feat: add registry addon

api/v1alpha1/addon_types.go

@@ -27,6 +27,8 @@ const (
 
 	ServiceLoadBalancerProviderMetalLB = "MetalLB"
 
+	RegistryMirrorProviderDistribution = "Distribution"
+
 	AddonStrategyClusterResourceSet AddonStrategy = "ClusterResourceSet"
 	AddonStrategyHelmAddon          AddonStrategy = "HelmAddon"
 
@@ -100,6 +102,9 @@ type GenericAddons struct {
 
 	// +kubebuilder:validation:Optional
 	ServiceLoadBalancer *ServiceLoadBalancer `json:"serviceLoadBalancer,omitempty"`
+
+	// +kubebuilder:validation:Optional
+	RegistryMirror *RegistryMirror `json:"registryMirror,omitempty"`
 }
 
 type AddonStrategy string
@@ -335,3 +340,10 @@ type AddressRange struct {
 	// +kubebuilder:validation:Format=ipv4
 	End string `json:"end"`
 }
+
+type RegistryMirror struct {
+	// The OCI registry provider to deploy.
+	// +kubebuilder:default=Distribution
+	// +kubebuilder:validation:Enum=Distribution
+	Provider string `json:"provider"`
+}

api/v1alpha1/constants.go

@@ -28,6 +28,8 @@ const (
 	ClusterAutoscalerVariableName = "clusterAutoscaler"
 	// ServiceLoadBalancerVariableName is the Service LoadBalancer config patch variable name.
 	ServiceLoadBalancerVariableName = "serviceLoadBalancer"
+	// RegistryMirrorVariableName is the OCI registry config patch variable name.
+	RegistryMirrorVariableName = "registryMirror"
 
 	// GlobalMirrorVariableName is the global image registry mirror patch variable name.
 	GlobalMirrorVariableName = "globalImageRegistryMirror"
@@ -38,4 +40,7 @@ const (
 	DNSVariableName = "dns"
 
 	ClusterUUIDAnnotationKey = APIGroup + "/cluster-uuid"
+
+	// DefaultServicesSubnet defines default service subnet range used by kubeadm in CAPI
+	DefaultServicesSubnet = "10.96.0.0/12"
 )

api/v1alpha1/crds/caren.nutanix.com_awsclusterconfigs.yaml

@@ -234,6 +234,17 @@ spec:
                             - HelmAddon
                           type: string
                       type: object
+                    registryMirror:
+                      properties:
+                        provider:
+                          default: Distribution
+                          description: The OCI registry provider to deploy.
+                          enum:
+                            - Distribution
+                          type: string
+                      required:
+                        - provider
+                      type: object
                     serviceLoadBalancer:
                       properties:
                         configuration:

api/v1alpha1/crds/caren.nutanix.com_dockerclusterconfigs.yaml

@@ -243,6 +243,17 @@ spec:
                             - HelmAddon
                           type: string
                       type: object
+                    registryMirror:
+                      properties:
+                        provider:
+                          default: Distribution
+                          description: The OCI registry provider to deploy.
+                          enum:
+                            - Distribution
+                          type: string
+                      required:
+                        - provider
+                      type: object
                     serviceLoadBalancer:
                       properties:
                         configuration:

api/v1alpha1/crds/caren.nutanix.com_nutanixclusterconfigs.yaml

@@ -243,6 +243,17 @@ spec:
                             - HelmAddon
                           type: string
                       type: object
+                    registryMirror:
+                      properties:
+                        provider:
+                          default: Distribution
+                          description: The OCI registry provider to deploy.
+                          enum:
+                            - Distribution
+                          type: string
+                      required:
+                        - provider
+                      type: object
                     serviceLoadBalancer:
                       properties:
                         configuration:

charts/cluster-api-runtime-extensions-nutanix/README.md

@@ -85,6 +85,8 @@ A Helm chart for cluster-api-runtime-extensions-nutanix
 | hooks.nfd.crsStrategy.defaultInstallationConfigMap.name | string | `"node-feature-discovery"` |  |
 | hooks.nfd.helmAddonStrategy.defaultValueTemplateConfigMap.create | bool | `true` |  |
 | hooks.nfd.helmAddonStrategy.defaultValueTemplateConfigMap.name | string | `"default-nfd-helm-values-template"` |  |
+| hooks.registryMirror.distribution.defaultValueTemplateConfigMap.create | bool | `true` |  |
+| hooks.registryMirror.distribution.defaultValueTemplateConfigMap.name | string | `"default-distribution-registry-mirror-helm-values-template"` |  |
 | hooks.serviceLoadBalancer.metalLB.defaultValueTemplateConfigMap.create | bool | `true` |  |
 | hooks.serviceLoadBalancer.metalLB.defaultValueTemplateConfigMap.name | string | `"default-metallb-helm-values-template"` |  |
 | hooks.virtualIP.kubeVip.defaultTemplateConfigMap.create | bool | `true` |  |

charts/cluster-api-runtime-extensions-nutanix/addons/registry-mirror/distribution/values-template.yaml

