Merge pull request aws-samples#3 from aws-samples/feature/acm-integration

Feature/acm integration

Author: shapirov103

bin/main.ts

@@ -3,19 +3,23 @@ import * as cdk from '@aws-cdk/core';
 
 const app = new cdk.App();
 
+import NginxIngressConstruct from '../lib/nginx-ingress-construct';
+new NginxIngressConstruct(app, 'nginx');
+
+
 //-------------------------------------------
 // Single Cluster with multiple teams.
 //-------------------------------------------
 
-import MultiTeamConstruct from '../lib/multi-team-construct'
+import MultiTeamConstruct from '../lib/multi-team-construct';
 new MultiTeamConstruct(app, 'multi-team');
 
 
 //-------------------------------------------
 // Multiple clusters, multiple regions.
 //-------------------------------------------
 
-import MultiRegionConstruct from '../lib/multi-region-construct'
+import MultiRegionConstruct from '../lib/multi-region-construct';
 new MultiRegionConstruct().buildAsync(app, 'multi-region').catch(() => {
     console.log("Multi region pattern is not setup due to missing secrets for GitHub access and ArgoCD admin pwd.");
 });
@@ -25,7 +29,7 @@ new MultiRegionConstruct().buildAsync(app, 'multi-region').catch(() => {
 // Single Fargate cluster.
 //-------------------------------------------
 
-import FargateConstruct from '../lib/fargate-construct'
+import FargateConstruct from '../lib/fargate-construct';
 new FargateConstruct(app, 'fargate');
 
 
@@ -47,18 +51,16 @@ else {
 // Single cluster with Bottlerocket nodes.
 //-------------------------------------------
 
-import BottleRocketConstruct from '../lib/bottlerocket-construct'
+import BottleRocketConstruct from '../lib/bottlerocket-construct';
 new BottleRocketConstruct(app, 'bottlerocket');
 
 
 //-------------------------------------------
 // Single cluster with custom configuration.
 //-------------------------------------------
 
-import CustomClusterConstruct from '../lib/custom-cluster-construct'
+import CustomClusterConstruct from '../lib/custom-cluster-construct';
 new CustomClusterConstruct(app, 'custom-cluster');
 
-import ScratchpadConstruct from '../lib/scratchpad'
-new ScratchpadConstruct(app, 'scratchpad');
-
-
+import ScratchpadConstruct from '../lib/scratchpad';
+new ScratchpadConstruct(app, 'scratchpad');

lib/bottlerocket-construct/index.ts

@@ -1,11 +1,14 @@
 import * as cdk from '@aws-cdk/core';
 
 // SSP Lib
-import * as ssp from '@shapirov/cdk-eks-blueprint'
+import * as ssp from '@aws-quickstart/ssp-amazon-eks'
 
 // Team implementations
 import * as team from '../teams'
 
+import * as eks from '@aws-cdk/aws-eks';
+import { AwsLoadBalancerControllerAddOn } from '@aws-quickstart/ssp-amazon-eks';
+
 export default class BottlerocketConstruct extends cdk.Construct {
     constructor(scope: cdk.Construct, id: string) {
         super(scope, id);
@@ -17,20 +20,24 @@ export default class BottlerocketConstruct extends cdk.Construct {
 
         // AddOns for the cluster.
         const addOns: Array<ssp.ClusterAddOn> = [
+            new AwsLoadBalancerControllerAddOn,
             new ssp.NginxAddOn,
             new ssp.ArgoCDAddOn,
             new ssp.CalicoAddOn,
             new ssp.MetricsServerAddOn,
             new ssp.ContainerInsightsAddOn,
         ];
 
-        const stackID = `${id}-blueprint`
-        const clusterProvider = new ssp.BottlerocketClusterProvider()
+        const stackID = `${id}-blueprint`;
+        const clusterProvider = new ssp.AsgClusterProvider({
+            version: eks.KubernetesVersion.V1_20,
+            machineImageType:  eks.MachineImageType.BOTTLEROCKET
+         });
         new ssp.EksBlueprint(scope, { id: stackID, teams, addOns, clusterProvider }, {
             env: {
                 region: 'us-east-1'
             }
-        })
+        });
     }
 }
 

lib/custom-cluster-construct/index.ts

@@ -2,10 +2,11 @@ import * as cdk from '@aws-cdk/core';
 import * as ec2 from '@aws-cdk/aws-ec2';
 import * as eks from '@aws-cdk/aws-eks';
 // SSP Lib
-import * as ssp from '@shapirov/cdk-eks-blueprint'
+import * as ssp from '@aws-quickstart/ssp-amazon-eks'
 
 // Team implementations
 import * as team from '../teams'
+import { AwsLoadBalancerControllerAddOn } from '@aws-quickstart/ssp-amazon-eks';
 
 
 export default class CustomClusterConstruct extends cdk.Construct {
@@ -19,21 +20,23 @@ export default class CustomClusterConstruct extends cdk.Construct {
 
         // AddOns for the cluster.
         const addOns: Array<ssp.ClusterAddOn> = [
+            new AwsLoadBalancerControllerAddOn,
+            
             new ssp.NginxAddOn,
             new ssp.ArgoCDAddOn,
             new ssp.CalicoAddOn,
             new ssp.MetricsServerAddOn,
             new ssp.ContainerInsightsAddOn,
         ];
 
-        const clusterProps: ssp.EC2ProviderClusterProps = {
-            version: eks.KubernetesVersion.V1_19,
+        const clusterProps: ssp.MngClusterProviderProps = {
+            version: eks.KubernetesVersion.V1_20,
             instanceTypes: [new ec2.InstanceType('t3.large')],
             amiType: eks.NodegroupAmiType.AL2_X86_64
         }
 
         const stackID = `${id}-blueprint`
-        const clusterProvider = new ssp.EC2ClusterProvider(clusterProps);
+        const clusterProvider = new ssp.MngClusterProvider(clusterProps);
         new ssp.EksBlueprint(scope, { id: stackID, teams, addOns, clusterProvider });
     }
 }

lib/fargate-construct/index.ts

@@ -1,7 +1,7 @@
 import * as cdk from '@aws-cdk/core';
 import * as eks from '@aws-cdk/aws-eks';
 // SSP Lib
-import * as ssp from '@shapirov/cdk-eks-blueprint'
+import * as ssp from '@aws-quickstart/ssp-amazon-eks'
 
 // Team implementations
 import * as team from '../teams'
@@ -17,9 +17,7 @@ export default class FargateConstruct extends cdk.Construct {
 
             // AddOns for the cluster.
             const addOns: Array<ssp.ClusterAddOn> = [
-                new ssp.NginxAddOn,
-                new ssp.ArgoCDAddOn,
-                new ssp.CalicoAddOn,
+                new ssp.ArgoCDAddOn
             ];
 
             // TODO - what is with dynatrace?
@@ -28,7 +26,10 @@ export default class FargateConstruct extends cdk.Construct {
             ]);
 
             const stackID = `${id}-blueprint`
-            const clusterProvider = new ssp.FargateClusterProvider(fargateProfiles)
+            const clusterProvider = new ssp.FargateClusterProvider({
+                fargateProfiles,
+                version: eks.KubernetesVersion.V1_20
+            })
             new ssp.EksBlueprint(scope, { id: stackID, teams, addOns, clusterProvider }, {
                 env: {
                     region: 'us-east-1'

lib/multi-region-construct/index.ts

@@ -1,9 +1,9 @@
 import * as cdk from '@aws-cdk/core';
 
 // SSP Lib
-import * as ssp from '@shapirov/cdk-eks-blueprint';
+import * as ssp from '@aws-quickstart/ssp-amazon-eks';
 
-import { getSecretValue } from '@shapirov/cdk-eks-blueprint/dist/utils/secrets-manager-utils';
+import { getSecretValue } from '@aws-quickstart/ssp-amazon-eks/dist/utils/secrets-manager-utils';
 
 // Team implementations
 import * as team from '../teams'
@@ -37,7 +37,7 @@ export default class MultiRegionConstruct {
 
         const blueprint = ssp.EksBlueprint.builder()
             .account(process.env.CDK_DEFAULT_ACCOUNT!)
-            .addons(new ssp.NginxAddOn,
+            .addOns(new ssp.NginxAddOn,
                 new ssp.CalicoAddOn,
                 new ssp.MetricsServerAddOn,
                 new ssp.ClusterAutoScalerAddOn,
@@ -74,15 +74,15 @@ export default class MultiRegionConstruct {
         });
 
         const east1 = await blueprint.clone('us-east-1')
-            .addons(devBootstrapArgo)
+            .addOns(devBootstrapArgo)
             .buildAsync(scope,  `${id}-us-east-1`);
 
