feat(eks): support for Kubernetes version 1.29 (#29040)

robertd · web-flow · commit 9dfabb1faf82 · 2024-02-09T19:47:45.000Z
Similar to #27930, this PR adds eks with k8s 1.29 support. Addresses #28872 thread. Closes #28983. ### **!! Depends on cdklabs/awscdk-asset-kubectl#546 being merged in first. !!** /cc @kaizencc @pahud ### Reason for this change K8s 1.29 on EKS has been released on 1/23/2024. See: https://aws.amazon.com/blogs/containers/amazon-eks-now-supports-kubernetes-version-1-29/ ### Description of changes Added support for eks 1.29. ### Description of how you validated changes Deployed an EKS cluster with k8s 1.29. ![image](https://github.com/aws/aws-cdk/assets/31543/ba770020-2087-498a-a1eb-3e890df05062) ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
diff --git a/packages/aws-cdk-lib/aws-eks/README.md b/packages/aws-cdk-lib/aws-eks/README.md
@@ -63,12 +63,12 @@ This example defines an Amazon EKS cluster with the following configuration:
 * A Kubernetes pod with a container based on the [paulbouwer/hello-kubernetes](https://github.com/paulbouwer/hello-kubernetes) image.
 
 ```ts
-import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28';
+import { KubectlV29Layer } from '@aws-cdk/lambda-layer-kubectl-v29';
 
 // provisioning a cluster
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_28,
-  kubectlLayer: new KubectlV28Layer(this, 'kubectl'),
+  version: eks.KubernetesVersion.V1_29,
+  kubectlLayer: new KubectlV29Layer(this, 'kubectl'),
 });
 
 // apply a kubernetes manifest to the cluster
@@ -134,15 +134,15 @@ Creating a new cluster is done using the `Cluster` or `FargateCluster` construct
 
 ```ts
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
 });
 ```
 
 You can also use `FargateCluster` to provision a cluster that uses only fargate workers.
 
 ```ts
 new eks.FargateCluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
 });
 ```
 
@@ -166,7 +166,7 @@ At cluster instantiation time, you can customize the number of instances and the
 
 ```ts
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   defaultCapacity: 5,
   defaultCapacityInstance: ec2.InstanceType.of(ec2.InstanceClass.M5, ec2.InstanceSize.SMALL),
 });
@@ -178,7 +178,7 @@ Additional customizations are available post instantiation. To apply them, set t
 
 ```ts
 const cluster = new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   defaultCapacity: 0,
 });
 
@@ -262,7 +262,7 @@ const eksClusterNodeGroupRole = new iam.Role(this, 'eksClusterNodeGroupRole', {
 });
 
 const cluster = new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   defaultCapacity: 0,
 });
 
@@ -405,7 +405,7 @@ The following code defines an Amazon EKS cluster with a default Fargate Profile
 
 ```ts
 const cluster = new eks.FargateCluster(this, 'MyCluster', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
 });
 ```
 
@@ -482,7 +482,7 @@ You can also configure the cluster to use an auto-scaling group as the default c
 
 ```ts
 const cluster = new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   defaultCapacityType: eks.DefaultCapacityType.EC2,
 });
 ```
@@ -586,7 +586,7 @@ You can configure the [cluster endpoint access](https://docs.aws.amazon.com/eks/
 
 ```ts
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   endpointAccess: eks.EndpointAccess.PRIVATE, // No access outside of your VPC.
 });
 ```
@@ -608,7 +608,7 @@ To deploy the controller on your EKS cluster, configure the `albController` prop
 
 ```ts
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   albController: {
     version: eks.AlbControllerVersion.V2_6_2,
   },
@@ -651,7 +651,7 @@ You can specify the VPC of the cluster using the `vpc` and `vpcSubnets` properti
 declare const vpc: ec2.Vpc;
 
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   vpc,
   vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS }],
 });
@@ -698,7 +698,7 @@ You can configure the environment of the Cluster Handler functions by specifying
 ```ts
 declare const proxyInstanceSecurityGroup: ec2.SecurityGroup;
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   clusterHandlerEnvironment: {
     https_proxy: 'http://proxy.myproxy.com',
   },
@@ -740,7 +740,7 @@ for (let subnet of subnets) {
 }
 
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   vpc: vpc,
   ipFamily: eks.IpFamily.IP_V6,
   vpcSubnets: [{ subnets: vpc.publicSubnets }],
@@ -775,7 +775,7 @@ You can configure the environment of this function by specifying it at cluster i
 
 ```ts
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   kubectlEnvironment: {
     'http_proxy': 'http://proxy.myproxy.com',
   },
@@ -795,11 +795,11 @@ Depending on which version of kubernetes you're targeting, you will need to use
 the `@aws-cdk/lambda-layer-kubectl-vXY` packages.
 
 ```ts
-import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28';
+import { KubectlV29Layer } from '@aws-cdk/lambda-layer-kubectl-v29';
 
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_28,
-  kubectlLayer: new KubectlV28Layer(this, 'kubectl'),
+  version: eks.KubernetesVersion.V1_29,
+  kubectlLayer: new KubectlV29Layer(this, 'kubectl'),
 });
 ```
 
