linode · komer3 · Jul 10, 2025 · Jul 2, 2025 · Jul 9, 2025 · Jul 9, 2025
diff --git a/api/v1alpha2/linodevpc_types.go b/api/v1alpha2/linodevpc_types.go
@@ -38,6 +38,14 @@ type LinodeVPCSpec struct {
 	// +optional
 	Subnets []VPCSubnetCreateOptions `json:"subnets,omitempty"`
 
+	// Retain allows you to keep the VPC after the LinodeVPC object is deleted.
+	// This is useful if you want to use an existing VPC that was not created by this controller.
+	// If set to true, the controller will not delete the VPC resource in Linode.
+	// Defaults to false.
+	// +optional
+	// +kubebuilder:default=false
+	Retain bool `json:"retain,omitempty"`
+
 	// CredentialsRef is a reference to a Secret that contains the credentials to use for provisioning this VPC. If not
 	// supplied then the credentials of the controller will be used.
 	// +optional
@@ -55,6 +63,11 @@ type VPCSubnetCreateOptions struct {
 	// SubnetID is subnet id for the subnet
 	// +optional
 	SubnetID int `json:"subnetID,omitempty"`
+	// Retain allows you to keep the Subnet after the LinodeVPC object is deleted.
+	// This is only applicable when the parent VPC has RetainVPC set to true.
+	// +optional
+	// +kubebuilder:default=false
+	Retain bool `json:"retain,omitempty"`
 }
 
 // LinodeVPCStatus defines the observed state of LinodeVPC

diff --git a/clients/clients.go b/clients/clients.go
@@ -63,6 +63,8 @@ type LinodeVPCClient interface {
 	ListVPCs(ctx context.Context, opts *linodego.ListOptions) ([]linodego.VPC, error)
 	CreateVPC(ctx context.Context, opts linodego.VPCCreateOptions) (*linodego.VPC, error)
 	DeleteVPC(ctx context.Context, vpcID int) error
+	CreateVPCSubnet(ctx context.Context, opts linodego.VPCSubnetCreateOptions, vpcID int) (*linodego.VPCSubnet, error)
+	DeleteVPCSubnet(ctx context.Context, vpcID, subnetID int) error
 }
 
 // LinodeNodeBalancerClient defines the methods that interact with Linode's Node Balancer service.

diff --git a/cmd/main.go b/cmd/main.go
@@ -295,9 +295,9 @@
 	// LinodeVPC Controller
 	if err := (&controller.LinodeVPCReconciler{
 		Client:             mgr.GetClient(),
-		Recorder:           mgr.GetEventRecorderFor("LinodeVPCReconciler"),
-		WatchFilterValue:   flags.clusterWatchFilter,
+		Recorder:           mgr.GetEventRecorderFor("linodevpc-controller"),
 		LinodeClientConfig: linodeClientConfig,
+		WatchFilterValue:   flags.clusterWatchFilter,
 	}).SetupWithManager(mgr, crcontroller.Options{MaxConcurrentReconciles: flags.linodeVPCConcurrency}); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "LinodeVPC")
 		os.Exit(1)

diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_linodevpcs.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_linodevpcs.yaml
@@ -72,6 +72,14 @@ spec:
                 x-kubernetes-validations:
                 - message: Value is immutable
                   rule: self == oldSelf
+              retain:
+                default: false
+                description: |-
+                  Retain allows you to keep the VPC after the LinodeVPC object is deleted.
+                  This is useful if you want to use an existing VPC that was not created by this controller.
+                  If set to true, the controller will not delete the VPC resource in Linode.
+                  Defaults to false.
+                type: boolean
               subnets:
                 items:
                   description: VPCSubnetCreateOptions defines subnet options
@@ -82,6 +90,12 @@ spec:
                       maxLength: 63
                       minLength: 3
                       type: string
+                    retain:
+                      default: false
+                      description: |-
+                        Retain allows you to keep the Subnet after the LinodeVPC object is deleted.
+                        This is only applicable when the parent VPC has RetainVPC set to true.
+                      type: boolean
                     subnetID:
                       description: SubnetID is subnet id for the subnet
                       type: integer

diff --git a/docs/src/reference/out.md b/docs/src/reference/out.md
@@ -1079,6 +1079,7 @@ _Appears in:_
 | `description` _string_ |  |  |  |
 | `region` _string_ |  |  |  |
 | `subnets` _[VPCSubnetCreateOptions](#vpcsubnetcreateoptions) array_ |  |  |  |
+| `retain` _boolean_ | Retain allows you to keep the VPC after the LinodeVPC object is deleted.<br />This is useful if you want to use an existing VPC that was not created by this controller.<br />If set to true, the controller will not delete the VPC resource in Linode.<br />Defaults to false. | false |  |
 | `credentialsRef` _[SecretReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#secretreference-v1-core)_ | CredentialsRef is a reference to a Secret that contains the credentials to use for provisioning this VPC. If not<br />supplied then the credentials of the controller will be used. |  |  |
 
 
@@ -1237,5 +1238,6 @@ _Appears in:_
 | `label` _string_ |  |  | MaxLength: 63 <br />MinLength: 3 <br /> |
 | `ipv4` _string_ |  |  |  |
 | `subnetID` _integer_ | SubnetID is subnet id for the subnet |  |  |
+| `retain` _boolean_ | Retain allows you to keep the Subnet after the LinodeVPC object is deleted.<br />This is only applicable when the parent VPC has RetainVPC set to true. | false |  |
 
 
diff --git a/docs/src/topics/vpc.md b/docs/src/topics/vpc.md
@@ -61,6 +61,38 @@ spec:
 
 Reference to LinodeVPC object is added to LinodeCluster object which then uses the specified VPC to provision resources.
 
+## Lifecycle Management and Adopting Existing VPCs
+
+The provider offers flexible lifecycle management, allowing you to adopt existing VPCs and control whether resources are deleted when their corresponding Kubernetes objects are removed.
+
+### Adopting an Existing VPC
+You can instruct the controller to use a pre-existing VPC by specifying its ID in the `LinodeVPCSpec`. The controller will "adopt" this VPC and manage its subnets without creating a new one.
+
+```yaml
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1alpha2
+kind: LinodeVPC
+metadata:
+  name: my-adopted-vpc
+spec:
+  vpcID: 12345
+  region: us-sea
+  # subnets can be defined and will be created within the adopted VPC
+  subnets:
+    - label: my-new-subnet-in-adopted-vpc
+      ipv4: 10.0.3.0/24
+```
+
+### Retaining Resources on Deletion
+By default, the controller deletes VPCs and subnets from your Linode account when you delete the `LinodeVPC` Kubernetes object. You can prevent this using the `retain` flag.
+
+- **`spec.retain`**: When set to `true` on the `LinodeVPC`, the VPC itself will not be deleted from Linode. This is the default and recommended behavior when adopting an existing VPC.
+- **`spec.subnets[].retain`**: When the parent VPC is retained, you can use this flag to control individual subnets. If `retain` is `false` (the default), the subnet will be deleted.
+
+```admonish warning title="Safety Check for Attached Linodes"
+The controller includes a critical safety feature: it will **not** delete a subnet if it has any active Linode instances attached to it. The operation will be paused and retried, preventing resource orphaning.
+```
+
 ### Additional Configuration
 By default, the VPC will use the subnet with the `default` label for deploying clusters. To modify this behavior, set the `SUBNET_NAME` environment variable to match the label of the subnet to be used. Make sure the subnet is set up in the LinodeVPC manifest.
 
@@ -111,3 +143,5 @@ CIDR returned in the output of above command should match with the pod CIDR pres
 
 ### Running cilium connectivity tests
 One can also run cilium connectivity tests to make sure networking works fine within VPC. Follow the steps defined in [cilium e2e tests](https://docs.cilium.io/en/stable/contributing/testing/e2e/) guide to install cilium binary, set the KUBECONFIG variable and then run `cilium connectivity tests`.
+
+```