rancher · anmazzotti · Jan 10, 2025 · Jan 10, 2025
@@ -72,12 +72,17 @@ type RKE2ControlPlaneSpec struct {
 
 	// InfrastructureRef is a required reference to a custom resource
 	// offered by an infrastructure provider.
+	// This field is deprecated. Use `.machineTemplate.infrastructureRef` instead.
+	// +optional
+	// +kubebuilder:deprecatedversion:warning="Use `.machineTemplate.infrastructureRef` instead"
 	InfrastructureRef corev1.ObjectReference `json:"infrastructureRef"`
 
 	// NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node
 	// The default value is 0, meaning that the node can be drained without any time limitations.
 	// NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`
+	// This field is deprecated. Use `.machineTemplate.nodeDrainTimeout` instead.
 	// +optional
+	// +kubebuilder:deprecatedversion:warning="Use `.machineTemplate.nodeDrainTimeout` instead"
 	NodeDrainTimeout *metav1.Duration `json:"nodeDrainTimeout,omitempty"`
 
 	// RegistrationMethod is the method to use for registering nodes into the RKE2 cluster.

@@ -48,6 +48,16 @@ var _ webhook.Defaulter = &RKE2ControlPlane{}
 // Default implements webhook.Defaulter so a webhook will be registered for the type.
 func (r *RKE2ControlPlane) Default() {
 	bootstrapv1.DefaultRKE2ConfigSpec(&r.Spec.RKE2ConfigSpec)
+
+	// Defaults missing MachineTemplate.InfrastructureRef to Spec.InfrastructureRef
+	if len(r.Spec.MachineTemplate.InfrastructureRef.Name) == 0 {
+		r.Spec.MachineTemplate.InfrastructureRef = r.Spec.InfrastructureRef
+	}
+
+	// Defaults missing MachineTemplate.NodeDrainTimeout to Spec.NodeDrainTimeout
+	if r.Spec.MachineTemplate.NodeDrainTimeout == nil {
+		r.Spec.MachineTemplate.NodeDrainTimeout = r.Spec.NodeDrainTimeout
+	}
 }
 
 //+kubebuilder:webhook:path=/validate-controlplane-cluster-x-k8s-io-v1beta1-rke2controlplane,mutating=false,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanes,verbs=create;update,versions=v1beta1,name=vrke2controlplane.kb.io,admissionReviewVersions=v1
@@ -63,6 +73,7 @@ func (r *RKE2ControlPlane) ValidateCreate() (admission.Warnings, error) {
 	allErrs = append(allErrs, bootstrapv1.ValidateRKE2ConfigSpec(r.Name, &r.Spec.RKE2ConfigSpec)...)
 	allErrs = append(allErrs, r.validateCNI()...)
 	allErrs = append(allErrs, r.validateRegistrationMethod()...)
+	allErrs = append(allErrs, r.validateMachineTemplate()...)
 
 	if len(allErrs) == 0 {
 		return nil, nil
@@ -84,6 +95,7 @@ func (r *RKE2ControlPlane) ValidateUpdate(old runtime.Object) (admission.Warning
 
 	allErrs = append(allErrs, bootstrapv1.ValidateRKE2ConfigSpec(r.Name, &r.Spec.RKE2ConfigSpec)...)
 	allErrs = append(allErrs, r.validateCNI()...)
+	allErrs = append(allErrs, r.validateMachineTemplate()...)
 
 	oldSet := oldControlplane.Spec.RegistrationMethod != ""
 	if oldSet && r.Spec.RegistrationMethod != oldControlplane.Spec.RegistrationMethod {
@@ -131,3 +143,15 @@ func (r *RKE2ControlPlane) validateRegistrationMethod() field.ErrorList {
 
 	return allErrs
 }
+
+func (r *RKE2ControlPlane) validateMachineTemplate() field.ErrorList {
+	var allErrs field.ErrorList
+
+	if r.Spec.MachineTemplate.InfrastructureRef.Name == "" && r.Spec.InfrastructureRef.Name == "" {
+		allErrs = append(allErrs,
+			field.Invalid(field.NewPath("spec", "machineTemplate", "infrastructureRef"),
+				r.Spec.MachineTemplate.InfrastructureRef, "machineTemplate is required"))
+	}
+
+	return allErrs
+}
@@ -1595,6 +1595,7 @@ spec:
                 description: |-
                   InfrastructureRef is a required reference to a custom resource
                   offered by an infrastructure provider.
+                  This field is deprecated. Use `.machineTemplate.infrastructureRef` instead.
                 properties:
                   apiVersion:
                     description: API version of the referent.
@@ -1769,6 +1770,7 @@ spec:
                   NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node
                   The default value is 0, meaning that the node can be drained without any time limitations.
                   NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`
+                  This field is deprecated. Use `.machineTemplate.nodeDrainTimeout` instead.
                 type: string
               postRKE2Commands:
                 description: PostRKE2Commands specifies extra commands to run after
@@ -2436,7 +2438,6 @@ spec:
                 pattern: (v\d\.\d{2}\.\d+\+rke2r\d)|^$
                 type: string
             required:
-            - infrastructureRef
             - rolloutStrategy
             type: object
           status:

@@ -436,6 +436,7 @@ spec:
                         description: |-
                           InfrastructureRef is a required reference to a custom resource
                           offered by an infrastructure provider.
+                          This field is deprecated. Use `.machineTemplate.infrastructureRef` instead.
                         properties:
                           apiVersion:
                             description: API version of the referent.
@@ -610,6 +611,7 @@ spec:
                           NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node
                           The default value is 0, meaning that the node can be drained without any time limitations.
                           NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`
+                          This field is deprecated. Use `.machineTemplate.nodeDrainTimeout` instead.
                         type: string
                       postRKE2Commands:
                         description: PostRKE2Commands specifies extra commands to
@@ -1296,7 +1298,6 @@ spec:
                         pattern: (v\d\.\d{2}\.\d+\+rke2r\d)|^$
                         type: string
                     required:
-                    - infrastructureRef
                     - rolloutStrategy
                     type: object
                 required:

@@ -329,12 +329,12 @@ func (r *RKE2ControlPlaneReconciler) cloneConfigsAndGenerateMachine(
 		UID:        rcp.UID,
 	}
 
-	rcp.Spec.InfrastructureRef.Namespace = cmp.Or(rcp.Spec.InfrastructureRef.Namespace, rcp.Namespace)
+	rcp.Spec.MachineTemplate.InfrastructureRef.Namespace = cmp.Or(rcp.Spec.MachineTemplate.InfrastructureRef.Namespace, rcp.Namespace)
 
 	// Clone the infrastructure template
 	infraRef, err := external.CreateFromTemplate(ctx, &external.CreateFromTemplateInput{
 		Client:      r.Client,
-		TemplateRef: &rcp.Spec.InfrastructureRef,
+		TemplateRef: &rcp.Spec.MachineTemplate.InfrastructureRef,
 		Namespace:   rcp.Namespace,
 		OwnerRef:    infraCloneOwner,
 		ClusterName: cluster.Name,
@@ -460,7 +460,7 @@ func (r *RKE2ControlPlaneReconciler) generateMachine(
 				ConfigRef: bootstrapRef,
 			},
 			FailureDomain:    failureDomain,
-			NodeDrainTimeout: rcp.Spec.NodeDrainTimeout,
+			NodeDrainTimeout: rcp.Spec.MachineTemplate.NodeDrainTimeout,
 		},
 	}
 

@@ -123,11 +123,12 @@ spec:
   - sudo hostnamectl set-hostname $(curl -s http://169.254.169.254/1.0/meta-data/hostname)
   agentConfig:
     airGapped: true
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
-    kind: AWSMachineTemplate
-    name: ${CLUSTER_NAME}-control-plane
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
+      kind: AWSMachineTemplate
+      name: ${CLUSTER_NAME}-control-plane
+    nodeDrainTimeout: 2m
   replicas: ${CONTROL_PLANE_MACHINE_COUNT}
   serverConfig:
     cloudProviderName: external

@@ -54,11 +54,12 @@ spec:
   kubeProxy:
     extraEnv:
       hello: world
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: DockerMachineTemplate
-    name: controlplane
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: DockerMachineTemplate
+      name: controlplane
+    nodeDrainTimeout: 2m
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
 kind: DockerMachineTemplate

@@ -50,11 +50,12 @@ spec:
       - --anonymous-auth=true
   agentConfig:
     cisProfile: ${CIS_PROFILE}
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: DockerMachineTemplate
-    name: controlplane
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: DockerMachineTemplate
+      name: controlplane
+    nodeDrainTimeout: 2m
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
 kind: DockerMachineTemplate

@@ -151,18 +151,15 @@ metadata:
 spec:
   template:
     spec:
-      infrastructureRef:
-        apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-        kind: DockerMachineTemplate
-        name: rke2-class-control-plane
       serverConfig:
         cni: calico
         kubeAPIServer:
           extraArgs:
           - --anonymous-auth=true
         disableComponents:
           kubernetesComponents: [ "cloudController"]
-      nodeDrainTimeout: 2m
+      machineTemplate:
+        nodeDrainTimeout: 2m
       rolloutStrategy:
         type: "RollingUpdate"
         rollingUpdate:

@@ -45,18 +45,19 @@ spec:
   replicas: ${CONTROL_PLANE_MACHINE_COUNT}
   agentConfig:
     version: ${KUBERNETES_VERSION}+rke2r1
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: DockerMachineTemplate
-    name: controlplane
   serverConfig:
     kubeAPIServer:
       extraArgs:
       - --anonymous-auth=true
    disableComponents:
       pluginComponents:
       - "rke2-ingress-nginx"
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: DockerMachineTemplate
+      name: controlplane
+    nodeDrainTimeout: 2m
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
 kind: DockerMachineTemplate

@@ -51,11 +51,12 @@ spec:
     kubeAPIServer:
       extraArgs:
       - --anonymous-auth=true
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: DockerMachineTemplate
-    name: controlplane
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: DockerMachineTemplate
+      name: controlplane
+    nodeDrainTimeout: 2m
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
 kind: DockerMachineTemplate

@@ -8,8 +8,9 @@ spec:
   version: v1.24.11+rke2r1
   serverConfig:
     cniMultusEnable: true
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: DockerMachineTemplate
-    name: controlplane
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: DockerMachineTemplate
+      name: controlplane
+    nodeDrainTimeout: 2m
@@ -49,11 +49,12 @@ spec:
   version: ${KUBERNETES_VERSION}+rke2r1
   serverConfig:
     cni: calico
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: DockerMachineTemplate
-    name: controlplane
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: DockerMachineTemplate
+      name: controlplane
+    nodeDrainTimeout: 2m
   registrationMethod: "address"
   registrationAddress: "${REGISTRATION_VIP}"
   preRKE2Commands:

@@ -57,11 +57,12 @@ spec:
     kubeAPIServer:
       extraArgs:
       - --anonymous-auth=true
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: DockerMachineTemplate
-    name: controlplane
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: DockerMachineTemplate
+      name: controlplane
+    nodeDrainTimeout: 2m
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
 kind: DockerMachineTemplate
@@ -186,4 +187,4 @@ data:
       http-check expect status 403
       {{range $server, $backend := .BackendServers}}
       server {{ $server }} {{ $backend.Address }}:9345 check check-ssl verify none
-      {{- end}}
+      {{- end}}
@@ -62,11 +62,12 @@ spec:
             kind: Secret
             namespace: ${NAMESPACE}
             name: registry-cert 
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: DockerMachineTemplate
-    name: controlplane
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: DockerMachineTemplate
+      name: controlplane
+    nodeDrainTimeout: 2m
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
 kind: DockerMachineTemplate
@@ -227,4 +228,4 @@ data:
       http-check expect status 403
       {{range $server, $backend := .BackendServers}}
       server {{ $server }} {{ $backend.Address }}:9345 check check-ssl verify none
-      {{- end}}
+      {{- end}}
@@ -70,10 +70,11 @@ metadata:
   name: ${CLUSTER_NAME}
   namespace: ${NAMESPACE}
 spec:
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: Metal3MachineTemplate
-    name: ${CLUSTER_NAME}-controlplane
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: Metal3MachineTemplate
+      name: ${CLUSTER_NAME}-controlplane
   replicas: 1
   agentConfig:
     kubelet:

@@ -156,11 +156,12 @@ spec:
               type: File
             name: kubeconfig
   replicas: ${CONTROL_PLANE_MACHINE_COUNT}
-  infrastructureRef:
-    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
-    kind: VSphereMachineTemplate
-    name: vsphere-controlplane
-  nodeDrainTimeout: 2m
+  machineTemplate:
+    infrastructureRef:
+      apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+      kind: VSphereMachineTemplate
+      name: vsphere-controlplane
+    nodeDrainTimeout: 2m
   preRKE2Commands:
     - sleep 30 #fix to give OS time to become ready
   version: ${RKE2_VERSION}

@@ -124,7 +124,7 @@ func (c *ControlPlane) Version() *string {
 
 // InfrastructureRef returns the RKE2ControlPlane's infrastructure template.
 func (c *ControlPlane) InfrastructureRef() *corev1.ObjectReference {
-	return &c.RCP.Spec.InfrastructureRef
+	return &c.RCP.Spec.MachineTemplate.InfrastructureRef
 }
 
 // AsOwnerReference returns an owner reference to the RKE2ControlPlane.

@@ -146,8 +146,8 @@ func matchesTemplateClonedFrom(infraConfigs map[string]*unstructured.Unstructure
 		}
 
 		// Check if the machine's infrastructure reference has been created from the current RCP infrastructure template.
-		if clonedFromName != rcp.Spec.InfrastructureRef.Name ||
-			clonedFromGroupKind != rcp.Spec.InfrastructureRef.GroupVersionKind().GroupKind().String() {
+		if clonedFromName != rcp.Spec.MachineTemplate.InfrastructureRef.Name ||
+			clonedFromGroupKind != rcp.Spec.MachineTemplate.InfrastructureRef.GroupVersionKind().GroupKind().String() {
 			return false
 		}