add new disableDefaultCNI field

apis/v1beta1/microk8sconfig_types.go

@@ -81,6 +81,10 @@ type InitConfiguration struct {
 	// +kubebuilder:default:=stable
 	RiskLevel string `json:"riskLevel,omitempty"`
 
+	// Whether or not to use the default CNI
+	// +optional
+	DisableDefaultCNI bool `json:"useDefaultCNI,omitempty"`
+
 	// The snap store proxy domain
 	// +optional
 	SnapstoreProxyDomain string `json:"snapstoreProxyDomain,omitempty"`

config/crd/bases/bootstrap.cluster.x-k8s.io_microk8sconfigs.yaml

@@ -177,6 +177,9 @@ spec:
                   snapstoreProxyId:
                     description: The snap store proxy ID
                     type: string
+                  useDefaultCNI:
+                    description: Whether or not to use the default CNI
+                    type: boolean
                 type: object
             type: object
           status:

config/crd/bases/bootstrap.cluster.x-k8s.io_microk8sconfigtemplates.yaml

@@ -188,6 +188,9 @@ spec:
                           snapstoreProxyId:
                             description: The snap store proxy ID
                             type: string
+                          useDefaultCNI:
+                            description: Whether or not to use the default CNI
+                            type: boolean
                         type: object
                     type: object
                 type: object

controllers/cloudinit/cloudinit_common_test.go

@@ -382,4 +382,80 @@ func TestCloudConfigInput(t *testing.T) {
 			})
 		}
 	})
+
+	t.Run("DisableDefaultCNI", func(t *testing.T) {
+		for _, tc := range []struct {
+			name            string
+			makeCloudConfig func() (*cloudinit.CloudConfig, error)
+		}{
+			{
+				name: "ControlPlaneInit",
+				makeCloudConfig: func() (*cloudinit.CloudConfig, error) {
+					return cloudinit.NewInitControlPlane(&cloudinit.ControlPlaneInitInput{
+						DisableDefaultCNI: true,
+						KubernetesVersion: "v1.25.0",
+						Token:             strings.Repeat("a", 32),
+						TokenTTL:          100,
+					})
+				},
+			},
+			{
+				name: "ControlPlaneJoin",
+				makeCloudConfig: func() (*cloudinit.CloudConfig, error) {
+					return cloudinit.NewJoinControlPlane(&cloudinit.ControlPlaneJoinInput{
+						DisableDefaultCNI: true,
+						KubernetesVersion: "v1.25.0",
+						Token:             strings.Repeat("a", 32),
+						TokenTTL:          100,
+					})
+				},
+			},
+		} {
+			t.Run(tc.name, func(t *testing.T) {
+				g := NewWithT(t)
+				c, err := tc.makeCloudConfig()
+				g.Expect(err).NotTo(HaveOccurred())
+
+				g.Expect(c.RunCommands).To(ContainElement(`/capi-scripts/00-disable-default-cni.sh`))
+			})
+		}
+	})
+
+	t.Run("DefaultCNI", func(t *testing.T) {
+		for _, tc := range []struct {
+			name            string
+			makeCloudConfig func() (*cloudinit.CloudConfig, error)
+		}{
+			{
+				name: "ControlPlaneInit",
+				makeCloudConfig: func() (*cloudinit.CloudConfig, error) {
+					return cloudinit.NewInitControlPlane(&cloudinit.ControlPlaneInitInput{
+						DisableDefaultCNI: false,
+						KubernetesVersion: "v1.25.0",
+						Token:             strings.Repeat("a", 32),
+						TokenTTL:          100,
+					})
+				},
+			},
+			{
+				name: "ControlPlaneJoin",
+				makeCloudConfig: func() (*cloudinit.CloudConfig, error) {
+					return cloudinit.NewJoinControlPlane(&cloudinit.ControlPlaneJoinInput{
+						DisableDefaultCNI: false,
+						KubernetesVersion: "v1.25.0",
+						Token:             strings.Repeat("a", 32),
+						TokenTTL:          100,
+					})
+				},
+			},
+		} {
+			t.Run(tc.name, func(t *testing.T) {
+				g := NewWithT(t)
+				c, err := tc.makeCloudConfig()
+				g.Expect(err).NotTo(HaveOccurred())
+
+				g.Expect(c.RunCommands).NotTo(ContainElement(`/capi-scripts/00-disable-default-cni.sh`))
+			})
+		}
+	})
 }

controllers/cloudinit/controlplane_init.go

@@ -57,6 +57,8 @@ type ControlPlaneInitInput struct {
 	Confinement string
 	// RiskLevel specifies the risk level (strict, candidate, beta, edge) for the snap channels.
 	RiskLevel string
+	// DisableDefaultCNI specifies whether to disable the default CNI plugin.
+	DisableDefaultCNI bool
 	// SnapstoreProxyDomain specifies the domain of the snapstore proxy if one is to be used.
 	SnapstoreProxyDomain string
 	// SnapstoreProxyId specifies the snapstore proxy ID if one is to be used.
@@ -141,7 +143,13 @@ func NewInitControlPlane(input *ControlPlaneInitInput) (*CloudConfig, error) {
 		fmt.Sprintf("%s %q %q", scriptPath(snapstoreHTTPProxyScript), input.SnapstoreHTTPProxy, input.SnapstoreHTTPSProxy),
 		fmt.Sprintf("%s %q %q", scriptPath(snapstoreProxyScript), input.SnapstoreProxyDomain, input.SnapstoreProxyId),
 		scriptPath(disableHostServicesScript),
-		fmt.Sprintf("%s %q", scriptPath(installMicroK8sScript), installArgs),
+		fmt.Sprintf("%s %q", scriptPath(installMicroK8sScript), installArgs))
+
+	if input.DisableDefaultCNI {
+		cloudConfig.RunCommands = append(cloudConfig.RunCommands, scriptPath(disableDefaultCNIScript))
+	}
+
+	cloudConfig.RunCommands = append(cloudConfig.RunCommands,
 		fmt.Sprintf("%s %q %q %q", scriptPath(configureContainerdProxyScript), input.ContainerdHTTPProxy, input.ContainerdHTTPSProxy, input.ContainerdNoProxy),
 		scriptPath(configureKubeletScript),
 		scriptPath(waitAPIServerScript),

controllers/cloudinit/controlplane_init_test.go

@@ -38,6 +38,7 @@ func TestControlPlaneInit(t *testing.T) {
 			IPinIP:               true,
 			Token:                strings.Repeat("a", 32),
 			TokenTTL:             10000,
+			DisableDefaultCNI:    true,
 			Confinement:          "classic",
 		})
 		g.Expect(err).NotTo(HaveOccurred())
@@ -48,6 +49,7 @@ func TestControlPlaneInit(t *testing.T) {
 			`/capi-scripts/00-configure-snapstore-proxy.sh "" ""`,
 			`/capi-scripts/00-disable-host-services.sh`,
 			`/capi-scripts/00-install-microk8s.sh "--channel 1.25 --classic"`,
+			`/capi-scripts/00-disable-default-cni.sh`,
 			`/capi-scripts/10-configure-containerd-proxy.sh "" "" ""`,
 			`/capi-scripts/10-configure-kubelet.sh`,
 			`/capi-scripts/50-wait-apiserver.sh`,

