#4852

Committed 13 Aug 2024 12:06AM UTC coverage: 59.141% (-0.03%) from 59.171%

Build # #4852

Build Type

push

travis-ci

Committed by

web-flow

Commit Message

nbdkit datapath debug (#3361)

* pkg/image/nbdkit: Enable controlpath debugging

Disabling datapath debugging reduces noise, but controlpath debugging
is actually useful, not very noisy, and usually you would want it to
be enabled.

The difference is explained here:

https://libguestfs.org/nbdkit.1.html#SERVER-DEBUG-FLAGS

Virt-v2v disables datapath debugging but keeps controlpath debugging
enabled.

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>

* pkg/image/nbdkit: Enable recommended nbdkit VDDK debugging options

VDDK datapath debugging logs every VDDK read and write which is noisy
and unnecessary.

Enabling VDDK stats gives useful information about how long each VDDK
call took, for virtually no overhead.  This information is printed to
stderr when nbdkit closes the connection.

This matches the upstream recommendations here, and also the flags
used by virt-v2v:

https://libguestfs.org/nbdkit-vddk-plugin.1.html#Troubleshooting-performance-problems

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>

---------

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>

Run Details

0 of 2 new or added lines in 1 file covered. (0.0%)

152 existing lines in 5 files now uncovered.

16488 of 27879 relevant lines covered (59.14%)

0.65 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

59.84

/pkg/operator/controller/route.go

/*
Copyright 2018 The CDI Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package controller

import (
        "context"
        "fmt"

        "github.com/go-logr/logr"
        routev1 "github.com/openshift/api/route/v1"

        corev1 "k8s.io/api/core/v1"
        "k8s.io/apimachinery/pkg/api/errors"
        "k8s.io/apimachinery/pkg/api/meta"
        metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
        "k8s.io/apimachinery/pkg/runtime"
        "k8s.io/client-go/tools/record"

        "sigs.k8s.io/controller-runtime/pkg/client"
        "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
        "sigs.k8s.io/controller-runtime/pkg/source"

        cc "kubevirt.io/containerized-data-importer/pkg/controller/common"
        "kubevirt.io/containerized-data-importer/pkg/util"
)

const (
        uploadProxyServiceName = "cdi-uploadproxy"
        uploadProxyRouteName   = uploadProxyServiceName
        uploadProxyCABundle    = "cdi-uploadproxy-signer-bundle"
)

func ensureUploadProxyRouteExists(ctx context.Context, logger logr.Logger, c client.Client, scheme *runtime.Scheme, owner metav1.Object) error {
        namespace := owner.GetNamespace()
        if namespace == "" {
                return fmt.Errorf("cluster scoped owner not supported")
        }

        cert, err := getUploadProxyCABundle(ctx, c)
        if err != nil {
                if errors.IsNotFound(err) {
                        logger.V(3).Info("ensureUploadProxyRouteExists() upload proxy ca cert doesn't exist")
                        return nil
                }
                return err
        }

        cr, err := cc.GetActiveCDI(ctx, c)
        if err != nil {
                return err
        }
        if cr == nil {
                return fmt.Errorf("no active CDI")
        }
        installerLabels := util.GetRecommendedInstallerLabelsFromCr(cr)

        desiredRoute := &routev1.Route{
                ObjectMeta: metav1.ObjectMeta{
                        Name:      uploadProxyRouteName,
                        Namespace: namespace,
                        Labels: map[string]string{
                                "cdi.kubevirt.io": "",
                        },
                        Annotations: map[string]string{
                                // long timeout here to make sure client connection doesn't die during qcow->raw conversion
                                "haproxy.router.openshift.io/timeout": "60m",
                        },
                },
                Spec: routev1.RouteSpec{
                        To: routev1.RouteTargetReference{
                                Kind: "Service",
                                Name: uploadProxyServiceName,
                        },
                        TLS: &routev1.TLSConfig{
                                Termination:                   routev1.TLSTerminationReencrypt,
                                InsecureEdgeTerminationPolicy: routev1.InsecureEdgeTerminationPolicyRedirect,
                                DestinationCACertificate:      cert,
                        },
                },
        }
        util.SetRecommendedLabels(desiredRoute, installerLabels, "cdi-operator")

