feat: support for externally managed control plane

api/v1alpha1/conditions_consts.go

@@ -78,6 +78,9 @@ const (
 
 	// UnknownReason (Severity=Warning) documents the ProxmoxVM Unknown.
 	UnknownReason = "Unknown"
+
+	// MissingControlPlaneEndpointReason (Severity=Warning) documents the missing Control Plane endpoint when Cluster is backed by an externally managed Control Plane.
+	MissingControlPlaneEndpointReason = "MissingControlPlaneEndpoint"
 )
 
 const (

api/v1alpha1/proxmoxcluster_types.go

@@ -42,6 +42,10 @@ type ProxmoxClusterSpec struct {
 	// +kubebuilder:validation:XValidation:rule="self.port > 0 && self.port < 65536",message="port must be within 1-65535"
 	ControlPlaneEndpoint *clusterv1.APIEndpoint `json:"controlPlaneEndpoint"`
 
+	// ExternalManagedControlPlane can be enabled to allow externally managed Control Planes to patch the
+	// Proxmox cluster with the Load Balancer IP provided by Control Plane provider.
+	ExternalManagedControlPlane bool `json:"externalManagedControlPlane,omitempty"`
+
 	// AllowedNodes specifies all Proxmox nodes which will be considered
 	// for operations. This implies that VMs can be cloned on different nodes from
 	// the node which holds the VM template.

config/crd/bases/infrastructure.cluster.x-k8s.io_proxmoxclusters.yaml

@@ -615,6 +615,11 @@ spec:
                   type: string
                 minItems: 1
                 type: array
+              externalManagedControlPlane:
+                description: |-
+                  ExternalManagedControlPlane can be enabled to allow externally managed Control Planes to patch the
+                  Proxmox cluster with the Load Balancer IP provided by Control Plane provider.
+                type: boolean
               ipv4Config:
                 description: |-
                   IPv4Config contains information about available IPV4 address pools and the gateway.

config/crd/bases/infrastructure.cluster.x-k8s.io_proxmoxclustertemplates.yaml

@@ -655,6 +655,11 @@ spec:
                           type: string
                         minItems: 1
                         type: array
+                      externalManagedControlPlane:
+                        description: |-
+                          ExternalManagedControlPlane can be enabled to allow externally managed Control Planes to patch the
+                          Proxmox cluster with the Load Balancer IP provided by Control Plane provider.
+                        type: boolean
                       ipv4Config:
                         description: |-
                           IPv4Config contains information about available IPV4 address pools and the gateway.

internal/controller/proxmoxcluster_controller.go

@@ -192,6 +192,30 @@ func (r *ProxmoxClusterReconciler) reconcileNormal(ctx context.Context, clusterS
 	// If the ProxmoxCluster doesn't have our finalizer, add it.
 	ctrlutil.AddFinalizer(clusterScope.ProxmoxCluster, infrav1alpha1.ClusterFinalizer)
 
+	if clusterScope.ProxmoxCluster.Spec.ExternalManagedControlPlane {
+		if clusterScope.ProxmoxCluster.Spec.ControlPlaneEndpoint == nil {
+			clusterScope.Logger.Info("ProxmoxCluster is not ready, missing or waiting for a ControlPlaneEndpoint")
+
+			conditions.MarkFalse(clusterScope.ProxmoxCluster, infrav1alpha1.ProxmoxClusterReady, infrav1alpha1.MissingControlPlaneEndpointReason, clusterv1.ConditionSeverityWarning, "The ProxmoxCluster is missing or waiting for a ControlPlaneEndpoint")
+
+			return ctrl.Result{Requeue: true}, nil
+		}
+		if clusterScope.ProxmoxCluster.Spec.ControlPlaneEndpoint.Host == "" {
+			clusterScope.Logger.Info("ProxmoxCluster is not ready, missing or waiting for a ControlPlaneEndpoint host")
+
+			conditions.MarkFalse(clusterScope.ProxmoxCluster, infrav1alpha1.ProxmoxClusterReady, infrav1alpha1.MissingControlPlaneEndpointReason, clusterv1.ConditionSeverityWarning, "The ProxmoxCluster is missing or waiting for a ControlPlaneEndpoint host")
+
+			return ctrl.Result{Requeue: true}, nil
+		}
+		if clusterScope.ProxmoxCluster.Spec.ControlPlaneEndpoint.Port == 0 {
+			clusterScope.Logger.Info("ProxmoxCluster is not ready, missing or waiting for a ControlPlaneEndpoint port")
+
+			conditions.MarkFalse(clusterScope.ProxmoxCluster, infrav1alpha1.ProxmoxClusterReady, infrav1alpha1.MissingControlPlaneEndpointReason, clusterv1.ConditionSeverityWarning, "The ProxmoxCluster is missing or waiting for a ControlPlaneEndpoint port")
+
+			return ctrl.Result{Requeue: true}, nil
+		}
+	}
+
 	// when a Cluster is marked failed cause the Proxmox client is nil.
 	// the cluster doesn't reconcile the failed state if we restart the controller.
 	// so we need to check if the ProxmoxClient is not nil and the ProxmoxCluster has a failure reason.

internal/webhook/proxmoxcluster_webhook.go

@@ -93,11 +93,15 @@ func (*ProxmoxCluster) ValidateUpdate(_ context.Context, _ runtime.Object, newOb
 }
 
 func validateControlPlaneEndpoint(cluster *infrav1.ProxmoxCluster) error {
-	ep := cluster.Spec.ControlPlaneEndpoint
+	// Skipping the validation of the Control Plane endpoint in case of externally managed Control Plane:
+	// the Cluster API Control Plane provider will eventually provide the LB.
+	if cluster.Spec.ExternalManagedControlPlane {
+		return nil
+	}
 
 	gk, name := cluster.GroupVersionKind().GroupKind(), cluster.GetName()
 
-	endpoint := ep.Host
+	endpoint := cluster.Spec.ControlPlaneEndpoint.Host
 
 	addr, err := netip.ParseAddr(endpoint)