feat(eks): bundle kubectl, helm and awscli instead of SAR app #12129
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bundle the AWS Lambda layer zip bundle as part of the EKS module and upload as an asset to the destination account in order to remove the dependency on the [aws-lambda-layer-kubectl](https://github.com/aws-samples/aws-lambda-layer-kubectl) SAR app. The dependency on the SAR app introduces an operational and maintenance risk, and increases deploy time due to an additional nested stack introduced by SAR. This also ensures that the EKS module can be deployed to any environment, regardless of whether the SAR app is avaialble in that location. This change increases the module size by ~40MiB. Fixes #11874
|
|
github-actions
bot
added
the
@aws-cdk/aws-eks
nija-at
reviewed
Dec 17, 2020
iliapolo
reviewed
Dec 17, 2020
iliapolo
approved these changes
Dec 17, 2020
added 7 commits
December 21, 2020 20:27
pgollucci
reviewed
Dec 23, 2020
added 2 commits
December 23, 2020 21:14
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
eladb
pushed a commit
that referenced
this pull request
Dec 24, 2020
The change in #12129 accidentally deleted the unit tests for the s3-deployment lambda function. This change restores them. In order to allow tests to stub the `aws` CLI, I've added an environment variable TEST_AWSCLI_PATH. If it is defined, it will be determine the path to the CLI. Otherwise, `/opt/awscli/aws` will be used.
mergify bot
pushed a commit
that referenced
this pull request
Dec 24, 2020
The change in #12129 accidentally deleted the unit tests for the s3-deployment lambda function. This change restores them. Since tests are written in python, run them inside a docker image derived from public.ecr.aws/lambda/python. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
flochaz
pushed a commit
to flochaz/aws-cdk
that referenced
this pull request
Jan 5, 2021
) The EKS module uses the AWS CLI, `kubectl` and `helm` in order to interact with the Kubernetes cluster. These tools were consumed from a SAR app maintained by @pahud as an AWS Sample (see [repo](https://github.com/aws-samples/aws-lambda-layer-kubectl)). This dependency on sample code introduces an operational and maintenance risk and as part of productizing the EKS module, we need to break it. The dependency on SAR is not required, and adds a few unnecessary layers (a nested stack, SAR regional availability, etc). To that end, this change bundles the AWS CLI and the Kubernetes tools (`kubectl` and `helm`) into the AWS CDK. These layers are maintained in two new CDK modules called `@aws-cdk/lambda-layer-awscli` and `@aws-cdk/lambda-layer-kubectl` respectively. These are normal CDK modules that export a `lambda.LayerVersion` resource that can be mounted to any AWS Lambda function. Since the s3-deployment module also needs the AWS CLI (and bundles it), we now reuse the AWS CLI layer in there as well. Module sizes: - lambda-layer-awscli: 10MiB - lambda-layer-kubectl: 24MiB This change increases the total module size of the MonoCDK by 24MiB (10MiB are reused with s3-deployment which was already bundled). In the future we are planning to remove these bundles from the library and publish them externally so they can be consumed at deploy-time but this is out of scope for this PR (see aws/aws-cdk-rfcs#39). Resolves aws#11874 BREAKING CHANGE: the `@aws-cdk/eks.KubectlLayer` layer class has been moved to `@aws-cdk/lambda-layer-kubectl.KubectlLayer`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
flochaz
pushed a commit
to flochaz/aws-cdk
that referenced
this pull request
Jan 5, 2021
The change in aws#12129 accidentally deleted the unit tests for the s3-deployment lambda function. This change restores them. Since tests are written in python, run them inside a docker image derived from public.ecr.aws/lambda/python. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The EKS module uses the AWS CLI,
kubectlandhelmin order to interact with the Kubernetes cluster. These tools were consumed from a SAR app maintained by @pahud as an AWS Sample (see repo).This dependency on sample code introduces an operational and maintenance risk and as part of productizing the EKS module, we need to break it. The dependency on SAR is not required, and adds a few unnecessary layers (a nested stack, SAR regional availability, etc).
To that end, this change bundles the AWS CLI and the Kubernetes tools (
kubectlandhelm) into the AWS CDK. These layers are maintained in two new CDK modules called@aws-cdk/lambda-layer-awscliand@aws-cdk/lambda-layer-kubectlrespectively. These are normal CDK modules that export alambda.LayerVersionresource that can be mounted to any AWS Lambda function.Since the s3-deployment module also needs the AWS CLI (and bundles it), we now reuse the AWS CLI layer in there as well.
Module sizes:
This change increases the total module size of the MonoCDK by 24MiB (10MiB are reused with s3-deployment which was already bundled). In the future we are planning to remove these bundles from the library and publish them externally so they can be consumed at deploy-time but this is out of scope for this PR (see aws/aws-cdk-rfcs#39).
Resolves #11874
BREAKING CHANGE: the
@aws-cdk/eks.KubectlLayerlayer class has been moved to@aws-cdk/lambda-layer-kubectl.KubectlLayer.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license