diff --git a/pkg/ami/auto_resolver.go b/pkg/ami/auto_resolver.go index 9a4b9cdbed..1781c3982b 100644 --- a/pkg/ami/auto_resolver.go +++ b/pkg/ami/auto_resolver.go @@ -28,6 +28,10 @@ func MakeImageSearchPatterns(version string) map[string]map[int]string { ImageClassGPU: fmt.Sprintf("amazon-eks-gpu-node-%s-*", version), ImageClassARM: fmt.Sprintf("amazon-eks-arm64-node-%s-*", version), }, + api.NodeImageFamilyUbuntu2204: { + ImageClassGeneral: fmt.Sprintf("ubuntu-eks/k8s_%s/images/*22.04-amd64*", version), + ImageClassARM: fmt.Sprintf("ubuntu-eks/k8s_%s/images/*22.04-arm64*", version), + }, api.NodeImageFamilyUbuntu2004: { ImageClassGeneral: fmt.Sprintf("ubuntu-eks/k8s_%s/images/*20.04-amd64*", version), ImageClassARM: fmt.Sprintf("ubuntu-eks/k8s_%s/images/*20.04-arm64*", version), @@ -53,7 +57,7 @@ func MakeImageSearchPatterns(version string) map[string]map[int]string { // OwnerAccountID returns the AWS account ID that owns worker AMI. func OwnerAccountID(imageFamily, region string) (string, error) { switch imageFamily { - case api.NodeImageFamilyUbuntu2004, api.NodeImageFamilyUbuntu1804: + case api.NodeImageFamilyUbuntu2204, api.NodeImageFamilyUbuntu2004, api.NodeImageFamilyUbuntu1804: return ownerIDUbuntuFamily, nil case api.NodeImageFamilyAmazonLinux2: return api.EKSResourceAccountID(region), nil diff --git a/pkg/ami/auto_resolver_test.go b/pkg/ami/auto_resolver_test.go index 4f7fbab78d..f5fe8bdd02 100644 --- a/pkg/ami/auto_resolver_test.go +++ b/pkg/ami/auto_resolver_test.go @@ -62,6 +62,11 @@ var _ = Describe("AMI Auto Resolution", func() { Expect(ownerAccount).To(BeEquivalentTo("099720109477")) Expect(err).NotTo(HaveOccurred()) }) + It("should return the Ubuntu Account ID for Ubuntu images", func() { + ownerAccount, err := OwnerAccountID(api.NodeImageFamilyUbuntu2204, region) + Expect(ownerAccount).To(BeEquivalentTo("099720109477")) + Expect(err).NotTo(HaveOccurred()) + }) It("should return the Windows Account ID for Windows Server images", func() { ownerAccount, err := OwnerAccountID(api.NodeImageFamilyWindowsServer2022CoreContainer, region) diff --git a/pkg/ami/ssm_resolver.go b/pkg/ami/ssm_resolver.go index 5ba6455f04..ad062196bf 100644 --- a/pkg/ami/ssm_resolver.go +++ b/pkg/ami/ssm_resolver.go @@ -72,7 +72,8 @@ func MakeSSMParameterName(version, instanceType, imageFamily string) (string, er return fmt.Sprintf("/aws/service/ami-windows-latest/Windows_Server-2022-English-%s-EKS_Optimized-%s/%s", windowsAmiType(imageFamily), version, fieldName), nil case api.NodeImageFamilyBottlerocket: return fmt.Sprintf("/aws/service/bottlerocket/aws-k8s-%s/%s/latest/%s", imageType(imageFamily, instanceType, version), instanceEC2ArchName(instanceType), fieldName), nil - case api.NodeImageFamilyUbuntu2004, api.NodeImageFamilyUbuntu1804: + case api.NodeImageFamilyUbuntu2204, api.NodeImageFamilyUbuntu2004, api.NodeImageFamilyUbuntu1804: + // FIXME: SSM lookup for Ubuntu EKS images is supported nowadays return "", &UnsupportedQueryError{msg: fmt.Sprintf("SSM Parameter lookups for %s AMIs is not supported yet", imageFamily)} default: return "", fmt.Errorf("unknown image family %s", imageFamily) diff --git a/pkg/apis/eksctl.io/v1alpha5/outposts_validation_test.go b/pkg/apis/eksctl.io/v1alpha5/outposts_validation_test.go index 14c7bf8f31..225103adba 100644 --- a/pkg/apis/eksctl.io/v1alpha5/outposts_validation_test.go +++ b/pkg/apis/eksctl.io/v1alpha5/outposts_validation_test.go @@ -186,6 +186,7 @@ var _ = Describe("Outposts validation", func() { Entry("Bottlerocket", api.NodeImageFamilyBottlerocket, true), Entry("Ubuntu1804", api.NodeImageFamilyUbuntu1804, true), Entry("Ubuntu2004", api.NodeImageFamilyUbuntu2004, true), + Entry("Ubuntu2204", api.NodeImageFamilyUbuntu2204, true), Entry("Windows2019Core", api.NodeImageFamilyWindowsServer2019CoreContainer, true), Entry("Windows2019Full", api.NodeImageFamilyWindowsServer2019FullContainer, true), Entry("Windows2022Core", api.NodeImageFamilyWindowsServer2022CoreContainer, true), diff --git a/pkg/apis/eksctl.io/v1alpha5/types.go b/pkg/apis/eksctl.io/v1alpha5/types.go index e3766f177e..a1871c59b9 100644 --- a/pkg/apis/eksctl.io/v1alpha5/types.go +++ b/pkg/apis/eksctl.io/v1alpha5/types.go @@ -224,6 +224,7 @@ const ( // DefaultNodeImageFamily (default) DefaultNodeImageFamily = NodeImageFamilyAmazonLinux2 NodeImageFamilyAmazonLinux2 = "AmazonLinux2" + NodeImageFamilyUbuntu2204 = "Ubuntu2204" NodeImageFamilyUbuntu2004 = "Ubuntu2004" NodeImageFamilyUbuntu1804 = "Ubuntu1804" NodeImageFamilyBottlerocket = "Bottlerocket" @@ -606,6 +607,7 @@ func SupportedNodeVolumeTypes() []string { func supportedAMIFamilies() []string { return []string{ NodeImageFamilyAmazonLinux2, + NodeImageFamilyUbuntu2204, NodeImageFamilyUbuntu2004, NodeImageFamilyUbuntu1804, NodeImageFamilyBottlerocket, diff --git a/pkg/apis/eksctl.io/v1alpha5/validation.go b/pkg/apis/eksctl.io/v1alpha5/validation.go index f57d7a3136..127e96737a 100644 --- a/pkg/apis/eksctl.io/v1alpha5/validation.go +++ b/pkg/apis/eksctl.io/v1alpha5/validation.go @@ -1230,8 +1230,8 @@ func ValidateManagedNodeGroup(index int, ng *ManagedNodeGroup) error { if ng.AMIFamily == "" { return errors.Errorf("when using a custom AMI, amiFamily needs to be explicitly set via config file or via --node-ami-family flag") } - if ng.AMIFamily != NodeImageFamilyAmazonLinux2 && ng.AMIFamily != NodeImageFamilyUbuntu1804 && ng.AMIFamily != NodeImageFamilyUbuntu2004 { - return errors.Errorf("cannot set amiFamily to %s when using a custom AMI for managed nodes, only %s, %s and %s are supported", ng.AMIFamily, NodeImageFamilyAmazonLinux2, NodeImageFamilyUbuntu1804, NodeImageFamilyUbuntu2004) + if ng.AMIFamily != NodeImageFamilyAmazonLinux2 && ng.AMIFamily != NodeImageFamilyUbuntu1804 && ng.AMIFamily != NodeImageFamilyUbuntu2004 && ng.AMIFamily != NodeImageFamilyUbuntu2204 { + return errors.Errorf("cannot set amiFamily to %s when using a custom AMI for managed nodes, only %s, %s, %s and %s are supported", ng.AMIFamily, NodeImageFamilyAmazonLinux2, NodeImageFamilyUbuntu1804, NodeImageFamilyUbuntu2004, NodeImageFamilyUbuntu2204) } if ng.OverrideBootstrapCommand == nil { return errors.Errorf("%[1]s.overrideBootstrapCommand is required when using a custom AMI based on %s (%[1]s.ami)", path, ng.AMIFamily) diff --git a/pkg/apis/eksctl.io/v1alpha5/validation_test.go b/pkg/apis/eksctl.io/v1alpha5/validation_test.go index d835aeb5a4..4526e92e3c 100644 --- a/pkg/apis/eksctl.io/v1alpha5/validation_test.go +++ b/pkg/apis/eksctl.io/v1alpha5/validation_test.go @@ -2002,7 +2002,7 @@ var _ = Describe("ClusterConfig validation", func() { It("fails when the AMIFamily is not supported", func() { ng.AMIFamily = "SomeTrash" err := api.ValidateNodeGroup(0, ng, cfg) - Expect(err).To(MatchError("AMI Family SomeTrash is not supported - use one of: AmazonLinux2, Ubuntu2004, Ubuntu1804, Bottlerocket, WindowsServer2019CoreContainer, WindowsServer2019FullContainer, WindowsServer2022CoreContainer, WindowsServer2022FullContainer")) + Expect(err).To(MatchError("AMI Family SomeTrash is not supported - use one of: AmazonLinux2, Ubuntu2204, Ubuntu2004, Ubuntu1804, Bottlerocket, WindowsServer2019CoreContainer, WindowsServer2019FullContainer, WindowsServer2022CoreContainer, WindowsServer2022FullContainer")) }) It("fails when the AmiFamily is not supported for managed nodes with custom AMI", func() { @@ -2022,10 +2022,14 @@ var _ = Describe("ClusterConfig validation", func() { err = api.ValidateManagedNodeGroup(0, mng) Expect(err).NotTo(HaveOccurred()) + mng.AMIFamily = api.NodeImageFamilyUbuntu2204 + err = api.ValidateManagedNodeGroup(0, mng) + Expect(err).NotTo(HaveOccurred()) + mng.AMIFamily = api.NodeImageFamilyBottlerocket mng.OverrideBootstrapCommand = nil err = api.ValidateManagedNodeGroup(0, mng) - errorMsg := fmt.Sprintf("cannot set amiFamily to %s when using a custom AMI for managed nodes, only %s, %s and %s are supported", mng.AMIFamily, api.NodeImageFamilyAmazonLinux2, api.NodeImageFamilyUbuntu1804, api.NodeImageFamilyUbuntu2004) + errorMsg := fmt.Sprintf("cannot set amiFamily to %s when using a custom AMI for managed nodes, only %s, %s, %s and %s are supported", mng.AMIFamily, api.NodeImageFamilyAmazonLinux2, api.NodeImageFamilyUbuntu1804, api.NodeImageFamilyUbuntu2004, api.NodeImageFamilyUbuntu2204) Expect(err).To(MatchError(errorMsg)) }) diff --git a/pkg/cfn/builder/managed_nodegroup_ami_type_test.go b/pkg/cfn/builder/managed_nodegroup_ami_type_test.go index ec067685a9..e1f2e5184d 100644 --- a/pkg/cfn/builder/managed_nodegroup_ami_type_test.go +++ b/pkg/cfn/builder/managed_nodegroup_ami_type_test.go @@ -180,4 +180,14 @@ var _ = DescribeTable("Managed Nodegroup AMI type", func(e amiTypeEntry) { }, expectedAMIType: "CUSTOM", }), + + Entry("non-native Ubuntu", amiTypeEntry{ + nodeGroup: &api.ManagedNodeGroup{ + NodeGroupBase: &api.NodeGroupBase{ + Name: "test", + AMIFamily: api.NodeImageFamilyUbuntu2204, + }, + }, + expectedAMIType: "CUSTOM", + }), ) diff --git a/pkg/ctl/cmdutils/nodegroup_flags.go b/pkg/ctl/cmdutils/nodegroup_flags.go index a4a4e9983f..4d93152834 100644 --- a/pkg/ctl/cmdutils/nodegroup_flags.go +++ b/pkg/ctl/cmdutils/nodegroup_flags.go @@ -40,7 +40,7 @@ func AddCommonCreateNodeGroupFlags(fs *pflag.FlagSet, cmd *Cmd, ng *api.NodeGrou ng.SSH.EnableSSM = fs.Bool("enable-ssm", false, "Enable AWS Systems Manager (SSM)") fs.StringVar(&ng.AMI, "node-ami", "", "'auto-ssm', 'auto' or an AMI ID (advanced use)") - fs.StringVar(&ng.AMIFamily, "node-ami-family", api.DefaultNodeImageFamily, "'AmazonLinux2' for the Amazon EKS optimized AMI, or use 'Ubuntu2004' or 'Ubuntu1804' for the official Canonical EKS AMIs") + fs.StringVar(&ng.AMIFamily, "node-ami-family", api.DefaultNodeImageFamily, "'AmazonLinux2' for the Amazon EKS optimized AMI, or use 'Ubuntu2204', 'Ubuntu2004' or 'Ubuntu1804' for the official Canonical EKS AMIs") fs.BoolVarP(&ng.PrivateNetworking, "node-private-networking", "P", false, "whether to make nodegroup networking private") diff --git a/pkg/nodebootstrap/userdata.go b/pkg/nodebootstrap/userdata.go index 8375d9fb9a..a5ddd00a3e 100644 --- a/pkg/nodebootstrap/userdata.go +++ b/pkg/nodebootstrap/userdata.go @@ -48,7 +48,7 @@ func NewBootstrapper(clusterConfig *api.ClusterConfig, ng *api.NodeGroup) (Boots return NewWindowsBootstrapper(clusterConfig, ng, clusterDNS), nil } switch ng.AMIFamily { - case api.NodeImageFamilyUbuntu2004, api.NodeImageFamilyUbuntu1804: + case api.NodeImageFamilyUbuntu2204, api.NodeImageFamilyUbuntu2004, api.NodeImageFamilyUbuntu1804: return NewUbuntuBootstrapper(clusterConfig, ng, clusterDNS), nil case api.NodeImageFamilyBottlerocket: return NewBottlerocketBootstrapper(clusterConfig, ng), nil @@ -72,7 +72,7 @@ func NewManagedBootstrapper(clusterConfig *api.ClusterConfig, ng *api.ManagedNod return NewManagedAL2Bootstrapper(ng), nil case api.NodeImageFamilyBottlerocket: return NewManagedBottlerocketBootstrapper(clusterConfig, ng), nil - case api.NodeImageFamilyUbuntu1804, api.NodeImageFamilyUbuntu2004: + case api.NodeImageFamilyUbuntu1804, api.NodeImageFamilyUbuntu2004, api.NodeImageFamilyUbuntu2204: clusterDNS, err := GetClusterDNS(clusterConfig) if err != nil { return nil, err diff --git a/userdocs/src/usage/custom-ami-support.md b/userdocs/src/usage/custom-ami-support.md index 72f07e4bf9..ef2fb74100 100644 --- a/userdocs/src/usage/custom-ami-support.md +++ b/userdocs/src/usage/custom-ami-support.md @@ -52,16 +52,17 @@ The `--node-ami` flag can also be used with `eksctl create nodegroup`. The `--node-ami-family` can take following keywords: -| Keyword | Description | -|--------------------------------|:--------------------------------------------------------------------------------------------:| -| AmazonLinux2 | Indicates that the EKS AMI image based on Amazon Linux 2 should be used (default). | -| Ubuntu2004 | Indicates that the EKS AMI image based on Ubuntu 20.04 LTS (Focal) should be used. | -| Ubuntu1804 | Indicates that the EKS AMI image based on Ubuntu 18.04 LTS (Bionic) should be used. | -| Bottlerocket | Indicates that the EKS AMI image based on Bottlerocket should be used. | -| WindowsServer2019FullContainer | Indicates that the EKS AMI image based on Windows Server 2019 Full Container should be used. | -| WindowsServer2019CoreContainer | Indicates that the EKS AMI image based on Windows Server 2019 Core Container should be used. | -| WindowsServer2022FullContainer | Indicates that the EKS AMI image based on Windows Server 2022 Full Container should be used. | -| WindowsServer2022CoreContainer | Indicates that the EKS AMI image based on Windows Server 2022 Core Container should be used. | +| Keyword | Description | +|--------------------------------|:--------------------------------------------------------------------------------------------------------------:| +| AmazonLinux2 | Indicates that the EKS AMI image based on Amazon Linux 2 should be used (default). | +| Ubuntu2204 | Indicates that the EKS AMI image based on Ubuntu 22.04 LTS (Jammy) should be used (available for EKS >= 1.29). | +| Ubuntu2004 | Indicates that the EKS AMI image based on Ubuntu 20.04 LTS (Focal) should be used. | +| Ubuntu1804 | Indicates that the EKS AMI image based on Ubuntu 18.04 LTS (Bionic) should be used. | +| Bottlerocket | Indicates that the EKS AMI image based on Bottlerocket should be used. | +| WindowsServer2019FullContainer | Indicates that the EKS AMI image based on Windows Server 2019 Full Container should be used. | +| WindowsServer2019CoreContainer | Indicates that the EKS AMI image based on Windows Server 2019 Core Container should be used. | +| WindowsServer2022FullContainer | Indicates that the EKS AMI image based on Windows Server 2022 Full Container should be used. | +| WindowsServer2022CoreContainer | Indicates that the EKS AMI image based on Windows Server 2022 Core Container should be used. | CLI flag example: ```sh @@ -77,13 +78,13 @@ nodeGroups: managedNodeGroups: - name: m-ng-2 instanceType: m5.large - amiFamily: Ubuntu2004 + amiFamily: Ubuntu2204 ``` The `--node-ami-family` flag can also be used with `eksctl create nodegroup`. `eksctl` requires AMI Family to be explicitly set via config file or via `--node-ami-family` CLI flag, whenever working with a custom AMI. ???+ note - At the moment, EKS managed nodegroups only support the following AMI Families when working with custom AMIs: `AmazonLinux2`, `Ubuntu1804` and `Ubuntu2004` + At the moment, EKS managed nodegroups only support the following AMI Families when working with custom AMIs: `AmazonLinux2`, `Ubuntu1804`, `Ubuntu2004` and `Ubuntu2204` ## Windows custom AMI support Only self-managed Windows nodegroups can specify a custom AMI. `amiFamily` should be set to a valid Windows AMI family.