From 3f73efe33bd30f41f57966ee59e031eb00d6b4a8 Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Wed, 21 Oct 2020 11:53:35 +1100 Subject: [PATCH 01/10] Add fargate profile functionality --- eks-cluster.cfhighlander.rb | 6 ++++++ eks-cluster.cfndsl.rb | 27 +++++++++++++++++++++++++++ tests/fargate.test.yaml | 31 +++++++++++++++++++++++++++++++ 3 files changed, 64 insertions(+) create mode 100644 tests/fargate.test.yaml diff --git a/eks-cluster.cfhighlander.rb b/eks-cluster.cfhighlander.rb index 044e342..6922954 100644 --- a/eks-cluster.cfhighlander.rb +++ b/eks-cluster.cfhighlander.rb @@ -19,6 +19,12 @@ ComponentParam 'DesiredCapacity', '1' ComponentParam 'MinSize', '1' ComponentParam 'MaxSize', '2' + + fargate_profiles.each do |profile| + name = profile['name'].gsub('-','').gsub('_','').capitalize + ComponentParam "#{name}FargateProfileName", '' + ComponentParam "#{name}FargateSubnetIds", type: 'List' + end if defined? fargate_profiles end LambdaFunctions 'draining_lambda' diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index f6a1287..4677850 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -16,6 +16,33 @@ ]) } + + fargate_profiles = external_parameters.fetch(:fargate_profiles, {}) + + IAM_Role(:PodExecutionRoleArn) { + AssumeRolePolicyDocument service_assume_role_policy('eks-fargate-pods') + Path '/' + ManagedPolicyArns([ + 'arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy' + ]) + } unless fargate_profiles == {} + + fargate_profiles.each do |profile| + name = profile['name'].gsub('-','').gsub('_','').capitalize + unless profile.has_key?('selectors') + raise ArgumentError, "Selectors must be defined for fargate profiles" + end + Resource("#{name}FargateProfile") do + Type 'AWS::EKS::FargateProfile' + Property('ClusterName', Ref(:EksCluster)) + Property('FargateProfileName', Ref("#{name}FargateProfileName")) + Property('PodExecutionRoleArn', Ref(:PodExecutionRoleArn)) + Property('Subnets', Ref("#{name}FargateSubnetIds")) + Property('Tags', [{ Key: 'Name', Value: FnSub("${EnvironmentName}-#{name}-fargate-profile")}] + tags) + Property('Selectors', profile['selectors']) + end + end + AutoScaling_LifecycleHook(:DrainingLifecycleHook) { AutoScalingGroupName Ref('EksNodeAutoScalingGroup') HeartbeatTimeout 450 diff --git a/tests/fargate.test.yaml b/tests/fargate.test.yaml new file mode 100644 index 0000000..e333e7e --- /dev/null +++ b/tests/fargate.test.yaml @@ -0,0 +1,31 @@ +test_metadata: + type: config + name: basic + description: test for creating a fargate profile + +cluster_name: ${EnvironmentName}-Cluster +eks_version: 1.18 + +fargate_profiles: + - + name: batch + selectors: + - + Namespace: + Fn::Sub: ${EnvironmentName} + Labels: + - + Key: MyKey + Value: MyValue + +extra_tags: + Cluster: ${EnvironmentName}-Cluster + +iam: + services: + - ec2 + - ssm + policies: + ssm_get_parameters: + action: + - ssm:GetParametersByPath From 886df2c101e121560a9b71771836505802085560 Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Wed, 21 Oct 2020 13:50:40 +1100 Subject: [PATCH 02/10] Must use same subnets as eks cluster for fargate profile --- eks-cluster.cfhighlander.rb | 2 +- eks-cluster.cfndsl.rb | 9 +++++++-- tests/fargate.test.yaml | 2 +- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/eks-cluster.cfhighlander.rb b/eks-cluster.cfhighlander.rb index 6922954..34d922e 100644 --- a/eks-cluster.cfhighlander.rb +++ b/eks-cluster.cfhighlander.rb @@ -23,8 +23,8 @@ fargate_profiles.each do |profile| name = profile['name'].gsub('-','').gsub('_','').capitalize ComponentParam "#{name}FargateProfileName", '' - ComponentParam "#{name}FargateSubnetIds", type: 'List' end if defined? fargate_profiles + end LambdaFunctions 'draining_lambda' diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index 4677850..086d8eb 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -32,12 +32,17 @@ unless profile.has_key?('selectors') raise ArgumentError, "Selectors must be defined for fargate profiles" end + Condition("#{name}FargateProfileNameSet", FnNot(FnEquals(Ref("#{name}FargateProfileName"), ''))) Resource("#{name}FargateProfile") do Type 'AWS::EKS::FargateProfile' Property('ClusterName', Ref(:EksCluster)) - Property('FargateProfileName', Ref("#{name}FargateProfileName")) + Property('FargateProfileName', + FnIf("#{name}FargateProfileNameSet", + Ref("#{name}FargateProfileName"), + FnSub("${EnvironmentName}-#{name}-fargate-profile")) + ) Property('PodExecutionRoleArn', Ref(:PodExecutionRoleArn)) - Property('Subnets', Ref("#{name}FargateSubnetIds")) + Property('Subnets', FnSplit(',', Ref('SubnetIds'))) Property('Tags', [{ Key: 'Name', Value: FnSub("${EnvironmentName}-#{name}-fargate-profile")}] + tags) Property('Selectors', profile['selectors']) end diff --git a/tests/fargate.test.yaml b/tests/fargate.test.yaml index e333e7e..01a895c 100644 --- a/tests/fargate.test.yaml +++ b/tests/fargate.test.yaml @@ -1,6 +1,6 @@ test_metadata: type: config - name: basic + name: fargate description: test for creating a fargate profile cluster_name: ${EnvironmentName}-Cluster From 7de39df34b65a9069ba20737741a27aff3874b3b Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Thu, 22 Oct 2020 10:08:16 +1100 Subject: [PATCH 03/10] Export roles --- eks-cluster.cfndsl.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index 086d8eb..1330ac1 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -261,10 +261,12 @@ Output(:DrainingLambdaRole) { Value(FnGetAtt(:LambdaRoleDraining, :Arn)) + Export FnSub("${EnvironmentName}-#{external_parameters[:component_name]}-DrainingLambdaRole") } Output(:EksNodeRole) { Value(FnGetAtt(:EksNodeRole, :Arn)) + Export FnSub("${EnvironmentName}-#{external_parameters[:component_name]}-EksNodeRole") } end From 6c1d1dd919e83051a288a6a9f665a3fd2aea8398 Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Thu, 22 Oct 2020 11:25:12 +1100 Subject: [PATCH 04/10] Use correct resource call for execution role --- eks-cluster.cfndsl.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index 1330ac1..fba557c 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -41,7 +41,7 @@ Ref("#{name}FargateProfileName"), FnSub("${EnvironmentName}-#{name}-fargate-profile")) ) - Property('PodExecutionRoleArn', Ref(:PodExecutionRoleArn)) + Property('PodExecutionRoleArn', FnGetAtt(:PodExecutionRoleArn, :Arn)) Property('Subnets', FnSplit(',', Ref('SubnetIds'))) Property('Tags', [{ Key: 'Name', Value: FnSub("${EnvironmentName}-#{name}-fargate-profile")}] + tags) Property('Selectors', profile['selectors']) From 1f6b3f75f703216cc2e97732c550c217309e2cba Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Thu, 22 Oct 2020 17:10:10 +1100 Subject: [PATCH 05/10] Add in managed node groups while remaining backwards compatible --- eks-cluster.cfhighlander.rb | 9 +- eks-cluster.cfndsl.rb | 210 ++++++++++-------- tests/managed_node_group.test.yaml | 29 +++ ...naged_node_group_launch_template.test.yaml | 30 +++ 4 files changed, 189 insertions(+), 89 deletions(-) create mode 100644 tests/managed_node_group.test.yaml create mode 100644 tests/managed_node_group_launch_template.test.yaml diff --git a/eks-cluster.cfhighlander.rb b/eks-cluster.cfhighlander.rb index 34d922e..199097e 100644 --- a/eks-cluster.cfhighlander.rb +++ b/eks-cluster.cfhighlander.rb @@ -25,8 +25,13 @@ ComponentParam "#{name}FargateProfileName", '' end if defined? fargate_profiles - end + if defined?