This document describes the flow of operations in the EKS Cluster Management API, a Flask-based application that facilitates the connection to and management of Amazon EKS (Elastic Kubernetes Service) clusters. The application provides a seamless interface between users and their Kubernetes resources hosted on AWS.
- Frontend: HTML/CSS/JavaScript application served by Flask
- Backend API: Flask application with RESTful endpoints
- EKSConnector: Core class managing connections to EKS clusters
- AWS Services: Interaction with AWS EKS via boto3
- Kubernetes API: Interaction with Kubernetes resources via kubernetes-client
When the application starts:
- Flask application initializes
- A persistent
EKSConnectorinstance is created at module level - Static files directory is configured for serving the frontend
- Application begins listening for HTTP requests
-
User fills connection form in the frontend with:
- Cluster name
- AWS region
- Authentication method (AWS credentials or profile)
- Required authentication details
-
Frontend sends a POST request to
/api/clusters/connectwith JSON payload containing connection parameters
-
Flask routes the request to the
connect_clusterhandler -
Request parameters are validated:
- Cluster name and region are required
- Authentication details are checked based on auth type
-
Based on the authentication type:
- For
credentials:connect_with_aws_credentialsis called with the provided AWS keys - For
profile:connect_with_aws_profileis called with the profile name
- For
- A boto3 session is created with the provided credentials or profile
- EKS client is initialized with the session
- The EKS client calls
describe_clusterto fetch details about the specified cluster
-
Cluster information is retrieved from the EKS API
-
A kubeconfig is dynamically generated containing:
- Cluster endpoint
- Certificate authority data
- AWS command for token generation
- Profile information (if applicable)
-
The kubeconfig is written to a temporary file
-
Kubernetes configuration is loaded from the temporary file
-
The temporary file is deleted after loading
-
Kubernetes API client is initialized
-
A test connection is made by listing namespaces
-
On successful connection:
- A connection ID is generated in the format
{region}_{cluster_name} - The API client and cluster information are stored in the
connected_clustersdictionary - Success response with connection ID is returned to the frontend
- A connection ID is generated in the format
-
On failure:
- Error details are captured
- Error response is returned to the frontend
- User selects a connected cluster from the frontend
- User selects a resource type (pods, deployments, services, nodes)
- Frontend sends a GET request to
/api/clusters/{connection_id}/resources/{resource_type}
- Flask routes the request to the
get_resourceshandler - The connection ID is validated against stored connections
- The resource type is validated against supported types
- The stored API client for the connection is retrieved
-
Based on the resource type, the appropriate Kubernetes API is used:
- For pods and services:
CoreV1Api - For deployments:
AppsV1Api - For nodes:
CoreV1Api
- For pods and services:
-
The appropriate API method is called to list resources:
list_pod_for_all_namespaces()list_deployment_for_all_namespaces()list_service_for_all_namespaces()list_node()
-
Resource data is formatted into a standardized structure with relevant fields for each resource type
- Formatted resource data is returned as a JSON response
- Frontend displays the resources to the user in an appropriate format
- User provides AWS region and authentication details
- Frontend sends a POST request to
/api/clusters/available
- Flask routes the request to the
list_available_clustershandler - Request parameters are validated
- A boto3 session is created with the provided credentials or profile
- EKS client is initialized with the session
- The EKS client calls
list_clustersto get a list of cluster names in the region - For each cluster,
describe_clusteris called to get detailed information
- List of available clusters with details (name, status, version, endpoint, creation time) is returned
- Frontend displays the list to the user
- User selects a connected cluster to disconnect
- Frontend sends a POST request to
/api/clusters/{connection_id}/disconnect
- Flask routes the request to the
disconnect_clusterhandler - The connection ID is validated against stored connections
- The connection is removed from the
connected_clustersdictionary - Success response is returned to the frontend
- AWS API calls are wrapped in try-except blocks to catch
ClientError - Error codes and messages are extracted from the response
- Formatted error responses with specific AWS error details are returned
- Kubernetes API calls are wrapped in try-except blocks
- Error messages are captured and formatted
- Error responses are returned to the frontend
- General exceptions are caught at function level
- Errors are logged with detailed messages
- Generic error responses are returned to the frontend
The application maintains connections to multiple clusters simultaneously:
-
Each connection is stored with a unique connection ID (region_clustername)
-
For each connection, the following is stored:
- Kubernetes API client
- Cluster information (name, region, version, status, endpoint)
-
The
list_connected_clustersmethod provides an overview of all active connections
Each resource type has a specialized formatting function:
- Pods: Name, namespace, status, containers, node, creation time
- Deployments: Name, namespace, replicas, available replicas, creation time
- Services: Name, namespace, type, cluster IP, ports, creation time
- Nodes: Name, status, roles, instance type, zone, kubelet version, creation time
- AWS credentials are never stored on disk
- Kubeconfig files are created as temporary files and deleted after use
- AWS credential validation happens before attempting to connect
- All API endpoints validate parameters before processing
┌─────────────┐ ┌───────────────┐ ┌───────────────┐
│ Frontend │ │ Flask API │ │ EKSConnector │
└──────┬──────┘ └───────┬───────┘ └───────┬───────┘
│ │ │
│ 1. Request Connection │ │
│────────────────────────> │
│ │ │
│ │ 2. Connect to Cluster │
│ │─────────────────────────>│
│ │ │
│ │ │──┐
│ │ │ │ 3. Create AWS Session
│ │ │<─┘
│ │ │
│ │ │──┐
│ │ │ │ 4. Access EKS API
│ │ │<─┘
│ │ │
│ │ │──┐
│ │ │ │ 5. Generate Kubeconfig
│ │ │<─┘
│ │ │
│ │ │──┐
│ │ │ │ 6. Initialize K8s Client
│ │ │<─┘
│ │ │
│ │ 7. Return Connection ID │
│ │<─────────────────────────│
│ │ │
│ 8. Connection Response │ │
│<──────────────────────── │
│ │ │
│ 9. Request Resources │ │
│────────────────────────> │
│ │ │
│ │ 10. Get Resources │
│ │─────────────────────────>│
│ │ │
│ │ │──┐
│ │ │ │ 11. Call K8s API
│ │ │<─┘
│ │ │
│ │ 12. Return Resources │
│ │<─────────────────────────│
│ │ │
│ 13. Resource Response │ │
│<──────────────────────── │
│ │ │
The EKS Cluster Management API provides a comprehensive interface for connecting to and interacting with EKS clusters. By understanding this flow, developers and operators can effectively utilize the API to manage their Kubernetes resources on AWS.