        currentRoute := &routev1.Route{}
        key := client.ObjectKey{Namespace: namespace, Name: uploadProxyRouteName}
        err = c.Get(ctx, key, currentRoute)
        if err == nil {
                if currentRoute.Spec.To.Kind != desiredRoute.Spec.To.Kind ||
                        currentRoute.Spec.To.Name != desiredRoute.Spec.To.Name ||
                        currentRoute.Spec.TLS == nil ||
                        currentRoute.Spec.TLS.Termination != desiredRoute.Spec.TLS.Termination ||
                        currentRoute.Spec.TLS.DestinationCACertificate != desiredRoute.Spec.TLS.DestinationCACertificate {
                        currentRoute.Spec = desiredRoute.Spec
                        return c.Update(ctx, currentRoute)
                }

                return nil
        }

        if !errors.IsNotFound(err) {
                return err
        }

        if err = controllerutil.SetControllerReference(owner, desiredRoute, scheme); err != nil {
                return err
        }

        return c.Create(ctx, desiredRoute)
}

func updateUserRoutes(ctx context.Context, logger logr.Logger, c client.Client, recorder record.EventRecorder) error {
        cert, err := getUploadProxyCABundle(ctx, c)
        if err != nil {
                if errors.IsNotFound(err) {
                        logger.V(3).Info("updateUserRoutes() upload proxy ca cert doesn't exist")
                        return nil
                }
                return err
        }

        routes := &routev1.RouteList{}
        err = c.List(ctx, routes, &client.ListOptions{
                Namespace: util.GetNamespace(),
        })
        if err != nil {
                return err
        }

        for _, r := range routes.Items {
                route := r.DeepCopy()
                if route.Annotations[annInjectUploadProxyCert] != "true" {
                        continue
                }

                if route.Spec.TLS == nil {
                        logger.V(1).Info("Route has no TLS config, skipping", "route", route.Name)
                        continue
                }

                if route.Spec.TLS.DestinationCACertificate != cert {
                        logger.V(1).Info("Updating route with new CA cert", "route", route.Name)
                        route.Spec.TLS.DestinationCACertificate = cert
                        if err := c.Update(ctx, route); err != nil {
                                return err
                        }
                        recorder.Event(route, corev1.EventTypeNormal, updateUserRouteSuccess, "Successfully updated Route destination CA certificate")
                }
        }

        return nil
}

func getUploadProxyCABundle(ctx context.Context, c client.Client) (string, error) {
        cm := &corev1.ConfigMap{}
        key := client.ObjectKey{Namespace: util.GetNamespace(), Name: uploadProxyCABundle}
        if err := c.Get(ctx, key, cm); err != nil {
                return "", err
        }
        return cm.Data["ca-bundle.crt"], nil
}

func (r *ReconcileCDI) watchRoutes() error {
        if !r.haveRoutes {
                log.Info("Not watching Routes")
                return nil
        }
        var route client.Object = &routev1.Route{}
        return r.controller.Watch(source.Kind(r.getCache(), route, enqueueCDI(r.client)))
}

func haveRoutes(c client.Client) (bool, error) {
        err := c.List(context.TODO(), &routev1.RouteList{}, &client.ListOptions{
                Namespace: util.GetNamespace(),
                Limit:     1,
        })
        if err != nil {
                if meta.IsNoMatchError(err) {
                        return false, nil
                }
                return false, err
        }
        return true, nil
}

