[NX-OS] Add defaults for VPCDomain resource (#156)

The default values are taken from the DME reference.

Author: felix-kaestner

api/cisco/nx/v1alpha1/vpcdomain_types.go

@@ -36,31 +36,36 @@ type VPCDomainSpec struct {
 	// +optional
 	// +kubebuilder:validation:Minimum=1
 	// +kubebuilder:validation:Maximum=65535
+	// +kubebuilder:default=32667
 	RolePriority int32 `json:"rolePriority"`
 
 	// SystemPriority is the system priority for this vPC domain (1-65535).
 	// Used to ensure that the vPC domain devices are primary devices on LACP. Must match on both peers.
 	// +optional
 	// +kubebuilder:validation:Minimum=1
 	// +kubebuilder:validation:Maximum=65535
+	// +kubebuilder:default=32667
 	SystemPriority int32 `json:"systemPriority"`
 
 	// DelayRestoreSVI is the delay in seconds (1-3600) before bringing up interface-vlan (SVI) after peer-link comes up.
 	// This prevents traffic blackholing during convergence.
 	// +optional
 	// +kubebuilder:validation:Minimum=1
 	// +kubebuilder:validation:Maximum=3600
+	// +kubebuilder:default=10
 	DelayRestoreSVI int16 `json:"delayRestoreSVI"`
 
 	// DelayRestoreVPC is the delay in seconds (1-3600) before bringing up the member ports after the peer-link is restored.
 	// +optional
 	// +kubebuilder:validation:Minimum=1
 	// +kubebuilder:validation:Maximum=3600
+	// +kubebuilder:default=30
 	DelayRestoreVPC int16 `json:"delayRestoreVPC"`
 
 	// FastConvergence ensures that both SVIs and member ports are shut down simultaneously when the peer-link goes down.
 	// This synchronization helps prevent traffic loss.
 	// +optional
+	// +kubebuilder:default={enabled:false}
 	FastConvergence Enabled `json:"fastConvergence"`
 
 	// Peer contains the vPC's domain peer configuration including peer-link, keepalive.
@@ -86,15 +91,15 @@ type Peer struct {
 	// This interface carries control and data traffic between the two vPC domain peers.
 	// It is usually dedicated port-channel, but it can also be a single physical interface.
 	// +required
-	InterfaceRef v1alpha1.LocalObjectReference `json:"interfaceRef,omitempty"`
+	InterfaceRef v1alpha1.LocalObjectReference `json:"interfaceRef"`
 
 	// KeepAlive defines the out-of-band keepalive configuration.
 	// +required
 	KeepAlive KeepAlive `json:"keepalive"`
 
 	// AutoRecovery defines auto-recovery settings for restoring vPC domain after peer failure.
 	// +optional
-	AutoRecovery *AutoRecovery `json:"autoRecovery,omitempty"`
+	AutoRecovery *AutoRecovery `json:"autoRecovery"`
 
 	// Switch enables peer-switch functionality on this peer.
 	// When enabled, both vPC domain peers use the same spanning-tree bridge ID, allowing both
@@ -147,14 +152,15 @@ type AutoRecovery struct {
 	// When enabled, the switch will wait for ReloadDelay seconds after peer failure
 	// before assuming the peer is dead and restoring the vPC's domain functionality.
 	// +required
-	Enabled bool `json:"enabled,omitempty"`
+	Enabled bool `json:"enabled"`
 
 	// ReloadDelay is the time in seconds (60-3600) to wait before assuming the peer is dead
 	// and automatically attempting to restore the communication with the peer.
 	// +optional
 	// +kubebuilder:validation:Minimum=60
 	// +kubebuilder:validation:Maximum=3600
-	ReloadDelay int16 `json:"reloadDelay,omitempty"`
+	// +kubebuilder:default=240
+	ReloadDelay int16 `json:"reloadDelay"`
 }
 
 // VPCDomainStatus defines the observed state of VPCDomain.
@@ -179,10 +185,6 @@ type VPCDomainStatus struct {
 	//+optional
 	Conditions []metav1.Condition `json:"conditions,omitempty"`
 
-	// DomainID is the vPC domain ID as reported by the device.
-	// +optional
-	DomainID uint16 `json:"domainId,omitempty"`
-
 	// Role indicates the current operational role of this vPC domain peer.
 	// +optional
 	Role VPCDomainRole `json:"role,omitempty"`
@@ -207,7 +209,7 @@ type VPCDomainStatus struct {
 
 	// PeerUptime indicates how long the vPC domain peer has been up and reachable via keepalive.
 	// +optional
-	PeerUptime metav1.Duration `json:"peerUptime,omitempty"`
+	PeerUptime metav1.Duration `json:"peerUptime,omitempty,omitzero"`
 
 	// PeerLinkIf is the name of the interface used as the vPC domain peer-link.
 	// +optional

charts/network-operator/templates/crd/nx.cisco.networking.metal.ironcore.dev_vpcdomains.yaml

@@ -105,13 +105,15 @@ spec:
                 - Down
                 type: string
               delayRestoreSVI:
+                default: 10
                 description: |-
                   DelayRestoreSVI is the delay in seconds (1-3600) before bringing up interface-vlan (SVI) after peer-link comes up.
                   This prevents traffic blackholing during convergence.
                 maximum: 3600
                 minimum: 1
                 type: integer
               delayRestoreVPC:
+                default: 30
                 description: DelayRestoreVPC is the delay in seconds (1-3600) before
                   bringing up the member ports after the peer-link is restored.
                 maximum: 3600
@@ -145,6 +147,8 @@ spec:
                 minimum: 1
                 type: integer
               fastConvergence:
+                default:
+                  enabled: false
                 description: |-
                   FastConvergence ensures that both SVIs and member ports are shut down simultaneously when the peer-link goes down.
                   This synchronization helps prevent traffic loss.
@@ -179,6 +183,7 @@ spec:
                           before assuming the peer is dead and restoring the vPC's domain functionality.
                         type: boolean
                       reloadDelay:
+                        default: 240
                         description: |-
                           ReloadDelay is the time in seconds (60-3600) to wait before assuming the peer is dead
                           and automatically attempting to restore the communication with the peer.
@@ -293,6 +298,7 @@ spec:
                 - keepalive
                 type: object
               rolePriority:
+                default: 32667
                 description: |-
                   RolePriority is the role priority for this vPC domain (1-65535).
                   The switch with the lower role priority becomes the operational primary.
@@ -301,6 +307,7 @@ spec:
                 minimum: 1
                 type: integer
               systemPriority:
+                default: 32667
                 description: |-
                   SystemPriority is the system priority for this vPC domain (1-65535).
                   Used to ensure that the vPC domain devices are primary devices on LACP. Must match on both peers.
@@ -388,9 +395,6 @@ spec:
                 x-kubernetes-list-map-keys:
                 - type
                 x-kubernetes-list-type: map
-              domainId:
-                description: DomainID is the vPC domain ID as reported by the device.
-                type: integer
               keepaliveStatus:
                 description: KeepAliveStatus indicates the status of the peer via
                   the keepalive link.

config/crd/bases/nx.cisco.networking.metal.ironcore.dev_vpcdomains.yaml

@@ -99,13 +99,15 @@ spec:
                 - Down
                 type: string
               delayRestoreSVI:
+                default: 10
                 description: |-
                   DelayRestoreSVI is the delay in seconds (1-3600) before bringing up interface-vlan (SVI) after peer-link comes up.
                   This prevents traffic blackholing during convergence.
                 maximum: 3600
                 minimum: 1
                 type: integer
               delayRestoreVPC:
+                default: 30
                 description: DelayRestoreVPC is the delay in seconds (1-3600) before
                   bringing up the member ports after the peer-link is restored.
                 maximum: 3600
@@ -139,6 +141,8 @@ spec:
                 minimum: 1
                 type: integer
               fastConvergence:
+                default:
+                  enabled: false
                 description: |-
                   FastConvergence ensures that both SVIs and member ports are shut down simultaneously when the peer-link goes down.
                   This synchronization helps prevent traffic loss.
@@ -173,6 +177,7 @@ spec:
                           before assuming the peer is dead and restoring the vPC's domain functionality.
                         type: boolean
                       reloadDelay:
+                        default: 240
                         description: |-
                           ReloadDelay is the time in seconds (60-3600) to wait before assuming the peer is dead
                           and automatically attempting to restore the communication with the peer.
@@ -287,6 +292,7 @@ spec:
                 - keepalive
                 type: object
               rolePriority:
+                default: 32667
                 description: |-
                   RolePriority is the role priority for this vPC domain (1-65535).
                   The switch with the lower role priority becomes the operational primary.
@@ -295,6 +301,7 @@ spec:
                 minimum: 1
                 type: integer
               systemPriority:
+                default: 32667
                 description: |-
                   SystemPriority is the system priority for this vPC domain (1-65535).
                   Used to ensure that the vPC domain devices are primary devices on LACP. Must match on both peers.
@@ -382,9 +389,6 @@ spec:
                 x-kubernetes-list-map-keys:
                 - type
                 x-kubernetes-list-type: map
-              domainId:
-                description: DomainID is the vPC domain ID as reported by the device.
-                type: integer
               keepaliveStatus:
                 description: KeepAliveStatus indicates the status of the peer via
                   the keepalive link.

