Merge branch 'main' of https://github.com/ajpaws/cdk-eks-blueprints-p…

…atterns

.devcontainer/devcontainer.json

@@ -0,0 +1,19 @@
+{
+  "image": "mcr.microsoft.com/vscode/devcontainers/base:ubuntu",
+  "features": {
+    "ghcr.io/devcontainers/features/node:1": {},
+    "ghcr.io/devcontainers/features/aws-cli:1": {},
+    "ghcr.io/devcontainers-contrib/features/aws-cdk:2": {
+      "version": "2.133.0"
+    }
+  },
+  "postCreateCommand": ".devcontainer/postCreateCommand.sh",
+  "workspaceFolder": "/home/vscode/cdk-eks-blueprints-patterns",
+  "workspaceMount": "source=${localWorkspaceFolder},target=/home/vscode/cdk-eks-blueprints-patterns,type=bind",
+  "hostRequirements": {
+    "cpus": 2
+  },
+  "remoteEnv": {
+    "PATH": "${containerEnv:PATH}:/home/vscode/cdk-eks-blueprints-patterns"
+  }
+}

.devcontainer/postCreateCommand.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+# For Kubectl AMD64 / x86_64
+[ $(uname -m) = x86_64 ] && curl -sLO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
+# For Kubectl ARM64
+[ $(uname -m) = aarch64 ] && curl -sLO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/arm64/kubectl"
+chmod +x ./kubectl
+sudo mv ./kubectl /usr/local/bin/kubectl
+
+# For Helm
+curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
+chmod 700 get_helm.sh
+echo "Installing 'helm' utility ..."
+./get_helm.sh
+rm -rf get_helm.sh
+
+# setup autocomplete for kubectl and alias k
+mkdir $HOME/.kube
+echo "source <(kubectl completion bash)" >> $HOME/.bashrc
+echo "alias k=kubectl" >> $HOME/.bashrc
+echo "complete -F __start_kubectl k" >> $HOME/.bashrc

.gitignore

@@ -25,4 +25,6 @@ site
 .DS_STORE
 
 # Python virtual env directory
-*.venv*
+*.venv*
+
+*otel-collector-config-new.yml

README.md

@@ -20,6 +20,12 @@ Before proceeding, make sure [AWS CLI](https://docs.aws.amazon.com/cli/latest/us
 
 To use the eks-blueprints and patterns module, you must have [Node.js](https://nodejs.org/en/) and [npm](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm) installed. You will also use `make` and `brew` to simplify build and other common actions.
 
+## Workstation Setup Options
+
+### DevContainer Setup
+
+Users can choose this option, if you dont want to run this solution on a mac or ubuntu machine. Please use the dev container configuration in the `.devcontainer` folder with [devpod](devpod.sh) or any other dev container environment to create a development environment with dependencies such as Node, NPM, aws-cli, aws-cdk, kubectl, helm dependencies for your local development with `cdk-eks-blueprints-patterns` solution. 
+
 ### RHEL Setup
 
 Follow the below steps to setup and leverage `eks-blueprints` and `eks-blueprints-patterns` in your Amazon Linux/CentOS/RHEL Linux machine.
@@ -242,6 +248,7 @@ Patterns:
         konveyor
         kubecost
         kubeflow
+        kubeshark
         multi-region
         multi-team
         newrelic

bin/kubeshark.ts

@@ -0,0 +1,6 @@
+import KubesharkConstruct from '../lib/kubeshark-construct';
+import { configureApp } from '../lib/common/construct-utils';
+
+const app = configureApp();
+
+new KubesharkConstruct(app, 'kubeshark');

bin/multi-cluster-conformitron.ts

@@ -0,0 +1,13 @@
+import { configureApp, errorHandler } from '../lib/common/construct-utils';
+import { PipelineMultiCluster } from '../lib/multi-cluster-construct/pipeline';
+
+
+const app = configureApp();
+
+//-------------------------------------------
+// Multiple clusters, multiple regions.
+//-------------------------------------------
+
+new PipelineMultiCluster().buildAsync(app).catch((error) => {
+    errorHandler(app, "Multi cluster pattern is not setup. It may be due to missing secrets: ", error);
+});

