🌱 Drop cgroup-driver patch for CAPD

Makefile

@@ -536,7 +536,6 @@ generate-e2e-templates-main: $(KUSTOMIZE)
 	$(KUSTOMIZE) build $(DOCKER_TEMPLATES)/main/cluster-template-machine-pool --load-restrictor LoadRestrictionsNone > $(DOCKER_TEMPLATES)/main/cluster-template-machine-pool.yaml
 	$(KUSTOMIZE) build $(DOCKER_TEMPLATES)/main/cluster-template-node-drain --load-restrictor LoadRestrictionsNone > $(DOCKER_TEMPLATES)/main/cluster-template-node-drain.yaml
 	$(KUSTOMIZE) build $(DOCKER_TEMPLATES)/main/cluster-template-upgrades --load-restrictor LoadRestrictionsNone > $(DOCKER_TEMPLATES)/main/cluster-template-upgrades.yaml
-	$(KUSTOMIZE) build $(DOCKER_TEMPLATES)/main/cluster-template-upgrades-cgroupfs --load-restrictor LoadRestrictionsNone > $(DOCKER_TEMPLATES)/main/cluster-template-upgrades-cgroupfs.yaml
 	$(KUSTOMIZE) build $(DOCKER_TEMPLATES)/main/cluster-template-upgrades-runtimesdk --load-restrictor LoadRestrictionsNone > $(DOCKER_TEMPLATES)/main/cluster-template-upgrades-runtimesdk.yaml
 	$(KUSTOMIZE) build $(DOCKER_TEMPLATES)/main/cluster-template-kcp-scale-in --load-restrictor LoadRestrictionsNone > $(DOCKER_TEMPLATES)/main/cluster-template-kcp-scale-in.yaml
 	$(KUSTOMIZE) build $(DOCKER_TEMPLATES)/main/cluster-template-ipv6 --load-restrictor LoadRestrictionsNone > $(DOCKER_TEMPLATES)/main/cluster-template-ipv6.yaml

cmd/clusterctl/client/cluster/assets/topology-test/existing-my-cluster.yaml

@@ -87,18 +87,10 @@ spec:
       scheduler: {}
     initConfiguration:
       localAPIEndpoint: {}
-      nodeRegistration:
-        criSocket: unix:///var/run/containerd/containerd.sock
-        kubeletExtraArgs:
-          cgroup-driver: cgroupfs
-          eviction-hard: nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%
+      nodeRegistration: {} # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
     joinConfiguration:
       discovery: {}
-      nodeRegistration:
-        criSocket: unix:///var/run/containerd/containerd.sock
-        kubeletExtraArgs:
-          cgroup-driver: cgroupfs
-          eviction-hard: nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%
+      nodeRegistration: {} # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
   machineTemplate:
     infrastructureRef:
       apiVersion: infrastructure.cluster.x-k8s.io/v1beta1

cmd/clusterctl/client/cluster/assets/topology-test/existing-my-second-cluster.yaml

@@ -88,18 +88,10 @@ spec:
       scheduler: {}
     initConfiguration:
       localAPIEndpoint: {}
-      nodeRegistration:
-        criSocket: unix:///var/run/containerd/containerd.sock
-        kubeletExtraArgs:
-          cgroup-driver: cgroupfs
-          eviction-hard: nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%
+      nodeRegistration: {} # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
     joinConfiguration:
       discovery: {}
-      nodeRegistration:
-        criSocket: unix:///var/run/containerd/containerd.sock
-        kubeletExtraArgs:
-          cgroup-driver: cgroupfs
-          eviction-hard: nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%
+      nodeRegistration: {} # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
   machineTemplate:
     infrastructureRef:
       apiVersion: infrastructure.cluster.x-k8s.io/v1beta1

cmd/clusterctl/client/cluster/assets/topology-test/my-cluster-class.yaml

@@ -55,21 +55,9 @@ spec:
           apiServer:
             certSANs: [ localhost, 127.0.0.1 ]
         initConfiguration:
-          nodeRegistration:
-            criSocket: unix:///var/run/containerd/containerd.sock
-            kubeletExtraArgs:
-              # We have to pin the cgroupDriver to cgroupfs as kubeadm >=1.21 defaults to systemd
-              # kind will implement systemd support in: https://github.com/kubernetes-sigs/kind/issues/1726
-              cgroup-driver: cgroupfs
-              eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%'
+          nodeRegistration: {} # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
         joinConfiguration:
-          nodeRegistration:
-            criSocket: unix:///var/run/containerd/containerd.sock
-            kubeletExtraArgs:
-              # We have to pin the cgroupDriver to cgroupfs as kubeadm >=1.21 defaults to systemd
-              # kind will implement systemd support in: https://github.com/kubernetes-sigs/kind/issues/1726
-              cgroup-driver: cgroupfs
-              eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%'
+          nodeRegistration: {} # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
       version: v1.21.2
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1

cmd/clusterctl/client/cluster/assets/topology-test/new-clusterclass-and-cluster.yaml

