Merge branch 'main' into bug/keda-destroy-fails-without-irsa

bin/main.ts

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 import * as cdk from 'aws-cdk-lib';
-import BlueprintIPV6Construct from '../examples/blueprint-ipv6-construct';
+//import BlueprintIPV6Construct from '../examples/blueprint-ipv6-construct';
 import BlueprintIPv4Construct from "../examples/blueprint-ipv4-construct";
 
 const app = new cdk.App();

examples/blueprint-construct/index.ts

@@ -5,7 +5,6 @@ import * as iam from 'aws-cdk-lib/aws-iam';
 import * as kms from 'aws-cdk-lib/aws-kms';
 import { Construct } from "constructs";
 import * as blueprints from '../../lib';
-import { logger, userLog } from '../../lib/utils';
 import * as team from '../teams';
 import { CfnWorkspace } from 'aws-cdk-lib/aws-aps';
 import {
@@ -46,8 +45,6 @@ export default class BlueprintConstruct {
 
         blueprints.HelmAddOn.validateHelmVersions = true;
         blueprints.HelmAddOn.failOnVersionValidation = false;
-        logger.settings.minLevel = 3; // info
-        userLog.settings.minLevel = 2; // debug
 
         this.teams = [
             new team.TeamTroi,
@@ -166,10 +163,10 @@ export default class BlueprintConstruct {
                 serviceName: blueprints.AckServiceName.S3
             }),
             new blueprints.addons.KarpenterAddOn({
-                version: "v0.37.5",
                 nodePoolSpec: this.nodePoolSpec,
                 ec2NodeClassSpec: this.nodeClassSpec,
                 interruptionHandling: true,
+                installCRDs: false
             }),
             new blueprints.addons.AwsNodeTerminationHandlerAddOn(),
             new blueprints.addons.KubeviousAddOn(),
@@ -322,7 +319,7 @@ export default class BlueprintConstruct {
 
 export function getClusterProvider(managedNodeGroups: ManagedNodeGroup[]){
     return new blueprints.GenericClusterProvider({
-        version: KubernetesVersion.V1_29,
+        version: KubernetesVersion.V1_30,
         tags: {
             "Name": "blueprints-example-cluster",
             "Type": "generic-cluster"

lib/addons/adot/index.ts

@@ -8,6 +8,7 @@ import { getAdotCollectorPolicyDocument } from "./iam-policy";
 import { KubernetesVersion } from "aws-cdk-lib/aws-eks";
 
 const versionMap: Map<KubernetesVersion, string> = new Map([
+    // 1.31 not supported for adot as of 10/20/2024
     [KubernetesVersion.V1_30, "v0.102.1-eksbuild.1"],
     [KubernetesVersion.V1_29, "v0.102.1-eksbuild.1"],
     [KubernetesVersion.V1_28, "v0.102.1-eksbuild.1"],

lib/addons/apache-airflow/index.ts

@@ -204,7 +204,7 @@ function setUpLoadBalancer(clusterInfo: ClusterInfo, values: Values, albAddOnChe
 /**
  * Helper function to set up Logging with S3 Bucket
 */
-function setUpLogging(clusterInfo: ClusterInfo, values: Values, ns: KubernetesManifest, namespace: string, bucket: IBucket): Values {
+function setUpLogging(clusterInfo: ClusterInfo, values: Values, ns: Construct, namespace: string, bucket: IBucket): Values {
 
     // Assert check to ensure you provide an S3 Bucket
     assert(bucket, "Please provide the name of S3 bucket for Logging.");
@@ -275,7 +275,7 @@ function setUpLogging(clusterInfo: ClusterInfo, values: Values, ns: KubernetesMa
 /**
  * 
  */
-function setUpEFS(clusterInfo: ClusterInfo, values: Values, ns: KubernetesManifest, namespace: string, efsResourceName: string): [Values, KubernetesManifest] {
+function setUpEFS(clusterInfo: ClusterInfo, values: Values, ns: Construct, namespace: string, efsResourceName: string): [Values, KubernetesManifest] {
     // Check 
     const efsAddOnCheck = clusterInfo.getScheduledAddOn(EfsCsiDriverAddOn.name);
     assert(efsAddOnCheck, `Missing a dependency: ${EfsCsiDriverAddOn.name}. Please add it to your list of addons.`); 

lib/addons/cloud-watch-insights/index.ts

@@ -6,14 +6,15 @@ import {CoreAddOn, CoreAddOnProps} from "../core-addon";
 import {ebsCollectorPolicy} from "./iam-policy";
 import {KubernetesVersion} from "aws-cdk-lib/aws-eks";
 
