Integrate d2k into kubesolo

[stevensbkang]

No description provided.

[linear]

KS-59

[Copilot]

Pull request overview

This PR adds an optional integration to deploy Portainer d2k (Docker-to-Kubernetes API translator) as part of KubeSolo, exposing a Docker-compatible mTLS endpoint on port 2376, along with certificate generation, image handling, and operator-facing connection instructions/files.

Changes:

• Introduces --d2k / --d2k-namespace flags and wires them into startup/bootstrap configuration.
• Adds PKI support to mint d2k server/client certs signed by the existing KubeSolo CA, and persists connection details to disk.
• Adds d2k component reconciliation (Namespace/RBAC/Secret/Deployment/Service) and ensures the d2k image is imported/pulled when enabled.

Reviewed changes

Copilot reviewed 29 out of 29 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
types/types.go	Adds d2k-related config fields and certificate path struct.
types/const.go	Adds defaults for d2k image/port/dir.
README.md	Documents new CLI flags for d2k.
pkg/runtime/containerd/service.go	Plumbs d2k image file + enablement state into containerd service.
pkg/runtime/containerd/image.go	Imports/pulls d2k image when d2k is enabled.
pkg/runtime/containerd/executor.go	Passes d2k enablement to image import step.
pkg/kubernetes/webhook/loadbalancer.go	Import order adjustment.
pkg/components/d2k/d2k.go	Implements top-level d2k deployment orchestration and shared labels/constants.
pkg/components/d2k/namespace.go	Creates target namespace if missing.
pkg/components/d2k/rbac.go	Adds ServiceAccount/Role/RoleBinding + node-reader ClusterRole/Binding.
pkg/components/d2k/secret.go	Syncs server TLS material into a kubernetes.io/tls Secret.
pkg/components/d2k/deployment.go	Reconciles the d2k Deployment (env, TLS mount, resources).
pkg/components/d2k/service.go	Reconciles a LoadBalancer Service exposing port 2376.
pkg/components/d2k/endpoint.go	Waits for LB ingress IP and writes connection.env/connection.txt + symlinks.
internal/core/pki/types.go	Adds new certificate types for d2k server/client.
internal/core/pki/pki.go	Conditionally generates d2k certificates when enabled.
internal/core/pki/options.go	Adds SANs/options for d2k server/client certs.
internal/core/embedded/load.go	Includes d2k image in embedded image loading pipeline.
internal/core/embedded/embedded_images_online.go	Declares d2k image placeholder for online builds.
internal/core/embedded/embedded_images_offline.go	Notes arch-specific embedding for offline d2k image.
internal/core/embedded/embedded_images_offline_riscv64.go	Notes unsupported-arch handling for offline d2k image embed.
internal/core/embedded/embedded_d2k_offline_supported.go	Embeds d2k.tar.gz for offline amd64/arm64 builds.
internal/core/embedded/embedded_d2k_offline_unsupported.go	Declares empty d2k image for offline unsupported arches.
internal/config/flags/flags.go	Adds --d2k and --d2k-namespace flags.
cmd/kubesolo/main.go	Deploys d2k when enabled; starts endpoint persistence goroutine; bootstraps d2k paths.
install.sh	Adds installer args/env passthrough for d2k flags.
docs/installation/flags.md	Documents --d2k and --d2k-namespace.
docs/configuration/d2k.md	Adds full d2k configuration/usage guide.
build/download-deps.sh	Downloads/embeds d2k image for offline builds on supported arches.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 29 out of 29 changed files in this pull request and generated 3 comments.