Add capi ipam support

Tiltfile

@@ -19,6 +19,7 @@ settings = {
     "preload_images_for_kind": True,
     "kind_cluster_name": "capm",
     "capi_version": "v1.6.4",
+    "capi_ipam_version": "v1.0.1",
     "cert_manager_version": "v1.14.4",
     "kubernetes_version": "v1.29.4",
     "metal_image": "ghcr.io/ironcore-dev/metal-operator-controller-manager:latest",
@@ -43,7 +44,7 @@ settings = {
         "--insecure-diagnostics=false",
         "--feature-gates=MachinePool=false,KubeadmBootstrapFormatIgnition=true",
         "--bootstrap-token-ttl=15m"
-        ]
+        ],
     }
 }
 
@@ -91,6 +92,13 @@ def deploy_capi():
             if kb_new_args:
                 replace_args_with_new_args("capi-kubeadm-bootstrap-system", "capi-kubeadm-bootstrap-controller-manager", kb_new_args)
 
+# deploy CAPI IPAM
+def deploy_capi_ipam():
+    version = settings.get("capi_ipam_version")
+    capi_uri = "https://github.com/kubernetes-sigs/cluster-api-ipam-provider-in-cluster/releases/download/{}/ipam-components.yaml".format(version)
+    cmd = "curl -sSL {} | {} | {} apply -f -".format(capi_uri, envsubst_cmd, kubectl_cmd)
+    local(cmd, quiet=True)
+
 # deploy metal-operator
 def deploy_metal():
     version = settings.get("metal_version")
@@ -288,6 +296,8 @@ deploy_cert_manager()
 
 deploy_capi()
 
+deploy_capi_ipam()
+
 deploy_metal()
 
 capm()
@@ -298,30 +308,38 @@ k8s_yaml('./templates/test/cluster_v1beta1_cluster.yaml')
 k8s_resource(
     objects=['cluster-sample:cluster'],
     new_name='cluster-sample',
-    trigger_mode=TRIGGER_MODE_MANUAL,
-    auto_init=False
+    trigger_mode=TRIGGER_MODE_AUTO,
+    auto_init=True
 )
 
 k8s_yaml('./config/samples/infrastructure_v1alpha1_ironcoremetalcluster.yaml')
 k8s_resource(
     objects=['ironcoremetalcluster-sample:ironcoremetalcluster'],
     new_name='ironcoremetalcluster-sample',
-    trigger_mode=TRIGGER_MODE_MANUAL,
-    auto_init=False
+    trigger_mode=TRIGGER_MODE_AUTO,
+    auto_init=True
 )
 
 k8s_yaml('./config/samples/infrastructure_v1alpha1_ironcoremetalmachinetemplate.yaml')
 k8s_resource(
     objects=['ironcoremetalmachinetemplate-sample-control-plane:ironcoremetalmachinetemplate'],
     new_name='ironcoremetalmachinetemplate-sample-control-plane',
-    trigger_mode=TRIGGER_MODE_MANUAL,
-    auto_init=False
+    trigger_mode=TRIGGER_MODE_AUTO,
+    auto_init=True
 )
 
 k8s_yaml('./templates/test/cluster_v1beta1_kubeadmcontrolplane.yaml')
 k8s_resource(
     objects=['kubeadmcontrolplane-sample-cp:kubeadmcontrolplane'],
     new_name='kubeadmcontrolplane-sample-cp',
-    trigger_mode=TRIGGER_MODE_MANUAL,
-    auto_init=False
+    trigger_mode=TRIGGER_MODE_AUTO,
+    auto_init=True
+)
+
+k8s_yaml('./templates/test/ipam_cluster_v1alpha2_globalinclusterippool.yaml')
+k8s_resource(
+    objects=['globalinclusterippool-sample-cp:globalinclusterippool'],
+    new_name='globalinclusterippool-sample-cp',
+    trigger_mode=TRIGGER_MODE_AUTO,
+    auto_init=True
 )

api/v1alpha1/ironcoremetalmachine_types.go

@@ -6,6 +6,7 @@ package v1alpha1
 import (
 	"time"
 
