From 70ac41ab3884a80fe9ff6b53468f500b5c5d257c Mon Sep 17 00:00:00 2001 From: David Roth Date: Tue, 26 Mar 2024 17:16:01 +0100 Subject: [PATCH] Expose Ip-Family for IPV6 (#1089) Fixes https://github.com/pulumi/pulumi-eks/issues/698 Based on https://github.com/pulumi/pulumi-eks/pull/888 and rebased onto master --------- Co-authored-by: Mikhail Shilkov Co-authored-by: Kyle Pitzen Co-authored-by: Ramon Quitales --- nodejs/eks/cluster.ts | 20 +++++-- nodejs/eks/yarn.lock | 1 - provider/cmd/pulumi-gen-eks/main.go | 10 +++- provider/cmd/pulumi-resource-eks/schema.json | 7 ++- sdk/dotnet/Cluster.cs | 11 +++- sdk/go/eks/cluster.go | 14 +++-- .../main/java/com/pulumi/eks/ClusterArgs.java | 57 ++++++++++++++++--- sdk/python/pulumi_eks/cluster.py | 35 ++++++++++-- 8 files changed, 126 insertions(+), 29 deletions(-) diff --git a/nodejs/eks/cluster.ts b/nodejs/eks/cluster.ts index 4b28db978..b788c0fd2 100644 --- a/nodejs/eks/cluster.ts +++ b/nodejs/eks/cluster.ts @@ -562,11 +562,14 @@ export function createCore( let kubernetesNetworkConfig: | pulumi.Output | undefined; - if (args.kubernetesServiceIpAddressRange) { - kubernetesNetworkConfig = pulumi - .output(args.kubernetesServiceIpAddressRange) - .apply((serviceIpv4Cidr) => ({ serviceIpv4Cidr })); - } + if (args.kubernetesServiceIpAddressRange || args.ipFamily ) { + kubernetesNetworkConfig = pulumi.all([args.kubernetesServiceIpAddressRange, args.ipFamily]).apply( + ([serviceIpv4Cidr, ipFamily = "ipv4"]) => ({ + serviceIpv4Cidr: ipFamily === "ipv4" ? serviceIpv4Cidr : undefined, // only applicable for IPv4 IP family + ipFamily: ipFamily + }), + ); + } // Create the EKS cluster const eksCluster = new aws.eks.Cluster( @@ -1530,6 +1533,13 @@ export interface ClusterOptions { * - Between /24 and /12. */ kubernetesServiceIpAddressRange?: pulumi.Input; + + /** + * The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6. + * You can only specify an IP family when you create a cluster, changing this value will force + * a new cluster to be created. + */ + ipFamily?: pulumi.Input; } /** diff --git a/nodejs/eks/yarn.lock b/nodejs/eks/yarn.lock index 420f92dae..cb5619159 100644 --- a/nodejs/eks/yarn.lock +++ b/nodejs/eks/yarn.lock @@ -3970,7 +3970,6 @@ readable-stream@^3.1.1, readable-stream@^3.4.0, readable-stream@^3.6.0: version "3.6.2" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.2.tgz#56a9b36ea965c00c5a93ef31eb111a0f11056967" integrity sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA== - dependencies: inherits "^2.0.3" string_decoder "^1.1.1" util-deprecate "^1.0.1" diff --git a/provider/cmd/pulumi-gen-eks/main.go b/provider/cmd/pulumi-gen-eks/main.go index c87981140..8769ef572 100644 --- a/provider/cmd/pulumi-gen-eks/main.go +++ b/provider/cmd/pulumi-gen-eks/main.go @@ -591,12 +591,18 @@ func generateSchema() schema.PackageSpec { "See for more details:\n" + "- https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-eks-adds-envelope-encryption-for-secrets-with-aws-kms/", }, + "ipFamily": { + TypeSpec: schema.TypeSpec{Type: "string"}, + Description: "The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.\n" + + "You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.", + ReplaceOnChanges: true, + }, "kubernetesServiceIpAddressRange": { TypeSpec: schema.TypeSpec{Type: "string"}, Description: "The CIDR block to assign Kubernetes service IP addresses from. If you don't\n" + "specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or\n" + - "172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap\n" + - "with resources in other networks that are peered or connected to your VPC. You can only specify\n" + + "172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block\n" + + "that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify\n" + "a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created.\n\n" + "The block must meet the following requirements:\n" + "- Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.\n" + diff --git a/provider/cmd/pulumi-resource-eks/schema.json b/provider/cmd/pulumi-resource-eks/schema.json index 464627074..66b168841 100644 --- a/provider/cmd/pulumi-resource-eks/schema.json +++ b/provider/cmd/pulumi-resource-eks/schema.json @@ -749,9 +749,14 @@ "type": "string", "description": "The instance type to use for the cluster's nodes. Defaults to \"t2.medium\"." }, + "ipFamily": { + "type": "string", + "description": "The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.\nYou can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.", + "replaceOnChanges": true + }, "kubernetesServiceIpAddressRange": { "type": "string", - "description": "The CIDR block to assign Kubernetes service IP addresses from. If you don't\nspecify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or\n172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap\nwith resources in other networks that are peered or connected to your VPC. You can only specify\na custom CIDR block when you create a cluster, changing this value will force a new cluster to be created.\n\nThe block must meet the following requirements:\n- Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between /24 and /12." + "description": "The CIDR block to assign Kubernetes service IP addresses from. If you don't\nspecify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or\n172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block\nthat does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify\na custom CIDR block when you create a cluster, changing this value will force a new cluster to be created.