Hey there!
I’m new to pulumi-- Does anyone know h...
# awsf
fancy-eye-62290
02/02/2024, 1:21 AMHey there!
I’m new to pulumi-- Does anyone know how to attach a security group to a eks managedNodeGroup? I can’t for the life of me figure out how to do it!
l
little-cartoon-10569
02/02/2024, 1:50 AMNode groups don't have security groups. Each node in a group does. That's configured via the node group's EC2 launch template.
f
fancy-eye-62290
02/02/2024, 1:51 AMI’m trying to setup with spot instances that automatically pull from a list of possible instances, which I don’t think are available on the launch templates
l
little-cartoon-10569
02/02/2024, 1:55 AMI don't enough about EKS to help with that. The thing that creates the instances will be where you configure the security groups.
f
fancy-eye-62290
02/02/2024, 1:55 AMThanks for trying 🙂
l
little-cartoon-10569
02/02/2024, 1:56 AMWhat's the thing that creates the instances?
f
fancy-eye-62290
02/02/2024, 1:56 AMits the managedNodeGroup in pulumi
fancy-eye-62290
02/02/2024, 1:56 AMwhich is whats confusing
fancy-eye-62290
02/02/2024, 1:56 AM(but they accept launch templates…but launch templates dont have spot)
l
little-cartoon-10569
02/02/2024, 1:56 AMNo, NodeGroups manage the created instances. EC2 scaling groups create the instances, afaik. Maybe there's another service that does it, too?
f
fancy-eye-62290
02/02/2024, 1:57 AMMaybe?? Its weird because I create the cluster, I set the sizes, spot etc in the managed nodegroup, and it sort of creates the scaling groups etc as well
fancy-eye-62290
02/02/2024, 1:58 AMIt seems to apply a default sg…but i can’t seem to figure out how to change that either
l
little-cartoon-10569
02/02/2024, 1:59 AMYep. If you want more control than EKS gives, you may have to roll your own using ASGs and other low-level constructs 😞
f
fancy-eye-62290
02/02/2024, 1:59 AMyeah sounds like it 😞
l
little-cartoon-10569
02/02/2024, 1:59 AMThat's the downside of convention-over-configuration 😞
f
fancy-eye-62290
02/02/2024, 1:59 AMTotally
fancy-eye-62290
02/02/2024, 2:00 AMBut im not sure it exposes the “bidding” stuff and multiple nodetypes elsewhere which is kinda odd
c
cuddly-journalist-77210
02/02/2024, 3:26 AMwhich provider are you using?
f
fancy-eye-62290
02/02/2024, 4:57 AMaws.provider
c
cuddly-journalist-77210
02/02/2024, 8:55 AMYou need to use launch template. @fancy-eye-62290
And set the following args to use spot instance in launch template:
instanceMarketOptions: {
marketType: "spot",
},
f
fancy-eye-62290
02/02/2024, 2:04 PMAh got it!!
fancy-eye-62290
02/02/2024, 2:30 PM@cuddly-journalist-77210 Actually im sorry I guess im using the eks provider!
l
little-cartoon-10569
02/04/2024, 6:32 PMThe EKS provider is convention-over-configuration. If the conventions it adopts don't suit, then you need to use the AWS provider directly, in order to get the power of configuration.
f
fancy-eye-62290
02/04/2024, 6:33 PMMakes sense! I think I got it all sorted. It looks like you can use the eks manager, and override using a launch template
fancy-eye-62290
02/04/2024, 6:33 PMThe next thing I gotta figure out is how to override the autoscaling group
fancy-eye-62290
02/04/2024, 6:34 PMI dont know if you can ovveride the autoscaler though