✨ Initial dedicated hosts implementation

api/v1beta1/awscluster_conversion.go

@@ -63,6 +63,8 @@ func (src *AWSCluster) ConvertTo(dstRaw conversion.Hub) error {
 		dst.Status.Bastion.NetworkInterfaceType = restored.Status.Bastion.NetworkInterfaceType
 		dst.Status.Bastion.CapacityReservationID = restored.Status.Bastion.CapacityReservationID
 		dst.Status.Bastion.MarketType = restored.Status.Bastion.MarketType
+		dst.Status.Bastion.HostAffinity = restored.Status.Bastion.HostAffinity
+		dst.Status.Bastion.HostID = restored.Status.Bastion.HostID
 	}
 	dst.Spec.Partition = restored.Spec.Partition
 

api/v1beta1/awsmachine_conversion.go

@@ -44,6 +44,8 @@ func (src *AWSMachine) ConvertTo(dstRaw conversion.Hub) error {
 	dst.Spec.SecurityGroupOverrides = restored.Spec.SecurityGroupOverrides
 	dst.Spec.CapacityReservationID = restored.Spec.CapacityReservationID
 	dst.Spec.MarketType = restored.Spec.MarketType
+	dst.Spec.HostID = restored.Spec.HostID
+	dst.Spec.HostAffinity = restored.Spec.HostAffinity
 	dst.Spec.NetworkInterfaceType = restored.Spec.NetworkInterfaceType
 	if restored.Spec.ElasticIPPool != nil {
 		if dst.Spec.ElasticIPPool == nil {
@@ -108,6 +110,8 @@ func (r *AWSMachineTemplate) ConvertTo(dstRaw conversion.Hub) error {
 	dst.Spec.Template.Spec.SecurityGroupOverrides = restored.Spec.Template.Spec.SecurityGroupOverrides
 	dst.Spec.Template.Spec.CapacityReservationID = restored.Spec.Template.Spec.CapacityReservationID
 	dst.Spec.Template.Spec.MarketType = restored.Spec.Template.Spec.MarketType
+	dst.Spec.Template.Spec.HostID = restored.Spec.Template.Spec.HostID
+	dst.Spec.Template.Spec.HostAffinity = restored.Spec.Template.Spec.HostAffinity
 	dst.Spec.Template.Spec.NetworkInterfaceType = restored.Spec.Template.Spec.NetworkInterfaceType
 	if restored.Spec.Template.Spec.ElasticIPPool != nil {
 		if dst.Spec.Template.Spec.ElasticIPPool == nil {

api/v1beta2/awsmachine_types.go

@@ -233,6 +233,18 @@ type AWSMachineSpec struct {
 	// If marketType is not specified and spotMarketOptions is provided, the marketType defaults to "Spot".
 	// +optional
 	MarketType MarketType `json:"marketType,omitempty"`
+
+	// HostID specifies the Dedicated Host on which the instance must be started.
+	// +optional
+	HostID *string `json:"hostID,omitempty"`
+
+	// HostAffinity specifies the dedicated host affinity setting for the instance.
+	// When hostAffinity is set to host, an instance started onto a specific host always restarts on the same host if stopped.
+	// When hostAffinity is set to default, and you stop and restart the instance, it can be restarted on any available host.
+	// When HostAffinity is defined, HostID is required.
+	// +optional
+	// +kubebuilder:validation:Enum:=default;host
+	HostAffinity *string `json:"hostAffinity,omitempty"`
 }
 
 // CloudInit defines options related to the bootstrapping systems where

api/v1beta2/awsmachine_webhook.go

@@ -75,6 +75,7 @@ func (*awsMachineWebhook) ValidateCreate(_ context.Context, obj runtime.Object)
 	allErrs = append(allErrs, r.validateNonRootVolumes()...)
 	allErrs = append(allErrs, r.validateSSHKeyName()...)
 	allErrs = append(allErrs, r.validateAdditionalSecurityGroups()...)
+	allErrs = append(allErrs, r.validateHostAffinity()...)
 	allErrs = append(allErrs, r.Spec.AdditionalTags.Validate()...)
 	allErrs = append(allErrs, r.validateNetworkElasticIPPool()...)
 	allErrs = append(allErrs, r.validateInstanceMarketType()...)
@@ -107,6 +108,7 @@ func (*awsMachineWebhook) ValidateUpdate(ctx context.Context, oldObj, newObj run
 	allErrs = append(allErrs, r.validateCloudInitSecret()...)
 	allErrs = append(allErrs, r.validateAdditionalSecurityGroups()...)
 	allErrs = append(allErrs, r.Spec.AdditionalTags.Validate()...)
+	allErrs = append(allErrs, r.validateHostAffinity()...)
 
 	newAWSMachineSpec := newAWSMachine["spec"].(map[string]interface{})
 	oldAWSMachineSpec := oldAWSMachine["spec"].(map[string]interface{})
@@ -455,6 +457,17 @@ func (r *AWSMachine) validateAdditionalSecurityGroups() field.ErrorList {
 	return allErrs
 }
 
+func (r *AWSMachine) validateHostAffinity() field.ErrorList {
+	var allErrs field.ErrorList
+
+	if r.Spec.HostAffinity != nil {
+		if r.Spec.HostID == nil || len(*r.Spec.HostID) == 0 {
+			allErrs = append(allErrs, field.Required(field.NewPath("spec.hostID"), "hostID must be set when hostAffinity is configured"))
+		}
+	}
+	return allErrs
+}
+
 func (r *AWSMachine) validateSSHKeyName() field.ErrorList {
 	return validateSSHKeyName(r.Spec.SSHKeyName)
 }

api/v1beta2/awsmachine_webhook_test.go

@@ -412,6 +412,37 @@ func TestAWSMachineCreate(t *testing.T) {
 			},
 			wantErr: true,
 		},
+		{
+			name: "configure host affinity with Host ID",
+			machine: &AWSMachine{
+				Spec: AWSMachineSpec{
+					InstanceType: "test",
+					HostAffinity: ptr.To("default"),
+					HostID:       ptr.To("h-09dcf61cb388b0149"),
+				},
+			},
+			wantErr: false,
+		},
+		{
+			name: "configure host affinity with invalid affinity",
+			machine: &AWSMachine{
+				Spec: AWSMachineSpec{
+					InstanceType: "test",
+					HostAffinity: ptr.To("invalid"),
+				},
+			},
+			wantErr: true,
+		},
+		{
+			name: "configure host affinity without Host ID",
+			machine: &AWSMachine{
+				Spec: AWSMachineSpec{
+					InstanceType: "test",
+					HostAffinity: ptr.To("default"),
+				},
+			},
+			wantErr: true,
+		},
 		{
 			name: "create with valid BYOIPv4",
 			machine: &AWSMachine{

api/v1beta2/types.go

@@ -273,6 +273,18 @@ type Instance struct {
 	// If marketType is not specified and spotMarketOptions is provided, the marketType defaults to "Spot".
 	// +optional
 	MarketType MarketType `json:"marketType,omitempty"`
+
+	// HostAffinity specifies the dedicated host affinity setting for the instance.
+	// When hostAffinity is set to host, an instance started onto a specific host always restarts on the same host if stopped.
+	// When hostAffinity is set to default, and you stop and restart the instance, it can be restarted on any available host.
+	// When HostAffinity is defined, HostID is required.
+	// +optional
+	// +kubebuilder:validation:Enum:=default;host
+	HostAffinity *string `json:"hostAffinity,omitempty"`
+
+	// HostID specifies the dedicated host on which the instance should be started.
+	// +optional
+	HostID *string `json:"hostID,omitempty"`
 }
 
