search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.65k stars 3.91k forks source link

(eks): introduce option to not delete eks cluster, like removal policy #25544

Open peterwoodworth opened 1 year ago

peterwoodworth commented 1 year ago

Describe the feature

The Cluster resource is implemented with a custom resource, so Cfn RemovalPolicies cannot apply. We should provide an option to not delete the cluster when the custom resource gets deleted

Use Case

When I want to delete the stack but not my cluster

Proposed Solution

Introduce a prop on EKS Cluster L2, this prop then will be read in the custom resource handler on the delete event and decide whether to follow through with deletion or not.

Other Information

No response

Acknowledgements

CDK version used

latest

Environment details (OS name and version, etc.)

mac

pahud commented 1 year ago

@peterwoodworth

This is an interesting idea. The general purpose of delete protection is to protect the data from being removed when we destroy the stack. In EKS, if we keep the cluster with all the deployments, pods, services, helm charts and even nodegroups deleted, I didn't see too much value to retain an empty cluster. What is your primary intention not deleting the cluster?

peterwoodworth commented 1 year ago

@pahud this was created based off an internal ticket - we should follow up with them

paulocesarias commented 1 year ago

Hi, it was me who filed the internal ticket, thanks for looking into this.

@pahud It would be ideal for the delete protection to protect the whole cluster infrastructure, so in case the stack is accidentally deleted, at least the cluster should require some manual action to be fully deleted.

pahud commented 1 year ago

@paulocesarias It makes perfect sense to me and I appreciate your ideas. We probably need to define what the "whole cluster infrastructure" includes before we figure out how to move to the next step.

The cluster of aws-eks is essentially created by a cluster resource handler as custom resource in which the cluster resource handler calls the API rather than using AWS::EKS::Cluster resoruce.

As custom resource does have removalPolicy I think it's possible to "protect" this custom resource from being deleted by exposing a prop like:

new eks.Cluster(scope, id ,{
   ...,
   removalPolicy: RemovalPolicy.RETAIN,
});

However, there are a lot of k8s resources running in this cluster and having this property configured as RETAIN means we will retain all k8s resources on it whenever possible even when the stack is destroyed. This sounds crazy but practical when we really need to protect the whole cluster and data. I would expect community PRs to help this idea move forward. Any further thoughts here are welcome and appreciated.

paulocesarias commented 1 year ago

@pahud, this is exactly what I would expect from this. Also, I am assuming that deleting the cluster directly from the AWS EKS console, or just aws eks delete-cluster --name my-cluster would delete all of the protected infrastructure when it is required. Thanks again for answering and addressing this, we will be following up on updates related to this.