config/samples/cisco/nx/v1alpha1_vpcdomain.yaml

@@ -124,7 +124,6 @@ spec:
   delayRestoreSVI: 140
   delayRestoreVPC: 150
   peer:
-    vpcId: 1
     adminState: Up
     interfaceRef:
       name: po1

internal/provider/cisco/nxos/provider.go

@@ -2167,7 +2167,7 @@ type VPCDomainStatus struct {
 	Role nxv1alpha1.VPCDomainRole
 }
 
-// EnsureVPC applies the vPC configuration on the device. It also ensures that the vPC feature
+// EnsureVPCDomain applies the vPC configuration on the device. It also ensures that the vPC feature
 // is enabled on the device.
 // `vrf` is a resource referencing the VRF to use in the keep-alive link configuration, can be nil.
 // `pc` is a resource referencing a port-channel interface to use as vPC peer-link, must not be nil.
@@ -2177,32 +2177,20 @@ func (p *Provider) EnsureVPCDomain(ctx context.Context, vpcdomain *nxv1alpha1.VP
 	f.AdminSt = AdminStEnabled
 
 	v := new(VPCDomain)
-	v.Id = uint16(vpcdomain.Spec.DomainID) // #nosec G115 -- kubebuilder
+	v.ID = vpcdomain.Spec.DomainID
+	v.RolePrio = vpcdomain.Spec.RolePriority
+	v.SysPrio = vpcdomain.Spec.SystemPriority
+	v.DelayRestoreSVI = vpcdomain.Spec.DelayRestoreSVI
+	v.DelayRestoreVPC = vpcdomain.Spec.DelayRestoreVPC
 
 	v.AdminSt = AdminStEnabled
 	if vpcdomain.Spec.AdminState == v1alpha1.AdminStateDown {
 		v.AdminSt = AdminStDisabled
 	}
 
-	if vpcdomain.Spec.RolePriority > 0 {
-		v.RolePrio = NewOption(uint16(vpcdomain.Spec.RolePriority)) // #nosec G115 -- kubebuilder validation
-	}
-
-	if vpcdomain.Spec.SystemPriority > 0 {
-		v.SysPrio = NewOption(uint16(vpcdomain.Spec.SystemPriority)) // #nosec G115 -- kubebuilder validation
-	}
-
-	if vpcdomain.Spec.DelayRestoreSVI > 0 {
-		v.DelayRestoreSVI = NewOption(uint16(vpcdomain.Spec.DelayRestoreSVI)) // #nosec G115 -- kubebuilder validation
-	}
-
-	if vpcdomain.Spec.DelayRestoreVPC > 0 {
-		v.DelayRestoreVPC = NewOption(uint16(vpcdomain.Spec.DelayRestoreVPC)) // #nosec G115 -- kubebuilder validation
-	}
-
-	v.FastConvergence = NewOption(AdminStDisabled)
+	v.FastConvergence = AdminStDisabled
 	if vpcdomain.Spec.FastConvergence.Enabled {
-		v.FastConvergence = NewOption(AdminStEnabled)
+		v.FastConvergence = AdminStEnabled
 	}
 
 	v.PeerSwitch = AdminStDisabled
@@ -2220,18 +2208,14 @@ func (p *Provider) EnsureVPCDomain(ctx context.Context, vpcdomain *nxv1alpha1.VP
 		v.L3PeerRouter = AdminStEnabled
 	}
 
-	if vpcdomain.Spec.Peer.AutoRecovery != nil {
-		v.AutoRecovery = NewOption(AdminStDisabled)
-		if vpcdomain.Spec.Peer.AutoRecovery.Enabled {
-			v.AutoRecovery = NewOption(AdminStEnabled)
-		}
-		if vpcdomain.Spec.Peer.AutoRecovery.ReloadDelay > 0 {
-			v.AutoRecoveryReloadDelay = NewOption(uint16(vpcdomain.Spec.Peer.AutoRecovery.ReloadDelay)) // #nosec G115 -- kubebuilder validation
-		}
+	v.AutoRecovery = AdminStDisabled
+	v.AutoRecoveryReloadDelay = 240
+	if vpcdomain.Spec.Peer.AutoRecovery != nil && vpcdomain.Spec.Peer.AutoRecovery.Enabled {
+		v.AutoRecovery = AdminStEnabled
+		v.AutoRecoveryReloadDelay = vpcdomain.Spec.Peer.AutoRecovery.ReloadDelay
 	}
 
