From eea90475b104e2f56a72519502b21bdeef0378b9 Mon Sep 17 00:00:00 2001 From: shapirov Date: Mon, 21 Oct 2024 18:07:22 -0400 Subject: [PATCH 1/6] Added support for 1.31 and default EKS/k8s version is set to 1.30 --- examples/blueprint-construct/index.ts | 2 +- lib/cluster-providers/generic-cluster-provider.ts | 13 +++++-------- lib/stacks/eks-blueprint-construct.ts | 2 +- package.json | 1 + 4 files changed, 8 insertions(+), 10 deletions(-) diff --git a/examples/blueprint-construct/index.ts b/examples/blueprint-construct/index.ts index c3518fea1..65f10b1de 100644 --- a/examples/blueprint-construct/index.ts +++ b/examples/blueprint-construct/index.ts @@ -322,7 +322,7 @@ export default class BlueprintConstruct { export function getClusterProvider(managedNodeGroups: ManagedNodeGroup[]){ return new blueprints.GenericClusterProvider({ - version: KubernetesVersion.V1_29, + version: KubernetesVersion.V1_30, tags: { "Name": "blueprints-example-cluster", "Type": "generic-cluster" diff --git a/lib/cluster-providers/generic-cluster-provider.ts b/lib/cluster-providers/generic-cluster-provider.ts index 29b64045c..204b73ca3 100644 --- a/lib/cluster-providers/generic-cluster-provider.ts +++ b/lib/cluster-providers/generic-cluster-provider.ts @@ -1,12 +1,11 @@ -import { KubectlV23Layer } from "@aws-cdk/lambda-layer-kubectl-v23"; -import { KubectlV24Layer } from "@aws-cdk/lambda-layer-kubectl-v24"; import { KubectlV25Layer } from "@aws-cdk/lambda-layer-kubectl-v25"; import { KubectlV26Layer } from "@aws-cdk/lambda-layer-kubectl-v26"; import { KubectlV27Layer } from "@aws-cdk/lambda-layer-kubectl-v27"; import { KubectlV28Layer } from "@aws-cdk/lambda-layer-kubectl-v28"; import { KubectlV29Layer } from "@aws-cdk/lambda-layer-kubectl-v29"; import { KubectlV30Layer } from "@aws-cdk/lambda-layer-kubectl-v30"; +import { KubectlV31Layer } from "@aws-cdk/lambda-layer-kubectl-v31"; import { Tags } from "aws-cdk-lib"; import * as autoscaling from 'aws-cdk-lib/aws-autoscaling'; @@ -34,10 +33,6 @@ export function clusterBuilder() { */ export function selectKubectlLayer(scope: Construct, version: eks.KubernetesVersion): ILayerVersion | undefined { switch(version.version) { - case "1.23": - return new KubectlV23Layer(scope, "kubectllayer23"); - case "1.24": - return new KubectlV24Layer(scope, "kubectllayer24"); case "1.25": return new KubectlV25Layer(scope, "kubectllayer25"); case "1.26": @@ -50,13 +45,15 @@ export function selectKubectlLayer(scope: Construct, version: eks.KubernetesVers return new KubectlV29Layer(scope, "kubectllayer29"); case "1.30": return new KubectlV30Layer(scope, "kubectllayer30"); + case "1.31": + return new KubectlV31Layer(scope, "kubectllayer30"); } const minor = version.version.split('.')[1]; - if(minor && parseInt(minor, 10) > 30) { - return new KubectlV30Layer(scope, "kubectllayer30"); // for all versions above 1.30 use 1.30 kubectl (unless explicitly supported in CDK) + if(minor && parseInt(minor, 10) > 31) { + return new KubectlV30Layer(scope, "kubectllayer31"); // for all versions above 1.30 use 1.30 kubectl (unless explicitly supported in CDK) } return undefined; } diff --git a/lib/stacks/eks-blueprint-construct.ts b/lib/stacks/eks-blueprint-construct.ts index 3f6c08dab..3f9ad27f5 100644 --- a/lib/stacks/eks-blueprint-construct.ts +++ b/lib/stacks/eks-blueprint-construct.ts @@ -14,7 +14,7 @@ import { ArgoGitOpsFactory } from "../addons/argocd/argo-gitops-factory"; import * as eks from "aws-cdk-lib/aws-eks"; /* Default K8s version of EKS Blueprints */ -export const DEFAULT_VERSION = KubernetesVersion.V1_29; +export const DEFAULT_VERSION = KubernetesVersion.V1_30; /** * Exporting control plane log type so that customers don't have to import CDK EKS module for blueprint configuration. diff --git a/package.json b/package.json index fb3091452..1ffb878f0 100644 --- a/package.json +++ b/package.json @@ -41,6 +41,7 @@ "@aws-cdk/lambda-layer-kubectl-v28": "^2.2.0", "@aws-cdk/lambda-layer-kubectl-v29": "^2.1.0", "@aws-cdk/lambda-layer-kubectl-v30": "^2.0.0", + "@aws-cdk/lambda-layer-kubectl-v31": "^2.0.0", "@aws-sdk/client-eks": "^3.529.1", "@aws-sdk/client-secrets-manager": "^3.529.1", "@types/assert": "^1.5.10", From e940547490f21a57a935553a59b115bb314c139c Mon Sep 17 00:00:00 2001 From: shapirov Date: Mon, 21 Oct 2024 23:24:49 -0400 Subject: [PATCH 2/6] added default log settings to info and debug for system and user log respectively --- examples/blueprint-construct/index.ts | 2 -- lib/utils/log-utils.ts | 5 +++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/examples/blueprint-construct/index.ts b/examples/blueprint-construct/index.ts index 65f10b1de..213d9748f 100644 --- a/examples/blueprint-construct/index.ts +++ b/examples/blueprint-construct/index.ts @@ -46,8 +46,6 @@ export default class BlueprintConstruct { blueprints.HelmAddOn.validateHelmVersions = true; blueprints.HelmAddOn.failOnVersionValidation = false; - logger.settings.minLevel = 3; // info - userLog.settings.minLevel = 2; // debug this.teams = [ new team.TeamTroi, diff --git a/lib/utils/log-utils.ts b/lib/utils/log-utils.ts index e3e4bf1d8..a419cc597 100644 --- a/lib/utils/log-utils.ts +++ b/lib/utils/log-utils.ts @@ -7,7 +7,8 @@ export const userLog = new Logger({ stylePrettyLogs: true, name: "user", hideLogPositionForProduction: true, - prettyLogTemplate: "{{logLevelName}} " + prettyLogTemplate: "{{logLevelName}} ", + minLevel: 2 // info }); /** @@ -17,5 +18,5 @@ export const logger = new Logger({ stylePrettyLogs: true, type: "pretty", name: "main", - minLevel: 4 // info + minLevel: 3 // info }); From c156a54ebd753de39b393cfd9d1e9e38f5b62923 Mon Sep 17 00:00:00 2001 From: shapirov Date: Mon, 21 Oct 2024 23:32:49 -0400 Subject: [PATCH 3/6] added 1.31 default version for cloudwatch addon --- lib/addons/adot/index.ts | 1 + lib/addons/cloud-watch-insights/index.ts | 11 ++++++----- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/lib/addons/adot/index.ts b/lib/addons/adot/index.ts index b72dc72fe..a5ad9c1b8 100644 --- a/lib/addons/adot/index.ts +++ b/lib/addons/adot/index.ts @@ -8,6 +8,7 @@ import { getAdotCollectorPolicyDocument } from "./iam-policy"; import { KubernetesVersion } from "aws-cdk-lib/aws-eks"; const versionMap: Map = new Map([ + // 1.31 not supported for adot as of 10/20/2024 [KubernetesVersion.V1_30, "v0.102.1-eksbuild.1"], [KubernetesVersion.V1_29, "v0.102.1-eksbuild.1"], [KubernetesVersion.V1_28, "v0.102.1-eksbuild.1"], diff --git a/lib/addons/cloud-watch-insights/index.ts b/lib/addons/cloud-watch-insights/index.ts index 9711600a9..16db44b4c 100644 --- a/lib/addons/cloud-watch-insights/index.ts +++ b/lib/addons/cloud-watch-insights/index.ts @@ -6,14 +6,15 @@ import {CoreAddOn, CoreAddOnProps} from "../core-addon"; import {ebsCollectorPolicy} from "./iam-policy"; import {KubernetesVersion} from "aws-cdk-lib/aws-eks"; -// Can be easily retrived from the aws cli with: +// Can be easily retrieved from the aws cli with: // aws eks describe-addon-versions --kubernetes-version --addon-name amazon-cloudwatch-observability \ // --query 'addons[].addonVersions[].{Version: addonVersion, Defaultversion: compatibilities[0].defaultVersion}' --output table const versionMap: Map = new Map([ - [KubernetesVersion.V1_30, "v2.1.3-eksbuild.1"], - [KubernetesVersion.V1_29, "v2.1.3-eksbuild.1"], - [KubernetesVersion.V1_28, "v2.1.3-eksbuild.1"], - [KubernetesVersion.V1_27, "v2.1.3-eksbuild.1"] + [KubernetesVersion.V1_31, "v2.1.3-eksbuild.1"], + [KubernetesVersion.V1_30, "v2.1.3-eksbuild.1"], + [KubernetesVersion.V1_29, "v2.1.3-eksbuild.1"], + [KubernetesVersion.V1_28, "v2.1.3-eksbuild.1"], + [KubernetesVersion.V1_27, "v2.1.3-eksbuild.1"] ]); From 502bba6bf19fcd780ab66a24292720925473198f Mon Sep 17 00:00:00 2001 From: shapirov Date: Tue, 22 Oct 2024 00:07:59 -0400 Subject: [PATCH 4/6] karpenter moved to 0.37.5 --- examples/blueprint-construct/index.ts | 2 +- lib/addons/karpenter/index.ts | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/examples/blueprint-construct/index.ts b/examples/blueprint-construct/index.ts index 213d9748f..a4a4965dc 100644 --- a/examples/blueprint-construct/index.ts +++ b/examples/blueprint-construct/index.ts @@ -164,7 +164,7 @@ export default class BlueprintConstruct { serviceName: blueprints.AckServiceName.S3 }), new blueprints.addons.KarpenterAddOn({ - version: "v0.33.2", + version: "0.37.5", nodePoolSpec: this.nodePoolSpec, ec2NodeClassSpec: this.nodeClassSpec, interruptionHandling: true, diff --git a/lib/addons/karpenter/index.ts b/lib/addons/karpenter/index.ts index acb16b856..0b7a9c9fb 100644 --- a/lib/addons/karpenter/index.ts +++ b/lib/addons/karpenter/index.ts @@ -16,6 +16,7 @@ import { KarpenterControllerPolicy, KarpenterControllerPolicyBeta } from './iam' class versionMap { private static readonly versionMap: Map = new Map([ + [KubernetesVersion.V1_31.version, '0.37.5'], [KubernetesVersion.V1_30.version, '0.37.5'], [KubernetesVersion.V1_29.version, '0.34.0'], [KubernetesVersion.V1_28.version, '0.31.0'], @@ -300,7 +301,7 @@ const RELEASE = 'blueprints-addon-karpenter'; const defaultProps: HelmAddOnProps = { name: KARPENTER, namespace: KARPENTER, - version: 'v0.37.5', + version: '0.37.5', chart: KARPENTER, release: KARPENTER, repository: 'oci://public.ecr.aws/karpenter/karpenter', From ea62e1cbea7c9e5152e9355b9f92a6f37e8dda87 Mon Sep 17 00:00:00 2001 From: shapirov Date: Tue, 22 Oct 2024 14:36:58 -0400 Subject: [PATCH 5/6] addressing lint warnings --- bin/main.ts | 2 +- examples/blueprint-construct/index.ts | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/bin/main.ts b/bin/main.ts index 1f5b9adf0..6659fa5dd 100644 --- a/bin/main.ts +++ b/bin/main.ts @@ -1,6 +1,6 @@ #!