fix(eks): remove incomplete support for k8s v1.22 (#20000)

robertd · web-flow · commit d38a9e44af18 · 2022-04-21T22:44:22.000Z
Revert "feat(eks): add k8s v1.22 (#19756)" This commit reverts addition of the latest version of EKS (1.22) to CDK as there are some incompatibilities between the current lambda-layer-kubectl and v1.22 EKS cluster. Preferably we would have multiple versions fo kubectl lambda layer, but we are currently struggling with package size issues. kubectl is large, and our package is larger, and adding multiple kubectls to it will make it exceed size limits of package managers. So we can't do this right now, until we have invested significant engineering effort into lifting those limitations. In order to not break the backward compatibility with <=1.20 versions, it was decided to revert this addition PR until all the underlying issues around package size issues are resolved. cc @rix0rrr Close #19919 ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
diff --git a/allowed-breaking-changes.txt b/allowed-breaking-changes.txt
@@ -135,4 +135,7 @@ changed-type:@aws-cdk/aws-rds.SnapshotCredentials.secret
 removed:@aws-cdk/aws-lambda-event-sources.BaseStreamEventSourceProps.onFailure
 removed:@aws-cdk/aws-lambda-event-sources.KafkaEventSourceProps.onFailure
 removed:@aws-cdk/aws-lambda-event-sources.ManagedKafkaEventSourceProps.onFailure
-removed:@aws-cdk/aws-lambda-event-sources.SelfManagedKafkaEventSourceProps.onFailure
+removed:@aws-cdk/aws-lambda-event-sources.SelfManagedKafkaEventSourceProps.onFailure
+
+# removed kubernetes version from EKS
+removed:@aws-cdk/aws-eks.KubernetesVersion.V1_22
diff --git a/packages/@aws-cdk/aws-eks/README.md b/packages/@aws-cdk/aws-eks/README.md
@@ -50,7 +50,7 @@ This example defines an Amazon EKS cluster with the following configuration:
 ```ts
 // provisiong a cluster
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
 });
 
 // apply a kubernetes manifest to the cluster
@@ -143,15 +143,15 @@ Creating a new cluster is done using the `Cluster` or `FargateCluster` construct
 
 ```ts
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
 });
 ```
 
 You can also use `FargateCluster` to provision a cluster that uses only fargate workers.
 
 ```ts
 new eks.FargateCluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
 });
 ```
 
@@ -175,7 +175,7 @@ At cluster instantiation time, you can customize the number of instances and the
 
 ```ts
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   defaultCapacity: 5,
   defaultCapacityInstance: ec2.InstanceType.of(ec2.InstanceClass.M5, ec2.InstanceSize.SMALL),
 });
@@ -187,7 +187,7 @@ Additional customizations are available post instantiation. To apply them, set t
 
 ```ts
 const cluster = new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   defaultCapacity: 0,
 });
 
@@ -345,7 +345,7 @@ The following code defines an Amazon EKS cluster with a default Fargate Profile
 
 ```ts
 const cluster = new eks.FargateCluster(this, 'MyCluster', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
 });
 ```
 
@@ -422,7 +422,7 @@ You can also configure the cluster to use an auto-scaling group as the default c
 
 ```ts
 const cluster = new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   defaultCapacityType: eks.DefaultCapacityType.EC2,
 });
 ```
@@ -515,7 +515,7 @@ You can configure the [cluster endpoint access](https://docs.aws.amazon.com/eks/
 
 ```ts
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   endpointAccess: eks.EndpointAccess.PRIVATE, // No access outside of your VPC.
 });
 ```
@@ -537,7 +537,7 @@ To deploy the controller on your EKS cluster, configure the `albController` prop
 
 ```ts
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   albController: {
     version: eks.AlbControllerVersion.V2_4_1,
   },
@@ -577,7 +577,7 @@ You can specify the VPC of the cluster using the `vpc` and `vpcSubnets` properti
 declare const vpc: ec2.Vpc;
 
