Support Flatcar and provide ignition bootstrap data (#308)

* add metadata handling for proxmox node name

* First draft: flatcar and ignition support

* Revert "add metadata handling for proxmox node name"

This reverts commit 3dd5aae.

* Make The Ignition ISO able to be unmounted

* Fixes lints

* Fixes Tests

* remove unsed config and Fixes Test

* Set ipv6

* add tests

* add tests for injector

* more test coverage

* Fix lint

* Provide a correct cluster template

* Provide docs on how to provision cluster with flatcar

* Address reviews

* Update envtest

* Address reviwes and try e2e test with skip label

* Implement networkd config units with VRFs

* Tidy

* E2e test for flatcar

* Use correct template for flatcar

* Add more tests

* Simpler units name

* add comment for netdev index

* Address reviews

* remove uncessary variable

* Add note about EXP_KUBEADM_BOOTSTRAP_FORMAT_IGNITION

* Address reviews

* Change ignition docs

* Remove quotes

* pkg/ignition/network.go: fix VRF routing rules policy table, add tests

---------

Co-authored-by: tuunit <[email protected]>
Co-authored-by: Felix Wischke (65278) <[email protected]>

Author: 3 people

.gitignore

@@ -46,5 +46,4 @@ _artifacts
 **e2e.test
 test/e2e/config/*-envsubst.yaml
 
-# asdf package manager
-.tool-versions
+.tool-versions

Makefile

@@ -181,6 +181,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest
 ## Tool Versions
 KUSTOMIZE_VERSION ?= v5.0.0
 CONTROLLER_TOOLS_VERSION ?= v0.15.0
+ENVTEST_VERSION ?= latest
 
 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
 .PHONY: kustomize
@@ -201,7 +202,7 @@ $(CONTROLLER_GEN): $(LOCALBIN)
 .PHONY: envtest
 envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
 $(ENVTEST): $(LOCALBIN)
-	test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.0.0-20240208111015-5923139bc5bd
+	test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@$(ENVTEST_VERSION)
 
 ##@ Test
 
@@ -280,7 +281,7 @@ KUBETEST_CONF_PATH ?= $(abspath $(E2E_DATA_DIR)/kubetest/conformance.yaml)
 
 # Allow overriding the e2e configurations
 GINKGO_FOCUS ?= Workload cluster creation
-GINKGO_SKIP ?= API Version Upgrade
+GINKGO_SKIP ?= Generic|Flatcar
 GINKGO_NODES ?= 1
 GINKGO_NOCOLOR ?= false
 GINKGO_ARGS ?=

api/v1alpha1/proxmoxmachine_types.go

@@ -297,6 +297,7 @@ type RoutingPolicySpec struct {
 	From string `json:"from,omitempty"`
 
 	// Table is the routing table ID.
+	// when used in the networks, the value should be the VRF Table.
 	// +optional
 	Table *uint32 `json:"table,omitempty"`
 

config/crd/bases/infrastructure.cluster.x-k8s.io_proxmoxclusters.yaml

@@ -328,8 +328,9 @@ spec:
                                             rule: (self > 0 && self < 32765) || (self
                                               > 32766)
                                         table:
-                                          description: Table is the routing table
-                                            ID.
+                                          description: |-
+                                            Table is the routing table ID.
+                                            when used in the networks, the value should be the VRF Table.
                                           format: int32
                                           type: integer
                                         to:
@@ -461,8 +462,9 @@ spec:
                                             rule: (self > 0 && self < 32765) || (self
                                               > 32766)
                                         table:
-                                          description: Table is the routing table
-                                            ID.
+                                          description: |-
+                                            Table is the routing table ID.
+                                            when used in the networks, the value should be the VRF Table.
                                           format: int32
                                           type: integer
                                         to:

config/crd/bases/infrastructure.cluster.x-k8s.io_proxmoxclustertemplates.yaml

@@ -356,8 +356,9 @@ spec:
                                                     rule: (self > 0 && self < 32765)
                                                       || (self > 32766)
                                                 table:
-                                                  description: Table is the routing
-                                                    table ID.
+                                                  description: |-
+                                                    Table is the routing table ID.
+                                                    when used in the networks, the value should be the VRF Table.
                                                   format: int32
                                                   type: integer
                                                 to:
@@ -498,8 +499,9 @@ spec:
                                                     rule: (self > 0 && self < 32765)
                                                       || (self > 32766)
                                                 table:
-                                                  description: Table is the routing
-                                                    table ID.
+                                                  description: |-
+                                                    Table is the routing table ID.
+                                                    when used in the networks, the value should be the VRF Table.
                                                   format: int32
                                                   type: integer
                                                 to:

config/crd/bases/infrastructure.cluster.x-k8s.io_proxmoxmachines.yaml

@@ -301,7 +301,9 @@ spec:
                                     kernel rules
                                   rule: (self > 0 && self < 32765) || (self > 32766)
                               table:
-                                description: Table is the routing table ID.
+                                description: |-
+                                  Table is the routing table ID.
+                                  when used in the networks, the value should be the VRF Table.
                                 format: int32
                                 type: integer
                               to:
@@ -427,7 +429,9 @@ spec:
                                     kernel rules
                                   rule: (self > 0 && self < 32765) || (self > 32766)
                               table:
-                                description: Table is the routing table ID.
+                                description: |-
+                                  Table is the routing table ID.
+                                  when used in the networks, the value should be the VRF Table.
                                 format: int32
                                 type: integer
                               to:

config/crd/bases/infrastructure.cluster.x-k8s.io_proxmoxmachinetemplates.yaml

@@ -328,7 +328,9 @@ spec:
                                           rule: (self > 0 && self < 32765) || (self
                                             > 32766)
                                       table:
-                                        description: Table is the routing table ID.
+                                        description: |-
+                                          Table is the routing table ID.
+                                          when used in the networks, the value should be the VRF Table.
                                         format: int32
                                         type: integer
                                       to:
@@ -460,7 +462,9 @@ spec:
                                           rule: (self > 0 && self < 32765) || (self
                                             > 32766)
                                       table:
-                                        description: Table is the routing table ID.
+                                        description: |-
+                                          Table is the routing table ID.
+                                          when used in the networks, the value should be the VRF Table.
                                         format: int32
                                         type: integer
                                       to:

docs/Usage.md

@@ -170,6 +170,7 @@ We provide the following templates:
 | default             | templates/cluster-template.yaml                      | -                                                         |
 | cilium loadbalancer | templates/cluster-template-cilium-load-balancer.yaml | templates/crs/cni/cilium.yaml, templates/crs/metallb.yaml |
 | external-creds      | templates/cluster-template-external-creds.yaml       |                                                           |
+| flatcar             | templates/cluster-template-flatcar.yaml              |                                                           |
 
 For more information about advanced clusters please check our [advanced setups docs](advanced-setups.md).
 
@@ -272,6 +273,42 @@ kubectl apply -f cluster-crs.yaml
 kubectl delete cluster proxmox-quickstart
 ```
 
+
+#### Provision a cluster with Flatcar Container Linux Images
+
+To provision a cluster with Flatcar, you need to build a suitable image with [image-builder](https://github.com/kubernetes-sigs/image-builder)
+Once this PR [#1589](https://github.com/kubernetes-sigs/image-builder/pull/1589) is merged, you can follow the official docs on how to build a Flatcar image for Proxmox.
+After you create a VM template using Flatcar, you can provision a cluster with the following options:
+
+First, make sure to enable the
+[experimental-feature-ignition-bootstrap-config](https://cluster-api.sigs.k8s.io/tasks/experimental-features/ignition#experimental-feature-ignition-bootstrap-config-alpha)
+
+you can do so, by [Enabling Experimental Features on Existing Management Clusters](https://cluster-api.sigs.k8s.io/tasks/experimental-features/experimental-features#enabling-experimental-features-on-existing-management-clusters)
+
+Then, you can generate a cluster manifest with the following command:
+```shell
+$ clusterctl generate cluster flatcar-quickstart \
+    --infrastructure proxmox \
+    --kubernetes-version v1.30.5 \
+    --control-plane-machine-count 3 \
+    --worker-machine-count 3 \
+    --flavor flatcar > cluster.yaml
+
+$ kubectl apply -f cluster.yaml
+```
+
+**Notes**: 
+- Make sure to define at least one ssh key in the `VM_SSH_KEYS` environment variable, or the cluster will fail to provision.
+- If you want more customization, you can extend the template to add multiple interfaces or dual-stack.
+- Make sure that the ProxmoxMachines always ignore the cloud-init status by defining `spec.checks.skipCloudInitStatus: true` in the ProxmoxMachine CR.
+
+```yaml
+spec:
+  checks:
+    skipQemuGuestAgent: false
+    skipCloudInitStatus: true
+```
+
 ### Custom cluster templates
 
 If you need anything specific that requires a more complex setup, we recommend to use custom templates:

go.mod

@@ -7,6 +7,7 @@ replace sigs.k8s.io/cluster-api => sigs.k8s.io/cluster-api v1.8.5
 replace github.com/google/cel-go => github.com/google/cel-go v0.17.8
 
 require (
+	github.com/flatcar/ignition v0.36.2
 	github.com/go-logr/logr v1.4.2
 	github.com/google/uuid v1.6.0
 	github.com/jarcoal/httpmock v1.3.1
@@ -38,6 +39,7 @@ require (
 	github.com/Microsoft/go-winio v0.5.0 // indirect
 	github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect
 	github.com/adrg/xdg v0.5.0 // indirect
+	github.com/ajeddeloh/go-json v0.0.0-20200220154158-5ae607161559 // indirect
 	github.com/alessio/shellescape v1.4.2 // indirect
 	github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
@@ -47,6 +49,8 @@ require (
 	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/cloudflare/circl v1.3.7 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
+	github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/diskfs/go-diskfs v1.2.0 // indirect
 	github.com/distribution/reference v0.6.0 // indirect
@@ -119,6 +123,7 @@ require (
 	github.com/stretchr/objx v0.5.2 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/valyala/fastjson v1.6.4 // indirect
+	github.com/vincent-petithory/dataurl v1.0.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
 	go.opentelemetry.io/otel v1.24.0 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0 // indirect
@@ -129,6 +134,7 @@ require (
 	go.opentelemetry.io/proto/otlp v1.0.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
+	go4.org v0.0.0-20201209231011-d4a079459e60 // indirect
 	golang.org/x/crypto v0.29.0 // indirect
 	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
 	golang.org/x/mod v0.22.0 // indirect