🌱 feat: implements nodeadm bootstrapping type

[faiq]

What type of PR is this?
/kind feature

What this PR does / why we need it:

This PR implements the nodeadm config type outlined by the KEP #5678

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:

Checklist:

• squashed commits
• includes documentation
• includes emoji in title
• adds unit tests
• adds or updates e2e tests

Release note:

Adds Nodeadm bootstrapping type

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign neolit123 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[faiq]

testing with this manifest

apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
  name: default
spec:
  clusterNetwork:
    pods:
      cidrBlocks:
      - 192.168.0.0/16
    services:
      cidrBlocks:
      - 10.96.0.0/12
  controlPlaneRef:
    apiVersion: controlplane.cluster.x-k8s.io/v1beta2
    kind: AWSManagedControlPlane
    name: default-control-plane
  infrastructureRef:
    apiVersion: controlplane.cluster.x-k8s.io/v1beta2
    kind: AWSManagedControlPlane
    name: default-control-plane
---
apiVersion: controlplane.cluster.x-k8s.io/v1beta2
kind: AWSManagedControlPlane
metadata:
  name: default-control-plane
spec:
  addons:
  - name: kube-proxy
    version: v1.32.0-eksbuild.2
  network:
    cni:
      cniIngressRules:
      - description: kube-proxy metrics
        fromPort: 10249
        protocol: tcp
        toPort: 10249
      - description: NVIDIA Data Center GPU Manager metrics
        fromPort: 9400
        protocol: tcp
        toPort: 9400
      - description: Prometheus node exporter metrics
        fromPort: 9100
        protocol: tcp
        toPort: 9100
  region: us-west-2
  sshKeyName: ""
  version: v1.33.0
---
apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
kind: AWSMachineTemplate
metadata:
  name: default
spec:
  template:
    spec:
      cloudInit:
        insecureSkipSecretsManager: true
      ami:
        eksLookupType: AmazonLinux2023
      instanceMetadataOptions:
        httpTokens: required
        httpPutResponseHopLimit: 2
      iamInstanceProfile: nodes.cluster-api-provider-aws.sigs.k8s.io
      instanceType: m5a.16xlarge
      rootVolume:
        size: 80
---
apiVersion: bootstrap.cluster.x-k8s.io/v1beta2
kind: NodeadmConfigTemplate
metadata:
  name: default
spec:
  template:
    spec: {}
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: MachineDeployment
metadata:
  name: default
spec:
  clusterName: default
  replicas: 1
  template:
    spec:
      bootstrap:
        configRef:
          apiVersion: bootstrap.cluster.x-k8s.io/v1beta2
          kind: NodeadmConfigTemplate
          name: default
      clusterName: default
      infrastructureRef:
        apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
        kind: AWSMachineTemplate
        name: default
      version: v1.33.0

[faiq]

/retest

[faiq]

/retest

[faiq]

/retest

[faiq]

/test ?

[k8s-ci-robot]

@faiq: The following commands are available to trigger required jobs:

/test pull-cluster-api-provider-aws-build

/test pull-cluster-api-provider-aws-build-docker

/test pull-cluster-api-provider-aws-e2e-blocking

/test pull-cluster-api-provider-aws-test

/test pull-cluster-api-provider-aws-verify

The following commands are available to trigger optional jobs:

/test pull-cluster-api-provider-aws-apidiff-main

/test pull-cluster-api-provider-aws-e2e

/test pull-cluster-api-provider-aws-e2e-clusterclass

/test pull-cluster-api-provider-aws-e2e-conformance

/test pull-cluster-api-provider-aws-e2e-conformance-with-ci-artifacts

/test pull-cluster-api-provider-aws-e2e-eks

/test pull-cluster-api-provider-aws-e2e-eks-gc

/test pull-cluster-api-provider-aws-e2e-eks-testing

Use /test all to run the following jobs that were automatically triggered:

pull-cluster-api-provider-aws-apidiff-main

pull-cluster-api-provider-aws-build

pull-cluster-api-provider-aws-build-docker

pull-cluster-api-provider-aws-e2e-blocking

pull-cluster-api-provider-aws-test

pull-cluster-api-provider-aws-verify

In response to this:

/test ?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[faiq]

/test /test pull-cluster-api-provider-aws-e2e-eks

[dsanders1234]

Does this work with AWSManagedMachinePool ?

[faiq]

@dsanders1234 try this

 apiVersion: cluster.x-k8s.io/v1beta1
 kind: MachinePool
 metadata:
   name: default
 spec:
   clusterName: default
   template:
     spec:
       bootstrap:
         #dataSecretName: ""
         configRef:
           apiVersion: bootstrap.cluster.x-k8s.io/v1beta2
           kind: NodeadmConfig
           name: default
       clusterName: default
       infrastructureRef:
         apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
         kind: AWSManagedMachinePool
         name: default
       version: v1.33.0
---
apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
kind: AWSManagedMachinePool
metadata:
  name: default
spec:
  roleName: "nodes.cluster-api-provider-aws.sigs.k8s.io"
  scaling:
    minSize: 1
    maxSize: 3
  amiType: CUSTOM
  awsLaunchTemplate:
    ami:
      eksLookupType: AmazonLinux2023
    instanceMetadataOptions:
      httpTokens: required
      httpPutResponseHopLimit: 2
    instanceType: "m5a.16xlarge"
    rootVolume:
      size: 80
---
apiVersion: bootstrap.cluster.x-k8s.io/v1beta2
kind: NodeadmConfig
metadata:
  name: default
spec:
  kubelet:
    config:
      evictionHard:
        memory.available: "2000Mi"

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

/retest

[faiq]

/retest

[faiq]

/retest

[faiq]

/retest

[faiq]

/retest

[faiq]

/retest

[faiq]

/retest

[faiq]

/retest

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[AmitSahastra]

@faiq Thanks for this! 🙌 I tested EKS with the MP + Launch Template + AL2023 + NodeadmConfig and it worked as expected.
One note: I had to manually add an MachinePool OwnerReference to NodeadmConfig (CAPI didn’t set it automatically in this scenario). Is that expected?

Also, is there a tentative merge timeline or any remaining blockers.

[faiq]

One note: I had to manually add an MachinePool OwnerReference to NodeadmConfig (CAPI didn’t set it automatically in this scenario). Is that expected?

thats strange. i feel like this is a bug in the machinepool controller. shouldn't it be setting the owner ref?

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks

[faiq]

The last test failed in deleting the aws managed control plane, which is entirely unrelated to these changes.

EDITS:

see run here: https://prow.k8s.io/view/gs/kubernetes-ci-logs/pr-logs/pull/kubernetes-sigs_cluster-api-provider-aws/5700/pull-cluster-api-provider-aws-e2e-eks/1988044875567730688

i'll run the tests once again to get that sweet ✔️

[faiq]

/test pull-cluster-api-provider-aws-e2e-eks