Skip to content

Instantly share code, notes, and snippets.

@boskiv

boskiv/eksctl.yaml

Last active August 17, 2023 16:15
Show Gist options
  • Save boskiv/b972e202003e2ce458e99f58cf693ba6 to your computer and use it in GitHub Desktop.
Save boskiv/b972e202003e2ce458e99f58cf693ba6 to your computer and use it in GitHub Desktop.
Download ZIP
Prod Cluster
Raw
eksctl.yaml
# nonk8s
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: sf-cluster
region: ap-northeast-1
version: "1.27"
tags:
karpenter.sh/discovery: sf-cluster
vpc:
cidr: 10.10.0.0/16
clusterEndpoints:
publicAccess: true
privateAccess: true
iam:
withOIDC: true
cloudWatch:
clusterLogging:
enableTypes: ["*"]
logRetentionInDays: 30
iamIdentityMappings:
- arn: arn:aws:iam::xxxxxxxxx:role/OrganizationAccountAccessRole
username: admin
groups:
- system:masters
noDuplicateARNs: true # prevents shadowing of ARNs
addons:
- name: vpc-cni
version: latest
- name: kube-proxy
version: latest
- name: coredns
version: latest
- name: aws-ebs-csi-driver
version: latest
wellKnownPolicies:
ebsCSIController: true
certManager: true
awsLoadBalancerController: true
externalDNS: true
imageBuilder: true
karpenter:
version: 'v0.29.0' # Exact version must be provided
createServiceAccount: true # default is false
withSpotInterruptionQueue: true # adds all required policies and rules for supporting Spot Interruption Queue, default is false
managedNodeGroups:
- name: ng-nats
instanceTypes:
- c6a.large
spot: true
iam:
withAddonPolicies:
imageBuilder: true
autoScaler: true
externalDNS: true
certManager: true
appMesh: true
appMeshPreview: true
ebs: true
fsx: true
efs: true
awsLoadBalancerController: true
xRay: true
cloudWatch: true
desiredCapacity: 3
labels:
node.k8s/role: nats
taints:
- key: node.k8s/role
value: nats
effect: NoSchedule
- name: ng-db
instanceTypes:
- c6a.large
spot: true
iam:
withAddonPolicies:
imageBuilder: true
autoScaler: true
externalDNS: true
certManager: true
appMesh: true
appMeshPreview: true
ebs: true
fsx: true
efs: true
awsLoadBalancerController: true
xRay: true
cloudWatch: true
desiredCapacity: 3
labels:
node.k8s/role: timescaledb
taints:
- key: node.k8s/role
value: timescaledb
effect: NoSchedule
- name: ng-sf
instanceTypes:
- c6a.large
spot: true
iam:
withAddonPolicies:
imageBuilder: true
autoScaler: true
externalDNS: true
certManager: true
appMesh: true
appMeshPreview: true
ebs: true
fsx: true
efs: true
awsLoadBalancerController: true
xRay: true
cloudWatch: true
desiredCapacity: 3
labels:
node.k8s/role: sf
taints:
- key: node.k8s/role
value: sf
effect: NoSchedule
- name: ng-jobs
minSize: 1
maxSize: 20
spot: true
iam:
withAddonPolicies:
imageBuilder: true
autoScaler: true
externalDNS: true
certManager: true
appMesh: true
appMeshPreview: true
ebs: true
fsx: true
efs: true
awsLoadBalancerController: true
xRay: true
cloudWatch: true
instanceTypes:
- c6a.large
desiredCapacity: 1
labels:
node.k8s/role: jobs
taints:
- key: node.k8s/role
value: jobs
effect: NoSchedule
- name: ng-default
instanceType: c6a.large
minSize: 1
maxSize: 10
desiredCapacity: 2
labels:
node.k8s/role: default
iam:
withAddonPolicies:
imageBuilder: true
autoScaler: true
externalDNS: true
certManager: true
appMesh: true
appMeshPreview: true
ebs: true
fsx: true
efs: true
awsLoadBalancerController: true
xRay: true
cloudWatch: true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment