8391: Set or Propagate Labels

[m-ildefons]

• Set labels automatically, based on cluster name, machine set, and pool name
• Propagate user-defined labels to VM and VMI CRDs

related-to: harvester/harvester#8391

Problem:

As described in #8391, there is a need to be able to define custom labels for VMs created with the Harvester node driver.
One use case for such labels is that a user, who creates a downstream cluster in Rancher may want to label some of the nodes of that downstream cluster such that they can later be selected by a load balancer as backends.

Solution:

Add a new flag to the Harvester node driver, which expects a string containing the labels and their values.
The format of the string should be that each label and value is separated by = and each label-value-pair is separated by ,.
Thus labels may be specified as follows:

foo=bar,baz=bla,xxx=yyy

will result in the labels:

metadata:
  labels:
    foo: bar
    baz: bla
    xxx: yyy

These labels are applied both to the VM CRD and the VMI CRD.

Related Issue(s):

related-to: harvester/harvester#8391
SURE-9641

Test plan:

TBD

Additional documentation or context

[Vicente-Cheng]

Generally, LGTM. I'm just curious about the scenario where the labels did not propagate.

Additionally, I suggest separating the refactor commit from the feature enhancement commit.
Most changes are related to the refactor.

That would help the reviewer to get an understanding efficiently.
Thanks!

[Vicente-Cheng]

Do we really need this?
We can set up everything before executing the make test.

[Vicente-Cheng]

s/1.25.0/1.25.2

[votdev]

Consider using

go 1.25

toolchain go1.25.2

[Vicente-Cheng]

Just curious, why do we move these two lines?

[Vicente-Cheng]

I am curious about this. I check the current guest cluster VM.
Looks like the VM label (metadata/labels) will propagate to the VMI/virt-launcher pod.

Just curious what case we need to add the same label to the spec/template/metadata/labels?
Which means the VM label did not propagate.

[w13915984028]

The VM and VMI object are a bit complex:

There are labels, annotations on VM object specifically; and also some dedicated on VMI objects; those under vm.spec.template.metadata are propagated to vmi.

The reserved-memory (to eliminate OOM) is on vm.metadata.annotation, is needed for Rancher UI and terraform.

Back to general, we might require four kinds of general customization to meet different requirements:

vm.metadata.label, vm.metadata.annotation, vm.spec.template.metadata.label, vm.spec.template.metadata.annotation, the latter two are for vmi.

vm object:

- apiVersion: kubevirt.io/v1
  kind: VirtualMachine
  metadata:
    annotations:
      harvesterhci.io/mac-address: '{"nic-1":"9a:32:1e:e1:83:da"}' 
      harvesterhci.io/reservedMemory: 256Mi   // specific on vm
      harvesterhci.io/vmRunStrategy: RerunOnFailure
      harvesterhci.io/volumeClaimTemplates: '[{"metadata":{"name":"vm1-disk-0-lebdg","annotations":{"harvesterhci.io/imageId":"default/image-666qx"}},"spec":{"accessModes":["ReadWriteMany"],"resources":{"requests":{"storage":"10Gi"}},"volumeMode":"Block","storageClassName":"longhorn-image-666qx"}}]'
      kubevirt.io/latest-observed-api-version: v1
      kubevirt.io/storage-observed-api-version: v1
      network.harvesterhci.io/ips: '[]'
    creationTimestamp: "2025-11-17T14:19:01Z"
    finalizers:
    - kubevirt.io/virtualMachineControllerFinalize
    - wrangler.cattle.io/VMController.CleanupPVCAndSnapshot
    generation: 14
    labels:
      harvesterhci.io/creator: harvester
      harvesterhci.io/os: linux
      test.io/test: test
    name: vm1

...
  spec:
    runStrategy: RerunOnFailure
    template:
      metadata:
        annotations:
          harvesterhci.io/dynamic-ssh-key-names: '{}'
          harvesterhci.io/dynamic-ssh-key-users: '["rancher","wj"]'
          harvesterhci.io/sshNames: '[]'
          test.io/test: test-on-anno
        creationTimestamp: null
        labels:
          harvesterhci.io/vmName: vm1  // dedicated on vmi
          test.io/test: vmlabel
      spec:

vmi object:

- apiVersion: kubevirt.io/v1
  kind: VirtualMachineInstance
  metadata:
    annotations:
      harvesterhci.io/dynamic-ssh-key-names: '{}'
      harvesterhci.io/dynamic-ssh-key-users: '["rancher","wj"]'
      harvesterhci.io/sshNames: '[]'
      kubevirt.io/latest-observed-api-version: v1
      kubevirt.io/storage-observed-api-version: v1
      kubevirt.io/vm-generation: "14"
      test.io/test: test-on-anno
    creationTimestamp: "2025-11-18T09:17:49Z"
    finalizers:
    - kubevirt.io/virtualMachineControllerFinalize
    - foregroundDeleteVirtualMachine
    - wrangler.cattle.io/VMController.BackfillObservedNetworkMacAddress
    - wrangler.cattle.io/harvester-lb-vmi-controller
    generation: 11
    labels:
      harvesterhci.io/vmName: vm1
      kubevirt.io/nodeName: harv41
      test.io/test: vmlabel
    name: vm1
    namespace: default