@@ -0,0 +1,12 @@
+replicaCount: 2
+persistence:
+  enabled: true
+  size: 50Gi
+service:
+  type: ClusterIP
+  clusterIP: {{ .ServiceIP }}
+  port: 80
+statefulSet:
+  enabled: true
+  syncer:
+    interval: 2m

charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml

@@ -27,6 +27,10 @@ data:
     ChartName: cosi
     ChartVersion: 0.0.1-alpha.5
     RepositoryURL: '{{ if .Values.helmRepository.enabled }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://mesosphere.github.io/charts/stable/{{ end }}'
+  distribution-registry-mirror: |
+    ChartName: docker-registry
+    ChartVersion: 2.3.1
+    RepositoryURL: '{{ if .Values.helmRepository.enabled }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://mesosphere.github.io/charts/staging/{{ end }}'
   local-path-provisioner-csi: |
     ChartName: local-path-provisioner
     ChartVersion: 0.0.31

charts/cluster-api-runtime-extensions-nutanix/templates/registry-mirror/distribution/helm-addon-installation.yaml

@@ -0,0 +1,12 @@
+# Copyright 2025 Nutanix. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+{{- if .Values.hooks.registryMirror.distribution.defaultValueTemplateConfigMap.name }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: '{{ .Values.hooks.registryMirror.distribution.defaultValueTemplateConfigMap.name }}'
+data:
+  values.yaml: |-
+    {{- .Files.Get "addons/registry-mirror/distribution/values-template.yaml" | nindent 4 }}
+{{- end -}}

charts/cluster-api-runtime-extensions-nutanix/values.schema.json

@@ -504,6 +504,27 @@
                     },
                     "type": "object"
                 },
+                "registryMirror": {
+                    "properties": {
+                        "distribution": {
+                            "properties": {
+                                "defaultValueTemplateConfigMap": {
+                                    "properties": {
+                                        "create": {
+                                            "type": "boolean"
+                                        },
+                                        "name": {
+                                            "type": "string"
+                                        }
+                                    },
+                                    "type": "object"
+                                }
+                            },
+                            "type": "object"
+                        }
+                    },
+                    "type": "object"
+                },
                 "serviceLoadBalancer": {
                     "properties": {
                         "metalLB": {

charts/cluster-api-runtime-extensions-nutanix/values.yaml

@@ -111,6 +111,11 @@ hooks:
         defaultValueTemplateConfigMap:
           create: true
           name: default-cosi-controller-helm-values-template
+  registryMirror:
+    distribution:
+      defaultValueTemplateConfigMap:
+        create: true
+        name: default-distribution-registry-mirror-helm-values-template
 
 helmAddonsConfigMap: default-helm-addons-config
 

docs/content/addons/registry-mirror.md

@@ -0,0 +1,32 @@
++++
+title = "Registry Mirror"
+icon = "fa-solid fa-eye"
++++
+
+By leveraging CAPI cluster lifecycle hooks, this handler deploys an OCI [Distribution] (Distribution) registry
+as a mirror on the new cluster at the `AfterControlPlaneInitialized` phase.
+
+Deployment of registry mirror is opt-in via the [provider-specific cluster configuration]({{< ref ".." >}}).
+
+The hook will use the [Cluster API Add-on Provider for Helm] to deploy the registry mirror resources.
+
+## Example
+
+To enable deployment of the registry mirror on a cluster, specify the following values:
+
+```yaml
+apiVersion: cluster.x-k8s.io/v1beta1
+kind: Cluster
+metadata:
+  name: <NAME>
+spec:
+  topology:
+    variables:
+      - name: clusterConfig
+        value:
+          addons:
+            registryMirror: {}
+```
+
+[Distribution]: https://github.com/distribution/distribution
+[Cluster API Add-on Provider for Helm]: https://github.com/kubernetes-sigs/cluster-api-addon-provider-helm

examples/capi-quick-start/docker-cluster-calico-crs.yaml

@@ -41,6 +41,7 @@ spec:
               strategy: ClusterResourceSet
           nfd:
             strategy: ClusterResourceSet
+          registryMirror: {}
           serviceLoadBalancer:
             configuration:
               addressRanges:

