Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EC2 VPC service controller #489

Closed
mdykes-gw opened this issue Nov 10, 2020 · 9 comments
Closed

EC2 VPC service controller #489

mdykes-gw opened this issue Nov 10, 2020 · 9 comments
Labels
kind/new-service Categorizes issue or PR as related to a new service. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.

Comments

@mdykes-gw
Copy link

mdykes-gw commented Nov 10, 2020
edited by jaypipes
Loading

New ACK Service Controller

Support for EC2 VPC

List of API resources

List the API resources in order of importance to you:

  1. VPC
  2. Subnet
  3. RouteTable
  4. Route
  5. InternetGateway
  6. TransitGateway
  7. VPC Endpoint
  8. DHCP Options
  9. SecurityGroup
@mdykes-gw mdykes-gw added the kind/new-service Categorizes issue or PR as related to a new service. label Nov 10, 2020
@jaypipes jaypipes added the EC2 label Nov 11, 2020
@jaypipes jaypipes changed the title VPC service controller EC2 VPC service controller Nov 11, 2020
@jaypipes jaypipes mentioned this issue Nov 11, 2020
Closed
@jaypipes jaypipes mentioned this issue Dec 11, 2020
Closed
@gowrisankar22
Copy link

@jaypipes we are looking for an operator which can create a vpc endpoint .. Any idea what is the tentative timeline when this controller will be available?

@jaypipes
Copy link
Collaborator

@jaypipes we are looking for an operator which can create a vpc endpoint .. Any idea what is the tentative timeline when this controller will be available?

I will start the build process for this controller in early January. The order of resources that I will be working on is listed above. Sounds like you would like me to prioritize VPC Endpoint over some of the other resources. Is that a fair statement? :)

Of course, I can't give you a timeline on how long it will take to get the EC2 VPC controller into developer preview. Once I start the build process I should be able to give you a rough timeline of which quarter in 2021 this should land.

@gowrisankar22
Copy link

gowrisankar22 commented Dec 14, 2020
edited
Loading

@jaypipes
Yeah, correct. But you have to consider the quota limitations. Currently, per VPC you can create an upper hard limit of 200 for the VPC endpoint.

Some of the below requirements if you consider that will makes everyone's life easier.

  1. aws vpc endpoint controller should check for the quota before creating the endpoint.
  2. example: by default, I have added 3 vpcs, then the controller should do the loadbalance or on round-robin basis it should select the vpc and it should work if I again add 4th vpc later.
  3. If my vpc is running in a different aws account, it should read the credentials accordingly.
  4. Default values required per vpc for endpoint creation would be subnetid,vpcid,securityid and intefacetype (this is where other controllers what is above comes into picture vpc,subnet,route table etc)..

@jaypipes jaypipes mentioned this issue Jan 8, 2021
Closed
@jaypipes jaypipes mentioned this issue May 12, 2021
Open
@brycahta brycahta mentioned this issue Aug 5, 2021
Merged
@brycahta
Copy link
Contributor

brycahta commented Aug 5, 2021

Starting work on this implementation. I'll be tackling the resources in the order listed above due to dependencies between resources (i.e. cannot create route without referencing a route table) and will update the issue should anything change.

Repo for the ec2 controller can be found here

ack-bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Aug 6, 2021
@brycahta
Add Vpc resource (#1)
dcd55e0 
Issue: [#489](aws-controllers-k8s/community#489)

* Adding create/delete VPC functionality with smoke tests
* Adding Makefile
* Adding metadata file
@brycahta brycahta mentioned this issue Aug 18, 2021
Merged
ack-bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Aug 23, 2021
@brycahta
Add Subnet resource (#4)
c362e4b 
**Issue:** [#489](aws-controllers-k8s/community#489)

### Changes
* Adds create/delete Subnet functionality with smoke tests
* Adds terminal_codes for Subnet. Triggered when users try to create Subnet with malformed or invalid VpcId
  * related: attempting to delete VPC with Subnet attached will result in DependencyViolation which will requeue the delete with backoff (default behavior) until user resolves 
* Adds helm artifacts

### Testing
* Tested controller locally with `go run`  ✅
* `make kind-test` ✅

```
[gw2] [ 33%] PASSED tests/test_subnet.py::TestSubnet::test_terminal_condition
[gw3] [ 66%] PASSED tests/test_vpc.py::TestVpc::test_smoke
[gw0] [100%] PASSED tests/test_subnet.py::TestSubnet::test_crud

======================================================================= 3 passed in 54.60s =======================================================================
```
@brycahta brycahta mentioned this issue Sep 3, 2021
Merged
ack-bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Sep 8, 2021
@brycahta
Adding Route table (#6)
aba499a 
Issue #, if available: [#489](aws-controllers-k8s/community#489)

Description of changes:
* adds route table resource
* refactors e2e tests to share common resources (i.e. VPC)
  * otherwise, vpcs would need to be created for each test which is inefficient and may exceed quota
  * now, only 2 vpcs are created per test run
  * could not use `@pytest.fixture(scope="session")` on vpc because we use [pytest-xdist](pytest-dev/pytest-xdist#271)
* adds route table tests

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
@brycahta brycahta mentioned this issue Sep 8, 2021
Merged
@brycahta
Copy link
Contributor

brycahta commented Sep 8, 2021

Update: Putting Route development on hold.

Given the EC2 Route api and coupling with RouteTable we think it makes the most sense to implement Route as a Spec field to the RouteTable CR, ex: Spec.Routes []CreateRouteInput. This override feature is in development, so I will continue to implement other Networking resources and circle back to Route upon feature completion.

Related issues:

ack-bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Sep 9, 2021
@brycahta
Generate Internet gateway using ACK runtime 0.13.1 (#7)
69069be 
Issue #, if available: [#489](aws-controllers-k8s/community#489)

Description of changes:
* adds internet gateway resource and tests using runtime v0.13.1
* removes unused hooks

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
@haarchri haarchri mentioned this issue Sep 15, 2021
Closed
@brycahta brycahta mentioned this issue Oct 8, 2021
Merged
@bwagner5 bwagner5 mentioned this issue Oct 19, 2021
Merged
ack-bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Oct 20, 2021
@bwagner5
Generate Transit Gateway using ACK runtime v0.15.1 (#17)
5d1c1fd 
Issue #, if available:
aws-controllers-k8s/community#489

Description of changes:

process is broken up into commits between the generated and manual steps.

 - Generate Transit Gateway resource Create and Delete
 - Tests for Create and Delete (the sleeps on TGW create and delete are lengthy because the resource takes so long to be created and will error out if a delete is attempted while in a "pending" state)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
@brycahta brycahta mentioned this issue Nov 8, 2021
Merged
ack-bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Nov 9, 2021
@brycahta
Generate Security Group using ACK Runtime v0.15.2 (#20)
4927448 
Issue #, if available: aws-controllers-k8s/community#489

Description of changes:
* Adds Create/Delete functionality and tests for Security Group resource using ACK runtime `v0.15.2` at [this commit](aws-controllers-k8s/code-generator@6ce1a67)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
@brycahta brycahta mentioned this issue Nov 16, 2021
Merged
ack-bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Nov 18, 2021
@brycahta
Add Route to RouteTable using ACK runtime v0.15.2 (#21)
c774f71 
Issue #, if available: aws-controllers-k8s/community#489 

Description of changes:
* Moves `route` from Status to Spec so users can define Routes upon RouteTable creation
* Changes to handle default route created by RouteTable & user-defined routes
* Tests for route

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
@ack-bot
Copy link
Collaborator

ack-bot commented Dec 14, 2021

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/aws-controllers-k8s/community.
/lifecycle stale

@ack-bot ack-bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Dec 14, 2021
@a-hilaly
Copy link
Member

/lifecycle frozen

@ack-bot ack-bot added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Dec 14, 2021
@brycahta brycahta mentioned this issue Feb 17, 2022
Merged
@brycahta brycahta mentioned this issue Feb 25, 2022
Merged
ack-bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Feb 25, 2022
@brycahta
release ec2-controller v0.0.8 (#35)
439ef87 
Issue #, if available: aws-controllers-k8s/community#489

Description of changes:
* release `v0.0.8` which adds create/delete support for `DHCPOptions`, the last of the requested resources in vpc controller issue

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
@brycahta
Copy link
Contributor

brycahta commented Mar 2, 2022

As of v0.0.8, ec2-controller supports Create/Delete functionality for the resources listed above. An issue to track implementing update functionality for each resource has been opened in community issues.

In the meantime, the service team will shift its focus to implementing the Instance resource (and dependencies); the work will be tracked here.

Feel free to react/comment on any of these issues to discuss in more detail & help us prioritize the work.

@brycahta brycahta mentioned this issue Mar 30, 2022
Merged
@mikestef9
Copy link
Collaborator

Closing as this service controller has graduated to GA. Separate issues can be opened to discuss specific follow on topics on the controller.

@a-hilaly a-hilaly moved this to Generally Available in Service Controller Release Roadmap Aug 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/new-service Categorizes issue or PR as related to a new service. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.
Projects
Service Controller Release Roadmap
Status: Generally Available
Milestone
No milestone
Development

No branches or pull requests
7 participants
@jaypipes @mikestef9 @a-hilaly @gowrisankar22 @mdykes-gw @brycahta @ack-bot