Implement retries in vmexport download when server returns unexpected status

[alromeros]

What this PR does

An issue with the hotplug pod termination/export pod creation caused the memory dump to lack sufficient permissions to be manipulated by the server. This uncommon bug is usually solved automatically when restarting the exporter pod. A simple retry mechanism in vmexport download should help to mitigate this bug.

This Pull Request introduces the two following changes:

• Improves handling of error cases in export server so we return appropriate status codes when the server lacks permission to read the files.
• The vmexport client now retries the download if the server returns a bad status, helping to mitigate the previously described bug.

Fixes # https://issues.redhat.com/browse/CNV-39141

Special notes for your reviewer

I tried handling this differently by exiting the server and then restarting the pod from the controller, but that led to raciness and incosnsitencies with the virtualmachineexport resource. The current solution seemed worst at first but doesn't require messing with the controllers/export resources and is overall cleaner and easier to implement.

Release note

Bugfix: Implement retry mechanism in vmexport download

[kubevirt-bot]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[kubevirt-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign alicefr for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• pkg/storage/OWNERS
• pkg/virtctl/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[alromeros]

/test all

[alromeros]

/test all

[alromeros]

/retest

[alromeros]

/cc @awels

[mhenriks]

I think 5xx error codes are more appropriate in this case. 4xx errors indicate an issue with the client. See: https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_client_errors

[mhenriks]

I think a --retry arg similar to curl (retry x times on transient error) would be better

[alromeros]

Okay, would we want to retry every time the download fails or just when the server returns a bad status (as originally intended)? I prefer the second but since we'll include a flag to explicitly request retries maybe it makes sense to retry even when other kind of error occurs.

[alromeros]

Yeah I think it only makes sense to retry when the server returns bad status.

[alromeros]

Still using 1 as default to mitigate transient server errors

[mhenriks]

I think default retries should be 0 what do you think @alicefr?

[alromeros]

I can use 0 in vmexport if you prefer, but for the memory dump integration, I think we should at least use 1 to mitigate the bug.

[alicefr]

I agree with Mike the default should be 0

[alromeros]

Makes sense, left the higher default retries in the memory dump integration and justified it with a comment.

[alromeros]

/retest

[alromeros]

/retest

[alicefr]

I guess we cannot have subdirectories here?

[alromeros]

Right, with the current implementation we won't have any subdirectories here. This was discussed with the team and we decided there was no need to check permissions recursively.

[alromeros]

/test pull-kubevirt-e2e-arm64