Feature/kubeshark

docs/addons/kubeshark.md

@@ -0,0 +1,85 @@
+# Kubeshark AddOn
+
+[kubeshark](https://github.com/kubeshark/kubeshark)  is an API Traffic Analyzer for Kubernetes providing real-time, protocol-level visibility into Kubernetes’ internal network, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters.
+
+## Usage
+
+#### **`index.ts`**
+```typescript
+import 'source-map-support/register';
+import * as cdk from 'aws-cdk-lib';
+import * as blueprints from '@aws-quickstart/eks-blueprints';
+
+const app = new cdk.App();
+
+const addOn = new blueprints.addons.KubesharkAddOn('v52.3.0');
+
+const blueprint = blueprints.EksBlueprint.builder()
+  .version("auto")
+  .addOns(addOn)
+  .build(app, 'my-stack-name');
+```
+
+#### **Another complete and comprehensive example**
+```typescript
+import * as cdk from 'aws-cdk-lib';
+import * as blueprints from '@aws-quickstart/eks-blueprints';
+
+const app = new cdk.App();
+const account = 'XXXXXXXXXXXXX';
+const region = 'us-east-2';
+const version = 'auto';
+
+blueprints.HelmAddOn.validateHelmVersions = true; // optional if you would like to check for newer versions
+
+const addOns: Array<blueprints.ClusterAddOn> = [
+    new blueprints.addons.ArgoCDAddOn(),
+    new blueprints.addons.CalicoOperatorAddOn(),
+    new blueprints.addons.MetricsServerAddOn(),
+    new blueprints.addons.ClusterAutoScalerAddOn(),
+    new blueprints.addons.AwsLoadBalancerControllerAddOn(),
+    new blueprints.addons.VpcCniAddOn(),
+    new blueprints.addons.CoreDnsAddOn(),
+    new blueprints.addons.KubesharkAddOn(),
+    new blueprints.addons.KubeProxyAddOn()
+];
+
+const stack = blueprints.EksBlueprint.builder()
+    .account(account)
+    .region(region)
+    .version(version)
+    .addOns(...addOns)
+    .useDefaultSecretEncryption(true) // set to false to turn secret encryption off (non-production/demo cases)
+    .build(app, 'eks-blueprint');
+
+```
+
+Once deployed, you can see kubeshark pod in the `kube-system` namespace.
+
+```sh
+$ kubectl get deployments -n kube-system
+
+NAME                                                          READY   UP-TO-DATE   AVAILABLE   AGE
+blueprints-addon-kubeshark                               1/1     1            1           20m
+```
+
+## Functionality
+
+1. Deploys the kubeshark helm chart in `kube-system` namespace by default.
+2. Supports [standard helm configuration options](./index.md#standard-helm-add-on-configuration-options).
+3. Supports `createNamespace` configuration to deploy the addon to a customized namespace.
+
+## Access Kubeshark
+
+Apply the kubernetes dashboard manifest.
+
+```sh
+$ kubectl -n kube-system port-forward svc/kubeshark-front 3000:80
+```
+
+
+Open the [dashboard](http://localhost:3000)
+
+Then you should be able to see view like this
+![dashboard](https://raw.githubusercontent.com/kubeshark/assets/master/png/kubeshark-ui.png)
+

lib/addons/index.ts

@@ -60,7 +60,8 @@ export * from './apache-airflow';
 export * from './neuron';
 export * from './eks-pod-identity-agent';
 export * from './neuron';
+export * from './kubeshark';
 
 export class Constants {
     public static readonly BLUEPRINTS_ADDON = "blueprints-addon";
-}
+}

lib/addons/kubeshark/index.ts

@@ -0,0 +1,53 @@
+import { Construct } from 'constructs';
+import { merge } from "ts-deepmerge";
+import { ClusterInfo, Values } from '../../spi';
+import { HelmAddOn, HelmAddOnProps, HelmAddOnUserProps } from '../helm-addon';
+import { createNamespace, supportsALL } from '../../utils';
+
+/**
+ * Configuration options for the add-on.
+ */
+
+export interface KubesharkAddOnProps extends HelmAddOnUserProps {
+    /**
+     * To Create Namespace using CDK
+     */
+    createNamespace?: boolean;
+}
+
+/**
+ * Defaults options for the add-on
+ */
+const defaultProps: HelmAddOnProps & KubesharkAddOnProps = {
+    chart: 'kubeshark',
+    repository: 'https://helm.kubeshark.co',
+    version: '52.3.0',
+    release: 'blueprints-addon-kubeshark',
+    name: 'kubeshark',
+    namespace: 'kube-system',
+    createNamespace: false,
+};
+
+@supportsALL
+export class KubesharkAddOn extends HelmAddOn {
+    readonly options: KubesharkAddOnProps;
+
+    constructor(props?: KubesharkAddOnProps) {
+        super({ ...defaultProps, ...props });
+        this.options = this.props as KubesharkAddOnProps;
+    }
+
+    deploy(clusterInfo: ClusterInfo): Promise<Construct> {
+        const cluster = clusterInfo.cluster;
+        let values: Values = this.options ?? {};
+        values = merge(values, this.props.values ?? {});
+        const chart = this.addHelmChart(clusterInfo, values);
+
+        if (this.options.createNamespace == true) {
+            // Let CDK Create the Namespace
+            const namespace = createNamespace(this.options.namespace!, cluster);
+            chart.node.addDependency(namespace);
+        }
+        return Promise.resolve(chart);
+    }
+}