Use CDK8S To Create AWS Controllers for Kubernetes Custom Resources
Vu Dao
Abstract
There is a question, How does ACK relate to cdk8s?
Answer: All of the ACK controllers watch for specific CRs and you can generate those resources using cdk8s. The two projects complement each other. cdk8s can create the Kubernetes resources and ACK uses those resources to create the AWS infrastructure.
This post gives an example of generating Kubernetes manifest of ACK using cdk8s typescript
Table Of Contents
๐ Pre-requisite
You can base on the AWS Controllers for Kubernetes Hands-on to test the generated manifests by cdk8s
projen is a plus
๐ Init cdk8s-app projen
You can just init cdk8s project using
cdk8s init typescript-appbut the following is used projen to manage configuration through codeInit
cdk8s-app-tswith projen in typescript.โก $ projen new cdk8s-app-ts --projenrc-tscdk8s import
โก $ cdk8s import --language typescript --output src/imports Importing k8s v1.22.0... Importing resources, this may take a few moments... k8s
๐ Import ACK CRDS As CDK8S API
-
โก $ cdk8s import https://raw.githubusercontent.com/aws-controllers-k8s/s3-controller/main/helm/crds/s3.services.k8s.aws_buckets.yaml --output src/imports/ Importing resources, this may take a few moments... s3.services.k8s.aws s3.services.k8s.aws/bucket rds-controller crds, rename the file from
rds.services.k8s.aws.tstords.services.db.instance.k8s.aws.tsafter import due to that name is assigned for all CRDS within therds-controllercrdsโก $ cdk8s import https://raw.githubusercontent.com/aws-controllers-k8s/rds-controller/main/helm/crds/rds.services.k8s.aws_dbinstances.yaml --output src/imports/ Importing resources, this may take a few moments... rds.services.k8s.aws rds.services.k8s.aws/dbinstance โก $ mv src/imports/rds.services.k8s.aws.ts src/imports/rds.services.db.instance.k8s.aws.tsRDS subnet group, rename the file from
rds.services.k8s.aws.tstords.services.subnet.group.k8s.aws.tsโก $ cdk8s import https://raw.githubusercontent.com/aws-controllers-k8s/rds-controller/main/helm/crds/rds.services.k8s.aws_dbsubnetgroups.yaml --output src/imports/ Importing resources, this may take a few moments... rds.services.k8s.aws rds.services.k8s.aws/dbsubnetgroup โก $ mv src/imports/rds.services.k8s.aws.ts src/imports/rds.services.subnet.group.k8s.aws.ts
๐ Get your hands dirty with code now
-
rds โโโ constants.ts โโโ db-instance.ts โโโ subnet-group.tsDBInstance requires a subnet group which contains private subnets in EKS VPC (
subnet-group.ts) and secret keys to hold user credentials. The k8s secret is not generated through code here.db-instance.tsdefines the specs ofDbInstance
-
s3 โโโ constants.ts โโโ s3.ts
๐ Build manifest
- Just run
yarn build
โก $ yarn build
yarn run v1.22.15
warning ../../../package.json: No license field
$ npx projen build
๐พ build ยป default | ts-node --project tsconfig.dev.json .projenrc.ts
๐พ build ยป compile | tsc --build
๐พ build ยป post-compile ยป synth | cdk8s synth
No manifests synthesized
๐พ build ยป test | jest --passWithNoTests --all --updateSnapshot
No tests found, exiting with code 0
----------|---------|----------|---------|---------|-------------------
File | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s
----------|---------|----------|---------|---------|-------------------
All files | 0 | 0 | 0 | 0 |
----------|---------|----------|---------|---------|-------------------
๐พ build ยป test ยป eslint | eslint --ext .ts,.tsx --fix --no-error-on-unmatched-pattern src test build-tools .projenrc.js
Done in 25.90s.
Output directory
dist โโโ rds โ โโโ rds-db-instance.yaml โ โโโ rds-subnet-group.yaml โโโ s3 โโโ s3-test-bucket.yamlWe can now use the
yamlfiles to create the AWS infrastructure through ACK
๐ Conclusion
- Although we have to import ACK CRDS resources for cdk8s API, we can manage k8s manifests through code
Subscribe to my newsletter
Read articles from Vu Dao directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Vu Dao
Vu Dao
๐ AWSome Devops | AWS Community Builder | AWS SA || โ๏ธ CloudOpz โ๏ธ