Documentation ¶
Index ¶
- Constants
- func AbstractRoleNameFromARN(arn string) string
- func AssignSubnets(ctx context.Context, np api.NodePool, vpcImporter vpc.Importer, ...) (*gfnt.Value, error)
- func GenerateClusterAutoscalerTags(np api.NodePool, addTag func(key, value string))
- func HasManagedNodesSG(stackResources *gjson.Result) bool
- func MakeServiceRef(servicePrincipalName string) *gfnt.Value
- func NormalizeARN(arn string) string
- type ClusterResourceSet
- func (c *ClusterResourceSet) AddAllResources(ctx context.Context) error
- func (c *ClusterResourceSet) GetAllOutputs(stack types.Stack) error
- func (c *ClusterResourceSet) RenderJSON() ([]byte, error)
- func (c *ClusterResourceSet) Template() gfn.Template
- func (c *ClusterResourceSet) WithIAM() bool
- func (c *ClusterResourceSet) WithNamedIAM() bool
- type ExistingVPCResourceSet
- type FargateResourceSet
- type IAMRoleResourceSet
- func NewIAMRoleResourceSetForServiceAccount(spec *api.ClusterIAMServiceAccount, oidc *iamoidc.OpenIDConnectManager) *IAMRoleResourceSet
- func NewIAMRoleResourceSetWithAttachPolicy(name, namespace, serviceAccount, permissionsBoundary string, ...) *IAMRoleResourceSet
- func NewIAMRoleResourceSetWithAttachPolicyARNs(name, namespace, serviceAccount, permissionsBoundary string, ...) *IAMRoleResourceSet
- func NewIAMRoleResourceSetWithWellKnownPolicies(name, namespace, serviceAccount, permissionsBoundary string, ...) *IAMRoleResourceSet
- type IPv4VPCResourceSet
- type IPv6VPCResourceSet
- type KarpenterResourceSet
- func (k *KarpenterResourceSet) AddAllResources() error
- func (k *KarpenterResourceSet) GetAllOutputs(stack types.Stack) error
- func (k *KarpenterResourceSet) RenderJSON() ([]byte, error)
- func (k *KarpenterResourceSet) Template() gfn.Template
- func (k *KarpenterResourceSet) WithIAM() bool
- func (k *KarpenterResourceSet) WithNamedIAM() bool
- type LaunchTemplateFetcher
- type ManagedNodeGroupResourceSet
- func (m *ManagedNodeGroupResourceSet) AddAllResources(ctx context.Context) error
- func (r ManagedNodeGroupResourceSet) GetAllOutputs(stack types.Stack) error
- func (m *ManagedNodeGroupResourceSet) RenderJSON() ([]byte, error)
- func (m *ManagedNodeGroupResourceSet) WithIAM() bool
- func (m *ManagedNodeGroupResourceSet) WithNamedIAM() bool
- type NodeGroupResourceSet
- func (n *NodeGroupResourceSet) AddAllResources(ctx context.Context) error
- func (n *NodeGroupResourceSet) GetAllOutputs(stack types.Stack) error
- func (n *NodeGroupResourceSet) RenderJSON() ([]byte, error)
- func (n *NodeGroupResourceSet) Template() gfn.Template
- func (n *NodeGroupResourceSet) WithIAM() bool
- func (n *NodeGroupResourceSet) WithNamedIAM() bool
- type ResourceSet
- type ResourceSetReader
- type SubnetDetails
- func (s *SubnetDetails) ControlPlaneSubnetRefs() []*gfnt.Value
- func (s *SubnetDetails) PrivateLocalZoneSubnetRefs() []*gfnt.Value
- func (s *SubnetDetails) PrivateOutpostSubnetRefs() []*gfnt.Value
- func (s *SubnetDetails) PrivateSubnetRefs() []*gfnt.Value
- func (s *SubnetDetails) PublicLocalZoneSubnetRefs() []*gfnt.Value
- func (s *SubnetDetails) PublicOutpostSubnetRefs() []*gfnt.Value
- func (s *SubnetDetails) PublicSubnetRefs() []*gfnt.Value
- type SubnetResource
- type VPCEndpointResourceSet
- type VPCEndpointServiceDetails
- type VPCResourceSet
Constants ¶
const ( // KarpenterNodeRoleName is the name of the role for nodes. KarpenterNodeRoleName = "KarpenterNodeRole" // KarpenterManagedPolicy managed policy name. KarpenterManagedPolicy = "KarpenterControllerPolicy" // KarpenterNodeInstanceProfile is the name of node instance profile. KarpenterNodeInstanceProfile = "KarpenterNodeInstanceProfile" )
const ( VPCResourceKey = "VPC" // Gateways IGWKey = "InternetGateway" GAKey = "VPCGatewayAttachment" EgressOnlyInternetGatewayKey = "EgressOnlyInternetGateway" NATGatewayKey = "NATGateway" ElasticIPKey = "EIP" // CIDRs IPv6CIDRBlockKey = "IPv6CidrBlock" InternetCIDR = "0.0.0.0/0" InternetIPv6CIDR = "::/0" // Routing PubRouteTableKey = "PublicRouteTable" PrivateRouteTableKey = "PrivateRouteTable" PubRouteTableAssociation = "RouteTableAssociationPublic" PrivateRouteTableAssociation = "RouteTableAssociationPrivate" PubSubRouteKey = "PublicSubnetDefaultRoute" PubSubIPv6RouteKey = "PublicSubnetIPv6DefaultRoute" PrivateSubnetRouteKey = "PrivateSubnetDefaultRoute" PrivateSubnetIpv6RouteKey = "PrivateSubnetDefaultIpv6Route" // Subnets PublicSubnetKey = "PublicSubnet" PrivateSubnetKey = "PrivateSubnet" )
const AMITypesWindows2019CoreX8664 ekstypes.AMITypes = "WINDOWS_CORE_2019_x86_64"
const AMITypesWindows2019FullX8664 ekstypes.AMITypes = "WINDOWS_FULL_2019_x86_64"
Windows AMI types are not in sdk-v2 yet, so the constants here are temporary; will remove after sdk is updated
const AMITypesWindows2022CoreX8664 ekstypes.AMITypes = "WINDOWS_CORE_2022_x86_64"
const AMITypesWindows2022FullX8664 ekstypes.AMITypes = "WINDOWS_FULL_2022_x86_64"
const ManagedNodeGroupResourceName = "ManagedNodeGroup"
const MaximumCreatedTagNumberPerCall = 25
const MaximumTagNumber = 50
MaximumTagNumber for ASGs as described here https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html
Variables ¶
This section is empty.
Functions ¶
func AbstractRoleNameFromARN ¶
AbstractRoleNameFromARN returns the role name from the ARN
func AssignSubnets ¶
func AssignSubnets(ctx context.Context, np api.NodePool, vpcImporter vpc.Importer, clusterConfig *api.ClusterConfig, ec2API awsapi.EC2) (*gfnt.Value, error)
AssignSubnets assigns subnets based on the availability zones, local zones and subnet IDs in the specified nodegroup.
func GenerateClusterAutoscalerTags ¶
GenerateClusterAutoscalerTags generates Cluster Autoscaler tags for labels and taints.
func HasManagedNodesSG ¶
HasManagedNodesSG reports whether the stack has the security group required for communication between managed and unmanaged nodegroups
func MakeServiceRef ¶
MakeServiceRef returns a reference to an intrinsic map function that looks up the servicePrincipalName in servicePrincipalPartitionMappings
func NormalizeARN ¶
NormalizeARN returns the ARN with just the last element in the resource path preserved. If the input does not contain at least one forward-slash then the input is returned unmodified.
When providing an existing instanceRoleARN that contains a path other than "/", nodes may fail to join the cluster as the AWS IAM Authenticator does not recognize such ARNs declared in the aws-auth ConfigMap.
Types ¶
type ClusterResourceSet ¶
type ClusterResourceSet struct {
// contains filtered or unexported fields
}
ClusterResourceSet stores the resource information of the cluster
func NewClusterResourceSet ¶
func NewClusterResourceSet(ec2API awsapi.EC2, region string, spec *api.ClusterConfig, existingStack *gjson.Result, extendForOutposts bool) *ClusterResourceSet
NewClusterResourceSet returns a resource set for the new cluster.
func (*ClusterResourceSet) AddAllResources ¶
func (c *ClusterResourceSet) AddAllResources(ctx context.Context) error
AddAllResources adds all the information about the cluster to the resource set
func (*ClusterResourceSet) GetAllOutputs ¶
func (c *ClusterResourceSet) GetAllOutputs(stack types.Stack) error
GetAllOutputs collects all outputs of the cluster
func (*ClusterResourceSet) RenderJSON ¶
func (c *ClusterResourceSet) RenderJSON() ([]byte, error)
RenderJSON returns the rendered JSON
func (*ClusterResourceSet) Template ¶
func (c *ClusterResourceSet) Template() gfn.Template
Template returns the CloudFormation template
func (*ClusterResourceSet) WithIAM ¶
func (c *ClusterResourceSet) WithIAM() bool
WithIAM states, if IAM roles will be created or not
func (*ClusterResourceSet) WithNamedIAM ¶
func (c *ClusterResourceSet) WithNamedIAM() bool
WithNamedIAM states, if specifically named IAM roles will be created or not
type ExistingVPCResourceSet ¶
type ExistingVPCResourceSet struct {
// contains filtered or unexported fields
}
func NewExistingVPCResourceSet ¶
func NewExistingVPCResourceSet(rs *resourceSet, clusterConfig *api.ClusterConfig, ec2API awsapi.EC2) *ExistingVPCResourceSet
NewExistingVPCResourceSet creates and returns a new VPCResourceSet
func (*ExistingVPCResourceSet) CreateTemplate ¶
func (v *ExistingVPCResourceSet) CreateTemplate(ctx context.Context) (*gfnt.Value, *SubnetDetails, error)
func (*ExistingVPCResourceSet) RenderJSON ¶
func (v *ExistingVPCResourceSet) RenderJSON() ([]byte, error)
RenderJSON returns the rendered JSON
type FargateResourceSet ¶
type FargateResourceSet struct {
// contains filtered or unexported fields
}
FargateResourceSet manages only fargate resources
func NewFargateResourceSet ¶
func NewFargateResourceSet(spec *api.ClusterConfig) *FargateResourceSet
NewFargateResourceSet returns a resource set for managing fargate resources
func (*FargateResourceSet) AddAllResources ¶
func (rs *FargateResourceSet) AddAllResources() error
func (*FargateResourceSet) GetAllOutputs ¶
func (rs *FargateResourceSet) GetAllOutputs(stack types.Stack) error
func (*FargateResourceSet) RenderJSON ¶
func (rs *FargateResourceSet) RenderJSON() ([]byte, error)
func (*FargateResourceSet) WithIAM ¶
func (rs *FargateResourceSet) WithIAM() bool
func (*FargateResourceSet) WithNamedIAM ¶
func (rs *FargateResourceSet) WithNamedIAM() bool
type IAMRoleResourceSet ¶
type IAMRoleResourceSet struct { OutputRole string // contains filtered or unexported fields }
IAMRoleResourceSet holds IAM Role stack build-time information
func NewIAMRoleResourceSetForServiceAccount ¶
func NewIAMRoleResourceSetForServiceAccount(spec *api.ClusterIAMServiceAccount, oidc *iamoidc.OpenIDConnectManager) *IAMRoleResourceSet
func NewIAMRoleResourceSetWithAttachPolicy ¶
func NewIAMRoleResourceSetWithAttachPolicy(name, namespace, serviceAccount, permissionsBoundary string, attachPolicy api.InlineDocument, oidc *iamoidc.OpenIDConnectManager) *IAMRoleResourceSet
NewIAMRoleResourceSetWithAttachPolicy builds IAM Role stack from the give spec
func NewIAMRoleResourceSetWithAttachPolicyARNs ¶
func NewIAMRoleResourceSetWithAttachPolicyARNs(name, namespace, serviceAccount, permissionsBoundary string, attachPolicyARNs []string, oidc *iamoidc.OpenIDConnectManager) *IAMRoleResourceSet
NewIAMRoleResourceSetWithAttachPolicyARNs builds IAM Role stack from the give spec
func NewIAMRoleResourceSetWithWellKnownPolicies ¶
func NewIAMRoleResourceSetWithWellKnownPolicies(name, namespace, serviceAccount, permissionsBoundary string, wellKnownPolicies api.WellKnownPolicies, oidc *iamoidc.OpenIDConnectManager) *IAMRoleResourceSet
NewIAMRoleResourceSetWithAttachPolicyARNs builds IAM Role stack from the give spec
func (*IAMRoleResourceSet) AddAllResources ¶
func (rs *IAMRoleResourceSet) AddAllResources() error
AddAllResources adds all resources for the stack
func (*IAMRoleResourceSet) GetAllOutputs ¶
func (rs *IAMRoleResourceSet) GetAllOutputs(stack types.Stack) error
GetAllOutputs will get all outputs from iamserviceaccount stack
func (*IAMRoleResourceSet) RenderJSON ¶
func (rs *IAMRoleResourceSet) RenderJSON() ([]byte, error)
RenderJSON will render iamserviceaccount stack as JSON
func (*IAMRoleResourceSet) WithNamedIAM ¶
func (rs *IAMRoleResourceSet) WithNamedIAM() bool
WithNamedIAM returns false
type IPv4VPCResourceSet ¶
type IPv4VPCResourceSet struct {
// contains filtered or unexported fields
}
A IPv4VPCResourceSet builds the resources required for the specified VPC
func NewIPv4VPCResourceSet ¶
func NewIPv4VPCResourceSet(rs *resourceSet, clusterConfig *api.ClusterConfig, ec2API awsapi.EC2, extendForOutposts bool) *IPv4VPCResourceSet
NewIPv4VPCResourceSet creates and returns a new VPCResourceSet
func (*IPv4VPCResourceSet) CreateTemplate ¶
func (v *IPv4VPCResourceSet) CreateTemplate(ctx context.Context) (*gfnt.Value, *SubnetDetails, error)
func (*IPv4VPCResourceSet) RenderJSON ¶
func (v *IPv4VPCResourceSet) RenderJSON() ([]byte, error)
RenderJSON returns the rendered JSON
type IPv6VPCResourceSet ¶
type IPv6VPCResourceSet struct {
// contains filtered or unexported fields
}
A IPv6VPCResourceSet builds the resources required for the specified VPC
func NewIPv6VPCResourceSet ¶
func NewIPv6VPCResourceSet(rs *resourceSet, clusterConfig *api.ClusterConfig, ec2API awsapi.EC2) *IPv6VPCResourceSet
NewIPv6VPCResourceSet creates and returns a new VPCResourceSet
func (*IPv6VPCResourceSet) CreateTemplate ¶
func (v *IPv6VPCResourceSet) CreateTemplate(ctx context.Context) (*gfnt.Value, *SubnetDetails, error)
func (*IPv6VPCResourceSet) RenderJSON ¶
func (v *IPv6VPCResourceSet) RenderJSON() ([]byte, error)
type KarpenterResourceSet ¶
type KarpenterResourceSet struct {
// contains filtered or unexported fields
}
KarpenterResourceSet stores the resource information of the Karpenter stack
func NewKarpenterResourceSet ¶
func NewKarpenterResourceSet(spec *api.ClusterConfig, instanceProfileName string) *KarpenterResourceSet
NewKarpenterResourceSet returns a resource set for a Karpenter embedded in a cluster config
func (*KarpenterResourceSet) AddAllResources ¶
func (k *KarpenterResourceSet) AddAllResources() error
AddAllResources adds all the information about Karpenter to the resource set
func (*KarpenterResourceSet) GetAllOutputs ¶
func (k *KarpenterResourceSet) GetAllOutputs(stack types.Stack) error
GetAllOutputs collects all outputs of the nodegroup
func (*KarpenterResourceSet) RenderJSON ¶
func (k *KarpenterResourceSet) RenderJSON() ([]byte, error)
RenderJSON returns the rendered JSON
func (*KarpenterResourceSet) Template ¶
func (k *KarpenterResourceSet) Template() gfn.Template
Template returns the CloudFormation template
func (*KarpenterResourceSet) WithIAM ¶
func (k *KarpenterResourceSet) WithIAM() bool
WithIAM implements the ResourceSet interface
func (*KarpenterResourceSet) WithNamedIAM ¶
func (k *KarpenterResourceSet) WithNamedIAM() bool
WithNamedIAM implements the ResourceSet interface
type LaunchTemplateFetcher ¶
type LaunchTemplateFetcher struct {
// contains filtered or unexported fields
}
LaunchTemplateFetcher fetches launch template data
func NewLaunchTemplateFetcher ¶
func NewLaunchTemplateFetcher(fetcher launchTemplateFetcher) *LaunchTemplateFetcher
NewLaunchTemplateFetcher creates a new LaunchTemplateFetcher
func (*LaunchTemplateFetcher) Fetch ¶
func (l *LaunchTemplateFetcher) Fetch(ctx context.Context, launchTemplate *api.LaunchTemplate) (*ec2types.ResponseLaunchTemplateData, error)
Fetch fetches the specified launch template
type ManagedNodeGroupResourceSet ¶
type ManagedNodeGroupResourceSet struct {
// contains filtered or unexported fields
}
ManagedNodeGroupResourceSet defines the CloudFormation resources required for a managed nodegroup
func NewManagedNodeGroup ¶
func NewManagedNodeGroup(ec2API awsapi.EC2, cluster *api.ClusterConfig, nodeGroup *api.ManagedNodeGroup, launchTemplateFetcher *LaunchTemplateFetcher, bootstrapper nodebootstrap.Bootstrapper, forceAddCNIPolicy bool, vpcImporter vpc.Importer) *ManagedNodeGroupResourceSet
NewManagedNodeGroup creates a new ManagedNodeGroupResourceSet
func (*ManagedNodeGroupResourceSet) AddAllResources ¶
func (m *ManagedNodeGroupResourceSet) AddAllResources(ctx context.Context) error
AddAllResources adds all required CloudFormation resources
func (ManagedNodeGroupResourceSet) GetAllOutputs ¶
GetAllOutputs collects all outputs from an instance of an active stack, the outputs are defined by the current resourceSet
func (*ManagedNodeGroupResourceSet) RenderJSON ¶
func (m *ManagedNodeGroupResourceSet) RenderJSON() ([]byte, error)
RenderJSON implements the ResourceSet interface
func (*ManagedNodeGroupResourceSet) WithIAM ¶
func (m *ManagedNodeGroupResourceSet) WithIAM() bool
WithIAM implements the ResourceSet interface
func (*ManagedNodeGroupResourceSet) WithNamedIAM ¶
func (m *ManagedNodeGroupResourceSet) WithNamedIAM() bool
WithNamedIAM implements the ResourceSet interface
type NodeGroupResourceSet ¶
type NodeGroupResourceSet struct {
// contains filtered or unexported fields
}
NodeGroupResourceSet stores the resource information of the nodegroup
func NewNodeGroupResourceSet ¶
func NewNodeGroupResourceSet(ec2API awsapi.EC2, iamAPI awsapi.IAM, spec *api.ClusterConfig, ng *api.NodeGroup, bootstrapper nodebootstrap.Bootstrapper, forceAddCNIPolicy bool, vpcImporter vpc.Importer) *NodeGroupResourceSet
NewNodeGroupResourceSet returns a resource set for a nodegroup embedded in a cluster config
func (*NodeGroupResourceSet) AddAllResources ¶
func (n *NodeGroupResourceSet) AddAllResources(ctx context.Context) error
AddAllResources adds all the information about the nodegroup to the resource set
func (*NodeGroupResourceSet) GetAllOutputs ¶
func (n *NodeGroupResourceSet) GetAllOutputs(stack types.Stack) error
GetAllOutputs collects all outputs of the nodegroup
func (*NodeGroupResourceSet) RenderJSON ¶
func (n *NodeGroupResourceSet) RenderJSON() ([]byte, error)
RenderJSON returns the rendered JSON
func (*NodeGroupResourceSet) Template ¶
func (n *NodeGroupResourceSet) Template() gfn.Template
Template returns the CloudFormation template
func (*NodeGroupResourceSet) WithIAM ¶
func (n *NodeGroupResourceSet) WithIAM() bool
WithIAM states, if IAM roles will be created or not
func (*NodeGroupResourceSet) WithNamedIAM ¶
func (n *NodeGroupResourceSet) WithNamedIAM() bool
WithNamedIAM states, if specifically named IAM roles will be created or not
type ResourceSet ¶
type ResourceSet interface { AddAllResources() error ResourceSetReader }
ResourceSet is an interface which cluster and nodegroup builders must implement
type ResourceSetReader ¶
type ResourceSetReader interface { RenderJSON() ([]byte, error) WithIAM() bool WithNamedIAM() bool GetAllOutputs(types.Stack) error }
ResourceSetReader contains the set of operations required to create a stack and to collect outputs.
