Merge pull request #1802 from rabi/ctlplane_fixed_ip

openshift-merge-bot[bot] · web-flow · commit f46ba0fbe669 · 2026-02-12T05:12:28.000Z
Validate ansibleHost and ctlplane fixedIP for pre-provisioned nodes
diff --git a/api/dataplane/v1beta1/openstackdataplanenodeset_webhook.go b/api/dataplane/v1beta1/openstackdataplanenodeset_webhook.go
@@ -19,6 +19,7 @@ package v1beta1
 import (
 	"context"
 	"fmt"
+	"net"
 	"reflect"
 	"strings"
 
@@ -133,6 +134,10 @@ func (r *OpenStackDataPlaneNodeSet) validateNodes(ctx context.Context, c client.
 		errors = append(errors, r.Spec.duplicateNodeCheck(nodeSetList, r.ObjectMeta.Name)...)
 	}
 
+	if r.Spec.PreProvisioned {
+		errors = append(errors, r.Spec.validatePreProvisionedNodes()...)
+	}
+
 	return errors, nil
 
 }
@@ -227,3 +232,32 @@ func (spec *OpenStackDataPlaneNodeSetSpec) ValidateDelete() field.ErrorList {
 	return field.ErrorList{}
 
 }
+
+// validatePreProvisionedNodes validates that ansibleHost is a valid IP
+// for pre-provisioned nodes. An IP is required so that the controller
+// can default the ctlplane fixedIP from it, ensuring IPAM reserves the
+// correct address that matches the already-configured node interface.
+func (spec *OpenStackDataPlaneNodeSetSpec) validatePreProvisionedNodes() field.ErrorList {
+	var errors field.ErrorList
+
+	for nodeName, node := range spec.Nodes {
+		nodePath := field.NewPath("spec").Child("nodes").Key(nodeName)
+
+		if node.Ansible.AnsibleHost == "" {
+			errors = append(errors, field.Required(
+				nodePath.Child("ansible", "ansibleHost"),
+				"ansibleHost must be a valid IP address for "+
+					"pre-provisioned nodes"))
+			continue
+		}
+
+		if net.ParseIP(node.Ansible.AnsibleHost) == nil {
+			errors = append(errors, field.Invalid(
+				nodePath.Child("ansible", "ansibleHost"),
+				node.Ansible.AnsibleHost,
+				"ansibleHost must be a valid IP address for "+
+					"pre-provisioned nodes"))
+		}
+	}
+	return errors
+}
diff --git a/internal/dataplane/ipam.go b/internal/dataplane/ipam.go
@@ -20,6 +20,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"net"
 	"sort"
 	"strings"
 
@@ -359,10 +360,17 @@ func reserveIPs(ctx context.Context, helper *helper.Helper,
 		}
 
 		if len(node.Networks) > 0 {
-			for _, net := range node.Networks {
-				if strings.EqualFold(string(net.Name), dataplanev1.CtlPlaneNetwork) ||
-					netServiceNetMap[strings.ToLower(string(net.Name))] == dataplanev1.CtlPlaneNetwork {
+			for i, nnet := range node.Networks {
+				if strings.EqualFold(string(nnet.Name), dataplanev1.CtlPlaneNetwork) ||
+					netServiceNetMap[strings.ToLower(string(nnet.Name))] == dataplanev1.CtlPlaneNetwork {
 					foundCtlPlane = true
+					// Default ctlplane fixedIP from ansibleHost for pre-provisioned nodes
+					if instance.Spec.PreProvisioned &&
+						node.Ansible.AnsibleHost != "" &&
+						(nnet.FixedIP == nil || *nnet.FixedIP == "") &&
+						net.ParseIP(node.Ansible.AnsibleHost) != nil {
+						node.Networks[i].FixedIP = &node.Ansible.AnsibleHost
+					}
 					break
 				}
 			}
diff --git a/test/functional/ctlplane/base_test.go b/test/functional/ctlplane/base_test.go
@@ -420,7 +420,11 @@ func DefaultDataPlaneNoNodeSetSpec(tlsEnabled bool) map[string]interface{} {
 	if tlsEnabled {
 		spec["tlsEnabled"] = true
 	}
-	spec["nodes"] = map[string]dataplanev1.NodeSection{"edpm-compute-node-1": {}}
+	spec["nodes"] = map[string]dataplanev1.NodeSection{"edpm-compute-node-1": {
+		Ansible: dataplanev1.AnsibleOpts{
+			AnsibleHost: "192.168.122.100",
+		},
+	}}
 	return spec
 }
 
diff --git a/test/functional/dataplane/base_test.go b/test/functional/dataplane/base_test.go
@@ -141,7 +141,11 @@ func CustomServiceImageSpec() map[string]interface{} {
 				"ansibleVars": ansibleServiceVars,
 			},
 		},
-		"nodes": map[string]dataplanev1.NodeSection{"edpm-compute-node-1": {}},
+		"nodes": map[string]dataplanev1.NodeSection{"edpm-compute-node-1": {
+			Ansible: dataplanev1.AnsibleOpts{
+				AnsibleHost: "192.168.122.100",
+			},
+		}},
 	}
 }
 
@@ -235,6 +239,9 @@ func DefaultDataPlaneNodeSetSpec(nodeSetName string) map[string]interface{} {
 					{Name: "networkinternal", SubnetName: "subnet1"},
 					{Name: "ctlplane", SubnetName: "subnet1"},
 				},
+				"ansible": map[string]interface{}{
+					"ansibleHost": "192.168.122.100",
+				},
 			},
 		},
 		"baremetalSetTemplate": map[string]interface{}{
@@ -268,6 +275,9 @@ func DuplicateServiceNodeSetSpec(nodeSetName string) map[string]interface{} {
 					{Name: "networkinternal", SubnetName: "subnet1"},
 					{Name: "ctlplane", SubnetName: "subnet1"},
 				},
+				"ansible": map[string]interface{}{
+					"ansibleHost": "192.168.122.100",
+				},
 			},
 		},
 		"secretMaxSize":  1048576,
@@ -292,7 +302,11 @@ func DefaultDataPlaneNoNodeSetSpec(tlsEnabled bool) map[string]interface{} {
 	if tlsEnabled {
 		spec["tlsEnabled"] = true
 	}
-	spec["nodes"] = map[string]dataplanev1.NodeSection{"edpm-compute-node-1": {}}
+	spec["nodes"] = map[string]dataplanev1.NodeSection{"edpm-compute-node-1": {
+		Ansible: dataplanev1.AnsibleOpts{
+			AnsibleHost: "192.168.122.100",
+		},
+	}}
 	return spec
 }
 
diff --git a/test/functional/dataplane/openstackdataplanenodeset_controller_test.go b/test/functional/dataplane/openstackdataplanenodeset_controller_test.go
@@ -320,6 +320,9 @@ var _ = Describe("Dataplane NodeSet Test", func() {
 				nodes := map[string]dataplanev1.NodeSection{
 					dataplaneNodeName.Name: {
 						HostName: dataplaneNodeName.Name,
+						Ansible: dataplanev1.AnsibleOpts{
+							AnsibleHost: "192.168.122.100",
+						},
 					},
 				}
 				Expect(dataplaneNodeSetInstance.Spec.Nodes).Should(Equal(nodes))
@@ -422,6 +425,9 @@ var _ = Describe("Dataplane NodeSet Test", func() {
 				nodes := map[string]dataplanev1.NodeSection{
 					dataplaneNodeName.Name: {
 						HostName: dataplaneNodeName.Name,
+						Ansible: dataplanev1.AnsibleOpts{
+							AnsibleHost: "192.168.122.100",
+						},
 					},
 				}
 				Expect(dataplaneNodeSetInstance.Spec.Nodes).Should(Equal(nodes))
@@ -726,6 +732,7 @@ var _ = Describe("Dataplane NodeSet Test", func() {
 					},
 					"ansible": map[string]interface{}{
 						"ansibleUser": "test-user",
+						"ansibleHost": "192.168.122.100",
 					},
 				}
 
@@ -845,6 +852,9 @@ var _ = Describe("Dataplane NodeSet Test", func() {
 				nodes := map[string]dataplanev1.NodeSection{
 					dataplaneNodeName.Name: {
 						HostName: dataplaneNodeName.Name,
+						Ansible: dataplanev1.AnsibleOpts{
+							AnsibleHost: "192.168.122.100",
+						},
 					},
 				}
 				Expect(dataplaneNodeSetInstance.Spec.Nodes).Should(Equal(nodes))
@@ -1144,6 +1154,7 @@ var _ = Describe("Dataplane NodeSet Test", func() {
 					},
 					"ansible": map[string]interface{}{
 						"ansibleUser": "test-user",
+						"ansibleHost": "192.168.122.100",
 					},
 				}
 
