Version: v0.8.0 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jan 25, 2022 License: Apache-2.0 Imports: 47 Imported by: 0



Package eks contains utility functions for interacting with EKS



This section is empty.


This section is empty.


func CleanupSecurityGroup added in v0.6.5

func CleanupSecurityGroup(
	clusterArn string,
	securityGroupID string,
	vpcID string,
) error

CleanupSecurityGroup deletes the AWS EKS managed security group, which otherwise doesn't get cleaned up when destroying the EKS cluster. It also attempts to delete the security group left by ALB ingress controller, if applicable.

func ConfigureKubectlForEks

func ConfigureKubectlForEks(
	eksCluster *eks.Cluster,
	kubectlOptions *kubectl.KubectlOptions,
) error

ConfigureKubectlForEks adds a new context to the kubeconfig located at the given path that can authenticate with the EKS cluster referenced by the given ARN.

func DrainASG added in v0.6.16

func DrainASG(
	region string,
	asgNames []string,
	kubectlOptions *kubectl.KubectlOptions,
	drainTimeout time.Duration,
	deleteLocalData bool,
) error

DrainASG will cordon and drain all the instances associated with the given ASGs at the time of running.

func GetAsgByName

func GetAsgByName(svc *autoscaling.AutoScaling, asgName string) (*autoscaling.Group, error)

GetAsgByName will lookup an AutoScalingGroup that matches the given name. This will return an error if it can not find any ASG that matches the given name.

func RollOutDeployment

func RollOutDeployment(
	region string,
	eksAsgName string,
	kubectlOptions *kubectl.KubectlOptions,
	drainTimeout time.Duration,
	deleteLocalData bool,
	maxRetries int,
	sleepBetweenRetries time.Duration,
	ignoreRecoveryFile bool,
) (returnErr error)

RollOutDeployment will perform a zero downtime roll out of the current launch configuration associated with the provided ASG in the provided EKS cluster. This is accomplished by: 1. Double the desired capacity of the Auto Scaling Group that powers the EKS Cluster. This will launch new EKS

workers with the new launch configuration.

2. Wait for the new nodes to be ready for Pod scheduling in Kubernetes. 3. Cordon the old nodes so that no new Pods will be scheduled there. 4. Drain the pods scheduled on the old EKS workers (using the equivalent of "kubectl drain"), so that they will be

rescheduled on the new EKS workers.

5. Wait for all the pods to migrate off of the old EKS workers. 6. Set the desired capacity down to the original value and remove the old EKS workers from the ASG. The process is broken up into stages/checkpoints, state is stored along the way so that command can pick up from a stage if something bad happens.

func ScheduleCoredns added in v0.6.5

func ScheduleCoredns(
	kubectlOptions *kubectl.KubectlOptions,
	clusterName string,
	fargateProfileArn string,
	corednsAnnotation CorednsAnnotation,
) error

ScheduleCoredns adds or removes the compute-type annotation from the coredns deployment resource. When adding, it is set to ec2, when removing, it enables coredns for fargate nodes.

func SyncClusterComponents added in v0.6.1

func SyncClusterComponents(
	eksClusterArn string,
	shouldWait bool,
	waitTimeout string,
	skipConfig SkipComponentsConfig,
) error

SyncClusterComponents will perform the steps described in https://docs.aws.amazon.com/eks/latest/userguide/update-cluster.html There are three core applications on an EKS cluster:

- kube-proxy
- coredns
- VPC CNI Plugin

Each of these is managed in Kubernetes as DaemonSet, Deployment, and DaemonSet respectively. This command will use the k8s API and kubectl command under the hood to patch the manifests to deploy the expected version based on what the current Kubernetes version is of the cluster. As such, this command should be run every time the Kubernetes version is updated on the EKS cluster.

func VerifyCluster

func VerifyCluster(
	eksClusterArn string,
	waitForCluster bool,
	waitMaxRetries int,
	waitSleepBetweenRetries time.Duration,
) error

VerifyCluster verifies that the cluster exists, and that the Kubernetes api server is up and accepting traffic. If waitForCluster is true, this command will wait for each stage to reach the true state.


type ASG added in v0.8.0

type ASG struct {
	Name                 string
	OriginalCapacity     int64
	MaxCapacityForUpdate int64
	OriginalMaxCapacity  int64
	OriginalInstances    []string
	NewInstances         []string

ASG represents the Auto Scaling Group currently being worked on.

type CoreComponentUnexpectedConfigurationErr added in v0.6.1

type CoreComponentUnexpectedConfigurationErr struct {
	// contains filtered or unexported fields

CoreComponentUnexpectedConfigurationErr error is returned when the EKS core components are in an unexpected configuration, such as a different number of containers.

func (CoreComponentUnexpectedConfigurationErr) Error added in v0.6.1

type CorednsAnnotation added in v0.6.5

type CorednsAnnotation string
const (
	Fargate CorednsAnnotation = "fargate"
	EC2     CorednsAnnotation = "ec2"

type CouldNotFindLoadBalancerErr added in v0.7.4

type CouldNotFindLoadBalancerErr struct {
	// contains filtered or unexported fields

CouldNotFindLoadBalancerErr is returned when the given ELB can not be found.

func (CouldNotFindLoadBalancerErr) Error added in v0.7.4

func (err CouldNotFindLoadBalancerErr) Error() string

type CouldNotMeetASGCapacityError

type CouldNotMeetASGCapacityError struct {
	// contains filtered or unexported fields