 // MarketType describes the market type of an Instance

config/crd/bases/controlplane.cluster.x-k8s.io_awsmanagedcontrolplanes.yaml

@@ -1222,6 +1222,20 @@ spec:
                     description: Specifies whether enhanced networking with ENA is
                       enabled.
                     type: boolean
+                  hostAffinity:
+                    description: |-
+                      HostAffinity specifies the dedicated host affinity setting for the instance.
+                      When hostAffinity is set to host, an instance started onto a specific host always restarts on the same host if stopped.
+                      When hostAffinity is set to default, and you stop and restart the instance, it can be restarted on any available host.
+                      When HostAffinity is defined, HostID is required.
+                    enum:
+                    - default
+                    - host
+                    type: string
+                  hostID:
+                    description: HostID specifies the dedicated host on which the
+                      instance should be started.
+                    type: string
                   iamProfile:
                     description: The name of the IAM instance profile associated with
                       the instance, if applicable.
@@ -3403,6 +3417,20 @@ spec:
                     description: Specifies whether enhanced networking with ENA is
                       enabled.
                     type: boolean
+                  hostAffinity:
+                    description: |-
+                      HostAffinity specifies the dedicated host affinity setting for the instance.
+                      When hostAffinity is set to host, an instance started onto a specific host always restarts on the same host if stopped.
+                      When hostAffinity is set to default, and you stop and restart the instance, it can be restarted on any available host.
+                      When HostAffinity is defined, HostID is required.
+                    enum:
+                    - default
+                    - host
+                    type: string
+                  hostID:
+                    description: HostID specifies the dedicated host on which the
+                      instance should be started.
+                    type: string
                   iamProfile:
                     description: The name of the IAM instance profile associated with
                       the instance, if applicable.

config/crd/bases/infrastructure.cluster.x-k8s.io_awsclusters.yaml

@@ -2205,6 +2205,20 @@ spec:
                     description: Specifies whether enhanced networking with ENA is
                       enabled.
                     type: boolean
+                  hostAffinity:
+                    description: |-
+                      HostAffinity specifies the dedicated host affinity setting for the instance.
+                      When hostAffinity is set to host, an instance started onto a specific host always restarts on the same host if stopped.
+                      When hostAffinity is set to default, and you stop and restart the instance, it can be restarted on any available host.
+                      When HostAffinity is defined, HostID is required.
+                    enum:
+                    - default
+                    - host
+                    type: string
+                  hostID:
+                    description: HostID specifies the dedicated host on which the
+                      instance should be started.
+                    type: string
                   iamProfile:
                     description: The name of the IAM instance profile associated with
                       the instance, if applicable.

config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachines.yaml

@@ -703,6 +703,20 @@ spec:
                     - message: allowed values are 'none' and 'amazon-pool'
                       rule: self in ['none','amazon-pool']
                 type: object
+              hostAffinity:
+                description: |-
+                  HostAffinity specifies the dedicated host affinity setting for the instance.
+                  When hostAffinity is set to host, an instance started onto a specific host always restarts on the same host if stopped.
+                  When hostAffinity is set to default, and you stop and restart the instance, it can be restarted on any available host.
+                  When HostAffinity is defined, HostID is required.
+                enum:
+                - default
+                - host
+                type: string
+              hostID:
+                description: HostID specifies the Dedicated Host on which the instance
+                  must be started.
+                type: string
               iamInstanceProfile:
                 description: IAMInstanceProfile is a name of an IAM instance profile
                   to assign to the instance

config/crd/bases/infrastructure.cluster.x-k8s.io_awsmachinetemplates.yaml

@@ -622,6 +622,20 @@ spec:
                             - message: allowed values are 'none' and 'amazon-pool'
                               rule: self in ['none','amazon-pool']
                         type: object
+                      hostAffinity:
+                        description: |-
+                          HostAffinity specifies the dedicated host affinity setting for the instance.
+                          When hostAffinity is set to host, an instance started onto a specific host always restarts on the same host if stopped.
+                          When hostAffinity is set to default, and you stop and restart the instance, it can be restarted on any available host.
+                          When HostAffinity is defined, HostID is required.
+                        enum:
+                        - default
+                        - host
+                        type: string
+                      hostID:
+                        description: HostID specifies the Dedicated Host on which
+                          the instance must be started.
+                        type: string
                       iamInstanceProfile:
                         description: IAMInstanceProfile is a name of an IAM instance
                           profile to assign to the instance