(managed_node_group['enabled']) && managed_node_group['enabled'] + ComponentParam 'ForceUpdateEnabled', false + ComponentParam 'InstanceTypes', '' + end - LambdaFunctions 'draining_lambda' + end + + LambdaFunctions 'draining_lambda' if !defined?(managed_node_group['enabled']) end diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index fba557c..b8a1751 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -16,7 +16,6 @@ ]) } - fargate_profiles = external_parameters.fetch(:fargate_profiles, {}) IAM_Role(:PodExecutionRoleArn) { @@ -48,27 +47,6 @@ end end - AutoScaling_LifecycleHook(:DrainingLifecycleHook) { - AutoScalingGroupName Ref('EksNodeAutoScalingGroup') - HeartbeatTimeout 450 - LifecycleTransition 'autoscaling:EC2_INSTANCE_TERMINATING' - } - - Lambda_Permission(:DrainingLambdaPermission) { - Action 'lambda:InvokeFunction' - FunctionName FnGetAtt('Drainer', 'Arn') - Principal 'events.amazonaws.com' - SourceArn FnGetAtt('LifecycleEvent', 'Arn') - } - - draining_lambda = external_parameters[:draining_lambda] - Events_Rule(:LifecycleEvent) { - Description FnSub("Rule for ${EnvironmentName} eks draining lifecycle hook") - State 'ENABLED' - EventPattern draining_lambda['event']['pattern'] - Targets draining_lambda['event']['targets'] - } - EC2_SecurityGroup(:EksClusterSecurityGroup) { VpcId Ref('VPCId') GroupDescription "EKS Cluster communication with worker nodes" @@ -183,85 +161,143 @@ Roles [Ref(:EksNodeRole)] end - # Setup userdata string - node_userdata = "#!/bin/bash\nset -o xtrace\n" - node_userdata << external_parameters.fetch(:eks_bootstrap, '') - node_userdata << userdata = external_parameters.fetch(:userdata, '') - node_userdata << cfnsignal = external_parameters.fetch(:cfnsignal, '') - - launch_template_tags = [ - { Key: 'Name', Value: FnSub("${EnvironmentName}-eks-node-xx") }, - { Key: FnSub("kubernetes.io/cluster/${EksCluster}"), Value: 'owned' } - ] - launch_template_tags += tags - - template_data = { - SecurityGroupIds: [ Ref(:EksNodeSecurityGroup) ], - TagSpecifications: [ - { ResourceType: 'instance', Tags: launch_template_tags }, - { ResourceType: 'volume', Tags: launch_template_tags } - ], - UserData: FnBase64(FnSub(node_userdata)), - IamInstanceProfile: { Name: Ref(:EksNodeInstanceProfile) }, - KeyName: FnIf('KeyNameSet', Ref('KeyName'), Ref('AWS::NoValue')), - ImageId: Ref('ImageId'), - Monitoring: { Enabled: detailed_monitoring }, - InstanceType: Ref('InstanceType') - } - - spot = external_parameters.fetch(:spot, {}) - unless spot.empty? - spot_options = { - MarketType: 'spot', - SpotOptions: { - SpotInstanceType: (defined?(spot['type']) ? spot['type'] : 'one-time'), - MaxPrice: FnSub(spot['price']) - } + managed_node_group = external_parameters.fetch(:managed_node_group, {}) + managed_node_group_use_launch_template = managed_node_group['launch_template'] ? managed_node_group['launch_template'] : false + if !managed_node_group['enabled'] || managed_node_group_use_launch_template + # Setup userdata string + node_userdata = "#!