DEV Community

Cover image for Use CDK8S To Create AWS Controllers for Kubernetes Custom Resources
AWS Community Builders profile image πŸš€ Vu Dao πŸš€
πŸš€ Vu Dao πŸš€ for AWS Community Builders

Posted on • Updated on

Use CDK8S To Create AWS Controllers for Kubernetes Custom Resources

#aws #ack #cloudopz #cdk8s

Abstract

  • There is question, How does ACK relate to cdk8s?
  • Answer: All of the ACK controllers watch for specific CRs and you can generate those resources using cdk8s. The two projects complement each other. cdk8s can create the Kubernetes resources and ACK uses those resources to create the AWS infrastructure.
  • This post gives example of generating kubernetes manifest of ACK using cdk8s typescript

Table Of Contents

πŸš€ Pre-requisite

πŸš€ Init cdk8s-app projen

  • You can just init cdk8s project using cdk8s init typescript-app but following is used projen to mange configuration through code
  • Init cdk8s-app-ts with projen in typescript. ```

⚑ $ projen new cdk8s-app-ts --projenrc-ts


- cdk8s import
Enter fullscreen mode Exit fullscreen mode

⚑ $ cdk8s import --language typescript --output src/imports
Importing k8s v1.22.0...
Importing resources, this may take a few moments...
k8s


## πŸš€ **Import ACK CRDS As CDK8S API** <a name="Import-ACK-CRDS-As-CDK8S-API"></a>
- [s3-controller crds](https://github.com/aws-controllers-k8s/s3-controller/tree/main/helm/crds)
Enter fullscreen mode Exit fullscreen mode

⚑ $ cdk8s import https://raw.githubusercontent.com/aws-controllers-k8s/s3-controller/main/helm/crds/s3.services.k8s.aws_buckets.yaml --output src/imports/
Importing resources, this may take a few moments...
s3.services.k8s.aws
s3.services.k8s.aws/bucket


- [rds-controller crds](https://github.com/aws-controllers-k8s/rds-controller/tree/main/helm/crds), rename file from `rds.services.k8s.aws.ts` to `rds.services.db.instance.k8s.aws.ts` after import due to that name is assigned for all CRDS with in the `rds-controller` crds
Enter fullscreen mode Exit fullscreen mode

⚑ $ cdk8s import https://raw.githubusercontent.com/aws-controllers-k8s/rds-controller/main/helm/crds/rds.services.k8s.aws_dbinstances.yaml --output src/imports/
Importing resources, this may take a few moments...
rds.services.k8s.aws
rds.services.k8s.aws/dbinstance

⚑ $ mv src/imports/rds.services.k8s.aws.ts src/imports/rds.services.db.instance.k8s.aws.ts


- RDS subnet group, rename file from `rds.services.k8s.aws.ts` to `rds.services.subnet.group.k8s.aws.ts`
Enter fullscreen mode Exit fullscreen mode

⚑ $ cdk8s import https://raw.githubusercontent.com/aws-controllers-k8s/rds-controller/main/helm/crds/rds.services.k8s.aws_dbsubnetgroups.yaml --output src/imports/
Importing resources, this may take a few moments...
rds.services.k8s.aws
rds.services.k8s.aws/dbsubnetgroup

⚑ $ mv src/imports/rds.services.k8s.aws.ts src/imports/rds.services.subnet.group.k8s.aws.ts


## πŸš€ **Get your hands dirty with code now** <a name="Get-your-hands-dirty-with-code-now"></a>
- [RDS](https://github.com/vumdao/aws-cdk8s-ack-cr/src/rds)
Enter fullscreen mode Exit fullscreen mode

rds
β”œβ”€β”€ constants.ts
β”œβ”€β”€ db-instance.ts
└── subnet-group.ts


  - DBInstance requires subnet group which contains private subnets in EKS VPC (`subnet-group.ts`) and secret keys to hold user credential. The k8s secret is not generated through code here.
  - `db-instance.ts` defines specs of `DbInstance`

- [S3](https://github.com/vumdao/aws-cdk8s-ack-cr/src/s3)
Enter fullscreen mode Exit fullscreen mode

s3
β”œβ”€β”€ constants.ts
└── s3.ts


## πŸš€ **Build manifest** <a name="Build-manifest"></a>
- Just run `yarn build`
Enter fullscreen mode Exit fullscreen mode

⚑ $ yarn build
yarn run v1.22.15
warning ../../../package.json: No license field
$ npx projen build
πŸ‘Ύ build Β» default | ts-node --project tsconfig.dev.json .projenrc.ts
πŸ‘Ύ build Β» compile | tsc --build
πŸ‘Ύ build Β» post-compile Β» synth | cdk8s synth
No manifests synthesized
πŸ‘Ύ build Β» test | jest --passWithNoTests --all --updateSnapshot
No tests found, exiting with code 0
----------|---------|----------|---------|---------|-------------------
File | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s
----------|---------|----------|---------|---------|-------------------
All files | 0 | 0 | 0 | 0 |
----------|---------|----------|---------|---------|-------------------
πŸ‘Ύ build Β» test Β» eslint | eslint --ext .ts,.tsx --fix --no-error-on-unmatched-pattern src test build-tools .projenrc.js
Done in 25.90s.


- Output directory
Enter fullscreen mode Exit fullscreen mode

dist
β”œβ”€β”€ rds
β”‚ β”œβ”€β”€ rds-db-instance.yaml
β”‚ └── rds-subnet-group.yaml
└── s3
└── s3-test-bucket.yaml


- We can now use the `yaml` files to create the AWS infrastructure through ACK

## πŸš€ **Conclusion** <a name="Conclusion"></a>
- Although we have to import ACK CRDS resources for cdk8s API, we can manage k8s manifests through code

---



    
      

        vumdao image
      

    
  

    

πŸš€ Vu Dao πŸš€ 


    

      πŸš€ AWSome Devops | AWS Community Builder | AWS SA || ☁️ CloudOpz ☁️
    

  






  

    

      GitHub logo
      
        vumdao
       / 
        vumdao
Enter fullscreen mode Exit fullscreen mode

Top comments (1)

Collapse
 
ductnn profile image
Duc Tran

thank you :D

Read next

czarinacloud profile image

Balancing AWS Certification and Parenting: A Guide for Busy Professionals

Czarina -

parkerava profile image

Unlock 100% Persistent Storage for Docker Containers in 5 Steps

Ava Parker -

rdbatch02 profile image

Resilience in the Cloud - Fault Isolation Boundaries

Ryan Batchelder -

shaiksalam9182 profile image

Introduction to Kubernetes and AWS EKSβ€Š-β€ŠPartΒ 1

Salam Shaik -