Support for EKS nodes resource

[amukiza]

389 adding assertions for eks cluster nodes

AWS eks cluster does not have a way to retrieve and assert on the nodes (ec2 instances). I am thinking we can find the ec2 instances (eks nodes) using either name tag and can therefore reuse a lot of the Awspec::Type::Ec2 functionality.

Example 1

describe eks('my-eks') do 
  it { should be_running }
  ## Node assertions
  its(:nodes) { should belong_to_subnets(['my-subnet']) }
  its(:nodes) { should be_ready }
  its(:nodes) { should have_security_group('sg-abbu291') }
end

Example 2

describe eks_node('my-eks-node'), cluster: 'my-eks-cluster' do
  it { should be_ready }
  it { should have_security_group('sg-abbu291') }
  it { should belong_to_subnet(['my-subnet-0', 'my-subnet-1']) }
end

[k1LoW]

👀

[k1LoW]

@amukiza

I like Example 2, if you can. ( I can not find how to find nodes in sdk doc)

Because

• The relationship between eks and eks_node is similar to the relationship between ecs_cluster and ecs_container_instance

[IMO] And, I like eks_cluster more than eks, because eks_cluster is a clearer name.

[amukiza]

@k1LoW you are right. The relationship between an eks_cluster and its nodes is somewhat similar to ecs_cluster and ecs_container_instance only challenge is there is no equivalent of describe_container_instances on the eks client of aws-sdk.

My thinking was that we could use a combination of tags and security_groups e.t.c to filter/lookup ec2 instances that are associated to eks_cluster. This won't be the accurate but it gives one a complete way of making assertions about both the cluster and the nodes.

Alternatively, we could go for the option of using the ec2 module 🤔and not add the eks_cluster_node type.

[k1LoW]

This won't be the accurate but it gives one a complete way of making assertions about both the cluster and the nodes.

Looks GREAT !!!

Alternatively, we could go for the option of using the ec2 module 🤔and not add the eks_cluster_node type.

I think it is better to implement with a design that is easy for you to use. Because you are first user. 👍

[jpratt3000-globality]

is this going in anytime soon? been 2 years

[glasswalk3r]

I would like to pick up this one... is anybody else working on it?

[glasswalk3r]

I did some digging and maybe we don't need to rely on predefined labels because AWS already does that... well, at least for managed node groups. There are actually two types of EKS node groups and looks like the API (at least based on it's description) works only for managed node groups. It would be required to test if really works like that but I really don't have any cluster running that to verify, so any help on that would be great. So, for the managed node groups, we could list them and describe them for whatever data we might need. Finally, if the result of describe_nodegroup doesn't provide all the information required, then the logic described by @amukiza could be applied by using the provided tags in the result.

[glasswalk3r]

Alright, I just created a PR that implements those tests, but not exactly as suggested by @amukiza : we actually don't have :nodes implemented and I didn't see any need to do it in order to get those assertions. Please also make sure to review the Markdown documentation explanation about be_ready limitations.

[glasswalk3r]

@k1LoW , since you merged my PR, I think this issue can be closed as well.

[k1LoW]

👍