hello, when I create an eks cluster, how do I inst...
# javaa
adamant-lawyer-19698
07/01/2024, 7:12 AMhello, when I create an eks cluster, how do I install the ebs driver 'ebs.csi.aws.com' at the same time?
pulumi ai proves not working to help.
adamant-lawyer-19698
07/01/2024, 7:16 AMHere is my class
Copy code
public class InfraEksCluster {
private final Cluster cluster;
public InfraEksCluster(Vpc vpc) {
Role eksRole = new Role("my-infra-eks-admin-role", RoleArgs.builder()
.assumeRolePolicy(
"""
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "<http://eks.amazonaws.com|eks.amazonaws.com>"
},
"Action": "sts:AssumeRole"
}
]
}
"""
)
.build());
RolePolicyAttachment eksPolicyAttachment = new RolePolicyAttachment("my-infra-eks-admin-role-pa",
RolePolicyAttachmentArgs.builder()
.policyArn("arn:aws:iam::aws:policy/AmazonEKSClusterPolicy")
.role(eksRole.name())
.build());
Role instanceRole = new Role("my-infra-eks-node-group-instance-role", RoleArgs.builder()
.assumeRolePolicy(
"""
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "<http://ec2.amazonaws.com|ec2.amazonaws.com>"
},
"Action": "sts:AssumeRole"
}
]
}
"""
)
.build());
List<String> policies = List.of(
"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly",
"arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy",
"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy",
"arn:aws:iam::aws:policy/AmazonS3FullAccess");
for (int i = 0; i < policies.size(); i++) {
RolePolicyAttachment policyAttachment = new RolePolicyAttachment("my-infra-eks-node-group-instance-role-pa-" + (i + 1),
RolePolicyAttachmentArgs.builder()
.policyArn(policies.get(i))
.role(instanceRole.name())
.build());
}
String name = "my-infra-eks";
cluster = new Cluster(name, ClusterArgs.builder()
.instanceRole(instanceRole)
.name(name)
.serviceRole(eksRole)
.skipDefaultNodeGroup(true)
.subnetIds(vpc.publicSubnetIds())
.tags(App.TAGS)
.version("1.30")
.vpcId(vpc.vpcId())
.build());
String ng = "my-infra-eks-managed-node-group";
ManagedNodeGroup nodeGroup = new ManagedNodeGroup(ng, ManagedNodeGroupArgs.builder()
.cluster(cluster)
.diskSize(100)
.instanceTypes("m7i.4xlarge")
.nodeGroupName(ng)
.nodeRole(instanceRole)
.scalingConfig(NodeGroupScalingConfigArgs.builder()
.desiredSize(2)
.maxSize(12)
.minSize(2)
.build())
.subnetIds(Output.all(vpc.privateSubnetIds().applyValue(ids -> ids.get(0))))
.tags(App.TAGS)
.build());
}7 Views