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -31,6 +32,13 @@ type IroncoreMetalMachineSpec struct {
 	// This is used to claim specific Server types for a IroncoreMetalMachine.
 	// +optional
 	ServerSelector *metav1.LabelSelector `json:"serverSelector,omitempty"`
+
+	// IPAMConfig is a list of references to Network resources that should be used to assign IP addresses to the worker nodes.
+	// +optional
+	IPAMConfig []IPAMConfig `json:"ipamConfig,omitempty"`
+	// Metadata is a key-value map of additional data which should be passed to the Machine.
+	// +optional
+	Metadata *apiextensionsv1.JSON `json:"metadata,omitempty"`
 }
 
 // IroncoreMetalMachineStatus defines the observed state of IroncoreMetalMachine
@@ -102,3 +110,21 @@ type IroncoreMetalMachineList struct {
 func init() {
 	SchemeBuilder.Register(&IroncoreMetalMachine{}, &IroncoreMetalMachineList{})
 }
+
+// IPAMObjectReference is a reference to the IPAM object, which will be used for IP allocation.
+type IPAMObjectReference struct {
+	// Name is the name of resource being referenced.
+	Name string `json:"name"`
+	// APIGroup is the group for the resource being referenced.
+	APIGroup string `json:"apiGroup"`
+	// Kind is the type of resource being referenced.
+	Kind string `json:"kind"`
+}
+
+// IPAMConfig is a reference to an IPAM resource.
+type IPAMConfig struct {
+	// MetadataKey is the name of metadata key for the network.
+	MetadataKey string `json:"metadataKey"`
+	// IPAMRef is a reference to the IPAM object, which will be used for IP allocation.
+	IPAMRef *IPAMObjectReference `json:"ipamRef"`
+}

cmd/main.go

@@ -28,6 +28,7 @@ import (
 	infrastructurev1alpha1 "github.com/ironcore-dev/cluster-api-provider-ironcore-metal/api/v1alpha1"
 	"github.com/ironcore-dev/cluster-api-provider-ironcore-metal/internal/controller"
 	metalv1alpha1 "github.com/ironcore-dev/metal-operator/api/v1alpha1"
+	capiv1beta1 "sigs.k8s.io/cluster-api/exp/ipam/api/v1beta1"
 	// +kubebuilder:scaffold:imports
 )
 
@@ -37,6 +38,7 @@ var (
 )
 
 func init() {
+	utilruntime.Must(capiv1beta1.AddToScheme(scheme))
 	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
 	utilruntime.Must(clusterv1.AddToScheme(scheme))
 	utilruntime.Must(infrastructurev1alpha1.AddToScheme(scheme))

config/crd/bases/infrastructure.cluster.x-k8s.io_ironcoremetalmachines.yaml

@@ -43,6 +43,44 @@ spec:
               image:
                 description: Image specifies the boot image to be used for the server.
                 type: string
+              ipamConfig:
+                description: IPAMConfig is a list of references to Network resources
+                  that should be used to assign IP addresses to the worker nodes.
+                items:
+                  description: IPAMConfig is a reference to an IPAM resource.
+                  properties:
+                    ipamRef:
+                      description: IPAMRef is a reference to the IPAM object, which
+                        will be used for IP allocation.
+                      properties:
+                        apiGroup:
+                          description: APIGroup is the group for the resource being
+                            referenced.
+                          type: string
+                        kind:
+                          description: Kind is the type of resource being referenced.
+                          type: string
+                        name:
+                          description: Name is the name of resource being referenced.
+                          type: string
+                      required:
+                      - apiGroup
+                      - kind
+                      - name
+                      type: object
+                    metadataKey:
+                      description: MetadataKey is the name of metadata key for the
+                        network.
+                      type: string
+                  required:
+                  - ipamRef
+                  - metadataKey
+                  type: object
+                type: array
+              metadata:
+                description: Metadata is a key-value map of additional data which
+                  should be passed to the Machine.
+                x-kubernetes-preserve-unknown-fields: true
               providerID:
                 description: ProviderID is the unique identifier as specified by the
                   cloud provider.

