Skip to content

Commit ce42dce

Browse files
authored
v0.1 (#1) (#2)
v0.1
1 parent 695bae5 commit ce42dce

22 files changed

+13081
-23
lines changed

.gitignore

Lines changed: 5 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,23 +1,7 @@
1-
# Compiled class file
2-
*.class
3-
4-
# Log file
1+
node_modules
2+
*cdk.out*
3+
*cdk.context.json*
54
*.log
5+
*.DS_Store*
66

7-
# BlueJ files
8-
*.ctxt
9-
10-
# Mobile Tools for Java (J2ME)
11-
.mtj.tmp/
12-
13-
# Package Files #
14-
*.jar
15-
*.war
16-
*.nar
17-
*.ear
18-
*.zip
19-
*.tar.gz
20-
*.rar
21-
22-
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
23-
hs_err_pid*
7+
*internal*

README.md

Lines changed: 136 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,136 @@
1-
# cdk-eks-blueprints
2-
EKS Blueprints Sample Code
1+
# CDK EKS Blueprints Sample
2+
3+
## Prequisets
4+
5+
```bash
6+
npm install -g [email protected]
7+
8+
# install packages in the root folder
9+
npm install
10+
11+
export CDK_DEFAULT_ACCOUNT=123456789012
12+
export CDK_DEFAULT_REGION=us-east-1
13+
```
14+
15+
Use the `cdk` command-line toolkit to interact with your project:
16+
17+
* `cdk deploy`: deploys your app into an AWS account
18+
* `cdk synth`: synthesizes an AWS CloudFormation template for your app
19+
* `cdk diff`: compares your app with the deployed stack
20+
* `cdk watch`: deployment every time a file change is detected
21+
22+
## CDK Stack Time Taken
23+
24+
| Stack | Time |
25+
|-------------------------------|---------|
26+
| VPC | 3m |
27+
| EKS cluster | 21m (38 Stacks) |
28+
| Total | 24m |
29+
30+
# Install
31+
32+
## Step 1: VPC
33+
34+
The VPC ID will be saved into the SSM parameter store to refer from other stacks.
35+
36+
Parameter Name : `/cdk-eks-gpu-cluster/vpc-id`
37+
38+
Use the `-c vpcId` context parameter if you want to use the existing VPC.
39+
40+
```bash
41+
cd vpc
42+
cdk bootstrap
43+
cdk deploy
44+
```
45+
46+
[vpc/lib/vpc-stack.ts](./vpc/lib/vpc-stack.ts)
47+
48+
## Step 2: EKS cluster and add-on with Blueprints
49+
50+
2 CDK stacks are created eks-blueprint-demo and `eks-blueprint-demo-dev`.
51+
52+
```bash
53+
cd ../blueprints
54+
cdk bootstrap
55+
cdk deploy eks-blueprint-demo-dev
56+
57+
# or define your VPC id with context parameter
58+
cdk deploy eks-blueprint-demo-dev -c vpcId=<vpc-id>
59+
```
60+
61+
Cluster Name: [blueprints/lib/cluster-config.ts](./blueprints/lib/cluster-config.ts)
62+
63+
[blueprints/lib/cluster-stack.ts](./blueprints/lib/cluster-stack.ts)
64+
65+
```bash
66+
Outputs:
67+
eks-blueprint-demo-dev.Cluster = eks-blueprint-demo
68+
eks-blueprint-demo-dev.ClusterArn = arn:aws:eks:us-east-1:123456789012:cluster/eks-blueprint-demo
69+
eks-blueprint-demo-dev.ClusterCertificateAuthorityData = xxxxxxxx
70+
eks-blueprint-demo-dev.ClusterEncryptionConfigKeyArn =
71+
eks-blueprint-demo-dev.ClusterEndpoint = https://123456789012.gr7.us-east-1.eks.amazonaws.com
72+
eks-blueprint-demo-dev.ClusterName = eks-blueprint-demo
73+
eks-blueprint-demo-dev.ClusterSecurityGroupId = sg-0123456789abc
74+
eks-blueprint-demo-dev.VPC = vpc-0123456789abc
75+
eks-blueprint-demo-dev.eksclusterConfigCommand515C0544 = aws eks update-kubeconfig --name eks-blueprint-demo --region us-east-1 --role-arn arn:aws:iam::123456789012:role/eks-blueprint-demo-dev-iamrole10180D71-D83FQPH1BRW3
76+
eks-blueprint-demo-dev.eksclusterGetTokenCommand3C33A2A5 = aws eks get-token --cluster-name eks-blueprint-demo --region us-east-1 --role-arn arn:aws:iam::123456789012:role/eks-blueprint-demo-dev-iamrole10180D71-D83FQPH1BRW3
77+
```
78+
79+
Pods
80+
81+
![K9s Pod](./screenshots/pod.png?raw=true)
82+
83+
Services
84+
85+
![K9s Service](./screenshots/service.png?raw=true)
86+
87+
```bash
88+
eksctl create iamidentitymapping --cluster <cluster-name> --arn arn:aws:iam::<account-id>:role/<role-name> --group system:masters --username admin --region us-east-1
89+
```
90+
91+
## Step 3: Kubernetes Dashboard
92+
93+
```bash
94+
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.1/aio/deploy/recommended.yaml
95+
96+
kubectl apply -f k8s-dabboard/eks-admin-service-account.yaml
97+
98+
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep eks-admin | awk '{print $1}')
99+
100+
kubectl proxy
101+
```
102+
103+
[Dashboard Login](http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login)
104+
105+
## Step 4: Deploy Sample RESTFul API
106+
107+
```bash
108+
cd app
109+
110+
docker build -t sample-rest-api .
111+
112+
docker tag sample-rest-api:latest <account>.dkr.ecr.<region>.amazonaws.com/sample-rest-api:latest
113+
114+
aws ecr get-login-password --region <region> | docker login --username AWS --password-stdin <account>.dkr.ecr.<region>.amazonaws.com
115+
116+
docker push <account>.dkr.ecr.<region>.amazonaws.com/sample-rest-api:latest
117+
118+
```
119+
120+
```bash
121+
kubectl apply -f ./app/sample-rest-api.yaml
122+
```
123+
124+
[app/sample-rest-api.yaml](./app/sample-rest-api.yaml)
125+
126+
# Uninstall
127+
128+
```bash
129+
kubectl delete -f ./app/sample-rest-api.yaml
130+
```
131+
132+
# Reference
133+
134+
https://github.com/aws-quickstart/cdk-eks-blueprints
135+
136+
https://aws-quickstart.github.io/cdk-eks-blueprints

app/Dockerfile

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
FROM python:3.9-alpine
2+
3+
VOLUME ./:app/
4+
5+
COPY requirements.txt requirements.txt
6+
RUN pip install -r requirements.txt
7+
8+
COPY . /app/
9+
10+
WORKDIR /app
11+
12+
EXPOSE 8080
13+
14+
CMD ["gunicorn", "flask_api:app", "--bind", "0.0.0.0:8080"]

app/flask_api.py

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
from flask import Flask
2+
from flask import request
3+
4+
app = Flask(__name__)
5+
6+
@app.route("/")
7+
def ping_root():
8+
return returnRequests()
9+
10+
@app.route("/<string:path1>")
11+
def ping_path1(path1):
12+
return returnRequests()
13+
14+
@app.route("/<string:path1>/<string:path2>")
15+
def ping_path2(path1, path2):
16+
return returnRequests()
17+
18+
@app.route("/<string:path1>/<string:path2>/<string:path3>")
19+
def ping_path3(path1, path2, path3):
20+
return returnRequests()
21+
22+
@app.route("/<string:path1>/<string:path2>/<string:path3>/<string:path4>")
23+
def ping_path4(path1, path2, path3, path4):
24+
return returnRequests()
25+
26+
@app.route("/<string:path1>/<string:path2>/<string:path3>/<string:path4>/<string:path5>")
27+
def ping_path5(path1, path2, path3, path4, path5):
28+
return returnRequests()
29+
30+
def returnRequests():
31+
return {
32+
"host": request.host,
33+
"url": request.url,
34+
"method": request.method,
35+
"message": "Hello, World"
36+
}
37+
38+
if __name__ == '__main__':
39+
app.run(host='0.0.0.0', port=8080)

app/gunicorn.config.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
import multiprocessing
2+
workers = multiprocessing.cpu_count() * 2 + 1

app/requirements.txt

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
flask
2+
gunicorn

app/sample-rest-api.yaml

Lines changed: 80 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,80 @@
1+
---
2+
apiVersion: apps/v1
3+
kind: Deployment
4+
metadata:
5+
name: sample-rest-api
6+
namespace: default
7+
annotations:
8+
app: 'sample-rest-api'
9+
spec:
10+
replicas: 2
11+
selector:
12+
matchLabels:
13+
app: sample-rest-api
14+
template:
15+
metadata:
16+
labels:
17+
app: sample-rest-api
18+
spec:
19+
containers:
20+
- name: sample-rest-api
21+
image: <account>.dkr.ecr.<region>.amazonaws.com/sample-rest-api:latest
22+
imagePullPolicy: Always
23+
ports:
24+
- containerPort: 8000
25+
resources:
26+
requests:
27+
cpu: 1
28+
memory: "1024Mi"
29+
env:
30+
- name: env
31+
value: "dev"
32+
---
33+
apiVersion: v1
34+
kind: Service
35+
metadata:
36+
name: sample-rest-api
37+
annotations:
38+
app: 'sample-rest-api'
39+
alb.ingress.kubernetes.io/healthcheck-path: "/ping"
40+
spec:
41+
selector:
42+
app: sample-rest-api
43+
type: NodePort
44+
ports:
45+
- port: 8000
46+
targetPort: 8000
47+
protocol: TCP
48+
---
49+
apiVersion: networking.k8s.io/v1
50+
kind: Ingress
51+
metadata:
52+
name: "sample-rest-api-ingress"
53+
namespace: default
54+
annotations:
55+
app: 'sample-rest-api'
56+
kubernetes.io/ingress.class: alb
57+
alb.ingress.kubernetes.io/scheme: internet-facing
58+
alb.ingress.kubernetes.io/target-type: ip
59+
alb.ingress.kubernetes.io/load-balancer-name: sample-rest-api
60+
alb.ingress.kubernetes.io/load-balancer-attributes: idle_timeout.timeout_seconds=30
61+
alb.ingress.kubernetes.io/target-group-attributes: deregistration_delay.timeout_seconds=10
62+
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
63+
# alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:<region>:<account-id>:certificate/<id>
64+
# alb.ingress.kubernetes.io/ssl-redirect: '443'
65+
alb.ingress.kubernetes.io/tags: env=dev
66+
alb.ingress.kubernetes.io/healthcheck-interval-seconds: '16'
67+
alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '15'
68+
alb.ingress.kubernetes.io/healthy-threshold-count: '2'
69+
alb.ingress.kubernetes.io/unhealthy-threshold-count: '5'
70+
spec:
71+
rules:
72+
- http:
73+
paths:
74+
- path: /*
75+
pathType: ImplementationSpecific
76+
backend:
77+
service:
78+
name: "sample-rest-api"
79+
port:
80+
number: 8000

blueprints/.DS_Store

6 KB
Binary file not shown.

blueprints/bin/index.ts

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
#!/usr/bin/env node
2+
import * as cdk from 'aws-cdk-lib';
3+
4+
import EksBlueprintStack from '../lib/cluster-stack';
5+
6+
import { CLUSTER_NAME } from '../lib/cluster-config';
7+
8+
const app = new cdk.App();
9+
const env = {
10+
account: process.env.CDK_DEFAULT_ACCOUNT,
11+
region: process.env.CDK_DEFAULT_REGION,
12+
stage: app.node.tryGetContext('stage') || 'local'
13+
};
14+
15+
new EksBlueprintStack(app, { id: `${CLUSTER_NAME}` }, { env });
16+

blueprints/cdk.json

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
{
2+
"app": "npx ts-node --prefer-ts-exts bin/index.ts",
3+
"watch": {
4+
"include": [
5+
"**"
6+
],
7+
"exclude": [
8+
"README.md",
9+
"cdk*.json",
10+
"**/*.d.ts",
11+
"**/*.js",
12+
"tsconfig.json",
13+
"package*.json",
14+
"yarn.lock",
15+
"node_modules",
16+
"test"
17+
]
18+
},
19+
"context": {
20+
"@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": true,
21+
"@aws-cdk/core:stackRelativeExports": true,
22+
"@aws-cdk/aws-rds:lowercaseDbIdentifier": true,
23+
"@aws-cdk/aws-lambda:recognizeVersionProps": true,
24+
"@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": true,
25+
"@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
26+
"@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
27+
"@aws-cdk/core:target-partitions": [
28+
"aws",
29+
"aws-cn"
30+
]
31+
}
32+
}

blueprints/jest.config.js

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
module.exports = {
2+
testEnvironment: 'node',
3+
roots: ['<rootDir>/test'],
4+
testMatch: ['**/*.test.ts'],
5+
transform: {
6+
'^.+\\.tsx?$': 'ts-jest'
7+
}
8+
};

blueprints/lib/cluster-config.ts

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
#!/usr/bin/env node
2+
3+
export const CLUSTER_NAME = 'eks-blueprint-demo';

0 commit comments

Comments
 (0)