feat: CNI provider deployment via variables instead of labels

Author: jimmidyson

api/v1alpha1/clusterconfig_types.go

@@ -7,9 +7,14 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
 
+	"github.com/d2iq-labs/capi-runtime-extensions/common/pkg/capi/clustertopology/variables"
 	"github.com/d2iq-labs/capi-runtime-extensions/common/pkg/openapi/patterns"
 )
 
+const (
+	CNIProviderCalico = "calico"
+)
+
 //+kubebuilder:object:root=true
 
 // ClusterConfig is the Schema for the clusterconfigs API.
@@ -30,6 +35,9 @@ type ClusterConfigSpec struct {
 
 	// +optional
 	ExtraAPIServerCertSANs ExtraAPIServerCertSANs `json:"extraAPIServerCertSANs,omitempty"`
+
+	// +optional
+	CNI *CNI `json:"cni,omitempty"`
 }
 
 func (ClusterConfigSpec) VariableSchema() clusterv1.VariableSchema {
@@ -40,6 +48,7 @@ func (ClusterConfigSpec) VariableSchema() clusterv1.VariableSchema {
 			Properties: map[string]clusterv1.JSONSchemaProps{
 				"proxy":                  HTTPProxy{}.VariableSchema().OpenAPIV3Schema,
 				"extraAPIServerCertSANs": ExtraAPIServerCertSANs{}.VariableSchema().OpenAPIV3Schema,
+				"cni":                    CNI{}.VariableSchema().OpenAPIV3Schema,
 			},
 		},
 	}
@@ -105,6 +114,33 @@ func (ExtraAPIServerCertSANs) VariableSchema() clusterv1.VariableSchema {
 	}
 }
 
+// CNI required for providing CNI configuration.
+type CNI struct {
+	Provider string `json:"provider,omitempty"`
+}
+
+func (CNI) VariableSchema() clusterv1.VariableSchema {
+	supportedCNIProviders := []string{CNIProviderCalico}
+
+	cniProviderEnumVals, err := variables.ValuesToEnumJSON(supportedCNIProviders...)
+	if err != nil {
+		panic(err)
+	}
+
+	return clusterv1.VariableSchema{
+		OpenAPIV3Schema: clusterv1.JSONSchemaProps{
+			Type: "object",
+			Properties: map[string]clusterv1.JSONSchemaProps{
+				"provider": {
+					Description: "CNI provider to deploy",
+					Type:        "string",
+					Enum:        cniProviderEnumVals,
+				},
+			},
+		},
+	}
+}
+
 // +kubebuilder:object:root=true
 func init() {
 	SchemeBuilder.Register(&ClusterConfig{})

api/v1alpha1/zz_generated.deepcopy.go

@@ -115,7 +115,7 @@ func main() {
 
 		servicelbgc.New(mgr.GetClient()),
 
-		calico.New(mgr.GetClient(), calicoCNIConfig),
+		calico.New(mgr.GetClient(), calicoCNIConfig, clusterconfig.VariableName, "cni"),
 
 		httpproxy.NewVariable(),
 		httpproxy.NewPatch(mgr.GetClient(), httpproxy.VariableName),

cmd/main.go

@@ -0,0 +1,25 @@
+// Copyright 2023 D2iQ, Inc. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package variables
+
+import (
+	"encoding/json"
+	"fmt"
+
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+)
+
+func ValuesToEnumJSON[T any](vals ...T) ([]apiextensionsv1.JSON, error) {
+	enumJSON := make([]apiextensionsv1.JSON, 0, len(vals))
+
+	for _, v := range vals {
+		enumVal, err := json.Marshal(v)
+		if err != nil {
+			return nil, fmt.Errorf("failed to marshal enum value: %v", v)
+		}
+		enumJSON = append(enumJSON, apiextensionsv1.JSON{Raw: enumVal})
+	}
+
+	return enumJSON, nil
+}

common/pkg/capi/clustertopology/variables/enums.go

@@ -8,6 +8,7 @@ import (
 
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"sigs.k8s.io/cluster-api/api/v1beta1"
 	"sigs.k8s.io/cluster-api/exp/runtime/topologymutation"
 )
 
