eks_cli 0.2.8 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +21 -23
  3. data/eks_cli.gemspec +0 -2
  4. data/lib/assets/{eks_vpc_cf_template.yaml → cf/eks_cluster.yaml.erb} +74 -1
  5. data/lib/assets/{nodegroup_cf_template.yaml → cf/nodegroup.yaml} +0 -0
  6. data/lib/assets/k8s/cni_1_2_1.yaml.erb +73 -0
  7. data/lib/assets/{default_storage_class.yaml → k8s/default_storage_class.yaml} +0 -0
  8. data/lib/assets/{dns_autoscaler.dep.yaml → k8s/dns_autoscaler.dep.yaml} +0 -0
  9. data/lib/assets/{nvidia_device_plugin.yaml → k8s/nvidia_device_plugin.yaml} +0 -0
  10. data/lib/eks_cli/cli.rb +17 -47
  11. data/lib/eks_cli/cloudformation/{vpc.rb → eks.rb} +16 -6
  12. data/lib/eks_cli/eks/cluster.rb +3 -37
  13. data/lib/eks_cli/k8s/client.rb +21 -4
  14. data/lib/eks_cli/nodegroup.rb +1 -2
  15. data/lib/eks_cli/utils/erb_resolver.rb +15 -0
  16. data/lib/eks_cli/version.rb +1 -1
  17. metadata +9 -38
  18. data/lib/eks_cli/ec2/security_group.rb +0 -53
  19. data/lib/eks_cli/eks/client.rb +0 -11
  20. data/lib/eks_cli/iam/client.rb +0 -64
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f5be6fcc878fec18884e01562e9e1470cfa58183
4
- data.tar.gz: 8cdaaa2c3432730502855e5e27753efc8729e8ab
3
+ metadata.gz: 31a75cf42b492a4173cd98f65a05240d50ae639d
4
+ data.tar.gz: a392ccaf9a7393f3b8f14f7002c7cf79c59fbf36
5
5
  SHA512:
6
- metadata.gz: ee939489d068d59e5379a7ab9d52916e7ec4f129a8a2242fc702ef713772c04c7a490a3382641114701059a163aec7be68c8d3baec15f2ea178c8e178ba0866f
7
- data.tar.gz: 16a4702bc98dd7cad06ed2ed034c4bc0ca05198b569a55a561de5429d7002ae9ece4f5e1cf3d50716fdd41c8ae65b6c957a41e75fb4f7c0351589a959773c574
6
+ metadata.gz: 6a08a3c0e52ef60e3a5a1f2d995ec5b4bea140085ca5729631478031cbc74b56fc3ba73c3564bcb4d0255a9503d451340313fbbd090b8c58b54ac51765227c7f
7
+ data.tar.gz: 178aeab23de7a7b08ba95db3e0ac3c02fd7137bfcca502373340b383df8114d92dd998bf2a3e9bd44c7e4c0514d68c7e1003311cf002ce769449c9972edd89a1
data/Gemfile.lock CHANGED
@@ -1,21 +1,21 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- eks_cli (0.1.6)
5
- activesupport
6
- aws-sdk-cloudformation
7
- aws-sdk-ec2
8
- aws-sdk-eks
9
- aws-sdk-iam
10
- aws-sdk-route53
11
- httparty
12
- kubeclient
13
- thor
4
+ eks_cli (0.2.9)
5
+ activesupport (= 5.2.1.1)
6
+ aws-sdk-autoscaling (= 1.13.0)
7
+ aws-sdk-cloudformation (= 1.13.0)
8
+ aws-sdk-ec2 (= 1.62.0)
9
+ aws-sdk-route53 (= 1.16.0)
10
+ httparty (= 0.16.3)
11
+ ipaddress (= 0.8.3)
12
+ kubeclient (= 4.1.0)
13
+ thor (= 0.20.3)
14
14
 
15
15
  GEM
16
16
  remote: https://rubygems.org/
17
17
  specs:
18
- activesupport (5.2.1)
18
+ activesupport (5.2.1.1)
19
19
  concurrent-ruby (~> 1.0, >= 1.0.2)
20
20
  i18n (>= 0.7, < 2)
21
21
  minitest (~> 5.1)
@@ -23,29 +23,26 @@ GEM
23
23
  addressable (2.5.2)
24
24
  public_suffix (>= 2.0.2, < 4.0)
25
25
  aws-eventstream (1.0.1)
26
- aws-partitions (1.115.0)
26
+ aws-partitions (1.125.0)
27
+ aws-sdk-autoscaling (1.13.0)
28
+ aws-sdk-core (~> 3, >= 3.39.0)
29
+ aws-sigv4 (~> 1.0)
27
30
  aws-sdk-cloudformation (1.13.0)
28
31
  aws-sdk-core (~> 3, >= 3.39.0)
29
32
  aws-sigv4 (~> 1.0)
30
- aws-sdk-core (3.39.0)
33
+ aws-sdk-core (3.44.0)
31
34
  aws-eventstream (~> 1.0)
32
35
  aws-partitions (~> 1.0)
33
36
  aws-sigv4 (~> 1.0)
34
37
  jmespath (~> 1.0)
35
- aws-sdk-ec2 (1.59.0)
36
- aws-sdk-core (~> 3, >= 3.39.0)
37
- aws-sigv4 (~> 1.0)
38
- aws-sdk-eks (1.8.0)
39
- aws-sdk-core (~> 3, >= 3.39.0)
40
- aws-sigv4 (~> 1.0)
41
- aws-sdk-iam (1.12.0)
38
+ aws-sdk-ec2 (1.62.0)
42
39
  aws-sdk-core (~> 3, >= 3.39.0)
43
40
  aws-sigv4 (~> 1.0)
44
41
  aws-sdk-route53 (1.16.0)
45
42
  aws-sdk-core (~> 3, >= 3.39.0)
46
43
  aws-sigv4 (~> 1.0)
47
44
  aws-sigv4 (1.0.3)
48
- concurrent-ruby (1.1.3)
45
+ concurrent-ruby (1.1.4)
49
46
  domain_name (0.5.20180417)
50
47
  unf (>= 0.0.5, < 1.0.0)
51
48
  http (3.3.0)
@@ -60,10 +57,11 @@ GEM
60
57
  httparty (0.16.3)
61
58
  mime-types (~> 3.0)
62
59
  multi_xml (>= 0.5.2)
63
- i18n (1.1.1)
60
+ i18n (1.2.0)
64
61
  concurrent-ruby (~> 1.0)
62
+ ipaddress (0.8.3)
65
63
  jmespath (1.4.0)
66
- kubeclient (4.0.0)
64
+ kubeclient (4.1.0)
67
65
  http (~> 3.0)
68
66
  recursive-open-struct (~> 1.0, >= 1.0.4)
69
67
  rest-client (~> 2.0)
data/eks_cli.gemspec CHANGED
@@ -21,8 +21,6 @@ Gem::Specification.new do |s|
21
21
  s.executables = ["eks"]
22
22
  s.require_paths = ["lib"]
23
23
  s.add_dependency 'thor', '0.20.3'
24
- s.add_dependency 'aws-sdk-iam', '1.12.0'
25
- s.add_dependency 'aws-sdk-eks', '1.9.0'
26
24
  s.add_dependency 'aws-sdk-ec2', '1.62.0'
27
25
  s.add_dependency 'aws-sdk-cloudformation', '1.13.0'
28
26
  s.add_dependency 'aws-sdk-route53', '1.16.0'
data/lib/assets/{eks_vpc_cf_template.yaml → cf/eks_cluster.yaml.erb} RENAMED
@@ -1,9 +1,13 @@
1
1
  ---
2
2
  AWSTemplateFormatVersion: '2010-09-09'
3
- Description: 'Amazon EKS Sample VPC'
3
+ Description: 'Amazon EKS Cluster'
4
4
 
5
5
  Parameters:
6
6
 
7
+ ClusterName:
8
+ Type: String
9
+ Description: EKS cluster name
10
+
7
11
  VpcBlock:
8
12
  Type: String
9
13
  Default: 192.168.0.0/16
@@ -52,6 +56,24 @@ Metadata:
52
56
  - Subnet03AZ
53
57
 
54
58
  Resources:
59
+
60
+ AWSServiceRoleForAmazonEKS:
61
+ Type: AWS::IAM::Role
62
+ Properties:
63
+ RoleName: !Sub "${AWS::StackName}-RoleArn"
64
+ AssumeRolePolicyDocument:
65
+ Version: '2012-10-17'
66
+ Statement:
67
+ - Effect: Allow
68
+ Principal:
69
+ Service:
70
+ - eks.amazonaws.com
71
+ Action:
72
+ - sts:AssumeRole
73
+ ManagedPolicyArns:
74
+ - arn:aws:iam::aws:policy/AmazonEKSServicePolicy
75
+ - arn:aws:iam::aws:policy/AmazonEKSClusterPolicy
76
+
55
77
  VPC:
56
78
  Type: AWS::EC2::VPC
57
79
  Properties:
@@ -158,6 +180,49 @@ Resources:
158
180
  GroupDescription: Cluster communication with worker nodes
159
181
  VpcId: !Ref VPC
160
182
 
183
+ EKSCluster:
184
+ Type: AWS::EKS::Cluster
185
+ Properties:
186
+ Name: !Ref ClusterName
187
+ ResourcesVpcConfig:
188
+ SecurityGroupIds:
189
+ - !Ref ControlPlaneSecurityGroup
190
+ SubnetIds:
191
+ - !Ref Subnet01
192
+ - !Ref Subnet02
193
+ - !Ref Subnet03
194
+ RoleArn: !GetAtt AWSServiceRoleForAmazonEKS.Arn
195
+ Version: "1.10"
196
+
197
+ NodeGroupsInClusterSecurityGroup:
198
+ Type: AWS::EC2::SecurityGroup
199
+ Properties:
200
+ GroupName: !Sub "${AWS::StackName}-EKS-NodeGroups-SG"
201
+ GroupDescription: Allow all nodegroups to communicate with one another
202
+ VpcId: !Ref VPC
203
+
204
+ NodeGroupsIngressRule:
205
+ Type: AWS::EC2::SecurityGroupIngress
206
+ Properties:
207
+ Description: Allow nodegroups to communicate with each other
208
+ FromPort: -1
209
+ GroupId: !Ref NodeGroupsInClusterSecurityGroup
210
+ IpProtocol: "-1"
211
+ SourceSecurityGroupId: !Ref NodeGroupsInClusterSecurityGroup
212
+ ToPort: -1
213
+
214
+ <% open_ports.each do |port| %>
215
+ NodeGroupsOpenPort<%=port%>IngressRule:
216
+ Type: AWS::EC2::SecurityGroupIngress
217
+ Properties:
218
+ Description: Open port for all nodes
219
+ FromPort: <%=port%>
220
+ GroupId: !Ref NodeGroupsInClusterSecurityGroup
221
+ IpProtocol: tcp
222
+ ToPort: <%=port%>
223
+ CidrIp: "0.0.0.0/0"
224
+ <% end %>
225
+
161
226
  Outputs:
162
227
 
163
228
  SubnetIds:
@@ -168,7 +233,15 @@ Outputs:
168
233
  Description: Security group for the cluster control plane communication with worker nodes
169
234
  Value: !Join [ ",", [ !Ref ControlPlaneSecurityGroup ] ]
170
235
 
236
+ NodeGroupsInClusterSecurityGroup:
237
+ Description: Security group for node groups communication
238
+ Value: !Ref NodeGroupsInClusterSecurityGroup
239
+
171
240
  VpcId:
172
241
  Description: The VPC Id
173
242
  Value: !Ref VPC
174
243
 
244
+ EKSClusterARN:
245
+ Description: Create EKS Cluster
246
+ Value: !GetAtt EKSCluster.Arn
247
+
data/lib/assets/k8s/cni_1_2_1.yaml.erb ADDED
@@ -0,0 +1,73 @@
1
+ kind: DaemonSet
2
+ apiVersion: apps/v1
3
+ metadata:
4
+ name: aws-node
5
+ namespace: kube-system
6
+ labels:
7
+ k8s-app: aws-node
8
+ spec:
9
+ updateStrategy:
10
+ type: RollingUpdate
11
+ selector:
12
+ matchLabels:
13
+ k8s-app: aws-node
14
+ template:
15
+ metadata:
16
+ labels:
17
+ k8s-app: aws-node
18
+ annotations:
19
+ scheduler.alpha.kubernetes.io/critical-pod: ''
20
+ spec:
21
+ serviceAccountName: aws-node
22
+ hostNetwork: true
23
+ tolerations:
24
+ - operator: Exists
25
+ containers:
26
+ - image: 602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:1.2.1
27
+ imagePullPolicy: Always
28
+ ports:
29
+ - containerPort: 61678
30
+ name: metrics
31
+ name: aws-node
32
+ env:
33
+ - name: AWS_VPC_K8S_CNI_LOGLEVEL
34
+ value: DEBUG
35
+ - name: MY_NODE_NAME
36
+ valueFrom:
37
+ fieldRef:
38
+ fieldPath: spec.nodeName
39
+ <% if custom_warm_ip_target %>
40
+ - name: WARM_IP_TARGET
41
+ value: "<%=custom_warm_ip_target%>"
42
+ <% end %>
43
+ - name: WATCH_NAMESPACE
44
+ valueFrom:
45
+ fieldRef:
46
+ fieldPath: metadata.namespace
47
+ resources:
48
+ requests:
49
+ cpu: 10m
50
+ securityContext:
51
+ privileged: true
52
+ volumeMounts:
53
+ - mountPath: /host/opt/cni/bin
54
+ name: cni-bin-dir
55
+ - mountPath: /host/etc/cni/net.d
56
+ name: cni-net-dir
57
+ - mountPath: /host/var/log
58
+ name: log-dir
59
+ - mountPath: /var/run/docker.sock
60
+ name: dockersock
61
+ volumes:
62
+ - name: cni-bin-dir
63
+ hostPath:
64
+ path: /opt/cni/bin
65
+ - name: cni-net-dir
66
+ hostPath:
67
+ path: /etc/cni/net.d
68
+ - name: log-dir
69
+ hostPath:
70
+ path: /var/log
71
+ - name: dockersock
72
+ hostPath:
73
+ path: /var/run/docker.sock
data/lib/eks_cli/cli.rb CHANGED
@@ -9,7 +9,6 @@ module EksCli
9
9
  autoload :NodeGroup, 'nodegroup'
10
10
  module CloudFormation
11
11
  autoload :Stack, 'cloudformation/stack'
12
- autoload :VPC, 'cloudformation/vpc'
13
12
  end
14
13
  module EKS
15
14
  autoload :Cluster, 'eks/cluster'
@@ -18,12 +17,6 @@ module EksCli
18
17
  autoload :Auth, 'k8s/auth'
19
18
  autoload :Client, 'k8s/client'
20
19
  end
21
- module EC2
22
- autoload :SecurityGroup, 'ec2/security_group'
23
- end
24
- module IAM
25
- autoload :Client, 'iam/client'
26
- end
27
20
  module Route53
28
21
  autoload :Client, 'route53/client'
29
22
  end
@@ -46,25 +39,28 @@ module EksCli
46
39
  option :enable_gpu, type: :boolean, default: false, desc: "installs nvidia device plugin daemon set"
47
40
  option :create_default_storage_class, type: :boolean, default: true, desc: "creates a default gp2 storage class"
48
41
  option :create_dns_autoscaler, type: :boolean, default: true, desc: "creates dns autoscaler on the cluster"
42
+ option :warm_ip_target, type: :numeric, desc: "set a default custom warm ip target for CNI"
49
43
  def create
50
- Config[cluster_name].bootstrap({region: options[:region], kubernetes_version: options[:kubernetes_version]})
51
- create_eks_role
52
- create_cluster_vpc
53
- create_eks_cluster
54
- create_cluster_security_group
44
+ opts = {region: options[:region],
45
+ kubernetes_version: options[:kubernetes_version],
46
+ open_ports: options[:open_ports],
47
+ cidr: options[:cidr],
48
+ warm_ip_target: options[:warm_ip_target] ? options[:warm_ip_target].to_i : nil,
49
+ subnet1_az: (options[:subnet1_az] || Config::AZS[options[:region]][0]),
50
+ subnet2_az: (options[:subnet2_az] || Config::AZS[options[:region]][1]),
51
+ subnet3_az: (options[:subnet3_az] || Config::AZS[options[:region]][2])}
52
+ config.bootstrap(opts)
53
+ cluster = EKS::Cluster.new(cluster_name).create
54
+ config.write(cluster.config)
55
+ cluster.update_kubeconfig
55
56
  wait_for_cluster
56
57
  enable_gpu if options[:enable_gpu]
57
58
  create_default_storage_class if options[:create_default_storage_class]
58
59
  create_dns_autoscaler if options[:create_dns_autoscaler]
60
+ update_cluster_cni if options[:warm_ip_target]
59
61
  say "cluster creation completed"
60
62
  end
61
63
 
62
- desc "create-eks-role", "creates an IAM role for usage by EKS"
63
- def create_eks_role
64
- role = IAM::Client.new(cluster_name).create_eks_role
65
- Config[cluster_name].write({eks_role_arn: role.arn})
66
- end
67
-
68
64
  desc "show-config", "print cluster configuration"
69
65
  option :group_name, desc: "group name to show configuration for"
70
66
  def show_config
@@ -75,27 +71,9 @@ module EksCli
75
71
  end
76
72
  end
77
73
 
78
- desc "create-cluster-vpc", "creates a vpc according to aws cloudformation template"
79
- option :cidr, type: :string, default: "192.168.0.0/16", desc: "CIRD block for cluster VPC"
80
- option :subnet1_az, type: :string, desc: "availability zone for subnet 01"
81
- option :subnet2_az, type: :string, desc: "availability zone for subnet 02"
82
- option :subnet3_az, type: :string, desc: "availability zone for subnet 03"
83
- def create_cluster_vpc
84
- opts = options.slice("cidr", "subnet1_az", "subnet2_az", "subnet3_az")
85
- opts["subnet1_az"] ||= Config::AZS[config["region"]][0]
86
- opts["subnet2_az"] ||= Config::AZS[config["region"]][1]
87
- opts["subnet3_az"] ||= Config::AZS[config["region"]][2]
88
- config.write(opts, :config)
89
- cfg = CloudFormation::VPC.new(cluster_name).create
90
- config.write(cfg)
91
- end
92
-
93
- desc "create-eks-cluster", "create EKS cluster on AWS"
94
- def create_eks_cluster
95
- cluster = EKS::Cluster.new(cluster_name).create
96
- cluster.await
97
- Config[cluster_name].write({cluster_arn: cluster.arn})
98
- cluster.update_kubeconfig
74
+ desc "update-cluster-cni", "updates cni with warm ip target"
75
+ def update_cluster_cni
76
+ K8s::Client.new(cluster_name).update_cni
99
77
  end
100
78
 
101
79
  desc "enable-gpu", "installs nvidia plugin as a daemonset on the cluster"
@@ -164,14 +142,6 @@ module EksCli
164
142
  Config[cluster_name].set_iam_policies(options[:policies])
165
143
  end
166
144
 
167
- desc "create-cluster-security-group", "creates a SG for cluster communication"
168
- option :open_ports, type: :array, default: [], desc: "open ports on cluster nodes"
169
- def create_cluster_security_group
170
- open_ports = options[:open_ports].map(&:to_i)
171
- gid = EC2::SecurityGroup.new(cluster_name, open_ports).create
172
- Config[cluster_name].write({nodes_sg_id: gid})
173
- end
174
-
175
145
  desc "update-dns HOSTNAME K8S_SERVICE_NAME", "alters route53 CNAME records to point to k8s service ELBs"
176
146
  option :route53_hosted_zone_id, required: true, desc: "hosted zone ID for the cname record on route53"
177
147
  option :elb_hosted_zone_id, required: true, desc: "hosted zone ID for the ELB on ec2"
data/lib/eks_cli/cloudformation/{vpc.rb → eks.rb} RENAMED
@@ -2,17 +2,18 @@ require 'cloudformation/stack'
2
2
  require 'config'
3
3
  require 'ipaddress'
4
4
  require 'log'
5
+ require 'utils/erb_resolver'
5
6
 
6
7
  module EksCli
7
8
  module CloudFormation
8
- class VPC
9
+ class EKS
9
10
 
10
11
  def initialize(cluster_name)
11
12
  @cluster_name = cluster_name
12
13
  end
13
14
 
14
15
  def create
15
- Log.info "creating VPC stack for #{@cluster_name}"
16
+ Log.info "creating EKS stack for #{@cluster_name}"
16
17
  s = Stack.create(@cluster_name, cf_config)
17
18
  Stack.await([s])
18
19
  s.reload
@@ -20,10 +21,14 @@ module EksCli
20
21
  SecurityGroups: #{s.output("SecurityGroups")}
21
22
  VpcId: #{s.output("VpcId")}
22
23
  SubnetIds: #{s.output("SubnetIds")}
24
+ EKSClusterARN: #{s.output("EKSClusterARN")}
25
+ NodeGroupsInClusterSecurityGroup: #{s.output("NodeGroupsInClusterSecurityGroup")}
23
26
  "
24
27
  {control_plane_sg_id: s.output("SecurityGroups"),
25
28
  vpc_id: s.output("VpcId"),
26
- subnets: s.output("SubnetIds").split(",")}
29
+ subnets: s.output("SubnetIds").split(","),
30
+ nodes_sg_id: s.output("NodeGroupsInClusterSecurityGroup"),
31
+ cluster_arn: s.output("EKSClusterARN")}
27
32
  end
28
33
 
29
34
  private
@@ -32,15 +37,19 @@ module EksCli
32
37
  {stack_name: stack_name,
33
38
  template_body: cf_template_body,
34
39
  parameters: build_params,
40
+ capabilities: ["CAPABILITY_NAMED_IAM"],
35
41
  tags: tags}
36
42
  end
37
43
 
38
44
  def cf_template_body
39
- @cf_template_body ||= File.read(File.join($root_dir, '/assets/eks_vpc_cf_template.yaml'))
45
+ @cf_template_body ||= begin
46
+ template = File.read(File.join($root_dir, '/assets/cf/eks_cluster.yaml.erb'))
47
+ ERBResolver.render(template, {open_ports: config["open_ports"]})
48
+ end
40
49
  end
41
50
 
42
51
  def stack_name
43
- "#{@cluster_name}-EKS-VPC"
52
+ "#{@cluster_name}-EKS"
44
53
  end
45
54
 
46
55
  def tags
@@ -56,7 +65,8 @@ module EksCli
56
65
  "Subnet03Block" => subnets[2],
57
66
  "Subnet01AZ" => config["subnet1_az"],
58
67
  "Subnet02AZ" => config["subnet2_az"],
59
- "Subnet03AZ" => config["subnet3_az"]}.map do |(k,v)|
68
+ "Subnet03AZ" => config["subnet3_az"],
69
+ "ClusterName" => @cluster_name}.map do |(k,v)|
60
70
  {parameter_key: k, parameter_value: v}
61
71
  end
62
72
 
data/lib/eks_cli/eks/cluster.rb CHANGED
@@ -1,5 +1,4 @@
1
- require 'aws-sdk-eks'
2
- require 'eks/client'
1
+ require 'cloudformation/eks'
3
2
  require 'config'
4
3
  require 'log'
5
4
 
@@ -13,44 +12,11 @@ module EksCli
13
12
 
14
13
  def create
15
14
  Log.info "creating cluster #{@cluster_name}"
16
- Log.debug config
17
- resp = client.create_cluster(config)
18
- Log.info "response: #{resp.cluster}"
15
+ @config = CloudFormation::EKS.new(@cluster_name).create
19
16
  self
20
17
  end
21
18
 
22
- def config
23
- {name: @cluster_name,
24
- version: Config[@cluster_name]["kubernetes_version"],
25
- role_arn: Config[@cluster_name]["eks_role_arn"],
26
- resources_vpc_config: {
27
- subnet_ids: Config[@cluster_name]["subnets"],
28
- security_group_ids: [Config[@cluster_name]["control_plane_sg_id"]]}}
29
- end
30
-
31
- def await
32
- while status == "CREATING" do
33
- Log.info "waiting for cluster #{@cluster_name} to finish creation (#{status})"
34
- sleep 10
35
- end
36
- Log.info "cluster #{@cluster_name} created with status #{status}"
37
- end
38
-
39
- def status
40
- cluster.status
41
- end
42
-
43
- def cluster
44
- client.describe_cluster(name: @cluster_name).cluster
45
- end
46
-
47
- def arn
48
- cluster.arn
49
- end
50
-
51
- def client
52
- Client.get(@cluster_name)
53
- end
19
+ def config; @config; end
54
20
 
55
21
  def update_kubeconfig
56
22
  Log.info "updating kubeconfig for cluster #{@cluster_name}"
data/lib/eks_cli/k8s/client.rb CHANGED
@@ -1,3 +1,4 @@
1
+ require 'utils/erb_resolver'
1
2
  require 'yaml'
2
3
  require 'kubeclient'
3
4
  require_relative '../log'
@@ -18,7 +19,7 @@ module EksCli
18
19
 
19
20
  def enable_gpu
20
21
  Log.info "installing nvidia device plugin daemon set (GPU support)"
21
- self.create_daemon_set(resource_from_yaml("nvidia_device_plugin.yaml"))
22
+ self.create_daemon_set(resource_from_yaml("k8s/nvidia_device_plugin.yaml"))
22
23
  end
23
24
 
24
25
  def set_docker_registry_credentials(user, password, email)
@@ -33,12 +34,17 @@ module EksCli
33
34
 
34
35
  def create_default_storage_class
35
36
  Log.info "creating default storage class"
36
- Log.info self.create_storage_class(resource_from_yaml("default_storage_class.yaml"))
37
+ Log.info self.create_storage_class(resource_from_yaml("k8s/default_storage_class.yaml"))
37
38
  end
38
39
 
39
40
  def create_dns_autoscaler
40
41
  Log.info "creating kube-dns autoscaler"
41
- Log.info self.create_deployment(resource_from_yaml("dns_autoscaler.dep.yaml"))
42
+ Log.info self.create_deployment(resource_from_yaml("k8s/dns_autoscaler.dep.yaml"))
43
+ end
44
+
45
+ def update_cni
46
+ Log.info "updating cni"
47
+ Log.info self.update_daemon_set(resource_from_erb("k8s/cni_1_2_1.yaml.erb", {custom_warm_ip_target: config["warm_ip_target"]}))
42
48
  end
43
49
 
44
50
  def wait_for_cluster
@@ -59,11 +65,22 @@ module EksCli
59
65
 
60
66
  private
61
67
 
68
+ def resource_from_erb(filename, bindings)
69
+ erb = File.read(file_path(filename))
70
+ resolved = ERBResolver.render(erb, bindings)
71
+ yaml = YAML.load(resolved)
72
+ Kubeclient::Resource.new(yaml)
73
+ end
74
+
62
75
  def resource_from_yaml(filename)
63
- yaml = YAML.load_file(File.join($root_dir, "/assets/#{filename}"))
76
+ yaml = YAML.load_file(file_path(filename))
64
77
  Kubeclient::Resource.new(yaml)
65
78
  end
66
79
 
80
+ def file_path(filename)
81
+ File.join($root_dir, "/assets/#{filename}")
82
+ end
83
+
67
84
  def method_missing(method, *args, &block)
68
85
  if v1_client.respond_to?(method)
69
86
  v1_client.send(method, *args, &block)
data/lib/eks_cli/nodegroup.rb CHANGED
@@ -3,7 +3,6 @@ require 'aws-sdk-autoscaling'
3
3
  require 'config'
4
4
  require 'spotinst/client'
5
5
  require 'cloudformation/stack'
6
- require 'iam/client'
7
6
  require 'k8s/auth'
8
7
  require 'log'
9
8
 
@@ -100,7 +99,7 @@ module EksCli
100
99
  private
101
100
 
102
101
  def cf_template_body
103
- @cf_template_body ||= File.read(File.join($root_dir, '/assets/nodegroup_cf_template.yaml'))
102
+ @cf_template_body ||= File.read(File.join($root_dir, '/assets/cf/nodegroup.yaml'))
104
103
  end
105
104
 
106
105
  def await(stack)
data/lib/eks_cli/utils/erb_resolver.rb ADDED
@@ -0,0 +1,15 @@
1
+ require 'ostruct'
2
+ require 'erb'
3
+
4
+ module EksCli
5
+ class ERBResolver < OpenStruct
6
+ def self.render(t, h)
7
+ ERBResolver.new(h).render(t)
8
+ end
9
+
10
+ def render(template)
11
+ ERB.new(template).result(binding)
12
+ end
13
+ end
14
+ end
15
+
data/lib/eks_cli/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EksCli
2
- VERSION = "0.2.8"
2
+ VERSION = "0.3.0"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: eks_cli
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.8
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Erez Rabih
@@ -24,34 +24,6 @@ dependencies:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
26
  version: 0.20.3
27
- - !ruby/object:Gem::Dependency
28
- name: aws-sdk-iam
29
- requirement: !ruby/object:Gem::Requirement
30
- requirements:
31
- - - '='
32
- - !ruby/object:Gem::Version
33
- version: 1.12.0
34
- type: :runtime
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
38
- - - '='
39
- - !ruby/object:Gem::Version
40
- version: 1.12.0
41
- - !ruby/object:Gem::Dependency
42
- name: aws-sdk-eks
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - '='
46
- - !ruby/object:Gem::Version
47
- version: 1.9.0
48
- type: :runtime
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - '='
53
- - !ruby/object:Gem::Version
54
- version: 1.9.0
55
27
  - !ruby/object:Gem::Dependency
56
28
  name: aws-sdk-ec2
57
29
  requirement: !ruby/object:Gem::Requirement
@@ -178,21 +150,19 @@ files:
178
150
  - README.md
179
151
  - bin/eks
180
152
  - eks_cli.gemspec
181
- - lib/assets/default_storage_class.yaml
182
- - lib/assets/dns_autoscaler.dep.yaml
183
- - lib/assets/eks_vpc_cf_template.yaml
184
- - lib/assets/nodegroup_cf_template.yaml
185
- - lib/assets/nvidia_device_plugin.yaml
153
+ - lib/assets/cf/eks_cluster.yaml.erb
154
+ - lib/assets/cf/nodegroup.yaml
155
+ - lib/assets/k8s/cni_1_2_1.yaml.erb
156
+ - lib/assets/k8s/default_storage_class.yaml
157
+ - lib/assets/k8s/dns_autoscaler.dep.yaml
158
+ - lib/assets/k8s/nvidia_device_plugin.yaml
186
159
  - lib/eks_cli.rb
187
160
  - lib/eks_cli/cli.rb
188
161
  - lib/eks_cli/cloudformation/client.rb
162
+ - lib/eks_cli/cloudformation/eks.rb
189
163
  - lib/eks_cli/cloudformation/stack.rb
190
- - lib/eks_cli/cloudformation/vpc.rb
191
164
  - lib/eks_cli/config.rb
192
- - lib/eks_cli/ec2/security_group.rb
193
- - lib/eks_cli/eks/client.rb
194
165
  - lib/eks_cli/eks/cluster.rb
195
- - lib/eks_cli/iam/client.rb
196
166
  - lib/eks_cli/k8s/auth.rb
197
167
  - lib/eks_cli/k8s/client.rb
198
168
  - lib/eks_cli/k8s/configmap_builder.rb
@@ -200,6 +170,7 @@ files:
200
170
  - lib/eks_cli/nodegroup.rb
201
171
  - lib/eks_cli/route53/client.rb
202
172
  - lib/eks_cli/spotinst/client.rb