1	/*
2	Copyright 2018 The CDI Authors.
3
4	Licensed under the Apache License, Version 2.0 (the "License");
5	you may not use this file except in compliance with the License.
6	You may obtain a copy of the License at
7
8	http://www.apache.org/licenses/LICENSE-2.0
9
10	Unless required by applicable law or agreed to in writing, software
11	distributed under the License is distributed on an "AS IS" BASIS,
12	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13	See the License for the specific language governing permissions and
14	limitations under the License.
15	*/
16
17	package controller
18
19	import (
20	"context"
21	"fmt"
22
23	"github.com/go-logr/logr"
24	routev1 "github.com/openshift/api/route/v1"
25
26	corev1 "k8s.io/api/core/v1"
27	"k8s.io/apimachinery/pkg/api/errors"
28	"k8s.io/apimachinery/pkg/api/meta"
29	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
30	"k8s.io/apimachinery/pkg/runtime"
31	"k8s.io/client-go/tools/record"
32
33	"sigs.k8s.io/controller-runtime/pkg/client"
34	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
35	"sigs.k8s.io/controller-runtime/pkg/source"
36
37	cc "kubevirt.io/containerized-data-importer/pkg/controller/common"
38	"kubevirt.io/containerized-data-importer/pkg/util"
39	)
40
41	const (
42	uploadProxyServiceName = "cdi-uploadproxy"
43	uploadProxyRouteName = uploadProxyServiceName
44	uploadProxyCABundle = "cdi-uploadproxy-signer-bundle"
45	)
46
47	func ensureUploadProxyRouteExists(ctx context.Context, logger logr.Logger, c client.Client, scheme *runtime.Scheme, owner metav1.Object) error {	1✔
48	namespace := owner.GetNamespace()	1✔
49	if namespace == "" {	1✔
50	return fmt.Errorf("cluster scoped owner not supported")	×
UNCOV 51	}	×
52
53	cert, err := getUploadProxyCABundle(ctx, c)	1✔
54	if err != nil {	1✔
55	if errors.IsNotFound(err) {	×
56	logger.V(3).Info("ensureUploadProxyRouteExists() upload proxy ca cert doesn't exist")	×
57	return nil	×
58	}	×
59	return err	×
60	}
61
62	cr, err := cc.GetActiveCDI(ctx, c)	1✔
63	if err != nil {	1✔
64	return err	×
65	}	×
66	if cr == nil {	1✔
UNCOV 67	return fmt.Errorf("no active CDI")	×
UNCOV 68	}	×
69	installerLabels := util.GetRecommendedInstallerLabelsFromCr(cr)	1✔
70		1✔
71	desiredRoute := &routev1.Route{	1✔
72	ObjectMeta: metav1.ObjectMeta{	1✔
73	Name: uploadProxyRouteName,	1✔
74	Namespace: namespace,	1✔
75	Labels: map[string]string{	1✔
76	"cdi.kubevirt.io": "",	1✔
77	},	1✔
78	Annotations: map[string]string{	1✔
79	// long timeout here to make sure client connection doesn't die during qcow->raw conversion	1✔
80	"haproxy.router.openshift.io/timeout": "60m",	1✔
81	},	1✔
82	},	1✔
83	Spec: routev1.RouteSpec{	1✔
84	To: routev1.RouteTargetReference{	1✔
85	Kind: "Service",	1✔
86	Name: uploadProxyServiceName,	1✔
87	},	1✔
88	TLS: &routev1.TLSConfig{	1✔
89	Termination: routev1.TLSTerminationReencrypt,	1✔
90	InsecureEdgeTerminationPolicy: routev1.InsecureEdgeTerminationPolicyRedirect,	1✔
91	DestinationCACertificate: cert,	1✔
92	},	1✔
93	},	1✔
94	}	1✔
95	util.SetRecommendedLabels(desiredRoute, installerLabels, "cdi-operator")	1✔
96		1✔
97	currentRoute := &routev1.Route{}	1✔
98	key := client.ObjectKey{Namespace: namespace, Name: uploadProxyRouteName}	1✔
99	err = c.Get(ctx, key, currentRoute)	1✔
100	if err == nil {	2✔
101	if currentRoute.Spec.To.Kind != desiredRoute.Spec.To.Kind \|\|	1✔