CouldNotMeetASGCapacityError represents an error related to waiting for ASG to reach desired capacity

func NewCouldNotMeetASGCapacityError

func NewCouldNotMeetASGCapacityError(asgName string, message string) CouldNotMeetASGCapacityError

func (CouldNotMeetASGCapacityError) Error

type DeployState added in v0.8.0

type DeployState struct {
	GatherASGInfoDone      bool
	SetMaxCapacityDone     bool
	ScaleUpDone            bool
	WaitForNodesDone       bool
	CordonNodesDone        bool
	DrainNodesDone         bool
	DetachInstancesDone    bool
	TerminateInstancesDone bool
	RestoreCapacityDone    bool

	Path string
	// contains filtered or unexported fields

DeployState is a basic state machine representing current state of eks deploy subcommand. The entire deploy flow is split into multiple sub-stages and state is persisted after each stage.

type EKSClusterNotReady

type EKSClusterNotReady struct {
	// contains filtered or unexported fields

EKSClusterNotReady is returned when the EKS cluster is detected to not be in the ready state

func (EKSClusterNotReady) Error

func (err EKSClusterNotReady) Error() string

type EKSClusterReadyTimeoutError

type EKSClusterReadyTimeoutError struct {
	// contains filtered or unexported fields

EKSClusterReadyTimeoutError is returned when we time out waiting for an EKS cluster to be ready.

func (EKSClusterReadyTimeoutError) Error

func (err EKSClusterReadyTimeoutError) Error() string

type LookupError

type LookupError struct {
	// contains filtered or unexported fields

LookupError represents an error related to looking up data on an object.

func NewLookupError

func NewLookupError(objectType string, objectId string, objectProperty string) LookupError

NewLookupError constructs a new LookupError object that can be used to return an error related to a look up error.

func (LookupError) Error

func (err LookupError) Error() string

type MultipleLookupErrors

type MultipleLookupErrors struct {
	// contains filtered or unexported fields

MultipleLookupErrors represents multiple errors found while looking up a resource

func NewMultipleLookupErrors

func NewMultipleLookupErrors() MultipleLookupErrors

func (MultipleLookupErrors) AddError

func (err MultipleLookupErrors) AddError(newErr error)

func (MultipleLookupErrors) Error

func (err MultipleLookupErrors) Error() string

func (MultipleLookupErrors) IsEmpty

func (err MultipleLookupErrors) IsEmpty() bool

type MultipleTerminateInstanceErrors

type MultipleTerminateInstanceErrors struct {
	// contains filtered or unexported fields

MultipleTerminateInstanceErrors represents multiple errors found while terminating instances

func NewMultipleTerminateInstanceErrors

func NewMultipleTerminateInstanceErrors() MultipleTerminateInstanceErrors

func (MultipleTerminateInstanceErrors) AddError

func (err MultipleTerminateInstanceErrors) AddError(newErr error)

func (MultipleTerminateInstanceErrors) Error

func (MultipleTerminateInstanceErrors) IsEmpty

func (err MultipleTerminateInstanceErrors) IsEmpty() bool

type NetworkInterfaceDeletedTimeoutError added in v0.6.5

type NetworkInterfaceDeletedTimeoutError struct {
	// contains filtered or unexported fields

NetworkInterfaceDeletedTimeoutError is returned when we time out waiting for a network interface to be deleted.

func (NetworkInterfaceDeletedTimeoutError) Error added in v0.6.5

type NetworkInterfaceDetachedTimeoutError added in v0.6.5

type NetworkInterfaceDetachedTimeoutError struct {
	// contains filtered or unexported fields

NetworkInterfaceDetachedTimeoutError is returned when we time out waiting for a network interface to be detached.

func (NetworkInterfaceDetachedTimeoutError) Error added in v0.6.5

type NoPeerCertificatesError added in v0.5.3

type NoPeerCertificatesError struct {
	URL string

NoPeerCertificatesError is returned when we couldn't find any TLS peer certificates for the provided URL.

func (NoPeerCertificatesError) Error added in v0.5.3

func (err NoPeerCertificatesError) Error() string

type PartialOIDCConfig added in v0.5.3

type PartialOIDCConfig struct {
	JwksURI string `json:"jwks_uri"`

type SkipComponentsConfig added in v0.7.1

type SkipComponentsConfig struct {
	KubeProxy bool
	CoreDNS   bool
	VPCCNI    bool

SkipComponentsConfig represents the components that should be skipped in the sync command.

type Thumbprint added in v0.5.3

type Thumbprint struct {
	Thumbprint string `json:"thumbprint"`

func GetOIDCThumbprint added in v0.5.3

func GetOIDCThumbprint(issuerURL string) (*Thumbprint, error)

GetOIDCThumbprint will retrieve the thumbprint of the root CA for the OIDC Provider identified by the issuer URL. This is done by first looking up the domain where the keys are provided, and then looking up the TLS certificate chain for that domain.

type UnsupportedEKSVersion added in v0.6.1

type UnsupportedEKSVersion struct {
	// contains filtered or unexported fields

UnsupportedEKSVersion is returned when the Kubernetes version of the EKS cluster is not supported.

func (UnsupportedEKSVersion) Error added in v0.6.1

func (err UnsupportedEKSVersion) Error() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL