It's more or less following the example here: <htt...
# kubernetesr
red-processor-68445
06/28/2024, 2:17 PMIt's more or less following the example here: https://www.pulumi.com/docs/clouds/aws/guides/eks/
Copy code
import * as aws from '@pulumi/aws';
import * as pulumi from '@pulumi/pulumi';
// import * as awsx from '@pulumi/awsx';
import * as eks from '@pulumi/eks';
import * as k8s from '@pulumi/kubernetes';
const stackName = pulumi.getStack();
// TODO: try creating explicit node group to see if making addons wait for them is any use
// s<https://repost.aws/questions/QUwE0avjnLRrizsBvq4Irk6Q/coredns-remains-degraded-after-eks-cluster-creation>
// Create an EKS cluster with the default configuration.
const cluster = new eks.Cluster(stackName, {
createOidcProvider: true,
skipDefaultNodeGroup: true,
instanceRoles: undefined,
// TODO: <https://docs.aws.amazon.com/eks/latest/userguide/enable-kms.html>
// encryptionConfigKeyArn
});
const nodeGroupRole = new aws.iam.Role('nodeGroupRole', {
assumeRolePolicy: JSON.stringify({
Version: '2012-10-17',
Statement: [
{
Action: 'sts:AssumeRole',
Effect: 'Allow',
Sid: undefined,
Principal: {
Service: '<http://ec2.amazonaws.com|ec2.amazonaws.com>',
},
},
],
}),
managedPolicyArns: [
'arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy',
'arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy',
'arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly',
],
});
const fixedNodeGroupProfile = new aws.iam.InstanceProfile('fixedNodeGroupInstanceProfile', {
role: nodeGroupRole,
});
const fixedNodeGroup = new eks.NodeGroupV2('fixedNodeGroup', {
cluster: cluster,
instanceType: 't3.medium',
instanceProfile: fixedNodeGroupProfile,
desiredCapacity: 2,
minSize: 2,
maxSize: 5,
});4 Views