{"id":14975819,"url":"https://github.com/superluminar-io/super-eks","last_synced_at":"2025-10-23T02:36:39.931Z","repository":{"id":37924292,"uuid":"312251642","full_name":"superluminar-io/super-eks","owner":"superluminar-io","description":"super-eks is a CDK construct that provides a preconfigured EKS installation with batteries included.","archived":false,"fork":false,"pushed_at":"2023-03-07T13:59:00.000Z","size":13191,"stargazers_count":44,"open_issues_count":14,"forks_count":4,"subscribers_count":9,"default_branch":"main","last_synced_at":"2024-09-28T21:01:32.405Z","etag":null,"topics":["aws","cdk","k8s","kubernetes"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/superluminar-io.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-11-12T11:08:10.000Z","updated_at":"2023-11-30T16:46:03.000Z","dependencies_parsed_at":"2024-09-23T18:04:52.749Z","dependency_job_id":"bd99bcc5-4d17-43e8-b6d0-e506220c0250","html_url":"https://github.com/superluminar-io/super-eks","commit_stats":{"total_commits":131,"total_committers":11,"mean_commits":"11.909090909090908","dds":0.7022900763358779,"last_synced_commit":"a79464f41e4e3ef03618f477c74e64a7e90ea13f"},"previous_names":[],"tags_count":31,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/superluminar-io%2Fsuper-eks","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/superluminar-io%2Fsuper-eks/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/superluminar-io%2Fsuper-eks/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/superluminar-io%2Fsuper-eks/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/superluminar-io","download_url":"https://codeload.github.com/superluminar-io/super-eks/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":219861084,"owners_count":16556007,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cdk","k8s","kubernetes"],"created_at":"2024-09-24T13:52:42.707Z","updated_at":"2025-10-23T02:36:39.844Z","avatar_url":"https://github.com/superluminar-io.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# :no_entry_sign: This project is now archived and exists only for reference :no_entry_sign:\n\nTry https://github.com/aws-quickstart/cdk-eks-blueprints instead!\n\n## :superhero_woman: super-eks\n\n\u003e :warning: **This branch is using cdk v2**: If you are looking for the old cdk v1 version go [here](https://github.com/superluminar-io/super-eks/tree/cdk-v1)\n\n**super-eks** is a [CDK](\u003c(github.com/aws-cdk/cdk)\u003e) construct that provides a preconfigured [EKS](https://aws.amazon.com/eks/) installation with batteries included.\nEven when using best practices for your EKS cluster, picking the right setup can be overwhelming.\n**super-eks** solves this problem by making a few choices for you as outlined below.\n\n## :sparkles: Features\n\n- :white_check_mark: DNS management with [external-dns](https://github.com/kubernetes-sigs/external-dns)\n- :white_check_mark: Forwarding logs to CloudWatch Logs with [fluent-bit](https://github.com/aws/aws-for-fluent-bit)\n- :white_check_mark: Ingress management with the [AWS Load Balancer Controller](https://github.com/kubernetes-sigs/aws-load-balancer-controller)\n- :white_check_mark: Isolated node groups, one for the shipped components, the other one for your workloads\n- :white_check_mark: Hardened node setup, deny nodes altering the VPC setup.\n- :white_check_mark: Default to [managed cluster add-ons](https://docs.aws.amazon.com/eks/latest/userguide/update-cluster.html#update-cluster-add-ons) where possible.\n- :white_check_mark: Setup [kubernetes-external-secrets](https://github.com/external-secrets/kubernetes-external-secrets) to integrate AWS Secrets Manager\n\n## :world_map: Roadmap\n\n- :hammer_and_wrench: Monitoring with Prometheus and CloudWatch [#21](/../../issues/21)\n- :hammer_and_wrench: Backup solution for cluster recovery [#386](/../../issues/386)\n- :hammer_and_wrench: Authentication/authorization for workloads with Amazon Cognito [#383](/../../issues/383)\n- :hammer_and_wrench: Autoscaling for pods [#385](/../../issues/385)\n- :hammer_and_wrench: Autoscaling for cluster [#382](/../../issues/385)\n- :hammer_and_wrench: CDK v2 support [#387](/../../issues/387)\n\n## :clapper: Quick Start\n\nThe quick start shows you how to setup a **super-eks** cluster.\n\n### Prerequisites\n\n- A working [`aws`](https://aws.amazon.com/cli/) CLI installation with access to an account and administrator privileges\n- You'll need a recent [NodeJS](https://nodejs.org) installation\n- [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) to interact with your fresh cluster\n- An editor of your choice\n- Roughly 30 minutes of your time and a :coffee:, :tea: or :beverage_box:\n\nTo get going you'll need a CDK project. For details please refer to the [detailed guide for CDK](https://docs.aws.amazon.com/cdk/latest/guide/hello_world.html).\n\nCreate an empty directory on your system.\n\n```bash\nmkdir super-eks-setup \u0026\u0026 cd super-eks-setup\n```\n\nBootstrap your CDK project, we will use TypeScript, but you can switch to any other supported language.\n\n```bash\nnpx cdk init sample-app --language typescript\nnpx cdk bootstrap # Has to be done once for your AWS account\n```\n\nNow install the **super-eks** library.\n\n```bash\nnpm i @superluminar-io/super-eks\n```\n\nYou need to provide a Route53 [Hosted zone](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-route53.HostedZone.html) and **super-eks** will take care of the rest.\n\n```bash\nnpm i @aws-cdk/aws-route53\n```\n\nPaste the snippet into `lib/super-eks-setup-stack.ts`.\n\n```typescript\nimport * as cdk from \"@aws-cdk/core\";\nimport { HostedZone } from \"@aws-cdk/aws-route53\";\nimport { SuperEks } from \"@superluminar-io/super-eks\";\n\nexport class SuperEksSetupStack extends cdk.Stack {\n  constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {\n    super(scope, id, props);\n\n    // Assumes you already have a Route53 zone in your account\n    const hostedZone = HostedZone.fromLookup(this, \"MyZone\", {\n      domainName: \"example.com\", // Your domain goes here\n    });\n\n    // Setup super-eks\n    const superEks = new SuperEks(this, \"hello-eks\", {\n      hostedZone: hostedZone,\n    });\n\n    // Add nginx installation for testing\n    superEks.cluster.addHelmChart(\"nginx\", {\n      createNamespace: true,\n      namespace: \"nginx\",\n      repository: \"https://charts.bitnami.com/bitnami\",\n      chart: \"nginx\",\n      release: \"nginx\",\n      version: \"8.5.2\",\n      values: {\n        ingress: {\n          enabled: true,\n          hostname: `nginx.${hostedZone.zoneName}`,\n          annotations: {\n            \"kubernetes.io/ingress.class\": \"alb\",\n            \"alb.ingress.kubernetes.io/scheme\": \"internet-facing\",\n            \"alb.ingress.kubernetes.io/target-type\": \"ip\",\n          },\n        },\n      },\n    });\n  }\n}\n```\n\nNow deploy the stack.\n\n```bash\nnpx cdk deploy\n```\n\nIf everything works, you should see some output.\n\n```bash\n ✅  IntegrationTestsStack\n\nOutputs:\nIntegrationTestsStack.EksClusterConfigCommandAEB22784 = aws eks update-kubeconfig --name EksCluster3394B24C-86f946f02a67416c80413e123d58b628 --region eu-central-1 --role-arn arn:aws:iam::123456789012:role/IntegrationTestsStack-EksClusterMastersRoleA746276-GNW143CGOXG7\nIntegrationTestsStack.EksClusterGetTokenCommand53BD6035 = aws eks get-token --cluster-name EksCluster3394B24C-86f946f02a67416c80413e123d58b628 --region eu-central-1 --role-arn arn:aws:iam::123456789012:role/IntegrationTestsStack-EksClusterMastersRoleA746276-GNW143CGOXG7\n\nStack ARN:\narn:aws:cloudformation:eu-central-1:123456789012:stack/IntegrationTestsStack/06273460-660e-11eb-b4d9-06da4ef2f41a\n✨  Done in 1757.52s.\n✨  Done in 1757.79s.\n```\n\nPaste the `aws eks update-kubeconfig` command into your shell. This will update your `kubeconfig`.\n\n```bash\naws eks update-kubeconfig --name EksCluster3394B24C-86f946f02a67416c80413e123d58b628 --region eu-central-1 --role-arn arn:aws:iam::123456789012:role/IntegrationTestsStack-EksClusterMastersRoleA746276-GNW143CGOXG7\nAdded new context arn:aws:eks:eu-central-1:123456789012:cluster/EksCluster3394B24C-86f946f02a67416c80413e123d58b628 to /home/super-eks/.kube/config\n```\n\nNow let's see if it works.\n\n```bash\nNAMESPACE      NAME                                            READY   STATUS    RESTARTS   AGE\ndns            external-dns-7d4d69545d-r5w68                   1/1     Running   0          14m\nlogging        aws-for-fluent-bit-qwhwb                        1/1     Running   0          14m\nlogging        aws-for-fluent-bit-s7wnj                        1/1     Running   0          14m\ningress        aws-load-balancer-controller-5b9cbc5497-smfrt   1/1     Running   0          14m\nkube-system    aws-node-lscgc                                  1/1     Running   0          18m\nkube-system    aws-node-zfcdl                                  1/1     Running   0          18m\nkube-system    coredns-59b69b4849-9gstn                        1/1     Running   0          25m\nkube-system    coredns-59b69b4849-bssnr                        1/1     Running   0          25m\nkube-system    kube-proxy-9sgtt                                1/1     Running   0          18m\nkube-system    kube-proxy-r4gzg                                1/1     Running   0          18m\nnginx          nginx-67cb444d48-lqzkg                          1/1     Running   0          14m\n```\n\nVoila! :tada: You now have a super EKS cluster with batteries included!\n\n## :lock_with_ink_pen: Configuring external secrets\n\nExternal secrets in EKS is automatically deployed and configured. We configure it in such a way that if you tag your secrets with `SuperEKS: secrets`, external secrets will have access. You can follow\nthe [documentation](https://github.com/external-secrets/kubernetes-external-secrets) to setup secrets but need to tag your secrets in secrets manager, e.g., when creating:\n\n```bash\naws secretsmanager create-secret --name hello-service/password --secret-string \"1234\" --tags Key=SuperEKS,Value=secrets\n```\n\nThe service account that will be used by external secrets uses a condition in the IAM policy so that access will be automatically granted.\nTo keep the setup secure and sound **you have to set namespace annotations** for secrets as described in the\n[original documentation](https://github.com/external-secrets/kubernetes-external-secrets#using-namespace-annotation).\n\n## :open_book: API documentation\n\nSee the [API documentation](./API.md) for details.\n\n## :gear: Development\n\n- We use [architecture decision records](https://github.com/joelparkerhenderson/architecture_decision_record/blob/master/adr_template_by_michael_nygard.md). See [here](docs/decisions) for the decisions made so far.\n- We use the [AWS Cloud Development Kit (CDK)](github.com/aws-cdk/cdk).\n- We use [projen](https://github.com/projen/projen/blob/main/API.md#projen-awscdkconstructlibrary) :heart:. Don't edit package.json etc. Always make changes in [.projenrc.js](./.projenrc.js).\n\n## :question: FAQ\n\nFrequently asked questions are answered here.\n\n### What do you mean by \"batteries included\"?\n\n[Batteries included](https://www.python.org/dev/peps/pep-0206/#batteries-included-philosophy) is a term that comes from the philosophy behind the Python programming language.\nIt means, that **super-eks** ships with all necessary parts. You don't need additional things, like in this case Helm charts, manifests etc. apart from the workload you want to run on Kubernetes.\n\n### Why did you choose to include component X?\n\nWe try to include components, that are seen as community standards. On the other hand we choose components,\nthat work best in combination with AWS.\n\n### Where are the advanced settings? I want to do things differently\n\n**super-eks** makes some decisions for you. If you want an expert setup maybe **super-eks** isn't for you.\nIf you believe core functionality is missing please open a GitHub issue.\n\nOur approach is to offer opinionated solutions, but we aim to offer the possibility to opt out, as well.\n\n### I don't want to use CDK? Do you offer alternatives?\n\nNo, not for now.\n\n## :balance_scale: License\n\n**super-eks** is distributed under the [Apache License, Version 2.0](https://www.apache.org/licenses/LICENSE-2.0).\n\nSee [LICENSE](./LICENSE) for more information.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuperluminar-io%2Fsuper-eks","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsuperluminar-io%2Fsuper-eks","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuperluminar-io%2Fsuper-eks/lists"}