Cluster
- class aws_cdk.aws_eks_legacy.Cluster(scope, id, *, cluster_name=None, default_capacity=None, default_capacity_instance=None, kubectl_enabled=None, masters_role=None, output_cluster_name=None, output_config_command=None, output_masters_role_arn=None, role=None, security_group=None, version=None, vpc=None, vpc_subnets=None)
Bases:
Resource
(deprecated) A Cluster represents a managed Kubernetes Service (EKS).
This is a fully managed cluster of API Servers (control-plane) The user is still required to create the worker nodes.
- Stability:
deprecated
- Resource:
AWS::EKS::Cluster
- ExampleMetadata:
infused
Example:
# cluster: eks.Cluster # option 1: use a construct eks.HelmChart(self, "NginxIngress", cluster=cluster, chart="nginx-ingress", repository="https://helm.nginx.com/stable", namespace="kube-system" ) # or, option2: use `addChart` cluster.add_chart("NginxIngress", chart="nginx-ingress", repository="https://helm.nginx.com/stable", namespace="kube-system" )
(deprecated) Initiates an EKS Cluster with the supplied arguments.
- Parameters:
scope (
Construct
) – a Construct, most likely a cdk.Stack created.id (
str
)cluster_name (
Optional
[str
]) – (deprecated) Name for the cluster. Default: - Automatically generated namedefault_capacity (
Union
[int
,float
,None
]) – (deprecated) Number of instances to allocate as an initial capacity for this cluster. Instance type can be configured throughdefaultCapacityInstanceType
, which defaults tom5.large
. Usecluster.addCapacity
to add additional customized capacity. Set this to0
is you wish to avoid the initial capacity allocation. Default: 2default_capacity_instance (
Optional
[InstanceType
]) – (deprecated) The instance type to use for the default capacity. This will only be taken into account ifdefaultCapacity
is > 0. Default: m5.largekubectl_enabled (
Optional
[bool
]) – (deprecated) Allows definingkubectrl
-related resources on this cluster. If this is disabled, it will not be possible to use the following capabilities: -addResource
-addRoleMapping
-addUserMapping
-addMastersRole
andprops.mastersRole
If this is disabled, the cluster can only be managed by issuingkubectl
commands from a session that uses the IAM role/user that created the account. NOTE: changing this value will destoy the cluster. This is because a managable cluster must be created using an AWS CloudFormation custom resource which executes with an IAM role owned by the CDK app. Default: true The cluster can be managed by the AWS CDK application.masters_role (
Optional
[IRole
]) – (deprecated) An IAM role that will be added to thesystem:masters
Kubernetes RBAC group. Default: - By default, it will only possible to update this Kubernetes system by adding resources to this cluster viaaddResource
or by definingKubernetesResource
resources in your AWS CDK app. Use this if you wish to grant cluster administration privileges to another role.output_cluster_name (
Optional
[bool
]) – (deprecated) Determines whether a CloudFormation output with the name of the cluster will be synthesized. Default: falseoutput_config_command (
Optional
[bool
]) – (deprecated) Determines whether a CloudFormation output with theaws eks update-kubeconfig
command will be synthesized. This command will include the cluster name and, if applicable, the ARN of the masters IAM role. Default: trueoutput_masters_role_arn (
Optional
[bool
]) – (deprecated) Determines whether a CloudFormation output with the ARN of the “masters” IAM role will be synthesized (ifmastersRole
is specified). Default: falserole (
Optional
[IRole
]) – (deprecated) Role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. Default: - A role is automatically created for yousecurity_group (
Optional
[ISecurityGroup
]) – (deprecated) Security Group to use for Control Plane ENIs. Default: - A security group is automatically createdversion (
Optional
[str
]) – (deprecated) The Kubernetes version to run in the cluster. Default: - If not supplied, will use Amazon default versionvpc (
Optional
[IVpc
]) – (deprecated) The VPC in which to create the Cluster. Default: - a VPC with default configuration will be created and can be accessed throughcluster.vpc
.vpc_subnets (
Optional
[Sequence
[Union
[SubnetSelection
,Dict
[str
,Any
]]]]) – (deprecated) Where to place EKS Control Plane ENIs. If you want to create public load balancers, this must include public subnets. For example, to only select private subnets, supply the following:: const vpcSubnets = [ { subnetType: ec2.SubnetType.PRIVATE_WITH_NAT } ] Default: - All public and private subnets
- Stability:
deprecated
Methods
- add_auto_scaling_group(auto_scaling_group, *, bootstrap_enabled=None, bootstrap_options=None, map_role=None)
(deprecated) Add compute capacity to this EKS cluster in the form of an AutoScalingGroup.
The AutoScalingGroup must be running an EKS-optimized AMI containing the /etc/eks/bootstrap.sh script. This method will configure Security Groups, add the right policies to the instance role, apply the right tags, and add the required user data to the instance’s launch configuration.
Spot instances will be labeled
lifecycle=Ec2Spot
and tainted withPreferNoSchedule
. If kubectl is enabled, the spot interrupt handler daemon will be installed on all spot instances to handle EC2 Spot Instance Termination Notices.Prefer to use
addCapacity
if possible.- Parameters:
auto_scaling_group (
AutoScalingGroup
) – [disable-awslint:ref-via-interface].bootstrap_enabled (
Optional
[bool
]) – (deprecated) Configures the EC2 user-data script for instances in this autoscaling group to bootstrap the node (invoke/etc/eks/bootstrap.sh
) and associate it with the EKS cluster. If you wish to provide a custom user data script, set this tofalse
and manually invokeautoscalingGroup.addUserData()
. Default: truebootstrap_options (
Union
[BootstrapOptions
,Dict
[str
,Any
],None
]) – (deprecated) Allows options for node bootstrapping through EC2 user data.map_role (
Optional
[bool
]) – (deprecated) Will automatically update the aws-auth ConfigMap to map the IAM instance role to RBAC. This cannot be explicitly set totrue
if the cluster has kubectl disabled. Default: - true if the cluster has kubectl enabled (which is the default).
- See:
https://docs.aws.amazon.com/eks/latest/userguide/launch-workers.html
- Stability:
deprecated
- Return type:
None
- add_capacity(id, *, instance_type, bootstrap_enabled=None, bootstrap_options=None, map_role=None, allow_all_outbound=None, associate_public_ip_address=None, auto_scaling_group_name=None, block_devices=None, cooldown=None, desired_capacity=None, group_metrics=None, health_check=None, ignore_unmodified_size_properties=None, instance_monitoring=None, key_name=None, max_capacity=None, max_instance_lifetime=None, min_capacity=None, new_instances_protected_from_scale_in=None, notifications=None, notifications_topic=None, replacing_update_min_successful_instances_percent=None, resource_signal_count=None, resource_signal_timeout=None, rolling_update_configuration=None, signals=None, spot_price=None, termination_policies=None, update_policy=None, update_type=None, vpc_subnets=None)
(deprecated) Add nodes to this EKS cluster.
The nodes will automatically be configured with the right VPC and AMI for the instance type and Kubernetes version.
