CAPI Provider
The CAPIProvider
resource allows managing Cluster API Operator manifests in a declarative way. It is used to provision and configure Cluster API providers like AWS, vSphere etc.
CAPIProvider
follows a GitOps model - the spec fields are declarative user inputs. The controller only updates status.
Every field provided by the upstream CAPI Operator CAPIProviderSpec
resource is also available in the spec of the CAPIProvider
resource. Feel free to refer to upstream configuration guides for advanced scenarios.
All the certified CAPI Providers are configured using an embedded configuration. In order to override it, a custom ClusterctlConfig needs to be created.
Usage
To use the CAPIProvider
resource:
-
Create a
CAPIProvider
resource with the desired provider name, type, credentials, configuration, and features. -
The
CAPIProvider
controller will handle templating the required Cluster API Operator manifests based on theCAPIProvider
spec. -
The status field on the
CAPIProvider
resource will reflect the state of the generated manifests. -
Manage the
CAPIProvider
object declaratively to apply changes to the generated provider manifests.
Here is an example CAPIProvider
manifest:
apiVersion: turtles-capi.cattle.io/v1alpha1
kind: CAPIProvider
metadata:
name: aws-infra
namespace: capi-providers
spec:
name: aws
type: infrastructure
enableAutomaticUpdate: true
credentials:
rancherCloudCredential: aws-creds # Rancher credentials secret for AWS
configSecret:
name: aws-config
features:
clusterResourceSet: true
This will generate an AWS infrastructure provider with the supplied mapping for Rancher credential secret and custom enabled features.
The CAPIProvider
controller will own all the generated provider resources, allowing garbage collection by deleting the CAPIProvider
object.
Specification
The key fields in the CAPIProvider
spec are:
-
name
- Name of the provider (aws, vsphere etc). Inherited frommetadata.name
if not specified. -
type
- Kind of provider resource (can be set tocore
,controlPlane
,bootstrap
,infrastructure
,addon
,ipam
orruntimeextension
). -
credentials
- Source credentials for provider specification. -
configSecret
- Name of the provider config secret, where the variables and synced credential will be stored. By default if not specified, will inherit the name of theCAPIProvider
resource. -
features
- Enabled provider features. -
variables
- Variables is a map of environment variables to add to the content of theconfigSecret
. -
version
- Version indicates the provider version. -
enableAutomaticUpdate
- Allow the provider to update automatically. Only enabled by default on Turtles chart installed providers. -
fetchConfig
- FetchConfig determines how the operator will fetch the components and metadata for the provider.-
oci
- OCI to be used for fetching the provider’s components and metadata from an OCI artifact. You must setproviderSpec.Version
field for operator to pick up desired version of the release from GitHub. If the providerSpec.Version is missing, latest provider version from clusterctl defaults is used. -
selector
- Selector to be used for fetching provider’s components and metadata from ConfigMaps stored inside the cluster. Each ConfigMap is expected to contain components and metadata for a specific version only. -
url
- URL to be used for fetching the provider’s components and metadata from a remote Github repository.
-
Version pinning and automatic updates
The CAPIProvider
version
can be set at any time to pin the provider to a specific version. Additionally, automaticUpdates
can be toggled to allow automatic updates to the latest version available. The latest version available is determined by the embedded clusterctl configuration for certified providers, and it can be overridden or configured for custom providers using ClusterctlConfig.