 	v.KeepAliveItems.DestIP = vpcdomain.Spec.Peer.KeepAlive.Destination
-
 	v.KeepAliveItems.SrcIP = vpcdomain.Spec.Peer.KeepAlive.Source
 
 	if vrf != nil {
@@ -2242,8 +2226,8 @@ func (p *Provider) EnsureVPCDomain(ctx context.Context, vpcdomain *nxv1alpha1.VP
 	if err != nil {
 		return fmt.Errorf("vpc: failed to get short name for the port-channel interface %q: %w", pc.Spec.Name, err)
 	}
-	v.KeepAliveItems.PeerLinkItems.Id = pcName
 
+	v.KeepAliveItems.PeerLinkItems.Id = pcName
 	v.KeepAliveItems.PeerLinkItems.AdminSt = AdminStEnabled
 	if vpcdomain.Spec.Peer.AdminState == v1alpha1.AdminStateDown {
 		v.KeepAliveItems.PeerLinkItems.AdminSt = AdminStDisabled

internal/provider/cisco/nxos/vpc.go

@@ -21,18 +21,18 @@ var (
 
 // VPCDomain represents the domain of a virtual Port Channel (vPC)
 type VPCDomain struct {
-	AdminSt                 AdminSt         `json:"adminSt"`
-	AutoRecovery            Option[AdminSt] `json:"autoRecovery"`
-	AutoRecoveryReloadDelay Option[uint16]  `json:"autoRecoveryIntvl"`
-	DelayRestoreSVI         Option[uint16]  `json:"delayRestoreSVI"`
-	DelayRestoreVPC         Option[uint16]  `json:"delayRestoreVPC"`
-	FastConvergence         Option[AdminSt] `json:"fastConvergence"`
-	Id                      uint16          `json:"id"`
-	L3PeerRouter            AdminSt         `json:"l3PeerRouter"`
-	PeerGateway             AdminSt         `json:"peerGw"`
-	PeerSwitch              AdminSt         `json:"peerSwitch"`
-	RolePrio                Option[uint16]  `json:"rolePrio"`
-	SysPrio                 Option[uint16]  `json:"sysPrio"`
+	AdminSt                 AdminSt `json:"adminSt"`
+	AutoRecovery            AdminSt `json:"autoRecovery"`
+	AutoRecoveryReloadDelay int16   `json:"autoRecoveryIntvl"`
+	DelayRestoreSVI         int16   `json:"delayRestoreSVI"`
+	DelayRestoreVPC         int16   `json:"delayRestoreVPC"`
+	FastConvergence         AdminSt `json:"fastConvergence"`
+	ID                      int16   `json:"id"`
+	L3PeerRouter            AdminSt `json:"l3PeerRouter"`
+	PeerGateway             AdminSt `json:"peerGw"`
+	PeerSwitch              AdminSt `json:"peerSwitch"`
+	RolePrio                int32   `json:"rolePrio"`
+	SysPrio                 int32   `json:"sysPrio"`
 	KeepAliveItems          struct {
 		DestIP        string `json:"destIp"`
 		SrcIP         string `json:"srcIp"`

internal/provider/cisco/nxos/vpc_test.go

@@ -6,17 +6,17 @@ package nxos
 func init() {
 	vd := &VPCDomain{
 		AdminSt:                 AdminStEnabled,
-		AutoRecovery:            NewOption(AdminStEnabled),
-		AutoRecoveryReloadDelay: NewOption[uint16](360),
-		DelayRestoreSVI:         NewOption[uint16](45),
-		DelayRestoreVPC:         NewOption[uint16](150),
-		FastConvergence:         NewOption(AdminStEnabled),
-		Id:                      2,
+		AutoRecovery:            AdminStEnabled,
+		AutoRecoveryReloadDelay: 360,
+		DelayRestoreSVI:         45,
+		DelayRestoreVPC:         150,
+		FastConvergence:         AdminStEnabled,
+		ID:                      2,
 		L3PeerRouter:            AdminStEnabled,
 		PeerGateway:             AdminStEnabled,
 		PeerSwitch:              AdminStEnabled,
-		RolePrio:                NewOption[uint16](100),
-		SysPrio:                 NewOption[uint16](10),
+		RolePrio:                100,
+		SysPrio:                 10,
 	}
 	vd.KeepAliveItems.DestIP = "10.114.235.156"
 	vd.KeepAliveItems.SrcIP = "10.114.235.155"