diff --git a/packages/@aws-cdk/aws-eks/README.md b/packages/@aws-cdk/aws-eks/README.md index 2d0a34fba136d..ee73d0bedcba5 100644 --- a/packages/@aws-cdk/aws-eks/README.md +++ b/packages/@aws-cdk/aws-eks/README.md @@ -25,7 +25,9 @@ This example defines an Amazon EKS cluster with the following configuration: - A Kubernetes pod with a container based on the [paulbouwer/hello-kubernetes](https://github.com/paulbouwer/hello-kubernetes) image. ```ts -const cluster = new eks.Cluster(this, 'hello-eks'); +const cluster = new eks.Cluster(this, 'hello-eks', { + version: eks.KubernetesVersion.V1_16, +}); cluster.addResource('mypod', { apiVersion: 'v1', @@ -45,17 +47,20 @@ cluster.addResource('mypod', { ### Capacity -By default, `eks.Cluster` is created with a managed nodegroup with x2 `m5.large` instances. +By default, `eks.Cluster` is created with a managed nodegroup with x2 `m5.large` instances. You must specify the kubernetes version for the cluster with the `version` property. ```ts -new eks.Cluster(this, 'cluster-two-m5-large'); +new eks.Cluster(this, 'cluster-two-m5-large', { + version: eks.KubernetesVersion.V1_16, +}); ``` To use the traditional self-managed Amazon EC2 instances instead, set `defaultCapacityType` to `DefaultCapacityType.EC2` ```ts const cluster = new eks.Cluster(this, 'cluster-self-managed-ec2', { - defaultCapacityType: eks.DefaultCapacityType.EC2 + defaultCapacityType: eks.DefaultCapacityType.EC2, + version: eks.KubernetesVersion.V1_16, }); ``` @@ -65,14 +70,18 @@ the `defaultCapacity` and `defaultCapacityInstance` props: ```ts new eks.Cluster(this, 'cluster', { defaultCapacity: 10, - defaultCapacityInstance: new ec2.InstanceType('m2.xlarge') + defaultCapacityInstance: new ec2.InstanceType('m2.xlarge'), + version: eks.KubernetesVersion.V1_16, }); ``` To disable the default capacity, simply set `defaultCapacity` to `0`: ```ts -new eks.Cluster(this, 'cluster-with-no-capacity', { defaultCapacity: 0 }); +new eks.Cluster(this, 'cluster-with-no-capacity', { + defaultCapacity: 0, + version: eks.KubernetesVersion.V1_16, +}); ``` The `cluster.defaultCapacity` property will reference the `AutoScalingGroup` @@ -145,7 +154,9 @@ The following code defines an Amazon EKS cluster without EC2 capacity and a defa Fargate Profile that matches all pods from the "kube-system" and "default" namespaces. It is also configured to [run CoreDNS on Fargate](https://docs.aws.amazon.com/eks/latest/userguide/fargate-getting-started.html#fargate-gs-coredns) through the `coreDnsComputeType` cluster option. ```ts -const cluster = new eks.FargateCluster(this, 'MyCluster'); +const cluster = new eks.FargateCluster(this, 'MyCluster', { + version: eks.KubernetesVersion.V1_16, +}); // apply k8s resources on this cluster cluster.addResource(...); @@ -219,7 +230,8 @@ const clusterAdmin = new iam.Role(this, 'AdminRole', { // now define the cluster and map role to "masters" RBAC group new eks.Cluster(this, 'Cluster', { - mastersRole: clusterAdmin + mastersRole: clusterAdmin, + version: eks.KubernetesVersion.V1_16, }); ``` diff --git a/packages/@aws-cdk/aws-eks/lib/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster.ts index 914269ac0b393..6a245c3e3e2ef 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster.ts @@ -166,10 +166,8 @@ export interface ClusterOptions { /** * The Kubernetes version to run in the cluster - * - * @default - If not supplied, will use Amazon default version */ - readonly version?: string; + readonly version: KubernetesVersion; /** * An IAM role that will be added to the `system:masters` Kubernetes RBAC @@ -275,6 +273,37 @@ export interface ClusterProps extends ClusterOptions { readonly defaultCapacityType?: DefaultCapacityType; } +/** + * Kubernetes cluster version + */ +export class KubernetesVersion { + /** + * Kubernetes version 1.14 + */ + public static readonly V1_14 = KubernetesVersion.of('1.14'); + + /** + * Kubernetes version 1.15 + */ + public static readonly V1_15 = KubernetesVersion.of('1.15'); + + /** + * Kubernetes version 1.16 + */ + public static readonly V1_16 = KubernetesVersion.of('1.16'); + + /** + * Custom cluster version + * @param version custom version number + */ + public static of(version: string) { return new KubernetesVersion(version); } + /** + * + * @param version cluster version number + */ + private constructor(public readonly version: string) { } +} + /** * A Cluster represents a managed Kubernetes Service (EKS) * @@ -390,7 +419,7 @@ export class Cluster extends Resource implements ICluster { private _neuronDevicePlugin?: KubernetesResource; - private readonly version: string | undefined; + private readonly version: KubernetesVersion; /** * A dummy CloudFormation resource that is used as a wait barrier which @@ -413,7 +442,7 @@ export class Cluster extends Resource implements ICluster { * @param name the name of the Construct to create * @param props properties in the IClusterProps interface */ - constructor(scope: Construct, id: string, props: ClusterProps = { }) { + constructor(scope: Construct, id: string, props: ClusterProps) { super(scope, id, { physicalName: props.clusterName, }); @@ -450,7 +479,7 @@ export class Cluster extends Resource implements ICluster { const clusterProps: CfnClusterProps = { name: this.physicalName, roleArn: this.role.roleArn, - version: props.version, + version: props.version.version, resourcesVpcConfig: { securityGroupIds: [securityGroup.securityGroupId], subnetIds, @@ -555,7 +584,7 @@ export class Cluster extends Resource implements ICluster { new BottleRocketImage() : new EksOptimizedImage({ nodeType: nodeTypeForInstanceType(options.instanceType), - kubernetesVersion: this.version, + kubernetesVersion: this.version.version, }), updateType: options.updateType || autoscaling.UpdateType.ROLLING_UPDATE, instanceType: options.instanceType, diff --git a/packages/@aws-cdk/aws-eks/lib/fargate-cluster.ts b/packages/@aws-cdk/aws-eks/lib/fargate-cluster.ts index 6c26506464356..a6fd1d3c2c8e5 100644 --- a/packages/@aws-cdk/aws-eks/lib/fargate-cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/fargate-cluster.ts @@ -23,12 +23,13 @@ export interface FargateClusterProps extends ClusterOptions { * `addFargateProfile`. */ export class FargateCluster extends Cluster { - constructor(scope: Construct, id: string, props: FargateClusterProps = { }) { + constructor(scope: Construct, id: string, props: FargateClusterProps) { super(scope, id, { ...props, defaultCapacity: 0, kubectlEnabled: true, coreDnsComputeType: props.coreDnsComputeType ?? CoreDnsComputeType.FARGATE, + version: props.version, }); this.addFargateProfile( diff --git a/packages/@aws-cdk/aws-eks/lib/user-data.ts b/packages/@aws-cdk/aws-eks/lib/user-data.ts index d8ad0905e9c8a..b613663b42a67 100644 --- a/packages/@aws-cdk/aws-eks/lib/user-data.ts +++ b/packages/@aws-cdk/aws-eks/lib/user-data.ts @@ -20,7 +20,7 @@ export function renderAmazonLinuxUserData(clusterName: string, autoScalingGroup: } if (options.enableDockerBridge) { - extraArgs.push('--enable-docker-bridge'); + extraArgs.push('--enable-docker-bridge true'); } if (options.dockerConfigJson) { @@ -67,4 +67,4 @@ export enum LifecycleLabel { * spot instances */ SPOT = 'Ec2Spot' -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-eks/test/example.ssh-into-nodes.lit.ts b/packages/@aws-cdk/aws-eks/test/example.ssh-into-nodes.lit.ts index d26f7d38a7af0..3e33c697c1c45 100644 --- a/packages/@aws-cdk/aws-eks/test/example.ssh-into-nodes.lit.ts +++ b/packages/@aws-cdk/aws-eks/test/example.ssh-into-nodes.lit.ts @@ -10,6 +10,7 @@ class EksClusterStack extends cdk.Stack { const cluster = new eks.Cluster(this, 'EKSCluster', { vpc, + version: eks.KubernetesVersion.V1_16, }); /// !show diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.kubectl-disabled.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.kubectl-disabled.expected.json index b390fb3c551cd..8b055a913524d 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.kubectl-disabled.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.kubectl-disabled.expected.json @@ -692,7 +692,8 @@ "EKSClusterRoleC0AEAC3D", "Arn" ] - } + }, + "Version": "1.16" } }, "EKSClusterNodesInstanceSecurityGroup460A275E": { @@ -891,7 +892,7 @@ "Type": "AWS::AutoScaling::LaunchConfiguration", "Properties": { "ImageId": { - "Ref": "SsmParameterValueawsserviceeksoptimizedami114amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" + "Ref": "SsmParameterValueawsserviceeksoptimizedami116amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" }, "InstanceType": "t2.medium", "IamInstanceProfile": { @@ -1023,9 +1024,9 @@ } }, "Parameters": { - "SsmParameterValueawsserviceeksoptimizedami114amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": { + "SsmParameterValueawsserviceeksoptimizedami116amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": { "Type": "AWS::SSM::Parameter::Value", - "Default": "/aws/service/eks/optimized-ami/1.14/amazon-linux-2/recommended/image_id" + "Default": "/aws/service/eks/optimized-ami/1.16/amazon-linux-2/recommended/image_id" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.kubectl-disabled.ts b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.kubectl-disabled.ts index e1a25dd64185a..2282772d42a7c 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.kubectl-disabled.ts +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.kubectl-disabled.ts @@ -13,6 +13,7 @@ class EksClusterStack extends TestStack { vpc, kubectlEnabled: false, defaultCapacity: 0, + version: eks.KubernetesVersion.V1_16, }); cluster.addCapacity('Nodes', { diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.ts b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.ts index b2e1e1242cad7..f346b24dee180 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.ts +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.ts @@ -22,7 +22,7 @@ class EksClusterStack extends TestStack { vpc, mastersRole, defaultCapacity: 2, - version: '1.16', + version: eks.KubernetesVersion.V1_16, }); // fargate profile for resources in the "default" namespace diff --git a/packages/@aws-cdk/aws-eks/test/test.awsauth.ts b/packages/@aws-cdk/aws-eks/test/test.awsauth.ts index 471f70ceda822..cf3ddc99e09e8 100644 --- a/packages/@aws-cdk/aws-eks/test/test.awsauth.ts +++ b/packages/@aws-cdk/aws-eks/test/test.awsauth.ts @@ -1,17 +1,19 @@ import { countResources, expect, haveResource } from '@aws-cdk/assert'; import * as iam from '@aws-cdk/aws-iam'; import { Test } from 'nodeunit'; -import { Cluster, KubernetesResource } from '../lib'; +import { Cluster, KubernetesResource, KubernetesVersion } from '../lib'; import { AwsAuth } from '../lib/aws-auth'; import { testFixtureNoVpc } from './util'; // tslint:disable:max-line-length +const CLUSTER_VERSION = KubernetesVersion.V1_16; + export = { 'empty aws-auth'(test: Test) { // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new Cluster(stack, 'cluster'); + const cluster = new Cluster(stack, 'cluster', { version: CLUSTER_VERSION }); // WHEN new AwsAuth(stack, 'AwsAuth', { cluster }); @@ -31,7 +33,7 @@ export = { 'addRoleMapping and addUserMapping can be used to define the aws-auth ConfigMap'(test: Test) { // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new Cluster(stack, 'Cluster'); + const cluster = new Cluster(stack, 'Cluster', { version: CLUSTER_VERSION }); const role = new iam.Role(stack, 'role', { assumedBy: new iam.AnyPrincipal() }); const user = new iam.User(stack, 'user'); @@ -104,7 +106,7 @@ export = { 'imported users and roles can be also be used'(test: Test) { // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new Cluster(stack, 'Cluster'); + const cluster = new Cluster(stack, 'Cluster', { version: CLUSTER_VERSION }); const role = iam.Role.fromRoleArn(stack, 'imported-role', 'arn:aws:iam::123456789012:role/S3Access'); const user = iam.User.fromUserName(stack, 'import-user', 'MyUserName'); diff --git a/packages/@aws-cdk/aws-eks/test/test.cluster.ts b/packages/@aws-cdk/aws-eks/test/test.cluster.ts index 16790052c4c24..1acc770b47129 100644 --- a/packages/@aws-cdk/aws-eks/test/test.cluster.ts +++ b/packages/@aws-cdk/aws-eks/test/test.cluster.ts @@ -12,13 +12,15 @@ import { testFixture, testFixtureNoVpc } from './util'; // tslint:disable:max-line-length +const CLUSTER_VERSION = eks.KubernetesVersion.V1_16; + export = { 'a default cluster spans all subnets'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); // WHEN - new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0, version: CLUSTER_VERSION }); // THEN expect(stack).to(haveResourceLike('AWS::EKS::Cluster', { @@ -42,7 +44,7 @@ export = { // WHEN const vpc = new ec2.Vpc(stack, 'VPC'); - new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); + new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0, version: CLUSTER_VERSION }); const layer = KubectlLayer.getOrCreate(stack, {}); // THEN @@ -63,14 +65,14 @@ export = { // WHEN const vpc = new ec2.Vpc(stack, 'VPC'); - new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); + new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0, version: CLUSTER_VERSION }); new KubectlLayer(stack, 'NewLayer'); const layer = KubectlLayer.getOrCreate(stack); // THEN expect(stack).to(haveResource('Custom::AWSCDK-EKS-Cluster')); expect(stack).to(haveResourceLike('AWS::Serverless::Application', { - Location: { + Location: { ApplicationId: 'arn:aws-cn:serverlessrepo:cn-north-1:487369736442:applications/lambda-layer-kubectl', }, })); @@ -83,7 +85,7 @@ export = { const { stack } = testFixtureNoVpc(); // WHEN - new eks.Cluster(stack, 'cluster'); + new eks.Cluster(stack, 'cluster', { version: CLUSTER_VERSION }) ; // THEN expect(stack).to(haveResource('AWS::EC2::VPC')); @@ -97,7 +99,7 @@ export = { const { stack } = testFixtureNoVpc(); // WHEN - const cluster = new eks.Cluster(stack, 'cluster'); + const cluster = new eks.Cluster(stack, 'cluster', { version: CLUSTER_VERSION }); // THEN test.ok(cluster.defaultNodegroup); @@ -122,6 +124,7 @@ export = { const cluster = new eks.Cluster(stack, 'cluster', { defaultCapacity: 10, defaultCapacityInstance: new ec2.InstanceType('m2.xlarge'), + version: CLUSTER_VERSION, }); // THEN @@ -142,7 +145,7 @@ export = { const { stack } = testFixtureNoVpc(); // WHEN - const cluster = new eks.Cluster(stack, 'cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // THEN test.ok(!cluster.defaultCapacity); @@ -157,7 +160,7 @@ export = { const { stack, vpc } = testFixture(); // WHEN - new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0, version: CLUSTER_VERSION }); // THEN expect(stack).to(haveResource('AWS::EC2::Subnet', { @@ -177,7 +180,7 @@ export = { const { stack, vpc } = testFixture(); // WHEN - new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0, version: CLUSTER_VERSION }); // THEN expect(stack).to(haveResource('AWS::EC2::Subnet', { @@ -196,7 +199,11 @@ export = { 'adding capacity creates an ASG with tags'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, kubectlEnabled: false, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // WHEN cluster.addCapacity('Default', { @@ -207,7 +214,7 @@ export = { expect(stack).to(haveResource('AWS::AutoScaling::AutoScalingGroup', { Tags: [ { - Key: { 'Fn::Join': [ '', [ 'kubernetes.io/cluster/', { Ref: 'ClusterEB0386A7' } ] ] }, + Key: { 'Fn::Join': ['', ['kubernetes.io/cluster/', { Ref: 'ClusterEB0386A7' }]] }, PropagateAtLaunch: true, Value: 'owned', }, @@ -230,6 +237,7 @@ export = { const cluster = new eks.Cluster(stack, 'cluster', { defaultCapacity: 10, defaultCapacityInstance: new ec2.InstanceType('m2.xlarge'), + version: CLUSTER_VERSION, }); const existingRole = new iam.Role(stack, 'ExistingRole', { @@ -256,7 +264,12 @@ export = { 'adding bottlerocket capacity creates an ASG with tags'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: false, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // WHEN cluster.addCapacity('Bottlerocket', { @@ -285,7 +298,12 @@ export = { 'adding bottlerocket capacity with bootstrapOptions throws error'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: false, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); test.throws(() => cluster.addCapacity('Bottlerocket', { instanceType: new ec2.InstanceType('t2.medium'), @@ -299,7 +317,12 @@ export = { // GIVEN const { stack: stack1, vpc, app } = testFixture(); const stack2 = new cdk.Stack(app, 'stack2', { env: { region: 'us-east-1' } }); - const cluster = new eks.Cluster(stack1, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack1, 'Cluster', { + vpc, + kubectlEnabled: false, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // WHEN const imported = eks.Cluster.fromClusterAttributes(stack2, 'Imported', { @@ -332,7 +355,12 @@ export = { 'disabled features when kubectl is disabled'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: false, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); test.throws(() => cluster.awsAuth, /Cannot define aws-auth mappings if kubectl is disabled/); test.throws(() => cluster.addResource('foo', {}), /Unable to perform this operation since kubectl is not enabled for this cluster/); @@ -349,7 +377,12 @@ export = { const role = new iam.Role(stack, 'role', { assumedBy: new iam.AnyPrincipal() }); // WHEN - new eks.Cluster(stack, 'Cluster', { vpc, mastersRole: role, defaultCapacity: 0 }); + new eks.Cluster(stack, 'Cluster', { + vpc, + mastersRole: role, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // THEN expect(stack).to(haveResource(eks.KubernetesResource.RESOURCE_TYPE, { @@ -383,11 +416,15 @@ export = { 'addResource can be used to apply k8s manifests on this cluster'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // WHEN cluster.addResource('manifest1', { foo: 123 }); - cluster.addResource('manifest2', { bar: 123 }, { boor: [ 1, 2, 3 ] }); + cluster.addResource('manifest2', { bar: 123 }, { boor: [1, 2, 3] }); // THEN expect(stack).to(haveResource(eks.KubernetesResource.RESOURCE_TYPE, { @@ -404,13 +441,13 @@ export = { 'kubectl resources can be created in a separate stack'(test: Test) { // GIVEN const { stack, app } = testFixture(); - const cluster = new eks.Cluster(stack, 'cluster'); // cluster is under stack2 + const cluster = new eks.Cluster(stack, 'cluster', { version: CLUSTER_VERSION }); // cluster is under stack2 // WHEN resource is under stack2 const stack2 = new cdk.Stack(app, 'stack2', { env: { account: stack.account, region: stack.region } }); new eks.KubernetesResource(stack2, 'myresource', { cluster, - manifest: [ { foo: 'bar' } ], + manifest: [{ foo: 'bar' }], }); // THEN @@ -441,7 +478,11 @@ export = { 'when kubectl is enabled (default) adding capacity will automatically map its IAM role'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // WHEN cluster.addCapacity('default', { @@ -473,7 +514,11 @@ export = { 'addCapacity will *not* map the IAM role if mapRole is false'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // WHEN cluster.addCapacity('default', { @@ -489,7 +534,12 @@ export = { 'addCapacity will *not* map the IAM role if kubectl is disabled'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: false, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // WHEN cluster.addCapacity('default', { @@ -507,14 +557,14 @@ export = { const { app, stack } = testFixtureNoVpc(); // WHEN - new eks.Cluster(stack, 'Cluster'); + new eks.Cluster(stack, 'Cluster', { version: CLUSTER_VERSION }); // THEN const assembly = app.synth(); const template = assembly.getStackByName(stack.stackName).template; test.deepEqual(template.Outputs, { - ClusterConfigCommand43AAE40F: { Value: { 'Fn::Join': [ '', [ 'aws eks update-kubeconfig --name ', { Ref: 'Cluster9EE0221C' }, ' --region us-east-1' ] ] } }, - ClusterGetTokenCommand06AE992E: { Value: { 'Fn::Join': [ '', [ 'aws eks get-token --cluster-name ', { Ref: 'Cluster9EE0221C' }, ' --region us-east-1' ] ] } }, + ClusterConfigCommand43AAE40F: { Value: { 'Fn::Join': ['', ['aws eks update-kubeconfig --name ', { Ref: 'Cluster9EE0221C' }, ' --region us-east-1']] } }, + ClusterGetTokenCommand06AE992E: { Value: { 'Fn::Join': ['', ['aws eks get-token --cluster-name ', { Ref: 'Cluster9EE0221C' }, ' --region us-east-1']] } }, }); test.done(); }, @@ -525,14 +575,17 @@ export = { // WHEN const mastersRole = new iam.Role(stack, 'masters', { assumedBy: new iam.AccountRootPrincipal() }); - new eks.Cluster(stack, 'Cluster', { mastersRole }); + new eks.Cluster(stack, 'Cluster', { + mastersRole, + version: CLUSTER_VERSION, + }); // THEN const assembly = app.synth(); const template = assembly.getStackByName(stack.stackName).template; test.deepEqual(template.Outputs, { - ClusterConfigCommand43AAE40F: { Value: { 'Fn::Join': [ '', [ 'aws eks update-kubeconfig --name ', { Ref: 'Cluster9EE0221C' }, ' --region us-east-1 --role-arn ', { 'Fn::GetAtt': [ 'masters0D04F23D', 'Arn' ] } ] ] } }, - ClusterGetTokenCommand06AE992E: { Value: { 'Fn::Join': [ '', [ 'aws eks get-token --cluster-name ', { Ref: 'Cluster9EE0221C' }, ' --region us-east-1 --role-arn ', { 'Fn::GetAtt': [ 'masters0D04F23D', 'Arn' ] } ] ] } }, + ClusterConfigCommand43AAE40F: { Value: { 'Fn::Join': ['', ['aws eks update-kubeconfig --name ', { Ref: 'Cluster9EE0221C' }, ' --region us-east-1 --role-arn ', { 'Fn::GetAtt': ['masters0D04F23D', 'Arn'] }]] } }, + ClusterGetTokenCommand06AE992E: { Value: { 'Fn::Join': ['', ['aws eks get-token --cluster-name ', { Ref: 'Cluster9EE0221C' }, ' --region us-east-1 --role-arn ', { 'Fn::GetAtt': ['masters0D04F23D', 'Arn'] }]] } }, }); test.done(); }, @@ -546,6 +599,7 @@ export = { new eks.Cluster(stack, 'Cluster', { mastersRole, outputConfigCommand: false, + version: CLUSTER_VERSION, }); // THEN @@ -563,6 +617,7 @@ export = { new eks.Cluster(stack, 'Cluster', { outputConfigCommand: false, outputClusterName: true, + version: CLUSTER_VERSION, }); // THEN @@ -583,13 +638,14 @@ export = { outputConfigCommand: false, outputMastersRoleArn: true, mastersRole: new iam.Role(stack, 'masters', { assumedBy: new iam.AccountRootPrincipal() }), + version: CLUSTER_VERSION, }); // THEN const assembly = app.synth(); const template = assembly.getStackByName(stack.stackName).template; test.deepEqual(template.Outputs, { - ClusterMastersRoleArnB15964B1: { Value: { 'Fn::GetAtt': [ 'masters0D04F23D', 'Arn' ] } }, + ClusterMastersRoleArnB15964B1: { Value: { 'Fn::GetAtt': ['masters0D04F23D', 'Arn'] } }, }); test.done(); }, @@ -597,9 +653,9 @@ export = { 'boostrap user-data': { 'rendered by default for ASGs'(test: Test) { - // GIVEN + // GIVEN const { app, stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // WHEN cluster.addCapacity('MyCapcity', { instanceType: new ec2.InstanceType('m3.xlargs') }); @@ -607,14 +663,14 @@ export = { // THEN const template = app.synth().getStackByName(stack.stackName).template; const userData = template.Resources.ClusterMyCapcityLaunchConfig58583345.Properties.UserData; - test.deepEqual(userData, { 'Fn::Base64': { 'Fn::Join': [ '', [ '#!/bin/bash\nset -o xtrace\n/etc/eks/bootstrap.sh ', { Ref: 'Cluster9EE0221C' }, ' --kubelet-extra-args "--node-labels lifecycle=OnDemand" --use-max-pods true\n/opt/aws/bin/cfn-signal --exit-code $? --stack Stack --resource ClusterMyCapcityASGD4CD8B97 --region us-east-1' ] ] } }); + test.deepEqual(userData, { 'Fn::Base64': { 'Fn::Join': ['', ['#!/bin/bash\nset -o xtrace\n/etc/eks/bootstrap.sh ', { Ref: 'Cluster9EE0221C' }, ' --kubelet-extra-args "--node-labels lifecycle=OnDemand" --use-max-pods true\n/opt/aws/bin/cfn-signal --exit-code $? --stack Stack --resource ClusterMyCapcityASGD4CD8B97 --region us-east-1']] } }); test.done(); }, 'not rendered if bootstrap is disabled'(test: Test) { - // GIVEN + // GIVEN const { app, stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // WHEN cluster.addCapacity('MyCapcity', { @@ -631,9 +687,9 @@ export = { // cursory test for options: see test.user-data.ts for full suite 'bootstrap options'(test: Test) { - // GIVEN + // GIVEN const { app, stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // WHEN cluster.addCapacity('MyCapcity', { @@ -646,16 +702,16 @@ export = { // THEN const template = app.synth().getStackByName(stack.stackName).template; const userData = template.Resources.ClusterMyCapcityLaunchConfig58583345.Properties.UserData; - test.deepEqual(userData, { 'Fn::Base64': { 'Fn::Join': [ '', [ '#!/bin/bash\nset -o xtrace\n/etc/eks/bootstrap.sh ', { Ref: 'Cluster9EE0221C' }, ' --kubelet-extra-args "--node-labels lifecycle=OnDemand --node-labels FOO=42" --use-max-pods true\n/opt/aws/bin/cfn-signal --exit-code $? --stack Stack --resource ClusterMyCapcityASGD4CD8B97 --region us-east-1' ] ] } }); + test.deepEqual(userData, { 'Fn::Base64': { 'Fn::Join': ['', ['#!/bin/bash\nset -o xtrace\n/etc/eks/bootstrap.sh ', { Ref: 'Cluster9EE0221C' }, ' --kubelet-extra-args "--node-labels lifecycle=OnDemand --node-labels FOO=42" --use-max-pods true\n/opt/aws/bin/cfn-signal --exit-code $? --stack Stack --resource ClusterMyCapcityASGD4CD8B97 --region us-east-1']] } }); test.done(); }, 'spot instances': { 'nodes labeled an tainted accordingly'(test: Test) { - // GIVEN + // GIVEN const { app, stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // WHEN cluster.addCapacity('MyCapcity', { @@ -666,14 +722,14 @@ export = { // THEN const template = app.synth().getStackByName(stack.stackName).template; const userData = template.Resources.ClusterMyCapcityLaunchConfig58583345.Properties.UserData; - test.deepEqual(userData, { 'Fn::Base64': { 'Fn::Join': [ '', [ '#!/bin/bash\nset -o xtrace\n/etc/eks/bootstrap.sh ', { Ref: 'Cluster9EE0221C' }, ' --kubelet-extra-args "--node-labels lifecycle=Ec2Spot --register-with-taints=spotInstance=true:PreferNoSchedule" --use-max-pods true\n/opt/aws/bin/cfn-signal --exit-code $? --stack Stack --resource ClusterMyCapcityASGD4CD8B97 --region us-east-1' ] ] } }); + test.deepEqual(userData, { 'Fn::Base64': { 'Fn::Join': ['', ['#!/bin/bash\nset -o xtrace\n/etc/eks/bootstrap.sh ', { Ref: 'Cluster9EE0221C' }, ' --kubelet-extra-args "--node-labels lifecycle=Ec2Spot --register-with-taints=spotInstance=true:PreferNoSchedule" --use-max-pods true\n/opt/aws/bin/cfn-signal --exit-code $? --stack Stack --resource ClusterMyCapcityASGD4CD8B97 --region us-east-1']] } }); test.done(); }, 'if kubectl is enabled, the interrupt handler is added'(test: Test) { // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // WHEN cluster.addCapacity('MyCapcity', { @@ -695,7 +751,7 @@ export = { 'its possible to add two capacities with spot instances and only one stop handler will be installed'(test: Test) { // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // WHEN cluster.addCapacity('Spot1', { @@ -714,9 +770,13 @@ export = { }, 'if kubectl is disabled, interrupt handler is not added'(test: Test) { - // GIVEN + // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, kubectlEnabled: false }); + const cluster = new eks.Cluster(stack, 'Cluster', { + defaultCapacity: 0, + kubectlEnabled: false, + version: CLUSTER_VERSION, + }); // WHEN cluster.addCapacity('MyCapcity', { @@ -736,7 +796,7 @@ export = { 'if bootstrap is disabled cannot specify options'(test: Test) { // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // THEN test.throws(() => cluster.addCapacity('MyCapcity', { @@ -760,7 +820,7 @@ export = { const parameters = assembly.getStackByName(stack.stackName).template.Parameters; test.ok(Object.entries(parameters).some( ([k, v]) => k.startsWith('SsmParameterValueawsserviceeksoptimizedami') && - (v as any).Default.includes('/amazon-linux-2/'), + (v as any).Default.includes('/amazon-linux-2/'), ), 'EKS STANDARD AMI should be in ssm parameters'); test.ok(Object.entries(parameters).some( ([k, v]) => k.startsWith('SsmParameterValueawsserviceeksoptimizedami') && @@ -791,12 +851,13 @@ export = { }, 'EKS-Optimized AMI with GPU support when addCapacity'(test: Test) { - // GIVEN + // GIVEN const { app, stack } = testFixtureNoVpc(); // WHEN new eks.Cluster(stack, 'cluster', { defaultCapacity: 0, + version: CLUSTER_VERSION, }).addCapacity('GPUCapacity', { instanceType: new ec2.InstanceType('g4dn.xlarge'), }); @@ -811,21 +872,23 @@ export = { }, 'when using custom resource a creation role & policy is defined'(test: Test) { - // GIVEN + // GIVEN const { stack } = testFixture(); // WHEN new eks.Cluster(stack, 'MyCluster', { clusterName: 'my-cluster-name', + version: CLUSTER_VERSION, }); // THEN expect(stack).to(haveResource('Custom::AWSCDK-EKS-Cluster', { Config: { name: 'my-cluster-name', - roleArn: { 'Fn::GetAtt': [ 'MyClusterRoleBA20FE72', 'Arn' ] }, + roleArn: { 'Fn::GetAtt': ['MyClusterRoleBA20FE72', 'Arn'] }, + version: '1.16', resourcesVpcConfig: { - securityGroupIds: [ { 'Fn::GetAtt': [ 'MyClusterControlPlaneSecurityGroup6B658F79', 'GroupId' ] } ], + securityGroupIds: [{ 'Fn::GetAtt': ['MyClusterControlPlaneSecurityGroup6B658F79', 'GroupId'] }], subnetIds: [ { Ref: 'MyClusterDefaultVpcPublicSubnet1SubnetFAE5A9B6' }, { Ref: 'MyClusterDefaultVpcPublicSubnet2SubnetF6D028A0' }, @@ -900,7 +963,7 @@ export = { 'eks:UntagResource', ], Effect: 'Allow', - Resource: [ { + Resource: [{ 'Fn::Join': [ '', [ @@ -930,7 +993,7 @@ export = { ':cluster/my-cluster-name/*', ], ], - } ], + }], }, { Action: [ @@ -956,7 +1019,7 @@ export = { }, }, { - Action: [ 'iam:GetRole', 'iam:listAttachedRolePolicies' ], + Action: ['iam:GetRole', 'iam:listAttachedRolePolicies'], Effect: 'Allow', Resource: '*', }, @@ -973,11 +1036,11 @@ export = { }, 'if an explicit cluster name is not provided, the creation role policy is wider (allows interacting with all clusters)'(test: Test) { - // GIVEN + // GIVEN const { stack } = testFixture(); // WHEN - new eks.Cluster(stack, 'MyCluster'); + new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); // THEN expect(stack).to(haveResource('AWS::IAM::Policy', { @@ -1014,7 +1077,7 @@ export = { 'eks:UntagResource', ], Effect: 'Allow', - Resource: [ '*' ], + Resource: ['*'], }, { Action: [ @@ -1025,7 +1088,7 @@ export = { Resource: '*', }, { - Action: [ 'iam:GetRole', 'iam:listAttachedRolePolicies' ], + Action: ['iam:GetRole', 'iam:listAttachedRolePolicies'], Effect: 'Allow', Resource: '*', }, @@ -1042,10 +1105,11 @@ export = { }, 'if helm charts are used, its resource provider is allowed to assume the creation role'(test: Test) { - // GIVEN + // GIVEN const { stack } = testFixture(); const cluster = new eks.Cluster(stack, 'MyCluster', { clusterName: 'my-cluster-name', + version: CLUSTER_VERSION, }); // WHEN @@ -1100,12 +1164,13 @@ export = { }, 'coreDnsComputeType will patch the coreDNS configuration to use a "fargate" compute type and restore to "ec2" upon removal'(test: Test) { - // GIVEN + // GIVEN const stack = new cdk.Stack(); // WHEN new eks.Cluster(stack, 'MyCluster', { coreDnsComputeType: eks.CoreDnsComputeType.FARGATE, + version: CLUSTER_VERSION, }); // THEN @@ -1127,9 +1192,9 @@ export = { test.done(); }, 'if openIDConnectProvider a new OpenIDConnectProvider resource is created and exposed'(test: Test) { - // GIVEN + // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // WHEN const provider = cluster.openIdConnectProvider; @@ -1161,7 +1226,7 @@ export = { 'inference instances are supported'(test: Test) { // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { defaultCapacity: 0, version: CLUSTER_VERSION }); // WHEN cluster.addCapacity('InferenceInstances', { @@ -1181,21 +1246,21 @@ export = { 'kubectl resources are always created after all fargate profiles'(test: Test) { // GIVEN const { stack, app } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster'); + const cluster = new eks.Cluster(stack, 'Cluster', { version: CLUSTER_VERSION }); // WHEN - cluster.addFargateProfile('profile1', { selectors: [ { namespace: 'profile1' } ]}); + cluster.addFargateProfile('profile1', { selectors: [{ namespace: 'profile1' }] }); cluster.addResource('resource1', { foo: 123 }); - cluster.addFargateProfile('profile2', { selectors: [ { namespace: 'profile2' } ]}); + cluster.addFargateProfile('profile2', { selectors: [{ namespace: 'profile2' }] }); new eks.HelmChart(stack, 'chart', { cluster, chart: 'mychart' }); - cluster.addFargateProfile('profile3', { selectors: [ { namespace: 'profile3' } ]}); + cluster.addFargateProfile('profile3', { selectors: [{ namespace: 'profile3' }] }); new eks.KubernetesPatch(stack, 'patch1', { cluster, applyPatch: { foo: 123 }, restorePatch: { bar: 123 }, resourceName: 'foo/bar', }); - cluster.addFargateProfile('profile4', { selectors: [ { namespace: 'profile4' } ]}); + cluster.addFargateProfile('profile4', { selectors: [{ namespace: 'profile4' }] }); // THEN const template = app.synth().getStackArtifact(stack.artifactId).template; @@ -1216,11 +1281,11 @@ export = { 'Cluster9EE0221C', ]); - const kubectlResources = [ 'chartF2447AFC', 'patch1B964AC93', 'Clustermanifestresource10B1C9505', 'ClusterAwsAuthmanifestFE51F8AE' ]; + const kubectlResources = ['chartF2447AFC', 'patch1B964AC93', 'Clustermanifestresource10B1C9505', 'ClusterAwsAuthmanifestFE51F8AE']; // check that all kubectl resources depend on the barrier for (const r of kubectlResources) { - test.deepEqual(template.Resources[r].DependsOn, [ 'ClusterKubectlReadyBarrier200052AF' ]); + test.deepEqual(template.Resources[r].DependsOn, ['ClusterKubectlReadyBarrier200052AF']); } test.done(); @@ -1229,8 +1294,8 @@ export = { 'kubectl provider role is trusted to assume cluster creation role'(test: Test) { // GIVEN const { stack, app } = testFixture(); - const c1 = new eks.Cluster(stack, 'Cluster1'); - const c2 = new eks.Cluster(stack, 'Cluster2'); + const c1 = new eks.Cluster(stack, 'Cluster1', { version: CLUSTER_VERSION }); + const c2 = new eks.Cluster(stack, 'Cluster2', { version: CLUSTER_VERSION }); // WHEN @@ -1248,12 +1313,12 @@ export = { }; // verify that the kubectl role appears as the 2nd IAM trust policy statement - for (const [ creationRole, kubectlRole ] of Object.entries(creationRoleToKubectlRole)) { + for (const [creationRole, kubectlRole] of Object.entries(creationRoleToKubectlRole)) { const trustPolicy = template.Resources[creationRole].Properties.AssumeRolePolicyDocument.Statement; test.equal(trustPolicy.length, 2, 'expecting the creation role\'s trust policy to include two statements'); test.deepEqual(trustPolicy[1].Principal.AWS['Fn::GetAtt'][1], kubectlRole); } - test.done(); }, - }}; + }, +}; diff --git a/packages/@aws-cdk/aws-eks/test/test.fargate.ts b/packages/@aws-cdk/aws-eks/test/test.fargate.ts index db454d81477de..870a871f266fa 100644 --- a/packages/@aws-cdk/aws-eks/test/test.fargate.ts +++ b/packages/@aws-cdk/aws-eks/test/test.fargate.ts @@ -5,11 +5,13 @@ import { Stack, Tag } from '@aws-cdk/core'; import { Test } from 'nodeunit'; import * as eks from '../lib'; +const CLUSTER_VERSION = eks.KubernetesVersion.V1_16; + export = { 'can be added to a cluster'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); // WHEN cluster.addFargateProfile('MyProfile', { @@ -30,7 +32,7 @@ export = { 'supports specifying a profile name'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); // WHEN cluster.addFargateProfile('MyProfile', { @@ -53,7 +55,7 @@ export = { 'supports custom execution role'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); const myRole = new iam.Role(stack, 'MyRole', { assumedBy: new iam.AnyPrincipal() }); // WHEN @@ -76,7 +78,7 @@ export = { 'supports tags through aspects'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); // WHEN cluster.addFargateProfile('MyProfile', { @@ -104,7 +106,7 @@ export = { 'supports specifying vpc'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); const vpc = ec2.Vpc.fromVpcAttributes(stack, 'MyVpc', { vpcId: 'vpc123', availabilityZones: [ 'az1' ], @@ -132,7 +134,7 @@ export = { 'fails if there are no selectors or if there are more than 5'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); // THEN test.throws(() => cluster.addFargateProfile('MyProfile', { selectors: [ ] })); @@ -154,7 +156,7 @@ export = { const stack = new Stack(); // WHEN - new eks.FargateCluster(stack, 'FargateCluster'); + new eks.FargateCluster(stack, 'FargateCluster', { version: CLUSTER_VERSION }); // THEN expect(stack).to(haveResource('Custom::AWSCDK-EKS-KubernetesPatch', { @@ -196,6 +198,7 @@ export = { defaultProfile: { fargateProfileName: 'my-app', selectors: [{namespace: 'foo'}, {namespace: 'bar'}], }, + version: CLUSTER_VERSION, }); // THEN @@ -229,6 +232,7 @@ export = { defaultProfile: { selectors: [{namespace: 'foo'}, {namespace: 'bar'}], }, + version: CLUSTER_VERSION, }); // THEN @@ -255,7 +259,7 @@ export = { 'multiple Fargate profiles added to a cluster are processed sequentially'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); // WHEN cluster.addFargateProfile('MyProfile1', { @@ -300,7 +304,7 @@ export = { const stack = new Stack(); // WHEN - new eks.FargateCluster(stack, 'FargateCluster'); + new eks.FargateCluster(stack, 'FargateCluster', { version: CLUSTER_VERSION }); // THEN expect(stack).to(haveResource('Custom::AWSCDK-EKS-KubernetesResource', { @@ -326,7 +330,7 @@ export = { 'cannot be added to a cluster without kubectl enabled'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster', { kubectlEnabled: false }); + const cluster = new eks.Cluster(stack, 'MyCluster', { kubectlEnabled: false, version: CLUSTER_VERSION }); // WHEN test.throws(() => new eks.FargateProfile(stack, 'MyFargateProfile', { @@ -342,7 +346,7 @@ export = { const stack = new Stack(); // WHEN - new eks.FargateCluster(stack, 'FargateCluster'); + new eks.FargateCluster(stack, 'FargateCluster', { version: CLUSTER_VERSION }); // THEN expect(stack).to(haveResourceLike('AWS::IAM::Policy', { diff --git a/packages/@aws-cdk/aws-eks/test/test.k8s-patch.ts b/packages/@aws-cdk/aws-eks/test/test.k8s-patch.ts index 8c21b200a9936..b8963aa3a3989 100644 --- a/packages/@aws-cdk/aws-eks/test/test.k8s-patch.ts +++ b/packages/@aws-cdk/aws-eks/test/test.k8s-patch.ts @@ -4,11 +4,13 @@ import { Test } from 'nodeunit'; import * as eks from '../lib'; import { KubernetesPatch, PatchType } from '../lib/k8s-patch'; +const CLUSTER_VERSION = eks.KubernetesVersion.V1_16; + export = { 'applies a patch to k8s'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); // WHEN new KubernetesPatch(stack, 'MyPatch', { @@ -45,7 +47,7 @@ export = { 'defaults to "strategic" patch type if no patchType is specified'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); // WHEN new KubernetesPatch(stack, 'MyPatch', { @@ -62,7 +64,7 @@ export = { 'uses specified to patch type if specified'(test: Test) { // GIVEN const stack = new Stack(); - const cluster = new eks.Cluster(stack, 'MyCluster'); + const cluster = new eks.Cluster(stack, 'MyCluster', { version: CLUSTER_VERSION }); // WHEN new KubernetesPatch(stack, 'jsonPatch', { @@ -101,4 +103,4 @@ export = { })); test.done(); }, -}; \ No newline at end of file +}; diff --git a/packages/@aws-cdk/aws-eks/test/test.manifest.ts b/packages/@aws-cdk/aws-eks/test/test.manifest.ts index 21459b633f6b0..565cf28aaffbf 100644 --- a/packages/@aws-cdk/aws-eks/test/test.manifest.ts +++ b/packages/@aws-cdk/aws-eks/test/test.manifest.ts @@ -1,15 +1,17 @@ import { expect, haveResource } from '@aws-cdk/assert'; import { Test } from 'nodeunit'; -import { Cluster, KubernetesResource } from '../lib'; +import { Cluster, KubernetesResource, KubernetesVersion } from '../lib'; import { testFixtureNoVpc } from './util'; // tslint:disable:max-line-length +const CLUSTER_VERSION = KubernetesVersion.V1_16; + export = { 'basic usage'(test: Test) { // GIVEN const { stack } = testFixtureNoVpc(); - const cluster = new Cluster(stack, 'cluster'); + const cluster = new Cluster(stack, 'cluster', { version: CLUSTER_VERSION }); const manifest = [ { @@ -74,4 +76,4 @@ export = { })); test.done(); }, -}; \ No newline at end of file +}; diff --git a/packages/@aws-cdk/aws-eks/test/test.nodegroup.ts b/packages/@aws-cdk/aws-eks/test/test.nodegroup.ts index acd5871c6cb6b..160259706d727 100644 --- a/packages/@aws-cdk/aws-eks/test/test.nodegroup.ts +++ b/packages/@aws-cdk/aws-eks/test/test.nodegroup.ts @@ -7,13 +7,20 @@ import { testFixture } from './util'; // tslint:disable:max-line-length +const CLUSTER_VERSION = eks.KubernetesVersion.V1_16; + export = { 'create nodegroup correctly'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); // WHEN - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: true, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); new eks.Nodegroup(stack, 'Nodegroup', { cluster }); // THEN @@ -50,7 +57,12 @@ export = { const { stack, vpc } = testFixture(); // WHEN - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: true, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); new eks.Nodegroup(stack, 'Nodegroup', { cluster, remoteAccess: { @@ -80,7 +92,12 @@ export = { const { stack, vpc } = testFixture(); // WHEN - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: true, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); new eks.Nodegroup(stack, 'Nodegroup', { cluster, forceUpdate: false }); // THEN @@ -95,7 +112,12 @@ export = { const { stack, vpc } = testFixture(); // WHEN - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 2 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: false, + defaultCapacity: 2, + version: CLUSTER_VERSION, + }); // add a extra nodegroup cluster.addNodegroup('extra-ng'); // THEN @@ -107,7 +129,12 @@ export = { const { stack, vpc } = testFixture(); // WHEN - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: true, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); new eks.Nodegroup(stack, 'Nodegroup', { cluster, instanceType: new ec2.InstanceType('m5.large'), @@ -127,7 +154,11 @@ export = { const { stack, vpc } = testFixture(); // WHEN - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); new eks.Nodegroup(stack, 'Nodegroup', { cluster, remoteAccess: { @@ -149,7 +180,12 @@ export = { // GIVEN const { stack: stack1, vpc, app } = testFixture(); const stack2 = new cdk.Stack(app, 'stack2', { env: { region: 'us-east-1' } }); - const cluster = new eks.Cluster(stack1, 'Cluster', { vpc, kubectlEnabled: false, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack1, 'Cluster', { + vpc, + kubectlEnabled: false, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // WHEN // const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); @@ -172,7 +208,12 @@ export = { 'addNodegroup correctly'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: true, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // WHEN cluster.addNodegroup('ng'); @@ -209,7 +250,12 @@ export = { 'throws when desiredSize > maxSize'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: true, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // THEN test.throws(() => cluster.addNodegroup('ng', { desiredSize: 3, maxSize: 2 }), /Desired capacity 3 can't be greater than max size 2/); test.done(); @@ -217,7 +263,12 @@ export = { 'throws when desiredSize < minSize'(test: Test) { // GIVEN const { stack, vpc } = testFixture(); - const cluster = new eks.Cluster(stack, 'Cluster', { vpc, kubectlEnabled: true, defaultCapacity: 0 }); + const cluster = new eks.Cluster(stack, 'Cluster', { + vpc, + kubectlEnabled: true, + defaultCapacity: 0, + version: CLUSTER_VERSION, + }); // THEN test.throws(() => cluster.addNodegroup('ng', { desiredSize: 2, minSize: 3 }), /Minimum capacity 3 can't be greater than desired size 2/); test.done(); diff --git a/packages/@aws-cdk/aws-eks/test/test.user-data.ts b/packages/@aws-cdk/aws-eks/test/test.user-data.ts index a984f18df0c31..021cad8f16d3b 100644 --- a/packages/@aws-cdk/aws-eks/test/test.user-data.ts +++ b/packages/@aws-cdk/aws-eks/test/test.user-data.ts @@ -90,7 +90,7 @@ export = { })); // THEN - test.deepEqual(userData[1], '/etc/eks/bootstrap.sh my-cluster-name --kubelet-extra-args "--node-labels lifecycle=OnDemand" --use-max-pods true --enable-docker-bridge'); + test.deepEqual(userData[1], '/etc/eks/bootstrap.sh my-cluster-name --kubelet-extra-args "--node-labels lifecycle=OnDemand" --use-max-pods true --enable-docker-bridge true'); test.done(); }, diff --git a/packages/@aws-cdk/aws-eks/test/util.ts b/packages/@aws-cdk/aws-eks/test/util.ts index 7112aa374ec91..28751aa5a96b0 100644 --- a/packages/@aws-cdk/aws-eks/test/util.ts +++ b/packages/@aws-cdk/aws-eks/test/util.ts @@ -1,6 +1,8 @@ import * as ec2 from '@aws-cdk/aws-ec2'; import { App, Construct, Stack } from '@aws-cdk/core'; -import { Cluster } from '../lib'; +import { Cluster, KubernetesVersion } from '../lib'; + +const CLUSTER_VERSION = KubernetesVersion.V1_16; export function testFixture() { const { stack, app } = testFixtureNoVpc(); @@ -17,7 +19,7 @@ export function testFixtureNoVpc() { export function testFixtureCluster() { const { stack, app } = testFixtureNoVpc(); - const cluster = new Cluster(stack, 'Cluster'); + const cluster = new Cluster(stack, 'Cluster', { version: CLUSTER_VERSION }); return { stack, app, cluster }; }