diff --git a/test/functional/dataplane/openstackdataplanenodeset_webhook_test.go b/test/functional/dataplane/openstackdataplanenodeset_webhook_test.go
@@ -130,7 +130,11 @@ var _ = Describe("DataplaneNodeSet Webhook", func() {
 			nodeSetSpec["preProvisioned"] = true
 			nodeSetSpec["nodes"] = map[string]interface{}{
 				"compute-0": map[string]interface{}{
-					"hostName": "compute-0"},
+					"hostName": "compute-0",
+					"ansible": map[string]interface{}{
+						"ansibleHost": "192.168.122.100",
+					},
+				},
 			}
 			DeferCleanup(th.DeleteInstance, CreateDataplaneNodeSet(dataplaneNodeSetName, nodeSetSpec))
 		})
@@ -141,7 +145,11 @@ var _ = Describe("DataplaneNodeSet Webhook", func() {
 				newNodeSetSpec["preProvisioned"] = true
 				newNodeSetSpec["nodes"] = map[string]interface{}{
 					"compute-0": map[string]interface{}{
-						"hostName": "compute-0"},
+						"hostName": "compute-0",
+						"ansible": map[string]interface{}{
+							"ansibleHost": "192.168.122.100",
+						},
+					},
 				}
 				newInstance := DefaultDataplaneNodeSetTemplate(types.NamespacedName{Name: "test-duplicate-node", Namespace: namespace}, newNodeSetSpec)
 				unstructuredObj := &unstructured.Unstructured{Object: newInstance}
@@ -159,16 +167,24 @@ var _ = Describe("DataplaneNodeSet Webhook", func() {
 					"compute-3": map[string]interface{}{
 						"hostName": "compute-3",
 						"ansible": map[string]interface{}{
-							"ansibleHost": "compute-3",
+							"ansibleHost": "192.168.122.103",
 						},
 					},
 					"compute-2": map[string]interface{}{
-						"hostName": "compute-2"},
+						"hostName": "compute-2",
+						"ansible": map[string]interface{}{
+							"ansibleHost": "192.168.122.102",
+						},
+					},
 					"compute-8": map[string]interface{}{
-						"hostName": "compute-8"},
+						"hostName": "compute-8",
+						"ansible": map[string]interface{}{
+							"ansibleHost": "192.168.122.108",
+						},
+					},
 					"compute-0": map[string]interface{}{
 						"ansible": map[string]interface{}{
-							"ansibleHost": "compute-0",
+							"ansibleHost": "192.168.122.100",
 						},
 					},
 				}
@@ -180,13 +196,43 @@ var _ = Describe("DataplaneNodeSet Webhook", func() {
 			}).Should(ContainSubstring("already exists in another cluster"))
 		})
 	})
+
+	When("A pre-provisioned NodeSet is created without a valid IP as ansibleHost", func() {
+		It("Should block creation", func() {
+			Eventually(func(_ Gomega) string {
+				spec := DefaultDataPlaneNoNodeSetSpec(false)
+				spec["nodes"] = map[string]interface{}{
+					"compute-0": map[string]interface{}{
+						"hostName": "compute-0",
+						"ansible": map[string]interface{}{
+							"ansibleHost": "compute-0.example.com",
+						},
+					},
+				}
+				name := types.NamespacedName{
+					Name: "test-hostname-ansiblehost", Namespace: namespace}
+				obj := DefaultDataplaneNodeSetTemplate(name, spec)
+				unstructuredObj := &unstructured.Unstructured{Object: obj}
+				_, err := controllerutil.CreateOrPatch(
+					th.Ctx, th.K8sClient, unstructuredObj,
+					func() error { return nil })
+				return fmt.Sprintf("%s", err)
+			}).Should(ContainSubstring(
+				"ansibleHost must be a valid IP address"))
+		})
+	})
+
 	When("A NodeSet is updated with a OpenStackDataPlaneDeployment", func() {
 		BeforeEach(func() {
 			nodeSetSpec := DefaultDataPlaneNoNodeSetSpec(false)
 			nodeSetSpec["preProvisioned"] = true
 			nodeSetSpec["nodes"] = map[string]interface{}{
 				"compute-0": map[string]interface{}{
-					"hostName": "compute-0"},
+					"hostName": "compute-0",
+					"ansible": map[string]interface{}{
+						"ansibleHost": "192.168.122.100",
+					},
+				},
 			}
 