cdk.json

@@ -1,3 +1,32 @@
 {
-  "app": "npx ts-node dist/lib/common/default-main.js"
+    "app": "npx ts-node dist/lib/common/default-main.js",
+    "context": {
+        "conformitron.amp.endpoint": "https://aps-workspaces.us-east-1.amazonaws.com/workspaces/ws-77b8828d-0985-49e0-9268-2e0e8f3ba758/",
+        "conformitron.amp.arn":"arn:aws:aps:us-east-1:975050283200:workspace/ws-77b8828d-0985-49e0-9268-2e0e8f3ba758",
+        "conformitron.amg.endpoint": "https://g-75bcfc519c.grafana-workspace.us-east-1.amazonaws.com",
+        "conformitron.version": ["1.28","1.29","1.30"],
+        "fluxRepository": {
+        "name": "grafana-dashboards",
+        "namespace": "grafana-operator",
+        "repository": {
+          "repoUrl": "https://github.com/aws-observability/aws-observability-accelerator",
+          "name": "grafana-dashboards",
+          "targetRevision": "main",
+          "path": "./artifacts/grafana-operator-manifests/eks/infrastructure"
+        },
+        "values": {
+          "GRAFANA_CLUSTER_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/infrastructure/cluster.json",
+          "GRAFANA_KUBELET_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/infrastructure/kubelet.json",
+          "GRAFANA_NSWRKLDS_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/infrastructure/namespace-workloads.json",
+          "GRAFANA_NODEEXP_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/infrastructure/nodeexporter-nodes.json",
+          "GRAFANA_NODES_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/infrastructure/nodes.json",
+          "GRAFANA_WORKLOADS_DASH_URL" : "https://raw.githubusercontent.com/aws-observability/aws-observability-accelerator/main/artifacts/grafana-dashboards/eks/infrastructure/workloads.json"
+        },
+        "kustomizations": [
+          {
+            "kustomizationPath": "./artifacts/grafana-operator-manifests/eks/infrastructure"
+          }
+        ]
+    }
+  }
 }

docs/patterns/instana.md

@@ -40,7 +40,7 @@ make deps
 
 
 ## Instana Agent Configuration
-Go to your Instana Backend application (Instana User Interface), click ... More > Agents > Installing Instana Agents and select 'Kubernetes' platform to get the Instana Agent Key, Instana Service Endpoint, Instana Service port. These steps are also described [here](https://www.ibm.com/docs/en/instana-observability/218?topic=instana-endpoints-keys) or in the screenshot below.
+Go to your Instana Backend application (Instana User Interface), click ... More > Agents > Installing Instana Agents and select 'Kubernetes' platform to get the Instana Agent Key, Instana Service Endpoint, Instana Service port. These steps are also described on the screenshot below.
 
 [Instana Agent Configuration](./images/instana-agent.png)
 

docs/patterns/kubeflow.md

@@ -70,7 +70,7 @@ kubectl port-forward svc/ml-pipeline-ui 9000:80 -n =kubeflow-pipelines
 
 ```
 and open this browser: http://localhost:9000/#/pipelines
-more pipeline examples can be found at https://www.kubeflow.org/docs/components/pipelines/
+more pipeline examples can be found at https://www.kubeflow.org/docs/components/pipelines/legacy-v1/tutorials/
 
 
 ## Cleanup

docs/patterns/kubeshark.md

@@ -0,0 +1,130 @@
+# Kubeshark AddOn
+
+[kubeshark](https://github.com/kubeshark/kubeshark)  is an API Traffic Analyzer for Kubernetes providing real-time, protocol-level visibility into Kubernetes’ internal network, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters.
+
+
+This pattern deploys the following resources:
+- Creates EKS Cluster Control plane with managed nodegroup
+- Install and set up kubeshark
+
+## Prerequisites:
+
+Ensure that you have installed the following tools on your machine.
+
+1. [aws cli](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html)
+2. [kubectl](https://Kubernetes.io/docs/tasks/tools/)
+3. [cdk](https://docs.aws.amazon.com/cdk/v2/guide/getting_started.html#getting_started_install)
+4. [npm](https://docs.npmjs.com/cli/v8/commands/npm-install)
+
+## Project Setup
+1.) Clone the repository
+
+```sh
+git clone https://github.com/aws-samples/cdk-eks-blueprints-patterns.git
+```
+
+2.) Go inside project directory (eg. cdk-eks-blueprints-patterns)
+
+```sh
+cd cdk-eks-blueprints-patterns
+```
+
+3.) Install project dependencies.
+
+```sh
+make deps
+```
+
+4.) import kubeshark
+```
+npm i kubeshark
+```
+5.) To view patterns and deploy kubeshark pattern, run the below command.
+```
+make list
+cdk bootstrap
+make pattern kubeshark deploy
+```
+## Verify the resources
+
+Run update-kubeconfig command. You should be able to get the command from CDK output message. More information can be found at https://aws-quickstart.github.io/cdk-eks-blueprints/getting-started/#cluster-access
+```sh
+aws eks update-kubeconfig --name <your cluster name> --region <your region> --role-arn arn:aws:iam::xxxxxxxxx:role/eks-blue1-eksblue1AccessRole32C5DF05-1NBFCH8INI08A
+```
+
+1.) verify the resources created by Steps above.
+```sh
+$ kubectl get deployments -n kube-system
+
+NAME                                                          READY   UP-TO-DATE   AVAILABLE   AGE
+blueprints-addon-kubeshark                               1/1     1            1           20m
+```
+
+
+2.) Access to kubeshark.
+
+```sh
+$ kubectl -n kube-system port-forward svc/kubeshark-front 3000:80
+```
+
+Open the [dashboard](http://localhost:3000)
+
+Then you should be able to see view like this
+![dashboard](https://raw.githubusercontent.com/kubeshark/assets/master/png/kubeshark-ui.png)
+
+
+3.) deploy nginx pod using the below command.
+```
+kubectl apply -f - <<EOF
+apiVersion: v1
+kind: Pod
+metadata:
+  name: nginx
+spec:
+  containers:
+  - name: nginx
+    image: nginx
+EOF
+```
+
+
+4.) Try to access "aws.com" to generate traffic flow using the below command.
+```
+kubectl exec nginx curl https://aws.com
+```
+
+
+5.) Access kubeshark using the below command.
+```
+kubectl -n kube-system port-forward svc/kubeshark-front 3000:80
+```
+
+
+6.) Run Kubeshark query to identify the traffic flow.
+```
+(src.pod.metadata.name == "nginx" or dst.pod.metadata name == "nginx") and request.questions[0].name == "aws.com" or (src.name == "nginx" and src.namespace == "default" and dst.name == "kube-dns" and dst.namespace == "kube-system")
+```
+As shown below, the Kubeshark query used to identify the traffic flowing from the pod "nginx" in the "default" namespace to "aws.com" and "coredns". The query is writen by [Kubeshark Filter Language (KFL)](https://docs.kubeshark.co/en/filtering#kfl-syntax-reference) is the language implemented inside kubeshark/worker that enables the user to filter the traffic efficiently and precisely.
+
+![query](https://github.com/zghanem0/kubeshark/blob/main/api.png?raw=true)
+
+Also you can visualize the traffic flow and bandwidth using service map feature as shown below.
+![Service Map](https://github.com/zghanem0/kubeshark/blob/main/map.png?raw=true)
+
+
+## Cleanup
+
+To clean up your EKS Blueprints, run the following commands:
+
+```sh
+make pattern kubeshark destroy 
+```
+
+## Disclaimer 
+This pattern relies on an open source NPM package [aws-eks-blueprint-addon](https://www.npmjs.com/package/kubeshark). Please refer to the package npm site for more information.
+```
+https://www.npmjs.com/package/kubeshark'
+```
+
+If you have any questions about the npm package or find any defect, please post in the source repo at:
+https://github.com/zghanem0/kubeshark/issues