Add per-namespace VPC filtering for VPC-only controllers by heypnus · Pull Request #1409 · vmware-tanzu/nsx-operator

heypnus · 2026-04-15T01:56:38Z

Introduce config.IsVPCNamespace() to decide whether a namespace is
served by VPC-only controllers: in mixed mode it checks the
namespace annotation for ProviderNSXVPC; in legacy mode (when
per-namespace providers are not supported) it uses the cluster-wide
HasVPCNamespaces flag set by InitMixedMode from EnableVPCNetwork.

controllers/common: add VPCNamespacePredicate and register it with
WithEventFilter on VPC-only controllers so non-VPC namespace
creates and updates are dropped before the work queue; Delete events
stay allowed for cleanup

controllers/namespace: Reconcile skips non-VPC namespaces

Testing done:
https://jenkins-vcf-wcp-dev.devops.broadcom.net/job/dev-integ-nsxt/5639/
https://jenkins-vcf-wcp-dev.devops.broadcom.net/job/dev-nsxvpc/16738/

Replace the global boolean cf.CoeConfig.EnableVPCNetwork with namespace-driven mixed-mode state: HasT1Namespaces and HasVPCNamespaces. New module: pkg/config/mixed_mode.go - Checks SupervisorCapabilities CRD for supports_per_namespace_network_providers capability. - If supported: scans namespace annotations `nsx.vmware.com/vpc_network_config` to derive HasVPCNamespaces and HasT1Namespaces. - If not supported (legacy/pre-9.2): falls back to EnableVPCNetwork config flag. This enables NSX Operator to run in mixed mode where both T1 and VPC namespaces coexist, as required for VDS->VPC and T1->VPC migration. NOTE: This patch only ensures that the existing pure T1 or pure VPC envs preserve existing behaviours. The full functionality will be implemented in the follow-up patches. Testing done: https://jenkins-vcf-wcp-dev.devops.broadcom.net/job/dev-integ-nsxt/5639/ https://jenkins-vcf-wcp-dev.devops.broadcom.net/job/dev-nsxvpc/16738/

Introduce config.IsVPCNamespace() to decide whether a namespace is served by VPC-only controllers: in mixed mode it checks the namespace annotation for ProviderNSXVPC; in legacy mode (when per-namespace providers are not supported) it uses the cluster-wide HasVPCNamespaces flag set by InitMixedMode from EnableVPCNetwork. controllers/common: add VPCNamespacePredicate and register it with WithEventFilter on VPC-only controllers so non-VPC namespace creates and updates are dropped before the work queue; Delete events stay allowed for cleanup controllers/namespace: Reconcile skips non-VPC namespaces Testing done: https://jenkins-vcf-wcp-dev.devops.broadcom.net/job/dev-integ-nsxt/5639/ https://jenkins-vcf-wcp-dev.devops.broadcom.net/job/dev-nsxvpc/16738/

codecov-commenter · 2026-04-15T03:16:12Z

Codecov Report

❌ Patch coverage is 71.80617% with 64 lines in your changes missing coverage. Please review.
✅ Project coverage is 76.73%. Comparing base (6f7ddad) to head (b4fd5bf).
⚠️ Report is 5 commits behind head on main.

Files with missing lines	Patch %	Lines
pkg/controllers/common/namespace_filter.go	8.00%	21 Missing and 2 partials ⚠️
cmd/main.go	0.00%	16 Missing ⚠️
pkg/config/mixed_mode.go	91.92%	11 Missing and 2 partials ⚠️
pkg/controllers/namespace/namespace_controller.go	0.00%	2 Missing and 1 partial ⚠️
...ddressallocation/ipaddressallocation_controller.go	0.00%	1 Missing ⚠️
.../controllers/networkinfo/networkinfo_controller.go	0.00%	1 Missing ⚠️
...trollers/networkpolicy/networkpolicy_controller.go	0.00%	1 Missing ⚠️
pkg/controllers/pod/pod_controller.go	0.00%	1 Missing ⚠️
pkg/controllers/service/service_lb_controller.go	0.00%	1 Missing ⚠️
pkg/controllers/subnet/subnet_controller.go	0.00%	1 Missing ⚠️
... and 3 more

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1409      +/-   ##
==========================================
- Coverage   76.77%   76.73%   -0.05%     
==========================================
  Files         151      154       +3     
  Lines       21315    21798     +483     
==========================================
+ Hits        16364    16726     +362     
- Misses       3782     3881      +99     
- Partials     1169     1191      +22

Flag	Coverage Δ
unit-tests	`76.73% <71.80%> (-0.05%)`	⬇️

Files with missing lines	Coverage Δ
.../controllers/staticroute/staticroute_controller.go	`85.62% <100.00%> (+0.09%)`	⬆️
...netipreservation/subnetipreservation_controller.go	`75.79% <100.00%> (+2.98%)`	⬆️
pkg/nsx/client.go	`93.57% <100.00%> (-0.46%)`	⬇️
pkg/nsx/services/securitypolicy/parse.go	`94.11% <100.00%> (ø)`
pkg/nsx/util/license.go	`100.00% <100.00%> (ø)`
...ddressallocation/ipaddressallocation_controller.go	`67.14% <0.00%> (-0.49%)`	⬇️
.../controllers/networkinfo/networkinfo_controller.go	`70.52% <0.00%> (-0.15%)`	⬇️
...trollers/networkpolicy/networkpolicy_controller.go	`73.29% <0.00%> (-0.39%)`	⬇️
pkg/controllers/pod/pod_controller.go	`65.35% <0.00%> (-0.24%)`	⬇️
pkg/controllers/service/service_lb_controller.go	`57.57% <0.00%> (-0.59%)`	⬇️
... and 8 more

... and 12 files with indirect coverage changes

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

heypnus and others added 2 commits April 14, 2026 15:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add per-namespace VPC filtering for VPC-only controllers#1409

Add per-namespace VPC filtering for VPC-only controllers#1409
heypnus wants to merge 2 commits into
vmware-tanzu:mainfrom
heypnus:m1-filter-per-ns

heypnus commented Apr 15, 2026

Uh oh!

codecov-commenter commented Apr 15, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

heypnus commented Apr 15, 2026

Uh oh!

codecov-commenter commented Apr 15, 2026

Codecov Report

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants