kubernetes-sigs · k8s-ci-robot · Mar 1, 2024 · Feb 29, 2024 · Feb 29, 2024 · Feb 29, 2024
diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_rosamachinepools.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_rosamachinepools.yaml
@@ -94,6 +94,41 @@ spec:
                 type: array
               subnet:
                 type: string
+                x-kubernetes-validations:
+                - message: subnet is immutable
+                  rule: self == oldSelf
+              taints:
+                description: Taints specifies the taints to apply to the nodes of
+                  the machine pool
+                items:
+                  properties:
+                    effect:
+                      description: The effect of the taint on pods that do not tolerate
+                        the taint. Valid effects are NoSchedule, PreferNoSchedule
+                        and NoExecute.
+                      enum:
+                      - NoSchedule
+                      - PreferNoSchedule
+                      - NoExecute
+                      type: string
+                    key:
+                      description: The taint key to be applied to a node.
+                      type: string
+                    value:
+                      description: The taint value corresponding to the taint key.
+                      pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$
+                      type: string
+                  required:
+                  - effect
+                  - key
+                  type: object
+                type: array
+              tuningConfigs:
+                description: TuningConfigs specifies the names of the tuning configs
+                  to be applied to this MachinePool. Tuning configs must already exist.
+                items:
+                  type: string
+                type: array
               version:
                 description: Version specifies the penshift version of the nodes associated
                   with this machinepool. ROSAControlPlane version is used if not set.
@@ -102,6 +137,7 @@ spec:
                 - message: version must be a valid semantic version
                   rule: self.matches('^(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)$')
             required:
+            - instanceType
             - nodePoolName
             type: object
           status:

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
@@ -175,6 +175,12 @@ rules:
   - get
   - list
   - watch
+- apiGroups:
+  - controlplane.cluster.x-k8s.io
+  resources:
+  - rosacontrolplanes/finalizers
+  verbs:
+  - update
 - apiGroups:
   - controlplane.cluster.x-k8s.io
   resources:
@@ -409,6 +415,12 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - infrastructure.cluster.x-k8s.io
+  resources:
+  - rosamachinepools/finalizers
+  verbs:
+  - update
 - apiGroups:
   - infrastructure.cluster.x-k8s.io
   resources:

diff --git a/controlplane/rosa/api/v1beta2/rosacontrolplane_types.go b/controlplane/rosa/api/v1beta2/rosacontrolplane_types.go
@@ -105,6 +105,7 @@ type RosaControlPlaneSpec struct { //nolint: maligned
 type NetworkSpec struct {
 	// IP addresses block used by OpenShift while installing the cluster, for example "10.0.0.0/16".
 	// +kubebuilder:validation:Format=cidr
+	// +optional
 	MachineCIDR string `json:"machineCIDR,omitempty"`
 
 	// IP address block from which to assign pod IP addresses, for example `10.128.0.0/14`.

diff --git a/controlplane/rosa/controllers/rosacontrolplane_controller.go b/controlplane/rosa/controllers/rosacontrolplane_controller.go
@@ -115,6 +115,7 @@ func (r *ROSAControlPlaneReconciler) SetupWithManager(ctx context.Context, mgr c
 // +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=machinepools,verbs=get;list;watch
 // +kubebuilder:rbac:groups=controlplane.cluster.x-k8s.io,resources=rosacontrolplanes,verbs=get;list;watch;update;patch;delete
 // +kubebuilder:rbac:groups=controlplane.cluster.x-k8s.io,resources=rosacontrolplanes/status,verbs=get;update;patch
+// +kubebuilder:rbac:groups=controlplane.cluster.x-k8s.io,resources=rosacontrolplanes/finalizers,verbs=update
 
 // Reconcile will reconcile RosaControlPlane Resources.
 func (r *ROSAControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.Result, reterr error) {
@@ -267,7 +268,7 @@ func (r *ROSAControlPlaneReconciler) reconcileNormal(ctx context.Context, rosaSc
 		billingAccount = rosaScope.ControlPlane.Spec.BillingAccount
 	}
 
-	spec := ocm.Spec{
+	ocmClusterSpec := ocm.Spec{
 		DryRun:                    ptr.To(false),
 		Name:                      rosaScope.RosaClusterName(),
 		Region:                    *rosaScope.ControlPlane.Spec.Region,
@@ -281,7 +282,6 @@ func (r *ROSAControlPlaneReconciler) reconcileNormal(ctx context.Context, rosaSc
 