controllers/cloudinit/controlplane_join.go

@@ -53,6 +53,8 @@ type ControlPlaneJoinInput struct {
 	Confinement string
 	// RiskLevel specifies the risk level (strict, candidate, beta, edge) for the snap channels.
 	RiskLevel string
+	// DisableDefaultCNI specifies whether to use the default CNI plugin.
+	DisableDefaultCNI bool
 	// SnapstoreProxyDomain specifies the domain of the snapstore proxy if one is to be used.
 	SnapstoreProxyDomain string
 	// SnapstoreProxyId specifies the snapstore proxy ID if one is to be used.
@@ -123,7 +125,13 @@ func NewJoinControlPlane(input *ControlPlaneJoinInput) (*CloudConfig, error) {
 		fmt.Sprintf("%s %q %q", scriptPath(snapstoreHTTPProxyScript), input.SnapstoreHTTPProxy, input.SnapstoreHTTPSProxy),
 		fmt.Sprintf("%s %q %q", scriptPath(snapstoreProxyScript), input.SnapstoreProxyDomain, input.SnapstoreProxyId),
 		scriptPath(disableHostServicesScript),
-		fmt.Sprintf("%s %q", scriptPath(installMicroK8sScript), installArgs),
+		fmt.Sprintf("%s %q", scriptPath(installMicroK8sScript), installArgs))
+
+	if input.DisableDefaultCNI {
+		cloudConfig.RunCommands = append(cloudConfig.RunCommands, scriptPath(disableDefaultCNIScript))
+	}
+
+	cloudConfig.RunCommands = append(cloudConfig.RunCommands,
 		fmt.Sprintf("%s %q %q %q", scriptPath(configureContainerdProxyScript), input.ContainerdHTTPProxy, input.ContainerdHTTPSProxy, input.ContainerdNoProxy),
 		scriptPath(configureKubeletScript),
 		scriptPath(waitAPIServerScript),

controllers/cloudinit/embed.go

@@ -43,6 +43,9 @@ const (
 	// disableHostServicesScript disables services like containerd or kubelet from the host OS image.
 	disableHostServicesScript script = "00-disable-host-services.sh"
 
+	// disableDefaultCNIScript disables the default CNI plugin.
+	disableDefaultCNIScript script = "00-disable-default-cni.sh"
+
 	// installMicroK8sScript installs MicroK8s on the host.
 	installMicroK8sScript script = "00-install-microk8s.sh"
 

controllers/cloudinit/scripts/00-disable-default-cni.sh

@@ -0,0 +1,4 @@
+#!/bin/bash -xe
+
+microk8s kubectl delete -f /var/snap/microk8s/current/args/cni-network/cni.yaml
+mv /var/snap/microk8s/current/args/cni-network/cni.yaml /var/snap/microk8s/current/args/cni-network/calico.yaml.old

controllers/microk8sconfig_controller.go

@@ -314,6 +314,7 @@ func (r *MicroK8sConfigReconciler) handleClusterNotInitialized(ctx context.Conte
 		SnapstoreProxyId:     microk8sConfig.Spec.InitConfiguration.SnapstoreProxyId,
 		Confinement:          microk8sConfig.Spec.InitConfiguration.Confinement,
 		RiskLevel:            microk8sConfig.Spec.InitConfiguration.RiskLevel,
+		DisableDefaultCNI:    microk8sConfig.Spec.InitConfiguration.DisableDefaultCNI,
 		ExtraWriteFiles:      cloudinit.WriteFilesFromAPI(microk8sConfig.Spec.InitConfiguration.ExtraWriteFiles),
 		ExtraKubeletArgs:     microk8sConfig.Spec.InitConfiguration.ExtraKubeletArgs,
 		SnapstoreHTTPProxy:   microk8sConfig.Spec.InitConfiguration.SnapstoreHTTPProxy,
@@ -416,6 +417,7 @@ func (r *MicroK8sConfigReconciler) handleJoiningControlPlaneNode(ctx context.Con
 		SnapstoreProxyDomain: microk8sConfig.Spec.InitConfiguration.SnapstoreProxyDomain,
 		SnapstoreProxyId:     microk8sConfig.Spec.InitConfiguration.SnapstoreProxyId,
 		RiskLevel:            microk8sConfig.Spec.InitConfiguration.RiskLevel,
+		DisableDefaultCNI:    microk8sConfig.Spec.InitConfiguration.DisableDefaultCNI,
 		Confinement:          microk8sConfig.Spec.InitConfiguration.Confinement,
 		ExtraWriteFiles:      cloudinit.WriteFilesFromAPI(microk8sConfig.Spec.InitConfiguration.ExtraWriteFiles),
 		ExtraKubeletArgs:     microk8sConfig.Spec.InitConfiguration.ExtraKubeletArgs,