173
+ - lib/eks_cli/utils/erb_resolver.rb
203
174
  - lib/eks_cli/version.rb
204
175
  - lib/eks_cli/vpc/client.rb
205
176
  homepage: https://github.com/nanit/eks_cli
data/lib/eks_cli/ec2/security_group.rb DELETED
@@ -1,53 +0,0 @@
1
- require 'aws-sdk-ec2'
2
- require 'log'
3
- require 'config'
4
- module EksCli
5
- module EC2
6
- class SecurityGroup
7
-
8
- def initialize(cluster_name, open_ports)
9
- @cluster_name = cluster_name
10
- @open_ports = open_ports
11
- end
12
-
13
- def create
14
- Log.info "creating security group for in-cluster communication for #{@cluster_name}"
15
- gid = client.create_security_group(description: "Security group for in-cluster communication on #{@cluster_name}",
16
- group_name: "#{@cluster_name}-SG",
17
- vpc_id: vpc_id).group_id
18
-
19
- Log.info "created security group #{gid}, setting ingress/egress rules"
20
-
21
- client.authorize_security_group_ingress(group_id: gid,
22
- ip_permissions: [{from_port: -1,
23
- ip_protocol: "-1",
24
- to_port: -1,
25
- user_id_group_pairs: [{description: "in-cluster communication for #{@cluster_name}",
26
- group_id: gid}]}])
27
-
28
- @open_ports.each do |port|
29
-
30
- client.authorize_security_group_ingress(group_id: gid,
31
- ip_permissions: [{from_port: port,
32
- to_port: port,
33
- ip_protocol: "tcp",
34
- ip_ranges: [{cidr_ip: "0.0.0.0/0",
35
- description: "EKS cluster allow access on port #{port}"}]}])
36
- end
37
-
38
- Log.info "done"
39
- gid
40
- end
41
-
42
- private
43
-
44
- def vpc_id
45
- Config[@cluster_name]["vpc_id"]
46
- end
47
-
48
- def client
49
- @client ||= Aws::EC2::Client.new(region: Config[@cluster_name]["region"])
50
- end
51
- end
52
- end
53
- end
data/lib/eks_cli/eks/client.rb DELETED
@@ -1,11 +0,0 @@
1
- require 'aws-sdk-eks'
2
- require 'config'
3
- module EksCli
4
- module EKS
5
- class Client
6
- def self.get(cluster_name)
7
- @client ||= Aws::EKS::Client.new(region: Config[cluster_name]["region"])
8
- end
9
- end
10
- end
11
- end
data/lib/eks_cli/iam/client.rb DELETED
@@ -1,64 +0,0 @@
1
- require 'aws-sdk-iam'
2
- require 'config'
3
- module EksCli
4
- module IAM
5
- class Client
6
-
7
- EKS_CLUSTER_POLICIES = ["AmazonEKSClusterPolicy", "AmazonEKSServicePolicy"]
8
- ASSUME_ROLE = {
9
- "Version" => "2012-10-17",
10
- "Statement" => [
11
- {
12
- "Effect" => "Allow",
13
- "Principal" => {
14
- "Service" => "eks.amazonaws.com"
15
- },
16
- "Action" => "sts:AssumeRole"
17
- }
18
- ]
19
- }
20
-
21
- def initialize(cluster_name)
22
- @cluster_name = cluster_name
23
- end
24
-
25
- def client
26
- @client ||= Aws::IAM::Client.new(region: config["region"])
27
- end
28
-
29
- def config
30
- @config ||= Config[@cluster_name]
31
- end
32
-
33
- def create_eks_role
34
- Log.info "creating IAM cluster role for #{@cluster_name}"
35
- begin
36
- role = client.get_role(role_name: role_name).role
37
- rescue Aws::IAM::Errors::NoSuchEntity => e
38
- role = client.create_role(role_name: role_name,
39
- description: "created by eks cli for #{@cluster_name}",
40
- assume_role_policy_document: ASSUME_ROLE.to_json).role
41
- attach_policies(role.role_name, EKS_CLUSTER_POLICIES)
42
- end
43
- Log.info "created role #{role}"
44
- role
45
- end
46
-
47
- def attach_policies(role_name, policies)
48
- Log.info "attaching IAM policies to #{role_name}"
49
- policies.each do |p|
50
- client.attach_role_policy(policy_arn: arn(p),
51
- role_name: role_name)
52
- end
53
- end
54
-
55
- def arn(p)
56
- "arn:aws:iam::aws:policy/#{p}"
57
- end
58
-
59
- def role_name
60
- "#{@cluster_name}-EKS-Role"
61
- end
62
- end
63
- end
64
- end