feat: K3s controlplane and intel providers (#78)

Co-authored-by: girish <girish.gowdra@intel.com>

Author: togashidm

Makefile

@@ -14,6 +14,7 @@ VERSION_DEV_SUFFIX := ${GIT_HASH_SHORT}
 CLUSTERCTL_VERSION ?= v1.9.5
 KUBEADM_VERSION    ?= v1.9.0
 RKE2_VERSION       ?= v0.12.0
+K3s_VERSION        ?= v0.2.1
 DOCKER_INFRA_VERSION   ?= v1.8.5
 CLUSTERCTL := $(shell command -v clusterctl 2> /dev/null)
 
@@ -483,7 +484,8 @@ kind-create: ## Create a development kind cluster with CAPI enabled
 	fi
 	echo "Creating a Kind cluster with CAPI enabled..."
 	kind create cluster --name $(KIND_CLUSTER) --config $(KIND_CONFIG)
-	CLUSTER_TOPOLOGY=true clusterctl init --core cluster-api:${CLUSTERCTL_VERSION} --bootstrap kubeadm:${KUBEADM_VERSION},rke2:${RKE2_VERSION} --control-plane kubeadm:${KUBEADM_VERSION},rke2:${RKE2_VERSION} --infrastructure docker:${DOCKER_INFRA_VERSION}
+	@make setup-clusterctl-config	
+	CLUSTER_TOPOLOGY=true clusterctl init --core cluster-api:${CLUSTERCTL_VERSION} --bootstrap kubeadm:${KUBEADM_VERSION},rke2:${RKE2_VERSION},k3s:${K3s_VERSION} --control-plane kubeadm:${KUBEADM_VERSION},rke2:${RKE2_VERSION},k3s:${K3s_VERSION} --infrastructure docker:${DOCKER_INFRA_VERSION}
 
 .PHONY: kind-expose-cm
 kind-expose-cm: ## Expose the cluster manager service to the host
@@ -562,6 +564,19 @@ uninstall-cert-manager: ## Uninstall cert-manager using Helm.
 	helm uninstall cert-manager --namespace cert-manager
 	kubectl delete namespace cert-manager
 
+# Define variables for k3s provider URLs
+BOOTSTRAP_URL := https://github.com/k3s-io/cluster-api-k3s/releases/$(K3s_VERSION)/bootstrap-components.yaml
+CONTROL_PLANE_URL := https://github.com/k3s-io/cluster-api-k3s/releases/$(K3s_VERSION)/control-plane-components.yaml
+
+.PHONY: setup-clusterctl-config 
+setup-clusterctl-config: ## Create clusterctl.yaml config for k3s providers
+	@if [ -d "$$HOME/.config/cluster-api" ] && [ ! -w "$$HOME/.config/cluster-api" ]; then \
+		echo "Error: Directory $$HOME/.config/cluster-api exists but is not writable."; \
+		exit 1; \
+	fi
+	@mkdir -p "$$HOME/.config/cluster-api" || { echo "Error: Failed to create directory $$HOME/.config/cluster-api."; exit 1; }
+	@printf "providers:\n  - name: \"k3s\"\n    url: \"$(BOOTSTRAP_URL)\"\n    type: \"BootstrapProvider\"\n  - name: \"k3s\"\n    url: \"$(CONTROL_PLANE_URL)\"\n    type: \"ControlPlaneProvider\"" > "$$HOME/.config/cluster-api/clusterctl.yaml"
+
 .PHONY: clusterctl
 clusterctl: ## Download clusterctl binary
 ifndef CLUSTERCTL

VERSION

@@ -1 +1 @@
-2.1.3
+2.1.4-dev

cmd/template-controller/main.go

@@ -31,6 +31,8 @@ import (
 	// +kubebuilder:scaffold:imports
 
 	// Imports for CAPI resources
+	kthreesbootstrapv1beta2 "github.com/k3s-io/cluster-api-k3s/bootstrap/api/v1beta2"
+	kthreescpv1beta2 "github.com/k3s-io/cluster-api-k3s/controlplane/api/v1beta2"
 	intelv1alpha1 "github.com/open-edge-platform/cluster-api-provider-intel/api/v1alpha1"
 	rke2bootstrapv1beta1 "github.com/rancher/cluster-api-provider-rke2/bootstrap/api/v1beta1"
 	rke2cpv1beta1 "github.com/rancher/cluster-api-provider-rke2/controlplane/api/v1beta1"
@@ -51,31 +53,30 @@ func init() {
 	utilruntime.Must(clusterv1alpha1.AddToScheme(scheme))
 	// +kubebuilder:scaffold:scheme
 
