feat: add support for gke clusterclass #1442
Merged
+4,021
−310
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Skipping CI for Draft Pull Request. |
k8s-ci-robot
added
do-not-merge/work-in-progress
k8s-ci-robot
added
the
size/XXL
✅ Deploy Preview for kubernetes-sigs-cluster-api-gcp ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
salasberryfin
force-pushed
the
gke-clusterclass-support
branch
3 times, most recently
from
29808fb to
93c4e3d
Compare
salasberryfin
changed the title
k8s-ci-robot
added
release-note
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
salasberryfin
force-pushed
the
gke-clusterclass-support
branch
6 times, most recently
from
833f5a4 to
8def4a9
Compare
salasberryfin
changed the title
k8s-ci-robot
added
the
do-not-merge/work-in-progress
salasberryfin
force-pushed
the
gke-clusterclass-support
branch
3 times, most recently
from
7856476 to
36977fa
Compare
salasberryfin
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
/retest |
salasberryfin
changed the title
k8s-ci-robot
added
the
do-not-merge/work-in-progress
salasberryfin
force-pushed
the
gke-clusterclass-support
branch
from
1ebac57 to
3cc41e5
Compare
|
/retest |
1 similar comment
|
/retest |
salasberryfin
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
alexander-demicev
approved these changes
Jul 30, 2025
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alexander-demicev, salasberryfin The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/remove-lifecycle-stale |
|
/hold |
k8s-ci-robot
added
the
do-not-merge/hold
salasberryfin
force-pushed
the
gke-clusterclass-support
branch
from
3cc41e5 to
04bf0da
Compare
k8s-ci-robot
removed
the
lgtm
|
/retest |
salasberryfin
force-pushed
the
gke-clusterclass-support
branch
from
04bf0da to
7211e08
Compare
Signed-off-by: Carlos Salas <[email protected]>
Signed-off-by: Carlos Salas <[email protected]>
salasberryfin
force-pushed
the
gke-clusterclass-support
branch
from
15e4c60 to
c11ca9e
Compare
Signed-off-by: Carlos Salas <[email protected]>
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
/unhold |
k8s-ci-robot
removed
the
do-not-merge/hold
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind feature
What this PR does / why we need it:
This PR adds support for managed clusters (GKE) provisioning using ClusterClass, implementing the template types required to satisfy the CAPI contract.
New templates for GKE cluster provisioning via ClusterClass are added to
./templates:./templates/cluster-template-gke-clusterclass.yamland./templates/cluster-template-gke-topology.yaml./templates/cluster-template-gke-autopilot-clusterclass.yamland./templates/cluster-template-gke-autopilot-topologyI've tried these two templates with the current CAPI and CAPG and both clusters are provisioned successfully.
The CAPI contract for using ClusterClass requires that a bootstrap object is passed in the infrastructure definition, which is a problem when provisioning managed clusters, which do not need cluster bootstrapping. Other providers have used different alternatives to bypass this requirement: CAPZ does reference Kubeadm (which then creates a dependency on the provider) and CAPA implements its own version of a bootstrap provider for EKS. I think the simplest solution is to create a "semi-dummy"
GKEConfigcontroller that will report theReadystatus to core CAPI whenGKEMachinePoolsare available. This controller does not apply changes other than reporting the readiness of the cluster's infrastructure. When using GKE Autopilot there's no need to reference a bootstrap object as underlying infrastructure is completely managed by GCP, as can be seen in the new templates.Pending: adding e2e tests
Existing GKE E2E tests are not running because of issues with GCP permissions which we're trying to get fixed here. There is a separate PR to enable these tests on CI. Considering GKE is still an experimental feature of CAPG, I'd suggest we try to get this feature added and, in parallel, work on having E2E permissions fixed. Specially considering that this adds lots of lines of new code, having to keep this PR up to date for a long time may become quite complex.
Which issue(s) this PR fixes:
Fixes #1387
Special notes for your reviewer:
Changes affect the experimental GKE feature which hopefully helps with publishing changes in the API.
NOTE: After bumping to CAPI v1.10 this PR required a number of changes. Since some of these have already been applied in existing GKE (non-clusterclass) logic, there was some overlap of code and I've switched some methods to functions so that they can be reused across different resources (i.e.
GCPManagedMachinePoolandGCPManagedMachinePoolTemplatehave equivalentValidateUpdatelogic and it would not make sense to maintain separate code for each resource). Some of the changes also apply to using individual validation of fields in the specification, rather than doing bulk validation of multiple fields at the same time: this means the code is more verbose but I consider it is overall more clear and definitely makes it more reusable and scalable down the line.Follow-ups:
TODOs:
Release note: