-
Notifications
You must be signed in to change notification settings - Fork 42
/
Copy pathkubernetes_kong_api_gateway_eks.py
executable file
·124 lines (103 loc) · 3.68 KB
/
kubernetes_kong_api_gateway_eks.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#!/usr/bin/env python3
# coding=utf-8
# vim:ts=4:sts=4:sw=4:et
#
# Author: Hari Sekhon
# Date: 2023-04-15 22:35:45 +0100 (Sat, 15 Apr 2023)
#
# https://github.com/HariSekhon/Diagrams-as-Code
#
# License: see accompanying Hari Sekhon LICENSE file
#
# If you're using my code you're welcome to connect with me on LinkedIn
# and optionally send me feedback to help steer this or other code I publish
#
# https://www.linkedin.com/in/HariSekhon
#
"""
Kong API Gateway on Kubernetes (AWS EKS)
"""
__author__ = 'Hari Sekhon'
__version__ = '0.4'
import os
from diagrams import Diagram, Cluster, Edge
# ============================================================================ #
# On-premise / Open Source resources:
#
# https://diagrams.mingrammer.com/docs/nodes/onprem
#
from diagrams.onprem.network import Kong
from diagrams.onprem.certificates import CertManager, LetsEncrypt
from diagrams.onprem.vcs import Github
from diagrams.onprem.gitops import ArgoCD
from diagrams.onprem.client import Users
# ============================================================================ #
# Kubernetes resources:
#
# https://diagrams.mingrammer.com/docs/nodes/k8s
#
from diagrams.k8s.compute import Pod
from diagrams.k8s.network import Ingress, Service
# ============================================================================ #
# AWS resources:
#
# https://diagrams.mingrammer.com/docs/nodes/aws
#
from diagrams.aws.compute import EKS
from diagrams.aws.network import ELB, Route53
graph_attr = {
"splines": "spline",
}
# pylint: disable=W0104,W0106
with Diagram('Kubernetes Kong API Gateway EKS',
show=not bool(os.environ.get('CI', 0)),
direction='TB',
filename='images/kubernetes_kong_api_gateway_eks',
graph_attr=graph_attr,
):
letsencrypt = LetsEncrypt("LetsEncrypt Certificate Authority")
users = Users("Users")
github = Github("GitHub")
with Cluster("AWS"):
elb = ELB("ELB Load Balancer")
route53 = Route53("Route53 DNS")
elb - route53
users >> Edge(label="HTTPS traffic") >> elb
users >> Edge(label="DNS queries") >> route53
with Cluster("Kubernetes Cluster"):
eks = EKS("EKS")
with Cluster("Cert Manager"):
certmanager = CertManager("Cert Manager")
with Cluster("ArgoCD"):
argocd = ArgoCD("ArgoCD")
with Cluster("Ingress"):
kong = Kong("Kong API Gateway")
ingress = Ingress("Kubernetes Ingress")
with Cluster("WebApp 2"):
service = Service("WebApp 2 Service")
kong >> service
pods = []
for _ in range(3, 0, -1):
pods.append(Pod(f"Pod {_}") << service)
# argocd >> service
# argocd >> pods
with Cluster("WebApp 1"):
service = Service("WebApp 1 Service")
kong >> service
pods = []
for _ in range(3, 0, -1):
pods.append(Pod(f"Pod {_}") << service)
# argocd >> service
# argocd >> pods
elb >> Edge(label="HTTPS traffic") >> ingress
ingress - kong
letsencrypt \
>> Edge(label="ACME protocol\ngenerated certificate", style="dashed") \
>> certmanager \
>> Edge(label="SSL\ncert", style="dashed") \
>> ingress
github >> \
Edge(label="GitOps trigger", style="dashed") \
>> argocd \
>> Edge(label="k8s\nyaml\nmanifest\nupdates", style="dashed") \
>> ingress