calm-salesmen-44528
05/25/2024, 4:57 AMdamp-wolf-94595
05/27/2024, 9:01 PMinstance_roles
argument of the eks.Cluster
should use the instance profile role.
3. Ensure that the instance_profile
is passed correctly to the ManagedNodeGroup
.
Here’s the corrected script:
`python
import pulumi
import pulumi_aws as aws
import pulumi_eks as eks
import os
from provider_and_vpc import aws_provider, vpc
from subnets_and_db import subnet1, subnet2`
`# Create additional subnets for EKS nodes
eks_subnet1 = aws.ec2.Subnet("my-eks-subnet1",
vpc_id=vpc.id,
cidr_block="10.0.3.0/24",
availability_zone="us-east-1c",
tags={'Name': 'pulumi-eks-subnet1'},
opts=pulumi.ResourceOptions(provider=aws_provider))`
`eks_subnet2 = aws.ec2.Subnet("my-eks-subnet2",
vpc_id=vpc.id,
cidr_block="10.0.4.0/24",
availability_zone="us-east-1d",
tags={'Name': 'pulumi-eks-subnet2'},
opts=pulumi.ResourceOptions(provider=aws_provider))`
`# Create IAM Role for EKS Node Group
eks_node_group_role = aws.iam.Role("eksNodeGroupRole",
assume_role_policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "<http://ec2.amazonaws.com|ec2.amazonaws.com>"
},
"Action": "sts:AssumeRole"
}
]
}""",
opts=pulumi.ResourceOptions(provider=aws_provider))`
`# Attach the necessary policies to the role
aws.iam.RolePolicyAttachment("eksNodeGroupPolicyAttachment",
role=eks_node_group_role.name,
policy_arn="arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
opts=pulumi.ResourceOptions(provider=aws_provider))`
`aws.iam.RolePolicyAttachment("eksCNIPluginPolicyAttachment",
role=eks_node_group_role.name,
policy_arn="arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy",
opts=pulumi.ResourceOptions(provider=aws_provider))`
`aws.iam.RolePolicyAttachment("eksRegistryPolicyAttachment",
role=eks_node_group_role.name,
policy_arn="arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly",
opts=pulumi.ResourceOptions(provider=aws_provider))`
`# Create IAM Instance Profile for the EKS Node Group Role
instance_profile = aws.iam.InstanceProfile("eksInstanceProfile",
role=eks_node_group_role.name,
opts=pulumi.ResourceOptions(provider=aws_provider))`
`# Create EKS Cluster
cluster = eks.Cluster("my-cluster",
vpc_id=vpc.id,
public_subnet_ids=[subnet1.id, subnet2.id],
private_subnet_ids=[eks_subnet1.id, eks_subnet2.id],
instance_roles=[eks_node_group_role],
opts=pulumi.ResourceOptions(provider=aws_provider))`
`# Create EKS Managed Node Group
node_group = eks.ManagedNodeGroup("my-node-group",
cluster=cluster.core,
node_role_arn=eks_node_group_role.arn,
subnet_ids=[eks_subnet1.id, eks_subnet2.id],
scaling_config=aws.eks.NodeGroupScalingConfigArgs(
desired_size=2,
min_size=1,
max_size=3
),
instance_profile=instance_profile.name,
opts=pulumi.ResourceOptions(provider=aws_provider))`
`pulumi.export('eks_cluster_name', cluster.core.cluster.name)
`
Make sure the instance_profile
is included in the ManagedNodeGroup
configuration. The key addition is instance_profile=instance_profile.name
in the ManagedNodeGroup
creation. This should resolve the instanceProfile not found
error.calm-salesmen-44528
05/27/2024, 9:02 PMcalm-salesmen-44528
05/27/2024, 9:02 PMcalm-salesmen-44528
05/27/2024, 9:03 PM