\n\nThe block must meet the following requirements:\n- Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between /24 and /12." }, "maxSize": { "type": "integer", diff --git a/sdk/dotnet/Cluster.cs b/sdk/dotnet/Cluster.cs index 392c0b961..7e094a5bf 100644 --- a/sdk/dotnet/Cluster.cs +++ b/sdk/dotnet/Cluster.cs @@ -272,11 +272,18 @@ public InputList InstanceRoles [Input("instanceType")] public Input? InstanceType { get; set; } + /// + /// The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + /// You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. + /// + [Input("ipFamily")] + public Input? IpFamily { get; set; } + /// /// The CIDR block to assign Kubernetes service IP addresses from. If you don't /// specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - /// 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - /// with resources in other networks that are peered or connected to your VPC. You can only specify + /// 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + /// that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify /// a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. /// /// The block must meet the following requirements: diff --git a/sdk/go/eks/cluster.go b/sdk/go/eks/cluster.go index ad562f69d..5b36f984d 100644 --- a/sdk/go/eks/cluster.go +++ b/sdk/go/eks/cluster.go @@ -116,10 +116,13 @@ type clusterArgs struct { InstanceRoles []*iam.Role `pulumi:"instanceRoles"` // The instance type to use for the cluster's nodes. Defaults to "t2.medium". InstanceType *string `pulumi:"instanceType"` + // The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + // You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. + IpFamily *string `pulumi:"ipFamily"` // The CIDR block to assign Kubernetes service IP addresses from. If you don't // specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - // 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - // with resources in other networks that are peered or connected to your VPC. You can only specify + // 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + // that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify // a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. // // The block must meet the following requirements: @@ -322,10 +325,13 @@ type ClusterArgs struct { InstanceRoles iam.RoleArrayInput // The instance type to use for the cluster's nodes. Defaults to "t2.medium". InstanceType pulumi.StringPtrInput + // The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + // You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. + IpFamily pulumi.StringPtrInput // The CIDR block to assign Kubernetes service IP addresses from. If you don't // specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - // 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - // with resources in other networks that are peered or connected to your VPC. You can only specify + // 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + // that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify // a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. // // The block must meet the following requirements: diff --git a/sdk/java/src/main/java/com/pulumi/eks/ClusterArgs.java b/sdk/java/src/main/java/com/pulumi/eks/ClusterArgs.java index 317e54789..0c049a275 100644 --- a/sdk/java/src/main/java/com/pulumi/eks/ClusterArgs.java +++ b/sdk/java/src/main/java/com/pulumi/eks/ClusterArgs.java @@ -333,11 +333,28 @@ public Optional> instanceType() { return Optional.ofNullable(this.instanceType); } + /** + * The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + * You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. + * + */ + @Import(name="ipFamily") + private @Nullable Output ipFamily; + + /** + * @return The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + * You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. + * + */ + public Optional> ipFamily() { + return Optional.ofNullable(this.ipFamily); + } + /** * The CIDR block to assign Kubernetes service IP addresses from. If you don't * specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - * 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - * with resources in other networks that are peered or connected to your VPC. You can only specify + * 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + * that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify * a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. * * The block must meet the following requirements: @@ -352,8 +369,8 @@ public Optional> instanceType() { /** * @return The CIDR block to assign Kubernetes service IP addresses from. If you don't * specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - * 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - * with resources in other networks that are peered or connected to your VPC. You can only specify + * 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + * that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify * a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. * * The block must meet the following requirements: @@ -960,6 +977,7 @@ private ClusterArgs(ClusterArgs $) { this.instanceRole = $.instanceRole; this.instanceRoles = $.instanceRoles; this.instanceType = $.instanceType; + this.ipFamily = $.ipFamily; this.kubernetesServiceIpAddressRange = $.kubernetesServiceIpAddressRange; this.maxSize = $.maxSize; this.minSize = $.minSize; @@ -1456,11 +1474,34 @@ public Builder instanceType(String instanceType) { return instanceType(Output.of(instanceType)); } + /** + * @param ipFamily The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + * You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. + * + * @return builder + * + */ + public Builder ipFamily(@Nullable Output ipFamily) { + $.ipFamily = ipFamily; + return this; + } + + /** + * @param ipFamily The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + * You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. + * + * @return builder + * + */ + public Builder ipFamily(String ipFamily) { + return ipFamily(Output.of(ipFamily)); + } + /** * @param kubernetesServiceIpAddressRange The CIDR block to assign Kubernetes service IP addresses from. If you don't * specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - * 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - * with resources in other networks that are peered or connected to your VPC. You can only specify + * 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + * that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify * a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. * * The block must meet the following requirements: @@ -1479,8 +1520,8 @@ public Builder kubernetesServiceIpAddressRange(@Nullable Output kubernet /** * @param kubernetesServiceIpAddressRange The CIDR block to assign Kubernetes service IP addresses from. If you don't * specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - * 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - * with resources in other networks that are peered or connected to your VPC. You can only specify + * 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + * that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify * a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. * * The block must meet the following requirements: diff --git a/sdk/python/pulumi_eks/cluster.py b/sdk/python/pulumi_eks/cluster.py index 69bbffefd..9a9b18834 100644 --- a/sdk/python/pulumi_eks/cluster.py +++ b/sdk/python/pulumi_eks/cluster.py @@ -36,6 +36,7 @@ def __init__(__self__, *, instance_role: Optional[pulumi.Input['pulumi_aws.iam.Role']] = None, instance_roles: Optional[pulumi.Input[Sequence[pulumi.Input['pulumi_aws.iam.Role']]]] = None, instance_type: Optional[pulumi.Input[str]] = None, + ip_family: Optional[pulumi.Input[str]] = None, kubernetes_service_ip_address_range: Optional[pulumi.Input[str]] = None, max_size: Optional[pulumi.Input[int]] = None, min_size: Optional[pulumi.Input[int]] = None, @@ -108,10 +109,12 @@ def __init__(__self__, *, Note: options `instanceRole` and `instanceRoles` are mutually exclusive. :param pulumi.Input[str] instance_type: The instance type to use for the cluster's nodes. Defaults to "t2.medium". + :param pulumi.Input[str] ip_family: The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. :param pulumi.Input[str] kubernetes_service_ip_address_range: The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - with resources in other networks that are peered or connected to your VPC. You can only specify + 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements: @@ -258,6 +261,8 @@ def __init__(__self__, *, pulumi.set(__self__, "instance_roles", instance_roles) if instance_type is not None: pulumi.set(__self__, "instance_type", instance_type) + if ip_family is not None: + pulumi.set(__self__, "ip_family", ip_family) if kubernetes_service_ip_address_range is not None: pulumi.set(__self__, "kubernetes_service_ip_address_range", kubernetes_service_ip_address_range) if max_size is not None: @@ -545,14 +550,27 @@ def instance_type(self) -> Optional[pulumi.Input[str]]: def instance_type(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "instance_type", value) + @property + @pulumi.getter(name="ipFamily") + def ip_family(self) -> Optional[pulumi.Input[str]]: + """ + The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. + """ + return pulumi.get(self, "ip_family") + + @ip_family.setter + def ip_family(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "ip_family", value) + @property @pulumi.getter(name="kubernetesServiceIpAddressRange") def kubernetes_service_ip_address_range(self) -> Optional[pulumi.Input[str]]: """ The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - with resources in other networks that are peered or connected to your VPC. You can only specify + 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements: @@ -1002,6 +1020,7 @@ def __init__(__self__, instance_role: Optional[pulumi.Input['pulumi_aws.iam.Role']] = None, instance_roles: Optional[pulumi.Input[Sequence[pulumi.Input['pulumi_aws.iam.Role']]]] = None, instance_type: Optional[pulumi.Input[str]] = None, + ip_family: Optional[pulumi.Input[str]] = None, kubernetes_service_ip_address_range: Optional[pulumi.Input[str]] = None, max_size: Optional[pulumi.Input[int]] = None, min_size: Optional[pulumi.Input[int]] = None, @@ -1078,10 +1097,12 @@ def __init__(__self__, Note: options `instanceRole` and `instanceRoles` are mutually exclusive. :param pulumi.Input[str] instance_type: The instance type to use for the cluster's nodes. Defaults to "t2.medium". + :param pulumi.Input[str] ip_family: The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`. + You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created. :param pulumi.Input[str] kubernetes_service_ip_address_range: The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or - 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap - with resources in other networks that are peered or connected to your VPC. You can only specify + 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block + that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created. The block must meet the following requirements: @@ -1235,6 +1256,7 @@ def _internal_init(__self__, instance_role: Optional[pulumi.Input['pulumi_aws.iam.Role']] = None, instance_roles: Optional[pulumi.Input[Sequence[pulumi.Input['pulumi_aws.iam.Role']]]] = None, instance_type: Optional[pulumi.Input[str]] = None, + ip_family: Optional[pulumi.Input[str]] = None, kubernetes_service_ip_address_range: Optional[pulumi.Input[str]] = None, max_size: Optional[pulumi.Input[int]] = None, min_size: Optional[pulumi.Input[int]] = None, @@ -1292,6 +1314,7 @@ def _internal_init(__self__, __props__.__dict__["instance_role"] = instance_role __props__.__dict__["instance_roles"] = instance_roles __props__.__dict__["instance_type"] = instance_type + __props__.__dict__["ip_family"] = ip_family __props__.__dict__["kubernetes_service_ip_address_range"] = kubernetes_service_ip_address_range __props__.__dict__["max_size"] = max_size __props__.__dict__["min_size"] = min_size