FargateCluster

class aws_cdk.aws_eks.FargateCluster(scope, id, *, default_profile=None, cluster_name=None, core_dns_compute_type=None, masters_role=None, output_cluster_name=None, output_config_command=None, output_masters_role_arn=None, role=None, security_group=None, version=None, vpc=None, vpc_subnets=None)

Bases: aws_cdk.aws_eks.Cluster

Defines an EKS cluster that runs entirely on AWS Fargate.

The cluster is created with a default Fargate Profile that matches the “default” and “kube-system” namespaces. You can add additional profiles using addFargateProfile.

stability :stability: experimental

__init__(scope, id, *, default_profile=None, cluster_name=None, core_dns_compute_type=None, masters_role=None, output_cluster_name=None, output_config_command=None, output_masters_role_arn=None, role=None, security_group=None, version=None, vpc=None, vpc_subnets=None)
Parameters
  • scope (Construct) –

  • id (str) –

  • default_profile (Optional[FargateProfileOptions]) – Fargate Profile to create along with the cluster. Default: - A profile called “default” with ‘default’ and ‘kube-system’ selectors will be created if this is left undefined.

  • cluster_name (Optional[str]) – Name for the cluster. Default: - Automatically generated name

  • core_dns_compute_type (Optional[CoreDnsComputeType]) – Controls the “eks.amazonaws.com/compute-type” annotation in the CoreDNS configuration on your cluster to determine which compute type to use for CoreDNS. Default: CoreDnsComputeType.EC2 (for FargateCluster the default is FARGATE)

  • masters_role (Optional[IRole]) – An IAM role that will be added to the system:masters Kubernetes RBAC group. Default: - By default, it will only possible to update this Kubernetes system by adding resources to this cluster via addResource or by defining KubernetesResource resources in your AWS CDK app. Use this if you wish to grant cluster administration privileges to another role.

  • output_cluster_name (Optional[bool]) – Determines whether a CloudFormation output with the name of the cluster will be synthesized. Default: false

  • output_config_command (Optional[bool]) – Determines whether a CloudFormation output with the aws eks update-kubeconfig command will be synthesized. This command will include the cluster name and, if applicable, the ARN of the masters IAM role. Default: true

  • output_masters_role_arn (Optional[bool]) – Determines whether a CloudFormation output with the ARN of the “masters” IAM role will be synthesized (if mastersRole is specified). Default: false

  • role (Optional[IRole]) – Role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Default: - A role is automatically created for you

  • security_group (Optional[ISecurityGroup]) – Security Group to use for Control Plane ENIs. Default: - A security group is automatically created

  • version (Optional[str]) – The Kubernetes version to run in the cluster. Default: - If not supplied, will use Amazon default version

  • vpc (Optional[IVpc]) – The VPC in which to create the Cluster. Default: - a VPC with default configuration will be created and can be accessed through cluster.vpc.

  • vpc_subnets (Optional[List[SubnetSelection]]) – Where to place EKS Control Plane ENIs. If you want to create public load balancers, this must include public subnets. For example, to only select private subnets, supply the following:: vpcSubnets: [ { subnetType: ec2.SubnetType.Private } ] Default: - All public and private subnets

stability :stability: experimental

Return type

None

Methods

add_auto_scaling_group(auto_scaling_group, *, bootstrap_enabled=None, bootstrap_options=None, map_role=None)

Add compute capacity to this EKS cluster in the form of an AutoScalingGroup.

The AutoScalingGroup must be running an EKS-optimized AMI containing the /etc/eks/bootstrap.sh script. This method will configure Security Groups, add the right policies to the instance role, apply the right tags, and add the required user data to the instance’s launch configuration.

Spot instances will be labeled lifecycle=Ec2Spot and tainted with PreferNoSchedule. If kubectl is enabled, the spot interrupt handler daemon will be installed on all spot instances to handle EC2 Spot Instance Termination Notices.

Prefer to use addCapacity if possible.

Parameters
  • auto_scaling_group (AutoScalingGroup) – [disable-awslint:ref-via-interface].

  • bootstrap_enabled (Optional[bool]) – Configures the EC2 user-data script for instances in this autoscaling group to bootstrap the node (invoke /etc/eks/bootstrap.sh) and associate it with the EKS cluster. If you wish to provide a custom user data script, set this to false and manually invoke autoscalingGroup.addUserData(). Default: true

  • bootstrap_options (Optional[BootstrapOptions]) – Allows options for node bootstrapping through EC2 user data. Default: - default options

  • map_role (Optional[bool]) – Will automatically update the aws-auth ConfigMap to map the IAM instance role to RBAC. This cannot be explicitly set to true if the cluster has kubectl disabled. Default: - true if the cluster has kubectl enabled (which is the default).

see :see: https://docs.aws.amazon.com/eks/latest/userguide/launch-workers.html stability :stability: experimental

Return type

None

add_capacity(id, *, instance_type, bootstrap_enabled=None, bootstrap_options=None, map_role=None, allow_all_outbound=None, associate_public_ip_address=None, cooldown=None, desired_capacity=None, health_check=None, ignore_unmodified_size_properties=None, key_name=None, max_capacity=None, min_capacity=None, notifications_topic=None, replacing_update_min_successful_instances_percent=None, resource_signal_count=None, resource_signal_timeout=None, rolling_update_configuration=None, spot_price=None, update_type=None, vpc_subnets=None)

Add nodes to this EKS cluster.

The nodes will automatically be configured with the right VPC and AMI for the instance type and Kubernetes version.

Spot instances will be labeled lifecycle=Ec2Spot and tainted with PreferNoSchedule. If kubectl is enabled, the spot interrupt handler daemon will be installed on all spot instances to handle EC2 Spot Instance Termination Notices.

Parameters
  • id (str) –

  • instance_type (InstanceType) – Instance type of the instances to start.

  • bootstrap_enabled (Optional[bool]) – Configures the EC2 user-data script for instances in this autoscaling group to bootstrap the node (invoke /etc/eks/bootstrap.sh) and associate it with the EKS cluster. If you wish to provide a custom user data script, set this to false and manually invoke autoscalingGroup.addUserData(). Default: true

  • bootstrap_options (Optional[BootstrapOptions]) – EKS node bootstrapping options. Default: - none

  • map_role (Optional[bool]) – Will automatically update the aws-auth ConfigMap to map the IAM instance role to RBAC. This cannot be explicitly set to true if the cluster has kubectl disabled. Default: - true if the cluster has kubectl enabled (which is the default).

  • allow_all_outbound (Optional[bool]) – Whether the instances can initiate connections to anywhere by default. Default: true

  • associate_public_ip_address (Optional[bool]) – Whether instances in the Auto Scaling Group should have public IP addresses associated with them. Default: - Use subnet setting.

  • cooldown (Optional[Duration]) – Default scaling cooldown for this AutoScalingGroup. Default: Duration.minutes(5)

  • desired_capacity (Union[int, float, None]) – Initial amount of instances in the fleet. If this is set to a number, every deployment will reset the amount of instances to this number. It is recommended to leave this value blank. Default: minCapacity, and leave unchanged during deployment

  • health_check (Optional[HealthCheck]) – Configuration for health checks. Default: - HealthCheck.ec2 with no grace period

  • ignore_unmodified_size_properties (Optional[bool]) – If the ASG has scheduled actions, don’t reset unchanged group sizes. Only used if the ASG has scheduled actions (which may scale your ASG up or down regardless of cdk deployments). If true, the size of the group will only be reset if it has been changed in the CDK app. If false, the sizes will always be changed back to what they were in the CDK app on deployment. Default: true

  • key_name (Optional[str]) – Name of SSH keypair to grant access to instances. Default: - No SSH access will be possible.

  • max_capacity (Union[int, float, None]) – Maximum number of instances in the fleet. Default: desiredCapacity

  • min_capacity (Union[int, float, None]) – Minimum number of instances in the fleet. Default: 1

  • notifications_topic (Optional[ITopic]) – SNS topic to send notifications about fleet changes. Default: - No fleet change notifications will be sent.

  • replacing_update_min_successful_instances_percent (Union[int, float, None]) – Configuration for replacing updates. Only used if updateType == UpdateType.ReplacingUpdate. Specifies how many instances must signal success for the update to succeed. Default: minSuccessfulInstancesPercent

  • resource_signal_count (Union[int, float, None]) – How many ResourceSignal calls CloudFormation expects before the resource is considered created. Default: 1

  • resource_signal_timeout (Optional[Duration]) – The length of time to wait for the resourceSignalCount. The maximum value is 43200 (12 hours). Default: Duration.minutes(5)

  • rolling_update_configuration (Optional[RollingUpdateConfiguration]) – Configuration for rolling updates. Only used if updateType == UpdateType.RollingUpdate. Default: - RollingUpdateConfiguration with defaults.

  • spot_price (Optional[str]) – The maximum hourly price (in USD) to be paid for any Spot Instance launched to fulfill the request. Spot Instances are launched when the price you specify exceeds the current Spot market price. Default: none

  • update_type (Optional[UpdateType]) – What to do when an AutoScalingGroup’s instance configuration is changed. This is applied when any of the settings on the ASG are changed that affect how the instances should be created (VPC, instance type, startup scripts, etc.). It indicates how the existing instances should be replaced with new instances matching the new config. By default, nothing is done and only new instances are launched with the new config. Default: UpdateType.None

  • vpc_subnets (Optional[SubnetSelection]) – Where to place instances within the VPC. Default: - All Private subnets.

stability :stability: experimental

Return type

AutoScalingGroup

add_chart(id, *, chart, namespace=None, release=None, repository=None, values=None, version=None, wait=None)

Defines a Helm chart in this cluster.

Parameters
  • id (str) – logical id of this chart.

  • chart (str) – The name of the chart.

  • namespace (Optional[str]) – The Kubernetes namespace scope of the requests. Default: default

  • release (Optional[str]) – The name of the release. Default: - If no release name is given, it will use the last 53 characters of the node’s unique id.

  • repository (Optional[str]) – The repository which contains the chart. For example: https://kubernetes-charts.storage.googleapis.com/ Default: - No repository will be used, which means that the chart needs to be an absolute URL.

  • values (Optional[Mapping[str, Any]]) – The values to be used by the chart. Default: - No values are provided to the chart.

  • version (Optional[str]) – The chart version to install. Default: - If this is not specified, the latest version is installed

  • wait (Optional[bool]) – Whether or not Helm should wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state before marking the release as successful. Default: - Helm will not wait before marking release as successful

return :rtype: HelmChart :return: a HelmChart object

stability :stability: experimental throws: :throws:: If kubectlEnabled is false

add_fargate_profile(id, *, selectors, fargate_profile_name=None, pod_execution_role=None, subnet_selection=None, vpc=None)

Adds a Fargate profile to this cluster.

Parameters
  • id (str) – the id of this profile.

  • selectors (List[Selector]) – The selectors to match for pods to use this Fargate profile. Each selector must have an associated namespace. Optionally, you can also specify labels for a namespace. At least one selector is required and you may specify up to five selectors.

  • fargate_profile_name (Optional[str]) – The name of the Fargate profile. Default: - generated

  • pod_execution_role (Optional[IRole]) – The pod execution role to use for pods that match the selectors in the Fargate profile. The pod execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. Default: - a role will be automatically created

  • subnet_selection (Optional[SubnetSelection]) – Select which subnets to launch your pods into. At this time, pods running on Fargate are not assigned public IP addresses, so only private subnets (with no direct route to an Internet Gateway) are allowed. Default: - all private subnets of the VPC are selected.

  • vpc (Optional[IVpc]) – The VPC from which to select subnets to launch your pods into. By default, all private subnets are selected. You can customize this using subnetSelection. Default: - all private subnets used by theEKS cluster

see :see: https://docs.aws.amazon.com/eks/latest/userguide/fargate-profile.html stability :stability: experimental

Return type

FargateProfile

add_resource(id, *manifest)

Defines a Kubernetes resource in this cluster.

The manifest will be applied/deleted using kubectl as needed.

Parameters
  • id (str) – logical id of this manifest.

  • manifest (Any) – a list of Kubernetes resource specifications.

return :rtype: KubernetesResource :return: a KubernetesResource object.

stability :stability: experimental throws: :throws:: If kubectlEnabled is false

to_string()

Returns a string representation of this construct.

Return type

str

Attributes

aws_auth

Lazily creates the AwsAuth resource, which manages AWS authentication mapping.

stability :stability: experimental

Return type

AwsAuth

cluster_arn

The AWS generated ARN for the Cluster resource.

stability :stability: experimental

Example:

# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
arn:aws:eks:us-west-2666666666666cluster / prod
Return type

str

cluster_certificate_authority_data

The certificate-authority-data for your cluster.

stability :stability: experimental

Return type

str

cluster_endpoint

The endpoint URL for the Cluster.

This is the URL inside the kubeconfig file to use with kubectl

stability :stability: experimental

Example:

# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
https:
Return type

str

cluster_name

The Name of the created EKS Cluster.

stability :stability: experimental

Return type

str

connections

Manages connection rules (Security Group Rules) for the cluster.

stability :stability: experimental memberof: :memberof:: Cluster type: :type:: {ec2.Connections}

Return type

Connections

default_capacity

The auto scaling group that hosts the default capacity for this cluster.

This will be undefined if the default capacity is set to 0.

stability :stability: experimental

Return type

Optional[AutoScalingGroup]

kubectl_enabled

Indicates if kubectl related operations can be performed on this cluster.

stability :stability: experimental

Return type

bool

node

The construct tree node associated with this construct.

Return type

ConstructNode

role

IAM role assumed by the EKS Control Plane.

stability :stability: experimental

Return type

IRole

stack

The stack in which this resource is defined.

Return type

Stack

vpc

The VPC in which this Cluster was created.

stability :stability: experimental

Return type

IVpc

Static Methods

classmethod from_cluster_attributes(scope, id, *, cluster_arn, cluster_certificate_authority_data, cluster_endpoint, cluster_name, security_groups, vpc)

Import an existing cluster.

Parameters
  • scope (Construct) – the construct scope, in most cases ‘this’.

  • id (str) – the id or name to import as.

  • cluster_arn (str) – The unique ARN assigned to the service by AWS in the form of arn:aws:eks:.

  • cluster_certificate_authority_data (str) – The certificate-authority-data for your cluster.

  • cluster_endpoint (str) – The API Server endpoint URL.

  • cluster_name (str) – The physical name of the Cluster.

  • security_groups (List[ISecurityGroup]) – The security groups associated with this cluster.

  • vpc (IVpc) – The VPC in which this Cluster was created.

stability :stability: experimental

Return type

ICluster

classmethod is_construct(x)

Return whether the given object is a Construct.

Parameters

x (Any) –

Return type

bool