Is it possible to create a Cloudfromation template to deploy to AWS EKS?

Question

I mean, I have an application which is already dockerized, can I provide a cloudformation template to deploy it on the EKS cluster of my client?

Answer 1

You can use AWS Quick start extensions to deploy payload to EKS:

-AWSQS::Kubernetes::Resource

-AWSQS::Kubernetes::Helm

Before you can use new types, activate them in helper template

EKSHelmExtension:
  Type: AWS::CloudFormation::TypeActivation
  Properties: 
    AutoUpdate: false
    ExecutionRoleArn: !GetAtt DeployClusterRole.Arn
    PublicTypeArn: !Sub "arn:aws:cloudformation:${AWS::Region}::type/resource/408988dff9e863704bcc72e7e13f8d645cee8311/AWSQS-Kubernetes-Helm"

EKSResourceExtension:
  Type: AWS::CloudFormation::TypeActivation
  Properties: 
    AutoUpdate: false
    ExecutionRoleArn: !GetAtt DeployClusterRole.Arn
    PublicTypeArn: !Sub "arn:aws:cloudformation:${AWS::Region}::type/resource/408988dff9e863704bcc72e7e13f8d645cee8311/AWSQS-Kubernetes-Resource"

Then, in main template use new types as follows:

Resources:
 ExampleCm:
   Type: "AWSQS::Kubernetes::Resource"
   Properties:
     ClusterName: my-eks-cluster-name
     Namespace: default
     Manifest: | 
       apiVersion: v1
       kind: ConfigMap
       metadata:
         name: example-cm
       data:
         example_key: example_value

Helm:

Resources:
  KubeStateMetrics:
    Type: "AWSQS::Kubernetes::Helm"
    Properties:
      ClusterID: my-cluster-name
      Name: kube-state-metrics
      Namespace: kube-state-metrics
      Repository: https://prometheus-community.github.io/helm-charts
      Chart: prometheus-community/kube-state-metrics
      ValueYaml: |
        prometheus:
          monitor:
            enabled: true

Answer 2

Deploy an Amazon EKS cluster by using the Modular and Scalable Amazon EKS Architecture Quick Start. After the Amazon EKS cluster is deployed, on the Outputs tab, note the following outputs.

• HelmLambdaArn
• KubeClusterName
• KubeConfigPath
• KubeGetLambdaArn

The template below installs the WordPress Helm chart the same as if you logged in to the Kubernetes cluster and ran the following command.

helm install stable/wordpress

The following section of the template shows how Helm is used to deploy WordPress. It also creates a load balancer host name, so that you can access the WordPress site.

Resources:
  HelmExample:
    Type: "Custom::Helm"
    Version: '1.0'
    Description: 'This deploys the Helm Chart to deploy wordpress in to the EKS Cluster.'
    Properties:
      ServiceToken: !Ref HelmLambdaArn
      KubeConfigPath: !Ref KubeConfigPath
      KubeConfigKmsContext: !Ref KubeConfigKmsContext
      KubeClusterName: !Ref KubeClusterName
      Namespace: !Ref Namespace
      Chart: stable/wordpress
      Name: !Ref Name
      Values:
        wordpressUsername: !Ref wordpressUsername
        wordpressPassword: !Ref wordpressPassword
  WPElbHostName:
    DependsOn: HelmExample
    Type: "Custom::KubeGet"
    Version: '1.0'
    Properties:
     ServiceToken: !Ref KubeGetLambdaArn
     KubeConfigPath: !Ref KubeConfigPath
     KubeConfigKmsContext: !Ref KubeConfigKmsContext
     Namespace: !Ref Namespace
     Name: !Sub 'service/${Name}-wordpress'
     JsonPath: '{.status.loadBalancer.ingress[0].hostname}'

Modify the helm chart to fit your application and modify the cloudformation template with the values you got from the output previously. These are the parameters you will have to fill in when deploying the cloudformation template:

• HelmLambdaArn
• KubeClusterName
• KubeConfigPath
• KubeGetLambdaArn
• Namespace
• Name

Answer 3

You can use cdk8s.io. Here's some examples: https://github.com/awslabs/cdk8s/tree/master/examples

Answer 4

I am using Cloudformation for some time, however I did never use it for deploying Kubernetes artifacts (and I've never heard of anybody else so far). I think there is a way to do so (see AWS Blog) but even this solution seems to be based on Helm.

I would definitely recommend to use Helm charts for your use case. Helm charts are straight forward and easy to use, especially if you already know the Kubernetes objects you want to deploy.