scottk/wlan-toolsmith
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-toolsmith.git synced 2025-10-28 17:42:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
wlan-toolsmith/eksctl/wifi-289708231103/tip-wlan-main/cluster.yaml
Carsten Schafer c96d9a5db9 Add 2nd nodegroup for large gw node 
Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>
2024-05-30 15:54:34 -04:00

176 lines
5.2 KiB
YAML
Raw Permalink Blame History

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: ${CLUSTER_NAME}
region: ${AWS_REGION}
version: "1.27"
iam:
withOIDC: true
serviceAccounts:
- metadata:
name: aws-load-balancer-controller
namespace: kube-system
wellKnownPolicies:
awsLoadBalancerController: true
#- metadata:
# name: ebs-csi-controller-sa
# namespace: kube-system
# wellKnownPolicies:
# ebsCSIController: true
#- metadata:
# name: efs-csi-controller-sa
# namespace: kube-system
# wellKnownPolicies:
# efsCSIController: true
#- metadata:
# name: external-dns
# namespace: kube-system
# wellKnownPolicies:
# externalDNS: true
#- metadata:
# name: cert-manager
# namespace: cert-manager
# wellKnownPolicies:
# certManager: true
- metadata:
name: cluster-autoscaler
namespace: kube-system
labels: {aws-usage: "cluster-ops"}
wellKnownPolicies:
autoScaler: true
- metadata:
name: autoscaler-service
namespace: kube-system
attachPolicy: # inline policy can be defined along with `attachPolicyARNs`
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- "autoscaling:DescribeAutoScalingGroups"
- "autoscaling:DescribeAutoScalingInstances"
- "autoscaling:DescribeLaunchConfigurations"
- "autoscaling:DescribeTags"
- "autoscaling:SetDesiredCapacity"
- "autoscaling:TerminateInstanceInAutoScalingGroup"
- "ec2:DescribeLaunchTemplateVersions"
Resource: '*'
availabilityZones:
- ${AWS_REGION}a
- ${AWS_REGION}b
- ${AWS_REGION}c
vpc:
cidr: 10.10.0.0/16
clusterEndpoints:
publicAccess: true
privateAccess: true
#managedNodeGroups:
#- name: def
# instanceType: ${CLUSTER_INSTANCE_TYPE}
# amiFamily: AmazonLinux2
# #Try this next time with unsafe-sysctls:
# #ami: ami-0c92ea9c7c0380b66
# #ami: ami-03a6eaae9938c858c
# minSize: ${CLUSTER_NODES}
# maxSize: ${CLUSTER_MAX_NODES}
# volumeSize: ${CLUSTER_VOLUME_SIZE}
# ssh: # import public key from file
# allow: true
# publicKeyPath: id_rsa_${CLUSTER_NAME}.pub
# # This does not work for managed node groups:
# #overrideBootstrapCommand: |
# # #!/bin/bash
# # /etc/eks/bootstrap.sh ${CLUSTER_NAME} --kubelet-extra-args "--allowed-unsafe-sysctls 'net.*'"
# tags:
# # EC2 tags required for cluster-autoscaler auto-discovery
# k8s.io/cluster-autoscaler/enabled: "true"
# k8s.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
# kubernetes.io/cluster-autoscaler/enabled: "true"
# kubernetes.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
nodeGroups:
- name: def
instanceType: ${CLUSTER_INSTANCE_TYPE}
amiFamily: AmazonLinux2
minSize: ${CLUSTER_MIN_NODES}
maxSize: ${CLUSTER_MAX_NODES}
desiredCapacity: ${CLUSTER_NODES}
volumeSize: ${CLUSTER_VOLUME_SIZE}
ssh: # import public key from file
allow: true
publicKeyPath: id_rsa_${CLUSTER_NAME}.pub
kubeletExtraConfig:
allowedUnsafeSysctls:
- "net.ipv4.tcp_keepalive_intvl"
- "net.ipv4.tcp_keepalive_probes"
- "net.ipv4.tcp_keepalive_time"
tags:
# EC2 tags required for cluster-autoscaler auto-discovery
k8s.io/cluster-autoscaler/enabled: "true"
k8s.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
kubernetes.io/cluster-autoscaler/enabled: "true"
kubernetes.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
- name: gw
instanceType: ${CLUSTER_INSTANCE_TYPE2}
amiFamily: AmazonLinux2
minSize: 1
maxSize: ${CLUSTER_MAX_NODES}
desiredCapacity: ${CLUSTER_NODES2}
volumeSize: ${CLUSTER_VOLUME_SIZE}
ssh: # import public key from file
allow: true
publicKeyPath: id_rsa_${CLUSTER_NAME}.pub
kubeletExtraConfig:
allowedUnsafeSysctls:
- "net.ipv4.tcp_keepalive_intvl"
- "net.ipv4.tcp_keepalive_probes"
- "net.ipv4.tcp_keepalive_time"
taints:
- key: tip.main/onlygw
value: "true"
effect: NoSchedule
tags:
# EC2 tags required for cluster-autoscaler auto-discovery
k8s.io/cluster-autoscaler/enabled: "true"
k8s.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
kubernetes.io/cluster-autoscaler/enabled: "true"
kubernetes.io/cluster-autoscaler/${CLUSTER_NAME}: "owned"
iamIdentityMappings:
- arn: arn:aws:iam::${AWS_ACCOUNT_ID}:user/gha-wlan-testing
username: gha-wlan-testing
noDuplicateARNs: true # prevents shadowing of ARNs
groups:
- system:masters
- arn: arn:aws:iam::${AWS_ACCOUNT_ID}:user/gha-toolsmith
username: gha-toolsmith
noDuplicateARNs: true
groups:
- system:masters
- arn: arn:aws:iam::${AWS_ACCOUNT_ID}:user/gha-wlan-cloud-helm
username: gha-wlan-cloud-helm
noDuplicateARNs: true
groups:
- system:masters
- arn: arn:aws:iam::${AWS_ACCOUNT_ID}:role/AWSReservedSSO_SystemAdministrator_622371b0ceece6f8
groups:
- system:masters
username: admin
noDuplicateARNs: true
addons:
- name: vpc-cni # no version is specified so it deploys the default version
attachPolicyARNs:
- arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
- name: coredns
version: latest # auto discovers the latest available
- name: kube-proxy
version: latest
#- name: aws-ebs-csi-driver
# wellKnownPolicies: # add IAM and service account
# ebsCSIController: true
Reference in New Issue View Git Blame Copy Permalink