feat: Add IPAM integration

- Added RBAC rules
- Fixed reconcile

Signed-off-by: appkins <[email protected]>

Author: appkins

api/v1beta1/tinkerbellmachine_types.go

@@ -82,6 +82,13 @@ type TinkerbellMachineSpec struct {
 	// +optional
 	BootOptions BootOptions `json:"bootOptions,omitempty"`
 
+	// IPAMPoolRef is a reference to an IPAM pool resource to allocate an IP address from.
+	// When specified, an IPAddressClaim will be created to request an IP address allocation.
+	// The allocated IP will be set on the Hardware's first interface DHCP configuration.
+	// This enables integration with Cluster API IPAM providers for dynamic IP allocation.
+	// +optional
+	IPAMPoolRef *corev1.TypedLocalObjectReference `json:"ipamPoolRef,omitempty"`
+
 	// Those fields are set programmatically, but they cannot be re-constructed from "state of the world", so
 	// we put them in spec instead of status.
 	HardwareName string `json:"hardwareName,omitempty"`

api/v1beta1/zz_generated.deepcopy.go

@@ -265,6 +265,30 @@ spec:
                   ImageLookupOSVersion is the version of the OS distribution to use when fetching machine
                   images. If not set it will default based on ImageLookupOSDistro.
                 type: string
+              ipamPoolRef:
+                description: |-
+                  IPAMPoolRef is a reference to an IPAM pool resource to allocate an IP address from.
+                  When specified, an IPAddressClaim will be created to request an IP address allocation.
+                  The allocated IP will be set on the Hardware's first interface DHCP configuration.
+                  This enables integration with Cluster API IPAM providers for dynamic IP allocation.
+                properties:
+                  apiGroup:
+                    description: |-
+                      APIGroup is the group for the resource being referenced.
+                      If APIGroup is not specified, the specified Kind must be in the core API group.
+                      For any other third-party types, APIGroup is required.
+                    type: string
+                  kind:
+                    description: Kind is the type of resource being referenced
+                    type: string
+                  name:
+                    description: Name is the name of resource being referenced
+                    type: string
+                required:
+                - kind
+                - name
+                type: object
+                x-kubernetes-map-type: atomic
               providerID:
                 type: string
               templateOverride:

config/crd/bases/infrastructure.cluster.x-k8s.io_tinkerbellmachines.yaml

@@ -258,6 +258,30 @@ spec:
                           ImageLookupOSVersion is the version of the OS distribution to use when fetching machine
                           images. If not set it will default based on ImageLookupOSDistro.
                         type: string
+                      ipamPoolRef:
+                        description: |-
+                          IPAMPoolRef is a reference to an IPAM pool resource to allocate an IP address from.
+                          When specified, an IPAddressClaim will be created to request an IP address allocation.
+                          The allocated IP will be set on the Hardware's first interface DHCP configuration.
+                          This enables integration with Cluster API IPAM providers for dynamic IP allocation.
+                        properties:
+                          apiGroup:
+                            description: |-
+                              APIGroup is the group for the resource being referenced.
+                              If APIGroup is not specified, the specified Kind must be in the core API group.
+                              For any other third-party types, APIGroup is required.
+                            type: string
+                          kind:
+                            description: Kind is the type of resource being referenced
+                            type: string
+                          name:
+                            description: Name is the name of resource being referenced
+                            type: string
+                        required:
+                        - kind
+                        - name
+                        type: object
+                        x-kubernetes-map-type: atomic
                       providerID:
                         type: string
                       templateOverride:

config/crd/bases/infrastructure.cluster.x-k8s.io_tinkerbellmachinetemplates.yaml

@@ -54,6 +54,34 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - ipam.cluster.x-k8s.io
+  resources:
+  - ipaddressclaims
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ipam.cluster.x-k8s.io
+  resources:
+  - ipaddressclaims/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - ipam.cluster.x-k8s.io
+  resources:
+  - ipaddresses
+  verbs:
+  - get
+  - list
+  - watch
 - apiGroups:
   - tinkerbell.org
   resources:

config/rbac/role.yaml

@@ -2,6 +2,7 @@ package machine
 
 import (
 	"fmt"
+	"maps"
 	"sort"
 	"strings"
 
@@ -84,9 +85,7 @@ func (scope *machineReconcileScope) patchHardwareAnnotations(hw *tinkv1.Hardware
 		hw.Annotations = map[string]string{}
 	}
 
-	for k, v := range annotations {
-		hw.Annotations[k] = v
-	}
+	maps.Copy(hw.Annotations, annotations)
 
 	if err := patchHelper.Patch(scope.ctx, hw); err != nil {
 		return fmt.Errorf("patching Hardware object: %w", err)
@@ -152,6 +151,14 @@ func (scope *machineReconcileScope) ensureHardware() (*tinkv1.Hardware, error) {
 		return nil, fmt.Errorf("ensuring Hardware user data: %w", err)
 	}
 
+	// Check if IPAM pool is configured and handle IP allocation
+	poolRef := scope.getIPAMPoolRef()
+	if poolRef != nil {
+		if err := scope.reconcileIPAM(hw, poolRef); err != nil {
+			return hw, fmt.Errorf("failed to reconcile IPAM: %w", err)
+		}
+	}
+
 	return hw, scope.setStatus(hw)
 }