Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add AL2023 launch template task #488

Merged
merged 1 commit into from
Feb 26, 2025
Merged

Add AL2023 launch template task #488

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
85 changes: 85 additions & 0 deletions tests/assets/eks_node_group_launch_template_al2023.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Create a launch template for use in an autoscaling group of EKS nodes
(Amazon Linux 2023)
Parameters:
LaunchTemplateName:
Type: String
Description: Name of the Launch Template
ClusterName:
Type: String
Description: Name of the Cluster
SSHKeyName:
Type: String
Description: SSH Key Name for EC2 instances
APIServerEndpoint:
Type: String
Description: Kubernetes API Server Endpoint
CertificateAuthority:
Type: String
Description: Certificate Authority data (base64 encoded)
ClusterCIDR:
Type: String
Description: CIDR for cluster (IP range for pods)
KubeletConfig:
Type: String
Description: Kubelet config JSON (will be merged with default config)
Default: '{}'
AMI:
Type: String
Description: Launch template ImageId value, which may be an AMI ID or resolve:ssm reference.
Default: ''
Conditions:
AMIProvided:
!Not [!Equals [!Ref AMI, '']]
Resources:
LaunchTemplate:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateName:
Ref: LaunchTemplateName
LaunchTemplateData:
KeyName:
Ref: SSHKeyName
BlockDeviceMappings:
- DeviceName: "/dev/xvda"
Ebs:
VolumeSize: 40
VolumeType: gp3
MetadataOptions:
HttpPutResponseHopLimit: 2
HttpEndpoint: enabled
HttpTokens: required
ImageId:
!If
- AMIProvided
- !Ref AMI
- !Ref "AWS::NoValue"
UserData:
Fn::Base64:
Fn::Sub: |
Content-Type: multipart/mixed; boundary="BOUNDARY"
MIME-Version: 1.0

--BOUNDARY
Content-Type: application/node.eks.aws
MIME-Version: 1.0

---
apiVersion: node.eks.aws/v1alpha1
kind: NodeConfig
spec:
cluster:
name: ${ClusterName}
apiServerEndpoint: ${APIServerEndpoint}
certificateAuthority: ${CertificateAuthority}
cidr: ${ClusterCIDR}
kubelet:
config: ${KubeletConfig}

--BOUNDARY--
Outputs:
LaunchTemplateName:
Description: Name of the Node Group Launch Template
Value:
Ref: LaunchTemplate
97 changes: 97 additions & 0 deletions tests/tasks/setup/eks/awscli-cfn-lt-al2023.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: awscli-eks-cfn-launch-template-al2023
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we merge this task with already existing task ?

Majority of the stuff is a repeat like this and this ?

wdyt ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't feel too strongly either way, I went this route because I didn't think combining them would actually be much cleaner. We'd need a new parameter to indicate the "type" of ng-cfn-url that was passed, which is kind of clunky. I'd like to actually use this task in a pipeline before I try to fold it into the existing stuff, in case the params need to change, etc.

namespace: scalability
spec:
description: |
Create an EKS CFN stack to output a launch template for AL2023-based nodes.
This Task can be used to create an EKS CFN stack that outputs a launch template.
The launch template may be used for a managed nodegroup with or without a custom AMI.
params:
- name: cluster-name
description: EKS cluster you want to create CFN stack for.
- name: stack-name
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can avoid this param and leverage cluster-name ? Usually we try to pass as less params as possible in pipeline def. wdyt ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The intention was for this to be a drop-in replacement for the existing LT task, so if this is removed I think it should be done in a later PR

description: Stack name you want to spin.
- name: region
default: "us-west-2"
description: The region where the cluster is in.
- name: kubernetes-version
default: "1.32"
description: The EKS version to install.
- name: ng-cfn-url
description: The url of the CFN YAML/JSON to create CFN stack for NG launch template
- name: endpoint
default: ""
- name: kubelet-config
default: "{}"
description: "Kubelet config JSON (will be merged with default config)"
- name: ami
default: ""
description: The AMI ID (or SSM parameter) to use for the launch template. If not provided, the launch template will not specify an AMI.
workspaces:
- name: config
mountPath: /config/
stepTemplate:
env:
- name: KUBECONFIG
value: /config/kubeconfig
steps:
- name: create-launch-template
image: alpine/k8s:1.23.7
script: |
set -o xtrace
set -o errexit
set -o pipefail

ENDPOINT_FLAG=""
if [ -n "$(params.endpoint)" ]; then
ENDPOINT_FLAG="--endpoint $(params.endpoint)"
fi

curl -s $(params.ng-cfn-url) -o ./amazon-ng-cfn

SSH_KEY_NAME=scaletest-nodegroups-ssh-key
if [[ "$(aws ec2 --region "$(params.region)" describe-key-pairs --key-names "$SSH_KEY_NAME" --query 'KeyPairs[0].KeyName' --output text)" == "$SSH_KEY_NAME" ]]; then
echo "KeyPair '$SSH_KEY_NAME' already exists."
else
echo "KeyPair not found. Creating a new keypair."
# Given these are temp nodes, outputting key for devs to copy it to use for debugging
#ToDo - store it in s3 for devs to download it.
aws ec2 create-key-pair --region $(params.region) --key-name $SSH_KEY_NAME --query 'KeyMaterial' --output text
fi

aws eks describe-cluster --name $(params.cluster-name) --region $(params.region) --output json > cluster.json

launch_template_name=$(params.cluster-name)-launchTemplate
STACK_NAME=$(params.stack-name)
STACK_STATUS=$(aws cloudformation describe-stacks --query 'Stacks[?StackName==`'${STACK_NAME}'`].StackStatus' --output text --region $(params.region))

# assemble the stack parameters as a JSON file
# the AWS CLI can't handle a JSON string as a ParameterValue in the flag representation
# and we need that for kubelet-config
jq --null-input \
--arg LaunchTemplateName "${launch_template_name}" \
--arg ClusterName "$(params.cluster-name)" \
--arg SSHKeyName "${SSH_KEY_NAME}" \
--arg APIServerEndpoint "$(jq -r .cluster.endpoint cluster.json)" \
--arg ClusterCIDR "$(jq -r .cluster.kubernetesNetworkConfig.serviceIpv4Cidr cluster.json)" \
--arg CertificateAuthority "$(jq -r .cluster.certificateAuthority.data cluster.json)" \
--arg KubeletConfig '$(params.kubelet-config)' \
--arg AMI "$(params.ami)" \
'$ARGS.named | to_entries | map({"ParameterKey": .key, "ParameterValue": .value})' \
> parameters.json

if [[ "$STACK_STATUS" == "" ]]; then
aws cloudformation create-stack \
--stack-name $STACK_NAME \
--template-body file://$(pwd)/amazon-ng-cfn \
--parameters file://$(pwd)/parameters.json \
--region $(params.region)

aws cloudformation wait stack-create-complete --stack-name $STACK_NAME --region $(params.region)
echo "CREATED_CFN_STACK=$STACK_NAME"
else
echo "$STACK_NAME Already exists"
fi
Loading