Add InCluster IPAM Provider + Node IPAM support

- In cluster node IPAM provider can be deployed to the MC when feature flag `features.management-cluster.deploy-in-cluster-ipam-provider` is enabled - ClusterClass must be used when deploying a WC with Node IPAM - Specifying NODE_IPAM_IP_POOL_NAME when deploying a WC will cause capv to assign IP addresses to nodes from specified IPAM pool. - .addressesFromPools can be specified in the ClusterClass network section in the variables array, which allows you to specify arbitrary IPAM providers and more than one pool Co-authored-by: Tyler Schultz <tschultz@vmware.com> Co-authored-by: Edwin Xie <exie@vmware.com> Co-authored-by: Aidan Obley <aobley@vmware.com>
vmware-tanzu · Nov 15, 2022 · d8410de · d8410de
1 parent a35605a
commit d8410de
Show file tree

Hide file tree

Showing 16 changed files with 652 additions and 18 deletions.
diff --git a/packages/tkg-clusterclass-vsphere/bundle/config/upstream/base.yaml b/packages/tkg-clusterclass-vsphere/bundle/config/upstream/base.yaml
@@ -293,6 +293,22 @@ spec:
           ipv6Primary:
             type: boolean
             default: false
+          addressesFromPools:
+            type: array
+            items:
+              type: object
+              properties:
+                apiGroup:
+                  type: string
+                kind:
+                  type: string
+                name:
+                  type: string
+              required:
+              - apiGroup
+              - kind
+              - name
+            default: []
         default:
           ipv6Primary: false
   - name: proxy
@@ -772,8 +788,16 @@ spec:
               - {{ . }}
                 {{- end }}
               {{- end }}
-              {{ if list "IPv4" "DualStack" | has .builtin.cluster.network.ipFamily -}} dhcp4: true {{- end }}
-              {{ if list "IPv6" "DualStack" | has .builtin.cluster.network.ipFamily -}} dhcp6: true {{- end }}
+              {{ if list "IPv4" "DualStack" | has .builtin.cluster.network.ipFamily | and (empty .network.addressesFromPools) -}} dhcp4: true {{- end }}
+              {{ if list "IPv6" "DualStack" | has .builtin.cluster.network.ipFamily | and (empty .network.addressesFromPools) -}} dhcp6: true {{- end }}
+              {{ if .network.addressesFromPools  -}}
+              addressesFromPools:
+                {{- range .network.addressesFromPools }}
+              - apiGroup: {{ .apiGroup }}
+                kind: {{ .kind }}
+                name: {{ .name }}
+                {{- end }}
+              {{- end }}
     - selector:
         apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
         kind: VSphereMachineTemplate
@@ -801,8 +825,16 @@ spec:
               - {{ . }}
                 {{- end }}
               {{- end }}
-              {{ if list "IPv4" "DualStack" | has .builtin.cluster.network.ipFamily -}} dhcp4: true {{- end }}
-              {{ if list "IPv6" "DualStack" | has .builtin.cluster.network.ipFamily -}} dhcp6: true {{- end }}
+              {{ if list "IPv4" "DualStack" | has .builtin.cluster.network.ipFamily | and (empty .network.addressesFromPools) -}} dhcp4: true {{- end }}
+              {{ if list "IPv6" "DualStack" | has .builtin.cluster.network.ipFamily | and (empty .network.addressesFromPools) -}} dhcp6: true {{- end }}
+              {{ if .network.addressesFromPools  -}}
+              addressesFromPools:
+                {{- range .network.addressesFromPools }}
+              - apiGroup: {{ .apiGroup }}
+                kind: {{ .kind }}
+                name: {{ .name }}
+                {{- end }}
+              {{- end }}
   - name: ipv6localhost
     enabledIf: '{{ list "IPv6" "DualStack" | has .builtin.cluster.network.ipFamily }}'
     definitions:

diff --git a/providers/config.yaml b/providers/config.yaml
@@ -23,6 +23,9 @@ providers:
 - name: docker
   url: providers/infrastructure-docker/v1.2.4/infrastructure-components.yaml
   type: InfrastructureProvider
+- name: ipam-in-cluster
+  url: providers/infrastructure-ipam-in-cluster/v0.1.0/ipam-components.yaml
+  type: InfrastructureProvider
 cert-manager:
   url: providers/cert-manager/v1.9.1/cert-manager.yaml
   version: "v1.9.1"
diff --git a/providers/config_default.yaml b/providers/config_default.yaml
@@ -453,6 +453,9 @@ TKG_PROXY_CA_CERT: ""
 #! IP Family setting
 TKG_IP_FAMILY:
 
+#! IPAM settings
+NODE_IPAM_IP_POOL_NAME: ""
+
 #! Configure cloud provider permissions for TMC enablement. Only affects AWS at present.
 DISABLE_TMC_CLOUD_PERMISSIONS: false