Skip to content

feat: Add RKE2 support with out-of-band peering #3139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Jesssullivan wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: Add RKE2 support with out-of-band peering #3139

Jesssullivan wants to merge 1 commit into from

Conversation

@Jesssullivan
Copy link

@Jesssullivan Jesssullivan commented Oct 24, 2025
edited
Loading

HI there!

Long time lurker and Liqo user.

Closes: #1092
Related: #1626, #2925, #3048

Implements full RKE2 (Rancher Kubernetes Engine 2) support for Liqo, addressing the long-standing feature request from issue #1092, specifically for modern RKE2 / Rancher installations.

Fixes #1092

Build & Compilation.

  • initial testing on macOS Darwin 24.6.0 with Go 1.21+, testing with bare metal RKE2 + DOKS underway.

  • Binary compilation: make ctl

  • Static analysis: go vet ./pkg/liqoctl/install/rke2/...

  • Static analysis: go vet ./pkg/utils/foreigncluster/...

    Unit Tests

    • ForeignCluster getters: All 10 unit tests passing
      (pkg/utils/foreigncluster/getters_test.go)
      • Label-based lookup (O(1) with index)
      • Name-based lookup for out-of-band peering (O(1))
      • Exhaustive search fallback (O(n) with performance warnings, which is expected)
      • Multiple ForeignClusters with same label (returns older by timestamp)
      • Edge cases (empty clusterID, mismatched spec.ClusterID)

    Integration Tests

    • Provider registration: liqoctl install --help lists RKE2
    • Help documentation: liqoctl install rke2 --help shows usage
      and examples
    • Default values: RKE2 defaults applied
      • Pod CIDR: 10.42.0.0/16
      • Service CIDR: 10.43.0.0/16
      • Provider label: liqo.io/provider: rke2
      • nftables: nftablesMonitor: false
    • Values generation: liqoctl install rke2 --only-output-values produces YAML
    • Custom parameters: API server URL, cluster ID, and CIDRs override
    • API server sanity checks: Disabled for RKE2's non-standard port 9345

feat: Add comprehensive RKE2 support with out-of-band peering
c65020f 
Implements full RKE2 (Rancher Kubernetes Engine 2) support for Liqo,
addressing the long-standing feature request from issue liqotech#1092.

Changes include:

1. RKE2 Install Provider
   - New liqoctl install rke2 command with RKE2-specific defaults
   - Pod CIDR: 10.42.0.0/16, Service CIDR: 10.43.0.0/16
   - DisableAPIServerSanityChecks for non-standard port 9345
   - nftablesMonitor: false to prevent conflicts

2. Out-of-Band Peering Support (liqotech#1626)
   - Three-tier ForeignCluster lookup strategy:
     * O(1) label-based (standard liqoctl peer)
     * O(1) name-based (GitOps/manual creation)
     * O(n) exhaustive search (fallback with performance warnings)
   - Enables declarative peering for restricted networks
   - Comprehensive unit test suite (10 tests, all passing)

3. Documentation
   - Added RKE2 to compatibility matrix (🟢 status)
   - Complete installation guide in install.md
   - Out-of-band peering workflow in rke2-oob-peering.md
   - DRY approach matching Liqo documentation style

4. E2E Testing Infrastructure
   - KubeVirt-based VM provisioning
   - rke2-ansible integration
   - 3-node cluster topology
   - GitHub Actions compatible

Fixes:
- GetOlderForeignCluster nil pointer check
- Unit test timestamp calculation

Closes: liqotech#1092
Related: liqotech#1626, liqotech#2925, liqotech#3048

Change-Id: I$(git hash-object -t commit --stdin </dev/null | cut -c1-40)
@adamjensenbot
Copy link
Collaborator

adamjensenbot commented Oct 24, 2025

Hi @Jesssullivan. Thanks for your PR!

I am @adamjensenbot.
You can interact with me issuing a slash command in the first line of a comment.
Currently, I understand the following commands:

  • /rebase: Rebase this PR onto the master branch (You can add the option test=true to launch the tests
    when the rebase operation is completed)
  • /merge: Merge this PR into the master branch
  • /build Build Liqo components
  • /test Launch the E2E and Unit tests
  • /hold, /unhold Add/remove the hold label to prevent merging with /merge

Make sure this PR appears in the liqo changelog, adding one of the following labels:

  • feat: 🚀 New Feature
  • fix: 🐛 Bug Fix
  • refactor: 🧹 Code Refactoring
  • docs: 📝 Documentation
  • style: 💄 Code Style
  • perf: 🐎 Performance Improvement
  • test: ✅ Tests
  • chore: 🚚 Dependencies Management
  • build: 📦 Builds Management
  • ci: 👷 CI/CD
  • revert: ⏪ Reverts Previous Changes

@github-actions github-actions bot added the feat Adds a new feature to the codebase label Oct 24, 2025
@Jesssullivan
Copy link
Author

Jesssullivan commented Dec 16, 2025

Keen to get involved in further discussion here; are there regular meetings / IRC I can sync up on? I am hoping to tackle 2166 as well.

@frisso
Copy link
Member

frisso commented Dec 17, 2025

Hello @Jesssullivan
Yes, we have periodic public confcalls, on some Monday evening (Rome time).
The next is planned for January, no precise date yet.
The date is announced on the community meeting channel on Slack, and published online here https://github.com/liqotech/liqo-community/blob/main/meetings/README.md

Honestly, we all agree that we can do much better to advertise these events. This is definitely on our TODO list.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

feat Adds a new feature to the codebase size/XXL

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature] Rancher RKE support

3 participants

@Jesssullivan @adamjensenbot @frisso