config/crd/bases/infrastructure.cluster.x-k8s.io_ironcoremetalmachinetemplates.yaml

@@ -77,6 +77,47 @@ spec:
                         description: Image specifies the boot image to be used for
                           the server.
                         type: string
+                      ipamConfig:
+                        description: IPAMConfig is a list of references to Network
+                          resources that should be used to assign IP addresses to
+                          the worker nodes.
+                        items:
+                          description: IPAMConfig is a reference to an IPAM resource.
+                          properties:
+                            ipamRef:
+                              description: IPAMRef is a reference to the IPAM object,
+                                which will be used for IP allocation.
+                              properties:
+                                apiGroup:
+                                  description: APIGroup is the group for the resource
+                                    being referenced.
+                                  type: string
+                                kind:
+                                  description: Kind is the type of resource being
+                                    referenced.
+                                  type: string
+                                name:
+                                  description: Name is the name of resource being
+                                    referenced.
+                                  type: string
+                              required:
+                              - apiGroup
+                              - kind
+                              - name
+                              type: object
+                            metadataKey:
+                              description: MetadataKey is the name of metadata key
+                                for the network.
+                              type: string
+                          required:
+                          - ipamRef
+                          - metadataKey
+                          type: object
+                        type: array
+                      metadata:
+                        description: Metadata is a key-value map of additional data
+                          which should be passed to the Machine.
+                        x-kubernetes-preserve-unknown-fields: true
                       providerID:
                         description: ProviderID is the unique identifier as specified
                           by the cloud provider.

config/rbac/role.yaml

@@ -81,6 +81,26 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - ipam.cluster.x-k8s.io
+  resources:
+  - ipaddressclaims
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ipam.cluster.x-k8s.io
+  resources:
+  - ipaddresses
+  verbs:
+  - get
+  - list
+  - watch
 - apiGroups:
   - metal.ironcore.dev
   resources:

config/samples/infrastructure_v1alpha1_ironcoremetalmachinetemplate.yaml

@@ -11,4 +11,12 @@ spec:
       serverSelector:
         matchLabels:
           server: metal
-      image: ghcr.io/ironcore-dev/os-images/gardenlinux:1443.3
+      image: ghcr.io/ironcore-dev/os-images/gardenlinux:1443.3
+      metadata:
+        foo: bar
+      ipamConfig:
+      - metadataKey: bond
+        ipamRef:
+          apiGroup: ipam.cluster.x-k8s.io
+          kind: GlobalInClusterIPPool
+          name: globalinclusterippool-sample-cp

go.mod

@@ -4,12 +4,14 @@ go 1.23.0
 
 require (
 	github.com/go-logr/logr v1.4.2
+	github.com/imdario/mergo v0.3.16
 	github.com/ironcore-dev/controller-utils v0.9.7
 	github.com/ironcore-dev/metal-operator v0.0.0-20241009145147-7ccca8caf3b1
 	github.com/onsi/ginkgo/v2 v2.22.2
 	github.com/onsi/gomega v1.36.2
 	github.com/pkg/errors v0.9.1
 	k8s.io/api v0.31.4
+	k8s.io/apiextensions-apiserver v0.31.4
 	k8s.io/apimachinery v0.31.4
 	k8s.io/client-go v0.31.4
 	k8s.io/klog/v2 v2.130.1
@@ -48,7 +50,6 @@ require (
 	github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
-	github.com/imdario/mergo v0.3.16 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
@@ -91,7 +92,6 @@ require (
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apiextensions-apiserver v0.31.4 // indirect
 	k8s.io/apiserver v0.31.4 // indirect
 	k8s.io/component-base v0.31.4 // indirect
 	k8s.io/kube-openapi v0.0.0-20240709000822-3c01b740850f // indirect