@@ -45,3 +46,17 @@ func Get[T any](
 	err = json.Unmarshal(jsonValue, &value)
 	return value, err == nil, err
 }
+
+// ClusterVariablesToVariablesMap converts a list of ClusterVariables to a map of JSON (name is the map key).
+// See: https://github.com/kubernetes-sigs/cluster-api/blob/v1.5.1/internal/controllers/topology/cluster/patches/variables/variables.go#L445
+//
+//nolint:lll // Long URLs in comments above. Adding nolint:lll here because it doesn't work in comment lines. See: https://github.com/golangci/golangci-lint/issues/3983
+func ClusterVariablesToVariablesMap(
+	variables []v1beta1.ClusterVariable,
+) map[string]apiextensionsv1.JSON {
+	variablesMap := map[string]apiextensionsv1.JSON{}
+	for i := range variables {
+		variablesMap[variables[i].Name] = variables[i].Value
+	}
+	return variablesMap
+}

common/pkg/capi/clustertopology/variables/variable.go

@@ -4,8 +4,6 @@
 apiVersion: cluster.x-k8s.io/v1beta1
 kind: Cluster
 metadata:
-  labels:
-    capiext.labs.d2iq.io/cni: calico
   name: capd-quick-start
 spec:
   clusterNetwork:
@@ -23,7 +21,9 @@ spec:
       replicas: 1
     variables:
       - name: clusterConfig
-        value: {}
+        value:
+          cni:
+            provider: calico
     version: v1.27.5
     workers:
       machineDeployments:

examples/capi-quick-start/capd-cluster.yaml

@@ -86,8 +86,6 @@ patches:
       path: "/spec/topology/variables"
       value:
         - name: "clusterConfig"
-          value: {}
-    - op: "add"
-      path: "/metadata/labels"
-      value:
-        capiext.labs.d2iq.io/cni: calico
+          value:
+            cni:
+              provider: calico

hack/examples/kustomization.yaml.tmpl

@@ -23,17 +23,15 @@ import (
 	ctrlclient "sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 
+	"github.com/d2iq-labs/capi-runtime-extensions/api/v1alpha1"
 	"github.com/d2iq-labs/capi-runtime-extensions/common/pkg/capi/clustertopology/handlers"
 	"github.com/d2iq-labs/capi-runtime-extensions/common/pkg/capi/clustertopology/handlers/lifecycle"
+	"github.com/d2iq-labs/capi-runtime-extensions/common/pkg/capi/clustertopology/variables"
 	"github.com/d2iq-labs/capi-runtime-extensions/common/pkg/k8s/client"
 	"github.com/d2iq-labs/capi-runtime-extensions/common/pkg/k8s/parser"
 	"github.com/d2iq-labs/capi-runtime-extensions/pkg/handlers/cni"
 )
 
-const (
-	CNILabelValue = "calico"
-)
-
 type CalicoCNIConfig struct {
 	defaultsNamespace string
 
@@ -68,6 +66,9 @@ func (c *CalicoCNIConfig) AddFlags(prefix string, flags *pflag.FlagSet) {
 type CalicoCNI struct {
 	client ctrlclient.Client
 	config *CalicoCNIConfig
+
+	variableName string
+	variablePath []string
 }
 
 var (
@@ -77,10 +78,17 @@ var (
 	calicoInstallationGK = schema.GroupKind{Group: "operator.tigera.io", Kind: "Installation"}
 )
 
-func New(c ctrlclient.Client, cfg *CalicoCNIConfig) *CalicoCNI {
+func New(
+	c ctrlclient.Client,
+	cfg *CalicoCNIConfig,
+	variableName string,
+	variablePath ...string,
+) *CalicoCNI {
 	return &CalicoCNI{
-		client: c,
-		config: cfg,
+		client:       c,
+		config:       cfg,
+		variableName: variableName,
+		variablePath: variablePath,
 	}
 }
 
@@ -104,18 +112,34 @@ func (s *CalicoCNI) AfterControlPlaneInitialized(
 	// will update for failure response properly.
 	resp.SetStatus(runtimehooksv1.ResponseStatusSuccess)
 