-	// ---- DOCKER INFRASTRUCTURE PROVIDER  ----
-	// Add scheme for Docker infrastructure provider
-	utilruntime.Must(dockerv1beta1.AddToScheme(scheme))
-
-	// ---- INTEL INFRASTRUCTURE PROVIDER  ----
-	// Add scheme for Intel infrastructure provider
-	utilruntime.Must(intelv1alpha1.AddToScheme(scheme))
-
-	// ---- KUBEADM CONTROL PLANE PROVIDER ----
-	// Add scheme for Kubeadm bootstrap provider
-	utilruntime.Must(kubeadmbootstrapv1beta1.AddToScheme(scheme))
-
-	// Add scheme for Kubeadm control plane provider
-	utilruntime.Must(kubeadmcp.AddToScheme(scheme))
-
-	// ---- RKE2 CONTROL PLANE PROVIDER ----
-	// Add scheme for RKE2 bootstrap provider
-	utilruntime.Must(rke2bootstrapv1beta1.AddToScheme(scheme))
-
-	// Add scheme for RKE2 control plane provider
-	utilruntime.Must(rke2cpv1beta1.AddToScheme(scheme))
+	capiSchemeAdders := []func(*runtime.Scheme) error{
+		// Docker infrastructure provider
+		dockerv1beta1.AddToScheme,
+		// Intel infrastructure provider
+		intelv1alpha1.AddToScheme,
+		// Kubeadm bootstrap provider
+		kubeadmbootstrapv1beta1.AddToScheme,
+		// Kubeadm control plane provider
+		kubeadmcp.AddToScheme,
+		// RKE2 bootstrap provider
+		rke2bootstrapv1beta1.AddToScheme,
+		// RKE2 control plane provider
+		rke2cpv1beta1.AddToScheme,
+		// K3s bootstrap provider
+		kthreesbootstrapv1beta2.AddToScheme,
+		// K3s control plane provider
+		kthreescpv1beta2.AddToScheme,
+		// Cluster API core resources
+		capi.AddToScheme,
+	}
 
-	// ----  CAPI ----
-	// Add scheme for Cluster API core resources
-	utilruntime.Must(capi.AddToScheme(scheme))
+	for _, adder := range capiSchemeAdders {
+		utilruntime.Must(adder(scheme))
+	}
 }
 
 // version injected at build time

config/rbac/role.yaml

@@ -30,6 +30,8 @@ rules:
   resources:
   - kubeadmcontrolplanetemplates
   - rke2controlplanetemplates
+  - kthreescontrolplanes
+  - kthreescontrolplanetemplates  
   verbs:
   - create
   - delete

