search

awslabs / crossplane-on-eks

Crossplane bespoke composition blueprints for AWS resources
Apache License 2.0
307 stars 109 forks source link

[FEATURE] Upbound Provider EKS composition #164

Open tomikonio opened 5 months ago

tomikonio commented 5 months ago

Is your feature request related to a problem? Please describe

There is no EKS composition for the upbound AWS provider, only for the contrib one

Describe the solution you'd like

Create an EKS composition for the upbound provider

Describe alternatives you've considered

Each of us can create our own composition, but it would be beneficial for us all to have an "official" one that adheres to AWS best practices and will be actively maintained

ytsarev commented 5 months ago

@tomikonio please check https://github.com/upbound/configuration-aws-eks/ , which is used as a part of a larger https://github.com/upbound/platform-ref-aws/

tomikonio commented 5 months ago

@ytsarev Thanks. Sadly it is not a ready solution as of now - there are some lacking resources in the Xnetwork configuration - i.e. private subnets using a route table that is used for the public ones (0.0.0.0/0 -> igw), no natgw.

ytsarev commented 5 months ago

Totally, that's why we name it as basic Composition in https://github.com/upbound/configuration-aws-network and leave room for more complex XNetwork implementation depending on specific infrastructure needs.

shay-berman commented 5 months ago

@ytsarev few questions:

  1. is there any upbound hub for shared compositions?
  2. about terminology, why all the component usually set name with X at the beginning? any guideline for name conversion? what X stand for?
  3. Setting up EKS composition, would you recommend to add inside the composition also the create of the relevant roles? of roles better to be define in different composition? (because sometime a company allow admin persona to create the cluster and vpn but other person to configure the permissions. Do you have 2 cent on that?
  4. Is there any composition linter tool?
ytsarev commented 5 months ago

Hey @shay-berman , great questions :)

  1. Yes, we publish Crossplane Configurations to https://marketplace.upbound.io/ and it would be great to see crossplane-on-eks Configurations there btw :)
  2. X stands for Composite Resource, meaning that it is cluster-scoped in contrast to namespace-scoped Claim that is usually named without X, like XDatabase(XR) vs Database(Claim), for end-user consumption. It is a soft naming convention and not enforced by the code.
  3. It depends on your organization's requirements, if you need to create a separate abstraction for role management, I would definitely create a separate XR/Composition for it.
  4. crossplane validate is coming in the next release https://github.com/crossplane/crossplane/issues/5162