-	if v, ok := req.Cluster.GetLabels()[cni.CNIProviderLabelKey]; !ok || v != CNILabelValue {
+	varMap := variables.ClusterVariablesToVariablesMap(req.Cluster.Spec.Topology.Variables)
+
+	cniVar, found, err := variables.Get[v1alpha1.CNI](varMap, s.variableName, s.variablePath...)
+	if err != nil {
+		log.Error(
+			err,
+			"failed to read CNI provider from cluster definition",
+		)
+		resp.SetStatus(runtimehooksv1.ResponseStatusFailure)
+		resp.SetMessage(
+			fmt.Sprintf("failed to read CNI provider from cluster definition: %v",
+				err,
+			),
+		)
+		return
+	}
+	if !found || cniVar.Provider != v1alpha1.CNIProviderCalico {
 		log.V(4).Info(
 			fmt.Sprintf(
-				"Skipping Calico CNI handler, cluster does not specify %q as value of CNI provider label %q",
-				CNILabelValue,
-				cni.CNIProviderLabelKey,
+				"Skipping Calico CNI handler, cluster does not specify %q as value of CNI provider variable",
+				v1alpha1.CNIProviderCalico,
 			),
 		)
 		return
 	}
 
-	defaultInstallationConfigMapName, ok := s.config.defaultProviderInstallationConfigMapNames[req.Cluster.Spec.InfrastructureRef.Kind] //nolint:lll // Just a long line...
+	infraKind := req.Cluster.Spec.InfrastructureRef.Kind
+	defaultInstallationConfigMapName, ok := s.config.defaultProviderInstallationConfigMapNames[infraKind]
 	if !ok {
 		log.V(4).Info(
 			fmt.Sprintf(
@@ -136,7 +160,7 @@ func (s *CalicoCNI) AfterControlPlaneInitialized(
 	defaultTigeraOperatorConfigMapObjName := ctrlclient.ObjectKeyFromObject(
 		defaultTigeraOperatorConfigMap,
 	)
-	err := s.client.Get(ctx, defaultTigeraOperatorConfigMapObjName, defaultTigeraOperatorConfigMap)
+	err = s.client.Get(ctx, defaultTigeraOperatorConfigMapObjName, defaultTigeraOperatorConfigMap)
 	if err != nil {
 		log.Error(
 			err,
@@ -219,7 +243,7 @@ func generateTigeraOperatorCRS(
 			Kind:       "ConfigMap",
 		},
 		ObjectMeta: metav1.ObjectMeta{
-			Namespace: cluster.GetNamespace(),
+			Namespace: cluster.Namespace,
 			Name:      defaultTigeraOperatorConfigMap.Name,
 		},
 		Data:       defaultTigeraOperatorConfigMap.Data,
@@ -232,17 +256,17 @@ func generateTigeraOperatorCRS(
 			Kind:       "ClusterResourceSet",
 		},
 		ObjectMeta: metav1.ObjectMeta{
-			Namespace: cluster.GetNamespace(),
-			Name:      namespacedTigeraConfigMap.GetName(),
+			Namespace: cluster.Namespace,
+			Name:      namespacedTigeraConfigMap.Name,
 		},
 		Spec: crsv1.ClusterResourceSetSpec{
 			Resources: []crsv1.ResourceRef{{
 				Kind: string(crsv1.ConfigMapClusterResourceSetResourceKind),
-				Name: namespacedTigeraConfigMap.GetName(),
+				Name: namespacedTigeraConfigMap.Name,
 			}},
 			Strategy: string(crsv1.ClusterResourceSetStrategyReconcile),
 			ClusterSelector: metav1.LabelSelector{
-				MatchLabels: map[string]string{cni.CNIProviderLabelKey: CNILabelValue},
+				MatchLabels: map[string]string{capiv1.ClusterNameLabel: cluster.Name},
 			},
 		},
 	}
@@ -343,17 +367,17 @@ func generateProviderCNICRS(
 			Kind:       "ClusterResourceSet",
 		},
 		ObjectMeta: metav1.ObjectMeta{
-			Namespace: cluster.GetNamespace(),
-			Name:      cm.GetName(),
+			Namespace: cluster.Namespace,
+			Name:      cm.Name,
 		},
 		Spec: crsv1.ClusterResourceSetSpec{
 			Resources: []crsv1.ResourceRef{{
 				Kind: string(crsv1.ConfigMapClusterResourceSetResourceKind),
-				Name: cm.GetName(),
+				Name: cm.Name,
 			}},
 			Strategy: string(crsv1.ClusterResourceSetStrategyReconcile),
 			ClusterSelector: metav1.LabelSelector{
-				MatchLabels: map[string]string{capiv1.ClusterNameLabel: cluster.GetName()},
+				MatchLabels: map[string]string{capiv1.ClusterNameLabel: cluster.Name},
 			},
 		},
 	}