Spot instances will be labeled
lifecycle=Ec2Spot
and tainted withPreferNoSchedule
. If kubectl is enabled, the spot interrupt handler daemon will be installed on all spot instances to handle EC2 Spot Instance Termination Notices.- Parameters:
id (
str
)instance_type (
InstanceType
) – (deprecated) Instance type of the instances to start.bootstrap_enabled (
Optional
[bool
]) – (deprecated) Configures the EC2 user-data script for instances in this autoscaling group to bootstrap the node (invoke/etc/eks/bootstrap.sh
) and associate it with the EKS cluster. If you wish to provide a custom user data script, set this tofalse
and manually invokeautoscalingGroup.addUserData()
. Default: truebootstrap_options (
Union
[BootstrapOptions
,Dict
[str
,Any
],None
]) – (deprecated) EKS node bootstrapping options. Default: - nonemap_role (
Optional
[bool
]) – (deprecated) Will automatically update the aws-auth ConfigMap to map the IAM instance role to RBAC. This cannot be explicitly set totrue
if the cluster has kubectl disabled. Default: - true if the cluster has kubectl enabled (which is the default).allow_all_outbound (
Optional
[bool
]) – Whether the instances can initiate connections to anywhere by default. Default: trueassociate_public_ip_address (
Optional
[bool
]) – Whether instances in the Auto Scaling Group should have public IP addresses associated with them. Default: - Use subnet setting.auto_scaling_group_name (
Optional
[str
]) – The name of the Auto Scaling group. This name must be unique per Region per account. Default: - Auto generated by CloudFormationblock_devices (
Optional
[Sequence
[Union
[BlockDevice
,Dict
[str
,Any
]]]]) – Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes. Each instance that is launched has an associated root device volume, either an Amazon EBS volume or an instance store volume. You can use block device mappings to specify additional EBS volumes or instance store volumes to attach to an instance when it is launched. Default: - Uses the block device mapping of the AMIcooldown (
Optional
[Duration
]) – Default scaling cooldown for this AutoScalingGroup. Default: Duration.minutes(5)desired_capacity (
Union
[int
,float
,None
]) – Initial amount of instances in the fleet. If this is set to a number, every deployment will reset the amount of instances to this number. It is recommended to leave this value blank. Default: minCapacity, and leave unchanged during deploymentgroup_metrics (
Optional
[Sequence
[GroupMetrics
]]) – Enable monitoring for group metrics, these metrics describe the group rather than any of its instances. To report all group metrics useGroupMetrics.all()
Group metrics are reported in a granularity of 1 minute at no additional charge. Default: - no group metrics will be reportedhealth_check (
Optional
[HealthCheck
]) – Configuration for health checks. Default: - HealthCheck.ec2 with no grace periodignore_unmodified_size_properties (
Optional
[bool
]) – If the ASG has scheduled actions, don’t reset unchanged group sizes. Only used if the ASG has scheduled actions (which may scale your ASG up or down regardless of cdk deployments). If true, the size of the group will only be reset if it has been changed in the CDK app. If false, the sizes will always be changed back to what they were in the CDK app on deployment. Default: trueinstance_monitoring (
Optional
[Monitoring
]) – Controls whether instances in this group are launched with detailed or basic monitoring. When detailed monitoring is enabled, Amazon CloudWatch generates metrics every minute and your account is charged a fee. When you disable detailed monitoring, CloudWatch generates metrics every 5 minutes. Default: - Monitoring.DETAILEDkey_name (
Optional
[str
]) – Name of SSH keypair to grant access to instances. Default: - No SSH access will be possible.max_capacity (
Union
[int
,float
,None
]) – Maximum number of instances in the fleet. Default: desiredCapacitymax_instance_lifetime (
Optional
[Duration
]) – The maximum amount of time that an instance can be in service. The maximum duration applies to all current and future instances in the group. As an instance approaches its maximum duration, it is terminated and replaced, and cannot be used again. You must specify a value of at least 604,800 seconds (7 days). To clear a previously set value, leave this property undefined. Default: nonemin_capacity (
Union
[int
,float
,None
]) – Minimum number of instances in the fleet. Default: 1new_instances_protected_from_scale_in (
Optional
[bool