default-cluster-templates/baseline-k3s.json

@@ -7,7 +7,7 @@
   "infraprovidertype": "intel",
   "clusterconfiguration": {
     "kind": "KThreesControlPlaneTemplate",
-    "apiVersion": "controlplane.cluster.x-k8s.io/v1beta1",
+    "apiVersion": "controlplane.cluster.x-k8s.io/v1beta2",
     "metadata": {
       "labels": {
         "cpumanager": "true"
@@ -16,72 +16,42 @@
     "spec": {
       "template": {
         "spec": {
-          "files": [
-            {
-              "path": "/var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl",
-              "content": "version = 2\n\n[plugins.\\\"io.containerd.internal.v1.opt\\\"]\n  path = \\\"/var/lib/rancher/k3s/agent/containerd\\\"\n\n[plugins.\\\"io.containerd.grpc.v1.cri\\\"]\n  stream_server_address = \\\"127.0.0.1\\\"\n  stream_server_port = \\\"10010\\\"\n  enable_selinux = false\n  enable_unprivileged_ports = true\n  enable_unprivileged_icmp = true\n  sandbox_image = \\\"index.docker.io/rancher/mirrored-pause:3.6\\\"\n  disable_apparmor = true\n\n[plugins.\\\"io.containerd.grpc.v1.cri\\\".containerd]\n  snapshotter = \\\"overlayfs\\\"\n  disable_snapshot_annotations = true\n\n[plugins.\\\"io.containerd.grpc.v1.cri\\\".containerd.runtimes.runc]\n  runtime_type = \\\"io.containerd.runc.v2\\\"\n\n[plugins.\\\"io.containerd.grpc.v1.cri\\\".containerd.runtimes.runc.options]\n  SystemdCgroup = true\n\n[plugins.\\\"io.containerd.grpc.v1.cri\\\".registry]\n  config_path = \\\"/var/lib/rancher/k3s/agent/etc/containerd/certs.d\\\"\n\n[plugins.\\\"io.containerd.grpc.v1.cri\\\".containerd.runtimes.kata-qemu]\n  runtime_type = \\\"io.containerd.kata-qemu.v2\\\"\n  runtime_path = \\\"/opt/kata/bin/containerd-shim-kata-v2\\\"\n  privileged_without_host_devices = true\n  pod_annotations = [\\\"io.katacontainers.*\\\"]\n\n[plugins.\\\"io.containerd.grpc.v1.cri\\\".containerd.runtimes.kata-qemu.options]\n  ConfigPath = \\\"/opt/kata/share/defaults/kata-containers/configuration-qemu.toml\\\""
-            }
-          ],
-          "agentConfig": {
-            "kubelet": {
-              "extraArgs": [
+          "kthreesConfigSpec": {
+            "files": [
+              {}
+            ],
+            "agentConfig": {
+              "kubeletArgs": [
                 "--topology-manager-policy=best-effort",
                 "--cpu-manager-policy=static",
                 "--reserved-cpus=1",
                 "--max-pods=250",
                 "--tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
               ]
-            }
-          },
-          "preK3sCommands": [
-            "mkdir -p /etc/systemd/system/k3s-server.service.d",
-            "echo '[Service]\nEnvironmentFile=/etc/environment' > /etc/systemd/system/k3s-server.service.d/override.conf",
-            "make -p /var/lib/kubelet/static-pods",
-            "sed -i '/kubelet-arg:/a\\- pod-manifest-path=/var/lib/kubelet/static-pods' /etc/rancher/k3s/config.yaml"
-          ],
-          "postK3sCommands": [
-            "kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.29.3/manifests/calico.yaml"
-          ],
-          "privateRegistriesConfig": {},
-          "serverConfig": {
-            "cni": "calico",
-            "cniMultusEnable": true,
-            "disableComponents": {
-              "kubernetesComponents": [
-                "cloudController"
-              ]
             },
-            "kubeApiServer": {
-              "extraArgs": [
+            "preK3sCommands": [
+              "mkdir -p /etc/systemd/system/k3s-server.service.d",
+              "echo '[Service]\nEnvironmentFile=/etc/environment' > /etc/systemd/system/k3s-server.service.d/override.conf",
+              "mkdir -p /var/lib/kubelet/static-pods",
+              "sed -i '/kubelet-arg:/a\\- pod-manifest-path=/var/lib/kubelet/static-pods' /etc/rancher/k3s/config.yaml",
+              "sudo cp /var/lib/rancher/k3s/agent/pod-manifests/connect-agent.yaml /var/lib/kubelet/static-pods/connect-agent.yaml"
+            ],
+            "postK3sCommands": [
+              "kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.30.0/manifests/operator-crds.yaml",
+              "kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.30.0/manifests/tigera-operator.yaml",
+              "kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.30.0/manifests/custom-resources.yaml"
+            ],
+            "serverConfig": {
+              "kubeApiServerArg": [
                 "--feature-gates=PortForwardWebsockets=true",
                 "--tls-cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
-              ]
-            },
-            "kubeControllerManager": {
-              "extraArgs": null
-            },
-            "kubeScheduler": {
-              "extraArgs": null
+              ],
+              "kubeControllerManagerArgs": [],
+              "kubeSchedulerArgs": [],
+              "clusterDomain": "cluster.edge",
+              "disableCloudController": false
             },
-            "etcd": {
-              "exposeMetrics": false,
-              "backupConfig": {
-                "retention": "5",
-                "scheduleCron": "0 */5 * * *"
-              },
-              "customConfig": {
-                "extraArgs": [
-                  "cipher-suites=[TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384]"
-                ]
-              }
-            }
-          },
-          "nodeDrainTimeout": "2m",
-          "rolloutStrategy": {
-            "type": "RollingUpdate",
-            "rollingUpdate": {
-              "maxSurge": 1
-            }
+            "version": "v1.32.4+k3s1"
           }
         }
       }
@@ -102,4 +72,4 @@
   "cluster-labels": {
     "default-extension": "baseline"
   }
-}
+}

deployment/charts/cluster-manager/Chart.yaml

@@ -16,6 +16,6 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 2.1.3
-appVersion: 2.1.3
+version: 2.1.4-dev
+appVersion: 2.1.4-dev
 annotations: {}

deployment/charts/cluster-manager/templates/rbac.yaml

@@ -34,7 +34,7 @@ rules:
   resources: ["machines"]
   verbs: ["get", "list", "watch"]
 - apiGroups: ["controlplane.cluster.x-k8s.io"]
-  resources: ["kubeadmcontrolplanetemplates", "rke2controlplanetemplates"]
+  resources: ["kubeadmcontrolplanetemplates", "rke2controlplanetemplates","kthreescontrolplanetemplates","kthreescontrolplanes"]
   verbs: ["create", "delete", "get", "list", "watch"]
 - apiGroups: ["infrastructure.cluster.x-k8s.io"]
   resources: ["dockerclustertemplates", "dockermachinetemplates", "dockermachines", "intelclustertemplates", "intelmachinebindings", "intelmachinetemplates", "intelmachines"]

deployment/charts/cluster-template-crd/Chart.yaml

@@ -6,6 +6,6 @@ apiVersion: v2
 name: cluster-template-crd
 description: A Helm chart for the ClusterTemplate CRD
 type: application
-version: 2.1.3
-appVersion: 2.1.3
+version: 2.1.4-dev
+appVersion: 2.1.4-dev
 annotations: {}