-// Can be easily retrived from the aws cli with:
+// Can be easily retrieved from the aws cli with:
 // aws eks describe-addon-versions --kubernetes-version <kubernetes-version> --addon-name amazon-cloudwatch-observability \
 //     --query 'addons[].addonVersions[].{Version: addonVersion, Defaultversion: compatibilities[0].defaultVersion}' --output table
 const versionMap: Map<KubernetesVersion, string> = new Map([
-  [KubernetesVersion.V1_30, "v2.1.3-eksbuild.1"],
-  [KubernetesVersion.V1_29, "v2.1.3-eksbuild.1"],
-  [KubernetesVersion.V1_28, "v2.1.3-eksbuild.1"],
-  [KubernetesVersion.V1_27, "v2.1.3-eksbuild.1"]
+    [KubernetesVersion.V1_31, "v2.1.3-eksbuild.1"],
+    [KubernetesVersion.V1_30, "v2.1.3-eksbuild.1"],
+    [KubernetesVersion.V1_29, "v2.1.3-eksbuild.1"],
+    [KubernetesVersion.V1_28, "v2.1.3-eksbuild.1"],
+    [KubernetesVersion.V1_27, "v2.1.3-eksbuild.1"]
 ]);
 
 

lib/addons/karpenter/index.ts

@@ -16,6 +16,7 @@ import { KarpenterControllerPolicy, KarpenterControllerPolicyBeta } from './iam'
 
 class versionMap {
     private static readonly versionMap: Map<string, string> = new Map([
+        [KubernetesVersion.V1_31.version, '0.37.5'],
         [KubernetesVersion.V1_30.version, '0.37.5'],
         [KubernetesVersion.V1_29.version, '0.34.0'],
         [KubernetesVersion.V1_28.version, '0.31.0'],
@@ -299,8 +300,8 @@ const RELEASE = 'blueprints-addon-karpenter';
  */
 const defaultProps: HelmAddOnProps = {
     name: KARPENTER,
-    namespace: KARPENTER,
-    version: 'v0.37.5',
+    namespace: "kube-system",
+    version: '1.0.6',
     chart: KARPENTER,
     release: KARPENTER,
     repository: 'oci://public.ecr.aws/karpenter/karpenter',
@@ -359,7 +360,7 @@ export class KarpenterAddOn extends HelmAddOn {
         const amiFamily = this.options.ec2NodeClassSpec?.amiFamily;
         const amiSelector = this.options.ec2NodeClassSpec?.amiSelector || {};
         const amiSelectorTerms = this.options.ec2NodeClassSpec?.amiSelectorTerms;
-        const instanceStorePolicy = this.options.ec2NodeClassSpec?.instanceStorePolicy || null;
+        const instanceStorePolicy = this.options.ec2NodeClassSpec?.instanceStorePolicy || undefined;
         const userData = this.options.ec2NodeClassSpec?.userData || "";
         const instanceProf = this.options.ec2NodeClassSpec?.instanceProfile;
         const tags = this.options.ec2NodeClassSpec?.tags || {};
@@ -630,7 +631,7 @@ export class KarpenterAddOn extends HelmAddOn {
                     }
 
                     // Instance Store Policy added for v0.34.0 and up
-                    if (semver.gte(version, '0.34.0')){
+                    if (semver.gte(version, '0.34.0') && instanceStorePolicy){
                         ec2Node = merge(ec2Node, { spec: { instanceStorePolicy: instanceStorePolicy }});
                     }
                 } else {

lib/addons/velero/index.ts

@@ -150,7 +150,7 @@ export class VeleroAddOn extends HelmAddOn {
      * @param namespace
      * @returns the namespace created or existed.
      */
-    protected createNamespaceIfNeeded(clusterInfo: ClusterInfo, defaultName: string, namespace: string, create: boolean): {name: string, manifest?: KubernetesManifest} {
+    protected createNamespaceIfNeeded(clusterInfo: ClusterInfo, defaultName: string, namespace: string, create: boolean): {name: string, manifest?: Construct} {
         // Create Namespace if namespace is not explicied defined.
         if (namespace){
             // Create Namespace if the "create" option is true

lib/cluster-providers/generic-cluster-provider.ts

@@ -1,12 +1,11 @@
 
-import { KubectlV23Layer } from "@aws-cdk/lambda-layer-kubectl-v23";
-import { KubectlV24Layer } from "@aws-cdk/lambda-layer-kubectl-v24";
 import { KubectlV25Layer } from "@aws-cdk/lambda-layer-kubectl-v25";
 import { KubectlV26Layer } from "@aws-cdk/lambda-layer-kubectl-v26";
 import { KubectlV27Layer } from "@aws-cdk/lambda-layer-kubectl-v27";
 import { KubectlV28Layer } from "@aws-cdk/lambda-layer-kubectl-v28";
 import { KubectlV29Layer } from "@aws-cdk/lambda-layer-kubectl-v29";
 import { KubectlV30Layer } from "@aws-cdk/lambda-layer-kubectl-v30";
+import { KubectlV31Layer } from "@aws-cdk/lambda-layer-kubectl-v31";
 
 import { Tags } from "aws-cdk-lib";
 import * as autoscaling from 'aws-cdk-lib/aws-autoscaling';
@@ -34,10 +33,6 @@ export function clusterBuilder() {
  */
 export function selectKubectlLayer(scope: Construct, version: eks.KubernetesVersion): ILayerVersion | undefined {
     switch(version.version) {
-        case "1.23":
-            return new KubectlV23Layer(scope, "kubectllayer23");
-        case "1.24":
-            return new KubectlV24Layer(scope, "kubectllayer24");
         case "1.25":
             return new KubectlV25Layer(scope, "kubectllayer25");
         case "1.26":
@@ -50,13 +45,15 @@ export function selectKubectlLayer(scope: Construct, version: eks.KubernetesVers
             return new KubectlV29Layer(scope, "kubectllayer29");
         case "1.30":
             return new KubectlV30Layer(scope, "kubectllayer30");
+        case "1.31":
+            return new KubectlV31Layer(scope, "kubectllayer30");
 
     }
 
     const minor = version.version.split('.')[1];
 
-    if(minor && parseInt(minor, 10) > 30) {
-        return new KubectlV30Layer(scope, "kubectllayer30"); // for all versions above 1.30 use 1.30 kubectl (unless explicitly supported in CDK)
+    if(minor && parseInt(minor, 10) > 31) {
+        return new KubectlV30Layer(scope, "kubectllayer31"); // for all versions above 1.30 use 1.30 kubectl (unless explicitly supported in CDK)
     }
     return undefined;
 }

lib/stacks/eks-blueprint-construct.ts

@@ -14,7 +14,7 @@ import { ArgoGitOpsFactory } from "../addons/argocd/argo-gitops-factory";
 
 import * as eks from "aws-cdk-lib/aws-eks";
 /* Default K8s version of EKS Blueprints */
-export const DEFAULT_VERSION = KubernetesVersion.V1_29;
+export const DEFAULT_VERSION = KubernetesVersion.V1_30;
 
 /**
  *  Exporting control plane log type so that customers don't have to import CDK EKS module for blueprint configuration.

lib/utils/log-utils.ts

@@ -7,7 +7,8 @@ export const userLog = new Logger({
     stylePrettyLogs: true,
     name: "user",
     hideLogPositionForProduction: true,
-    prettyLogTemplate: "{{logLevelName}} "
+    prettyLogTemplate: "{{logLevelName}} ",
+    minLevel: 2 // info
 });
 
 /**
@@ -17,5 +18,5 @@ export const logger = new Logger({
     stylePrettyLogs: true,
     type: "pretty",
     name: "main",
-    minLevel: 4 // info 
+    minLevel: 3 // info 
 });

lib/utils/namespace-utils.ts

@@ -12,6 +12,9 @@ import { Values } from "../spi";
   * @returns KubernetesManifest
   */
 export function createNamespace(name: string, cluster: eks.ICluster, overwrite?: boolean, prune?: boolean, annotations?: Values, labels? : Values) {
+    if(name === "kube-system") {
+        return cluster.clusterSecurityGroup; // a construct that is populated for the cluster l
+    }
     return new KubernetesManifest(cluster.stack, `${name}-namespace-struct`, {
         cluster: cluster,
         manifest: [{

package.json

@@ -41,6 +41,7 @@
         "@aws-cdk/lambda-layer-kubectl-v28": "^2.2.0",
         "@aws-cdk/lambda-layer-kubectl-v29": "^2.1.0",
         "@aws-cdk/lambda-layer-kubectl-v30": "^2.0.0",
+        "@aws-cdk/lambda-layer-kubectl-v31": "^2.0.0",
         "@aws-sdk/client-eks": "^3.529.1",
         "@aws-sdk/client-secrets-manager": "^3.529.1",
         "@types/assert": "^1.5.10",