]) – Whether newly-launched instances are protected from termination by Amazon EC2 Auto Scaling when scaling in. By default, Auto Scaling can terminate an instance at any time after launch when scaling in an Auto Scaling Group, subject to the group’s termination policy. However, you may wish to protect newly-launched instances from being scaled in if they are going to run critical applications that should not be prematurely terminated. This flag must be enabled if the Auto Scaling Group will be associated with an ECS Capacity Provider with managed termination protection. Default: falsenotifications (
Optional
[Sequence
[Union
[NotificationConfiguration
,Dict
[str
,Any
]]]]) – Configure autoscaling group to send notifications about fleet changes to an SNS topic(s). Default: - No fleet change notifications will be sent.notifications_topic (
Optional
[ITopic
]) – (deprecated) SNS topic to send notifications about fleet changes. Default: - No fleet change notifications will be sent.replacing_update_min_successful_instances_percent (
Union
[int
,float
,None
]) – (deprecated) Configuration for replacing updates. Only used if updateType == UpdateType.ReplacingUpdate. Specifies how many instances must signal success for the update to succeed. Default: minSuccessfulInstancesPercentresource_signal_count (
Union
[int
,float
,None
]) – (deprecated) How many ResourceSignal calls CloudFormation expects before the resource is considered created. Default: 1 if resourceSignalTimeout is set, 0 otherwiseresource_signal_timeout (
Optional
[Duration
]) – (deprecated) The length of time to wait for the resourceSignalCount. The maximum value is 43200 (12 hours). Default: Duration.minutes(5) if resourceSignalCount is set, N/A otherwiserolling_update_configuration (
Union
[RollingUpdateConfiguration
,Dict
[str
,Any
],None
]) – (deprecated) Configuration for rolling updates. Only used if updateType == UpdateType.RollingUpdate. Default: - RollingUpdateConfiguration with defaults.signals (
Optional
[Signals
]) – Configure waiting for signals during deployment. Use this to pause the CloudFormation deployment to wait for the instances in the AutoScalingGroup to report successful startup during creation and updates. The UserData script needs to invokecfn-signal
with a success or failure code after it is done setting up the instance. Without waiting for signals, the CloudFormation deployment will proceed as soon as the AutoScalingGroup has been created or updated but before the instances in the group have been started. For example, to have instances wait for an Elastic Load Balancing health check before they signal success, add a health-check verification by using the cfn-init helper script. For an example, see the verify_instance_health command in the Auto Scaling rolling updates sample template: https://github.com/awslabs/aws-cloudformation-templates/blob/master/aws/services/AutoScaling/AutoScalingRollingUpdates.yaml Default: - Do not wait for signalsspot_price (
Optional
[str
]) – The maximum hourly price (in USD) to be paid for any Spot Instance launched to fulfill the request. Spot Instances are launched when the price you specify exceeds the current Spot market price. Default: nonetermination_policies (
Optional
[Sequence
[TerminationPolicy
]]) – A policy or a list of policies that are used to select the instances to terminate. The policies are executed in the order that you list them. Default: -TerminationPolicy.DEFAULT
update_policy (
Optional
[UpdatePolicy
]) – What to do when an AutoScalingGroup’s instance configuration is changed. This is applied when any of the settings on the ASG are changed that affect how the instances should be created (VPC, instance type, startup scripts, etc.). It indicates how the existing instances should be replaced with new instances matching the new config. By default, nothing is done and only new instances are launched with the new config. Default: -UpdatePolicy.rollingUpdate()
if usinginit
,UpdatePolicy.none()
otherwiseupdate_type (
Optional
[UpdateType
]) – (deprecated) What to do when an AutoScalingGroup’s instance configuration is changed. This is applied when any of the settings on the ASG are changed that affect how the instances should be created (VPC, instance type, startup scripts, etc.). It indicates how the existing instances should be replaced with new instances matching the new config. By default, nothing is done and only new instances are launched with the new config. Default: UpdateType.Nonevpc_subnets (
Union
[SubnetSelection
,Dict
[str
,Any
],None
]) – Where to place instances within the VPC. Default: - All Private subnets.
- Stability:
deprecated
- Return type:
- add_chart(id, *, chart, namespace=None, release=None, repository=None, values=None, version=None)
(deprecated) Defines a Helm chart in this cluster.
