Validate kubevirt plugin

Author: pruthvitd

internal/controller/drplacementcontrol_controller.go

@@ -1368,9 +1368,6 @@ func (r *DRPlacementControlReconciler) updateResourceCondition(
 		ProtectedPVCs:   extractProtectedPVCNames(vrg),
 	}
 
-	drpc.Status.ResourceConditions.Conditions = assignConditionsWithConflictCheck(
-		vrgs, vrg, VRGConditionTypeNoClusterDataConflict)
-
 	if vrg.Status.PVCGroups != nil {
 		drpc.Status.ResourceConditions.ResourceMeta.PVCGroups = vrg.Status.PVCGroups
 	}
@@ -1385,7 +1382,7 @@ func (r *DRPlacementControlReconciler) updateResourceCondition(
 		drpc.Status.LastKubeObjectProtectionTime = &vrg.Status.KubeObjectProtection.CaptureToRecoverFrom.EndTime
 	}
 
-	updateDRPCProtectedCondition(drpc, vrg, clusterName)
+	updateDRPCProtectedCondition(drpc, vrg, clusterName, vrgs)
 }
 
 // getVRG retrieves a VRG either from the provided map or fetches it from the managed cluster/S3 store.
@@ -1446,85 +1443,6 @@ func extractProtectedPVCNames(vrg *rmn.VolumeReplicationGroup) []string {
 	return protectedPVCs
 }
 
-// findConflictCondition selects the appropriate condition from VRGs based on the conflict type.
-func findConflictCondition(vrgs map[string]*rmn.VolumeReplicationGroup, conflictType string) *metav1.Condition {
-	var selectedCondition *metav1.Condition
-
-	for _, vrg := range vrgs {
-		condition := meta.FindStatusCondition(vrg.Status.Conditions, conflictType)
-		if condition != nil && condition.Status == metav1.ConditionFalse {
-			// Prioritize primary VRG's condition if available
-			if isVRGPrimary(vrg) {
-				return condition // Exit early if primary VRG condition is found
-			}
-
-			// Assign the first non-primary VRG's condition if no primary found yet
-			if selectedCondition == nil {
-				selectedCondition = condition
-			}
-		}
-	}
-
-	return selectedCondition
-}
-
-// assignConditionsWithConflictCheck assigns conditions from a given VRG while prioritizing conflict conditions.
-func assignConditionsWithConflictCheck(vrgs map[string]*rmn.VolumeReplicationGroup,
-	vrg *rmn.VolumeReplicationGroup, conflictType string,
-) []metav1.Condition {
-	conditions := &vrg.Status.Conditions
-	conflictCondition := findConflictCondition(vrgs, conflictType)
-
-	// Ensure the conflict condition is present in the conditions list
-	if conflictCondition != nil {
-		setConflictStatusCondition(conditions, *conflictCondition)
-	}
-
-	return *conditions
-}
-
-func setConflictStatusCondition(existingConditions *[]metav1.Condition,
-	newCondition metav1.Condition,
-) metav1.Condition {
-	if existingConditions == nil {
-		existingConditions = &[]metav1.Condition{}
-	}
-
-	existingCondition := rmnutil.FindCondition(*existingConditions, newCondition.Type)
-	if existingCondition == nil {
-		newCondition.LastTransitionTime = metav1.NewTime(time.Now())
-		*existingConditions = append(*existingConditions, newCondition)
-
-		return newCondition
-	}
-
-	if existingCondition.Status != newCondition.Status ||
-		existingCondition.Reason != newCondition.Reason {
-		existingCondition.Status = newCondition.Status
-		existingCondition.Reason = newCondition.Reason
-		existingCondition.LastTransitionTime = metav1.NewTime(time.Now())
-	}
-
-	defaultValue := "none"
-	if newCondition.Reason == "" {
-		newCondition.Reason = defaultValue
-	}
-
-	if newCondition.Message == "" {
-		newCondition.Message = defaultValue
-	}
-
-	existingCondition.Reason = newCondition.Reason
-	existingCondition.Message = newCondition.Message
-	// TODO: Why not update lastTranTime if the above change?
-
-	if existingCondition.ObservedGeneration != newCondition.ObservedGeneration {
-		existingCondition.LastTransitionTime = metav1.NewTime(time.Now())
-	}
-
-	return *existingCondition
-}
-
 // clusterForVRGStatus determines which cluster's VRG should be inspected for status updates to DRPC
 func (r *DRPlacementControlReconciler) clusterForVRGStatus(
 	drpc *rmn.DRPlacementControl, userPlacement client.Object, log logr.Logger,

internal/controller/protected_condition.go

@@ -5,8 +5,10 @@ package controllers
 
 import (
 	"fmt"
+	"time"
 
 	rmn "github.com/ramendr/ramen/api/v1alpha1"
+	rmnutil "github.com/ramendr/ramen/internal/controller/util"
 	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -28,16 +30,17 @@ func updateDRPCProtectedCondition(
 	drpc *rmn.DRPlacementControl,
 	vrg *rmn.VolumeReplicationGroup,
 	clusterName string,
+	vrgs map[string]*rmn.VolumeReplicationGroup,
 ) {
 	if updateVRGClusterDataReady(drpc, vrg, clusterName) {
 		return
 	}
 