 		SubnetIds:         rosaScope.ControlPlane.Spec.Subnets,
 		AvailabilityZones: rosaScope.ControlPlane.Spec.AvailabilityZones,
-		NetworkType:       rosaScope.ControlPlane.Spec.Network.NetworkType,
 		IsSTS:             true,
 		RoleARN:           *rosaScope.ControlPlane.Spec.InstallerRoleARN,
 		SupportRoleARN:    *rosaScope.ControlPlane.Spec.SupportRoleARN,
@@ -296,44 +296,48 @@ func (r *ROSAControlPlaneReconciler) reconcileNormal(ctx context.Context, rosaSc
 		AWSCreator:     creator,
 	}
 
-	_, machineCIDR, err := net.ParseCIDR(rosaScope.ControlPlane.Spec.Network.MachineCIDR)
-	if err == nil {
-		spec.MachineCIDR = *machineCIDR
-	} else {
-		// TODO: expose in status
-		rosaScope.Error(err, "rosacontrolplane.spec.network.machineCIDR invalid", rosaScope.ControlPlane.Spec.Network.MachineCIDR)
-		return ctrl.Result{}, nil
-	}
+	if networkSpec := rosaScope.ControlPlane.Spec.Network; networkSpec != nil {
+		if networkSpec.MachineCIDR != "" {
+			_, machineCIDR, err := net.ParseCIDR(networkSpec.MachineCIDR)
+			if err != nil {
+				// TODO: expose in status
+				rosaScope.Error(err, "rosacontrolplane.spec.network.machineCIDR invalid", networkSpec.MachineCIDR)
+				return ctrl.Result{}, nil
+			}
+			ocmClusterSpec.MachineCIDR = *machineCIDR
+		}
 
-	if rosaScope.ControlPlane.Spec.Network.PodCIDR != "" {
-		_, podCIDR, err := net.ParseCIDR(rosaScope.ControlPlane.Spec.Network.PodCIDR)
-		if err == nil {
-			spec.PodCIDR = *podCIDR
-		} else {
-			// TODO: expose in status.
-			rosaScope.Error(err, "rosacontrolplane.spec.network.podCIDR invalid", rosaScope.ControlPlane.Spec.Network.PodCIDR)
-			return ctrl.Result{}, nil
+		if networkSpec.PodCIDR != "" {
+			_, podCIDR, err := net.ParseCIDR(networkSpec.PodCIDR)
+			if err != nil {
+				// TODO: expose in status.
+				rosaScope.Error(err, "rosacontrolplane.spec.network.podCIDR invalid", networkSpec.PodCIDR)
+				return ctrl.Result{}, nil
+			}
+			ocmClusterSpec.PodCIDR = *podCIDR
 		}
-	}
 
-	if rosaScope.ControlPlane.Spec.Network.ServiceCIDR != "" {
-		_, serviceCIDR, err := net.ParseCIDR(rosaScope.ControlPlane.Spec.Network.ServiceCIDR)
-		if err == nil {
-			spec.ServiceCIDR = *serviceCIDR
-		} else {
-			// TODO: expose in status.
-			rosaScope.Error(err, "rosacontrolplane.spec.network.serviceCIDR invalid", rosaScope.ControlPlane.Spec.Network.ServiceCIDR)
-			return ctrl.Result{}, nil
+		if networkSpec.ServiceCIDR != "" {
+			_, serviceCIDR, err := net.ParseCIDR(networkSpec.ServiceCIDR)
+			if err != nil {
+				// TODO: expose in status.
+				rosaScope.Error(err, "rosacontrolplane.spec.network.serviceCIDR invalid", networkSpec.ServiceCIDR)
+				return ctrl.Result{}, nil
+			}
+			ocmClusterSpec.ServiceCIDR = *serviceCIDR
 		}
+
+		ocmClusterSpec.HostPrefix = networkSpec.HostPrefix
+		ocmClusterSpec.NetworkType = networkSpec.NetworkType
 	}
 