type SubnetDetails ¶
type SubnetDetails struct { Private []SubnetResource Public []SubnetResource PrivateLocalZone []SubnetResource PublicLocalZone []SubnetResource // contains filtered or unexported fields }
func (*SubnetDetails) ControlPlaneSubnetRefs ¶
func (s *SubnetDetails) ControlPlaneSubnetRefs() []*gfnt.Value
func (*SubnetDetails) PrivateLocalZoneSubnetRefs ¶
func (s *SubnetDetails) PrivateLocalZoneSubnetRefs() []*gfnt.Value
func (*SubnetDetails) PrivateOutpostSubnetRefs ¶
func (s *SubnetDetails) PrivateOutpostSubnetRefs() []*gfnt.Value
func (*SubnetDetails) PrivateSubnetRefs ¶
func (s *SubnetDetails) PrivateSubnetRefs() []*gfnt.Value
func (*SubnetDetails) PublicLocalZoneSubnetRefs ¶
func (s *SubnetDetails) PublicLocalZoneSubnetRefs() []*gfnt.Value
func (*SubnetDetails) PublicOutpostSubnetRefs ¶
func (s *SubnetDetails) PublicOutpostSubnetRefs() []*gfnt.Value
func (*SubnetDetails) PublicSubnetRefs ¶
func (s *SubnetDetails) PublicSubnetRefs() []*gfnt.Value
type SubnetResource ¶
type VPCEndpointResourceSet ¶
type VPCEndpointResourceSet struct {
// contains filtered or unexported fields
}
A VPCEndpointResourceSet holds the resources required for VPC endpoints.
func NewVPCEndpointResourceSet ¶
func NewVPCEndpointResourceSet(ec2API awsapi.EC2, region string, rs *resourceSet, clusterConfig *api.ClusterConfig, vpc *gfnt.Value, subnets []SubnetResource, clusterSharedSG *gfnt.Value) *VPCEndpointResourceSet
NewVPCEndpointResourceSet creates a new VPCEndpointResourceSet.
func (*VPCEndpointResourceSet) AddResources ¶
func (e *VPCEndpointResourceSet) AddResources(ctx context.Context) error
AddResources adds resources for VPC endpoints.
type VPCEndpointServiceDetails ¶
type VPCEndpointServiceDetails struct { ServiceName string ServiceReadableName string EndpointType string AvailabilityZones []string }
VPCEndpointServiceDetails holds the details for a VPC endpoint service.
type VPCResourceSet ¶
type VPCResourceSet interface { // CreateTemplate generates all of the resources & outputs required for the VPC. Returns the CreateTemplate(ctx context.Context) (vpcID *gfnt.Value, subnetDetails *SubnetDetails, err error) }
VPCResourceSet interface for creating cloudformation resource sets for generating VPC resources
Source Files ¶
- api.go
- block_device_mapping.go
- cloudwatch_logging.go
- cluster.go
- fargate.go
- iam.go
- iam_helper.go
- karpenter.go
- launch_template_fetcher.go
- managed_launch_template.go
- managed_nodegroup.go
- network_interfaces.go
- nodegroup.go
- outputs.go
- partition.go
- statement.go
- vpc.go
- vpc_endpoint.go
- vpc_existing.go
- vpc_ipv4.go
- vpc_ipv6.go