AUTOSCALE-583: add karpenter-operator enhancement proposal

[maxcao13]

Enhancement proposal for adding karpenter-operator as a CVO-managed ClusterOperator in the OCP payload, starting with AWS under the DevPreviewNoUpgrade feature set (via manifest annotations).

What this proposes

The operator deploys karpenter-provider-aws on standalone OCP, discovers infrastructure from existing worker MachineSets (networking, AMI, userData), and handles node lifecycle (MachineConfigPool for OS config, CSR approval for node identity). It reports health via standard ClusterOperator conditions.
The design uses a CloudProvider interface so the same operator binary can later support Azure/CAPI providers and the Hypershift topology (where the current CPO-embedded karpenter-operator would converge onto this standalone binary).

Key areas for reviewer attention

• Payload images: karpenter-operator (this repo) and aws-karpenter-provider-aws (operand)
• Infrastructure discovery strategy (MachineSet providerSpec extraction vs. naming conventions)
• Hypershift convergence plan (standalone-first, sidecar adapter pattern for HCP-specific controllers)
• Feature set scoping (DevPreviewNoUpgrade manifest annotations only, no upgrade/downgrade guarantees)

Related

• Repo: https://github.com/openshift/karpenter-operator
• Epic: AUTOSCALE-693 (Dev Preview implementation)
• Epic: AUTOSCALE-583 (repo/CI/ART setup)
• Epic: AUTOSCALE-522 (Hypershift extraction)
• OCPSTRAT: https://redhat.atlassian.net/browse/OCPSTRAT-3096

Aided using cursor agent w/ Claude Opus 4.6.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[openshift-ci-robot]

@maxcao13: This pull request references AUTOSCALE-583 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the epic to target the "5.0.0" version, but no target version was set.

Details

In response to this:

WIP

CVO-managed operator to deploy Karpenter on OpenShift, starting with AWS behind the Karpenter DevPreviewNoUpgrade feature gate.

Covers payload images (karpenter-operator, aws-karpenter-provider-aws), default EC2NodeClass from worker MachineSets, machine approver for Karpenter-provisioned nodes, and the Hypershift convergence plan to replace the existing CPO-embedded karpenter-operator with this standalone binary.

Aided using cursor agent w/ Claude Opus 4.6.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign bparees for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@maxcao13: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/markdownlint	37afca3	link	true	/test markdownlint

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.