AWS EKS
Example Cluster Config
Enterprise Deployments
- Enterprise Deployment
- Pre Requisites
- Dependencies
- Setting Up New Users
- Self-Hosted Kubernetes Cluster
- Post Deployment Checklist
- Scheduling Automatic Backups For Your Cluster
- SSO Integration
- Security & Access Control
- Data Privacy And Compliance
AWS EKS
Example Cluster Config
---
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: CLUSTER_NAME
region: us-east-2
version: "1.28"
tags:
env: CLUSTER_NAME
availabilityZones: ["us-east-2a", "us-east-2b"]
cloudWatch:
clusterLogging:
enableTypes: ["*"]
addons:
- name: vpc-cni
version: 1.13.4
- name: aws-ebs-csi-driver
version: 1.29.1
managedNodeGroups:
- name: galileo-core
privateNetworking: true
availabilityZones: ["us-east-2a", "us-east-2b"]
labels: { galileo-node-type: galileo-core }
tags:
{
"k8s.io/cluster-autoscaler/CLUSTER_NAME": "owned",
"k8s.io/cluster-autoscaler/enabled": "true",
}
amiFamily: AmazonLinux2
instanceType: m5a.xlarge
minSize: 2
maxSize: 5
desiredCapacity: 2
volumeSize: 200
volumeType: gp3
volumeEncrypted: true
disableIMDSv1: false
iam:
attachPolicyARNs:
- arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
- arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
- arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
- arn:aws:iam::aws:policy/AmazonS3FullAccess
- arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
withAddonPolicies:
autoScaler: true
cloudWatch: true
ebs: true
updateConfig:
maxUnavailable: 2
- name: galileo-runner
privateNetworking: true
availabilityZones: ["us-east-2a", "us-east-2b"]
labels: { galileo-node-type: galileo-runner }
tags:
{
"k8s.io/cluster-autoscaler/CLUSTER_NAME": "owned",
"k8s.io/cluster-autoscaler/enabled": "true",
}
amiFamily: AmazonLinux2
instanceType: m5a.2xlarge
minSize: 1
maxSize: 5
desiredCapacity: 1
volumeSize: 200 # GiB
volumeType: gp3
volumeEncrypted: true
disableIMDSv1: false
iam:
attachPolicyARNs:
- arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy
- arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
- arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly
- arn:aws:iam::aws:policy/AmazonS3FullAccess
- arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
withAddonPolicies:
autoScaler: true
cloudWatch: true
ebs: true
updateConfig:
maxUnavailable: 1
Was this page helpful?