add aks-aso chart

Author: nojnhuh

charts/azure-aks-aso/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/azure-aks-aso/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: azure-aks-aso
+description: A chart describing an AKS cluster for CAPZ using the ASO API
+type: application
+version: 0.1.0
+appVersion: 0.1.0

charts/azure-aks-aso/templates/_helpers.tpl

@@ -0,0 +1,69 @@
+{{- define "capz.commonLabels" -}}
+app.kubernetes.io/name: azure-aks-aso
+helm.sh/chart: {{ $.Chart.Name }}-{{ $.Chart.Version | replace "+" "_" }}
+app.kubernetes.io/managed-by: {{ $.Release.Service }}
+app.kubernetes.io/instance: {{ $.Release.Name }}
+{{- end }}
+
+{{- define "capz.clusterName" -}}
+{{ default $.Release.Name $.Values.clusterName }}
+{{- end }}
+
+{{- define "capz.azureResourceAnnotations" -}}
+serviceoperator.azure.com/credential-from: {{ $.Values.credentialSecretName }}
+{{- end }}
+
+{{- define "capz.azureASOManagedClusterSpec" -}}
+{{- $ := index . 0 -}}
+{{- $clusterName := index . 1 -}}
+resources:
+- apiVersion: resources.azure.com/v1api20200601
+  kind: ResourceGroup
+  metadata:
+    name: {{ quote $clusterName }}
+    annotations:
+      {{- include "capz.azureResourceAnnotations" $ | nindent 6 }}
+  spec:
+    location: {{ $.Values.location }}
+{{- end }}
+
+{{- define "capz.azureASOManagedControlPlaneSpec" -}}
+{{- $ := index . 0 -}}
+{{- $clusterName := index . 1 -}}
+version: {{ $.Values.kubernetesVersion | quote  }}
+resources:
+- apiVersion: "containerservice.azure.com/{{ $.Values.managedClusterAPIVersion }}"
+  kind: ManagedCluster
+  metadata:
+    name: {{ $clusterName | quote }}
+    annotations:
+      {{- include "capz.azureResourceAnnotations" $ | nindent 6 }}
+  spec:
+    owner:
+      name: {{ quote $clusterName }}
+    dnsPrefix: {{ quote $clusterName }}
+    location: {{ default $.Values.location $.Values.managedClusterSpec.location | quote }}
+    {{- toYaml (unset $.Values.managedClusterSpec "location") | nindent 4 }}
+{{- end }}
+
+{{- define "capz.azureASOManagedMachinePoolSpec" -}}
+{{- $ := index . 0 -}}
+{{- $clusterName := index . 1 -}}
+{{- $mpName := index . 2 -}}
+{{- $mp := index . 3 -}}
+resources:
+- apiVersion: "containerservice.azure.com/{{ $.Values.managedMachinePoolAPIVersion }}"
+  kind: ManagedClustersAgentPool
+  metadata:
+    name: {{ printf "%s-%s" $clusterName $mpName | quote }}
+    annotations:
+      {{- include "capz.azureResourceAnnotations" $ | nindent 6 }}
+  spec:
+    azureName: {{ $mpName | quote }}
+    {{- if $mp.owner }}
+      {{- fail (printf ".Values.managedMachinePoolSpecs.%s.owner is not allowed to be set." $mpName) }}
+    {{- end }}
+    owner:
+      name: {{ quote $clusterName }}
+    {{- toYaml (unset $mp "count") | nindent 4 }}
+{{- end }}

charts/azure-aks-aso/templates/cluster.yaml

@@ -0,0 +1,87 @@
+apiVersion: cluster.x-k8s.io/v1beta1
+kind: Cluster
+metadata:
+  name: {{ include "capz.clusterName" .  | quote }}
+  labels:
+    {{- include "capz.commonLabels" . | nindent 4 }}
+spec:
+{{- if .Values.withClusterTopology }}
+  topology:
+    class: {{ .Values.clusterClassName | quote }}
+    version: {{ .Values.kubernetesVersion | quote }}
+    workers:
+      machinePools:
+      {{- range $mpName, $mp := .Values.managedMachinePoolSpecs }}
+      - class: {{ quote $mpName }}
+        name: {{ quote $mpName }}
+        {{- if (not $mp.enableAutoScaling) }}
+        replicas: {{ default 1 $mp.count}}
+        {{- end }}
+      {{- end }}
+{{- else }}
+  controlPlaneRef:
+    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+    kind: AzureASOManagedControlPlane
+    name: {{ include "capz.clusterName" .  | quote }}
+  infrastructureRef:
+    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+    kind: AzureASOManagedCluster
+    name: {{ include "capz.clusterName" .  | quote }}
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: AzureASOManagedCluster
+metadata:
+  name: {{ include "capz.clusterName" .  | quote }}
+  labels:
+    {{- include "capz.commonLabels" . | nindent 4 }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  {{- include "capz.azureASOManagedClusterSpec" (list $ (include "capz.clusterName" $)) | nindent 2 }}
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: AzureASOManagedControlPlane
+metadata:
+  name: {{ include "capz.clusterName" .  | quote }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  {{- include "capz.azureASOManagedControlPlaneSpec" (list $ (include "capz.clusterName" $)) | nindent 2 }}
+{{- range $mpName, $mp := .Values.managedMachinePoolSpecs }}
+---
+apiVersion: cluster.x-k8s.io/v1beta1
+kind: MachinePool
+metadata:
+  name: {{ printf "%s-%s" (include "capz.clusterName" $) $mpName | quote }}
+  labels:
+    {{- include "capz.commonLabels" $ | nindent 4 }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  clusterName: {{ include "capz.clusterName" $ | quote }}
+  {{- if (ne nil $mp.count) }}
+  replicas: {{ $mp.count }}
+  {{- end }}
+  template:
+    spec:
+      bootstrap:
+        dataSecretName: ""
+      clusterName: {{ include "capz.clusterName" $ }}
+      infrastructureRef:
+        apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+        kind: AzureASOManagedMachinePool
+        name: {{ printf "%s-%s" (include "capz.clusterName" $) $mpName | quote }}
+      version: {{ default $.Values.kubernetesVersion $mp.orchestratorVersion | quote }}
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: AzureASOManagedMachinePool
+metadata:
+  name: {{ printf "%s-%s" (include "capz.clusterName" $) $mpName | quote }}
+  labels:
+    {{- include "capz.commonLabels" $ | nindent 4 }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  {{- include "capz.azureASOManagedMachinePoolSpec" (list $ (include "capz.clusterName" $) $mpName $mp) | nindent 2 }}
+{{- end }}
+{{- end }}{{/* if .Values.withClusterTopology */}}

charts/azure-aks-aso/templates/clusterclass.yaml

@@ -0,0 +1,123 @@
+{{- if .Values.withClusterClass }}
+apiVersion: cluster.x-k8s.io/v1beta1
+kind: ClusterClass
+metadata:
+  name: {{ required "value clusterClassName must be set" .Values.clusterClassName | quote }}
+  labels:
+    {{- include "capz.commonLabels" . | nindent 4 }}
+spec:
+  controlPlane:
+    ref:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: AzureASOManagedControlPlaneTemplate
+      name: {{ .Values.clusterClassName | quote }}
+  infrastructure:
+    ref:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: AzureASOManagedClusterTemplate
+      name: {{ .Values.clusterClassName | quote }}
+  workers:
+    machinePools:
+    {{- range $mpName, $mp := .Values.managedMachinePoolSpecs }}
+    - class: {{ quote $mpName }}
+      template:
+        bootstrap:
+          ref:
+            apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
+            kind: KubeadmConfigTemplate
+            name: {{ $.Values.clusterClassName | quote }}
+        infrastructure:
+          ref:
+            apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+            kind: AzureASOManagedMachinePoolTemplate
+            name: {{ printf "%s-%s" $.Values.clusterClassName $mpName | quote }}
+    {{- end }}
+  patches:
+  - name: azureasomanagedcluster-spec
+    definitions:
+    - selector:
+        apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+        kind: AzureASOManagedClusterTemplate
+        matchResources:
+          infrastructureCluster: true
+      jsonPatches:
+      - op: replace
+        path: /spec/template/spec
+        valueFrom:
+          template: |
+            {{- include "capz.azureASOManagedClusterSpec" (list $ "{{ .builtin.cluster.name }}") | nindent 12 }}
+  - name: azureasomanagedcontrolplane-spec
+    definitions:
+    - selector:
+        apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+        kind: AzureASOManagedControlPlaneTemplate
+        matchResources:
+          controlPlane: true
+      jsonPatches:
+      - op: replace
+        path: /spec/template/spec
+        valueFrom:
+          template: |
+            {{- include "capz.azureASOManagedControlPlaneSpec" (list $ "{{ .builtin.cluster.name }}") | nindent 12 }}
+  {{- range $mpName, $mp := .Values.managedMachinePoolSpecs }}
+  - name: azureasomanagedmachinepool-{{ $mpName }}-spec
+    definitions:
+    - selector:
+        apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+        kind: AzureASOManagedMachinePoolTemplate
+        matchResources:
+          machinePoolClass:
+            names:
+            - {{ quote $mpName }}
+      jsonPatches:
+      - op: replace
+        path: /spec/template/spec
+        valueFrom:
+          template: |
+            {{- include "capz.azureASOManagedMachinePoolSpec" (list $ "{{ .builtin.cluster.name }}" $mpName $mp) | nindent 12 }}
+  {{- end }}
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: AzureASOManagedClusterTemplate
+metadata:
+  name: {{ .Values.clusterClassName | quote }}
+  labels:
+    {{- include "capz.commonLabels" . | nindent 4 }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  template:
+    spec: {} # this gets patched in by the ClusterClass
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: AzureASOManagedControlPlaneTemplate
+metadata:
+  name: {{ .Values.clusterClassName | quote }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  template:
+    spec: {} # this gets patched in by the ClusterClass
+---
+apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
+kind: KubeadmConfigTemplate
+metadata:
+  name: {{ .Values.clusterClassName | quote }}
+spec:
+  template:
+    spec: {}
+{{- range $mpName, $mp := .Values.managedMachinePoolSpecs }}
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+kind: AzureASOManagedMachinePoolTemplate
+metadata:
+  name: {{ printf "%s-%s" $.Values.clusterClassName $mpName | quote }}
+  labels:
+    {{- include "capz.commonLabels" $ | nindent 4 }}
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  template:
+    spec: {} # this gets patched in by the ClusterClass
+{{- end }}
+{{- end }}{{/* if .Values.withClusterClass */}}

charts/azure-aks-aso/templates/credentials.yaml

@@ -0,0 +1,26 @@
+{{- if .Values.createCredentials }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Values.credentialSecretName | quote }}
+  labels:
+    {{- include "capz.commonLabels" . | nindent 4 }}
+  annotations:
+    helm.sh/resource-policy: keep # credentials have to be available throughout a delete operation
+stringData:
+  {{- if .Values.subscriptionID }}
+  AZURE_SUBSCRIPTION_ID: {{ .Values.subscriptionID | quote }}
+  {{- end }}
+  {{- if .Values.tenantID }}
+  AZURE_TENANT_ID: {{ .Values.tenantID | quote }}
+  {{- end }}
+  {{- if .Values.clientID }}
+  AZURE_CLIENT_ID: {{ .Values.clientID | quote }}
+  {{- end }}
+  {{- if .Values.clientSecret }}
+  AZURE_CLIENT_SECRET: {{ .Values.clientSecret | quote }}
+  {{- end }}
+  {{- if .Values.authMode }}
+  AUTH_MODE: {{ .Values.authMode | quote }}
+  {{- end }}
+{{- end }}

charts/azure-aks-aso/values.yaml

@@ -0,0 +1,37 @@
+credentialSecretName: "aso-credentials"
+createCredentials: true
+subscriptionID: ""
+tenantID: ""
+clientID: ""
+clientSecret: ""
+authMode: ""
+
+# clusterName defaults to the name of the Helm release
+clusterName: ""
+location: eastus
+clusterNetwork: null
+kubernetesVersion: v1.28.3
+
+managedClusterAPIVersion: v1api20231001
+managedClusterSpec:
+  identity:
+    type: SystemAssigned
+  servicePrincipalProfile:
+    clientId: msi
+
+managedMachinePoolAPIVersion: v1api20231001
+managedMachinePoolSpecs:
+  pool0:
+    count: 1
+    mode: System
+    vmSize: Standard_DS2_v2
+    type: VirtualMachineScaleSets
+  pool1:
+    count: 1
+    mode: User
+    vmSize: Standard_DS2_v2
+    type: VirtualMachineScaleSets
+
+clusterClassName: ""
+withClusterClass: false
+withClusterTopology: false