@@ -95,21 +95,9 @@ spec:
           apiServer:
             certSANs: [ localhost, 127.0.0.1 ]
         initConfiguration:
-          nodeRegistration:
-            criSocket: unix:///var/run/containerd/containerd.sock
-            kubeletExtraArgs:
-              # We have to pin the cgroupDriver to cgroupfs as kubeadm >=1.21 defaults to systemd
-              # kind will implement systemd support in: https://github.com/kubernetes-sigs/kind/issues/1726
-              cgroup-driver: cgroupfs
-              eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%'
+          nodeRegistration: {} # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
         joinConfiguration:
-          nodeRegistration:
-            criSocket: unix:///var/run/containerd/containerd.sock
-            kubeletExtraArgs:
-              # We have to pin the cgroupDriver to cgroupfs as kubeadm >=1.21 defaults to systemd
-              # kind will implement systemd support in: https://github.com/kubernetes-sigs/kind/issues/1726
-              cgroup-driver: cgroupfs
-              eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%'
+          nodeRegistration: {} # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
       version: v1.21.2
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
@@ -146,12 +134,7 @@ spec:
   template:
     spec:
       joinConfiguration:
-        nodeRegistration:
-          kubeletExtraArgs:
-            # We have to pin the cgroupDriver to cgroupfs as kubeadm >=1.21 defaults to systemd
-            # kind will implement systemd support in: https://github.com/kubernetes-sigs/kind/issues/1726
-            cgroup-driver: cgroupfs
-            eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%'
+        nodeRegistration: {} # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
 
 ---
 apiVersion: cluster.x-k8s.io/v1beta1

test/e2e/cluster_upgrade_test.go

@@ -20,45 +20,20 @@ limitations under the License.
 package e2e
 
 import (
-	"github.com/blang/semver"
 	. "github.com/onsi/ginkgo/v2"
-	. "github.com/onsi/gomega"
 	"k8s.io/utils/pointer"
 )
 
 var _ = Describe("When upgrading a workload cluster using ClusterClass and testing K8S conformance [Conformance] [K8s-Upgrade] [ClusterClass]", func() {
 	ClusterUpgradeConformanceSpec(ctx, func() ClusterUpgradeConformanceSpecInput {
-		// "upgrades" is the same as the "topology" flavor but with an additional MachinePool.
-		flavor := pointer.String("upgrades")
-		// For KubernetesVersionUpgradeFrom < v1.24 we have to use upgrades-cgroupfs flavor.
-		// This is because kind and CAPD only support:
-		// * cgroupDriver cgroupfs for Kubernetes < v1.24
-		// * cgroupDriver systemd for Kubernetes >= v1.24.
-		// Notes:
-		// * We always use a ClusterClass-based cluster-template for the upgrade test
-		// * The ClusterClass will automatically adjust the cgroupDriver for KCP and MDs.
-		// * We have to handle the MachinePool ourselves
-		// * The upgrades-cgroupfs flavor uses an MP which is pinned to cgroupfs
-		// * During the upgrade UpgradeMachinePoolAndWait automatically drops the cgroupfs pinning
-		//   when the target version is >= v1.24.
-		// We can remove this as soon as we don't test upgrades from Kubernetes < v1.24 anymore with CAPD
-		// or MachinePools are supported in ClusterClass.
-		version, err := semver.ParseTolerant(e2eConfig.GetVariable(KubernetesVersionUpgradeFrom))
-		Expect(err).ToNot(HaveOccurred(), "Invalid argument, KUBERNETES_VERSION_UPGRADE_FROM is not a valid version")
-		if version.LT(semver.MustParse("1.24.0")) {
-			// "upgrades-cgroupfs" is the same as the "topology" flavor but with an additional MachinePool
-			// with pinned cgroupDriver to cgroupfs.
-			flavor = pointer.String("upgrades-cgroupfs")
-		}
-
 		return ClusterUpgradeConformanceSpecInput{
 			E2EConfig:              e2eConfig,
 			ClusterctlConfigPath:   clusterctlConfigPath,
 			BootstrapClusterProxy:  bootstrapClusterProxy,
 			ArtifactFolder:         artifactFolder,
 			SkipCleanup:            skipCleanup,
-			Flavor:                 flavor,
 			InfrastructureProvider: pointer.String("docker"),
+			Flavor:                 pointer.String("upgrades"),
 		}
 	})
 })

test/e2e/config/docker.yaml

@@ -234,7 +234,6 @@ providers:
     - sourcePath: "../data/infrastructure-docker/main/cluster-template-machine-pool.yaml"
     - sourcePath: "../data/infrastructure-docker/main/cluster-template-node-drain.yaml"
     - sourcePath: "../data/infrastructure-docker/main/cluster-template-upgrades.yaml"
-    - sourcePath: "../data/infrastructure-docker/main/cluster-template-upgrades-cgroupfs.yaml"
     - sourcePath: "../data/infrastructure-docker/main/cluster-template-upgrades-runtimesdk.yaml"
     - sourcePath: "../data/infrastructure-docker/main/cluster-template-kcp-scale-in.yaml"
     - sourcePath: "../data/infrastructure-docker/main/cluster-template-ipv6.yaml"

test/e2e/data/infrastructure-docker/main/clusterclass-quick-start.yaml

@@ -126,44 +126,6 @@ spec:
         valueFrom:
           template: |
             imageRepository: {{ .lbImageRepository }}
-  # We have to pin the cgroupDriver to cgroupfs for Kubernetes < v1.24 because kind does not support systemd for those versions, but kubeadm >= 1.21 defaults to systemd.
-  - name: cgroupDriver-controlPlane
-    description: |
-      Sets the cgroupDriver to cgroupfs if a Kubernetes version < v1.24 is referenced.
-      This is required because kind and the node images do not support the default
-      systemd cgroupDriver for kubernetes < v1.24.
-    enabledIf: '{{ semverCompare "<= v1.23" .builtin.controlPlane.version }}'
-    definitions:
-    - selector:
-        apiVersion: controlplane.cluster.x-k8s.io/v1beta1
-        kind: KubeadmControlPlaneTemplate
-        matchResources:
-          controlPlane: true
-      jsonPatches:
-      - op: add
-        path: "/spec/template/spec/kubeadmConfigSpec/initConfiguration/nodeRegistration/kubeletExtraArgs/cgroup-driver"
-        value: cgroupfs
-      - op: add
-        path: "/spec/template/spec/kubeadmConfigSpec/joinConfiguration/nodeRegistration/kubeletExtraArgs/cgroup-driver"
-        value: cgroupfs
-  - name: cgroupDriver-machineDeployment
-    description: |
-      Sets the cgroupDriver to cgroupfs if a Kubernetes version < v1.24 is referenced.
-      This is required because kind and the node images do not support the default
-      systemd cgroupDriver for kubernetes < v1.24.
-    enabledIf: '{{ semverCompare "<= v1.23" .builtin.machineDeployment.version }}'
-    definitions:
-    - selector:
-        apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
-        kind: KubeadmConfigTemplate
-        matchResources:
-          machineDeploymentClass:
-            names:
-            - '*-worker'
-      jsonPatches:
-      - op: add
-        path: "/spec/template/spec/joinConfiguration/nodeRegistration/kubeletExtraArgs/cgroup-driver"
-        value: cgroupfs
   - name: etcdImageTag
     description: "Sets tag to use for the etcd image in the KubeadmControlPlane."
     definitions:
@@ -431,11 +393,11 @@ spec:
             certSANs: [localhost, host.docker.internal, "::", "::1", "127.0.0.1", "0.0.0.0"]
         initConfiguration:
           nodeRegistration: # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
-            kubeletExtraArgs: # required for the cgroup-driver patch to work
+            kubeletExtraArgs: # having a not empty kubeletExtraArgs is required for the externalCloudProvider patch to work
               eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%'
         joinConfiguration:
           nodeRegistration: # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
-            kubeletExtraArgs: # required for the cgroup-driver patch to work
+            kubeletExtraArgs: # having a not empty kubeletExtraArgs is required for the externalCloudProvider patch to work
               eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%'
 ---
 apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
@@ -496,5 +458,5 @@ spec:
     spec:
       joinConfiguration:
         nodeRegistration: # node registration parameters are automatically injected by CAPD according to the kindest/node image in use.
-          kubeletExtraArgs: # required for the cgroup-driver patch to work
+          kubeletExtraArgs: # having a not empty kubeletExtraArgs is required for the externalCloudProvider to work
             eviction-hard: 'nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%'

test/extension/handlers/topologymutation/handler.go

@@ -138,6 +138,8 @@ func patchDockerClusterTemplate(_ context.Context, dockerClusterTemplate *infrav
 // to work with older kind images.
 // It also sets the RolloutStrategy.RollingUpdate.MaxSurge if the kubeadmControlPlaneMaxSurge is provided.
 // NOTE: RolloutStrategy.RollingUpdate.MaxSurge patch is not required for any special reason, it is used for testing the patch machinery itself.
+// NOTE: cgroupfs patch is not required anymore after the introduction of the automatic setting kubeletExtraArgs for CAPD, however we keep it
+// as example of version aware patches.
 func patchKubeadmControlPlaneTemplate(ctx context.Context, kcpTemplate *controlplanev1.KubeadmControlPlaneTemplate, templateVariables map[string]apiextensionsv1.JSON) error {
 	log := ctrl.LoggerFrom(ctx)
 
@@ -203,6 +205,8 @@ func patchKubeadmControlPlaneTemplate(ctx context.Context, kcpTemplate *controlp
 // patchKubeadmConfigTemplate patches the ControlPlaneTemplate.
 // Only for the templates linked to the default-worker MachineDeployment class, It sets KubeletExtraArgs["cgroup-driver"]
 // to cgroupfs for Kubernetes < 1.24; this patch is required for tests to work with older kind images.
+// NOTE: cgroupfs patch is not required anymore after the introduction of the automatic setting kubeletExtraArgs for CAPD, however we keep it
+// as example of version aware patches.
 func patchKubeadmConfigTemplate(ctx context.Context, k *bootstrapv1.KubeadmConfigTemplate, templateVariables map[string]apiextensionsv1.JSON) error {
 	log := ctrl.LoggerFrom(ctx)
 

test/framework/machinepool_helpers.go

@@ -19,10 +19,8 @@ package framework
 import (
 	"context"
 	"fmt"
-	"strings"
 	"time"
 
-	"github.com/blang/semver"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 	"github.com/pkg/errors"
@@ -151,23 +149,6 @@ func UpgradeMachinePoolAndWait(ctx context.Context, input UpgradeMachinePoolAndW
 		// Upgrade to new Version.
 		mp.Spec.Template.Spec.Version = &input.UpgradeVersion
 
-		// Drop "-cgroupfs" suffix from BootstrapConfig ref name, i.e. we switch from a
-		// BootstrapConfig with pinned cgroupfs cgroupDriver to the regular BootstrapConfig.
-		// This is a workaround for CAPD, because kind and CAPD only support:
-		// * cgroupDriver cgroupfs for Kubernetes < v1.24
-		// * cgroupDriver systemd for Kubernetes >= v1.24.
-		// We can remove this as soon as we don't test upgrades from Kubernetes < v1.24 anymore with CAPD
-		// or MachinePools are supported in ClusterClass.
-		if mp.Spec.Template.Spec.InfrastructureRef.Kind == "DockerMachinePool" {
-			version, err := semver.ParseTolerant(input.UpgradeVersion)
-			Expect(err).ToNot(HaveOccurred(), fmt.Sprintf("Failed to parse UpgradeVersion %q", input.UpgradeVersion))
-			if version.GTE(semver.MustParse("1.24.0")) && strings.HasSuffix(mp.Spec.Template.Spec.Bootstrap.ConfigRef.Name, "-cgroupfs") {
-				mp.Spec.Template.Spec.Bootstrap.ConfigRef.Name = strings.TrimSuffix(mp.Spec.Template.Spec.Bootstrap.ConfigRef.Name, "-cgroupfs")
-				// We have to set DataSecretName to nil, so the secret of the new bootstrap ConfigRef gets picked up.
-				mp.Spec.Template.Spec.Bootstrap.DataSecretName = nil
-			}
-		}
-
 		Eventually(func() error {
 			return patchHelper.Patch(ctx, mp)
 		}, retryableOperationTimeout, retryableOperationInterval).Should(Succeed(), "Failed to patch the new Kubernetes version to Machine Pool %s", klog.KObj(mp))