Implement BootPolicy API handling in the ServerClaim

Author: hardikdr

api/v1alpha1/serverclaim_types.go

@@ -12,6 +12,11 @@ import (
 // +kubebuilder:validation:XValidation:rule="!has(oldSelf.serverRef) || has(self.serverRef)", message="serverRef is required once set"
 // +kubebuilder:validation:XValidation:rule="!has(oldSelf.serverSelector) || has(self.serverSelector)", message="serverSelector is required once set"
 type ServerClaimSpec struct {
+	// BootPolicy specifies how the server should be configured to boot from the network.
+	// +kubebuilder:validation:Enum=None;NetworkBootOnce;NetworkBootAlways
+	// +kubebuilder:default=NetworkBootOnce
+	BootPolicy BootPolicy `json:"bootPolicy,omitempty"`
+
 	// Power specifies the desired power state of the server.
 	// +required
 	Power Power `json:"power"`
@@ -40,6 +45,18 @@ type ServerClaimSpec struct {
 	Image string `json:"image"`
 }
 
+// BootPolicy defines the boot behavior for a server claimed by a ServerClaim.
+type BootPolicy string
+
+const (
+	// BootPolicyNone indicates that no network boot should be configured when reconciling the server claim.
+	BootPolicyNone BootPolicy = "None"
+	// BootPolicyNetworkBootOnce configures the server to boot from the network once on the next power cycle.
+	BootPolicyNetworkBootOnce BootPolicy = "NetworkBootOnce"
+	// BootPolicyNetworkBootAlways configures the server to set PXE boot on every reconciliation.
+	BootPolicyNetworkBootAlways BootPolicy = "NetworkBootAlways"
+)
+
 // Phase defines the possible phases of a ServerClaim.
 type Phase string
 

cmd/manager/main.go

@@ -10,6 +10,7 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
+	"strings"
 	"time"
 
 	"github.com/ironcore-dev/controller-utils/conditionutils"
@@ -92,6 +93,8 @@ func main() { // nolint: gocyclo
 		serverMaxConcurrentReconciles      int
 		serverClaimMaxConcurrentReconciles int
 		dnsRecordTemplatePath              string
+		firstBootConditionsRaw             string
+		firstBootConditions                []string
 	)
 
 	flag.IntVar(&serverMaxConcurrentReconciles, "server-max-concurrent-reconciles", 5,
@@ -150,6 +153,8 @@ func main() { // nolint: gocyclo
 		"Timeout for BIOS Settings Controller")
 	flag.StringVar(&dnsRecordTemplatePath, "dns-record-template-path", "",
 		"Path to the DNS record template file used for creating DNS records for Servers.")
+	flag.StringVar(&firstBootConditionsRaw, "first-boot-conditions", "IgnitionDataFetched,IPXEScriptFetched",
+		"Comma-separated list of ServerBootConfiguration condition types that indicate first boot completion.")
 
 	opts := zap.Options{
 		Development: true,
@@ -159,6 +164,8 @@ func main() { // nolint: gocyclo
 
 	ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts)))
 
+	firstBootConditions = splitAndTrimList(firstBootConditionsRaw)
+
 	if probeOSImage == "" {
 		setupLog.Error(nil, "probe OS image must be set")
 		os.Exit(1)
@@ -368,6 +375,7 @@ func main() { // nolint: gocyclo
 		EnforcePowerOff:         enforcePowerOff,
 		MaxConcurrentReconciles: serverMaxConcurrentReconciles,
 		Conditions:              conditionutils.NewAccessor(conditionutils.AccessorOptions{}),
+		FirstBootConditions:     firstBootConditions,
 		BMCOptions: bmc.Options{
 			BasicAuth:               true,
 			PowerPollingInterval:    powerPollingInterval,
@@ -584,3 +592,20 @@ func main() { // nolint: gocyclo
 		os.Exit(1)
 	}
 }
+
+func splitAndTrimList(raw string) []string {
+	if raw == "" {
+		return nil
+	}
+
+	parts := strings.Split(raw, ",")
+	out := make([]string, 0, len(parts))
+	for _, part := range parts {
+		part = strings.TrimSpace(part)
+		if part == "" {
+			continue
+		}
+		out = append(out, part)
+	}
+	return out
+}

config/crd/bases/metal.ironcore.dev_serverclaims.yaml

@@ -55,6 +55,15 @@ spec:
           spec:
             description: ServerClaimSpec defines the desired state of ServerClaim.
             properties:
+              bootPolicy:
+                default: NetworkBootOnce
+                description: BootPolicy specifies how the server should be configured
+                  to boot from the network.
+                enum:
+                - None
+                - NetworkBootOnce
+                - NetworkBootAlways
+                type: string
               ignitionSecretRef:
                 description: |-
                   IgnitionSecretRef is a reference to the Kubernetes Secret object that contains

dist/chart/templates/crd/metal.ironcore.dev_serverclaims.yaml

@@ -80,6 +80,14 @@ spec:
               image:
                 description: Image specifies the boot image to be used for the server.
                 type: string
+              bootPolicy:
+                default: NetworkBootOnce
+                description: BootPolicy specifies how the server should be configured to boot from the network.
+                enum:
+                - None
+                - NetworkBootOnce
+                - NetworkBootAlways
+                type: string
               power:
                 description: Power specifies the desired power state of the server.
                 type: string

docs/api-reference/api.md

@@ -844,6 +844,24 @@ _Appears in:_
 | `device` _string_ | Device is the device to boot from. |  |  |
 
 
+#### BootPolicy
+
+_Underlying type:_ _string_
+
+BootPolicy defines the boot behavior for a server claimed by a ServerClaim.
+
+
+
+_Appears in:_
+- [ServerClaimSpec](#serverclaimspec)
+
+| Field | Description |
+| --- | --- |
+| `None` | BootPolicyNone indicates that no network boot should be configured when reconciling the server claim.<br /> |
+| `NetworkBootOnce` | BootPolicyNetworkBootOnce configures the server to boot from the network once on the next power cycle.<br /> |
+| `NetworkBootAlways` | BootPolicyNetworkBootAlways configures the server to set PXE boot on every reconciliation.<br /> |
+
+
 #### ConsoleProtocol
 
 
@@ -1326,6 +1344,7 @@ _Appears in:_
 
 | Field | Description | Default | Validation |
 | --- | --- | --- | --- |
+| `bootPolicy` _[BootPolicy](#bootpolicy)_ | BootPolicy specifies how the server should be configured to boot from the network. | NetworkBootOnce | Enum: [None NetworkBootOnce NetworkBootAlways] <br /> |
 | `power` _[Power](#power)_ | Power specifies the desired power state of the server. |  |  |
 | `serverRef` _[LocalObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#localobjectreference-v1-core)_ | ServerRef is a reference to a specific server to be claimed.<br />This field is optional and can be omitted if the server is to be selected using ServerSelector. |  | Optional: \{\} <br /> |
 | `serverSelector` _[LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.34/#labelselector-v1-meta)_ | ServerSelector specifies a label selector to identify the server to be claimed.<br />This field is optional and can be omitted if a specific server is referenced using ServerRef. |  | Optional: \{\} <br /> |

docs/concepts/serverclaims.md

@@ -43,6 +43,12 @@ spec:
     name: my-ignition-secret
 ```
 
+## Boot Policies
+
+- `bootPolicy: NetworkBootOnce` (default): The controller configures a one-time PXE boot when the server is restarted.
+- `bootPolicy: NetworkBootAlways`: The controller always refreshes the PXE boot configuration during reconciliation, ensuring every power cycle uses network boot.
+- `bootPolicy: None`: The controller does not configure PXE boot, preserving the existing boot configuration during power operations.
+
 ## Reconciliation Process
 
 - [`ServerBootConfiguration`](serverbootconfigurations.md):

internal/controller/server_controller.go

@@ -92,6 +92,7 @@ type ServerReconciler struct {
 	DiscoveryTimeout        time.Duration
 	MaxConcurrentReconciles int
 	Conditions              *conditionutils.Accessor
+	FirstBootConditions     []string
 }
 
 //+kubebuilder:rbac:groups=metal.ironcore.dev,resources=bmcs,verbs=get;list;watch
@@ -320,7 +321,7 @@ func (r *ServerReconciler) handleInitialState(ctx context.Context, log logr.Logg
 }
 
 func (r *ServerReconciler) handleDiscoveryState(ctx context.Context, log logr.Logger, bmcClient bmc.BMC, server *metalv1alpha1.Server) (bool, error) {
-	if ready, err := r.serverBootConfigurationIsReady(ctx, server); err != nil || !ready {
+	if _, ready, err := r.serverBootConfigurationIsReady(ctx, server); err != nil || !ready {
 		log.V(1).Info("Server boot configuration is not ready. Retrying ...")
 		return true, err
 	}
@@ -412,15 +413,16 @@ func (r *ServerReconciler) handleReservedState(ctx context.Context, log logr.Log
 			return true, err
 		}
 	}
-	if ready, err := r.serverBootConfigurationIsReady(ctx, server); err != nil || !ready {
+	bootConfig, ready, err := r.serverBootConfigurationIsReady(ctx, server)
+	if err != nil || !ready {
 		log.V(1).Info("Server boot configuration is not ready. Retrying ...")
 		return true, err
 	}
 	log.V(1).Info("Server boot configuration is ready")
 
 	// TODO: fix properly, we need to free up the server if the claim does not exist anymore
 	claim := &metalv1alpha1.ServerClaim{}
-	err := r.Get(ctx, client.ObjectKey{
+	err = r.Get(ctx, client.ObjectKey{
 		Name:      server.Spec.ServerClaimRef.Name,
 		Namespace: server.Spec.ServerClaimRef.Namespace}, claim)
 	if err != nil {
@@ -439,12 +441,13 @@ func (r *ServerReconciler) handleReservedState(ctx context.Context, log logr.Log
 		return false, fmt.Errorf("failed to get ServerClaim: %w", err)
 	}
 
+	shouldConfigureNetworkBoot := shouldPXEBootServer(claim, bootConfig, r.FirstBootConditions)
 	//TODO: handle working Reserved Server that was suddenly powered off but needs to boot from disk
-	if server.Status.PowerState == metalv1alpha1.ServerOffPowerState {
+	if server.Status.PowerState == metalv1alpha1.ServerOffPowerState && shouldConfigureNetworkBoot {
 		if err := r.pxeBootServer(ctx, log, bmcClient, server); err != nil {
 			return false, fmt.Errorf("failed to boot server: %w", err)
 		}
-		log.V(1).Info("Server is powered off, booting Server in PXE")
+		log.V(1).Info("Server is powered off and boot policy requires PXE, booting Server in PXE", "BootPolicy", claim.Spec.BootPolicy)
 	}
 	if err := r.ensureServerPowerState(ctx, log, bmcClient, server); err != nil {
 		return false, fmt.Errorf("failed to ensure server power state: %w", err)
@@ -764,15 +767,15 @@ func (r *ServerReconciler) setAndPatchServerPowerState(ctx context.Context, log
 	return false, nil
 }
 
-func (r *ServerReconciler) serverBootConfigurationIsReady(ctx context.Context, server *metalv1alpha1.Server) (bool, error) {
+func (r *ServerReconciler) serverBootConfigurationIsReady(ctx context.Context, server *metalv1alpha1.Server) (*metalv1alpha1.ServerBootConfiguration, bool, error) {
 	if server.Spec.BootConfigurationRef == nil {
-		return false, nil
+		return nil, false, nil
 	}
 	config := &metalv1alpha1.ServerBootConfiguration{}
 	if err := r.Get(ctx, client.ObjectKey{Namespace: server.Spec.BootConfigurationRef.Namespace, Name: server.Spec.BootConfigurationRef.Name}, config); err != nil {
-		return false, err
+		return nil, false, err
 	}
-	return config.Status.State == metalv1alpha1.ServerBootConfigurationStateReady, nil
+	return config, config.Status.State == metalv1alpha1.ServerBootConfigurationStateReady, nil
 }
 
 func (r *ServerReconciler) pxeBootServer(ctx context.Context, log logr.Logger, bmcClient bmc.BMC, server *metalv1alpha1.Server) error {
@@ -791,6 +794,49 @@ func (r *ServerReconciler) pxeBootServer(ctx context.Context, log logr.Logger, b
 	return nil
 }
 
+func shouldPXEBootServer(claim *metalv1alpha1.ServerClaim, bootConfig *metalv1alpha1.ServerBootConfiguration, firstBootConditions []string) bool {
+	if claim == nil {
+		return false
+	}
+
+	switch claim.Spec.BootPolicy {
+	case "", metalv1alpha1.BootPolicyNetworkBootOnce:
+		return !bootConfigHasFirstBootCondition(bootConfig, firstBootConditions)
+	case metalv1alpha1.BootPolicyNetworkBootAlways:
+		return true
+	default:
+		return false
+	}
+}
+
+func bootConfigHasFirstBootCondition(bootConfig *metalv1alpha1.ServerBootConfiguration, firstBootConditions []string) bool {
+	if bootConfig == nil || len(firstBootConditions) == 0 {
+		return false
+	}
+
+	conditionSet := make(map[string]struct{}, len(firstBootConditions))
+	for _, conditionType := range firstBootConditions {
+		conditionType = strings.TrimSpace(conditionType)
+		if conditionType == "" {
+			continue
+		}
+		conditionSet[conditionType] = struct{}{}
+	}
+	if len(conditionSet) == 0 {
+		return false
+	}
+
+	for _, condition := range bootConfig.Status.Conditions {
+		if condition.Status != metav1.ConditionTrue {
+			continue
+		}
+		if _, ok := conditionSet[condition.Type]; ok {
+			return true
+		}
+	}
+	return false
+}
+
 func (r *ServerReconciler) extractServerDetailsFromRegistry(ctx context.Context, log logr.Logger, server *metalv1alpha1.Server) (bool, error) {
 	resp, err := http.Get(fmt.Sprintf("%s/systems/%s", r.RegistryURL, server.Spec.SystemUUID))
 	if resp != nil && resp.StatusCode == http.StatusNotFound {

internal/controller/server_controller_test.go

@@ -795,6 +795,77 @@ var _ = Describe("Server Controller", func() {
 	})
 })
 
+var _ = Describe("shouldPXEBootServer", func() {
+	var claim *metalv1alpha1.ServerClaim
+	var bootConfig *metalv1alpha1.ServerBootConfiguration
+	var firstBootConditions []string
+
+	BeforeEach(func() {
+		claim = &metalv1alpha1.ServerClaim{
+			Spec: metalv1alpha1.ServerClaimSpec{
+				BootPolicy: metalv1alpha1.BootPolicyNetworkBootOnce,
+			},
+		}
+		bootConfig = &metalv1alpha1.ServerBootConfiguration{}
+		firstBootConditions = []string{"IgnitionDataFetched", "IPXEScriptFetched"}
+	})
+
+	It("returns true for NetworkBootAlways regardless of boot config conditions", func() {
+		claim.Spec.BootPolicy = metalv1alpha1.BootPolicyNetworkBootAlways
+		Expect(shouldPXEBootServer(claim, bootConfig, firstBootConditions)).To(BeTrue())
+	})
+
+	It("returns false for NetworkBootOnce when a first-boot condition is true", func() {
+		bootConfig.Status.Conditions = []metav1.Condition{
+			{
+				Type:   "IPXEScriptFetched",
+				Status: metav1.ConditionTrue,
+			},
+		}
+		Expect(shouldPXEBootServer(claim, bootConfig, firstBootConditions)).To(BeFalse())
+	})
+
+	It("treats an empty BootPolicy as NetworkBootOnce", func() {
+		claim.Spec.BootPolicy = ""
+		bootConfig.Status.Conditions = []metav1.Condition{
+			{
+				Type:   "IgnitionDataFetched",
+				Status: metav1.ConditionTrue,
+			},
+		}
+		Expect(shouldPXEBootServer(claim, bootConfig, firstBootConditions)).To(BeFalse())
+	})
+
+	It("returns true for NetworkBootOnce when no first-boot conditions match", func() {
+		bootConfig.Status.Conditions = []metav1.Condition{
+			{
+				Type:   "FooBarFetched",
+				Status: metav1.ConditionTrue,
+			},
+		}
+		Expect(shouldPXEBootServer(claim, bootConfig, firstBootConditions)).To(BeTrue())
+	})
+
+	It("returns true for NetworkBootOnce when first-boot conditions are not true", func() {
+		bootConfig.Status.Conditions = []metav1.Condition{
+			{
+				Type:   "IPXEScriptFetched",
+				Status: metav1.ConditionFalse,
+			},
+		}
+		Expect(shouldPXEBootServer(claim, bootConfig, firstBootConditions)).To(BeTrue())
+	})
+
+	It("returns true for NetworkBootOnce when no boot config is provided", func() {
+		Expect(shouldPXEBootServer(claim, nil, firstBootConditions)).To(BeTrue())
+	})
+
+	It("returns false for BootPolicyNone", func() {
+		claim.Spec.BootPolicy = metalv1alpha1.BootPolicyNone
+		Expect(shouldPXEBootServer(claim, bootConfig, firstBootConditions)).To(BeFalse())
+	})
+})
+
 func deleteRegistrySystemIfExists(systemUUID string) {
 	response, err := http.Get(registryURL + "/systems/" + systemUUID)
 	if err != nil {