/bin/bash\nset -o xtrace\n" + node_userdata << external_parameters.fetch(:eks_bootstrap, '') + node_userdata << userdata = external_parameters.fetch(:userdata, '') + node_userdata << cfnsignal = external_parameters.fetch(:cfnsignal, '') + + launch_template_tags = [ + { Key: 'Name', Value: FnSub("${EnvironmentName}-eks-node-xx") }, + { Key: FnSub("kubernetes.io/cluster/${EksCluster}"), Value: 'owned' } + ] + launch_template_tags += tags + + template_data = { + SecurityGroupIds: [ Ref(:EksNodeSecurityGroup) ], + TagSpecifications: [ + { ResourceType: 'instance', Tags: launch_template_tags }, + { ResourceType: 'volume', Tags: launch_template_tags } + ], + UserData: FnBase64(FnSub(node_userdata)), + IamInstanceProfile: { Name: Ref(:EksNodeInstanceProfile) }, + KeyName: FnIf('KeyNameSet', Ref('KeyName'), Ref('AWS::NoValue')), + ImageId: Ref('ImageId'), + Monitoring: { Enabled: detailed_monitoring }, + InstanceType: Ref('InstanceType') } - template_data[:InstanceMarketOptions] = FnIf('SpotEnabled', spot_options, Ref('AWS::NoValue')) + + spot = external_parameters.fetch(:spot, {}) + unless spot.empty? + spot_options = { + MarketType: 'spot', + SpotOptions: { + SpotInstanceType: (defined?(spot['type']) ? spot['type'] : 'one-time'), + MaxPrice: FnSub(spot['price']) + } + } + template_data[:InstanceMarketOptions] = FnIf('SpotEnabled', spot_options, Ref('AWS::NoValue')) + + end + # Remove options that are not allowed with node groups if we specify our own launch template + # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-nodegroup-launchtemplatespecification.html + [:InstanceMarketOptions, :IamInstanceProfile].each {|k| template_data.delete(k) if template_data.has_key?(k)} if managed_node_group['launch_template'] + + EC2_LaunchTemplate(:EksNodeLaunchTemplate) { + LaunchTemplateData(template_data) + } end - EC2_LaunchTemplate(:EksNodeLaunchTemplate) { - LaunchTemplateData(template_data) - } + if managed_node_group['enabled'] + Condition("InstancesSpecified", FnNot(FnEquals(Ref('InstanceTypes'), ''))) + Resource(:ManagedNodeGroup) do + Type 'AWS::EKS::Nodegroup' + Property('ClusterName', Ref(:EksCluster)) + Property('NodegroupName', FnSub(managed_node_group['name'])) if managed_node_group.has_key?('name') + Property('NodeRole', FnGetAtt(:EksNodeRole, :Arn)) + Property('Subnets', FnSplit(',', Ref('SubnetIds'))) + Property('Tags', [{ Key: 'Name', Value: FnSub("${EnvironmentName}-eks-managed-node-group")}] + tags) + Property('DiskSize', managed_node_group['disk_size']) if managed_node_group.has_key?('disk_size') && managed_node_group_use_launch_template + Property('LaunchTemplate', { + Id: Ref(:EksNodeLaunchTemplate), + Version: FnGetAtt(:EksNodeLaunchTemplate, :LatestVersionNumber) + }) if managed_node_group['launch_template'] + Property('ForceUpdateEnabled', Ref(:ForceUpdateEnabled)) + Property('InstanceTypes', FnIf('InstancesSpecified', Ref('InstanceTypes'), Ref('AWS::NoValue'))) #Default is t3.medium + Property('ScalingConfig', { + DesiredCapacity: Ref('DesiredCapacity'), + MinSize: Ref('MinSize'), + MaxSize: Ref('MaxSize') + }) + Property('Labels', managed_node_group['labels']) if managed_node_group.has_key?('labels') + end + else + AutoScaling_LifecycleHook(:DrainingLifecycleHook) { + AutoScalingGroupName Ref('EksNodeAutoScalingGroup') + HeartbeatTimeout 450 + LifecycleTransition 'autoscaling:EC2_INSTANCE_TERMINATING' + } - asg_tags = [ - { Key: FnSub("k8s.io/cluster/${EksCluster}"), Value: 'owned' }, - { Key: 'k8s.io/cluster-autoscaler/enabled', Value: Ref('EnableScaling') } - ] - asg_tags = tags.clone.map(&:clone).concat(asg_tags).uniq.each {|tag| tag[:PropagateAtLaunch] = false } - AutoScaling_AutoScalingGroup(:EksNodeAutoScalingGroup) { - UpdatePolicy(:AutoScalingRollingUpdate, { - MaxBatchSize: '1', - MinInstancesInService: FnIf('SpotEnabled', 0, Ref('DesiredCapacity')), - SuspendProcesses: %w(HealthCheck ReplaceUnhealthy AZRebalance AlarmNotification ScheduledActions), - PauseTime: 'PT5M' - }) - DesiredCapacity Ref('DesiredCapacity') - MinSize Ref('MinSize') - MaxSize Ref('MaxSize') - VPCZoneIdentifiers FnSplit(',', Ref('SubnetIds')) - LaunchTemplate({ - LaunchTemplateId: Ref(:EksNodeLaunchTemplate), - Version: FnGetAtt(:EksNodeLaunchTemplate, :LatestVersionNumber) - }) - Tags asg_tags - } + Lambda_Permission(:DrainingLambdaPermission) { + Action 'lambda:InvokeFunction' + FunctionName FnGetAtt('Drainer', 'Arn') + Principal 'events.amazonaws.com' + SourceArn FnGetAtt('LifecycleEvent', 'Arn') + } + + draining_lambda = external_parameters[:draining_lambda] + Events_Rule(:LifecycleEvent) { + Description FnSub("Rule for ${EnvironmentName} eks draining lifecycle hook") + State 'ENABLED' + EventPattern draining_lambda['event']['pattern'] + Targets draining_lambda['event']['targets'] + } + + Output(:DrainingLambdaRole) { + Value(FnGetAtt(:LambdaRoleDraining, :Arn)) + Export FnSub("${EnvironmentName}-#{external_parameters[:component_name]}-DrainingLambdaRole") + } + + asg_tags = [ + { Key: FnSub("k8s.io/cluster/${EksCluster}"), Value: 'owned' }, + { Key: 'k8s.io/cluster-autoscaler/enabled', Value: Ref('EnableScaling') } + ] + asg_tags = tags.clone.map(&:clone).concat(asg_tags).uniq.each {|tag| tag[:PropagateAtLaunch] = false } + AutoScaling_AutoScalingGroup(:EksNodeAutoScalingGroup) { + UpdatePolicy(:AutoScalingRollingUpdate, { + MaxBatchSize: '1', + MinInstancesInService: FnIf('SpotEnabled', 0, Ref('DesiredCapacity')), + SuspendProcesses: %w(HealthCheck ReplaceUnhealthy AZRebalance AlarmNotification ScheduledActions), + PauseTime: 'PT5M' + }) + DesiredCapacity Ref('DesiredCapacity') + MinSize Ref('MinSize') + MaxSize Ref('MaxSize') + VPCZoneIdentifiers FnSplit(',', Ref('SubnetIds')) + LaunchTemplate({ + LaunchTemplateId: Ref(:EksNodeLaunchTemplate), + Version: FnGetAtt(:EksNodeLaunchTemplate, :LatestVersionNumber) + }) + Tags asg_tags + } + end Output(:EksNodeSecurityGroup) { Value(Ref(:EksNodeSecurityGroup)) } - Output(:EksClusterName) { - Value(Ref(:EksCluster)) + Output(:EksClusterSecurityGroup) { + Value(Ref(:EksClusterSecurityGroup)) } - Output(:DrainingLambdaRole) { - Value(FnGetAtt(:LambdaRoleDraining, :Arn)) - Export FnSub("${EnvironmentName}-#{external_parameters[:component_name]}-DrainingLambdaRole") + Output(:EksClusterName) { + Value(Ref(:EksCluster)) } Output(:EksNodeRole) { diff --git a/tests/managed_node_group.test.yaml b/tests/managed_node_group.test.yaml new file mode 100644 index 0000000..ddd57af --- /dev/null +++ b/tests/managed_node_group.test.yaml @@ -0,0 +1,29 @@ +test_metadata: + type: config + name: managed_node_group + description: test for creating a fargate profile + +cluster_name: ${EnvironmentName}-Cluster +eks_version: 1.18 + +managed_node_group: + name: my-node-group + enabled: true + disk_size: 40 + labels: + Key1: Value1 + Key2: + Fn::Sub: Value2 + + +extra_tags: + Cluster: ${EnvironmentName}-Cluster + +iam: + services: + - ec2 + - ssm + policies: + ssm_get_parameters: + action: + - ssm:GetParametersByPath diff --git a/tests/managed_node_group_launch_template.test.yaml b/tests/managed_node_group_launch_template.test.yaml new file mode 100644 index 0000000..e5ee564 --- /dev/null +++ b/tests/managed_node_group_launch_template.test.yaml @@ -0,0 +1,30 @@ +test_metadata: + type: config + name: managed_node_group_with_launch_template + description: test for creating a