 	// Set autoscale replica
 	if rosaScope.ControlPlane.Spec.Autoscaling != nil {
-		spec.MaxReplicas = rosaScope.ControlPlane.Spec.Autoscaling.MaxReplicas
-		spec.MinReplicas = rosaScope.ControlPlane.Spec.Autoscaling.MinReplicas
+		ocmClusterSpec.MaxReplicas = rosaScope.ControlPlane.Spec.Autoscaling.MaxReplicas
+		ocmClusterSpec.MinReplicas = rosaScope.ControlPlane.Spec.Autoscaling.MinReplicas
 	}
 
-	cluster, err = ocmClient.CreateCluster(spec)
+	cluster, err = ocmClient.CreateCluster(ocmClusterSpec)
 	if err != nil {
 		// TODO: need to expose in status, as likely the spec is invalid
 		return ctrl.Result{}, fmt.Errorf("failed to create OCM cluster: %w", err)

diff --git a/exp/api/v1beta2/rosamachinepool_types.go b/exp/api/v1beta2/rosamachinepool_types.go
@@ -17,6 +17,7 @@ limitations under the License.
 package v1beta2
 
 import (
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
@@ -45,37 +46,64 @@ type RosaMachinePoolSpec struct {
 	// +optional
 	AvailabilityZone string `json:"availabilityZone,omitempty"`
 
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf", message="subnet is immutable"
+	//
+	// +immutable
 	// +optional
 	Subnet string `json:"subnet,omitempty"`
 
 	// Labels specifies labels for the Kubernetes node objects
 	// +optional
 	Labels map[string]string `json:"labels,omitempty"`
 
+	// Taints specifies the taints to apply to the nodes of the machine pool
+	// +optional
+	Taints []RosaTaint `json:"taints,omitempty"`
+
 	// AutoRepair specifies whether health checks should be enabled for machines
 	// in the NodePool. The default is false.
 	// +optional
 	// +kubebuilder:default=false
 	AutoRepair bool `json:"autoRepair,omitempty"`
 
+	// +kubebuilder:validation:Required
+	//
 	// InstanceType specifies the AWS instance type
-	InstanceType string `json:"instanceType,omitempty"`
+	InstanceType string `json:"instanceType"`
 
 	// Autoscaling specifies auto scaling behaviour for this MachinePool.
 	// required if Replicas is not configured
 	// +optional
 	Autoscaling *RosaMachinePoolAutoScaling `json:"autoscaling,omitempty"`
 
-	// TODO(alberto): Enable and propagate this API input.
-	// Taints           []*Taint                     `json:"taints,omitempty"`
-	// TuningConfigs    []string                     `json:"tuningConfigs,omitempty"`
-	// Version          *Version                     `json:"version,omitempty"`
+	// TuningConfigs specifies the names of the tuning configs to be applied to this MachinePool.
+	// Tuning configs must already exist.
+	// +optional
+	TuningConfigs []string `json:"tuningConfigs,omitempty"`
 
 	// ProviderIDList contain a ProviderID for each machine instance that's currently managed by this machine pool.
 	// +optional
 	ProviderIDList []string `json:"providerIDList,omitempty"`
 }
 
+type RosaTaint struct {
+	// +kubebuilder:validation:Required
+	//
+	// The taint key to be applied to a node.
+	Key string `json:"key"`
-	// +kubebuilder:validation:Required
-	//
-	// The taint key to be applied to a node.
-	Key string `json:"key"`
+	// The taint key to be applied to a node.
+	//
+	// +kubebuilder:validation:Required
+	Key string `json:"key"`
-	// +kubebuilder:validation:Required
-	//
-	// The taint key to be applied to a node.
-	Key string `json:"key"`
+	// The taint key to be applied to a node.
+	//
+	// +kubebuilder:validation:Required
+	Key string `json:"key"`
+	// +kubebuilder:validation:Pattern:=`^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$`
+	//
+	// The taint value corresponding to the taint key.
+	// +optional
+	Value string `json:"value,omitempty"`
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:Enum=NoSchedule;PreferNoSchedule;NoExecute
+	//
+	// The effect of the taint on pods that do not tolerate the taint.
+	// Valid effects are NoSchedule, PreferNoSchedule and NoExecute.
+	Effect corev1.TaintEffect `json:"effect"`
+}
+
 // RosaMachinePoolAutoScaling specifies scaling options.
 type RosaMachinePoolAutoScaling struct {
 	// +kubebuilder:validation:Minimum=1

diff --git a/exp/api/v1beta2/zz_generated.deepcopy.go b/exp/api/v1beta2/zz_generated.deepcopy.go