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   vpc,
   vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE }],
 });
@@ -624,7 +624,7 @@ You can configure the environment of the Cluster Handler functions by specifying
 ```ts
 declare const proxyInstanceSecurityGroup: ec2.SecurityGroup;
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   clusterHandlerEnvironment: {
     https_proxy: 'http://proxy.myproxy.com',
   },
@@ -662,7 +662,7 @@ You can configure the environment of this function by specifying it at cluster i
 
 ```ts
 const cluster = new eks.Cluster(this, 'hello-eks', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   kubectlEnvironment: {
     'http_proxy': 'http://proxy.myproxy.com',
   },
@@ -706,7 +706,7 @@ const cluster1 = new eks.Cluster(this, 'MyCluster', {
   kubectlLayer: layer,
   vpc,
   clusterName: 'cluster-name',
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
 });
 
 // or
@@ -724,7 +724,7 @@ By default, the kubectl provider is configured with 1024MiB of memory. You can u
 ```ts
 new eks.Cluster(this, 'MyCluster', {
   kubectlMemory: Size.gibibytes(4),
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
 });
 
 // or
@@ -763,7 +763,7 @@ When you create a cluster, you can specify a `mastersRole`. The `Cluster` constr
 ```ts
 declare const role: iam.Role;
 new eks.Cluster(this, 'HelloEKS', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   mastersRole: role,
 });
 ```
@@ -791,7 +791,7 @@ You can use the `secretsEncryptionKey` to configure which key the cluster will u
 const secretsKey = new kms.Key(this, 'SecretsKey');
 const cluster = new eks.Cluster(this, 'MyCluster', {
   secretsEncryptionKey: secretsKey,
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
 });
 ```
 
@@ -801,7 +801,7 @@ You can also use a similar configuration for running a cluster built using the F
 const secretsKey = new kms.Key(this, 'SecretsKey');
 const cluster = new eks.FargateCluster(this, 'MyFargateCluster', {
   secretsEncryptionKey: secretsKey,
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
 });
 ```
 
@@ -1076,7 +1076,7 @@ when a cluster is defined:
 
 ```ts
 new eks.Cluster(this, 'MyCluster', {
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   prune: false,
 });
 ```
@@ -1431,7 +1431,7 @@ property. For example:
 ```ts
 const cluster = new eks.Cluster(this, 'Cluster', {
   // ...
-  version: eks.KubernetesVersion.V1_22,
+  version: eks.KubernetesVersion.V1_21,
   clusterLogging: [
     eks.ClusterLoggingTypes.API,
     eks.ClusterLoggingTypes.AUTHENTICATOR,
diff --git a/packages/@aws-cdk/aws-eks/lib/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster.ts
@@ -796,7 +796,6 @@ export class KubernetesVersion {
 
   /**
    * Kubernetes version 1.18
-   * @deprecated Use newer version of EKS
    */
   public static readonly V1_18 = KubernetesVersion.of('1.18');
 
@@ -815,11 +814,6 @@ export class KubernetesVersion {
    */
   public static readonly V1_21 = KubernetesVersion.of('1.21');
 
-  /**
-   * Kubernetes version 1.22
-   */
-  public static readonly V1_22 = KubernetesVersion.of('1.22');
-
   /**
    * Custom cluster version
    * @param version custom version number
diff --git a/packages/@aws-cdk/aws-eks/test/cluster.test.ts b/packages/@aws-cdk/aws-eks/test/cluster.test.ts
@@ -17,7 +17,7 @@ import { testFixture, testFixtureNoVpc } from './util';
 
 /* eslint-disable max-len */
 
-const CLUSTER_VERSION = eks.KubernetesVersion.V1_22;
+const CLUSTER_VERSION = eks.KubernetesVersion.V1_21;
 
 describe('cluster', () => {
 
@@ -135,9 +135,9 @@ describe('cluster', () => {
     test('throws if selecting more than one subnet group', () => {
       expect(() => new eks.Cluster(stack, 'Cluster', {
         vpc: vpc,
-        vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }, { subnetType: ec2.SubnetType.PRIVATE_WITH_NAT }],
+        vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }, { subnetType: ec2.SubnetType.PRIVATE }],
         defaultCapacity: 0,
-        version: CLUSTER_VERSION,
+        version: eks.KubernetesVersion.V1_21,
       })).toThrow(/cannot select multiple subnet groups/);
 
