def __init__(self, scope: Construct, id: str, name_space):
super().__init__(scope, id, namespace=name_space)
app_name = 'kibana'
app_label = {'dev': app_name}
k8s.KubeIngressV1Beta1(
self,
'KibanaIngress',
metadata=k8s.ObjectMeta(annotations={
'kubernetes.io/ingress.class':
'alb',
'alb.ingress.kubernetes.io/group.name':
'dev',
'alb.ingress.kubernetes.io/group.order':
'7',
'alb.ingress.kubernetes.io/healthcheck-path':
'/api/status',
'alb.ingress.kubernetes.io/backend-protocol':
'HTTP',
'alb.ingress.kubernetes.io/listen-ports':
'[{"HTTPS":443}]',
'alb.ingress.kubernetes.io/certificate-arn':
'arn:aws:acm:ap-northeast-2:123456789012:certificate/aaaa-bbbb-cccc-xxxx'
},
labels=app_label,
name=app_name),
spec=k8s.IngressSpec(rules=[
k8s.IngressRule(
host="kibana.cloudopz.co",
http=k8s.HttpIngressRuleValue(paths=[
k8s.HttpIngressPath(backend=k8s.IngressBackend(
service_name='kibana',
service_port=k8s.IntOrString.from_number(5601)))
]))
]))
def __init__(self, scope: Construct, ns: str):
super().__init__(scope, ns)
label = {"app": "hello-k8s"}
k8s.Service(self,
'service',
spec=k8s.ServiceSpec(
type='LoadBalancer',
ports=[
k8s.ServicePort(
port=80,
target_port=k8s.IntOrString.from_number(8080))
],
selector=label))
k8s.Deployment(
self,
'deployment',
spec=k8s.DeploymentSpec(
replicas=2,
selector=k8s.LabelSelector(match_labels=label),
template=k8s.PodTemplateSpec(
metadata=k8s.ObjectMeta(labels=label),
spec=k8s.PodSpec(containers=[
k8s.Container(
name='hello-kubernetes',
image='paulbouwer/hello-kubernetes:1.7',
ports=[k8s.ContainerPort(container_port=8080)])
]))))
def __init__(self, scope: Construct, ns: str):
super().__init__(scope, ns)
label = {"app": "guestbook-ui"}
k8s.Service(self,
'service',
spec=k8s.ServiceSpec(
type='LoadBalancer',
ports=[
k8s.ServicePort(
port=80,
target_port=k8s.IntOrString.from_number(80))
],
selector=label))
k8s.Deployment(
self,
'deployment',
spec=k8s.DeploymentSpec(
replicas=1,
selector=k8s.LabelSelector(match_labels=label),
template=k8s.PodTemplateSpec(
metadata=k8s.ObjectMeta(labels=label),
spec=k8s.PodSpec(containers=[
k8s.Container(
name='guestbook-ui',
image='gcr.io/heptio-images/ks-guestbook-demo:0.2',
ports=[k8s.ContainerPort(container_port=80)])
]))))
def __init__(self, scope: Construct, ns: str, *,
image: str,
replicas: typing.Optional[int] = 1,
port: typing.Optional[int] = 80,
container_port: typing.Optional[int] = 8000):
super().__init__(scope, ns)
label = {'app': Node.of(self).unique_id}
k8s.Service(self, 'service',
spec=k8s.ServiceSpec(
type='NodePort',
ports=[k8s.ServicePort(port=port, target_port=k8s.IntOrString.from_number(container_port))],
selector=label))
k8s.Deployment(self, 'deployment',
spec=k8s.DeploymentSpec(
replicas=replicas,
selector=k8s.LabelSelector(match_labels=label),
template=k8s.PodTemplateSpec(
metadata=k8s.ObjectMeta(labels=label),
spec=k8s.PodSpec(
containers=[
k8s.Container(
name='app',
image=image,
ports=[k8s.ContainerPort(container_port=container_port)])]))))
def render_k8s_resource(self, chart: Chart) -> Deployment:
# Create the metadata and label selectors for the deployment
object_meta = k8s.ObjectMeta(labels=self.labels)
label_selector = k8s.LabelSelector(match_labels=self.match_labels)
# Generate the podspec templates for the deployment
podspec = k8s.PodSpec(init_containers=self.init_containers.render(chart),
image_pull_secrets=self.image_pull_secrets,
containers=self.containers.render(chart),
volumes=self.volumes.render(chart))
podspec_template = k8s.PodTemplateSpec(metadata=object_meta,
spec=podspec)
