The namespace where to spawn a tenant cluster should be resolved as follow:
the namespace specified by the enduser in a node's VirtualMachine template; i.e. as KubevirtMachineTemplate.spec.template.spec.virtualMachineTemplate.metadata.namespace
If this is not set and an infraClusterSecretRef is set for this cluster:
If set, use the namespace directly set as a value in the secret.
Otherwise, fallback to the namespace of the context currently selected in the kubeconfig set in the secret.
If the latter is not set, then fallback to the default namespace
Otherwise, use the "current" namespace where the cluster specification has been created.
The current logic skips 2.ii; i.e. it ignores the namespace, if any, set in the kubeconfig file for the current context and directly fallback to default.
What did you expect to happen:
If the end-user did not specified a namespace in the virtual-machine template, and they reference a secret with a kubeconfig to connect to the infrastructure, but the secret doesn't specified directly a namespace, then the namespace of the context currently selected in the kubeconfig should be used, if it is set.
What steps did you take and what happened:
Discussed with @agradouski:
The namespace where to spawn a tenant cluster should be resolved as follow:
KubevirtMachineTemplate.spec.template.spec.virtualMachineTemplate.metadata.namespace
infraClusterSecretRef
is set for this cluster:kubeconfig
set in the secret.default
namespaceThe current logic skips
2.ii
; i.e. it ignores the namespace, if any, set in thekubeconfig
file for the current context and directly fallback todefault
.What did you expect to happen:
If the end-user did not specified a namespace in the virtual-machine template, and they reference a secret with a
kubeconfig
to connect to the infrastructure, but the secret doesn't specified directly a namespace, then the namespace of the context currently selected in thekubeconfig
should be used, if it is set.Environment:
kubectl version
): v1.20.15/etc/os-release
): CentOS 7/kind bug