- Parameters:
id (
str
) – logical id of this chart.chart (
str
) – (deprecated) The name of the chart.namespace (
Optional
[str
]) – (deprecated) The Kubernetes namespace scope of the requests. Default: defaultrelease (
Optional
[str
]) – (deprecated) The name of the release. Default: - If no release name is given, it will use the last 63 characters of the node’s unique id.repository (
Optional
[str
]) – (deprecated) The repository which contains the chart. For example: https://kubernetes-charts.storage.googleapis.com/ Default: - No repository will be used, which means that the chart needs to be an absolute URL.values (
Optional
[Mapping
[str
,Any
]]) – (deprecated) The values to be used by the chart. Default: - No values are provided to the chart.version (
Optional
[str
]) – (deprecated) The chart version to install. Default: - If this is not specified, the latest version is installed
- Return type:
- Returns:
a
HelmChart
object- Stability:
deprecated
- Throws:
If
kubectlEnabled
isfalse
- add_resource(id, *manifest)
(deprecated) Defines a Kubernetes resource in this cluster.
The manifest will be applied/deleted using kubectl as needed.
- Parameters:
id (
str
) – logical id of this manifest.manifest (
Any
) – a list of Kubernetes resource specifications.
- Return type:
- Returns:
a
KubernetesResource
object.- Stability:
deprecated
- Throws:
If
kubectlEnabled
isfalse
- apply_removal_policy(policy)
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.
The resource can be deleted (
RemovalPolicy.DESTROY
), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN
).- Parameters:
policy (
RemovalPolicy
)- Return type:
None
- to_string()
Returns a string representation of this construct.
- Return type:
str
Attributes
- aws_auth
(deprecated) Lazily creates the AwsAuth resource, which manages AWS authentication mapping.
- Stability:
deprecated
- cluster_arn
(deprecated) The AWS generated ARN for the Cluster resource.
For example,
arn:aws:eks:us-west-2:666666666666:cluster/prod
- Stability:
deprecated
- cluster_certificate_authority_data
(deprecated) The certificate-authority-data for your cluster.
- Stability:
deprecated
- cluster_endpoint
(deprecated) The endpoint URL for the Cluster.
This is the URL inside the kubeconfig file to use with kubectl
For example,
https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com
- Stability:
deprecated
- cluster_name
(deprecated) The Name of the created EKS Cluster.
- Stability:
deprecated
- connections
(deprecated) Manages connection rules (Security Group Rules) for the cluster.
- Stability:
deprecated
- Memberof:
Cluster
- Type:
{ec2.Connections}
- default_capacity
(deprecated) The auto scaling group that hosts the default capacity for this cluster.
This will be
undefined
if the default capacity is set to 0.- Stability:
deprecated
- env
The environment this resource belongs to.
For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
- kubectl_enabled
(deprecated) Indicates if
kubectl
related operations can be performed on this cluster.- Stability:
deprecated
- node
The construct tree node associated with this construct.
- role
(deprecated) IAM role assumed by the EKS Control Plane.
- Stability:
deprecated
- stack
The stack in which this resource is defined.
- vpc
(deprecated) The VPC in which this Cluster was created.
- Stability:
deprecated
Static Methods
- classmethod from_cluster_attributes(scope, id, *, cluster_arn, cluster_certificate_authority_data, cluster_endpoint, cluster_name, security_groups, vpc)
(deprecated) Import an existing cluster.
- Parameters:
scope (
Construct
) – the construct scope, in most cases ‘this’.id (
str
) – the id or name to import as.cluster_arn (
str
) – (deprecated) The unique ARN assigned to the service by AWS in the form of arn:aws:eks:.cluster_certificate_authority_data (
str
) – (deprecated) The certificate-authority-data for your cluster.cluster_endpoint (
str
) – (deprecated) The API Server endpoint URL.cluster_name (
str
) – (deprecated) The physical name of the Cluster.security_groups (
Sequence
[ISecurityGroup
]) – (deprecated) The security groups associated with this cluster.vpc (
IVpc
) – (deprecated) The VPC in which this Cluster was created.
- Stability:
deprecated
- Return type:
- classmethod is_construct(x)
Return whether the given object is a Construct.
- Parameters:
x (
Any
)- Return type:
bool
- classmethod is_resource(construct)
Check whether the given construct is a Resource.
- Parameters:
construct (
IConstruct
)- Return type:
bool