pkg/cloud/services/ec2/instances.go

@@ -258,6 +258,10 @@ func (s *Service) CreateInstance(ctx context.Context, scope *scope.MachineScope,
 
 	input.MarketType = scope.AWSMachine.Spec.MarketType
 
+	input.HostID = scope.AWSMachine.Spec.HostID
+
+	input.HostAffinity = scope.AWSMachine.Spec.HostAffinity
+
 	s.scope.Debug("Running instance", "machine-role", scope.Role())
 	s.scope.Debug("Running instance with instance metadata options", "metadata options", input.InstanceMetadataOptions)
 	out, err := s.runInstance(scope.Role(), input)
@@ -677,6 +681,30 @@ func (s *Service) runInstance(role string, i *infrav1.Instance) (*infrav1.Instan
 		}
 	}
 
+	if i.HostID != nil {
+		if i.HostAffinity == nil {
+			i.HostAffinity = aws.String("default")
+		}
+		if len(i.Tenancy) == 0 {
+			i.Tenancy = "host"
+		}
+		s.scope.Debug("Running instance with dedicated host placement",
+			"hostId", i.HostID,
+			"affinity", i.HostAffinity)
+		if input.Placement != nil {
+			s.scope.Warn("Placement already set for instance, overwriting with dedicated host placement",
+				"hostId", i.HostID,
+				"affinity", i.HostAffinity,
+				"placement", input.Placement)
+		}
+
+		input.Placement = &types.Placement{
+			Tenancy:  types.Tenancy(i.Tenancy),
+			Affinity: i.HostAffinity,
+			HostId:   i.HostID,
+		}
+	}
+
 	out, err := s.EC2Client.RunInstances(context.TODO(), input)
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to run instance")

test/e2e/data/e2e_conf.yaml

@@ -168,6 +168,7 @@ providers:
           - sourcePath: "./shared/v1beta2_provider/metadata.yaml"
           - sourcePath: "./infrastructure-aws/withoutclusterclass/generated/cluster-template-ignition.yaml"
           - sourcePath: "./infrastructure-aws/withoutclusterclass/generated/cluster-template-upgrade-to-external-cloud-provider.yaml"
+          - sourcePath: "./infrastructure-aws/withoutclusterclass/generated/cluster-template-dedicated-host.yaml"
         replacements:
           # To allow bugs to be catched.
           - old: "failureThreshold: 3"

test/e2e/data/infrastructure-aws/withoutclusterclass/kustomize_sources/dedicated-host/dedicated-host-resource-set.yaml

@@ -0,0 +1,49 @@
+---
+apiVersion: cluster.x-k8s.io/v1beta1
+kind: MachineDeployment
+metadata:
+  name: "${CLUSTER_NAME}-md-dh"
+spec:
+  clusterName: "${CLUSTER_NAME}"
+  replicas: 1
+  selector:
+    matchLabels:
+  template:
+    spec:
+      clusterName: "${CLUSTER_NAME}"
+      version: "${KUBERNETES_VERSION}"
+      bootstrap:
+        configRef:
+          name: "${CLUSTER_NAME}-md-dh"
+          apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
+          kind: KubeadmConfigTemplate
+      infrastructureRef:
+        name: "${CLUSTER_NAME}-md-dh"
+        apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
+        kind: AWSMachineTemplate
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
+kind: AWSMachineTemplate
+metadata:
+  name: "${CLUSTER_NAME}-md-dh"
+spec:
+  template:
+    spec:
+      instanceType: "${AWS_NODE_MACHINE_TYPE}"
+      iamInstanceProfile: "nodes.cluster-api-provider-aws.sigs.k8s.io"
+      sshKeyName: "${AWS_SSH_KEY_NAME}"
+      hostID: "${HOST_ID}"
+      hostAffinity: "${HOST_AFFINITY}"
+---
+apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
+kind: KubeadmConfigTemplate
+metadata:
+  name: "${CLUSTER_NAME}-md-dh"
+spec:
+  template:
+    spec:
+      joinConfiguration:
+        nodeRegistration:
+          name: '{{ ds.meta_data.local_hostname }}'
+          kubeletExtraArgs:
+            cloud-provider: external