More static templates, no CloudFormation runtime parameters

eksctl-io · Sep 14, 2018 · 3fb07c9 · 3fb07c9
1 parent 380f187
commit 3fb07c9
Show file tree

Hide file tree

Showing 7 changed files with 35 additions and 54 deletions.
diff --git a/pkg/cfn/builder/api.go b/pkg/cfn/builder/api.go
@@ -18,10 +18,6 @@ const (
 	fnGetAtt      = "Fn::GetAtt"
 	fnImportValue = "Fn::ImportValue"
 
-	ParamClusterName      = "ClusterName"
-	ParamClusterStackName = cfnOutputClusterStackName
-	ParamNodeGroupID      = "NodeGroupID"
-
 	clusterTemplateDescription                = "EKS cluster"
 	clusterTemplateDescriptionDefaultFeatures = " (with dedicated VPC & IAM role) "
 

diff --git a/pkg/cfn/builder/cluster.go b/pkg/cfn/builder/cluster.go
@@ -61,7 +61,7 @@ func (c *clusterResourceSet) newResource(name string, resource interface{}) *gfn
 
 func (c *clusterResourceSet) addResourcesForControlPlane(version string) {
 	c.newResource("ControlPlane", &gfn.AWSEKSCluster{
-		Name:    c.rs.newStringParameter(ParamClusterName, ""),
+		Name:    gfn.NewString(c.spec.ClusterName),
 		RoleArn: gfn.NewStringIntrinsic(fnGetAtt, "ServiceRole.Arn"),
 		Version: gfn.NewString(version),
 		ResourcesVpcConfig: &gfn.AWSEKSCluster_ResourcesVpcConfig{

diff --git a/pkg/cfn/builder/nodegroup.go b/pkg/cfn/builder/nodegroup.go
@@ -11,10 +11,6 @@ import (
 	"github.com/weaveworks/eksctl/pkg/nodebootstrap"
 )
 
-const (
-	nodeGroupNameFmt = "${ClusterName}-${NodeGroupID}"
-)
-
 var (
 	clusterOwnedTag = gfn.Tag{
 		Key:   makeSub("kubernetes.io/cluster/${ClusterName}"),
@@ -24,12 +20,15 @@ var (
 
 type nodeGroupResourceSet struct {
 	rs               *resourceSet
+	id               int
 	spec             *api.ClusterConfig
-	clusterStackName *gfn.StringIntrinsic
+	clusterStackName string
+	nodeGroupName    string
 	instanceProfile  *gfn.StringIntrinsic
 	securityGroups   []*gfn.StringIntrinsic
 	vpc              *gfn.StringIntrinsic
 	userData         *gfn.StringIntrinsic
+	clusterOwnedTag  gfn.Tag
 }
 
 type awsCloudFormationResource struct {
@@ -38,10 +37,13 @@ type awsCloudFormationResource struct {
 	UpdatePolicy map[string]map[string]string
 }
 
-func NewNodeGroupResourceSet(spec *api.ClusterConfig) *nodeGroupResourceSet {
+func NewNodeGroupResourceSet(spec *api.ClusterConfig, clusterStackName string, id int) *nodeGroupResourceSet {
 	return &nodeGroupResourceSet{
-		rs:   newResourceSet(),
-		spec: spec,
+		rs:               newResourceSet(),
+		id:               id,
+		clusterStackName: clusterStackName,
+		nodeGroupName:    fmt.Sprintf("%s-%d", spec.ClusterName, id),
+		spec:             spec,
 	}
 }
 
@@ -50,7 +52,7 @@ func (n *nodeGroupResourceSet) AddAllResources() error {
 	n.rs.template.Description += nodeGroupTemplateDescriptionDefaultFeatures
 	n.rs.template.Description += templateDescriptionSuffix
 
-	n.vpc = makeImportValue(ParamClusterStackName, cfnOutputClusterVPC)
+	n.vpc = makeImportValue(n.clusterStackName, cfnOutputClusterVPC)
 
 	userData, err := nodebootstrap.NewUserDataForAmazonLinux2(n.spec)
 	if err != nil {
@@ -108,12 +110,12 @@ func (n *nodeGroupResourceSet) addResourcesForNodeGroup() {
 			"VPCZoneIdentifier": map[string][]interface{}{
 				fnSplit: []interface{}{
 					",",
-					makeImportValue(ParamClusterStackName, cfnOutputClusterSubnets),
+					makeImportValue(n.clusterStackName, cfnOutputClusterSubnets),
 				},
 			},
 			"Tags": []map[string]interface{}{
-				{"Key": "Name", "Value": makeSub(nodeGroupNameFmt + "-Node"), "PropagateAtLaunch": "true"},
-				{"Key": makeSub("kubernetes.io/cluster/${ClusterName}"), "Value": "owned", "PropagateAtLaunch": "true"},
+				{"Key": "Name", "Value": fmt.Sprintf("%s-Node", n.nodeGroupName), "PropagateAtLaunch": "true"},
+				{"Key": "kubernetes.io/cluster/" + n.spec.ClusterName, "Value": "owned", "PropagateAtLaunch": "true"},
 			},
 		},
 		UpdatePolicy: map[string]map[string]string{

diff --git a/pkg/cfn/builder/outputs.go b/pkg/cfn/builder/outputs.go
@@ -14,17 +14,12 @@ import (
 	"github.com/kubicorn/kubicorn/pkg/logger"
 )
 
-// exportName defines common format for exported outputs
-func exportName(prefix, output string) string {
-	return fmt.Sprintf("${%s}::%s", prefix, output)
-}
-
 // newOutput defines a new output and optionally exports it
 func (r *resourceSet) newOutput(name string, value interface{}, export bool) {
 	o := map[string]interface{}{"Value": value}
 	if export {
 		o["Export"] = map[string]map[string]string{
-			"Name": map[string]string{fnSub: exportName(awsStackName, name)},
+			"Name": map[string]string{fnSub: fmt.Sprintf("${%s}::%s", awsStackName, name)},
 		}
 	}
 	r.template.Outputs[name] = o
@@ -42,8 +37,8 @@ func (r *resourceSet) newOutputFromAtt(name, att string, export bool) {
 }
 
 // makeImportValue imports output of another stack
-func makeImportValue(prefix, output string) *gfn.StringIntrinsic {
-	return gfn.NewStringIntrinsic(fnImportValue, makeSub(exportName(prefix, output)))
+func makeImportValue(stackName, output string) *gfn.StringIntrinsic {
+	return gfn.NewStringIntrinsic(fnImportValue, fmt.Sprintf("%s::%s", stackName, output))
 }
 
 // setOutput is the entrypoint that validates destination object

diff --git a/pkg/cfn/builder/vpc.go b/pkg/cfn/builder/vpc.go
@@ -62,7 +62,7 @@ func (c *clusterResourceSet) addResourcesForVPC(globalCIDR *net.IPNet, subnets m
 }
 
 func (n *nodeGroupResourceSet) addResourcesForSecurityGroups() {
-	desc := "worker nodes in group " + nodeGroupNameFmt
+	desc := "worker nodes in group " + n.nodeGroupName
 
 	tcp := gfn.NewString("tcp")
 	anywhereIPv4 := gfn.NewString("0.0.0.0/0")
@@ -75,42 +75,45 @@ func (n *nodeGroupResourceSet) addResourcesForSecurityGroups() {
 		nodeMaxPort = 65535
 	)
 
-	refCP := makeImportValue(ParamClusterStackName, cfnOutputClusterSecurityGroup)
+	refCP := makeImportValue(n.clusterStackName, cfnOutputClusterSecurityGroup)
 	refSG := n.newResource("SG", &gfn.AWSEC2SecurityGroup{
-		VpcId:            makeImportValue(ParamClusterStackName, cfnOutputClusterVPC),
-		GroupDescription: makeSub("Communication between the control plane and " + desc),
-		Tags:             []gfn.Tag{clusterOwnedTag},
+		VpcId:            makeImportValue(n.clusterStackName, cfnOutputClusterVPC),
+		GroupDescription: gfn.NewString("Communication between the control plane and " + desc),
+		Tags: []gfn.Tag{{
+			Key:   gfn.NewString("kubernetes.io/cluster/" + n.spec.ClusterName),
+			Value: gfn.NewString("owned"),
+		}},
 	})
 	n.securityGroups = []*gfn.StringIntrinsic{refSG}
 
 	n.newResource("IngressInterSG", &gfn.AWSEC2SecurityGroupIngress{
 		GroupId:               refSG,
 		SourceSecurityGroupId: refSG,
-		Description:           makeSub("Allow " + desc + " to communicate with each other (all ports)"),
+		Description:           gfn.NewString("Allow " + desc + " to communicate with each other (all ports)"),
 		IpProtocol:            gfn.NewString("-1"),
 		FromPort:              0,
 		ToPort:                nodeMaxPort,
 	})
 	n.newResource("IngressInterCluster", &gfn.AWSEC2SecurityGroupIngress{
 		GroupId:               refSG,
 		SourceSecurityGroupId: refCP,
-		Description:           makeSub("Allow " + desc + " to communicate with control plane (kubelet and workload TCP ports)"),
+		Description:           gfn.NewString("Allow " + desc + " to communicate with control plane (kubelet and workload TCP ports)"),
 		IpProtocol:            tcp,
 		FromPort:              nodeMinPort,
 		ToPort:                nodeMaxPort,
 	})
 	n.newResource("EgressInterCluster", &gfn.AWSEC2SecurityGroupEgress{
 		GroupId:                    refCP,
 		DestinationSecurityGroupId: refSG,
-		Description:                makeSub("Allow " + desc + " to communicate with control plane (kubelet and workload TCP ports)"),
+		Description:                gfn.NewString("Allow " + desc + " to communicate with control plane (kubelet and workload TCP ports)"),
 		IpProtocol:                 tcp,
 		FromPort:                   nodeMinPort,
 		ToPort:                     nodeMaxPort,
 	})
 	n.newResource("IngressInterClusterCP", &gfn.AWSEC2SecurityGroupIngress{
 		GroupId:               refCP,
 		SourceSecurityGroupId: refSG,
-		Description:           makeSub("Allow control plane to recieve API requests from " + desc),
+		Description:           gfn.NewString("Allow control plane to recieve API requests from " + desc),
 		IpProtocol:            tcp,
 		FromPort:              apiPort,
 		ToPort:                apiPort,
@@ -119,15 +122,15 @@ func (n *nodeGroupResourceSet) addResourcesForSecurityGroups() {
 		n.newResource("SSHIPv4", &gfn.AWSEC2SecurityGroupIngress{
 			GroupId:     refSG,
 			CidrIp:      anywhereIPv4,
-			Description: makeSub("Allow SSH access to " + desc),
+			Description: gfn.NewString("Allow SSH access to " + desc),
 			IpProtocol:  tcp,
 			FromPort:    sshPort,
 			ToPort:      sshPort,
 		})
 		n.newResource("SSHIPv6", &gfn.AWSEC2SecurityGroupIngress{
 			GroupId:     refSG,
 			CidrIpv6:    anywhereIPv6,
-			Description: makeSub("Allow SSH access to " + desc),
+			Description: gfn.NewString("Allow SSH access to " + desc),
 			IpProtocol:  tcp,
 			FromPort:    sshPort,
 			ToPort:      sshPort,

diff --git a/pkg/cfn/manager/cluster.go b/pkg/cfn/manager/cluster.go
@@ -10,12 +10,6 @@ func (c *StackCollection) makeClusterStackName() string {
 	return "eksctl-" + c.spec.ClusterName + "-cluster"
 }
 
-func (c *StackCollection) makeClusterStackParams() map[string]string {
-	return map[string]string{
-		builder.ParamClusterName: c.spec.ClusterName,
-	}
-}
-
 func (c *StackCollection) CreateCluster(errs chan error) error {
 	name := c.makeClusterStackName()
 	logger.Info("creating cluster stack %q", name)
@@ -24,7 +18,7 @@ func (c *StackCollection) CreateCluster(errs chan error) error {
 		return err
 	}
 
-	return c.CreateStack(name, stack, c.makeClusterStackParams(), errs)
+	return c.CreateStack(name, stack, nil, errs)
 }
 
 func (c *StackCollection) DeleteCluster() error {

diff --git a/pkg/cfn/manager/nodegroup.go b/pkg/cfn/manager/nodegroup.go
@@ -11,30 +11,21 @@ import (
 func (c *StackCollection) makeNodeGroupStackName(sequence int) string {
 	return fmt.Sprintf("eksctl-%s-nodegroup-%d", c.spec.ClusterName, sequence)
 }
-
-func (c *StackCollection) makeNodeGroupParams(sequence int) map[string]string {
-	return map[string]string{
-		builder.ParamClusterName:      c.spec.ClusterName,
-		builder.ParamClusterStackName: c.spec.ClusterStackName,
-		builder.ParamNodeGroupID:      fmt.Sprintf("%d", sequence),
-	}
-}
-
 func (c *StackCollection) CreateInitialNodeGroup(errs chan error) error {
 	return c.CreateNodeGroup(0, errs)
 }
 
 func (c *StackCollection) CreateNodeGroup(seq int, errs chan error) error {
 	name := c.makeNodeGroupStackName(seq)
 	logger.Info("creating nodegroup stack %q", name)
-	stack := builder.NewNodeGroupResourceSet(c.spec)
+	stack := builder.NewNodeGroupResourceSet(c.spec, c.makeClusterStackName(), seq)
 	if err := stack.AddAllResources(); err != nil {
 		return err
 	}
 
 	c.tags = append(c.tags, newTag(NodeGroupTagID, fmt.Sprintf("%d", seq)))
 
-	return c.CreateStack(name, stack, c.makeNodeGroupParams(seq), errs)
+	return c.CreateStack(name, stack, nil, errs)
 }
 
 func (c *StackCollection) DeleteNodeGroup() error {