add support for dynamic dedicated host allocation

Co-authored-by: Jim Zimmerman <[email protected]>

Author: rvanderp3

api/v1beta1/conversion.go

@@ -103,3 +103,8 @@ func Convert_v1beta2_S3Bucket_To_v1beta1_S3Bucket(in *v1beta2.S3Bucket, out *S3B
 func Convert_v1beta2_Ignition_To_v1beta1_Ignition(in *v1beta2.Ignition, out *Ignition, s conversion.Scope) error {
 	return autoConvert_v1beta2_Ignition_To_v1beta1_Ignition(in, out, s)
 }
+
+func Convert_v1beta2_AWSMachineStatus_To_v1beta1_AWSMachineStatus(in *v1beta2.AWSMachineStatus, out *AWSMachineStatus, s conversion.Scope) error {
+	// Note: AllocatedHostID is not present in v1beta1, so it will be dropped during conversion
+	return autoConvert_v1beta2_AWSMachineStatus_To_v1beta1_AWSMachineStatus(in, out, s)
+}

api/v1beta1/zz_generated.conversion.go

@@ -41,6 +41,19 @@ const (
 	DefaultMachinePoolIgnitionStorageType = IgnitionStorageTypeOptionUnencryptedUserData
 )
 
+// DynamicHostReleaseStrategy defines the strategy for releasing a dynamically allocated dedicated host.
+// It determines when the dedicated host associated with an AWSMachine should be released, such as
+// automatically upon machine deletion or only when manually triggered.
+type DynamicHostReleaseStrategy string
+
+const (
+	// DedicatedHostReleaseStrategyOnMachineDeletion means the dedicated host will be released when the machine is deleted.
+	DedicatedHostReleaseStrategyOnMachineDeletion = DynamicHostReleaseStrategy("on-machine-deletion")
+
+	// DedicatedHostReleaseStrategyManual means the dedicated host will be released manually by the user.
+	DedicatedHostReleaseStrategyManual = DynamicHostReleaseStrategy("manual")
+)
+
 // SecretBackend defines variants for backend secret storage.
 type SecretBackend string
 
@@ -235,17 +248,25 @@ type AWSMachineSpec struct {
 	MarketType MarketType `json:"marketType,omitempty"`
 
 	// HostID specifies the Dedicated Host on which the instance must be started.
+	// This field is mutually exclusive with DynamicHostAllocation.
+	// +kubebuilder:validation:Pattern=`^h-[0-9a-f]{17}$`
 	// +optional
 	HostID *string `json:"hostID,omitempty"`
 
 	// HostAffinity specifies the dedicated host affinity setting for the instance.
-	// When hostAffinity is set to host, an instance started onto a specific host always restarts on the same host if stopped.
-	// When hostAffinity is set to default, and you stop and restart the instance, it can be restarted on any available host.
+	// When HostAffinity is set to host, an instance started onto a specific host always restarts on the same host if stopped.
+	// When HostAffinity is set to default, and you stop and restart the instance, it can be restarted on any available host.
 	// When HostAffinity is defined, HostID is required.
 	// +optional
 	// +kubebuilder:validation:Enum:=default;host
+	// +kubebuilder:default=default
 	HostAffinity *string `json:"hostAffinity,omitempty"`
 
+	// DynamicHostAllocation enables automatic allocation of a single dedicated host.
+	// This field is mutually exclusive with HostID and always allocates exactly one host.
+	// +optional
+	DynamicHostAllocation *DynamicHostAllocationSpec `json:"dynamicHostAllocation,omitempty"`
+
 	// CapacityReservationPreference specifies the preference for use of Capacity Reservations by the instance. Valid values include:
 	// "Open": The instance may make use of open Capacity Reservations that match its AZ and InstanceType
 	// "None": The instance may not make use of any Capacity Reservations. This is to conserve open reservations for desired workloads
@@ -255,6 +276,21 @@ type AWSMachineSpec struct {
 	CapacityReservationPreference CapacityReservationPreference `json:"capacityReservationPreference,omitempty"`
 }
 
+// DynamicHostAllocationSpec defines the configuration for dynamic dedicated host allocation.
+// This specification always allocates exactly one dedicated host per machine.
+type DynamicHostAllocationSpec struct {
+	// AutoRelease determines whether to automatically release the dedicated host
+	// when the machine is deleted.
+	// +kubebuilder:default=on-machine-deletion
+	// +kubebuilder:validation:Enum:=on-machine-deletion;manual
+	// +optional
+	Release DynamicHostReleaseStrategy `json:"release,omitempty"`
+
+	// Tags to apply to the allocated dedicated host.
+	// +optional
+	Tags map[string]string `json:"tags,omitempty"`
+}
+
 // CloudInit defines options related to the bootstrapping systems where
 // CloudInit is used.
 type CloudInit struct {
@@ -432,6 +468,26 @@ type AWSMachineStatus struct {
 	// Conditions defines current service state of the AWSMachine.
 	// +optional
 	Conditions clusterv1.Conditions `json:"conditions,omitempty"`
+
+	// AllocatedHostID tracks the dynamically allocated dedicated host ID.
+	// This field is populated when DynamicHostAllocation is used.
+	// +optional
+	AllocatedHostID *string `json:"allocatedHostID,omitempty"`
+
+	// HostReleaseAttempts tracks the number of attempts to release the dedicated host.
+	// This field is used for implementing retry logic when host release fails.
+	// +optional
+	HostReleaseAttempts *int32 `json:"hostReleaseAttempts,omitempty"`
+
+	// LastHostReleaseAttempt tracks the timestamp of the last attempt to release the dedicated host.
+	// This field is used for implementing retry logic with backoff.
+	// +optional
+	LastHostReleaseAttempt *metav1.Time `json:"lastHostReleaseAttempt,omitempty"`
+
+	// HostReleaseFailedReason tracks the reason for the last host release failure.
+	// This field is used for debugging and implementing retry logic.
+	// +optional
+	HostReleaseFailedReason *string `json:"hostReleaseFailedReason,omitempty"`
 }
 
 // +kubebuilder:object:root=true

api/v1beta2/awsmachine_types.go

@@ -80,6 +80,7 @@ func (*awsMachineWebhook) ValidateCreate(_ context.Context, obj runtime.Object)
 	allErrs = append(allErrs, r.validateNetworkElasticIPPool()...)
 	allErrs = append(allErrs, r.validateInstanceMarketType()...)
 	allErrs = append(allErrs, r.validateCapacityReservation()...)
+	allErrs = append(allErrs, r.validateHostAllocation()...)
 
 	return nil, aggregateObjErrors(r.GroupVersionKind().GroupKind(), r.Name, allErrs)
 }
@@ -110,6 +111,7 @@ func (*awsMachineWebhook) ValidateUpdate(ctx context.Context, oldObj, newObj run
 	allErrs = append(allErrs, r.validateAdditionalSecurityGroups()...)
 	allErrs = append(allErrs, r.Spec.AdditionalTags.Validate()...)
 	allErrs = append(allErrs, r.validateHostAffinity()...)
+	allErrs = append(allErrs, r.validateHostAllocation()...)
 
 	newAWSMachineSpec := newAWSMachine["spec"].(map[string]interface{})
 	oldAWSMachineSpec := oldAWSMachine["spec"].(map[string]interface{})
@@ -477,6 +479,20 @@ func (r *AWSMachine) validateHostAffinity() field.ErrorList {
 	return allErrs
 }
 
+func (r *AWSMachine) validateHostAllocation() field.ErrorList {
+	var allErrs field.ErrorList
+
+	// Check if both hostID and dynamicHostAllocation are specified
+	hasHostID := r.Spec.HostID != nil && len(*r.Spec.HostID) > 0
+	hasDynamicHostAllocation := r.Spec.DynamicHostAllocation != nil
+
+	if hasHostID && hasDynamicHostAllocation {
+		allErrs = append(allErrs, field.Forbidden(field.NewPath("spec.hostID"), "hostID and dynamicHostAllocation are mutually exclusive"), field.Forbidden(field.NewPath("spec.dynamicHostAllocation"), "hostID and dynamicHostAllocation are mutually exclusive"))
+	}
+
+	return allErrs
+}
+
 func (r *AWSMachine) validateSSHKeyName() field.ErrorList {
 	return validateSSHKeyName(r.Spec.SSHKeyName)
 }

api/v1beta2/awsmachine_webhook.go

@@ -543,6 +543,47 @@ func TestAWSMachineCreate(t *testing.T) {
 			},
 			wantErr: true,
 		},
+		{
+			name: "hostID and dynamicHostAllocation are mutually exclusive",
+			machine: &AWSMachine{
+				Spec: AWSMachineSpec{
+					InstanceType: "test",
+					HostID:       aws.String("h-1234567890abcdef0"),
+					DynamicHostAllocation: &DynamicHostAllocationSpec{
+						Release: DedicatedHostReleaseStrategyOnMachineDeletion,
+						Tags: map[string]string{
+							"Environment": "test",
+						},
+					},
+				},
+			},
+			wantErr: true,
+		},
+		{
+			name: "hostID alone is valid",
+			machine: &AWSMachine{
+				Spec: AWSMachineSpec{
+					InstanceType: "test",
+					HostID:       aws.String("h-1234567890abcdef0"),
+				},
+			},
+			wantErr: false,
+		},
+		{
+			name: "dynamicHostAllocation alone is valid",
+			machine: &AWSMachine{
+				Spec: AWSMachineSpec{
+					InstanceType: "test",
+					DynamicHostAllocation: &DynamicHostAllocationSpec{
+						Release: DedicatedHostReleaseStrategyOnMachineDeletion,
+						Tags: map[string]string{
+							"Environment": "test",
+						},
+					},
+				},
+			},
+			wantErr: false,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {

api/v1beta2/awsmachine_webhook_test.go

@@ -172,6 +172,22 @@ func (r *AWSMachineTemplate) validateIgnitionAndCloudInit() field.ErrorList {
 
 	return allErrs
 }
+func (r *AWSMachineTemplate) validateHostAllocation() field.ErrorList {
+	var allErrs field.ErrorList
+
+	spec := r.Spec.Template.Spec
+
+	// Check if both hostID and dynamicHostAllocation are specified
+	hasHostID := spec.HostID != nil && len(*spec.HostID) > 0
+	hasDynamicHostAllocation := spec.DynamicHostAllocation != nil
+
+	if hasHostID && hasDynamicHostAllocation {
+		allErrs = append(allErrs, field.Forbidden(field.NewPath("spec.template.spec.hostID"), "hostID and dynamicHostAllocation are mutually exclusive"), field.Forbidden(field.NewPath("spec.template.spec.dynamicHostAllocation"), "hostID and dynamicHostAllocation are mutually exclusive"))
+	}
+
+	return allErrs
+}
+
 func (r *AWSMachineTemplate) validateSSHKeyName() field.ErrorList {
 	return validateSSHKeyName(r.Spec.Template.Spec.SSHKeyName)
 }
@@ -205,6 +221,7 @@ func (r *AWSMachineTemplateWebhook) ValidateCreate(_ context.Context, raw runtim
 	allErrs = append(allErrs, obj.validateSSHKeyName()...)
 	allErrs = append(allErrs, obj.validateAdditionalSecurityGroups()...)
 	allErrs = append(allErrs, obj.Spec.Template.Spec.AdditionalTags.Validate()...)
+	allErrs = append(allErrs, obj.validateHostAllocation()...)
 
 	return nil, aggregateObjErrors(obj.GroupVersionKind().GroupKind(), obj.Name, allErrs)
 }

api/v1beta2/awsmachinetemplate_webhook.go

@@ -80,6 +80,27 @@ func TestAWSMachineTemplateValidateCreate(t *testing.T) {
 			},
 			wantError: false,
 		},
+		{
+			name: "hostID and dynamicHostAllocation are mutually exclusive",
+			inputTemplate: &AWSMachineTemplate{
+				ObjectMeta: metav1.ObjectMeta{},
+				Spec: AWSMachineTemplateSpec{
+					Template: AWSMachineTemplateResource{
+						Spec: AWSMachineSpec{
+							InstanceType: "test",
+							HostID:       aws.String("h-1234567890abcdef0"),
+							DynamicHostAllocation: &DynamicHostAllocationSpec{
+								Release: DedicatedHostReleaseStrategyOnMachineDeletion,
+								Tags: map[string]string{
+									"Environment": "test",
+								},
+							},
+						},
+					},
+				},
+			},
+			wantError: true,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {

api/v1beta2/awsmachinetemplate_webhook_test.go

@@ -146,6 +146,10 @@ const (
 	// InstanceReadyCondition reports on current status of the EC2 instance. Ready indicates the instance is in a Running state.
 	InstanceReadyCondition clusterv1.ConditionType = "InstanceReady"
 
+	// DedicatedHostReleaseCondition reports on the status of dedicated host release operations.
+	// This condition tracks whether the dedicated host has been successfully released or if there are failures.
+	DedicatedHostReleaseCondition clusterv1.ConditionType = "DedicatedHostRelease"
+
 	// InstanceNotFoundReason used when the instance couldn't be retrieved.
 	InstanceNotFoundReason = "InstanceNotFound"
 	// InstanceTerminatedReason instance is in a terminated state.
@@ -191,4 +195,13 @@ const (
 
 	// S3BucketFailedReason is used when any errors occur during reconciliation of an S3 bucket.
 	S3BucketFailedReason = "S3BucketCreationFailed"
+
+	// DedicatedHostReleaseSucceededReason used when the dedicated host is successfully released.
+	DedicatedHostReleaseSucceededReason = "DedicatedHostReleaseSucceeded"
+
+	// DedicatedHostReleaseFailedReason used when the dedicated host release fails.
+	DedicatedHostReleaseFailedReason = "DedicatedHostReleaseFailed"
+
+	// DedicatedHostReleaseRetryingReason used when the dedicated host release is being retried.
+	DedicatedHostReleaseRetryingReason = "DedicatedHostReleaseRetrying"
 )

api/v1beta2/conditions_consts.go

@@ -286,6 +286,11 @@ type Instance struct {
 	// +optional
 	HostID *string `json:"hostID,omitempty"`
 
+	// DynamicHostAllocation enables automatic allocation of dedicated hosts.
+	// This field is mutually exclusive with HostID.
+	// +optional
+	DynamicHostAllocation *DynamicHostAllocationSpec `json:"dynamicHostAllocation,omitempty"`
+
 	// CapacityReservationPreference specifies the preference for use of Capacity Reservations by the instance. Valid values include:
 	// "Open": The instance may make use of open Capacity Reservations that match its AZ and InstanceType
 	// "None": The instance may not make use of any Capacity Reservations. This is to conserve open reservations for desired workloads
@@ -311,6 +316,33 @@ const (
 	CapacityReservationPreferenceOpen CapacityReservationPreference = "Open"
 )
 
+// DedicatedHostInfo contains information about a dedicated host.
+type DedicatedHostInfo struct {
+	// HostID is the ID of the dedicated host.
+	HostID string `json:"hostID"`
+
+	// InstanceFamily is the instance family supported by the host.
+	InstanceFamily string `json:"instanceFamily"`
+
+	// InstanceType is the instance type supported by the host.
+	InstanceType string `json:"instanceType"`
+
+	// AvailabilityZone is the AZ where the host is located.
+	AvailabilityZone string `json:"availabilityZone"`
+
+	// State is the current state of the dedicated host.
+	State string `json:"state"`
+
+	// TotalCapacity is the total number of instances that can be launched on the host.
+	TotalCapacity int32 `json:"totalCapacity"`
+
+	// AvailableCapacity is the number of instances that can still be launched on the host.
+	AvailableCapacity int32 `json:"availableCapacity"`
+
+	// Tags associated with the dedicated host.
+	Tags map[string]string `json:"tags,omitempty"`
+}
+
 // MarketType describes the market type of an Instance
 // +kubebuilder:validation:Enum:=OnDemand;Spot;CapacityBlock
 type MarketType string