feat(eks): alb controller include versions 2.4.2 - 2.5.1 #25330
Conversation
Signed-off-by: Francis <colifran@3c22fbbba690.ant.amazon.com>
Signed-off-by: Francis <colifran@3c22fbbba690.ant.amazon.com>
Signed-off-by: Francis <colifran@3c22fbbba690.ant.amazon.com>
…nstead of v2.4.4 Signed-off-by: Francis <colifran@3c22fbbba690.ant.amazon.com>
…ion and updated snapshots from integ testing Signed-off-by: Francis <colifran@3c22fbbba690.ant.amazon.com>
Signed-off-by: Francis <colifran@3c22fbbba690.ant.amazon.com>
|
|
github-actions
bot
added
effort/small
There was a problem hiding this comment.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.
Signed-off-by: Francis <colifran@3c22fbbba690.ant.amazon.com>
colifran
changed the title
colifran
changed the title
colifran
changed the title
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
packages/@aws-cdk-testing/framework-integ/test/aws-eks/test/integ.alb-controller.ts
Show resolved
Hide resolved
packages/aws-cdk-lib/aws-eks/lib/addons/alb-iam_policy-v2.4.2.json
Outdated
Show resolved
Hide resolved
Signed-off-by: Francis <colifran@amazon.com>
kaizencc
changed the title
There was a problem hiding this comment.
Lets give until Monday for @iliapolo to take a look, because I do find it weird to have a different policy per version and I didn't have time to investigate further.
In the meantime, I think the PR description could use an update (and note that users could specify these versions on their own via the AlbControllerVersion.of() method so we're not actually denying any uses these versions atm.
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
There was a problem hiding this comment.
These changes may not be enough to support version 2.5.0 and above. The release notes mention incompatibilities with deployment manifests from previous versions.
| /** | ||
| * v2.5.1 | ||
| */ | ||
| public static readonly V2_5_1 = new AlbControllerVersion('v2.5.1', false); |
There was a problem hiding this comment.
I have tried using .of('v2.5.1') with a custom policy. It is able to deploy, however, the pods cannot start up because they don't have the required permissions for the K8s Lease API that were added in version 1.5.0 of the helm chart. I would suggest adding an extra constructor parameter for the chart version. The appropriate chart can then be picked per ALB version instead of the hardcoded 1.4.1.
There was a problem hiding this comment.
Thanks for catching this! I will work on addressing it.
There was a problem hiding this comment.
Because of this, it's not good enough to default helm version to 1.4.1 everywhere. That would mean that if someone wanted to do this:
new AlbController(this, 'blah', {
version: AlbControllerVersion.V2_5_1,
});Somewhere along the line it would fail because it's not compatible with helm 1.4.1. So we'd force the user to have to do something like:
new AlbController(this, 'blah', {
version: AlbControllerVersion.V2_5_1,
helmChart: HelmChartVersion.V1_5_0,
});Even though we know what helm chart version would be compatible. So we should be able to add the default in for the user.
In practice that means that we add a prop to the constructor of AlbControllerVersion called helmChartVersion.
class AlbControllerVersion {
public static readonly V2_5_1 = new AlbControllerVersion('v2.5.1', HelmChartVersion.V1.5.0, false);
private constructor(public readonly version: string, public readonly helmChart, public readonly custom: boolean) {}
}
// where we need it, we can do
props.albControllerVersion.helmChart;None of this should be a breaking change since the constructor for AlbContrllerVersion is private
There was a problem hiding this comment.
Thanks, Kaizen. This makes sense. I've what I think are the necessary updates for the AlbControllerVersion class to support the addition of helmChartVersion in the constructor
… AlbControllerProps interface Signed-off-by: Francis <colifran@amazon.com>
Signed-off-by: Francis <colifran@amazon.com>
…and updated associated code - added helmChartVersion to alb-controller unit test Signed-off-by: Francis <colifran@amazon.com>
Signed-off-by: Francis <colifran@amazon.com>
Signed-off-by: Francis <colifran@amazon.com>
Signed-off-by: Francis <colifran@amazon.com>
Signed-off-by: Francis <colifran@amazon.com>
kaizencc
force-pushed
the
colifran/alb-controller-versions
branch
from
6389e5b to
9506b6f
Compare
Signed-off-by: Francis <colifran@amazon.com>
| /** | ||
| * The version of the helm chart to use. | ||
| */ | ||
| readonly helmChartVersion: HelmChartVersion; |
There was a problem hiding this comment.
adding this is a breaking change. It should be optional and default to 1.4.1 so that we dont break people
There was a problem hiding this comment.