/usr/bin/env node import * as cdk from 'aws-cdk-lib'; -import BlueprintIPV6Construct from '../examples/blueprint-ipv6-construct'; +//import BlueprintIPV6Construct from '../examples/blueprint-ipv6-construct'; import BlueprintIPv4Construct from "../examples/blueprint-ipv4-construct"; const app = new cdk.App(); diff --git a/examples/blueprint-construct/index.ts b/examples/blueprint-construct/index.ts index a4a4965dc..cb7982898 100644 --- a/examples/blueprint-construct/index.ts +++ b/examples/blueprint-construct/index.ts @@ -5,7 +5,6 @@ import * as iam from 'aws-cdk-lib/aws-iam'; import * as kms from 'aws-cdk-lib/aws-kms'; import { Construct } from "constructs"; import * as blueprints from '../../lib'; -import { logger, userLog } from '../../lib/utils'; import * as team from '../teams'; import { CfnWorkspace } from 'aws-cdk-lib/aws-aps'; import { From e83fed615ff00fb3d147aa7c6c74f3e06b9d3a0b Mon Sep 17 00:00:00 2001 From: shapirov Date: Tue, 22 Oct 2024 17:10:32 -0400 Subject: [PATCH 6/6] karpneter 1.0.6 upgrade for 1.30 and 1.31 --- examples/blueprint-construct/index.ts | 2 +- lib/addons/apache-airflow/index.ts | 4 ++-- lib/addons/karpenter/index.ts | 8 ++++---- lib/addons/velero/index.ts | 2 +- lib/utils/namespace-utils.ts | 3 +++ 5 files changed, 11 insertions(+), 8 deletions(-) diff --git a/examples/blueprint-construct/index.ts b/examples/blueprint-construct/index.ts index cb7982898..971ec5f6d 100644 --- a/examples/blueprint-construct/index.ts +++ b/examples/blueprint-construct/index.ts @@ -163,10 +163,10 @@ export default class BlueprintConstruct { serviceName: blueprints.AckServiceName.S3 }), new blueprints.addons.KarpenterAddOn({ - version: "0.37.5", nodePoolSpec: this.nodePoolSpec, ec2NodeClassSpec: this.nodeClassSpec, interruptionHandling: true, + installCRDs: false }), new blueprints.addons.AwsNodeTerminationHandlerAddOn(), new blueprints.addons.KubeviousAddOn(), diff --git a/lib/addons/apache-airflow/index.ts b/lib/addons/apache-airflow/index.ts index c997d3ed4..b5a83031c 100644 --- a/lib/addons/apache-airflow/index.ts +++ b/lib/addons/apache-airflow/index.ts @@ -204,7 +204,7 @@ function setUpLoadBalancer(clusterInfo: ClusterInfo, values: Values, albAddOnChe /** * Helper function to set up Logging with S3 Bucket */ -function setUpLogging(clusterInfo: ClusterInfo, values: Values, ns: KubernetesManifest, namespace: string, bucket: IBucket): Values { +function setUpLogging(clusterInfo: ClusterInfo, values: Values, ns: Construct, namespace: string, bucket: IBucket): Values { // Assert check to ensure you provide an S3 Bucket assert(bucket, "Please provide the name of S3 bucket for Logging."); @@ -275,7 +275,7 @@ function setUpLogging(clusterInfo: ClusterInfo, values: Values, ns: KubernetesMa /** * */ -function setUpEFS(clusterInfo: ClusterInfo, values: Values, ns: KubernetesManifest, namespace: string, efsResourceName: string): [Values, KubernetesManifest] { +function setUpEFS(clusterInfo: ClusterInfo, values: Values, ns: Construct, namespace: string, efsResourceName: string): [Values, KubernetesManifest] { // Check const efsAddOnCheck = clusterInfo.getScheduledAddOn(EfsCsiDriverAddOn.name); assert(efsAddOnCheck, `Missing a dependency: ${EfsCsiDriverAddOn.name}. Please add it to your list of addons.