@@ -834,7 +834,7 @@ const cluster1 = new eks.Cluster(this, 'MyCluster', {
   kubectlLayer: layer,
   vpc,
   clusterName: 'cluster-name',
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
 });
 
 // or
@@ -852,7 +852,7 @@ By default, the kubectl provider is configured with 1024MiB of memory. You can u
 ```ts
 new eks.Cluster(this, 'MyCluster', {
   kubectlMemory: Size.gibibytes(4),
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
 });
 
 // or
@@ -891,7 +891,7 @@ When you create a cluster, you can specify a `mastersRole`. The `Cluster` constr
 ```ts
 declare const role: iam.Role;
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   mastersRole: role,
 });
 ```
@@ -941,7 +941,7 @@ You can use the `secretsEncryptionKey` to configure which key the cluster will u
 const secretsKey = new kms.Key(this, 'SecretsKey');
 const cluster = new eks.Cluster(this, 'MyCluster', {
   secretsEncryptionKey: secretsKey,
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
 });
 ```
 
@@ -951,7 +951,7 @@ You can also use a similar configuration for running a cluster built using the F
 const secretsKey = new kms.Key(this, 'SecretsKey');
 const cluster = new eks.FargateCluster(this, 'MyFargateCluster', {
   secretsEncryptionKey: secretsKey,
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
 });
 ```
 
@@ -995,7 +995,7 @@ To access the Kubernetes resources from the console, make sure your viewing prin
 in the `aws-auth` ConfigMap. Some options to consider:
 
 ```ts
-import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28';
+import { KubectlV29Layer } from '@aws-cdk/lambda-layer-kubectl-v29';
 declare const cluster: eks.Cluster;
 declare const your_current_role: iam.Role;
 declare const vpc: ec2.Vpc;
@@ -1015,7 +1015,7 @@ your_current_role.addToPolicy(new iam.PolicyStatement({
 
 ```ts
 // Option 2: create your custom mastersRole with scoped assumeBy arn as the Cluster prop. Switch to this role from the AWS console.
-import { KubectlV28Layer } from '@aws-cdk/lambda-layer-kubectl-v28';
+import { KubectlV29Layer } from '@aws-cdk/lambda-layer-kubectl-v29';
 declare const vpc: ec2.Vpc;
 
 const mastersRole = new iam.Role(this, 'MastersRole', {
@@ -1024,8 +1024,8 @@ const mastersRole = new iam.Role(this, 'MastersRole', {
 
 const cluster = new eks.Cluster(this, 'EksCluster', {
   vpc,
-  version: eks.KubernetesVersion.V1_28,
-  kubectlLayer: new KubectlV28Layer(this, 'KubectlLayer'),
+  version: eks.KubernetesVersion.V1_29,
+  kubectlLayer: new KubectlV29Layer(this, 'KubectlLayer'),
   mastersRole,
 });
 
@@ -1309,7 +1309,7 @@ when a cluster is defined:
 
 ```ts
 new eks.Cluster(this, 'MyCluster', {
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   prune: false,
 });
 ```
@@ -1696,7 +1696,7 @@ property. For example:
 ```ts
 const cluster = new eks.Cluster(this, 'Cluster', {
   // ...
-  version: eks.KubernetesVersion.V1_28,
+  version: eks.KubernetesVersion.V1_29,
   clusterLogging: [
     eks.ClusterLoggingTypes.API,
     eks.ClusterLoggingTypes.AUTHENTICATOR,
diff --git a/packages/aws-cdk-lib/aws-eks/lib/cluster.ts b/packages/aws-cdk-lib/aws-eks/lib/cluster.ts
@@ -934,6 +934,15 @@ export class KubernetesVersion {
    */
   public static readonly V1_28 = KubernetesVersion.of('1.28');
 
+  /**
+   * Kubernetes version 1.29
+   *
+   * When creating a `Cluster` with this version, you need to also specify the
+   * `kubectlLayer` property with a `KubectlV29Layer` from
+   * `@aws-cdk/lambda-layer-kubectl-v29`.
+   */
+  public static readonly V1_29 = KubernetesVersion.of('1.29');
+
   /**
    * Custom cluster version
    * @param version custom version number
diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json
@@ -498,7 +498,7 @@
   },
   "jsiiRosetta": {
     "exampleDependencies": {
-      "@aws-cdk/lambda-layer-kubectl-v28": "^2.0.0",
+      "@aws-cdk/lambda-layer-kubectl-v29": "^2.0.0",
       "cdk8s-plus-25": "^2.7.0",
       "@aws-cdk/aws-kinesisfirehose-alpha": "*",
       "@aws-cdk/aws-kinesisfirehose-destinations-alpha": "*"