Thanks for catching this - I've removed this and added it to the AlbControllerVersion constructor to allow this to support current users.
| @@ -67,5 +69,6 @@ test('throws when a policy is not defined for a custom version', () => { | |||
| expect(() => AlbController.create(stack, { | |||
| cluster, | |||
| version: AlbControllerVersion.of('custom'), | |||
| helmChartVersion: HelmChartVersion.V1_4_1, | |||
There was a problem hiding this comment.
having to add these here is the breaking change. once you make it optional, be sure to remove these
| /** | ||
| * v1.4.0 | ||
| */ | ||
| V1_4_0 = '1.4.0', |
There was a problem hiding this comment.
Anyone using these old versions of helm? I think we can get by with an enum-like class here too:
class HelmChartVersion {
public static V1_4_1 = new HelmChartVersion('1.4.1');
public static V1_5_1 = new HelmChartVersion('1.5.1');
public constructor(public version: string) {}
}Let people just specify their other versions I think
There was a problem hiding this comment.
Good point. I opted against using an enum-like class here though. I'm wondering if this would be too much abstraction for what would essentially just be a string? Instead, I decided to hard code the helm chart version for the static alb controller versions that create instances of the alb controller class similar to the already hard coded alb controller version that is passed to the constructor.
| /** | ||
| * v2.5.1 | ||
| */ | ||
| public static readonly V2_5_1 = new AlbControllerVersion('v2.5.1', false); |
There was a problem hiding this comment.
Because of this, it's not good enough to default helm version to 1.4.1 everywhere. That would mean that if someone wanted to do this:
new AlbController(this, 'blah', {
version: AlbControllerVersion.V2_5_1,
});Somewhere along the line it would fail because it's not compatible with helm 1.4.1. So we'd force the user to have to do something like:
new AlbController(this, 'blah', {
version: AlbControllerVersion.V2_5_1,
helmChart: HelmChartVersion.V1_5_0,
});Even though we know what helm chart version would be compatible. So we should be able to add the default in for the user.
In practice that means that we add a prop to the constructor of AlbControllerVersion called helmChartVersion.
class AlbControllerVersion {
public static readonly V2_5_1 = new AlbControllerVersion('v2.5.1', HelmChartVersion.V1.5.0, false);
private constructor(public readonly version: string, public readonly helmChart, public readonly custom: boolean) {}
}
// where we need it, we can do
props.albControllerVersion.helmChart;None of this should be a breaking change since the constructor for AlbContrllerVersion is private
…ue based on alb controller version - added helm chart version with 1.4.1 as default to static of method - reverted changes made to unit tests Signed-off-by: Francis <colifran@amazon.com>
Signed-off-by: Francis <colifran@amazon.com>
Signed-off-by: Francis <colifran@amazon.com>
…ion class Signed-off-by: Francis <colifran@amazon.com>
There was a problem hiding this comment.
@colifran one last thing. i think we need to add a unit test that tests that when you specify AlbControllerVersion.V2_5_1 you get the corresponding helm chart 1.5.2. That should be doable by looking through the properties of Custom::AWSCDK-EKS-HelmChart in the template.
You're doing this already in the integ test so its not like I think it won't succeed. I just think it's important to have a unit test for this actually new functionality you are adding.
…te based on selected alb controller version Signed-off-by: Francis <colifran@amazon.com>
Signed-off-by: Francis <colifran@amazon.com>
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
Motivation:
We should provide users with all available ALB controller versions for use with aws-eks. This change does not prohibit users from using previous ALB controller versions. Instead, this adds support for versions 2.4.2 - 2.5.1. Previous ALB controller versions can be specified by using the static "of" method as part of the AlbControllerVersion class, e.g., AlbControllerVersion.of().
Testing:
Updated existing ALB controller integrity test to use ALB controller version 2.5.1.
Closes #25307
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license