Added dedicated hosts support for AWS

vr4manta · vr4manta · commit eab634dad53d · 2025-10-23T11:46:06.000-04:00
diff --git a/pkg/operator/operator_test.go b/pkg/operator/operator_test.go
@@ -45,13 +45,15 @@ var (
 		{Name: apifeatures.FeatureGateAzureWorkloadIdentity},
 		{Name: apifeatures.FeatureGateVSphereMultiDisk},
 		{Name: apifeatures.FeatureGateVSphereHostVMGroupZonal},
+		{Name: apifeatures.FeatureGateAWSDedicatedHosts},
 	}
 
 	enabledFeatureMap = map[string]bool{
-		"MachineAPIMigration":     true,
-		"AzureWorkloadIdentity":   true,
-		"VSphereMultiDisk":        true,
-		"VSphereHostVMGroupZonal": true,
+		"MachineAPIMigration":          true,
+		"AzureWorkloadIdentity":        true,
+		"VSphereMultiDisk":             true,
+		"VSphereHostVMGroupZonal":      true,
+		"FeatureGateAWSDedicatedHosts": true,
 	}
 )
 
diff --git a/pkg/webhooks/machine_webhook.go b/pkg/webhooks/machine_webhook.go
@@ -897,6 +897,32 @@ func validateAWS(m *machinev1beta1.Machine, config *admissionConfig) (bool, []st
 		}
 	}
 
+	// Dedicated host support.
+	// Check if host placement is configured.  If so, then we need to determine placement affinity and validate configs.
+	if providerSpec.HostPlacement != nil {
+		placement := *providerSpec.HostPlacement
+		if placement.Affinity == nil {
+			errs = append(errs, field.Required(field.NewPath("spec.hostPlacement.affinity"), "affinity is required and must be set"))
+		} else {
+			switch *placement.Affinity {
+			case machinev1beta1.HostAffinityAnyAvailable:
+				// Cannot have DedicatedHost set
+				if placement.DedicatedHost != nil {
+					errs = append(errs, field.Forbidden(field.NewPath("spec.hostPlacement.dedicatedHost"), "dedicatedHost is not allowed when affinity is AnyAvailable"))
+				}
+			case machinev1beta1.HostAffinityDedicatedHost:
+				// We need to make sure DedicatedHost is set with a HostID
+				if placement.DedicatedHost == nil {
+					errs = append(errs, field.Required(field.NewPath("spec.hostPlacement.dedicatedHost"), "dedicatedHost is required when affinity is DedicatedHost"))
+				} else if placement.DedicatedHost.ID == "" {
+					errs = append(errs, field.Invalid(field.NewPath("spec.hostPlacement.dedicatedHost.id"), placement.DedicatedHost.ID, "id must start with 'h-' followed by 17 lowercase hexadecimal characters (0-9 and a-f)"))
+				}
+			default:
+				errs = append(errs, field.Invalid(field.NewPath("spec.hostPlacement.affinity"), placement.Affinity, "affinity is required and must be set to an allowed value"))
+			}
+		}
+	}
+
 	if len(errs) > 0 {
 		return false, warnings, errs
 	}
diff --git a/pkg/webhooks/machine_webhook_test.go b/pkg/webhooks/machine_webhook_test.go
@@ -316,6 +316,67 @@ func TestMachineCreation(t *testing.T) {
 			},
 			expectedError: "",
 		},
+		{
+			name:         "configure host affinity with Host ID",
+			platformType: osconfigv1.AWSPlatformType,
+			clusterID:    "aws-cluster",
+			providerSpecValue: &kruntime.RawExtension{
+				Object: &machinev1beta1.AWSMachineProviderConfig{
+					AMI: machinev1beta1.AWSResourceReference{
+						ID: ptr.To[string]("ami"),
+					},
+					InstanceType: "test",
+					HostAffinity: ptr.To(machinev1beta1.HostAffinityAnyAvailable),
+					HostID:       ptr.To("h-09dcf61cb388b0149"),
+				},
+			},
+			expectedError: "",
+		},
+		{
+			name:         "configure host affinity with invalid affinity",
+			platformType: osconfigv1.AWSPlatformType,
+			clusterID:    "aws-cluster",
+			providerSpecValue: &kruntime.RawExtension{
+				Object: &machinev1beta1.AWSMachineProviderConfig{
+					AMI: machinev1beta1.AWSResourceReference{
+						ID: ptr.To[string]("ami"),
+					},
+					InstanceType: "test",
+					HostAffinity: ptr.To(machinev1beta1.HostAffinity("invalid")),
+				},
+			},
+			expectedError: "admission webhook \"validation.machine.machine.openshift.io\" denied the request: spec.hostID: Required value: hostID must be set when hostAffinity is configured", // true
+		},
+		{
+			name:         "configure host affinity without Host ID",
+			platformType: osconfigv1.AWSPlatformType,
+			clusterID:    "aws-cluster",
+			providerSpecValue: &kruntime.RawExtension{
+				Object: &machinev1beta1.AWSMachineProviderConfig{
+					AMI: machinev1beta1.AWSResourceReference{
+						ID: ptr.To[string]("ami"),
+					},
+					InstanceType: "test",
+					HostAffinity: ptr.To(machinev1beta1.HostAffinityHost),
+				},
+			},
+			expectedError: "admission webhook \"validation.machine.machine.openshift.io\" denied the request: spec.hostID: Required value: hostID must be set when hostAffinity is configured", // true
+		},
+		{
+			name:         "hostID alone is valid",
+			platformType: osconfigv1.AWSPlatformType,
+			clusterID:    "aws-cluster",
+			providerSpecValue: &kruntime.RawExtension{
+				Object: &machinev1beta1.AWSMachineProviderConfig{
+					AMI: machinev1beta1.AWSResourceReference{
+						ID: ptr.To[string]("ami"),
+					},
+					InstanceType: "test",
+					HostID:       ptr.To("h-1234567890abcdef0"),
+				},
+			},
+			expectedError: "",
+		},
 		{
 			name:              "with Azure and a nil provider spec value",
 			platformType:      osconfigv1.AzurePlatformType,

Original file line number	Diff line number	Diff line change
`@@ -45,13 +45,15 @@ var (`
`45`	`45`	`{Name: apifeatures.FeatureGateAzureWorkloadIdentity},`
`46`	`46`	`{Name: apifeatures.FeatureGateVSphereMultiDisk},`
`47`	`47`	`{Name: apifeatures.FeatureGateVSphereHostVMGroupZonal},`
	`48`	`+ {Name: apifeatures.FeatureGateAWSDedicatedHosts},`
`48`	`49`	`}`
`49`	`50`
`50`	`51`	`enabledFeatureMap = map[string]bool{`
`51`		`- "MachineAPIMigration": true,`
`52`		`- "AzureWorkloadIdentity": true,`
`53`		`- "VSphereMultiDisk": true,`
`54`		`- "VSphereHostVMGroupZonal": true,`
	`52`	`+ "MachineAPIMigration": true,`
	`53`	`+ "AzureWorkloadIdentity": true,`
	`54`	`+ "VSphereMultiDisk": true,`
	`55`	`+ "VSphereHostVMGroupZonal": true,`
	`56`	`+ "FeatureGateAWSDedicatedHosts": true,`
`55`	`57`	`}`
`56`	`58`	`)`
`57`	`59`