✨ feat(airgap): add image preloading

.github/workflows/unit-quickstart-e2e-test.yaml

@@ -38,6 +38,10 @@ jobs:
     runs-on: [self-hosted, linux]
     needs: [unit]
     steps:
+    - name: 🩹 Safe config for 💩 DNS
+      run: |
+        sed 's/options /options use-vc single-request attempts:5 /' < /etc/resolv.conf > /etc/resolv.conf.new
+        cat /etc/resolv.conf.new > /etc/resolv.conf
     - name: ⬇️ Checkout repository
       uses: actions/checkout@v4
     - name: ⬇️ Install kubectl
@@ -52,7 +56,8 @@ jobs:
         kustomize-version: v4.5.7
     - name: 🔎 Check IP
       id: ip
-      run: echo "ip=`curl -s https://api.ipify.org`" | tee $GITHUB_OUTPUT
+      run: |
+        echo "ip=`curl -s https://api.ipify.org`" | tee $GITHUB_OUTPUT
     - name: 🔐 Set ak/sk name based on runner region
       run: .github/scripts/runneraksk.sh
     - name: 🧹 Frieza
@@ -87,10 +92,18 @@ jobs:
         sudo apt install -y docker-buildx-plugin 
         make docker-buildx
         make docker-push
-        docker image prune -a -f
       env:
         IMG: ${{ vars.REGISTRY }}/outscale/cluster-api-outscale-controllers:${{ github.sha }}
         DOCKER_BUILDKIT: 1
+    - name: 🔎 Preloader snapshot
+      id: preloader
+      uses: outscale/k8s-image-preloader/github_actions/preloader_snapshot@main
+      with:
+        KUBECONFIG: ${{ steps.management.outputs.KUBECONFIG }}
+        OSC_ACCESS_KEY: ${{ secrets[env.OSC_ACCESS_KEY_NAME] }}
+        OSC_SECRET_KEY: ${{ secrets[env.OSC_SECRET_KEY_NAME] }}
+        OSC_REGION: ${{ env.OSC_REGION }}
+        CSI: true
     - name: 🔐 Create CAPOSC ns and credentials
       run: make credential
       shell: bash
@@ -112,10 +125,11 @@ jobs:
         KUBECONFIG: "${{ github.workspace }}/${{ steps.management.outputs.KUBECONFIG }}"
         CCM_OSC_ACCESS_KEY: ${{ secrets[env.OSC_ACCESS_KEY_NAME] }}
         CCM_OSC_SECRET_KEY: ${{ secrets[env.OSC_SECRET_KEY_NAME] }}
-        CCM_OSC_REGION: $${{ env.OSC_REGION }}
+        CCM_OSC_REGION: ${{ env.OSC_REGION }}
         IMG: ${{ vars.REGISTRY }}/outscale/cluster-api-outscale-controllers:${{ github.sha }}
         IMG_UPGRADE_FROM: ${{ vars.IMG_UPGRADE_FROM }}
         IMG_UPGRADE_TO: ${{ vars.IMG_UPGRADE_TO }}
+        PRELOAD_SNAPSHOT_ID: ${{ steps.preloader.outputs.SNAPSHOT_ID }}
     - name: 📝 Get CAPOSC state/logs
       run: |
         echo "**** pod state"

api/v1beta1/oscmachine_validation.go

@@ -76,7 +76,7 @@ func ValidateIops(path *field.Path, iops, size int32) *field.Error {
 		return nil
 	case iops > maxIops || iops < minIops:
 		return field.Invalid(path, iops, fmt.Sprintf("iops must be between %d and %d", minIops, maxIops))
-	case iops/size > 300:
+	case size > 0 && iops/size > 300:
 		return field.Invalid(path, iops, "iops/size should be lower than 300")
 	default:
 		return nil

api/v1beta1/types.go

@@ -523,14 +523,13 @@ type OscImage struct {
 type OscVolume struct {
 	// The volume name.
 	Name string `json:"name,omitempty"`
-	// The volume device (/dev/sdX)
+	// The volume device (/dev/xvdX)
 	// +kubebuilder:validation:Required
 	Device string `json:"device"`
 	// The volume iops (io1 volumes only)
 	Iops int32 `json:"iops,omitempty"`
 	// The volume size in gibibytes (GiB)
-	// +kubebuilder:validation:Required
-	Size int32 `json:"size"`
+	Size int32 `json:"size,omitempty"`
 	// (unused)
 	SubregionName string `json:"subregionName,omitempty"`
 	// The volume type (io1, gp2 or standard)

capm.yaml

@@ -10,7 +10,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: cluster-api-provider-outscale-system/cluster-api-provider-outscale-serving-cert
-    controller-gen.kubebuilder.io/version: v0.19.1-0.20250924093817-1d67470bef32
+    controller-gen.kubebuilder.io/version: v0.19.1-0.20251023132335-bf7d6b742e6a
   labels:
     cluster.x-k8s.io/v1alpha3: v1alpha3
     cluster.x-k8s.io/v1beta1: v1beta1
@@ -879,7 +879,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: cluster-api-provider-outscale-system/cluster-api-provider-outscale-serving-cert
-    controller-gen.kubebuilder.io/version: v0.19.1-0.20250924093817-1d67470bef32
+    controller-gen.kubebuilder.io/version: v0.19.1-0.20251023132335-bf7d6b742e6a
   labels:
     cluster.x-k8s.io/v1alpha3: v1alpha3
     cluster.x-k8s.io/v1beta1: v1beta1
@@ -1588,7 +1588,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: cluster-api-provider-outscale-system/cluster-api-provider-outscale-serving-cert
-    controller-gen.kubebuilder.io/version: v0.19.1-0.20250924093817-1d67470bef32
+    controller-gen.kubebuilder.io/version: v0.19.1-0.20251023132335-bf7d6b742e6a
   labels:
     cluster.x-k8s.io/v1alpha3: v1alpha3
     cluster.x-k8s.io/v1beta1: v1beta1
@@ -1789,7 +1789,7 @@ spec:
                     items:
                       properties:
                         device:
-                          description: The volume device (/dev/sdX)
+                          description: The volume device (/dev/xvdX)
                           type: string
                         fromSnapshot:
                           description: The id of a snapshot to use as a volume source.
@@ -1816,7 +1816,6 @@ spec:
                           type: string
                       required:
                       - device
-                      - size
                       type: object
                     type: array
                 type: object
@@ -1994,7 +1993,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.19.1-0.20250924093817-1d67470bef32
+    controller-gen.kubebuilder.io/version: v0.19.1-0.20251023132335-bf7d6b742e6a
   labels:
     cluster.x-k8s.io/v1alpha3: v1alpha3
     cluster.x-k8s.io/v1beta1: v1beta1
@@ -2226,7 +2225,7 @@ spec:
                             items:
                               properties:
                                 device:
-                                  description: The volume device (/dev/sdX)
+                                  description: The volume device (/dev/xvdX)
                                   type: string
                                 fromSnapshot:
                                   description: The id of a snapshot to use as a volume
@@ -2254,7 +2253,6 @@ spec:
                                   type: string
                               required:
                               - device
-                              - size
                               type: object
                             type: array
                         type: object

cloud/services/compute/vm.go

@@ -69,11 +69,13 @@ func (s *Service) CreateVm(ctx context.Context,
 	for _, vol := range volumes {
 		bsuVol := osc.BlockDeviceMappingVmCreation{
 			Bsu: &osc.BsuToCreate{
-				VolumeSize: &vol.Size,
 				VolumeType: &vol.VolumeType,
 			},
 			DeviceName: &vol.Device,
 		}
+		if vol.Size > 0 {
+			bsuVol.Bsu.VolumeSize = &vol.Size
+		}
 		if vol.VolumeType == "io1" {
 			bsuVol.Bsu.Iops = &vol.Iops
 		}

config/crd/bases/infrastructure.cluster.x-k8s.io_oscclusters.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.19.1-0.20250924093817-1d67470bef32
+    controller-gen.kubebuilder.io/version: v0.19.1-0.20251023132335-bf7d6b742e6a
   name: oscclusters.infrastructure.cluster.x-k8s.io
 spec:
   group: infrastructure.cluster.x-k8s.io

config/crd/bases/infrastructure.cluster.x-k8s.io_oscclustertemplates.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.19.1-0.20250924093817-1d67470bef32
+    controller-gen.kubebuilder.io/version: v0.19.1-0.20251023132335-bf7d6b742e6a
   name: oscclustertemplates.infrastructure.cluster.x-k8s.io
 spec:
   group: infrastructure.cluster.x-k8s.io

config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachines.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.19.1-0.20250924093817-1d67470bef32
+    controller-gen.kubebuilder.io/version: v0.19.1-0.20251023132335-bf7d6b742e6a
   name: oscmachines.infrastructure.cluster.x-k8s.io
 spec:
   group: infrastructure.cluster.x-k8s.io
@@ -191,7 +191,7 @@ spec:
                     items:
                       properties:
                         device:
-                          description: The volume device (/dev/sdX)
+                          description: The volume device (/dev/xvdX)
                           type: string
                         fromSnapshot:
                           description: The id of a snapshot to use as a volume source.
@@ -218,7 +218,6 @@ spec:
                           type: string
                       required:
                       - device
-                      - size
                       type: object
                     type: array
                 type: object

config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachinetemplates.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.19.1-0.20250924093817-1d67470bef32
+    controller-gen.kubebuilder.io/version: v0.19.1-0.20251023132335-bf7d6b742e6a
   name: oscmachinetemplates.infrastructure.cluster.x-k8s.io
 spec:
   group: infrastructure.cluster.x-k8s.io
@@ -232,7 +232,7 @@ spec:
                             items:
                               properties:
                                 device:
-                                  description: The volume device (/dev/sdX)
+                                  description: The volume device (/dev/xvdX)
                                   type: string
                                 fromSnapshot:
                                   description: The id of a snapshot to use as a volume
@@ -260,7 +260,6 @@ spec:
                                   type: string
                               required:
                               - device
-                              - size
                               type: object
                             type: array
                         type: object

controllers/osccluster_netpeering.go

@@ -74,7 +74,7 @@ func (r *OscClusterReconciler) reconcileNetPeering(ctx context.Context, clusterS
 			return reconcile.Result{}, fmt.Errorf("cannot get mgmt credentials: %w", err)
 		}
 		mgmtSvc := r.Cloud.NetPeering(mgmt)
-		log.V(2).Info("Accepting netPeering")
+		log.V(2).Info("Accepting netPeering", "netPeeringId", np.GetNetPeeringId())
 		err = mgmtSvc.AcceptNetPeering(ctx, np.GetNetPeeringId())
 		if err != nil {
 			return reconcile.Result{}, fmt.Errorf("cannot accept netPeering: %w", err)
@@ -109,7 +109,7 @@ func (r *OscClusterReconciler) reconcileDeleteNetPeering(ctx context.Context, cl
 		if np.State.GetName() != "pending-acceptance" && np.State.GetName() != "active" {
 			continue
 		}
-		log.V(2).Info("Deleting netPeering", "subnetId", np.GetNetPeeringId())
+		log.V(2).Info("Deleting netPeering", "netPeeringId", np.GetNetPeeringId())
 		err = svc.DeleteNetPeering(ctx, np.GetNetPeeringId())
 		if err != nil {
 			return reconcile.Result{}, fmt.Errorf("cannot delete netPeering: %w", err)

docs/src/SUMMARY.md

@@ -8,7 +8,7 @@
     - [Multi AZ clusters](./topics/config-multiaz.md)
     - [Securing cluster access](./topics/config-security.md)
     - [Air-gapped clusters](./topics/config-airgap.md)
-    - [Omi](./topics/omi.md)
+    - [Preloading images](./topics/preload.md)
     - [Troubleshooting](./topics/troubleshooting.md)
     - [Cluster-Autoscaler](./topics/cluster-autoscaler.md)
     - [How to upgrade](./topics/upgrade-cluster.md)

docs/src/topics/config-airgap.md

@@ -65,9 +65,9 @@ network:
 
 TBD
 
-## Pre-loaded images
+## Preloaded images
 
-TBD
+See [Preloading images](preload.md).
 
 ## Outscale API access
 

docs/src/topics/config-nodes.md

@@ -28,28 +28,40 @@ In your `OscMachineTemplate` spec, add the list of required volumes:
     vm: [...]
     volumes:
     - name: data
-      device: /dev/sdb
+      device: /dev/xvdb
       iops: 500
       size: 50
       volumeType: io1
     - name: logs
-      device: /dev/sdc
+      device: /dev/xvdc
       iops: 500
       size: 10
       volumeType: io1
 [...]
 ```
 
+> New volumes are unformatted. You will need to partition, format and mount them during cloud-init.
+
 A snapshot can be used as a volume source:
 ```yaml
     - name: images
-      device: /dev/sdd
-      size: 5
-      volumeType: gp2
+      device: /dev/xvdd
       fromSnapshot: snap-xxx
 ```
 
-> Volumes not created from a snapshot are unformatted. You will need to format newly created volumes during cloud-init.
+> By default, the size of the snapshot is used for the new volume.
+
+You will need to mount snapshot-based volumes during cloud-init. In `KubeadmConfigTemplate`/`KubeadmControlPlane` resources:
+```yaml
+  spec:
+    joinConfiguration:
+      [...]
+    mounts:
+      - - xvdd
+        - /mnt/example
+        - ext4
+        - auto,exec,ro
+```
 
 ## OscMachineTemplate configuration
 
@@ -88,13 +100,14 @@ Outscale Open-Source images are published on the `eu-west-2`, `us-east-2` and `c
 
 `volumes` is a list of additional volumes.
 
-| Name |  Required | Description
-| --- | --- | ---
-| `name` | false |  The volume name
-| `device` | true |  The volume device (`/dev/sdX`)
-| `size` | true |  The volume size
-| `volumeType` | true |  The volume type (`io1`, `gp2` or `standard`)
-| `iops` | false |  The volume iops (only for the `io1` type)
+| Name | Default | Required | Description
+| --- | --- | --- | ---
+| `name` | n/a | false |  The volume name
+| `device` | n/a | true |  The volume device (`/dev/xvdX`)
+| `size` | n/a | false |  The volume size (required unless the source is a snapshot; if not set, the snapshot size is used)
+| `volumeType` | `standard` | false |  The volume type (`io1`, `gp2` or `standard`)
+| `iops` | n/a | false |  The volume iops (only for the `io1` type)
+| `fromSnapshot` | n/a | false |  The ID of the source snapshot
 
 ### Subnet & security group selection