 
@@ -149,7 +149,7 @@ describe('cluster', () => {
         vpc: vpc,
         vpcSubnets: [{ subnetType: ec2.SubnetType.PUBLIC }],
         defaultCapacity: 0,
-        version: CLUSTER_VERSION,
+        version: eks.KubernetesVersion.V1_21,
       });
 
       // THEN
@@ -697,7 +697,7 @@ describe('cluster', () => {
     Template.fromStack(stack).hasResourceProperties('Custom::AWSCDK-EKS-Cluster', {
       Config: {
         roleArn: { 'Fn::GetAtt': ['ClusterRoleFA261979', 'Arn'] },
-        version: '1.22',
+        version: '1.21',
         resourcesVpcConfig: {
           securityGroupIds: [{ 'Fn::GetAtt': ['ClusterControlPlaneSecurityGroupD274242C', 'GroupId'] }],
           subnetIds: [
@@ -1657,7 +1657,7 @@ describe('cluster', () => {
       const { app, stack } = testFixtureNoVpc();
 
       // WHEN
-      new eks.EksOptimizedImage({ kubernetesVersion: '1.22' }).getImage(stack);
+      new eks.EksOptimizedImage({ kubernetesVersion: '1.21' }).getImage(stack);
 
       // THEN
       const assembly = app.synth();
@@ -1668,7 +1668,7 @@ describe('cluster', () => {
       )).toEqual(true);
       expect(Object.entries(parameters).some(
         ([k, v]) => k.startsWith('SsmParameterValueawsserviceeksoptimizedami') &&
-          (v as any).Default.includes('/1.22/'),
+          (v as any).Default.includes('/1.21/'),
       )).toEqual(true);
 
     });
@@ -1806,7 +1806,7 @@ describe('cluster', () => {
       const { app, stack } = testFixtureNoVpc();
 
       // WHEN
-      new BottleRocketImage({ kubernetesVersion: '1.22' }).getImage(stack);
+      new BottleRocketImage({ kubernetesVersion: '1.21' }).getImage(stack);
 
       // THEN
       const assembly = app.synth();
@@ -1817,7 +1817,7 @@ describe('cluster', () => {
       )).toEqual(true);
       expect(Object.entries(parameters).some(
         ([k, v]) => k.startsWith('SsmParameterValueawsservicebottlerocketaws') &&
-          (v as any).Default.includes('/aws-k8s-1.22/'),
+          (v as any).Default.includes('/aws-k8s-1.21/'),
       )).toEqual(true);
 
     });
@@ -1838,7 +1838,7 @@ describe('cluster', () => {
         Config: {
           name: 'my-cluster-name',
           roleArn: { 'Fn::GetAtt': ['MyClusterRoleBA20FE72', 'Arn'] },
-          version: '1.22',
+          version: '1.21',
           resourcesVpcConfig: {
             securityGroupIds: [
               { 'Fn::GetAtt': ['MyClusterControlPlaneSecurityGroup6B658F79', 'GroupId'] },
@@ -2789,7 +2789,7 @@ describe('cluster', () => {
         natGateways: 1,
         subnetConfiguration: [
           {
-            subnetType: ec2.SubnetType.PRIVATE_WITH_NAT,
+            subnetType: ec2.SubnetType.PRIVATE,
             name: 'Private1',
           },
           {
@@ -2848,7 +2848,7 @@ describe('cluster', () => {
 
       for (let i = 0; i < 20; i++) {
         subnetConfiguration.push({
-          subnetType: ec2.SubnetType.PRIVATE_WITH_NAT,
+          subnetType: ec2.SubnetType.PRIVATE,
           name: `Private${i}`,
         },
         );
@@ -2897,7 +2897,7 @@ describe('cluster', () => {
 
