From 9dfabb1faf82c090957413315f9ddd2f83bcad29 Mon Sep 17 00:00:00 2001 From: Robert Djurasaj Date: Fri, 9 Feb 2024 12:47:45 -0700 Subject: [PATCH] feat(eks): support for Kubernetes version 1.29 (#29040) Similar to #27930, this PR adds eks with k8s 1.29 support. Addresses #28872 thread. Closes #28983. ### **!! Depends on https://github.com/cdklabs/awscdk-asset-kubectl/pull/546 being merged in first. !!** /cc @kaizencc @pahud ### Reason for this change K8s 1.29 on EKS has been released on 1/23/2024. See: https://aws.amazon.com/blogs/containers/amazon-eks-now-supports-kubernetes-version-1-29/ ### Description of changes Added support for eks 1.29. ### Description of how you validated changes Deployed an EKS cluster with k8s 1.29. ![image](https://github.com/aws/aws-cdk/assets/31543/ba770020-2087-498a-a1eb-3e890df05062) ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-eks/README.md | 60 ++++++++++----------- packages/aws-cdk-lib/aws-eks/lib/cluster.ts | 9 ++++ packages/aws-cdk-lib/package.json | 2 +- 3 files changed, 40 insertions(+), 31 deletions(-) diff --git a/packages/aws-cdk-lib/aws-eks/README.md b/packages/aws-cdk-lib/aws-eks/README.md index 573955dc826ad..949d6cd7dabe4 100644 --- a/packages/aws-cdk-lib/aws-eks/README.md +++ b/packages/aws-cdk-lib/aws-eks/README.md @@ -63,12 +63,12 @@ This example defines an Amazon EKS cluster with the following configuration: * A Kubernetes pod with a container based on the [paulbouwer/hello-kubernetes](https://github.com/paulbouwer/hello-kubernetes) image. ```ts -import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28'; +import { KubectlV29Layer } from '@aws-cdk/lambda-layer-kubectl-v29'; // provisioning a cluster const cluster = new eks.Cluster(this, 'hello-eks', { - version: eks.KubernetesVersion.V1_28, - kubectlLayer: new KubectlV28Layer(this, 'kubectl'), + version: eks.KubernetesVersion.V1_29, + kubectlLayer: new KubectlV29Layer(this, 'kubectl'), }); // apply a kubernetes manifest to the cluster @@ -134,7 +134,7 @@ Creating a new cluster is done using the `Cluster` or `FargateCluster` construct ```ts new eks.Cluster(this, 'HelloEKS', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, }); ``` @@ -142,7 +142,7 @@ You can also use `FargateCluster` to provision a cluster that uses only fargate ```ts new eks.FargateCluster(this, 'HelloEKS', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, }); ``` @@ -166,7 +166,7 @@ At cluster instantiation time, you can customize the number of instances and the ```ts new eks.Cluster(this, 'HelloEKS', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, defaultCapacity: 5, defaultCapacityInstance: ec2.InstanceType.of(ec2.InstanceClass.M5, ec2.InstanceSize.SMALL), }); @@ -178,7 +178,7 @@ Additional customizations are available post instantiation. To apply them, set t ```ts const cluster = new eks.Cluster(this, 'HelloEKS', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, defaultCapacity: 0, }); @@ -262,7 +262,7 @@ const eksClusterNodeGroupRole = new iam.Role(this, 'eksClusterNodeGroupRole', { }); const cluster = new eks.Cluster(this, 'HelloEKS', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, defaultCapacity: 0, }); @@ -405,7 +405,7 @@ The following code defines an Amazon EKS cluster with a default Fargate Profile ```ts const cluster = new eks.FargateCluster(this, 'MyCluster', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, }); ``` @@ -482,7 +482,7 @@ You can also configure the cluster to use an auto-scaling group as the default c ```ts const cluster = new eks.Cluster(this, 'HelloEKS', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, defaultCapacityType: eks.DefaultCapacityType.EC2, }); ``` @@ -586,7 +586,7 @@ You can configure the [cluster endpoint access](https://docs.aws.amazon.com/eks/ ```ts const cluster = new eks.Cluster(this, 'hello-eks', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, endpointAccess: eks.EndpointAccess.PRIVATE, // No access outside of your VPC. }); ``` @@ -608,7 +608,7 @@ To deploy the controller on your EKS cluster, configure the `albController` prop ```ts new eks.Cluster(this, 'HelloEKS', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, albController: { version: eks.AlbControllerVersion.V2_6_2, }, @@ -651,7 +651,7 @@ You can specify the VPC of the cluster using the `vpc` and `vpcSubnets` properti declare const vpc: ec2.Vpc; new eks.Cluster(this, 'HelloEKS', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, vpc, vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS }], }); @@ -698,7 +698,7 @@ You can configure the environment of the Cluster Handler functions by specifying ```ts declare const proxyInstanceSecurityGroup: ec2.SecurityGroup; const cluster = new eks.Cluster(this, 'hello-eks', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, clusterHandlerEnvironment: { https_proxy: 'http://proxy.myproxy.com', }, @@ -740,7 +740,7 @@ for (let subnet of subnets) { } const cluster = new eks.Cluster(this, 'hello-eks', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, vpc: vpc, ipFamily: eks.IpFamily.IP_V6, vpcSubnets: [{ subnets: vpc.publicSubnets }], @@ -775,7 +775,7 @@ You can configure the environment of this function by specifying it at cluster i ```ts const cluster = new eks.Cluster(this, 'hello-eks', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, kubectlEnvironment: { 'http_proxy': 'http://proxy.myproxy.com', }, @@ -795,11 +795,11 @@ Depending on which version of kubernetes you're targeting, you will need to use the `@aws-cdk/lambda-layer-kubectl-vXY` packages. ```ts -import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28'; +import { KubectlV29Layer } from '@aws-cdk/lambda-layer-kubectl-v29'; const cluster = new eks.Cluster(this, 'hello-eks', { - version: eks.KubernetesVersion.V1_28, - kubectlLayer: new KubectlV28Layer(this, 'kubectl'), + version: eks.KubernetesVersion.V1_29, + kubectlLayer: new KubectlV29Layer(this, 'kubectl'), }); ``` @@ -834,7 +834,7 @@ const cluster1 = new eks.Cluster(this, 'MyCluster', { kubectlLayer: layer, vpc, clusterName: 'cluster-name', - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, }); // or @@ -852,7 +852,7 @@ By default, the kubectl provider is configured with 1024MiB of memory. You can u ```ts new eks.Cluster(this, 'MyCluster', { kubectlMemory: Size.gibibytes(4), - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, }); // or @@ -891,7 +891,7 @@ When you create a cluster, you can specify a `mastersRole`. The `Cluster` constr ```ts declare const role: iam.Role; new eks.Cluster(this, 'HelloEKS', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, mastersRole: role, }); ``` @@ -941,7 +941,7 @@ You can use the `secretsEncryptionKey` to configure which key the cluster will u const secretsKey = new kms.Key(this, 'SecretsKey'); const cluster = new eks.Cluster(this, 'MyCluster', { secretsEncryptionKey: secretsKey, - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, }); ``` @@ -951,7 +951,7 @@ You can also use a similar configuration for running a cluster built using the F const secretsKey = new kms.Key(this, 'SecretsKey'); const cluster = new eks.FargateCluster(this, 'MyFargateCluster', { secretsEncryptionKey: secretsKey, - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, }); ``` @@ -995,7 +995,7 @@ To access the Kubernetes resources from the console, make sure your viewing prin in the `aws-auth` ConfigMap. Some options to consider: ```ts -import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28'; +import { KubectlV29Layer } from '@aws-cdk/lambda-layer-kubectl-v29'; declare const cluster: eks.Cluster; declare const your_current_role: iam.Role; declare const vpc: ec2.Vpc; @@ -1015,7 +1015,7 @@ your_current_role.addToPolicy(new iam.PolicyStatement({ ```ts // Option 2: create your custom mastersRole with scoped assumeBy arn as the Cluster prop. Switch to this role from the AWS console. -import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28'; +import { KubectlV29Layer } from '@aws-cdk/lambda-layer-kubectl-v29'; declare const vpc: ec2.Vpc; const mastersRole = new iam.Role(this, 'MastersRole', { @@ -1024,8 +1024,8 @@ const mastersRole = new iam.Role(this, 'MastersRole', { const cluster = new eks.Cluster(this, 'EksCluster', { vpc, - version: eks.KubernetesVersion.V1_28, - kubectlLayer: new KubectlV28Layer(this, 'KubectlLayer'), + version: eks.KubernetesVersion.V1_29, + kubectlLayer: new KubectlV29Layer(this, 'KubectlLayer'), mastersRole, }); @@ -1309,7 +1309,7 @@ when a cluster is defined: ```ts new eks.Cluster(this, 'MyCluster', { - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, prune: false, }); ``` @@ -1696,7 +1696,7 @@ property. For example: ```ts const cluster = new eks.Cluster(this, 'Cluster', { // ... - version: eks.KubernetesVersion.V1_28, + version: eks.KubernetesVersion.V1_29, clusterLogging: [ eks.ClusterLoggingTypes.API, eks.ClusterLoggingTypes.AUTHENTICATOR, diff --git a/packages/aws-cdk-lib/aws-eks/lib/cluster.ts b/packages/aws-cdk-lib/aws-eks/lib/cluster.ts index ce2ce330f3a8c..ba3189b798f22 100644 --- a/packages/aws-cdk-lib/aws-eks/lib/cluster.ts +++ b/packages/aws-cdk-lib/aws-eks/lib/cluster.ts @@ -934,6 +934,15 @@ export class KubernetesVersion { */ public static readonly V1_28 = KubernetesVersion.of('1.28'); + /** + * Kubernetes version 1.29 + * + * When creating a `Cluster` with this version, you need to also specify the + * `kubectlLayer` property with a `KubectlV29Layer` from + * `@aws-cdk/lambda-layer-kubectl-v29`. + */ + public static readonly V1_29 = KubernetesVersion.of('1.29'); + /** * Custom cluster version * @param version custom version number diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index ad73da68bd653..a2e5172facbf8 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -498,7 +498,7 @@ }, "jsiiRosetta": { "exampleDependencies": { - "@aws-cdk/lambda-layer-kubectl-v28": "^2.0.0", + "@aws-cdk/lambda-layer-kubectl-v29": "^2.0.0", "cdk8s-plus-25": "^2.7.0", "@aws-cdk/aws-kinesisfirehose-alpha": "*", "@aws-cdk/aws-kinesisfirehose-destinations-alpha": "*"