`); diff --git a/lib/addons/karpenter/index.ts b/lib/addons/karpenter/index.ts index 0b7a9c9fb..b85243dc4 100644 --- a/lib/addons/karpenter/index.ts +++ b/lib/addons/karpenter/index.ts @@ -300,8 +300,8 @@ const RELEASE = 'blueprints-addon-karpenter'; */ const defaultProps: HelmAddOnProps = { name: KARPENTER, - namespace: KARPENTER, - version: '0.37.5', + namespace: "kube-system", + version: '1.0.6', chart: KARPENTER, release: KARPENTER, repository: 'oci://public.ecr.aws/karpenter/karpenter', @@ -360,7 +360,7 @@ export class KarpenterAddOn extends HelmAddOn { const amiFamily = this.options.ec2NodeClassSpec?.amiFamily; const amiSelector = this.options.ec2NodeClassSpec?.amiSelector || {}; const amiSelectorTerms = this.options.ec2NodeClassSpec?.amiSelectorTerms; - const instanceStorePolicy = this.options.ec2NodeClassSpec?.instanceStorePolicy || null; + const instanceStorePolicy = this.options.ec2NodeClassSpec?.instanceStorePolicy || undefined; const userData = this.options.ec2NodeClassSpec?.userData || ""; const instanceProf = this.options.ec2NodeClassSpec?.instanceProfile; const tags = this.options.ec2NodeClassSpec?.tags || {}; @@ -631,7 +631,7 @@ export class KarpenterAddOn extends HelmAddOn { } // Instance Store Policy added for v0.34.0 and up - if (semver.gte(version, '0.34.0')){ + if (semver.gte(version, '0.34.0') && instanceStorePolicy){ ec2Node = merge(ec2Node, { spec: { instanceStorePolicy: instanceStorePolicy }}); } } else { diff --git a/lib/addons/velero/index.ts b/lib/addons/velero/index.ts index 7c9f6e5f8..5592295a2 100644 --- a/lib/addons/velero/index.ts +++ b/lib/addons/velero/index.ts @@ -150,7 +150,7 @@ export class VeleroAddOn extends HelmAddOn { * @param namespace * @returns the namespace created or existed. */ - protected createNamespaceIfNeeded(clusterInfo: ClusterInfo, defaultName: string, namespace: string, create: boolean): {name: string, manifest?: KubernetesManifest} { + protected createNamespaceIfNeeded(clusterInfo: ClusterInfo, defaultName: string, namespace: string, create: boolean): {name: string, manifest?: Construct} { // Create Namespace if namespace is not explicied defined. if (namespace){ // Create Namespace if the "create" option is true diff --git a/lib/utils/namespace-utils.ts b/lib/utils/namespace-utils.ts index 471841047..3b5068dbf 100644 --- a/lib/utils/namespace-utils.ts +++ b/lib/utils/namespace-utils.ts @@ -12,6 +12,9 @@ import { Values } from "../spi"; * @returns KubernetesManifest */ export function createNamespace(name: string, cluster: eks.ICluster, overwrite?: boolean, prune?: boolean, annotations?: Values, labels? : Values) { + if(name === "kube-system") { + return cluster.clusterSecurityGroup; // a construct that is populated for the cluster l + } return new KubernetesManifest(cluster.stack, `${name}-namespace-struct`, { cluster: cluster, manifest: [{