eks: Add EKS Auto Mode support to Cluster L2 construct #32364
Labels
@aws-cdk/aws-eks
Related to Amazon Elastic Kubernetes Service
effort/small
Small work item – less than a day of effort
feature-request
A feature should be added or improved.
p1
Comments
zjaco13
added
feature-request
github-actions
bot
added
the
@aws-cdk/aws-eks
khushail
added
investigating
|
Hi @zjaco13 , thanks for staying on top of the AWS cloudformation updates for EKS. Looks like its supported by cloudformation, so should be feasible to have support by CDK as well. Contributions are welcome. |
khushail
added
effort/small
|
@khushail |
|
@Issacwww , cloudformation docs mention about supporting this property- and in the resource specification doc, you can also see this as mentioned - https://d1uauaxba7bl26.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json 
Hopefully docs would reflect the latest changes in next cadence. Hope that helps! |
|
Ah, Thanks for confirming, @khushail, makes sense if just doc delay, I will try the latest cdk version |
|
Is it possible to use an escape hatch to modify the L1 construct from the L2 construct for an EKS Cluster? I am trying: const cfnCluster = cluster.node.defaultChild as eks.CfnCluster
cfnCluster.computeConfig = {
enabled: true,
nodePools: ["system"],
nodeRoleArn: nodeRole.roleArn,
}But that is not working, maybe due to #18620. Is the |
1 task
|
Requires JavaScript SDK >= 3.703.0 and latest CloudFormation schema |
1 task
|
This issue has received a significant amount of attention so we are automatically upgrading its priority. A member of the community will see the re-prioritization and provide an update on the issue. |
1 task
This was referenced Jan 1, 2025
|
hi, any update on that PR ? |
|
run into a blocker during the test, we are discussing internally for a solution. cc @xazhao |
|
Hey @Issacwww , do know if we could have an ETA on this? |
|
Hi All, The PR from @Issacwww is currently blocked because the Lambda built-in SDK is outdated. The outdated SDK doesn't support the new EKS Auto Mode feature. The lambda team is working on updating the SDK and it's expected to be done by mid Feb. Once that is done, we can resume working on the PR. |
|
We're also working on the new EKS V2 module which uses native CFN resource instead of API to create the cluster. Auto Mode will be added to that module later. Also escape hatch should work in that module. |
|
Great. Would there be a migration plan from aws_eks.Cluster to the V2? |
8 tasks
mergify bot
pushed a commit
that referenced
this issue
Feb 25, 2025
### Issue # (if applicable) Address #32364 in aws-eks-v2-alpha. For EKS Auto Mode, all required configs, including `computeConfig`, `kubernetesNetworkConfig`, and `blockStorage` are managed through the `defaultCapacityType` enum. When set to `DefaultCapacityType.AUTOMODE` (which is the default), these configurations are automatically enabled. The `Cluster` construct in aws-eks-v2-alpha enables EKS Auto Mode by default, managing compute resources through node pools instead of creating default capacity or nodegroups. Users can still opt-in to traditional nodegroup management by setting `defaultCapacityType` to `NODEGROUP` or `EC2`. User Experience: ```ts // Default usage - Auto Mode enabled by default new eks.Cluster(this, 'hello-eks', { vpc, version: eks.KubernetesVersion.V1_32, kubectlProviderOptions: { kubectlLayer: new KubectlV32Layer(this, 'kubectl'), }, // Auto Mode is enabled by default, no need to specify anything }); // Explicit Auto Mode configuration new eks.Cluster(this, 'hello-eks', { vpc, version: eks.KubernetesVersion.V1_32, kubectlProviderOptions: { kubectlLayer: new KubectlV32Layer(this, 'kubectl'), }, defaultCapacityType: eks.DefaultCapacityType.AUTOMODE, // Optional, this is default compute: { nodePools: ['system', 'general-purpose'], // Optional, these are default values nodeRole: customRole, // Optional, custom IAM role for nodes } }); ``` ### Update Summary - [x] EKS Auto Mode is the default mode for `Cluster` construct in V2. When enabled: - Automatically manages compute resources through node pools - Enables elastic load balancing in Kubernetes networking - Enables block storage configuration - Will not create `defaultCapacity` as a `NODEGROUP`(major difference from aws-eks module) - [x] Node pools are case-sensitive and must be "system" and/or "general-purpose" - [x] Auto Mode can coexist with manually added node groups for hybrid deployments - [x] Required IAM policies are automatically attached - [x] Restore the `outputConfigCommand` support previously in `aws-eks` module - [x] integration test - [x] unit tests ### Description of how you validated changes On deploy the autoMode enabled cluster using the code above. ```sh % kubectl create deployment nginx --image=nginx % kubectl get events --sort-by='.lastTimestamp' ``` ``` 20m Normal Nominated pod/nginx-5869d7778c-52pzg Pod should schedule on: nodeclaim/general-purpose-87brc 20m Normal Launched nodeclaim/general-purpose-87brc Status condition transitioned, Type: Launched, Status: Unknown -> True, Reason: Launched 20m Normal DisruptionBlocked nodeclaim/general-purpose-87brc Nodeclaim does not have an associated node 19m Normal NodeHasSufficientPID node/i-0322e9d8dd1b95a51 Node i-0322e9d8dd1b95a51 status is now: NodeHasSufficientPID 19m Normal NodeAllocatableEnforced node/i-0322e9d8dd1b95a51 Updated Node Allocatable limit across pods 19m Normal NodeReady node/i-0322e9d8dd1b95a51 Node i-0322e9d8dd1b95a51 status is now: NodeReady 19m Normal Ready node/i-0322e9d8dd1b95a51 Status condition transitioned, Type: Ready, Status: False -> True, Reason: KubeletReady, Message: kubelet is posting ready status 19m Normal Synced node/i-0322e9d8dd1b95a51 Node synced successfully 19m Normal NodeHasNoDiskPressure node/i-0322e9d8dd1b95a51 Node i-0322e9d8dd1b95a51 status is now: NodeHasNoDiskPressure 19m Normal NodeHasSufficientMemory node/i-0322e9d8dd1b95a51 Node i-0322e9d8dd1b95a51 status is now: NodeHasSufficientMemory 19m Warning InvalidDiskCapacity node/i-0322e9d8dd1b95a51 invalid capacity 0 on image filesystem 19m Normal Starting node/i-0322e9d8dd1b95a51 Starting kubelet. 19m Normal Registered nodeclaim/general-purpose-87brc Status condition transitioned, Type: Registered, Status: Unknown -> True, Reason: Registered 19m Normal Ready nodeclaim/general-purpose-87brc Status condition transitioned, Type: Ready, Status: Unknown -> True, Reason: Ready 19m Normal Initialized nodeclaim/general-purpose-87brc Status condition transitioned, Type: Initialized, Status: Unknown -> True, Reason: Initialized 19m Normal RegisteredNode node/i-0322e9d8dd1b95a51 Node i-0322e9d8dd1b95a51 event: Registered Node i-0322e9d8dd1b95a51 in Controller 19m Normal DisruptionBlocked node/i-0322e9d8dd1b95a51 Node is nominated for a pending pod 19m Normal Scheduled pod/nginx-5869d7778c-52pzg Successfully assigned default/nginx-5869d7778c-52pzg to i-0322e9d8dd1b95a51 19m Warning FailedCreatePodSandBox pod/nginx-5869d7778c-52pzg Failed to create pod sandbox: rpc error: code = Unknown desc = failed to setup network for sandbox "9bd199c61bd9e93437b10a85af3ddc6965888e01bda96706e153b9e9852f67af": plugin type="aws-cni" name="aws-cni" failed (add): add cmd: Error received from AddNetwork gRPC call: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing: dial tcp 127.0.0.1:50051: connect: connection refused" 19m Normal Pulling pod/nginx-5869d7778c-52pzg Pulling image "nginx" 19m Normal Pulled pod/nginx-5869d7778c-52pzg Successfully pulled image "nginx" in 2.307s (2.307s including waiting). Image size: 72188133 bytes. 19m Normal Created pod/nginx-5869d7778c-52pzg Created container: nginx 19m Normal Started pod/nginx-5869d7778c-52pzg Started container nginx ``` verify the nodes and pods ```sh % kubectl get no NAME STATUS ROLES AGE VERSION i-0322e9d8dd1b95a51 Ready <none> 21m v1.32.0-eks-2e66e76 % kubectl get po NAME READY STATUS RESTARTS AGE nginx-5869d7778c-52pzg 1/1 Running 0 90m ``` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ### References eksctl YAML experience ```yaml # cluster.yaml apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: my-auto-cluster region: us-west-2 autoModeConfig: # defaults to false enabled: true # optional, defaults to [general-purpose, system] # suggested to leave unspecified nodePools: []string # optional, eksctl creates a new role if this is not supplied # and nodePools are present nodeRoleARN: string ``` Terraform experience: ```hcl provider "aws" { region = "us-east-1" } module "eks" { source = "terraform-aws-modules/eks/aws" cluster_name = "eks-auto-mode-cluster" cluster_version = "1.27" vpc_id = "<your-vpc-id>" subnet_ids = ["<subnet-id-1>", "<subnet-id-2>"] cluster_compute_config = { enabled = true node_pools = ["general-purpose"] # Default pool for Auto Mode } bootstrap_self_managed_addons = true } ``` Pulumi experience ```ts import * as pulumi from "@pulumi/pulumi"; import * as aws from "@pulumi/aws"; // Create EKS cluster with Auto Mode enabled const cluster = new aws.eks.Cluster("example", { name: "example", version: "1.31", bootstrapSelfManagedAddons: false, // Required: Must be false for Auto Mode computeConfig: { enabled: true, // Enable Auto Mode compute nodePools: ["general-purpose"], }, kubernetesNetworkConfig: { elasticLoadBalancing: { enabled: true, // Required for Auto Mode }, }, storageConfig: { blockStorage: { enabled: true, // Required for Auto Mode }, }, }); ``` ### Links - https://aws.amazon.com/about-aws/whats-new/2024/12/amazon-eks-auto-mode/ - https://aws.amazon.com/eks/auto-mode/ - https://aws.amazon.com/blogs/aws/streamline-kubernetes-cluster-management-with-new-amazon-eks-auto-mode/ ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the feature
AWS Announced EKS Auto Mode on Dec 1st, enabling customers to fully automate cluster management for compute, storage, and networking. The CloudFormation changes for EKS Auto Mode enablement are adding a ComputeConfig field in the
Clusterresource. Supporting this field would enable customers to easily create EKS Auto Mode or enable it on existing clusters.Use Case
Create/Enable EKS Auto Mode on new or existing clusters for fully automated cluster management.
Proposed Solution
Add support for the
ComputeConfigField to the EKS Cluster L2 constructOther Information
No response
Acknowledgements
CDK version used
2.171.1
Environment details (OS name and version, etc.)
mac OS Sonoma 14.7.1
The text was updated successfully, but these errors were encountered: