Documentation ¶
Overview ¶
Package eks contains utility functions for interacting with EKS
Index ¶
- func CleanupSecurityGroup(clusterArn string, securityGroupID string, vpcID string) error
- func ConfigureKubectlForEks(eksCluster *eks.Cluster, kubectlOptions *kubectl.KubectlOptions) error
- func GetAsgByName(svc *autoscaling.AutoScaling, asgName string) (*autoscaling.Group, error)
- func RollOutDeployment(region string, eksAsgName string, kubectlOptions *kubectl.KubectlOptions, ...) error
- func ScheduleCoredns(kubectlOptions *kubectl.KubectlOptions, clusterName string, ...) error
- func SyncClusterComponents(eksClusterArn string, shouldWait bool, waitTimeout string) error
- func VerifyCluster(eksClusterArn string, waitForCluster bool, waitMaxRetries int, ...) error
- type CoreComponentUnexpectedConfigurationErr
- type CorednsAnnotation
- type CouldNotMeetASGCapacityError
- type EKSClusterNotReady
- type EKSClusterReadyTimeoutError
- type LookupError
- type MultipleLookupErrors
- type MultipleTerminateInstanceErrors
- type NetworkInterfaceDeletedTimeoutError
- type NetworkInterfaceDetachedTimeoutError
- type NoPeerCertificatesError
- type PartialOIDCConfig
- type Thumbprint
- type UnsupportedEKSVersion
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CleanupSecurityGroup ¶ added in v0.6.5
CleanupSecurityGroup deletes the AWS EKS managed security group, which otherwise doesn't get cleaned up when destroying the EKS cluster. It also attempts to delete the security group left by ALB ingress controller, if applicable.
func ConfigureKubectlForEks ¶
func ConfigureKubectlForEks( eksCluster *eks.Cluster, kubectlOptions *kubectl.KubectlOptions, ) error
ConfigureKubectlForEks adds a new context to the kubeconfig located at the given path that can authenticate with the EKS cluster referenced by the given ARN.
func GetAsgByName ¶
func GetAsgByName(svc *autoscaling.AutoScaling, asgName string) (*autoscaling.Group, error)
GetAsgByName will lookup an AutoScalingGroup that matches the given name. This will return an error if it can not find any ASG that matches the given name.
func RollOutDeployment ¶
func RollOutDeployment( region string, eksAsgName string, kubectlOptions *kubectl.KubectlOptions, drainTimeout time.Duration, deleteLocalData bool, maxRetries int, sleepBetweenRetries time.Duration, ) error
RollOutDeployment will perform a zero downtime roll out of the current launch configuration associated with the provided ASG in the provided EKS cluster. This is accomplished by:
- Double the desired capacity of the Auto Scaling Group that powers the EKS Cluster. This will launch new EKS workers with the new launch configuration.
- Wait for the new nodes to be ready for Pod scheduling in Kubernetes.
- Cordon the old nodes so that no new Pods will be scheduled there.
- Drain the pods scheduled on the old EKS workers (using the equivalent of "kubectl drain"), so that they will be rescheduled on the new EKS workers.
- Wait for all the pods to migrate off of the old EKS workers.
- Set the desired capacity down to the original value and remove the old EKS workers from the ASG.
TODO feature request: Break up into stages/checkpoints, and store state along the way so that command can pick up from a stage if something bad happens.
func ScheduleCoredns ¶ added in v0.6.5
func ScheduleCoredns( kubectlOptions *kubectl.KubectlOptions, clusterName string, fargateProfileArn string, corednsAnnotation CorednsAnnotation, ) error
ScheduleCoredns adds or removes the compute-type annotation from the coredns deployment resource. When adding, it is set to ec2, when removing, it enables coredns for fargate nodes.
func SyncClusterComponents ¶ added in v0.6.1
SyncClusterComponents will perform the steps described in https://docs.aws.amazon.com/eks/latest/userguide/update-cluster.html There are three core applications on an EKS cluster:
- kube-proxy
- coredns
- VPC CNI Plugin
Each of these is managed in Kubernetes as DaemonSet, Deployment, and DaemonSet respectively. This command will use the k8s API and kubectl command under the hood to patch the manifests to deploy the expected version based on what the current Kubernetes version is of the cluster. As such, this command should be run every time the Kubernetes version is updated on the EKS cluster.
func VerifyCluster ¶
func VerifyCluster( eksClusterArn string, waitForCluster bool, waitMaxRetries int, waitSleepBetweenRetries time.Duration, ) error
VerifyCluster verifies that the cluster exists, and that the Kubernetes api server is up and accepting traffic. If waitForCluster is true, this command will wait for each stage to reach the true state.
Types ¶
type CoreComponentUnexpectedConfigurationErr ¶ added in v0.6.1
type CoreComponentUnexpectedConfigurationErr struct {
// contains filtered or unexported fields
}
CoreComponentUnexpectedConfigurationErr error is returned when the EKS core components are in an unexpected configuration, such as a different number of containers.
func (CoreComponentUnexpectedConfigurationErr) Error ¶ added in v0.6.1
func (err CoreComponentUnexpectedConfigurationErr) Error() string
type CorednsAnnotation ¶ added in v0.6.5
type CorednsAnnotation string
const ( Fargate CorednsAnnotation = "fargate" EC2 CorednsAnnotation = "ec2" )
type CouldNotMeetASGCapacityError ¶
type CouldNotMeetASGCapacityError struct {
// contains filtered or unexported fields
}
CouldNotMeetASGCapacityError represents an error related to waiting for ASG to reach desired capacity
func NewCouldNotMeetASGCapacityError ¶
func NewCouldNotMeetASGCapacityError(asgName string, message string) CouldNotMeetASGCapacityError
func (CouldNotMeetASGCapacityError) Error ¶
func (err CouldNotMeetASGCapacityError) Error() string
type EKSClusterNotReady ¶
type EKSClusterNotReady struct {
// contains filtered or unexported fields
}
EKSClusterNotReady is returned when the EKS cluster is detected to not be in the ready state
func (EKSClusterNotReady) Error ¶
func (err EKSClusterNotReady) Error() string
type EKSClusterReadyTimeoutError ¶
type EKSClusterReadyTimeoutError struct {
// contains filtered or unexported fields
}
EKSClusterReadyTimeoutError is returned when we time out waiting for an EKS cluster to be ready.
func (EKSClusterReadyTimeoutError) Error ¶
func (err EKSClusterReadyTimeoutError) Error() string
type LookupError ¶
type LookupError struct {
// contains filtered or unexported fields
}
LookupError represents an error related to looking up data on an object.
func NewLookupError ¶
func NewLookupError(objectType string, objectId string, objectProperty string) LookupError
NewLookupError constructs a new LookupError object that can be used to return an error related to a look up error.
func (LookupError) Error ¶
func (err LookupError) Error() string
type MultipleLookupErrors ¶
type MultipleLookupErrors struct {
// contains filtered or unexported fields
}
MultipleLookupErrors represents multiple errors found while looking up a resource
func NewMultipleLookupErrors ¶
func NewMultipleLookupErrors() MultipleLookupErrors
func (MultipleLookupErrors) AddError ¶
func (err MultipleLookupErrors) AddError(newErr error)
func (MultipleLookupErrors) Error ¶
func (err MultipleLookupErrors) Error() string
func (MultipleLookupErrors) IsEmpty ¶
func (err MultipleLookupErrors) IsEmpty() bool
type MultipleTerminateInstanceErrors ¶
type MultipleTerminateInstanceErrors struct {
// contains filtered or unexported fields
}
MultipleTerminateInstanceErrors represents multiple errors found while terminating instances
func NewMultipleTerminateInstanceErrors ¶
func NewMultipleTerminateInstanceErrors() MultipleTerminateInstanceErrors
func (MultipleTerminateInstanceErrors) AddError ¶
func (err MultipleTerminateInstanceErrors) AddError(newErr error)
func (MultipleTerminateInstanceErrors) Error ¶
func (err MultipleTerminateInstanceErrors) Error() string
func (MultipleTerminateInstanceErrors) IsEmpty ¶
func (err MultipleTerminateInstanceErrors) IsEmpty() bool
type NetworkInterfaceDeletedTimeoutError ¶ added in v0.6.5
type NetworkInterfaceDeletedTimeoutError struct {
// contains filtered or unexported fields
}
NetworkInterfaceDeletedTimeoutError is returned when we time out waiting for a network interface to be deleted.
func (NetworkInterfaceDeletedTimeoutError) Error ¶ added in v0.6.5
func (err NetworkInterfaceDeletedTimeoutError) Error() string
type NetworkInterfaceDetachedTimeoutError ¶ added in v0.6.5
type NetworkInterfaceDetachedTimeoutError struct {
// contains filtered or unexported fields
}
NetworkInterfaceDetachedTimeoutError is returned when we time out waiting for a network interface to be detached.
func (NetworkInterfaceDetachedTimeoutError) Error ¶ added in v0.6.5
func (err NetworkInterfaceDetachedTimeoutError) Error() string
type NoPeerCertificatesError ¶ added in v0.5.3
type NoPeerCertificatesError struct {
URL string
}
NoPeerCertificatesError is returned when we couldn't find any TLS peer certificates for the provided URL.
func (NoPeerCertificatesError) Error ¶ added in v0.5.3
func (err NoPeerCertificatesError) Error() string
type PartialOIDCConfig ¶ added in v0.5.3
type PartialOIDCConfig struct {
JwksURI string `json:"jwks_uri"`
}
type Thumbprint ¶ added in v0.5.3
type Thumbprint struct {
Thumbprint string `json:"thumbprint"`
}
func GetOIDCThumbprint ¶ added in v0.5.3
func GetOIDCThumbprint(issuerURL string) (*Thumbprint, error)
GetOIDCThumbprint will retrieve the thumbprint of the root CA for the OIDC Provider identified by the issuer URL. This is done by first looking up the domain where the keys are provided, and then looking up the TLS certificate chain for that domain.
type UnsupportedEKSVersion ¶ added in v0.6.1
type UnsupportedEKSVersion struct {
// contains filtered or unexported fields
}
UnsupportedEKSVersion is returned when the Kubernetes version of the EKS cluster is not supported.
func (UnsupportedEKSVersion) Error ¶ added in v0.6.1
func (err UnsupportedEKSVersion) Error() string