         const east2 = await blueprint.clone('us-east-2')
-            .addons(testBootstrapArgo)
+            .addOns(testBootstrapArgo)
             .buildAsync(scope, `${id}-us-east-2`);
 
         const west2 = await blueprint.clone('us-west-2')
-            .addons(prodBootstrapArgo)
+            .addOns(prodBootstrapArgo)
             .buildAsync(scope, `${id}-us-west-2`);
 
         return [ east1, east2, west2 ];

lib/multi-team-construct/index.ts

@@ -1,7 +1,8 @@
 import * as cdk from '@aws-cdk/core';
 
 // SSP Lib
-import * as ssp from '@shapirov/cdk-eks-blueprint'
+import * as ssp from '@aws-quickstart/ssp-amazon-eks'
+import { AwsLoadBalancerControllerAddOn } from '@aws-quickstart/ssp-amazon-eks';
 
 // Team implementations
 import * as team from '../teams'
@@ -25,6 +26,7 @@ export default class MultiTeamConstruct extends cdk.Construct {
         // AddOns for the cluster.
         const addOns: Array<ssp.ClusterAddOn> = [
             new ssp.AppMeshAddOn,
+            new AwsLoadBalancerControllerAddOn,
             new ssp.NginxAddOn,
             new ssp.ArgoCDAddOn,
             new ssp.CalicoAddOn,

lib/nginx-ingress-construct/index.ts

@@ -0,0 +1,84 @@
+import * as cdk from '@aws-cdk/core';
+
+// SSP Lib
+import * as ssp from '@aws-quickstart/ssp-amazon-eks'
+
+//TODO import * as iam from '@aws-cdk/aws-iam';
+// import * as route53 from '@aws-cdk/aws-route53';
+
+
+// Team implementations
+import * as team from '../teams'
+import { valueFromContext } from '@aws-quickstart/ssp-amazon-eks/dist/utils/context-utils';
+import { EksBlueprint, GlobalResources } from '@aws-quickstart/ssp-amazon-eks';
+import MultiRegionConstruct from '../multi-region-construct';
+
+const accountID = process.env.CDK_DEFAULT_ACCOUNT!;
+const gitUrl = 'https://github.com/aws-samples/ssp-eks-workloads.git';
+
+
+
+export default class NginxIngressConstruct extends cdk.Construct {
+
+    constructor(scope: cdk.Construct, id: string) {
+        super(scope, id);
+        // Teams for the cluster.
+        const teams: Array<ssp.Team> = [
+            new team.TeamPlatform(accountID),
+            new team.TeamTroiSetup,
+            new team.TeamRikerSetup,
+            new team.TeamBurnhamSetup(scope)
+        ];
+
+        const subdomain : string = valueFromContext(scope, "dev.subzone.name", "dev.some.example.com");
+        const parentDnsAccountId = this.node.tryGetContext("parent.dns.account")!;
+        const parentDomain = valueFromContext(this, "parent.hostedzone.name", "some.example.com");
+
+        EksBlueprint.builder()
+            .account(process.env.CDK_DEFAULT_ACCOUNT)
+            .region('us-west-2')
+            .teams(...teams)
+            .resourceProvider(GlobalResources.HostedZone, new ssp.DelegatingHostedZoneProvider({
+                parentDomain,
+                subdomain, 
+                parentDnsAccountId,
+                delegatingRoleName: 'DomainOperatorRole', 
+                wildcardSubdomain: true
+            }))
+            .resourceProvider(GlobalResources.Certificate, new ssp.CreateCertificateProvider('wildcard-cert', `*.${subdomain}`, GlobalResources.HostedZone))
+            .addOns(new ssp.CalicoAddOn,
+                new ssp.AwsLoadBalancerControllerAddOn,
+                new ssp.addons.ExternalDnsAddon({
+                    hostedZoneResources: [GlobalResources.HostedZone] // you can add more if you register resource providers
+                }),
+                new ssp.NginxAddOn({ 
+                    internetFacing: true, 
+                    backendProtocol: "tcp", 
+                    externalDnsHostname: subdomain, 
+                    crossZoneEnabled: false, 
+                    certificateResourceName: GlobalResources.Certificate,
+                    values: {
+                        controller: {
+                            service: {
+                                httpsPort: {
+                                    targetPort: "http"
+                                }
+                            }
+                        }
+                    }
+                }),
+                new ssp.ArgoCDAddOn( {
+                    bootstrapRepo: {
+                        repoUrl: gitUrl,
+                        targetRevision: "deployable",
+                        path: 'envs/dev'
+                    },
+                    adminPasswordSecretName: MultiRegionConstruct.SECRET_ARGO_ADMIN_PWD,
+                }),
+                new ssp.MetricsServerAddOn,
+                new ssp.ClusterAutoScalerAddOn,
+                new ssp.ContainerInsightsAddOn )
+            .build(scope, `${id}-blueprint`);
+    }
+}
+