 			DeferCleanup(th.DeleteInstance, CreateDataplaneNodeSet(dataplaneNodeSetName, nodeSetSpec))
diff --git a/test/kuttl/tests/dataplane-create-test/00-assert.yaml b/test/kuttl/tests/dataplane-create-test/00-assert.yaml
@@ -17,11 +17,12 @@ spec:
   nodes:
     edpm-compute-0:
       hostName: edpm-compute-0
+      ansible:
+        ansibleHost: 192.168.122.100
       networks:
       - name: ctlplane
         subnetName: subnet1
         defaultRoute: true
-        fixedIP: 192.168.122.100
       - name: internalapi
         subnetName: subnet1
       - name: storage
diff --git a/test/kuttl/tests/dataplane-create-test/00-dataplane-create.yaml b/test/kuttl/tests/dataplane-create-test/00-dataplane-create.yaml
@@ -61,11 +61,12 @@ spec:
   nodes:
     edpm-compute-0:
       hostName: edpm-compute-0
+      ansible:
+        ansibleHost: 192.168.122.100
       networks:
       - name: ctlplane
         subnetName: subnet1
         defaultRoute: true
-        fixedIP: 192.168.122.100
       - name: internalapi
         subnetName: subnet1
       - name: storage
diff --git a/test/kuttl/tests/dataplane-deploy-multiple-secrets/00-assert.yaml b/test/kuttl/tests/dataplane-deploy-multiple-secrets/00-assert.yaml
@@ -51,11 +51,12 @@ spec:
   nodes:
     edpm-compute-0:
       hostName: edpm-compute-0
+      ansible:
+        ansibleHost: 192.168.122.100
       networks:
       - name: ctlplane
         subnetName: subnet1
         defaultRoute: true
-        fixedIP: 192.168.122.100
       - name: internalapi
         subnetName: subnet1
         fixedIP: 172.17.0.100
@@ -67,11 +68,12 @@ spec:
         fixedIP: 172.19.0.100
     edpm-compute-1:
       hostName: edpm-compute-1
+      ansible:
+        ansibleHost: 192.168.122.101
       networks:
       - name: ctlplane
         subnetName: subnet1
         defaultRoute: true
-        fixedIP: 192.168.122.101
       - name: internalapi
         subnetName: subnet1
         fixedIP: 172.17.0.101
@@ -83,11 +85,12 @@ spec:
         fixedIP: 172.19.0.101
     edpm-compute-2:
       hostName: edpm-compute-2
+      ansible:
+        ansibleHost: 192.168.122.102
       networks:
       - name: ctlplane
         subnetName: subnet1
         defaultRoute: true
-        fixedIP: 192.168.122.102
       - name: internalapi
         subnetName: subnet1
         fixedIP: 172.17.0.102
diff --git a/test/kuttl/tests/dataplane-deploy-multiple-secrets/00-dataplane-create.yaml b/test/kuttl/tests/dataplane-deploy-multiple-secrets/00-dataplane-create.yaml
@@ -49,11 +49,12 @@ spec:
   nodes:
     edpm-compute-0:
       hostName: edpm-compute-0
+      ansible:
+        ansibleHost: 192.168.122.100
       networks:
       - name: ctlplane
         subnetName: subnet1
         defaultRoute: true
-        fixedIP: 192.168.122.100
       - name: internalapi
         subnetName: subnet1
         fixedIP: 172.17.0.100
@@ -65,11 +66,12 @@ spec:
         fixedIP: 172.19.0.100
     edpm-compute-1:
       hostName: edpm-compute-1
+      ansible:
+        ansibleHost: 192.168.122.101
       networks:
       - name: ctlplane
         subnetName: subnet1
         defaultRoute: true
-        fixedIP: 192.168.122.101
       - name: internalapi
         subnetName: subnet1
         fixedIP: 172.17.0.101
@@ -81,11 +83,12 @@ spec:
         fixedIP: 172.19.0.101
     edpm-compute-2:
       hostName: edpm-compute-2
+      ansible:
+        ansibleHost: 192.168.122.102
       networks:
       - name: ctlplane
         subnetName: subnet1
         defaultRoute: true
-        fixedIP: 192.168.122.102
       - name: internalapi
         subnetName: subnet1
         fixedIP: 172.17.0.102
diff --git a/test/kuttl/tests/dataplane-deploy-tls-test/00-assert.yaml b/test/kuttl/tests/dataplane-deploy-tls-test/00-assert.yaml
diff --git a/test/kuttl/tests/dataplane-deploy-tls-test/00-dataplane-create.yaml b/test/kuttl/tests/dataplane-deploy-tls-test/00-dataplane-create.yaml
diff --git a/test/kuttl/tests/dataplane-multinode-nodeset-create-test/00-dataplane-create.yaml b/test/kuttl/tests/dataplane-multinode-nodeset-create-test/00-dataplane-create.yaml
diff --git a/test/kuttl/tests/dataplane-multinode-nodeset-create-test/02-dataplane-scale-out.yaml b/test/kuttl/tests/dataplane-multinode-nodeset-create-test/02-dataplane-scale-out.yaml

Original file line number	Diff line number	Diff line change
`@@ -420,7 +420,11 @@ func DefaultDataPlaneNoNodeSetSpec(tlsEnabled bool) map[string]interface{} {`
`420`	`420`	`if tlsEnabled {`
`421`	`421`	`spec["tlsEnabled"] = true`
`422`	`422`	`}`
`423`		`- spec["nodes"] = map[string]dataplanev1.NodeSection{"edpm-compute-node-1": {}}`
	`423`	`+ spec["nodes"] = map[string]dataplanev1.NodeSection{"edpm-compute-node-1": {`
	`424`	`+ Ansible: dataplanev1.AnsibleOpts{`
	`425`	`+ AnsibleHost: "192.168.122.100",`
	`426`	`+ },`
	`427`	`+ }}`
`424`	`428`	`return spec`
`425`	`429`	`}`
`426`	`430`