Skip to content

Commit

Permalink
Add karpenter windows (#140)
Browse files Browse the repository at this point in the history 
* Added karpenter provisioner for Windows2022
Change to ManagedNodeGroup to be more flexible
Keep imdvs2 false only for linux

* The amazon-vpc-cni is not created by default so we need to override the value for windows

* Update to right version of blueprint

* Outside my area fixes
Fix for aws-quickstart/cdk-eks-blueprints#976

* Make list is the default command

* Not reverting automatic AZ choice
  • Loading branch information
@ROunofF
ROunofF authored Apr 13, 2024
1 parent 350ce3c commit ea36595
Show file tree
Hide file tree
Showing 6 changed files with 91 additions and 183 deletions.
9 changes: 4 additions & 5 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,10 @@ formatted_pattern_names := $(patsubst %.ts,%,$(pattern_files))
# Dependecies
HOMEBREW_LIBS := nvm typescript argocd

list:
@$ echo "To work with patterns use: \n\t$$ make pattern <pattern-name> <list | deploy | synth | destroy>"
@$ echo "Example:\n\t$$ make pattern fargate deploy \n\nPatterns: \n"
@$ $(foreach pattern, $(formatted_pattern_names), echo "\t$(pattern)";)

deps: bootstrap
npm install
Expand All @@ -29,11 +33,6 @@ build:
compile:
$(TSC) --build --incremental

list:
@$ echo "To work with patterns use: \n\t$$ make pattern <pattern-name> <list | deploy | synth | destroy>"
@$ echo "Example:\n\t$$ make pattern fargate deploy \n\nPatterns: \n"
@$ $(foreach pattern, $(formatted_pattern_names), echo "\t$(pattern)";)

mkdocs:
mkdocs serve

Expand Down
130 changes: 0 additions & 130 deletions lib/common/windows-builder.ts
View file

This file was deleted.

40 changes: 22 additions & 18 deletions lib/karpenter-construct/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,28 +10,32 @@ export default class KarpenterConstruct {
const karpenterAddOn = new blueprints.addons.KarpenterAddOn({
version: 'v0.33.1',
nodePoolSpec: {
labels: {
type: "karpenter-test"
},
annotations: {
"eks-blueprints/owner": "eks-blueprints"
},
taints: [{
key: "workload",
value: "test",
effect: "NoSchedule",
}],
requirements: [
{ key: 'node.kubernetes.io/instance-type', operator: 'In', values: ['m5.2xlarge'] },
{ key: 'node.kubernetes.io/instance-type', operator: 'In', values: ['m5.large'] },
{ key: 'topology.kubernetes.io/zone', operator: 'In', values: [`${region}a`,`${region}b`, `${region}c`]},
{ key: 'kubernetes.io/arch', operator: 'In', values: ['amd64','arm64']},
{ key: 'karpenter.sh/capacity-type', operator: 'In', values: ['spot']},
]
{ key: 'karpenter.sh/capacity-type', operator: 'In', values: ['on-demand']},
],
disruption: {
consolidationPolicy: "WhenUnderutilized",
expireAfter: "259200s"
},
weight: 20,

},
ec2NodeClassSpec: {
amiFamily: "AL2",
subnetSelectorTerms: [{ tags: { "Name": "my-stack-name/my-stack-name-vpc/PrivateSubnet*" }}],
securityGroupSelectorTerms: [{ tags: { "aws:eks:cluster-name": "karpenter" }}],
ec2NodeClassSpec:{
subnetSelectorTerms: [
{
tags: { "Name": `${stackID}/${stackID}-vpc/*` }
}
],
securityGroupSelectorTerms: [
{
tags: { [`kubernetes.io/cluster/${stackID}`]: "owned" }
}
],

amiFamily: "AL2"
},
interruptionHandling: true,
});
Expand Down
4 changes: 2 additions & 2 deletions lib/security/data-at-rest-encryption/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,9 @@ const targetRevision = "main";

export default class DataAtRestEncryptionConstruct {
async buildAsync(scope: Construct, id: string) {

await prevalidateSecrets(DataAtRestEncryptionConstruct.name, process.env.CDK_DEFAULT_REGION!, SECRET_ARGO_ADMIN_PWD);

const stackId = `${id}-blueprint`;

const ebsKmsKeyName = "ebs-kms-encryption-key";
Expand Down
67 changes: 50 additions & 17 deletions lib/windows-construct/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ import * as ec2 from "aws-cdk-lib/aws-ec2";
import * as eks from "aws-cdk-lib/aws-eks";
import * as iam from "aws-cdk-lib/aws-iam";
import { Construct } from "constructs";
import { WindowsBuilder, WindowsOptions } from '../common/windows-builder';
// import { WindowsVpcCni } from "./vpc-cni";
import { WindowsBuilder, WindowsOptions, KarpenterAddOnProps } from "@aws-quickstart/eks-blueprints";
import { WindowsVpcCni } from "./vpc-cni";

export default class WindowsConstruct {
build(scope: Construct, id: string) {
Expand All @@ -21,39 +21,72 @@ export default class WindowsConstruct {
]);

const options: WindowsOptions = {
kubernetesVersion: eks.KubernetesVersion.of("1.27"),
instanceClass: ec2.InstanceClass.M5,
instanceSize: ec2.InstanceSize.XLARGE4,
desiredNodeSize: 2,
minNodeSize: 2,
kubernetesVersion: eks.KubernetesVersion.V1_29,
instanceClass: ec2.InstanceClass.T3,
instanceSize: ec2.InstanceSize.MEDIUM,
desiredNodeCount: 1,
minNodeSize: 1,
maxNodeSize: 3,
blockDeviceSize: 50,
noScheduleForWindowsNodes: true,
clusterProviderTags: {
"Name": "blueprints-windows-eks-cluster",
"Type": "generic-windows-cluster"
},
genericNodeGroupTags: {
"Name": "Mng-linux",
"Type": "Managed-linux-Node-Group",
"LaunchTemplate": "Linux-Launch-Template",
genericNodeGroupOptions: {
nodegroupName: "Mng-linux",
tags: {
"kubernetes.io/cluster/windows-eks-blueprint": "owned"
}
},
windowsNodeGroupTags: {
"Name": "Managed-Node-Group",
"Type": "Windows-Node-Group",
"LaunchTemplate": "WindowsLT",
"kubernetes.io/cluster/windows-eks-blueprint": "owned"
windowsNodeGroupOptions: {
nodegroupName: "Mng-windows",
tags: {
"kubernetes.io/cluster/windows-eks-blueprint": "owned"
}
}
};

const addOns: Array<blueprints.ClusterAddOn> = [
// new WindowsVpcCni()
new WindowsVpcCni(),
];

const karpenterProps :KarpenterAddOnProps = {
nodePoolSpec: {
requirements: [
{ key: 'kubernetes.io/os', operator: 'In', values: ['windows']},
],
taints: [
{
key: "os",
value: "windows",
effect: "NoSchedule"
}
],
disruption: {
consolidationPolicy: "WhenEmpty",
consolidateAfter: "300s",
expireAfter: "2592000s"
},
weight: 20
},
ec2NodeClassSpec : {
subnetSelectorTerms: [
{ tags: { "Name": `${stackID}/${stackID}-vpc/Private*` }}
],
securityGroupSelectorTerms: [
{tags: { [`kubernetes.io/cluster/${stackID}`]: "owned",}}
],
amiFamily: "Windows2022"
},
};

WindowsBuilder.builder(options)
.addOns(...addOns)
.account(account)
.region(region)
.withKarpenterProps(karpenterProps)
.enableKarpenter()
.resourceProvider("node-role", nodeRole)
.resourceProvider(
blueprints.GlobalResources.Vpc,
Expand Down
24 changes: 13 additions & 11 deletions lib/windows-construct/vpc-cni/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,24 @@
import * as blueprints from '@aws-quickstart/eks-blueprints';
import { KubernetesManifest } from 'aws-cdk-lib/aws-eks';
import { Construct } from 'constructs';

export class WindowsVpcCni implements blueprints.ClusterAddOn {
id: "amazon-vpc-cni";

deploy(clusterInfo: blueprints.ClusterInfo): void | Promise<Construct> {
const cluster = clusterInfo.cluster;
const configmap = cluster.addManifest("amazon-vpc-cni", {
apiVersion: "v1",
kind: "ConfigMap",
metadata: {
name: "amazon-vpc-cni",
namespace: "kube-system",
},
data:{
"enable-windows-ipam": "true"
},
});
const configmap = new KubernetesManifest(cluster, 'amazon-vpc-cni', { cluster: cluster,
manifest : [{
apiVersion: "v1",
kind: "ConfigMap",
metadata: {
name: "amazon-vpc-cni",
namespace: "kube-system",
},
data:{
"enable-windows-ipam": "true"
},
}], overwrite: true });

return Promise.resolve(configmap);
}
Expand Down

0 comments on commit ea36595

Please sign in to comment.