lib/pipeline-stack/index.ts

@@ -2,7 +2,8 @@ import * as cdk from '@aws-cdk/core';
 import { StackProps } from '@aws-cdk/core';
 
 // SSP Lib
-import * as ssp from '@shapirov/cdk-eks-blueprint'
+import * as ssp from '@aws-quickstart/ssp-amazon-eks'
+import { AwsLoadBalancerControllerAddOn } from '@aws-quickstart/ssp-amazon-eks';
 
 // Team implementations
 import * as team from '../teams'
@@ -15,7 +16,9 @@ export default class PipelineConstruct extends cdk.Construct {
         const blueprint = ssp.EksBlueprint.builder()
             .account(account) // the supplied default will fail, but build and synth will pass
             .region('us-west-1')
-            .addons(new ssp.NginxAddOn,
+            .addOns(
+                new AwsLoadBalancerControllerAddOn, 
+                new ssp.NginxAddOn,
                 new ssp.ArgoCDAddOn,
                 new ssp.CalicoAddOn,
                 new ssp.MetricsServerAddOn,
@@ -29,15 +32,18 @@ export default class PipelineConstruct extends cdk.Construct {
             .repository({
                 repoUrl: 'ssp-eks-patterns',
                 credentialsSecretName: 'github-token',
-                branch: 'feature/usage-tracking'
+                branch: 'main'
             })
             .stage({
                 id: 'us-west-1-managed-ssp',
                 stackBuilder: blueprint.clone('us-west-1')
             })
             .stage({
                 id: 'us-east-2-managed-ssp',
-                stackBuilder: blueprint.clone('us-east-2')
+                stackBuilder: blueprint.clone('us-east-2'),
+                stageProps: {
+                    manualApprovals: true
+                }
             })
             .build(scope, "ssp-pipeline-stack", props);
     }

lib/scratchpad/index.ts

@@ -2,8 +2,8 @@ import * as cdk from '@aws-cdk/core';
 import {KubernetesVersion}  from '@aws-cdk/aws-eks';
 
 // SSP Lib
-import * as ssp from '@shapirov/cdk-eks-blueprint';
-import { EC2ClusterProvider } from '@shapirov/cdk-eks-blueprint';
+import * as ssp from '@aws-quickstart/ssp-amazon-eks';
+import { MngClusterProvider } from '@aws-quickstart/ssp-amazon-eks';
 
 
 export default class ScratchpadConstruct extends cdk.Construct {
@@ -19,7 +19,7 @@ export default class ScratchpadConstruct extends cdk.Construct {
 
         const stackID = `${id}-blueprint`;
 
-        const clusterProvider = new EC2ClusterProvider( {
+        const clusterProvider = new MngClusterProvider( {
             desiredSize: 3,
             maxSize: 3,
             version: KubernetesVersion.V1_20

lib/teams/team-burnham/index.ts

@@ -1,7 +1,7 @@
 import { ArnPrincipal } from '@aws-cdk/aws-iam';
 import { Construct } from '@aws-cdk/core';
 
-import { ApplicationTeam } from '@shapirov/cdk-eks-blueprint';
+import { ApplicationTeam } from '@aws-quickstart/ssp-amazon-eks';
 
 function getUserArns(scope: Construct, key: string): ArnPrincipal[] {
     const context: string = scope.node.tryGetContext(key);

lib/teams/team-platform/index.ts

@@ -1,6 +1,6 @@
 import { ArnPrincipal } from "@aws-cdk/aws-iam";
 
-import { PlatformTeam } from '@shapirov/cdk-eks-blueprint';
+import { PlatformTeam } from '@aws-quickstart/ssp-amazon-eks';
 
 export class TeamPlatform extends PlatformTeam {
     constructor(accountID: string) {