-	if updateDRPCProtectedForReplicationState(drpc, vrg, clusterName) {
+	if updateDRPCProtectedForReplicationState(drpc, vrg, clusterName, vrgs) {
 		return
 	}
 
-	if updateVRGNoClusterDataConflict(drpc, vrg, clusterName) {
+	if updateVRGNoClusterDataConflict(drpc, vrg, vrgs) {
 		return
 	}
 
@@ -64,13 +67,19 @@ func updateDRPCProtectedForReplicationState(
 	drpc *rmn.DRPlacementControl,
 	vrg *rmn.VolumeReplicationGroup,
 	clusterName string,
+	vrgs map[string]*rmn.VolumeReplicationGroup,
 ) bool {
+	var fromCluster string
+
+	drpc.Status.ResourceConditions.Conditions, fromCluster = mergeVRGsConditions(
+		vrgs, vrg, VRGConditionTypeDataReady)
+
 	switch vrg.Spec.ReplicationState {
 	case rmn.Primary:
-		return updateVRGDataReadyAsPrimary(drpc, vrg, clusterName) ||
+		return updateVRGDataReadyAsPrimary(drpc, vrg, fromCluster) ||
 			updateVRGDataProtectedAsPrimary(drpc, vrg, clusterName)
 	case rmn.Secondary:
-		return updateVRGDataReadyAsSecondary(drpc, vrg, clusterName) ||
+		return updateVRGDataReadyAsSecondary(drpc, vrg, fromCluster) ||
 			updateVRGDataProtectedAsSecondary(drpc, vrg, clusterName)
 	}
 
@@ -185,8 +194,13 @@ func updateVRGDataProtectedAsPrimary(drpc *rmn.DRPlacementControl,
 //   - Returns a bool that is true if status was updated, and false otherwise
 func updateVRGNoClusterDataConflict(drpc *rmn.DRPlacementControl,
 	vrg *rmn.VolumeReplicationGroup,
-	clusterName string,
+	vrgs map[string]*rmn.VolumeReplicationGroup,
 ) bool {
+	var clusterName string
+
+	drpc.Status.ResourceConditions.Conditions, clusterName = mergeVRGsConditions(
+		vrgs, vrg, VRGConditionTypeNoClusterDataConflict)
+
 	return genericUpdateProtectedForCondition(drpc, vrg, clusterName, VRGConditionTypeNoClusterDataConflict,
 		"workload data protection", "checking for workload data conflict", "conflicting workload data")
 }
@@ -305,3 +319,87 @@ func updateMiscVRGStatus(drpc *rmn.DRPlacementControl,
 
 	return !updated
 }
+
+// findConflictCondition selects the appropriate condition from VRGs based on the conflict type.
+func findConflictCondition(vrgs map[string]*rmn.VolumeReplicationGroup,
+	conflictType string,
+) (*metav1.Condition, string) {
+	var selectedCondition *metav1.Condition
+
+	var clusterName string
+
+	for _, vrg := range vrgs {
+		condition := meta.FindStatusCondition(vrg.Status.Conditions, conflictType)
+		if condition != nil && condition.Status == metav1.ConditionFalse {
+			// Prioritize primary VRG's condition if available
+			clusterName = vrg.GetAnnotations()[DestinationClusterAnnotationKey]
+			if isVRGPrimary(vrg) {
+				return condition, clusterName // Exit early if primary VRG condition is found
+			}
+
+			// Assign the first non-primary VRG's condition if no primary found yet
+			if selectedCondition == nil {
+				selectedCondition = condition
+			}
+		}
+	}
+
+	return selectedCondition, clusterName
+}
+
+// mergeVRGsConditions assigns conditions from a given VRG while prioritizing conflict conditions.
+func mergeVRGsConditions(vrgs map[string]*rmn.VolumeReplicationGroup,
+	vrg *rmn.VolumeReplicationGroup, conflictType string,
+) ([]metav1.Condition, string) {
+	conditions := &vrg.Status.Conditions
+	conflictCondition, clusterName := findConflictCondition(vrgs, conflictType)
+
+	// Ensure the conflict condition is present in the conditions list
+	if conflictCondition != nil {
+		setConflictStatusCondition(conditions, *conflictCondition)
+	}
+
+	return *conditions, clusterName
+}
+
+func setConflictStatusCondition(existingConditions *[]metav1.Condition,
+	newCondition metav1.Condition,
+) metav1.Condition {
+	if existingConditions == nil {
+		existingConditions = &[]metav1.Condition{}
+	}
+
+	existingCondition := rmnutil.FindCondition(*existingConditions, newCondition.Type)
+	if existingCondition == nil {
+		newCondition.LastTransitionTime = metav1.NewTime(time.Now())
+		*existingConditions = append(*existingConditions, newCondition)
+
+		return newCondition
+	}
+
+	if existingCondition.Status != newCondition.Status ||
+		existingCondition.Reason != newCondition.Reason {
+		existingCondition.Status = newCondition.Status
+		existingCondition.Reason = newCondition.Reason
+		existingCondition.LastTransitionTime = metav1.NewTime(time.Now())
+	}
+
+	defaultValue := "none"
+	if newCondition.Reason == "" {
+		newCondition.Reason = defaultValue
+	}
+
+	if newCondition.Message == "" {
+		newCondition.Message = defaultValue
+	}
+
+	existingCondition.Reason = newCondition.Reason
+	existingCondition.Message = newCondition.Message
+	// TODO: Why not update lastTranTime if the above change?
+
+	if existingCondition.ObservedGeneration != newCondition.ObservedGeneration {
+		existingCondition.LastTransitionTime = metav1.NewTime(time.Now())
+	}
+
+	return *existingCondition
+}

