address illegal SR-IOV VF MTU configuration

[kanlkan]

What type of PR is this?

/kind feature

What this PR does / why we need it:

MTU can be configured via opaque.parameters.interface.mtu.
However, for SR-IOV VFs, it is currently possible to set an MTU larger than the parent PF’s MTU due to the lack of validation.

Which issue(s) this PR is related to:

Fixes #178

Special notes for your reviewer:

The example output below shows the case where validation fails. An error is logged, and the Pod remains in the ContainerCreating state.

Events:
  Type     Reason                         Age   From               Message
  ----     ------                         ----  ----               -------
  Normal   Scheduled                      8s    default-scheduler  Successfully assigned default/pod-a-2-mlnx-nomac to eagle04
  Warning  FailedPrepareDynamicResources  7s    kubelet            Failed to prepare dynamic resources: prepare dynamic resources: NodePrepareResources failed for ResourceClaim vf-rc-a-2: claim 21c6d996-0dfe-43d7-a88d-846db605d4d8 contain errors: requested MTU 1600 for SR-IOV VF ens1f0v1 exceeds parent PF ens1f0np0 MTU 1500
kanda-masaharu@eagle04:~/work/repo/dci-community-team/k8s_demo/sriov_vf_test_dranet/pods$ k get pod pod-a-2-mlnx-nomac
NAME                 READY   STATUS              RESTARTS   AGE
pod-a-2-mlnx-nomac   0/1     ContainerCreating   0          55s

Does this PR introduce a user-facing change?

Fixed an issue where SR-IOV VF MTU could be configured larger than the MTU of its parent PF. Such configurations are now rejected.

[netlify]

✅ Deploy Preview for dranet canceled.

Name	Link
🔨 Latest commit	5f8645a
🔍 Latest deploy log	https://app.netlify.com/projects/dranet/deploys/6a21111fa07d2c000883859e

[Copilot]

Pull request overview

This PR adds validation to prevent configuring an SR-IOV Virtual Function (VF) MTU larger than its parent Physical Function (PF) MTU, avoiding invalid network setups that can leave pods stuck during resource preparation.

Changes:

• Add sysfs helper(s) to resolve a VF’s parent PF interface name.
• Add unit tests for PF-name resolution via a temporary sysfs-like directory tree.
• Enforce VF MTU ≤ PF MTU during NodePrepareResources / claim preparation (rejecting invalid claims).

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
pkg/inventory/sysfs.go	Adds PF interface lookup helper for a given VF using sysfs.
pkg/inventory/sysfs_test.go	Adds tests covering PF lookup success and failure scenarios.
pkg/driver/dra_hooks.go	Adds claim-time MTU validation for SR-IOV VFs against parent PF MTU.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[kanlkan]

I fix the behavior when an error happened for each branch of this validation. b4c5e84

[kanlkan]

I added an unit test for this validation. b4c5e84

[kanlkan]

The e2e IPv4 test failed, but it does not seem to be related to my changes.
I would like to re-run this test, but I do not have permission to trigger it manually. The only workaround I can think of is to push an empty commit, but that is not ideal because it would make the commit history less clean.
Is there another way to re-run the test?

[gauravkghildiyal]

Try retest? (Edit: Doesn't work, tests don't use prow)

/retest

[kanlkan]

@gauravkghildiyal
Thank you for the advice. Your retest command worked perfectly.
I had previously tried using retest on another PR, but it didn't seem to trigger a re-run, so I didn't try it this time.
I'll make use of it in the future when tests fail due to transient or unrelated issues.

[gauravkghildiyal]

Thanks @kanlkan. Minor suggestions.

[gauravkghildiyal]

Can we only perform the check if this is an actual VF? We have an isSriovVf function to check that.

[kanlkan]

Thank you for your feedback. I've added that check. 5f8645a

[gauravkghildiyal]

nit: valudateVFMTU is a simple function with only one single kind of error. Let's not try to unnecessarily validate the return string. We can simplify the logic to check if err != tc.WantErr

[kanlkan]

Thank you for your feedback. I simplyfied the test. 5f8645a

[gauravkghildiyal]

Please also add a release note

[gauravkghildiyal]

@kanlkan Please remember a release note as well :) (Unhold once done)

/lgtm
/approve
/hold

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: gauravkghildiyal, kanlkan, tamilmani1989

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [gauravkghildiyal]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[kanlkan]

Please remember a release note as well :) (Unhold once done)

@gauravkghildiyal
Sorry. I added it.

[gauravkghildiyal]

/unhold