102	currentRoute.Spec.To.Name != desiredRoute.Spec.To.Name \|\|	1✔
103	currentRoute.Spec.TLS == nil \|\|	1✔
104	currentRoute.Spec.TLS.Termination != desiredRoute.Spec.TLS.Termination \|\|	1✔
105	currentRoute.Spec.TLS.DestinationCACertificate != desiredRoute.Spec.TLS.DestinationCACertificate {	1✔
UNCOV 106	currentRoute.Spec = desiredRoute.Spec	×
UNCOV 107	return c.Update(ctx, currentRoute)	×
UNCOV 108	}	×
109
110	return nil	1✔
111	}
112
113	if !errors.IsNotFound(err) {	1✔
UNCOV 114	return err	×
UNCOV 115	}	×
116
117	if err = controllerutil.SetControllerReference(owner, desiredRoute, scheme); err != nil {	1✔
UNCOV 118	return err	×
119	}	×
120
121	return c.Create(ctx, desiredRoute)	1✔
122	}
123
124	func updateUserRoutes(ctx context.Context, logger logr.Logger, c client.Client, recorder record.EventRecorder) error {	1✔
125	cert, err := getUploadProxyCABundle(ctx, c)	1✔
126	if err != nil {	1✔
UNCOV 127	if errors.IsNotFound(err) {	×
UNCOV 128	logger.V(3).Info("updateUserRoutes() upload proxy ca cert doesn't exist")	×
129	return nil	×
130	}	×
UNCOV 131	return err	×
132	}
133
134	routes := &routev1.RouteList{}	1✔
135	err = c.List(ctx, routes, &client.ListOptions{	1✔
136	Namespace: util.GetNamespace(),	1✔
137	})	1✔
138	if err != nil {	1✔
139	return err	×
140	}	×
141
142	for _, r := range routes.Items {	2✔
143	route := r.DeepCopy()	1✔
144	if route.Annotations[annInjectUploadProxyCert] != "true" {	2✔
145	continue	1✔
146	}
147
148	if route.Spec.TLS == nil {	1✔
149	logger.V(1).Info("Route has no TLS config, skipping", "route", route.Name)	×
UNCOV 150	continue	×
151	}
152
153	if route.Spec.TLS.DestinationCACertificate != cert {	2✔
154	logger.V(1).Info("Updating route with new CA cert", "route", route.Name)	1✔
155	route.Spec.TLS.DestinationCACertificate = cert	1✔
156	if err := c.Update(ctx, route); err != nil {	1✔
UNCOV 157	return err	×
UNCOV 158	}	×
159	recorder.Event(route, corev1.EventTypeNormal, updateUserRouteSuccess, "Successfully updated Route destination CA certificate")	1✔
160	}
161	}
162
163	return nil	1✔
164	}
165
166	func getUploadProxyCABundle(ctx context.Context, c client.Client) (string, error) {	1✔
167	cm := &corev1.ConfigMap{}	1✔
168	key := client.ObjectKey{Namespace: util.GetNamespace(), Name: uploadProxyCABundle}	1✔
169	if err := c.Get(ctx, key, cm); err != nil {	1✔
UNCOV 170	return "", err	×
UNCOV 171	}	×
172	return cm.Data["ca-bundle.crt"], nil	1✔
173	}
174
UNCOV 175	func (r *ReconcileCDI) watchRoutes() error {	×
UNCOV 176	if !r.haveRoutes {	×
UNCOV 177	log.Info("Not watching Routes")	×
UNCOV 178	return nil	×
UNCOV 179	}	×
UNCOV 180	var route client.Object = &routev1.Route{}	×
UNCOV 181	return r.controller.Watch(source.Kind(r.getCache(), route, enqueueCDI(r.client)))	×
182	}
183
UNCOV 184	func haveRoutes(c client.Client) (bool, error) {	×
UNCOV 185	err := c.List(context.TODO(), &routev1.RouteList{}, &client.ListOptions{	×
UNCOV 186	Namespace: util.GetNamespace(),	×
UNCOV 187	Limit: 1,	×
UNCOV 188	})	×
UNCOV 189	if err != nil {	×
UNCOV 190	if meta.IsNoMatchError(err) {	×
UNCOV 191	return false, nil	×
UNCOV 192	}	×
UNCOV 193	return false, err	×
194	}
UNCOV 195	return true, nil	×
196	}

kubevirt / containerized-data-importer / #4852

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous