refactored implementation to use CDK native control plane logging

aws-quickstart · May 2, 2024 · 55aa050 · 55aa050
1 parent d81d05c
commit 55aa050
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 94 deletions.
diff --git a/lib/cluster-providers/generic-cluster-provider.ts b/lib/cluster-providers/generic-cluster-provider.ts
@@ -246,7 +246,7 @@ export class GenericClusterProvider implements ClusterProvider {
     /**
      * @override
      */
-    createCluster(scope: Construct, vpc: ec2.IVpc, secretsEncryptionKey: IKey | undefined, kubernetesVersion: eks.KubernetesVersion | undefined): ClusterInfo {
+    createCluster(scope: Construct, vpc: ec2.IVpc, secretsEncryptionKey?: IKey, kubernetesVersion?: eks.KubernetesVersion, clusterLogging?: eks.ClusterLoggingTypes[]) : ClusterInfo {
         const id = scope.node.id;
 
         // Props for the cluster.
@@ -271,6 +271,7 @@ export class GenericClusterProvider implements ClusterProvider {
             vpc,
             secretsEncryptionKey,
             clusterName,
+            clusterLogging,
             outputClusterName,
             version,
             vpcSubnets,

diff --git a/lib/spi/cluster-contracts.ts b/lib/spi/cluster-contracts.ts
@@ -2,13 +2,14 @@ import { ClusterInfo } from '.';
 import { Construct } from "constructs";
 import { IVpc } from 'aws-cdk-lib/aws-ec2';
 import {IKey} from "aws-cdk-lib/aws-kms";
-import { KubernetesVersion } from 'aws-cdk-lib/aws-eks';
+import { ClusterLoggingTypes, KubernetesVersion } from 'aws-cdk-lib/aws-eks';
+
 
 
 /**
  * ClusterProvider is the interface to which all Cluster Providers should conform.
  */
 export declare interface ClusterProvider {
-    createCluster(scope: Construct, vpc: IVpc, secretsEncryptionKey?: IKey, kubernetesVersion?: KubernetesVersion): ClusterInfo;
+    createCluster(scope: Construct, vpc: IVpc, secretsEncryptionKey?: IKey, kubernetesVersion?: KubernetesVersion, clusterLogging?: ClusterLoggingTypes[] ): ClusterInfo;
 }
 
diff --git a/lib/stacks/eks-blueprint-stack.ts b/lib/stacks/eks-blueprint-stack.ts
@@ -1,6 +1,6 @@
 import * as cdk from 'aws-cdk-lib';
 import { IVpc } from 'aws-cdk-lib/aws-ec2';
-import { KubernetesVersion } from 'aws-cdk-lib/aws-eks';
+import { ClusterLoggingTypes as ControlPlaneLogType, KubernetesVersion } from 'aws-cdk-lib/aws-eks';
 import { Construct } from 'constructs';
 import { MngClusterProvider } from '../cluster-providers/mng-cluster-provider';
 import { VpcProvider } from '../resource-providers/vpc';
@@ -15,6 +15,8 @@ import { ArgoGitOpsFactory } from "../addons/argocd/argo-gitops-factory";
 /* Default K8s version of EKS Blueprints */
 export const DEFAULT_VERSION = KubernetesVersion.V1_29;
 
+export { ControlPlaneLogType };
+
 export class EksBlueprintProps {
     /**
      * The id for the blueprint.
@@ -90,15 +92,6 @@ export class BlueprintPropsConstraints implements constraints.ConstraintsType<Ek
     name = new constraints.StringConstraint(1, 63);
 }
 
-export const enum ControlPlaneLogType {
-
-    API = 'api',
-    AUDIT = 'audit',
-    AUTHENTICATOR = 'authenticator',
-    CONTROLLER_MANAGER = 'controllerManager',
-    SCHEDULER = 'scheduler'
-}
-
 /**
  * Blueprint builder implements a builder pattern that improves readability (no bloated constructors)
  * and allows creating a blueprint in an abstract state that can be applied to various instantiations
@@ -256,14 +249,9 @@ export class EksBlueprint extends cdk.Stack {
             version
         });
 
-        this.clusterInfo = clusterProvider.createCluster(this, vpcResource!, kmsKeyResource, version);
+        this.clusterInfo = clusterProvider.createCluster(this, vpcResource!, kmsKeyResource, version, blueprintProps.enableControlPlaneLogTypes);
         this.clusterInfo.setResourceContext(resourceContext);
 
-        let enableLogTypes: string[] | undefined = blueprintProps.enableControlPlaneLogTypes;
-        if (enableLogTypes) {
-            utils.setupClusterLogging(this.clusterInfo.cluster.stack, this.clusterInfo.cluster, enableLogTypes);
-        }
-
         if (blueprintProps.enableGitOpsMode == spi.GitOpsMode.APPLICATION) {
             ArgoGitOpsFactory.enableGitOps();
         } else if (blueprintProps.enableGitOpsMode == spi.GitOpsMode.APP_OF_APPS) {

diff --git a/lib/utils/cluster-utils.ts b/lib/utils/cluster-utils.ts
@@ -1,82 +1,7 @@
-import * as eks from "aws-cdk-lib/aws-eks";
-import { Stack } from "aws-cdk-lib";
-import { AwsCustomResource, AwsCustomResourcePolicy } from "aws-cdk-lib/custom-resources";
 import { Construct } from "constructs";
 import * as customResource from 'aws-cdk-lib/custom-resources';
 import { ClusterInfo } from "../spi";
 
-// Available Control Plane logging types
-const CONTROL_PLANE_LOG_TYPES = ['api','audit','authenticator','controllerManager','scheduler'];
-
-// Enables logs for the cluster.
-export function setupClusterLogging(stack: Stack, cluster: eks.ICluster, enableLogTypes: string[]): void {
-	if(!enableLogTypes.every(val => CONTROL_PLANE_LOG_TYPES.includes(val))){
-		throw new Error('You have included an invalid Control Plane Log Type.');
-	}
-	let disableLogTypes = CONTROL_PLANE_LOG_TYPES.filter(item => enableLogTypes.indexOf(item) < 0);
-
-	new AwsCustomResource(stack, "ClusterLogsEnabler", {
-		policy: AwsCustomResourcePolicy.fromSdkCalls({
-			resources: [`${cluster.clusterArn}/update-config`],
-		}),
-		installLatestAwsSdk: true, 
-		onCreate: {
-			physicalResourceId: { id: `${cluster.clusterArn}/LogsEnabler` },
-			service: "EKS",
-			action: "updateClusterConfig",
-			region: stack.region,
-			parameters: {
-				name: cluster.clusterName,
-				logging: {
-					clusterLogging: [
-						{
-							enabled: true,
-							types: enableLogTypes,
-						},
-					],
-				},
-			},
-		},
-		onDelete: {
-			physicalResourceId: { id: `${cluster.clusterArn}/LogsEnabler` },
-			service: "EKS",
-			action: "updateClusterConfig",
-			region: stack.region,
-			parameters: {
-				name: cluster.clusterName,
-				logging: {
-					clusterLogging: [
-						{
-							enabled: false,
-							types: CONTROL_PLANE_LOG_TYPES,
-						},
-					],
-				},
-			},
-		},
-		onUpdate: {
-			physicalResourceId: { id: `${cluster.clusterArn}/LogsEnabler` },
-			service: "EKS",
-			action: "updateClusterConfig",
-			region: stack.region,
-			parameters: {
-				name: cluster.clusterName,
-				logging: {
-					clusterLogging: [
-						{
-							enabled: true,
-							types: enableLogTypes,
-						},
-						{
-							enabled: false,
-							types: disableLogTypes,
-						},
-					],
-				},
-			},
-		},
-	});
-}
 
 interface Tag {
   Key: string;