internal/controller/vrg_recipe.go

@@ -17,6 +17,7 @@ import (
 	"github.com/ramendr/ramen/internal/controller/kubeobjects"
 	"github.com/ramendr/ramen/internal/controller/util"
 	recipev1 "github.com/ramendr/recipe/api/v1alpha1"
+	appsv1 "k8s.io/api/apps/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"sigs.k8s.io/controller-runtime/pkg/builder"
@@ -165,6 +166,10 @@ func RecipeElementsGet(ctx context.Context, reader client.Reader, vrg ramen.Volu
 		return recipeElements, fmt.Errorf("recipe %v namespaces validation error: %w", recipeNamespacedName.String(), err)
 	}
 
+	if err := recipeVMBackupValidate(ctx, reader, recipeElements, vrg, ramenConfig, log); err != nil {
+		return recipeElements, fmt.Errorf("recipe %v VM backup validation error: %w", recipeNamespacedName.String(), err)
+	}
+
 	return recipeElements, nil
 }
 
@@ -329,6 +334,89 @@ func recipeNamespacesValidate(recipeElements util.RecipeElements, vrg ramen.Volu
 	return nil
 }
 
+func recipeVMBackupValidate(ctx context.Context, reader client.Reader, recipeElements util.RecipeElements,
+	vrg ramen.VolumeReplicationGroup,
+	ramenConfig ramen.RamenConfig, log logr.Logger,
+) error {
+	vmProtection := isProtectingVirtualMachine(recipeElements, vrg, log)
+
+	if !vmProtection {
+		return nil
+	}
+
+	if ramenConfig.KubeObjectProtection.VeleroNamespaceName != "" ||
+		len(ramenConfig.KubeObjectProtection.VeleroNamespaceName) > 0 {
+		if isKubeVirtEnabled(ctx, reader, ramenConfig, log) {
+			return nil
+		}
+
+		return fmt.Errorf("kubevirt plugin is disabled, hence VM resources backup/restore might not succeed")
+	}
+
+	log.Info("Velero is not used for discovered app DR")
+
+	return nil
+}
+
+func isProtectingVirtualMachine(recipeElements util.RecipeElements, vrg ramen.VolumeReplicationGroup,
+	log logr.Logger,
+) bool {
+	if vrg.Spec.KubeObjectProtection.RecipeRef.Name == recipecore.VMRecipeName {
+		log.Info("Recipe protects VM resources")
+
+		return true
+	}
+
+	// ToDO: Add validatation on recipe protecting VMs without using inbuilt VM-recipe
+	for _, group := range recipeElements.RecipeWithParams.Spec.Groups {
+		if len(group.IncludedResourceTypes) > 0 {
+			for _, resourceTypes := range group.IncludedResourceTypes {
+				if strings.Contains(strings.ToLower(resourceTypes), "virtualmachine") {
+					log.Info("Recipe protects VM resources")
+
+					return true
+				}
+			}
+		}
+	}
+
+	log.Info("Recipe is not protecting VM resource")
+
+	return false
+}
+
+func isKubeVirtEnabled(ctx context.Context, reader client.Reader,
+	ramenConfig ramen.RamenConfig, log logr.Logger,
+) bool {
+	log.Info("Checking if kubevirt is enabled")
+	// Read Velero deployment and check if kubevirt plugin is enabled
+	var veleroDeploy appsv1.Deployment
+
+	veleroLookUpKey := types.NamespacedName{
+		Name:      "velero",
+		Namespace: ramenConfig.KubeObjectProtection.VeleroNamespaceName,
+	}
+	// Fetch the Velero deployment
+	if err := reader.Get(ctx, veleroLookUpKey, &veleroDeploy); err != nil {
+		log.Error(err, "failed to get Velero deployment")
+
+		return false
+	}
+
+	// Go through InitContainers to check if kubevirt plugin is enabled
+	for _, ic := range veleroDeploy.Spec.Template.Spec.InitContainers {
+		if strings.Contains(ic.Name, "kubevirt-velero-plugin") {
+			log.Info("kubevirt is enabled")
+
+			return true
+		}
+	}
+
+	log.Info("kubevirt is not enabled")
+
+	return false
+}
+
 func recipeNamespaceNames(recipeElements util.RecipeElements) sets.Set[string] {
 	namespaceNames := make(sets.Set[string], 0)