Add-ons¶

The eks-blueprints framework leverages a modular approach to managing Add-ons that run within the context of a Kubernetes cluster. Customers are free to select the add-ons that run in each of their blueprint clusters.

Within the context of the eks-blueprints framework, an add-on is abstracted as ClusterAddOn interface, and the implementation of the add-on interface can do whatever is necessary to support the desired add-on functionality. This can include applying manifests to a Kubernetes cluster or calling AWS APIs to provision new resources.

Supported Add-ons¶

The framework currently supports the following add-ons.

Addon	Description	x86_64/amd64	arm64
`ACKAddOn`	Adds ACK (AWS Controllers for Kubernetes .	✅
`AdotAddOn`	Adds AWS Distro for OpenTelemetry (ADOT) Operator.	✅	✅
`AmpAdotAddOn`	Deploys ADOT Collector for Prometheus to remote write metrics from AMP.	✅	✅
`AppMeshAddOn`	Adds an AppMesh controller and CRDs.	✅
`ApacheAirflowAddOn`	This add-on is an implementation of Apache Airflow on EKS using the official helm chart.	✅
`ArgoCDAddOn`	Provisions Argo CD into your cluster.	✅	✅
`AWS Batch for EKS`	Enables EKS cluster to be used with AWS Batch on EKS	✅	✅
`AWS CloudWatch Insgihts`	Provisions CloudWatch Insights to be used with the EKS cluster.	✅	✅
`AWS for Fluent Bit`	Provisions Fluent Bit into your cluster for log aggregation and consumption.	✅	✅
`AWS Load Balancer Controller`	Provisions the AWS Load Balancer Controller into your cluster.	✅	✅
`AWS Node Termination Handler`	Provisions Node Termination Handler into your cluster.	✅
`AWS Private CA Issuer`	Installs AWS Private CA Issuer into your cluster.	✅
`Backstage`	Installs Backstage.	✅
`CertManagerAddOn`	Adds Certificate Manager to your EKS cluster.	✅	✅
`CalicoOperatorAddOn`	Adds the Calico CNI/Network policy cluster.	✅	✅
`CloudWatchAdotAddOn`	Adds Cloudwatch exporter based on ADOT operator integrating monitoring with CloudWatch.	✅	✅
`CloudWatchLogsAddOn`	Adds AWS for Fluent Bit to the cluster that exports logs to CloudWatch.	✅	✅
`ClusterAutoscalerAddOn`	Adds the standard cluster autoscaler.	✅	✅
`ContainerInsightsAddOn`	Adds support for container insights.	✅	✅
`CoreDnsAddOn`	Adds CoreDNS Amazon EKS add-on. CoreDNS is a flexible, extensible DNS server that can serve as the Kubernetes cluster DNS.	✅	✅
`DatadogAddOn`	Adds Datadog Amazon EKS add-on. Datadog is the monitoring and security platform for cloud applications.	✅	✅
`Dynatrace`	Adds the Dynatrace OneAgent Operator.	✅
`EbsCsiDriverAddOn`	Adds EBS CSI Driver Amazon EKS add-on. This driver manages the lifecycle of Amazon EBS volumes for persistent storage.	✅	✅
`EfsCsiDriverAddOn`	Adds EFS CSI Driver Amazon EKS add-on. This driver manages the lifecycle of Amazon EFS volumes for persistent storage.	✅	✅
`EmrOnEksAddOn`	Enable EKS cluster to be used with EMR on EKS	✅	✅
`ExternalDnsAddOn`	Adds External DNS support for AWS to the cluster, integrating with Amazon Route 53.	✅	✅
`ExternalSecretsAddOn`	Adds External Secrets Operator to the cluster.	✅	✅
`FluxcdAddOn`	Setting up Fluxcd to manage one or more Kubernetes clusters.	✅	✅
`GpuOperatorAddon`	Deploys NVIDIA GPU Operator on your EKS Cluster to manage configuration of drivers and software dependencies for GPU instances	✅	✅
`GrafanaOperatorAddon`	Deploys GrafanaOperatorAddon on your EKS Cluster to manage Amazon Managed Grafana and other external Grafana instances.	✅	✅
`IngressNginxAddOn`	Adds Kubernetes NGINX ingress controller	✅	✅
`IstioBaseAddOn`	Adds support for Istio base chart to the EKS cluster.	✅	✅
`InstanaAddOn`	Adds the IBM® Instana® Agent Operator to the EKS cluster.	✅	✅
`IstioControlPlaneAddOn`	Installs Istio Control Plane addon to the EKS cluster.	✅	✅
`IstioCniAddOn`	Installs Istio Cni Plugin addon to the EKS cluster.	✅	✅
`IstioIngressGatewayAddOn`	Installs Istio Ingress Gateway Plugin to the EKS cluster.	✅	✅
`JupyterHubAddOn`	Adds JupyterHub support for AWS to the cluster.	✅	✅
`Kasten-K10AddOn`	Kasten K10 add-on installs Kasten K10 into your Amazon EKS cluster.	✅
`KedaAddOn`	Installs Keda into EKS cluster.	✅	✅
`Keptn`	Keptn Control Plane and Execution Plane AddOn.	✅
`KnativeAddOn`	Deploys the KNative Operator to ease setting up the rest of KNatives CRDs	✅	✅
`KomodorAddOn`	Adds the Komodor Agent to the EKS Cluster.	✅	✅
`KonveyorAddOn`	Adds Konveyor to the EKS Cluster.	✅	✅
`KubecostAddOn`	Adds Kubecost cost analyzer to the EKS cluster.	✅
`KubeflowAddOn`	Adds kubeflow Kubeflow pipeline addon the EKS cluster.	✅
`KubeRayAddOn`	Installs the KubeRay Operator.	✅	✅
`KubeviousAddOn`	Adds Kubevious open source Kubernetes dashboard to an EKS cluster.	✅
`KarpenterAddOn`	Adds Karpenter support for Amazon EKS.	✅	✅
`KubeProxyAddOn`	Adds kube-proxy Amazon EKS add-on. Kube-proxy maintains network rules on each Amazon EC2 node.	✅	✅
`KubeStateMetricsAddOn`	Adds kube-state-metrics into the EKS cluster.	✅	✅
`KubesharkAddOn`	Deep visibility and monitoring of all API traffic	✅	✅
`MetricsServerAddOn`	Adds metrics server (pre-req for HPA and other monitoring tools).	✅	✅
`NewRelicAddOn`	Adds New Relic and Pixie observability for Amazon EKS.	✅
`NginxAddOn`	Adds NGINX ingress controller	✅	✅
`NeuronDevicePluginAddOn`	Adds Neuron Device Plugin Addon	✅
`NeuronMonitorAddOn`	Adds Neuron Monitor Addon	✅
`OpaGatekeeperAddOn`	Adds OPA Gatekeeper	✅	✅
`ParalusAddOn`	Adds Paralus	✅	✅
`PixieAddOn`	Adds Pixie to the EKS Cluster. Pixie provides auto-telemetry for requests, metrics, application profiles, and more.	✅
`PrometheusNodeExporterAddOn`	Adds prometheus-node-exporter to the EKS Cluster. Prometheus Node Exporter enables you to measure various machine resources such as memory, disk and CPU utilization.	✅	✅
`Rafay`	Adds Rafay’s Kubernetes Operations Platform (KOP) to the EKS Cluster. Rafay allows you to deploy, operate, and manage the lifecycle of Kubernetes clusters	✅
`SecretsStoreAddOn`	Adds AWS Secrets Manager and Config Provider for Secret Store CSI Driver to the EKS Cluster.	✅	✅
`Snyk`	Adds the Snyk Monitor to the EKS Cluster.	✅
`SSMAgentAddOn`	Adds Amazon SSM Agent to worker nodes.	✅
`UpboundUniversalCrossplaneAddOn`	Allows Elastic Kubernetes Service (Amazon EKS) clusters to manage the lifecycle of Crossplane distribution.	✅
`VpcCniAddOn`	Adds the Amazon VPC CNI Amazon EKS addon to support native VPC networking for Amazon EKS.	✅	✅
`VeleroAddOn`	Adds Velero to the EKS Cluster.	✅	✅
`XrayAddOn`	Adds XRay Daemon to the EKS Cluster.	NA	NA
`XrayAdotAddOn`	Deploys ADOT Collector for Xray to receive traces from your workloads.	✅	✅
`GmaestroAddOn`	Adds gMaestro cost optimization solution for EKS cluster.
`EksPodIdentityAgentAddOn`	Setting up the EKS Pod Identity Agent	✅	✅

Standard Helm Add-On Configuration Options¶

Many add-ons leverage helm to provision and maintain deployments. All provided add-ons that leverage helm allow specifying the following add-on attributes:

    /**
     * Name of the helm chart (add-on)
     */
    name?: string,

    /**
     * Namespace where helm release will be installed
     */
    namespace?: string,

    /**
     * Chart name
     */
    chart?: string,

    /**
     * Helm chart version.
     */
    version?: string,

    /**
     * Helm release
     */
    release?: string,

    /**
     * Helm repository
     */
    repository?: string,

    /**
     * When global helm version validation is enabled with HelmAddOn.validateHelmVersions = true
     * allows to skip validation for a particular helm add-on. 
     */
    skipVersionValidation?: boolean,

    /**
     * Optional values for the helm chart.
     */
    values?: Values

Ability to set repository url may be leveraged for private repositories.

Version field can be modified from the default chart version, e.g. if the add-on should be upgraded to the desired version, however, since the helm chart version supplied by the customer may not have been tested as part of the Blueprints release process, Blueprints community may not be able to reproduce/fix issues related to the helm chart version upgrade.

Helm Version Validation¶

All add-ons that derive from HelmAddOn support optional version validation against the latest published version in the target helm repository.

Helm version validation can result either in a warning on console during list, synth and deploy operations or an exception if the target helm repository contains higher version than the one leveraged in the add-on.

Example output:

INFO  Chart argo-cd-4.9.12 is at the latest version. 
INFO  Chart external-dns-6.6.0 is at the latest version. 
WARN Upgrade is needed for chart gatekeeper-3.8.1: latest version is 3.9.0-beta.2. 
INFO  Chart appmesh-controller-1.5.0 is at the latest version. 
INFO  Chart tigera-operator-v3.23.2 is at the latest version. 
WARN Upgrade is needed for chart adot-exporter-for-eks-on-ec2-0.1.0: latest version is 0.6.0. 
INFO  Chart aws-load-balancer-controller-1.4.2 is at the latest version. 
INFO  Chart nginx-ingress-0.14.0 is at the latest version. 
INFO  Chart velero-2.30.1 is at the latest version. 
INFO  Chart falco-1.19.4 is at the latest version. 
WARN Upgrade is needed for chart karpenter-0.13.1: latest version is 0.13.2. 
INFO  Chart kubevious-1.0.10 is at the latest version. 
INFO  Chart aws-efs-csi-driver-2.2.7 is at the latest version. 
INFO  Chart keda-2.7.2 is at the latest version. 
INFO  Chart secrets-store-csi-driver-1.2.1 is at the latest version.

Enable/Disable Helm version validation globally

import { HelmAddOn } from '@aws-quickstart/eks-blueprints';

HelmAddOn.validateHelmVersions = true; // by default will print out warnings
HelmAddOn.failOnVersionValidation = true; // enable synth to throw exceptions on validation check failures

Enable/Disable Helm version validation per add-on

new blueprints.addons.MetricsServerAddOn({
    skipVersionValidation: true
})