fargate profile + +cluster_name: ${EnvironmentName}-Cluster +eks_version: 1.18 + +managed_node_group: + name: my-node-group + enabled: true + launch_template: true + + +spot: + type: persistent + price: ${SpotPrice} + + +extra_tags: + Cluster: ${EnvironmentName}-Cluster + +iam: + services: + - ec2 + - ssm + policies: + ssm_get_parameters: + action: + - ssm:GetParametersByPath From 49e317ff5cbaa0830ff9b8389d325fd1525dd4e4 Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Thu, 22 Oct 2020 17:21:59 +1100 Subject: [PATCH 06/10] Use variable --- eks-cluster.cfndsl.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index b8a1751..084d28f 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -205,7 +205,7 @@ # Remove options that are not allowed with node groups if we specify our own launch template # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-nodegroup-launchtemplatespecification.html - [:InstanceMarketOptions, :IamInstanceProfile].each {|k| template_data.delete(k) if template_data.has_key?(k)} if managed_node_group['launch_template'] + [:InstanceMarketOptions, :IamInstanceProfile].each {|k| template_data.delete(k) if template_data.has_key?(k)} if managed_node_group_use_launch_template EC2_LaunchTemplate(:EksNodeLaunchTemplate) { LaunchTemplateData(template_data) @@ -225,7 +225,7 @@ Property('LaunchTemplate', { Id: Ref(:EksNodeLaunchTemplate), Version: FnGetAtt(:EksNodeLaunchTemplate, :LatestVersionNumber) - }) if managed_node_group['launch_template'] + }) if managed_node_group_use_launch_template Property('ForceUpdateEnabled', Ref(:ForceUpdateEnabled)) Property('InstanceTypes', FnIf('InstancesSpecified', Ref('InstanceTypes'), Ref('AWS::NoValue'))) #Default is t3.medium Property('ScalingConfig', { From ec683e375415d7b927c724da71e3d1d5ba23357f Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Mon, 26 Oct 2020 10:38:52 +1100 Subject: [PATCH 07/10] Bug fixes --- eks-cluster.cfndsl.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index 084d28f..835b3ce 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -16,7 +16,7 @@ ]) } - fargate_profiles = external_parameters.fetch(:fargate_profiles, {}) + fargate_profiles = external_parameters.fetch(:fargate_profiles, []) IAM_Role(:PodExecutionRoleArn) { AssumeRolePolicyDocument service_assume_role_policy('eks-fargate-pods') @@ -24,7 +24,7 @@ ManagedPolicyArns([ 'arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy' ]) - } unless fargate_profiles == {} + } unless fargate_profiles == [] fargate_profiles.each do |profile| name = profile['name'].gsub('-','').gsub('_','').capitalize @@ -221,7 +221,7 @@ Property('NodeRole', FnGetAtt(:EksNodeRole, :Arn)) Property('Subnets', FnSplit(',', Ref('SubnetIds'))) Property('Tags', [{ Key: 'Name', Value: FnSub("${EnvironmentName}-eks-managed-node-group")}] + tags) - Property('DiskSize', managed_node_group['disk_size']) if managed_node_group.has_key?('disk_size') && managed_node_group_use_launch_template + Property('DiskSize', managed_node_group['disk_size']) if managed_node_group.has_key?('disk_size') && !managed_node_group_use_launch_template Property('LaunchTemplate', { Id: Ref(:EksNodeLaunchTemplate), Version: FnGetAtt(:EksNodeLaunchTemplate, :LatestVersionNumber) From 9e755458265ab8db88555f88833dd7a9eaabee60 Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Mon, 26 Oct 2020 11:11:44 +1100 Subject: [PATCH 08/10] bug fixes --- eks-cluster.cfndsl.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index 835b3ce..5435cb3 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -220,7 +220,7 @@ Property('NodegroupName', FnSub(managed_node_group['name'])) if managed_node_group.has_key?('name') Property('NodeRole', FnGetAtt(:EksNodeRole, :Arn)) Property('Subnets', FnSplit(',', Ref('SubnetIds'))) - Property('Tags', [{ Key: 'Name', Value: FnSub("${EnvironmentName}-eks-managed-node-group")}] + tags) + # Property('Tags', { Key: 'Name', Value: FnSub("${EnvironmentName}-eks-managed-node-group")} + tags) Property('DiskSize', managed_node_group['disk_size']) if managed_node_group.has_key?('disk_size') && !managed_node_group_use_launch_template Property('LaunchTemplate', { Id: Ref(:EksNodeLaunchTemplate), @@ -229,7 +229,7 @@ Property('ForceUpdateEnabled', Ref(:ForceUpdateEnabled)) Property('InstanceTypes', FnIf('InstancesSpecified', Ref('InstanceTypes'), Ref('AWS::NoValue'))) #Default is t3.medium Property('ScalingConfig', { - DesiredCapacity: Ref('DesiredCapacity'), + DesiredSize: Ref('DesiredCapacity'), MinSize: Ref('MinSize'), MaxSize: Ref('MaxSize') }) From 229fef8d9c425709326e38868df0c92020fdc680 Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Mon, 26 Oct 2020 11:52:05 +1100 Subject: [PATCH 09/10] bug fixes --- eks-cluster.cfndsl.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index 5435cb3..7b01f8d 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -220,7 +220,7 @@ Property('NodegroupName', FnSub(managed_node_group['name'])) if managed_node_group.has_key?('name') Property('NodeRole', FnGetAtt(:EksNodeRole, :Arn)) Property('Subnets', FnSplit(',', Ref('SubnetIds'))) - # Property('Tags', { Key: 'Name', Value: FnSub("${EnvironmentName}-eks-managed-node-group")} + tags) + Property('Tags', [{ Key: 'Name', Value: FnSub("${EnvironmentName}-eks-managed-node-group")}] + tags) Property('DiskSize', managed_node_group['disk_size']) if managed_node_group.has_key?('disk_size') && !managed_node_group_use_launch_template Property('LaunchTemplate', { Id: Ref(:EksNodeLaunchTemplate), From e2aad8f66e2cf34e8f633bd049a48d37ebc6024e Mon Sep 17 00:00:00 2001 From: Samseppiol Date: Mon, 26 Oct 2020 12:51:29 +1100 Subject: [PATCH 10/10] Trial map for node group tags --- eks-cluster.cfndsl.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/eks-cluster.cfndsl.rb b/eks-cluster.cfndsl.rb index 7b01f8d..66d2119 100644 --- a/eks-cluster.cfndsl.rb +++ b/eks-cluster.cfndsl.rb @@ -5,7 +5,7 @@ tags = [] extra_tags = external_parameters.fetch(:extra_tags, {}) - extra_tags.each { |key,value| tags << { Key: FnSub(key), Value: FnSub(value) } } + extra_tags.each { |key,value| tags << { Key: key, Value: FnSub(value) } } IAM_Role(:EksClusterRole) { AssumeRolePolicyDocument service_assume_role_policy('eks') @@ -213,6 +213,7 @@ end if managed_node_group['enabled'] + node_group_tags = [{ Key: 'Name', Value: FnSub("${EnvironmentName}-eks-managed-node-group")}] + tags Condition("InstancesSpecified", FnNot(FnEquals(Ref('InstanceTypes'), ''))) Resource(:ManagedNodeGroup) do Type 'AWS::EKS::Nodegroup' @@ -220,7 +221,7 @@ Property('NodegroupName', FnSub(managed_node_group['name'])) if managed_node_group.has_key?('name') Property('NodeRole', FnGetAtt(:EksNodeRole, :Arn)) Property('Subnets', FnSplit(',', Ref('SubnetIds'))) - Property('Tags', [{ Key: 'Name', Value: FnSub("${EnvironmentName}-eks-managed-node-group")}] + tags) + Property('Tags', Hash[node_group_tags.collect {|obj| [obj[:Key], obj[:Value]]}]) Property('DiskSize', managed_node_group['disk_size']) if managed_node_group.has_key?('disk_size') && !managed_node_group_use_launch_template Property('LaunchTemplate', { Id: Ref(:EksNodeLaunchTemplate),