examples/capi-quick-start/docker-cluster-calico-helm-addon.yaml

@@ -36,6 +36,7 @@ spec:
                   default: {}
             snapshotController: {}
           nfd: {}
+          registryMirror: {}
           serviceLoadBalancer:
             configuration:
               addressRanges:

examples/capi-quick-start/docker-cluster-cilium-crs.yaml

@@ -41,6 +41,7 @@ spec:
               strategy: ClusterResourceSet
           nfd:
             strategy: ClusterResourceSet
+          registryMirror: {}
           serviceLoadBalancer:
             configuration:
               addressRanges:

examples/capi-quick-start/docker-cluster-cilium-helm-addon.yaml

@@ -36,6 +36,7 @@ spec:
                   default: {}
             snapshotController: {}
           nfd: {}
+          registryMirror: {}
           serviceLoadBalancer:
             configuration:
               addressRanges:

hack/addons/helm-chart-bundler/repos.yaml

@@ -31,6 +31,11 @@ repositories:
     charts:
       cosi:
       - 0.0.1-alpha.5
+  docker-registry:
+    repoURL: https://mesosphere.github.io/charts/staging/
+    charts:
+      docker-registry:
+      - 2.3.1
   local-path-provisioner:
     repoURL: https://charts.containeroo.ch
     charts:

hack/addons/kustomize/distribution-registry-mirror/kustomization.yaml.tmpl

@@ -0,0 +1,27 @@
+# Copyright 2025 Nutanix. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+# NOTE This file is used by the tool in `hack/tools/helm-cm` to add
+# docker-registry chart metadata to the "helm-addons" ConfigMap. The tool takes
+# a kustomization as input. We do not use this file with kustomize.
+
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+metadata:
+  name: registry-distribution
+
+sortOptions:
+  order: fifo
+
+helmCharts:
+- name: docker-registry
+  repo: https://mesosphere.github.io/charts/staging/
+  releaseName: registry-mirror
+  version: 2.3.1
+  valuesFile: helm-values.yaml
+  includeCRDs: true
+  skipTests: true
+  namespace: registry-mirror-system
+
+namespace: registry-mirror-system

hack/examples/bases/docker/cluster/kustomization.yaml.tmpl

@@ -40,7 +40,10 @@ patches:
   path: ../../../patches/docker/csi.yaml
 - target:
     kind: Cluster
-  path: ../../../patches/nutanix/cosi.yaml
+  path: ../../../patches/docker/cosi.yaml
+- target:
+    kind: Cluster
+  path: ../../../patches/docker/registry-mirror.yaml
 - target:
     kind: Cluster
   path: ../../../patches/encryption.yaml

hack/examples/patches/docker/registry-mirror.yaml

@@ -0,0 +1,6 @@
+# Copyright 2025 Nutanix. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+- op: "add"
+  path: "/spec/topology/variables/0/value/addons/registryMirror"
+  value: {}

pkg/handlers/generic/lifecycle/config/cm.go

@@ -17,18 +17,19 @@ import (
 type Component string
 
 const (
-	Autoscaler              Component = "cluster-autoscaler"
-	Tigera                  Component = "tigera-operator"
-	Cilium                  Component = "cilium"
-	NFD                     Component = "nfd"
-	NutanixStorageCSI       Component = "nutanix-storage-csi"
-	SnapshotController      Component = "snapshot-controller"
-	NutanixCCM              Component = "nutanix-ccm"
-	MetalLB                 Component = "metallb"
-	LocalPathProvisionerCSI Component = "local-path-provisioner-csi"
-	AWSEBSCSI               Component = "aws-ebs-csi"
-	AWSCCM                  Component = "aws-ccm"
-	COSIController          Component = "cosi-controller"
+	Autoscaler                 Component = "cluster-autoscaler"
+	Tigera                     Component = "tigera-operator"
+	Cilium                     Component = "cilium"
+	NFD                        Component = "nfd"
+	NutanixStorageCSI          Component = "nutanix-storage-csi"
+	SnapshotController         Component = "snapshot-controller"
+	NutanixCCM                 Component = "nutanix-ccm"
+	MetalLB                    Component = "metallb"
+	LocalPathProvisionerCSI    Component = "local-path-provisioner-csi"
+	AWSEBSCSI                  Component = "aws-ebs-csi"
+	AWSCCM                     Component = "aws-ccm"
+	COSIController             Component = "cosi-controller"
+	DistributionRegistryMirror Component = "distribution-registry-mirror"
 )
 
 type HelmChartGetter struct {