DEV Community

Cover image for Use CDK8S To Create AWS Controllers for Kubernetes Custom Resources
AWS Community Builders profile image ๐Ÿš€ Vu Dao ๐Ÿš€
๐Ÿš€ Vu Dao ๐Ÿš€ for AWS Community Builders

Posted on • Edited on

Use CDK8S To Create AWS Controllers for Kubernetes Custom Resources

#aws #ack #cloudopz #cdk8s

Abstract

  • There is question, How does ACK relate to cdk8s?
  • Answer: All of the ACK controllers watch for specific CRs and you can generate those resources using cdk8s. The two projects complement each other. cdk8s can create the Kubernetes resources and ACK uses those resources to create the AWS infrastructure.
  • This post gives example of generating kubernetes manifest of ACK using cdk8s typescript

Table Of Contents

๐Ÿš€ Pre-requisite

๐Ÿš€ Init cdk8s-app projen

  • You can just init cdk8s project using cdk8s init typescript-app but following is used projen to mange configuration through code
  • Init cdk8s-app-ts with projen in typescript. ```

โšก $ projen new cdk8s-app-ts --projenrc-ts


- cdk8s import
Enter fullscreen mode Exit fullscreen mode

โšก $ cdk8s import --language typescript --output src/imports
Importing k8s v1.22.0...
Importing resources, this may take a few moments...
k8s


## ๐Ÿš€ **Import ACK CRDS As CDK8S API** <a name="Import-ACK-CRDS-As-CDK8S-API"></a>
- [s3-controller crds](https://github.com/aws-controllers-k8s/s3-controller/tree/main/helm/crds)
Enter fullscreen mode Exit fullscreen mode

โšก $ cdk8s import https://raw.githubusercontent.com/aws-controllers-k8s/s3-controller/main/helm/crds/s3.services.k8s.aws_buckets.yaml --output src/imports/
Importing resources, this may take a few moments...
s3.services.k8s.aws
s3.services.k8s.aws/bucket


- [rds-controller crds](https://github.com/aws-controllers-k8s/rds-controller/tree/main/helm/crds), rename file from `rds.services.k8s.aws.ts` to `rds.services.db.instance.k8s.aws.ts` after import due to that name is assigned for all CRDS with in the `rds-controller` crds
Enter fullscreen mode Exit fullscreen mode

โšก $ cdk8s import https://raw.githubusercontent.com/aws-controllers-k8s/rds-controller/main/helm/crds/rds.services.k8s.aws_dbinstances.yaml --output src/imports/
Importing resources, this may take a few moments...
rds.services.k8s.aws
rds.services.k8s.aws/dbinstance

โšก $ mv src/imports/rds.services.k8s.aws.ts src/imports/rds.services.db.instance.k8s.aws.ts


- RDS subnet group, rename file from `rds.services.k8s.aws.ts` to `rds.services.subnet.group.k8s.aws.ts`
Enter fullscreen mode Exit fullscreen mode

โšก $ cdk8s import https://raw.githubusercontent.com/aws-controllers-k8s/rds-controller/main/helm/crds/rds.services.k8s.aws_dbsubnetgroups.yaml --output src/imports/
Importing resources, this may take a few moments...
rds.services.k8s.aws
rds.services.k8s.aws/dbsubnetgroup

โšก $ mv src/imports/rds.services.k8s.aws.ts src/imports/rds.services.subnet.group.k8s.aws.ts


## ๐Ÿš€ **Get your hands dirty with code now** <a name="Get-your-hands-dirty-with-code-now"></a>
- [RDS](https://github.com/vumdao/aws-cdk8s-ack-cr/src/rds)
Enter fullscreen mode Exit fullscreen mode

rds
โ”œโ”€โ”€ constants.ts
โ”œโ”€โ”€ db-instance.ts
โ””โ”€โ”€ subnet-group.ts


  - DBInstance requires subnet group which contains private subnets in EKS VPC (`subnet-group.ts`) and secret keys to hold user credential. The k8s secret is not generated through code here.
  - `db-instance.ts` defines specs of `DbInstance`

- [S3](https://github.com/vumdao/aws-cdk8s-ack-cr/src/s3)
Enter fullscreen mode Exit fullscreen mode

s3
โ”œโ”€โ”€ constants.ts
โ””โ”€โ”€ s3.ts


## ๐Ÿš€ **Build manifest** <a name="Build-manifest"></a>
- Just run `yarn build`
Enter fullscreen mode Exit fullscreen mode

โšก $ yarn build
yarn run v1.22.15
warning ../../../package.json: No license field
$ npx projen build
๐Ÿ‘พ build ยป default | ts-node --project tsconfig.dev.json .projenrc.ts
๐Ÿ‘พ build ยป compile | tsc --build
๐Ÿ‘พ build ยป post-compile ยป synth | cdk8s synth
No manifests synthesized
๐Ÿ‘พ build ยป test | jest --passWithNoTests --all --updateSnapshot
No tests found, exiting with code 0
----------|---------|----------|---------|---------|-------------------
File | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s
----------|---------|----------|---------|---------|-------------------
All files | 0 | 0 | 0 | 0 |
----------|---------|----------|---------|---------|-------------------
๐Ÿ‘พ build ยป test ยป eslint | eslint --ext .ts,.tsx --fix --no-error-on-unmatched-pattern src test build-tools .projenrc.js
Done in 25.90s.


- Output directory
Enter fullscreen mode Exit fullscreen mode

dist
โ”œโ”€โ”€ rds
โ”‚ โ”œโ”€โ”€ rds-db-instance.yaml
โ”‚ โ””โ”€โ”€ rds-subnet-group.yaml
โ””โ”€โ”€ s3
โ””โ”€โ”€ s3-test-bucket.yaml


- We can now use the `yaml` files to create the AWS infrastructure through ACK

## ๐Ÿš€ **Conclusion** <a name="Conclusion"></a>
- Although we have to import ACK CRDS resources for cdk8s API, we can manage k8s manifests through code

---



    
      

        vumdao image
      

    
  

    

๐Ÿš€ Vu Dao ๐Ÿš€ 


    

      ๐Ÿš€ AWSome Devops | AWS Community Builder | AWS SA || โ˜๏ธ CloudOpz โ˜๏ธ
    

  






  

    

      GitHub logo
      
        vumdao
       / 
        vumdao
Enter fullscreen mode Exit fullscreen mode

Top comments (1)

Collapse
 
ductnn profile image
Duc Tran

thank you :D

Read next

lhidalgo_dev profile image

Mastering DynamoDB: Batch Operations Explained

Lorenzo Hidalgo Gadea -

karthiksakthiveltechie profile image

AWS CodePipeline V2 type pipelines supports to automatically retry a stage if there is a failure in the stage.

Karthik Sakthivel -

mahinur05 profile image

๐Ÿš€ Deploying Node.js Application with PM2, NGINX, and SSL Configuration ๐Ÿš€

Mahinur Rahman -

awedis profile image

Smart File Organizer Using AWS Lambda & S3 - (Let's Build ๐Ÿ—๏ธ Series)

awedis -