Skip to content

PCP-5152: Multiple node HCP cluster losing interface reference #238

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 8 commits into from
Closed

PCP-5152: Multiple node HCP cluster losing interface reference #238

wants to merge 8 commits into from

Conversation

@AmitSahastra
Copy link
Contributor

@AmitSahastra AmitSahastra commented Sep 17, 2025

No description provided.

AmitSahastra and others added 8 commits September 12, 2025 10:18
@AmitSahastra
PCP-5152: Multiple node HCP cluster losing interface reference
9473f87
@AmitSahastra
Additional changes (#225)
b96dd8c 
* Additional changes

* trust password and code cleanup (#226)
@AmitSahastra
Additional changes
81e5fea
@AmitSahastra
Add gate to registration logic, seperate it to initializer and put gr…
f1f423c 
…ace period. Code cleanup.
@AmitSahastra
Add gate to registration logic, seperate it to initializer and put gr…
e14886a 
…ace period. Code cleanup. (#234)

* Additional changes

* Add gate to registration logic, seperate it to initializer and put grace period. Code cleanup.
@AmitSahastra
- Gosec fix
8f98000 
- Cleanup daemonset once all host are registered
@AmitSahastra
Additional changes
2b15f73
@AmitSahastra
Merge branch 'PCP-1552' into PCP-1552_4
cd6f0df
Copilot AI reviewed Sep 17, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR addresses the PCP-5152 issue regarding multiple node HCP clusters losing interface references by refactoring the LXD initialization and registration process. The changes move the responsibility for LXD host registration from the controller to a DaemonSet running on target cluster nodes, which improves reliability and provides better MAAS integration.

Key changes:

  • Removes direct LXD host registration from the controller's ReconcileLXD() method
  • Adds new utility functions for safe type conversion and trust password derivation
  • Significantly enhances the LXD initializer DaemonSet with proper registration logic, staggered execution, and improved error handling

Reviewed Changes

Copilot reviewed 12 out of 14 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
pkg/util/utils.go Adds safe int64 to int32 conversion utility
pkg/util/trust/password.go Adds deterministic trust password generation
pkg/maas/lxd/service.go Removes setupLXDOnMachine function and simplifies reconciliation
pkg/maas/lxd/host_maas_client.go Adds hostname support for LXD host registration
lxd-initializer/lxd-initializer.go Major refactor with registration logic, staggering, and improved configuration
lxd-initializer/lxd-initializer-daemonset.yaml Updates container image version
lxd-initializer/go.mod Updates maas-client-go dependency
go.mod Updates maas-client-go dependency
controllers/templates/lxd_initializer_rbac.yaml Adds list and watch permissions for nodes
controllers/templates/lxd_initializer_ds.yaml Updates image and adds imagePullPolicy
controllers/maasmachine_controller.go Adds forced VM deletion during host cleanup
controllers/lxd_initializer_ds.go Adds intelligent deployment gating and short-circuit logic

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

lxd-initializer/lxd-initializer.go
Comment on lines +471 to +478
// // Determine host short name for unique bridge suffix
// hostShort := nodeName
// if hostShort == "" {
// if osHN, _ := os.Hostname(); osHN != "" {
// hostShort = osHN
// }
// }
// hostToken := normalizeName(hostShort)
Copy link

Copilot AI Sep 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove commented-out code to improve maintainability. If this logic might be needed later, consider documenting the reasoning in a regular comment instead.

Copilot uses AI. Check for mistakes.
lxd-initializer/lxd-initializer.go
Comment on lines +487 to +491
// // Unique bridge per host to avoid cross-host name collisions
// uniqueBridge := networkBridge
// if hostToken != "" {
// uniqueBridge = fmt.Sprintf("%s-%s", networkBridge, hostToken)
// }
Copy link

Copilot AI Sep 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove commented-out code to improve maintainability. If this logic might be needed later, consider documenting the reasoning in a regular comment instead.

Copilot uses AI. Check for mistakes.
lxd-initializer/lxd-initializer.go
Comment on lines +665 to +675
// // Keep the container running to maintain the DaemonSet if in daemon mode
// log.Println("LXD initialization completed successfully")
// log.Println("Starting periodic trust-password maintainer")
// go func() {
// for {
// if err := setTrustPassword(trustPassword); err != nil {
// log.Printf("periodic trust password set failed: %v", err)
// }
// time.Sleep(15 * time.Minute)
// }
// }()
Copy link

Copilot AI Sep 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove commented-out code to improve maintainability. If this periodic trust password functionality might be needed later, consider documenting the reasoning in a regular comment instead.

Suggested change
// // Keep the container running to maintain the DaemonSet if in daemon mode
// log.Println("LXD initialization completed successfully")
// log.Println("Starting periodic trust-password maintainer")
// go func() {
// for {
// if err := setTrustPassword(trustPassword); err != nil {
// log.Printf("periodic trust password set failed: %v", err)
// }
// time.Sleep(15 * time.Minute)
// }
// }()
// If periodic trust password maintenance is needed in the future, consider running setTrustPassword in a background goroutine here.

Copilot uses AI. Check for mistakes.
@AmitSahastra
Copy link
Contributor Author

AmitSahastra commented Sep 17, 2025

Closing this change will go inhttps://github.com//pull/239

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@Kun483 Kun483 Awaiting requested review from Kun483

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@AmitSahastra