search

aws-quickstart / cdk-eks-blueprints

AWS Quick Start Team
Apache License 2.0
461 stars 206 forks source link

VPC: serviceIpv4Cidr not being honored when deploying new cluster #673

Closed nmonasterio closed 1 year ago

nmonasterio commented 1 year ago

Describe the bug

When deploying a new cluster and specifying a CIDR block for the new EKS cluster, the VPC defaults to a 10.0.0.0/16 range instead of the specific one.

Expected Behavior

The specified CIDR block should be used for the new VPC.

Current Behavior

The cluster was created correctly, but the VPC has a CIDR block of 10.0.0.0/16. (The cluster, however, has the correct service IPv4 range.)

Reproduction Steps

Set up a cluster add-ons definition like so, for example:


const addOns: Array<blueprints.ClusterAddOn> = [
      new blueprints.addons.MetricsServerAddOn(),
      new blueprints.addons.ClusterAutoScalerAddOn(),
      new blueprints.addons.AwsLoadBalancerControllerAddOn(),
      new blueprints.addons.VpcCniAddOn(),
      new blueprints.addons.CoreDnsAddOn(),
      new blueprints.addons.KubeProxyAddOn(),
      new blueprints.addons.EbsCsiDriverAddOn(),
      new blueprints.addons.EfsCsiDriverAddOn(),
      new blueprints.addons.CertManagerAddOn(),
      new blueprints.addons.AdotCollectorAddOn()
    ];

    const clusterProps: MngClusterProviderProps = {
      version: KubernetesVersion.V1_26,
      clusterName: 'foo',
      forceUpdate: true,
      nodegroupName: 'foo-ng'
      serviceIpv4Cidr: '10.2.0.0/16' // <----- THIS
    };

    const clusterProvider = new MngClusterProvider(clusterProps);

    console.log(`Deploying to cluster using CIDR block ${clusterProvider.props.serviceIpv4Cidr}`);

    blueprints.EksBlueprint.builder()
      .account(props?.env?.account)
      .region(props?.env?.region)
      .clusterProvider(clusterProvider)
      .addOns(...addOns)
      .useDefaultSecretEncryption(false)
      .build(this, `${id}-stack`);
  }

  Then deploy that cluster.

### Possible Solution

_No response_

### Additional Information/Context

_No response_

### CDK CLI Version

2.77.0 (build 06a0b19)

### EKS Blueprints Version

1.7.2

### Node.js Version

v16.13.2

### Environment details (OS name and version, etc.)

Mac 10.15.7

### Other information

_No response_
elamaran11 commented 1 year ago

@nmonasterio We should add support for passing custom VPC range to VpcProvider which is not there today to support your custom VPC range need. You are passing service IP range and it works right by design to create services in that range. It will be a design change to support this request. This is not a bug. We can work on this change for this release or next release.

elamaran11 commented 1 year ago

Please follow the PR #681 for an enhancement to support custom VPC CIDR.

nmonasterio commented 1 year ago

Thank you @elamaran11! Makes perfect sense. Looking forward to seeing this in action soon.

elamaran11 commented 1 year ago

@nmonasterio The PR is merged. Please reachout if you have any issues.