feat(ec2): network interface definitions for launch templates #29875
Conversation
…ations as part of Launch Template definitions
github-actions
bot
added
effort/medium
github-actions
bot
added
the
beginning-contributor
There was a problem hiding this comment.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
|
I do not know what the failing check is about. |
aws-cdk-automation
added
the
pr/needs-community-review
|
This PR cannot be merged because it has conflicts. Please resolve them. The PR will be considered stale and closed if it remains in an unmergeable state. |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
This seems to be overlapping in parts with #28901. If it would be accepted, I could update this PR to account for the new types etc. introduced by it. |
| @@ -763,7 +1019,7 @@ export class LaunchTemplate extends Resource implements ILaunchTemplate, iam.IGr | |||
| tagSpecifications: tagsToken, | |||
| userData: userDataToken, | |||
| metadataOptions: this.renderMetadataOptions(props), | |||
| networkInterfaces, | |||
| networkInterfaces: networkInterfaces ? synthesizeNetworkInterfaces(networkInterfaces) : undefined, | |||
There was a problem hiding this comment.
I think that if networkInterfaces is defined, we should not be providing anything in securityGroupIds. Since the options provided in securityGroupsToken are not used at all unless props.networkInterfaces is undefined and props.associatePublicIpAddress is defined
On line securityGroupIds: networkInterfaces ? undefined : securityGroupsToken, right above
There was a problem hiding this comment.
Would it be possible to also have unit tests in
that have cases for when different network interface options are provided and also a verification that whenprops.associatePublicIpAddress is incompatible with props.networkInterfaces, the correct error is thrown?
| /** | ||
| * One or more private IPv4 addresses. | ||
| * | ||
| * @default A random IP address is assigned from one of the subnets. |
There was a problem hiding this comment.
I was never able to figure out how these defaults are resolved since the AWS documentation doesn't have any info
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-privateipadd.html
PrivateIpAddresses
One or more private IPv4 addresses.
Required: No
Type: Array of [PrivateIpAdd](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-privateipadd.html)
Update requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)
|
Hi Pasi. Thanks for looking into this! I actually had the exact same issue #30891 as the one you're trying to solve. Your PR looks very similar to my local prototype with the differences being in how security group IDs are handled and how the unit tests are done. I was also not sure how AWS determines default behaviors when input fields are left undefined. Left comments on those parts. Nice work! |
|
Hi Pasi! I am wondering if this ticket is still being worked on, since I am very invested in getting launch templates to be more configurable |
This PR implements basic functionality for defining network interfaces as part of Launch Template.
Issue # (if applicable)
Fixes #14494
Reason for this change
Current Launch Template L2 is missing the ability to define multiple interfaces, their subnets etc. This functionality is required in advanced scenarios where instances need multiple public IP addresses or need to be multi-homed etc.
Description of changes
Multiple new types have been introduced in
packages/aws-cdk-lib/aws-ec2/lib/launch-template.ts. Many of them are just renamedextendsof theec2-generatedtypes. This made sense as the Cloudformation type definition is suitable, but I'm a bit uncertain if this violates the design requirement Do not “leak” the details or types of the CFN layer when defining your construct API.Main type is
NetworkInterfacewhich defines the attributes for the interfaces. Additional changes are inLaunchTemplateconstructor to accommodate the new functionality.README has been updated to include a simple usage example.
Description of how you validated changes
A single test has been added. I have also verified the implementation by creating stacks in different configurations and deployed them. There too many combinations to check them all, so only a subset has been tested, unfortunately.
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license