       for (let i = 0; i < 20; i++) {
         subnetConfiguration.push({
-          subnetType: ec2.SubnetType.PRIVATE_WITH_NAT,
+          subnetType: ec2.SubnetType.PRIVATE,
           name: `Private${i}`,
         },
         );
diff --git a/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json b/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json
@@ -753,7 +753,7 @@
      ]
     },
     "Config": {
-     "version": "1.22",
+     "version": "1.21",
      "roleArn": {
       "Fn::GetAtt": [
        "ClusterRoleFA261979",
@@ -1437,7 +1437,7 @@
    "Type": "AWS::AutoScaling::LaunchConfiguration",
    "Properties": {
     "ImageId": {
-     "Ref": "SsmParameterValueawsserviceeksoptimizedami122amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
+     "Ref": "SsmParameterValueawsserviceeksoptimizedami121amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
     },
     "InstanceType": "t2.medium",
     "IamInstanceProfile": {
@@ -1749,7 +1749,7 @@
    "Type": "AWS::AutoScaling::LaunchConfiguration",
    "Properties": {
     "ImageId": {
-     "Ref": "SsmParameterValueawsserviceeksoptimizedami122amazonlinux2arm64recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
+     "Ref": "SsmParameterValueawsserviceeksoptimizedami121amazonlinux2arm64recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
     },
     "InstanceType": "m6g.medium",
     "IamInstanceProfile": {
@@ -2061,7 +2061,7 @@
    "Type": "AWS::AutoScaling::LaunchConfiguration",
    "Properties": {
     "ImageId": {
-     "Ref": "SsmParameterValueawsservicebottlerocketawsk8s122x8664latestimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
+     "Ref": "SsmParameterValueawsservicebottlerocketawsk8s121x8664latestimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
     },
     "InstanceType": "t3.small",
     "IamInstanceProfile": {
@@ -2373,7 +2373,7 @@
    "Type": "AWS::AutoScaling::LaunchConfiguration",
    "Properties": {
     "ImageId": {
-     "Ref": "SsmParameterValueawsserviceeksoptimizedami122amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
+     "Ref": "SsmParameterValueawsserviceeksoptimizedami121amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
     },
     "InstanceType": "t3.large",
     "IamInstanceProfile": {
@@ -3351,7 +3351,7 @@
    "Properties": {
     "LaunchTemplateData": {
      "ImageId": {
-      "Ref": "SsmParameterValueawsserviceeksoptimizedami122amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
+      "Ref": "SsmParameterValueawsserviceeksoptimizedami121amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
      },
      "InstanceType": "t3.small",
      "UserData": {
@@ -3796,17 +3796,17 @@
    "Type": "String",
    "Description": "Artifact hash for asset \"bff088c569c330c279e54fe0e98fc4226648b5b86454bb2ad9491b2ca6befdd2\""
   },
-  "SsmParameterValueawsserviceeksoptimizedami122amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": {
+  "SsmParameterValueawsserviceeksoptimizedami121amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": {
    "Type": "AWS::SSM::Parameter::Value<String>",
-   "Default": "/aws/service/eks/optimized-ami/1.22/amazon-linux-2/recommended/image_id"
+   "Default": "/aws/service/eks/optimized-ami/1.21/amazon-linux-2/recommended/image_id"
   },
-  "SsmParameterValueawsserviceeksoptimizedami122amazonlinux2arm64recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": {
+  "SsmParameterValueawsserviceeksoptimizedami121amazonlinux2arm64recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": {
    "Type": "AWS::SSM::Parameter::Value<String>",
-   "Default": "/aws/service/eks/optimized-ami/1.22/amazon-linux-2-arm64/recommended/image_id"
+   "Default": "/aws/service/eks/optimized-ami/1.21/amazon-linux-2-arm64/recommended/image_id"
   },
-  "SsmParameterValueawsservicebottlerocketawsk8s122x8664latestimageidC96584B6F00A464EAD1953AFF4B05118Parameter": {
+  "SsmParameterValueawsservicebottlerocketawsk8s121x8664latestimageidC96584B6F00A464EAD1953AFF4B05118Parameter": {
    "Type": "AWS::SSM::Parameter::Value<String>",
-   "Default": "/aws/service/bottlerocket/aws-k8s-1.22/x86_64/latest/image_id"
+   "Default": "/aws/service/bottlerocket/aws-k8s-1.21/x86_64/latest/image_id"
   }
  }
 }
diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json
diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.ts b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.ts
