_strict_tags_failure	`Failure`	44.85	test_vm_strict_host_tags.py
test_06_deploy_vm_on_any_host_with_strict_tags_failure	`Failure`	1.30	test_vm_strict_host_tags.py
ContextSuite context=TestVMDeploymentPlannerStrictTags>:teardown	`Error`	53.96	test_vm_strict_host_tags.py

May 01 '24 19:05 blueorangutan

[SF] Trillian test result (tid-10124) Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7 Total time taken: 52549 seconds Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr9017-t10124-kvm-centos7.zip Smoke tests completed. 127 look OK, 5 have errors, 0 did not run Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_01_events_resource	`Error`	428.10	test_events_resource.py
test_01_restore_vm	`Error`	0.24	test_restore_vm.py
test_02_restore_vm_allocated_root	`Error`	0.14	test_restore_vm.py
ContextSuite context=TestRestoreVM>:teardown	`Error`	1.23	test_restore_vm.py
test_02_list_cpvm_vm	`Failure`	0.05	test_ssvm.py
test_04_cpvm_internals	`Failure`	0.04	test_ssvm.py
test_01_secure_vm_migration	`Error`	135.30	test_vm_life_cycle.py
test_01_secure_vm_migration	`Error`	135.31	test_vm_life_cycle.py
test_02_restore_vm_strict_tags_failure	`Failure`	46.75	test_vm_strict_host_tags.py
test_02_scale_vm_strict_tags_failure	`Failure`	51.04	test_vm_strict_host_tags.py
test_06_deploy_vm_on_any_host_with_strict_tags_failure	`Failure`	1.31	test_vm_strict_host_tags.py
ContextSuite context=TestVMDeploymentPlannerStrictTags>:teardown	`Error`	77.52	test_vm_strict_host_tags.py

May 02 '24 09:05 blueorangutan

@blueorangutan package

May 02 '24 13:05 vishesh92

@vishesh92 a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

May 02 '24 13:05 blueorangutan

Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 9517

May 02 '24 14:05 blueorangutan

@blueorangutan test

May 02 '24 18:05 vishesh92

@vishesh92 a [SL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

May 02 '24 18:05 blueorangutan

[SF] Trillian test result (tid-10146) Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7 Total time taken: 49258 seconds Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr9017-t10146-kvm-centos7.zip Smoke tests completed. 129 look OK, 3 have errors, 0 did not run Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_01_events_resource	`Error`	437.35	test_events_resource.py
test_01_restore_vm	`Error`	0.21	test_restore_vm.py
test_02_restore_vm_allocated_root	`Error`	0.14	test_restore_vm.py
ContextSuite context=TestRestoreVM>:teardown	`Error`	1.23	test_restore_vm.py
ContextSuite context=TestVMDeploymentPlannerStrictTags>:teardown	`Error`	59.13	test_vm_strict_host_tags.py

May 03 '24 08:05 blueorangutan

@blueorangutan package

May 04 '24 06:05 vishesh92

@vishesh92 a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

May 04 '24 06:05 blueorangutan

Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 9532

May 04 '24 07:05 blueorangutan

@blueorangutan test

May 04 '24 07:05 vishesh92

@vishesh92 a [SL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

May 04 '24 07:05 blueorangutan

[SF] Trillian test result (tid-10154) Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7 Total time taken: 45981 seconds Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr9017-t10154-kvm-centos7.zip Smoke tests completed. 130 look OK, 2 have errors, 0 did not run Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_01_events_resource	`Error`	413.70	test_events_resource.py
test_01_restore_vm	`Error`	0.28	test_restore_vm.py
test_02_restore_vm_allocated_root	`Error`	0.16	test_restore_vm.py
ContextSuite context=TestRestoreVM>:teardown	`Error`	1.25	test_restore_vm.py

May 04 '24 21:05 blueorangutan

@blueorangutan package

May 07 '24 07:05 vishesh92

@vishesh92 a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

May 07 '24 07:05 blueorangutan

Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 9560

May 07 '24 09:05 blueorangutan

@blueorangutan test

May 07 '24 11:05 vishesh92

@vishesh92 a [SL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

May 07 '24 11:05 blueorangutan

cloudstack cloudstack copied to clipboard

Enforce strict host tag check

Description

Global Settings

Types of changes

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

Codecov Report

cloudstack
cloudstack copied to clipboard