# Use the podspec to create the deployment spec before finally returning the completed K8s Deployment.
deployment_spec = k8s.DeploymentSpec(replicas=self.replicas, selector=label_selector, template=podspec_template)
k8s.Deployment(chart, 'deployment', metadata=k8s.ObjectMeta(name=self.name), spec=deployment_spec)
return self
def render_k8s_resource(self, chart: Chart) -> k8s.Service:
service_ports = ServicePort.render_port_list(self.ports)
svc_spec = k8s.ServiceSpec(type=self.service_type.k8s_name(),
ports=service_ports,
selector=self.selector)
object_meta = k8s.ObjectMeta(name=self.name, labels=self.labels)
return k8s.Service(scope=chart,
name=self.name,
metadata=object_meta,
spec=svc_spec)
def __init__(self, scope: Construct, id: str):
super().__init__(scope, id, namespace='dev')
k8s.KubeServiceAccount(
self,
"ServiceAccount",
metadata=k8s.ObjectMeta(
name='eks-sa',
annotations={
'eks.amazonaws.com/role-arn':
'arn:aws:iam::123456789012:role/eks-oic-dev-sa'
}))
def __init__(self, scope: Construct, id: str):
super().__init__(scope, id, namespace='dev')
app_name = 'aws-test-sa-default'
app_label = {'app': app_name}
k8s.KubeDeployment(
self,
f"Aws-TestDeployment-SA-Default",
metadata=k8s.ObjectMeta(labels=app_label, name=app_name),
spec=k8s.DeploymentSpec(
replicas=1,
selector=k8s.LabelSelector(match_labels=app_label),
template=k8s.PodTemplateSpec(
metadata=k8s.ObjectMeta(labels=app_label),
spec=k8s.PodSpec(containers=[
k8s.Container(name=app_name,
image="mikesir87/aws-cli:v1",
command=["sleep 60"])
]))))
app_name = 'aws-test-iam-sa'
app_label = {'app': app_name}
k8s.KubeDeployment(
self,
f"Aws-TestDeployment-IAM-SA",
metadata=k8s.ObjectMeta(labels=app_label, name=app_name),
spec=k8s.DeploymentSpec(
replicas=1,
selector=k8s.LabelSelector(match_labels=app_label),
template=k8s.PodTemplateSpec(
metadata=k8s.ObjectMeta(labels=app_label),
spec=k8s.PodSpec(service_account_name='sel-eks-sa',
containers=[
k8s.Container(
name=app_name,
image="mikesir87/aws-cli:v1",
command=["sleep 60"])
]))))
def __init__(self,
scope: Construct,
ns: str,
*,
image: str,
replicas: int = 1,
port: int = 80,
container_port: int = 8080):
super().__init__(scope, ns)
label = {"app": Node.of(self).unique_id}
k8s.Service(
self,
"service",
spec=k8s.ServiceSpec(
type="LoadBalancer",
ports=[
k8s.ServicePort(
port=port,
target_port=k8s.IntOrString.from_number(
container_port),
)
],
selector=label,
),
)
k8s.Deployment(
self,
"deployment",
spec=k8s.DeploymentSpec(
replicas=replicas,
selector=k8s.LabelSelector(match_labels=label),
template=k8s.PodTemplateSpec(
metadata=k8s.ObjectMeta(labels=label),
spec=k8s.PodSpec(containers=[
k8s.Container(
name="app",
image=image,
ports=[
k8s.ContainerPort(
container_port=container_port)
],
)
]),
),
),
)
def __init__(self, scope: Construct, ns: str):
super().__init__(scope, ns)
labels = {"app": "cdk8s-python"}
k8s.Service(
self,
'service',
spec=k8s.ServiceSpec(
type='LoadBalancer',
ports=[
k8s.ServicePort(
port=80,
target_port=k8s.IntOrString.from_number(80)
),
],
selector=labels,
),
)
k8s.Deployment(
self,
'deployment',
spec=k8s.DeploymentSpec(
replicas=2,
selector=k8s.LabelSelector(match_labels=labels),
template=k8s.PodTemplateSpec(
metadata=k8s.ObjectMeta(labels=labels),
spec=k8s.PodSpec(
containers=[
k8s.Container(
name=ns,
image='nginxdemos/hello',
ports=[
k8s.ContainerPort(container_port=80),
],
),
],
),
),
),
)
def __init__(self, scope: Construct, id: str, name_space):
super().__init__(scope, id)
app_name = 'frontend'
app_label = {'dev': app_name}
k8s.KubeIngressV1Beta1(
self, 'FrontendIngress',
metadata=k8s.ObjectMeta(
annotations={
'kubernetes.io/ingress.class': 'alb',
'alb.ingress.kubernetes.io/group.name': f'{name_space}',
'alb.ingress.kubernetes.io/group.order': '100',
'alb.ingress.kubernetes.io/healthcheck-path': '/frontend/health-check.do',
'alb.ingress.kubernetes.io/actions.frontend-condition': '{"Type":"forward","ForwardConfig":{"TargetGroups":[{"ServiceName":"frontend","ServicePort":"2087","Weight":100}]}}',
'alb.ingress.kubernetes.io/conditions.frontend-condition': '[{"field":"path-pattern","pathPatternConfig":{"values":["/frontend/*"]}}]',
'alb.ingress.kubernetes.io/backend-protocol': 'HTTP',
'alb.ingress.kubernetes.io/listen-ports': '[{"HTTPS":443}]',
'alb.ingress.kubernetes.io/certificate-arn':
'arn:aws:acm:ap-northeast-2:123456789012:certificate/aaaa-bbbb-cccc-xxxx'
},
labels=app_label,
name=app_name
),
spec=k8s.IngressSpec(
rules=[
k8s.IngressRule(
http=k8s.HttpIngressRuleValue(
paths=[
k8s.HttpIngressPath(
backend=k8s.IngressBackend(
service_name='frontend-condition',
service_port=k8s.IntOrString.from_string('use-annotation')
)
)
]
)
)
]
)
)
def __init__(self, scope: Construct, id: str, name_space):
super().__init__(scope, id, namespace=name_space)
""" Create default rule and redirect HTTP to HTTPS """
app_name = 'dev-alb'
app_label = {'dev': app_name}
k8s.KubeIngressV1Beta1(
self,
'AppIngress',
metadata=k8s.ObjectMeta(annotations={
'kubernetes.io/ingress.class':
'alb',
'alb.ingress.kubernetes.io/scheme':
'internet-facing',
'alb.ingress.kubernetes.io/target-type':
'instance',
'alb.ingress.kubernetes.io/group.name':
f"{name_space}",
'alb.ingress.kubernetes.io/ip-address-type':
'ipv4',
'alb.ingress.kubernetes.io/backend-protocol':
'HTTP',
'alb.ingress.kubernetes.io/backend-protocol-version':
'HTTP2',
'alb.ingress.kubernetes.io/listen-ports':
'[{"HTTPS":443}, {"HTTP":80}]',
'alb.ingress.kubernetes.io/actions.ssl-redirect':
'{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}',
'alb.ingress.kubernetes.io/certificate-arn':
'arn:aws:acm:ap-northeast-2:123456789012:certificate/aaaa-bbbb-cccc-xxxx'
},
labels=app_label,
name=app_name),
spec=k8s.IngressSpec(rules=[
k8s.IngressRule(http=k8s.HttpIngressRuleValue(paths=[
k8s.HttpIngressPath(backend=k8s.IngressBackend(
service_name='ssl-redirect',
service_port=k8s.IntOrString.from_string(
'use-annotation')))
]))
]))
def __init__(self, scope: Construct, id: str):
super().__init__(scope, id)
k8s.KubeNamespace(self,
"NameSpace",
metadata=k8s.ObjectMeta(name='dev'))
def __create_object_meta(self):
return k8s.ObjectMeta(name=self.name,
labels=self.labels,
annotations=self.annotations)
