feat: deploy AWS Load Balancer controller in EKS clusters (#1341)

**What problem does this PR solve?**:
Add support for deploying
https://kubernetes-sigs.github.io/aws-load-balancer-controller/latest/.
While we work on finalizing the API, the handler will always deploy the
controller in EKS clusters.

**Which issue(s) this PR fixes**:
Fixes #

**How Has This Been Tested?**:
<!--
Please describe the tests that you ran to verify your changes.
Provide output from the tests and any manual steps needed to replicate
the tests.
-->
Deployed a Deployment and Service
```
$ kubectl get svc
NAME                                                      TYPE           CLUSTER-IP     EXTERNAL-IP                                                                   PORT(S)        AGE
cluster-autoscaler-0199bac8-d50f-7889-bbd8-fab1f853bd7c   ClusterIP      172.20.53.99   <none>                                                                        8085/TCP       22m
kubernetes                                                ClusterIP      172.20.0.1     <none>                                                                        443/TCP        24m
test-app                                                  LoadBalancer   172.20.90.40   k8s-default-testapp-038ab69da9-08a89fe0eeadfd48.elb.us-west-2.amazonaws.com   80:30577/TCP   3m50s

$ curl http://k8s-default-testapp-038ab69da9-08a89fe0eeadfd48.elb.us-west-2.amazonaws.com
NOW: 2025-10-06 19:01:55.459707791 +0000 UTC m=+234.997554945
```

```
apiVersion: apps/v1
kind: Deployment
metadata:
  name: test-app
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: test-app
  template:
    metadata:
      labels:
        app: test-app
    spec:
      containers:
      - name: test-app
        image: k8s.gcr.io/e2e-test-images/agnhost:2.33
        args:
        - netexec
        - --http-port=8080
        ports:
        - name: http
          containerPort: 8080
---
apiVersion: v1
kind: Service
metadata:
  name: test-app
  namespace: default
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-scheme: internal
spec:
  type: LoadBalancer
  selector:
    app: test-app
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: 8080
  loadBalancerClass: service.k8s.aws/nlb
```

**Special notes for your reviewer**:
<!--
Use this to provide any additional information to the reviewers.
This may include:
- Best way to review the PR.
- Where the author wants the most review attention on.
- etc.
-->

Author: dkoshkin

api/v1alpha1/addon_types.go

@@ -29,6 +29,8 @@ const (
 
 	RegistryProviderCNCFDistribution = "CNCF Distribution"
 
+	IngressProviderAWSLoadBalancerController = "aws-lb-controller"
+
 	AddonStrategyClusterResourceSet AddonStrategy = "ClusterResourceSet"
 	AddonStrategyHelmAddon          AddonStrategy = "HelmAddon"
 
@@ -65,6 +67,9 @@ type AWSAddons struct {
 
 	// +kubebuilder:validation:Optional
 	CSI *AWSCSI `json:"csi,omitempty"`
+
+	// +kubebuilder:validation:Optional
+	Ingress *Ingress `json:"ingress,omitempty"`
 }
 
 type DockerAddons struct {
@@ -359,3 +364,10 @@ type RegistryAddon struct {
 	// +kubebuilder:validation:Enum="CNCF Distribution"
 	Provider string `json:"provider"`
 }
+
+type Ingress struct {
+	// The Ingress provider to deploy.
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:Enum="aws-lb-controller"
+	Provider string `json:"provider"`
+}

api/v1alpha1/crds/caren.nutanix.com_awsclusterconfigs.yaml

@@ -226,6 +226,16 @@ spec:
                         - defaultStorage
                         - providers
                       type: object
+                    ingress:
+                      properties:
+                        provider:
+                          description: The Ingress provider to deploy.
+                          enum:
+                            - aws-lb-controller
+                          type: string
+                      required:
+                        - provider
+                      type: object
                     nfd:
                       description: NFD tells us to enable or disable the node feature discovery addon.
                       properties:

api/v1alpha1/crds/caren.nutanix.com_eksclusterconfigs.yaml

@@ -228,6 +228,16 @@ spec:
                         - defaultStorage
                         - providers
                       type: object
+                    ingress:
+                      properties:
+                        provider:
+                          description: The Ingress provider to deploy.
+                          enum:
+                            - aws-lb-controller
+                          type: string
+                      required:
+                        - provider
+                      type: object
                     nfd:
                       description: NFD tells us to enable or disable the node feature discovery addon.
                       properties:

api/v1alpha1/zz_generated.deepcopy.go

@@ -66,6 +66,8 @@ type Addons struct {
 	CSI *CSI `json:"csi,omitempty"`
 
 	COSI *COSI `json:"cosi,omitempty"`
+
+	Ingress *Ingress `json:"ingress,omitempty"`
 }
 
 type CSI struct {
@@ -77,3 +79,7 @@ type CSI struct {
 type COSI struct {
 	carenv1.GenericCOSI `json:",inline"`
 }
+
+type Ingress struct {
+	carenv1.Ingress `json:",inline"`
+}

api/variables/aggregate_types.go

@@ -88,6 +88,8 @@ A Helm chart for cluster-api-runtime-extensions-nutanix
 | hooks.csi.nutanix.helmAddonStrategy.defaultValueTemplateConfigMap.name | string | `"default-nutanix-csi-helm-values-template"` |  |
 | hooks.csi.snapshot-controller.helmAddonStrategy.defaultValueTemplateConfigMap.create | bool | `true` |  |
 | hooks.csi.snapshot-controller.helmAddonStrategy.defaultValueTemplateConfigMap.name | string | `"default-snapshot-controller-helm-values-template"` |  |
+| hooks.ingress.awsLoadBalancerController.defaultValueTemplateConfigMap.create | bool | `true` |  |
+| hooks.ingress.awsLoadBalancerController.defaultValueTemplateConfigMap.name | string | `"default-aws-load-balancer-controller-helm-values-template"` |  |
 | hooks.nfd.crsStrategy.defaultInstallationConfigMap.name | string | `"node-feature-discovery"` |  |
 | hooks.nfd.helmAddonStrategy.defaultValueTemplateConfigMap.create | bool | `true` |  |
 | hooks.nfd.helmAddonStrategy.defaultValueTemplateConfigMap.name | string | `"default-nfd-helm-values-template"` |  |

charts/cluster-api-runtime-extensions-nutanix/README.md

@@ -0,0 +1,11 @@
+# The clusterName refers the kubernetes.io/cluster/ tag on AWS resources.
+# For EKS clusters, the name will be based on the cluster's namespace + a random suffix.
+# For AWS clusters, the name will just be based on the cluster name.
+{{- $capiProvider := index .Cluster.metadata.labels "cluster.x-k8s.io/provider" }}
+{{- if eq $capiProvider "eks" }}
+clusterName: "{{ .ControlPlane.spec.eksClusterName }}"
+{{- else }}
+clusterName: "{{ .Cluster.metadata.name }}"
+{{- end }}
+# Set this value to avoid stutter in the resource names.
+fullnameOverride: aws-load-balancer-controller

charts/cluster-api-runtime-extensions-nutanix/addons/aws-load-balancer-controller/values-template.yaml

@@ -0,0 +1,12 @@
+# Copyright 2025 Nutanix. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+{{- if .Values.hooks.ingress.awsLoadBalancerController.defaultValueTemplateConfigMap.create }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: '{{ .Values.hooks.ingress.awsLoadBalancerController.defaultValueTemplateConfigMap.name }}'
+data:
+  values.yaml: |-
+    {{- .Files.Get "addons/aws-load-balancer-controller/values-template.yaml" | nindent 4 }}
+{{- end -}}

charts/cluster-api-runtime-extensions-nutanix/templates/addons/aws-load-balancer-controller/helm-addon-installation.yaml

@@ -15,6 +15,10 @@ data:
     ChartName: aws-ebs-csi-driver
     ChartVersion: 2.51.0
     RepositoryURL: '{{ if .Values.helmRepository.enabled }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://kubernetes-sigs.github.io/aws-ebs-csi-driver{{ end }}'
+  aws-load-balancer-controller: |
+    ChartName: aws-load-balancer-controller
+    ChartVersion: 1.13.4
+    RepositoryURL: '{{ if .Values.helmRepository.enabled }}oci://helm-repository.{{ .Release.Namespace }}.svc/charts{{ else }}https://aws.github.io/eks-charts{{ end }}'
   cilium: |
     ChartName: cilium
     ChartVersion: 1.18.2

charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml

@@ -499,6 +499,27 @@
                         }
                     }
                 },
+                "ingress": {
+                    "type": "object",
+                    "properties": {
+                        "awsLoadBalancerController": {
+                            "type": "object",
+                            "properties": {
+                                "defaultValueTemplateConfigMap": {
+                                    "type": "object",
+                                    "properties": {
+                                        "create": {
+                                            "type": "boolean"
+                                        },
+                                        "name": {
+                                            "type": "string"
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                },
                 "nfd": {
                     "type": "object",
                     "properties": {