Documentation ¶
Overview ¶
Package v1alpha5 is the v1alpha5 version of the API. +groupName=eksctl.io
Index ¶
- Constants
- Variables
- func ClusterConfigTypeMeta() metav1.TypeMeta
- func ClusterHasInstanceType(cfg *ClusterConfig, hasType func(string) bool) bool
- func DefaultCIDR() ipnet.IPNet
- func DeprecatedVersions() []string
- func Disabled() *bool
- func EKSResourceAccountID(region string) string
- func Enabled() *bool
- func EndpointsEqual(a, b ClusterEndpoints) bool
- func ErrInvalidName(name string) error
- func ErrTooFewAvailabilityZones(azs []string) error
- func HasAllDefaultAddons(addonNames []string) bool
- func HasDefaultAddons(addons []*Addon) bool
- func HasInstanceType(nodeGroup *NodeGroup, hasType func(string) bool) bool
- func HasInstanceTypeManaged(nodeGroup *ManagedNodeGroup, hasType func(string) bool) bool
- func HasMixedInstances(ng *NodeGroup) bool
- func ImportSubnet(subnets AZSubnetMapping, localSubnetsConfig AZSubnetMapping, ...) error
- func IsAMI(amiFlag string) bool
- func IsAmazonLinuxImage(imageFamily string) bool
- func IsDeprecatedVersion(version string) bool
- func IsDisabled(v *bool) bool
- func IsEmpty(s *string) bool
- func IsEnabled(v *bool) bool
- func IsInvalidNameArg(name string) bool
- func IsSetAndNonEmptyString(s *string) bool
- func IsSupportedVersion(version string) bool
- func IsUbuntuImage(imageFamily string) bool
- func IsWindowsImage(imageFamily string) bool
- func Kind(kind string) schema.GroupKind
- func PrivateOnly(ces *ClusterEndpoints) bool
- func Register() error
- func RegisterDefaults(scheme *runtime.Scheme) error
- func Resource(resource string) schema.GroupResource
- func RoleNameFromARN(roleARN string) (string, error)
- func SelectInstanceType(np NodePool) string
- func SetClusterConfigDefaults(cfg *ClusterConfig)
- func SetClusterEndpointAccessDefaults(vpc *ClusterVPC)
- func SetManagedNodeGroupDefaults(ng *ManagedNodeGroup, meta *ClusterMeta, controlPlaneOnOutposts bool)
- func SetNodeGroupDefaults(ng *NodeGroup, meta *ClusterMeta, controlPlaneOnOutposts bool)
- func SupportedAMIFamilies() []string
- func SupportedCloudWatchClusterLogTypes() []string
- func SupportedNodeVolumeTypes() []string
- func SupportedRegions() []string
- func SupportedVersions() []string
- func ToPodIdentityAssociationID(piaARN string) (string, error)
- func ValidateAdditionalEndpointServices(serviceNames []string) error
- func ValidateAutoModeConfig(clusterConfig *ClusterConfig) error
- func ValidateClusterConfig(cfg *ClusterConfig) error
- func ValidateClusterVersion(clusterConfig *ClusterConfig) error
- func ValidateManagedNodeGroup(index int, ng *ManagedNodeGroup) error
- func ValidateNodeGroup(i int, ng *NodeGroup, cfg *ClusterConfig) error
- func ValidateSecretsEncryption(clusterConfig *ClusterConfig) error
- type ARN
- type AZSubnetMapping
- func (in AZSubnetMapping) DeepCopy() AZSubnetMapping
- func (in AZSubnetMapping) DeepCopyInto(out *AZSubnetMapping)
- func (m AZSubnetMapping) SelectOutpostSubnetIDs() []string
- func (m *AZSubnetMapping) Set(name string, spec AZSubnetSpec)
- func (m *AZSubnetMapping) SetAZ(az string, spec Network)
- func (m *AZSubnetMapping) UnmarshalJSON(b []byte) error
- func (m *AZSubnetMapping) WithAZs() []string
- func (m *AZSubnetMapping) WithCIDRs() []string
- func (m *AZSubnetMapping) WithIDs() []string
- type AZSubnetSpec
- type AccessConfig
- type AccessEntry
- type AccessEntryType
- type AccessPolicy
- type AccessScope
- type Addon
- type AddonsConfig
- type AutoModeConfig
- type CapacityReservation
- type CapacityReservationTarget
- type ClusterCloudWatch
- type ClusterCloudWatchLogging
- type ClusterConfig
- func (c *ClusterConfig) AllNodeGroups() []*NodeGroupBase
- func (c *ClusterConfig) AppendAvailabilityZone(newAZ string)
- func (c *ClusterConfig) AppendClusterCloudWatchLogTypes(types ...string)
- func (c *ClusterConfig) CanUseForPrivateNodeGroups() error
- func (c *ClusterConfig) ContainsWildcardCloudWatchLogging() bool
- func (c *ClusterConfig) CustomEndpointsMsg() string
- func (in *ClusterConfig) DeepCopy() *ClusterConfig
- func (in *ClusterConfig) DeepCopyInto(out *ClusterConfig)
- func (in *ClusterConfig) DeepCopyObject() runtime.Object
- func (c *ClusterConfig) DefaultEndpointsMsg() string
- func (c *ClusterConfig) FindNodeGroupOutpostARN() (outpostARN string, found bool)
- func (c *ClusterConfig) FindNodegroup(name string) (*NodeGroupBase, error)
- func (c *ClusterConfig) GetAllNodeGroupNames() []string
- func (c *ClusterConfig) GetOutpost() *Outpost
- func (c *ClusterConfig) GetStatus() *ClusterStatus
- func (c *ClusterConfig) HasAnySubnets() bool
- func (c *ClusterConfig) HasClusterCloudWatchLogging() bool
- func (c *ClusterConfig) HasClusterEndpointAccess() bool
- func (c *ClusterConfig) HasGitOpsFluxConfigured() bool
- func (c ClusterConfig) HasNodes() bool
- func (c *ClusterConfig) HasPrivateEndpointAccess() bool
- func (c *ClusterConfig) HasRemoteNetworkingConfigured() bool
- func (c *ClusterConfig) HasSufficientPrivateSubnets() bool
- func (c *ClusterConfig) HasSufficientSubnets() error
- func (c *ClusterConfig) HasWindowsNodeGroup() bool
- func (c *ClusterConfig) ID() string
- func (c *ClusterConfig) IPv6Enabled() bool
- func (c *ClusterConfig) IsAutoModeEnabled() bool
- func (c *ClusterConfig) IsControlPlaneOnOutposts() bool
- func (c ClusterConfig) IsFargateEnabled() bool
- func (c *ClusterConfig) IsFullyPrivate() bool
- func (c ClusterConfig) LogString() string
- func (c *ClusterConfig) Meta() *ClusterMeta
- func (c *ClusterConfig) NewNodeGroup() *NodeGroup
- func (c *ClusterConfig) SetClusterState(cluster *ekstypes.Cluster) error
- func (c *ClusterConfig) SetDefaultFargateProfile()
- func (c *ClusterConfig) SubnetInfo() string
- func (c *ClusterConfig) UpdateEndpointsMsg() string
- func (c *ClusterConfig) ValidateClusterEndpointConfig() error
- func (c *ClusterConfig) ValidatePrivateCluster() error
- func (c *ClusterConfig) ValidateVPCConfig() error
- type ClusterConfigList
- type ClusterEndpoints
- type ClusterIAM
- type ClusterIAMMeta
- type ClusterIAMServiceAccount
- type ClusterIAMServiceAccountStatus
- type ClusterMeta
- type ClusterNAT
- type ClusterProvider
- type ClusterStatus
- type ClusterSubnets
- type ClusterVPC
- type CustomStringSlice
- type EKSCTLCreated
- type EndpointService
- type FargateProfile
- type FargateProfileSelector
- type Flux
- type FluxFlags
- type GitOps
- type IAMIdentityMapping
- type IAMPolicyDocument
- type IAMStatement
- type IdentityProvider
- type IdentityProviderInterface
- type IdentityProviderType
- type InlineDocument
- type InstanceSelector
- type Karpenter
- type KubernetesNetworkConfig
- type LaunchTemplate
- type ManagedNodeGroup
- func (m *ManagedNodeGroup) BaseNodeGroup() *NodeGroupBase
- func (in *ManagedNodeGroup) DeepCopy() *ManagedNodeGroup
- func (in *ManagedNodeGroup) DeepCopyInto(out *ManagedNodeGroup)
- func (m *ManagedNodeGroup) GetDesiredCapacity() int
- func (m *ManagedNodeGroup) InstanceTypeList() []string
- func (m *ManagedNodeGroup) ListOptions() metav1.ListOptions
- func (m *ManagedNodeGroup) NGTaints() []NodeGroupTaint
- type MetricsCollection
- type Network
- type NodeGroup
- func (n *NodeGroup) BaseNodeGroup() *NodeGroupBase
- func (in *NodeGroup) DeepCopy() *NodeGroup
- func (in *NodeGroup) DeepCopyInto(out *NodeGroup)
- func (n *NodeGroup) GetContainerRuntime() string
- func (n *NodeGroup) GetDesiredCapacity() int
- func (n *NodeGroup) GetInstanceType() string
- func (n *NodeGroup) InstanceTypeList() []string
- func (n *NodeGroup) NGTaints() []NodeGroupTaint
- func (n *NodeGroup) SetInstanceType(instanceType string)
- type NodeGroupBase
- func (in *NodeGroupBase) DeepCopy() *NodeGroupBase
- func (in *NodeGroupBase) DeepCopyInto(out *NodeGroupBase)
- func (n *NodeGroupBase) GetAMIFamily() string
- func (n *NodeGroupBase) GetDesiredCapacity() int
- func (n *NodeGroupBase) ListOptions() metav1.ListOptions
- func (n *NodeGroupBase) NameString() string
- func (n *NodeGroupBase) Size() int
- type NodeGroupBottlerocket
- type NodeGroupIAM
- type NodeGroupIAMAddonPolicies
- type NodeGroupInstancesDistribution
- type NodeGroupNodeRepairConfig
- type NodeGroupSGs
- type NodeGroupSSH
- type NodeGroupTaint
- type NodeGroupType
- type NodeGroupUpdateConfig
- type NodePool
- type OIDCIdentityProvider
- type Outpost
- type OutpostInfo
- type Placement
- type PodIdentityAssociation
- type PrivateCluster
- type Profile
- type ProviderConfig
- type RemoteNetwork
- type RemoteNetworkConfig
- type RemoteNodesIAM
- type STSPresigner
- type ScalingConfig
- type SecretsEncryption
- type SubnetTopology
- type UnsupportedFeatureError
- type VPCGateway
- type VolumeMapping
- type WellKnownPolicies
- func (in *WellKnownPolicies) DeepCopy() *WellKnownPolicies
- func (in *WellKnownPolicies) DeepCopyInto(out *WellKnownPolicies)
- func (p *WellKnownPolicies) HasPolicy() bool
- func (p *WellKnownPolicies) Set(policiesStr string) error
- func (p *WellKnownPolicies) String() string
- func (p *WellKnownPolicies) Type() string
- type ZonalShiftConfig
Constants ¶
const ( VPCCNIAddon = "vpc-cni" KubeProxyAddon = "kube-proxy" CoreDNSAddon = "coredns" PodIdentityAgentAddon = "eks-pod-identity-agent" AWSEBSCSIDriverAddon = "aws-ebs-csi-driver" AWSEFSCSIDriverAddon = "aws-efs-csi-driver" )
Values for core addons
const ( AutoModeNodePoolGeneralPurpose = "general-purpose" AutoModeNodePoolSystem = "system" )
Values for `AutoModeNodePool`.
const ( AnnotationEKSRoleARN = "eks.amazonaws.com/role-arn" EKSServicePrincipal = "pods.eks.amazonaws.com" )
Commonly-used constants
const ( PartitionAWS = "aws" PartitionChina = "aws-cn" PartitionUSGov = "aws-us-gov" PartitionISO = "aws-iso" PartitionISOB = "aws-iso-b" )
Partitions.
const ( CurrentGroupVersion = "v1alpha5" ClusterConfigKind = "ClusterConfig" )
Conventional Kubernetes API contants
const ( Version1_23 = "1.23" Version1_24 = "1.24" Version1_25 = "1.25" Version1_26 = "1.26" Version1_27 = "1.27" Version1_28 = "1.28" Version1_29 = "1.29" Version1_30 = "1.30" Version1_31 = "1.31" // DefaultVersion (default) DefaultVersion = Version1_30 LatestVersion = Version1_31 DockershimDeprecationVersion = Version1_24 )
Values for `KubernetesVersion` All valid values should go in this block
const ( // Version1_10 represents Kubernetes version 1.10.x Version1_10 = "1.10" // Version1_11 represents Kubernetes version 1.11.x Version1_11 = "1.11" // Version1_12 represents Kubernetes version 1.12.x Version1_12 = "1.12" // Version1_13 represents Kubernetes version 1.13.x Version1_13 = "1.13" // Version1_14 represents Kubernetes version 1.14.x Version1_14 = "1.14" // Version1_15 represents Kubernetes version 1.15.x Version1_15 = "1.15" // Version1_16 represents Kubernetes version 1.16.x Version1_16 = "1.16" // Version1_17 represents Kubernetes version 1.17.x Version1_17 = "1.17" // Version1_18 represents Kubernetes version 1.18.x Version1_18 = "1.18" // Version1_19 represents Kubernetes version 1.19.x Version1_19 = "1.19" // Version1_20 represents Kubernetes version 1.20.x Version1_20 = "1.20" // Version1_21 represents Kubernetes version 1.21.x Version1_21 = "1.21" // Version1_22 represents Kubernetes version 1.22.x Version1_22 = "1.22" )
No longer supported versions
const ( // RegionUSWest1 represents the US West Region North California RegionUSWest1 = "us-west-1" // RegionUSWest2 represents the US West Region Oregon RegionUSWest2 = "us-west-2" // RegionUSEast1 represents the US East Region North Virginia RegionUSEast1 = "us-east-1" // RegionUSEast2 represents the US East Region Ohio RegionUSEast2 = "us-east-2" // RegionCACentral1 represents the Canada Central Region RegionCACentral1 = "ca-central-1" // RegionCAWest1 represents the Canada West region Calgary. RegionCAWest1 = "ca-west-1" // RegionEUWest1 represents the EU West Region Ireland RegionEUWest1 = "eu-west-1" // RegionEUWest2 represents the EU West Region London RegionEUWest2 = "eu-west-2" // RegionEUWest3 represents the EU West Region Paris RegionEUWest3 = "eu-west-3" // RegionEUNorth1 represents the EU North Region Stockholm RegionEUNorth1 = "eu-north-1" // RegionEUCentral1 represents the EU Central Region Frankfurt RegionEUCentral1 = "eu-central-1" // RegionEUCentral2 represents the EU Central Region Zurich. RegionEUCentral2 = "eu-central-2" // RegionEUSouth1 represents the Eu South Region Milan RegionEUSouth1 = "eu-south-1" // RegionEUSouth2 represents the Eu South Region Spain RegionEUSouth2 = "eu-south-2" // RegionAPNorthEast1 represents the Asia-Pacific North East Region Tokyo RegionAPNorthEast1 = "ap-northeast-1" // RegionAPNorthEast2 represents the Asia-Pacific North East Region Seoul RegionAPNorthEast2 = "ap-northeast-2" // RegionAPNorthEast3 represents the Asia-Pacific North East region Osaka RegionAPNorthEast3 = "ap-northeast-3" // RegionAPSouthEast1 represents the Asia-Pacific South East Region Singapore RegionAPSouthEast1 = "ap-southeast-1" // RegionAPSouthEast2 represents the Asia-Pacific South East Region Sydney RegionAPSouthEast2 = "ap-southeast-2" // RegionAPSouthEast3 represents the Asia-Pacific South East Region Jakarta RegionAPSouthEast3 = "ap-southeast-3" // RegionAPSouthEast4 represents the Asia-Pacific South East Region Melbourne RegionAPSouthEast4 = "ap-southeast-4" // RegionAPSouthEast5 represents the Asia-Pacific South East Region Kuala Lumpur RegionAPSouthEast5 = "ap-southeast-5" // RegionAPSouthEast7 represents the Asia-Pacific South East Region Bangkok RegionAPSouthEast7 = "ap-southeast-7" // RegionAPSouth1 represents the Asia-Pacific South Region Mumbai RegionAPSouth1 = "ap-south-1" // RegionAPSouth2 represents the Asia-Pacific South Region Hyderabad RegionAPSouth2 = "ap-south-2" // RegionAPEast1 represents the Asia Pacific Region Hong Kong RegionAPEast1 = "ap-east-1" // RegionMECentral1 represents the Middle East Region Dubai RegionMECentral1 = "me-central-1" // RegionMESouth1 represents the Middle East Region Bahrain RegionMESouth1 = "me-south-1" // RegionSAEast1 represents the South America Region Sao Paulo RegionSAEast1 = "sa-east-1" // RegionAFSouth1 represents the Africa Region Cape Town RegionAFSouth1 = "af-south-1" // RegionCNNorthwest1 represents the China region Ningxia RegionCNNorthwest1 = "cn-northwest-1" // RegionCNNorth1 represents the China region Beijing RegionCNNorth1 = "cn-north-1" // RegionILCentral1 represents the Israel region Tel Aviv RegionILCentral1 = "il-central-1" // RegionUSGovWest1 represents the region GovCloud (US-West) RegionUSGovWest1 = "us-gov-west-1" // RegionUSGovEast1 represents the region GovCloud (US-East) RegionUSGovEast1 = "us-gov-east-1" // RegionUSISOEast1 represents the region US ISO East. RegionUSISOEast1 = "us-iso-east-1" // RegionUSISOBEast1 represents the region US ISOB East (Ohio). RegionUSISOBEast1 = "us-isob-east-1" // RegionUSISOWest1 represents the region US ISOB West. RegionUSISOWest1 = "us-iso-west-1" // DefaultRegion defines the default region, where to deploy the EKS cluster DefaultRegion = RegionUSWest2 )
Regions
const ( // DefaultNodeImageFamily (default) DefaultNodeImageFamily = NodeImageFamilyAmazonLinux2 NodeImageFamilyAmazonLinux2023 = "AmazonLinux2023" NodeImageFamilyAmazonLinux2 = "AmazonLinux2" NodeImageFamilyUbuntuPro2204 = "UbuntuPro2204" NodeImageFamilyUbuntu2204 = "Ubuntu2204" NodeImageFamilyUbuntu2004 = "Ubuntu2004" NodeImageFamilyUbuntu1804 = "Ubuntu1804" NodeImageFamilyBottlerocket = "Bottlerocket" NodeImageFamilyWindowsServer2019CoreContainer = "WindowsServer2019CoreContainer" NodeImageFamilyWindowsServer2019FullContainer = "WindowsServer2019FullContainer" NodeImageFamilyWindowsServer2022CoreContainer = "WindowsServer2022CoreContainer" NodeImageFamilyWindowsServer2022FullContainer = "WindowsServer2022FullContainer" )
Values for `NodeAMIFamily` All valid values of supported families should go in this block
const ( NodeImageFamilyWindowsServer2004CoreContainer = "WindowsServer2004CoreContainer" NodeImageFamilyWindowsServer20H2CoreContainer = "WindowsServer20H2CoreContainer" )
Deprecated `NodeAMIFamily`
const ( ContainerRuntimeContainerD = "containerd" ContainerRuntimeDockerD = "dockerd" ContainerRuntimeDockerForWindows = "docker" )
Container runtime values.
const ( // DefaultNodeType is the default instance type to use for nodes DefaultNodeType = "m5.large" // DefaultNodeCount defines the default number of nodes to be created DefaultNodeCount = 2 // DefaultMaxSize defines the default maximum number of nodes inside the ASG DefaultMaxSize = 1 // NodeImageResolverAuto represents auto AMI resolver (see ami package) NodeImageResolverAuto = "auto" // NodeImageResolverAutoSSM is used to indicate that the latest EKS AMIs should be used for the nodes. The AMI is selected // using an SSM GetParameter query NodeImageResolverAutoSSM = "auto-ssm" // EksctlVersionTag defines the version of eksctl which is used to provision or update EKS cluster EksctlVersionTag = "alpha.eksctl.io/eksctl-version" // ClusterNameTag defines the tag of the cluster name ClusterNameTag = "alpha.eksctl.io/cluster-name" // ClusterOIDCEnabledTag determines whether OIDC is enabled or not. ClusterOIDCEnabledTag = "alpha.eksctl.io/cluster-oidc-enabled" // OldClusterNameTag defines the tag of the cluster name OldClusterNameTag = "eksctl.cluster.k8s.io/v1alpha1/cluster-name" // NodeGroupNameTag defines the tag of the nodegroup name NodeGroupNameTag = "alpha.eksctl.io/nodegroup-name" // NodeGroupTypeTag defines the nodegroup type as managed or unmanaged NodeGroupTypeTag = "alpha.eksctl.io/nodegroup-type" // OldNodeGroupNameTag defines the tag of the nodegroup name OldNodeGroupNameTag = "eksctl.io/v1alpha2/nodegroup-name" // OldNodeGroupIDTag defines the old version of tag of the nodegroup name OldNodeGroupIDTag = "eksctl.cluster.k8s.io/v1alpha1/nodegroup-id" // IAMServiceAccountNameTag defines the tag of the IAM service account name IAMServiceAccountNameTag = "alpha.eksctl.io/iamserviceaccount-name" // PodIdentityAssociationNameTag defines the tag of Pod Identity Association name PodIdentityAssociationNameTag = "alpha.eksctl.io/podidentityassociation-name" // AddonPodIdentityAssociationNameTag defines the tag name for an addon's pod identity association. AddonPodIdentityAssociationNameTag = "alpha.eksctl.io/addon-podidentityassociation-name" // AddonNameTag defines the tag of the IAM service account name AddonNameTag = "alpha.eksctl.io/addon-name" // ClusterNameLabel defines the tag of the cluster name ClusterNameLabel = "alpha.eksctl.io/cluster-name" // NodeGroupNameLabel defines the label of the nodegroup name NodeGroupNameLabel = "alpha.eksctl.io/nodegroup-name" // KarpenterNameTag defines the tag of the Karpenter stack name KarpenterNameTag = "alpha.eksctl.io/karpenter-name" // KarpenterVersionTag defines the tag for Karpenter's version KarpenterVersionTag = "alpha.eksctl.io/karpenter-version" EKSNodeGroupNameLabel = "eks.amazonaws.com/nodegroup" // SpotAllocationStrategyLowestPrice defines the ASG spot allocation strategy of lowest-price SpotAllocationStrategyLowestPrice = "lowest-price" // SpotAllocationStrategyCapacityOptimized defines the ASG spot allocation strategy of capacity-optimized SpotAllocationStrategyCapacityOptimized = "capacity-optimized" // SpotAllocationStrategyCapacityOptimizedPrioritized defines the ASG spot allocation strategy of capacity-optimized-prioritized // Use the capacity-optimized-prioritized allocation strategy and then set the order of instance types in // the list of launch template overrides from highest to lowest priority (first to last in the list). // Amazon EC2 Auto Scaling honors the instance type priorities on a best-effort basis but optimizes // for capacity first. This is a good option for workloads where the possibility of disruption must be // minimized, but also the preference for certain instance types matters. // https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-purchase-options.html#asg-spot-strategy SpotAllocationStrategyCapacityOptimizedPrioritized = "capacity-optimized-prioritized" )
const ( // NodeVolumeTypeGP2 is General Purpose SSD NodeVolumeTypeGP2 = "gp2" // NodeVolumeTypeGP3 is General Purpose SSD which can be optimised for high throughput (default) NodeVolumeTypeGP3 = "gp3" // NodeVolumeTypeIO1 is Provisioned IOPS SSD NodeVolumeTypeIO1 = "io1" // NodeVolumeTypeSC1 is Cold HDD NodeVolumeTypeSC1 = "sc1" // NodeVolumeTypeST1 is Throughput Optimized HDD NodeVolumeTypeST1 = "st1" )
Values for `VolumeType`
const ( // NodeGroupTypeManaged defines a managed nodegroup NodeGroupTypeManaged NodeGroupType = "managed" // NodeGroupTypeUnmanaged defines an unmanaged nodegroup NodeGroupTypeUnmanaged NodeGroupType = "unmanaged" // NodeGroupTypeUnowned defines an unowned managed nodegroup NodeGroupTypeUnowned NodeGroupType = "unowned" // DefaultNodeVolumeThroughput defines the default throughput for gp3 volumes, set to the min value DefaultNodeVolumeThroughput = 125 // DefaultNodeVolumeIO1IOPS defines the default throughput for io1 volumes, set to the min value DefaultNodeVolumeIO1IOPS = 100 // DefaultNodeVolumeGP3IOPS defines the default throughput for gp3, set to the min value DefaultNodeVolumeGP3IOPS = 3000 )
const ( // IPV4Family defines an IP family of v4 to be used when creating a new VPC and cluster. IPV4Family = "IPv4" // IPV6Family defines an IP family of v6 to be used when creating a new VPC and cluster. IPV6Family = "IPv6" )
Values for `IPFamily`
const ( OpenCapacityReservation = "open" NoneCapacityReservation = "none" )
Values for Capacity Reservation Preference
const ( MinThroughput = DefaultNodeVolumeThroughput MaxThroughput = 1000 MinIO1Iops = DefaultNodeVolumeIO1IOPS MaxIO1Iops = 64000 MinGP3Iops = DefaultNodeVolumeGP3IOPS MaxGP3Iops = 16000 OneDay = 86400 )
const ( // ClusterHighlyAvailableNAT configures a highly available NAT gateway ClusterHighlyAvailableNAT = "HighlyAvailable" // ClusterSingleNAT configures a single NAT gateway ClusterSingleNAT = "Single" // ClusterDisableNAT disables NAT ClusterDisableNAT = "Disable" // (default) ClusterNATDefault = ClusterSingleNAT )
Values for `ClusterNAT`
const ( // MinRequiredSubnets is the minimum required number of subnets MinRequiredSubnets = 2 // OutpostsMinRequiredSubnets is the minimum required number of subnets for Outposts. OutpostsMinRequiredSubnets = 1 // MinRequiredAvailabilityZones defines the minimum number of required availability zones MinRequiredAvailabilityZones = MinRequiredSubnets // RecommendedSubnets is the recommended number of subnets RecommendedSubnets = 3 // RecommendedAvailabilityZones defines the default number of required availability zones RecommendedAvailabilityZones = RecommendedSubnets // SubnetTopologyPrivate represents privately-routed subnets SubnetTopologyPrivate SubnetTopology = "Private" // SubnetTopologyPublic represents publicly-routed subnets SubnetTopologyPublic SubnetTopology = "Public" )
const (
// AWSDebugLevel defines the LogLevel for AWS produced logs
AWSDebugLevel = 5
)
const (
IAMPolicyAmazonEKSCNIPolicy = "AmazonEKS_CNI_Policy"
)
const ReservedProfileNamePrefix = "eks-"
ReservedProfileNamePrefix defines the Fargate profile name prefix reserved for AWS, and which therefore, cannot be used by users. AWS' API should reject the creation of profiles starting with this prefix, but we eagerly validate this client-side.
const (
// Version1_32 represents Kubernetes version 1.32.x
Version1_32 = "1.32"
)
Not yet supported versions
Variables ¶
var ( // EndpointServiceS3 is an EndpointService for S3. EndpointServiceS3 = EndpointService{ Name: "s3", } // EndpointServiceCloudWatch is an EndpointService for CloudWatch Logs. EndpointServiceCloudWatch = EndpointService{ Name: "logs", Optional: true, } )
var ( SchemeGroupVersion = schema.GroupVersion{Group: api.GroupName, Version: CurrentGroupVersion} SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) AddToScheme = SchemeBuilder.AddToScheme )
Conventional Kubernetes API variables
var ( // DefaultWaitTimeout defines the default wait timeout DefaultWaitTimeout = 25 * time.Minute // DefaultNodeSSHPublicKeyPath is the default path to SSH public key DefaultNodeSSHPublicKeyPath = "~/.ssh/id_rsa.pub" // DefaultNodeVolumeType defines the default root volume type to use for // non-Outpost clusters. DefaultNodeVolumeType = NodeVolumeTypeGP3 // DefaultNodeVolumeSize defines the default root volume size DefaultNodeVolumeSize = 80 )
var ( SSMProvider = "ssm" IRAProvider = "ira" )
var ( // ErrClusterEndpointNoAccess indicates the config prevents API access ErrClusterEndpointNoAccess = errors.New("Kubernetes API access must have one of public or private clusterEndpoints enabled") // ErrClusterEndpointPrivateOnly warns private-only access requires changes // to AWS resource configuration in order to effectively use clients in the VPC ErrClusterEndpointPrivateOnly = errors.New("warning, having public access disallowed will subsequently interfere with some " + "features of eksctl. This will require running subsequent eksctl (and Kubernetes) " + "commands/API calls from within the VPC. Running these in the VPC requires making " + "updates to some AWS resources. See: " + "https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html " + "for more details") ErrPodIdentityAgentNotInstalled = func(suggestion string) error { return fmt.Errorf("the %q addon must be installed to create pod identity associations; %s", PodIdentityAgentAddon, suggestion) } ErrUnsupportedInstanceTypes = func(instanceType, amiFamily, suggestion string) error { return fmt.Errorf("%s instance types are not supported for %s; %s", instanceType, amiFamily, suggestion) } GPUDriversWarning = func(amiFamily string) string { return fmt.Sprintf("%s does not ship with NVIDIA GPU drivers installed, hence won't support running GPU-accelerated workloads out of the box", amiFamily) } )
var ( SupportedAmazonLinuxImages = supportedAMIFamiliesForOS(IsAmazonLinuxImage) SupportedUbuntuImages = supportedAMIFamiliesForOS(IsUbuntuImage) )
var (
AWSNodeMeta = ClusterIAMMeta{
Name: "aws-node",
Namespace: "kube-system",
}
)
var AutoModeKnownNodePools = []string{AutoModeNodePoolGeneralPurpose, AutoModeNodePoolSystem}
AutoModeKnownNodePools is a slice of known node pools for Auto Mode.
var ( // DefaultIPFamily defines the default IP family to use when creating a new VPC and cluster. DefaultIPFamily = IPV4Family )
var EKSServicePrincipalTrustStatement = IAMStatement{ Effect: "Allow", Action: []string{ "sts:AssumeRole", "sts:TagSession", }, Principal: map[string]CustomStringSlice{ "Service": []string{EKSServicePrincipal}, }, }
var EndpointServices = []EndpointService{ { Name: "ec2", RequiresChinaPrefix: true, RequiresISOPrefix: true, }, { Name: "ecr.api", RequiresChinaPrefix: true, RequiresISOPrefix: true, }, { Name: "ecr.dkr", RequiresChinaPrefix: true, RequiresISOPrefix: true, }, EndpointServiceS3, { Name: "sts", RequiresChinaPrefix: true, }, { Name: "ssm", OutpostsOnly: true, }, { Name: "ssmmessages", OutpostsOnly: true, }, { Name: "ec2messages", OutpostsOnly: true, }, { Name: "secretsmanager", OutpostsOnly: true, }, { Name: "cloudformation", Optional: true, RequiresChinaPrefix: true, }, { Name: "autoscaling", Optional: true, RequiresISOPrefix: true, }, EndpointServiceCloudWatch, }
EndpointServices is a list of supported endpoint services.
var ErrUnsupportedLocalCluster = errors.New("this operation is not supported on Outposts clusters")
ErrUnsupportedLocalCluster is an error for when an unsupported operation is attempted on a local cluster.
var KnownAddons = map[string]struct { IsDefault bool CreateBeforeNodeGroup bool }{ VPCCNIAddon: { IsDefault: true, CreateBeforeNodeGroup: true, }, KubeProxyAddon: { IsDefault: true, CreateBeforeNodeGroup: true, }, CoreDNSAddon: { IsDefault: true, CreateBeforeNodeGroup: true, }, PodIdentityAgentAddon: { CreateBeforeNodeGroup: true, }, AWSEBSCSIDriverAddon: {}, AWSEFSCSIDriverAddon: {}, }
var LogRetentionInDaysValues = []int{1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653}
var Partitions = partitions{ awsPartition, { // contains filtered or unexported fields }, { // contains filtered or unexported fields }, { // contains filtered or unexported fields }, { // contains filtered or unexported fields }, }
Partitions is a list of supported AWS partitions.
var SchemaJSON string
SchemaJSON contains the schema
Functions ¶
func ClusterConfigTypeMeta ¶
ClusterConfigTypeMeta constructs TypeMeta for ClusterConfig
func ClusterHasInstanceType ¶
func ClusterHasInstanceType(cfg *ClusterConfig, hasType func(string) bool) bool
ClusterHasInstanceType checks all nodegroups and managed nodegroups for a specific instance type
func DeprecatedVersions ¶
func DeprecatedVersions() []string
DeprecatedVersions are the versions of Kubernetes that EKS used to support but no longer does. See also: https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html
func Disabled ¶
func Disabled() *bool
Disabled return pointer to false value for use in defaulters of *bool fields
func EKSResourceAccountID ¶
EKSResourceAccountID provides worker node resources(ami/ecr image) in different aws account for different aws partitions & opt-in regions.
func Enabled ¶
func Enabled() *bool
Enabled return pointer to true value for use in defaulters of *bool fields
func EndpointsEqual ¶
func EndpointsEqual(a, b ClusterEndpoints) bool
EndpointsEqual returns true of two endpoints have same values after dereferencing any pointers
func ErrInvalidName ¶ added in v0.57.0
errInvalidName error when invalid characters for a name is provided
func ErrTooFewAvailabilityZones ¶ added in v0.86.0
func HasAllDefaultAddons ¶ added in v0.195.0
HasAllDefaultAddons reports whether addonNames contains all default addons.
func HasDefaultAddons ¶ added in v0.195.0
HasDefaultAddons reports whether addons contains at least one default addon.
func HasInstanceType ¶
HasInstanceType returns whether some node in the group fulfils the type check
func HasInstanceTypeManaged ¶ added in v0.40.0
func HasInstanceTypeManaged(nodeGroup *ManagedNodeGroup, hasType func(string) bool) bool
HasInstanceTypeManaged returns whether some node in the managed group fulfils the type check
func HasMixedInstances ¶
HasMixedInstances checks if a nodegroup has mixed instances option declared
func ImportSubnet ¶ added in v0.112.0
func ImportSubnet(subnets AZSubnetMapping, localSubnetsConfig AZSubnetMapping, subnet *ec2types.Subnet, makeSubnetAlias func(*ec2types.Subnet) string) error
ImportSubnet loads a given subnet into ClusterConfig. Note that the user must use either AZs as keys OR names as keys and specify
the ID (optionally with AZ and CIDR) OR AZ, optionally with CIDR.
If a user specifies a subnet by AZ without CIDR and ID but multiple subnets exist in this VPC, one will be arbitrarily chosen.
func IsAmazonLinuxImage ¶ added in v0.176.0
func IsDeprecatedVersion ¶
IsDeprecatedVersion returns true if the given Kubernetes version has been deprecated in EKS
func IsDisabled ¶
IsDisabled will only return true if v is not nil and false
func IsInvalidNameArg ¶ added in v0.57.0
IsInvalidNameArg checks whether the name contains invalid characters
func IsSetAndNonEmptyString ¶
IsSetAndNonEmptyString will only return true if s is not nil and not empty
func IsSupportedVersion ¶
IsSupportedVersion returns true if the given Kubernetes version is supported by eksctl and EKS
func IsUbuntuImage ¶ added in v0.176.0
func IsWindowsImage ¶
IsWindowsImage reports whether the AMI family is for Windows
func PrivateOnly ¶
func PrivateOnly(ces *ClusterEndpoints) bool
PrivateOnly returns true if public cluster endpoint access is disabled and private cluster endpoint access is enabled, and false otherwise
func RegisterDefaults ¶ added in v0.177.0
RegisterDefaults adds defaulters functions to the given scheme. Public to allow building arbitrary schemes. All generated defaulters are covering - they call all nested defaulters.
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
func RoleNameFromARN ¶ added in v0.181.0
RoleNameFromARN returns the role name for roleARN.
func SelectInstanceType ¶ added in v0.71.0
SelectInstanceType determines which instanceType is relevant for selecting an AMI If the nodegroup has mixed instances it will prefer a GPU instance type over a general class one This is to make sure that the AMI that is selected later is valid for all the types
func SetClusterConfigDefaults ¶
func SetClusterConfigDefaults(cfg *ClusterConfig)
SetClusterConfigDefaults will set defaults for a given cluster
func SetClusterEndpointAccessDefaults ¶
func SetClusterEndpointAccessDefaults(vpc *ClusterVPC)
SetClusterEndpointAccessDefaults sets the default values for cluster endpoint access
func SetManagedNodeGroupDefaults ¶
func SetManagedNodeGroupDefaults(ng *ManagedNodeGroup, meta *ClusterMeta, controlPlaneOnOutposts bool)
SetManagedNodeGroupDefaults sets default values for a ManagedNodeGroup
func SetNodeGroupDefaults ¶
func SetNodeGroupDefaults(ng *NodeGroup, meta *ClusterMeta, controlPlaneOnOutposts bool)
SetNodeGroupDefaults will set defaults for a given nodegroup
func SupportedAMIFamilies ¶ added in v0.176.0
func SupportedAMIFamilies() []string
SupportedAMIFamilies are the AMI families supported by EKS
func SupportedCloudWatchClusterLogTypes ¶
func SupportedCloudWatchClusterLogTypes() []string
SupportedCloudWatchClusterLogTypes returns all supported logging facilities
func SupportedNodeVolumeTypes ¶
func SupportedNodeVolumeTypes() []string
SupportedNodeVolumeTypes are the volume types that can be used for a node root volume
func SupportedRegions ¶
func SupportedRegions() []string
SupportedRegions are the regions where EKS is available
func SupportedVersions ¶
func SupportedVersions() []string
SupportedVersions are the versions of Kubernetes that EKS supports
func ToPodIdentityAssociationID ¶ added in v0.181.0
ToPodIdentityAssociationID extracts the pod identity association ID from piaARN. The ARN is of the format: arn:aws:eks:us-west-2:000:podidentityassociation/cluster/a-d3dw7wfvxtoatujeg.
func ValidateAdditionalEndpointServices ¶
ValidateAdditionalEndpointServices validates support for the specified additional endpoint services.
func ValidateAutoModeConfig ¶ added in v0.195.0
func ValidateAutoModeConfig(clusterConfig *ClusterConfig) error
ValidateAutoModeConfig validates the Auto Mode config.
func ValidateClusterConfig ¶
func ValidateClusterConfig(cfg *ClusterConfig) error
ValidateClusterConfig checks compatible fields of a given ClusterConfig
func ValidateClusterVersion ¶ added in v0.112.0
func ValidateClusterVersion(clusterConfig *ClusterConfig) error
ValidateClusterVersion validates the cluster version.
func ValidateManagedNodeGroup ¶
func ValidateManagedNodeGroup(index int, ng *ManagedNodeGroup) error
ValidateManagedNodeGroup validates a ManagedNodeGroup and sets some defaults
func ValidateNodeGroup ¶
func ValidateNodeGroup(i int, ng *NodeGroup, cfg *ClusterConfig) error
ValidateNodeGroup checks compatible fields of a given nodegroup
func ValidateSecretsEncryption ¶ added in v0.86.0
func ValidateSecretsEncryption(clusterConfig *ClusterConfig) error
Types ¶
type ARN ¶ added in v0.167.0
func MustParseARN ¶ added in v0.167.0
MustParseARN returns the parsed ARN or panics if the ARN cannot be parsed.
func (*ARN) DeepCopy ¶ added in v0.167.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ARN.
func (*ARN) DeepCopyInto ¶ added in v0.167.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ARN) MarshalJSON ¶ added in v0.167.0
MarshalJSON implements json.Marshaler.
func (*ARN) UnmarshalText ¶ added in v0.167.0
UnmarshalText implements encoding.TextUnmarshaler.
type AZSubnetMapping ¶
type AZSubnetMapping map[string]AZSubnetSpec
AZSubnetMapping holds subnet to AZ mappings. If the key is an AZ, that also becomes the name of the subnet otherwise use the key to refer to this subnet. Schema type is `map[string]AZSubnetSpec`
func AZSubnetMappingFromMap ¶
func AZSubnetMappingFromMap(m map[string]AZSubnetSpec) AZSubnetMapping
func NewAZSubnetMapping ¶
func NewAZSubnetMapping() AZSubnetMapping
func (AZSubnetMapping) DeepCopy ¶
func (in AZSubnetMapping) DeepCopy() AZSubnetMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AZSubnetMapping.
func (AZSubnetMapping) DeepCopyInto ¶
func (in AZSubnetMapping) DeepCopyInto(out *AZSubnetMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AZSubnetMapping) SelectOutpostSubnetIDs ¶ added in v0.112.0
func (m AZSubnetMapping) SelectOutpostSubnetIDs() []string
SelectOutpostSubnetIDs returns all subnets that are on Outposts.
func (*AZSubnetMapping) Set ¶
func (m *AZSubnetMapping) Set(name string, spec AZSubnetSpec)
func (*AZSubnetMapping) SetAZ ¶
func (m *AZSubnetMapping) SetAZ(az string, spec Network)
func (*AZSubnetMapping) UnmarshalJSON ¶
func (m *AZSubnetMapping) UnmarshalJSON(b []byte) error
UnmarshalJSON parses JSON data into a value
func (*AZSubnetMapping) WithAZs ¶ added in v0.39.0
func (m *AZSubnetMapping) WithAZs() []string
WithAZs returns list of subnet AZs
func (*AZSubnetMapping) WithCIDRs ¶ added in v0.39.0
func (m *AZSubnetMapping) WithCIDRs() []string
WithCIDRs returns list of subnet CIDRs
func (*AZSubnetMapping) WithIDs ¶ added in v0.39.0
func (m *AZSubnetMapping) WithIDs() []string
WithIDs returns list of subnet ids
type AZSubnetSpec ¶
type AZSubnetSpec struct { // +optional ID string `json:"id,omitempty"` // AZ is the zone name for this subnet, it can either be an availability zone name // or a local zone name. // AZ can be omitted if the key is an AZ. // +optional AZ string `json:"az,omitempty"` // +optional CIDR *ipnet.IPNet `json:"cidr,omitempty"` CIDRIndex int `json:"-"` OutpostARN string `json:"-"` }
func (*AZSubnetSpec) DeepCopy ¶
func (in *AZSubnetSpec) DeepCopy() *AZSubnetSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AZSubnetSpec.
func (*AZSubnetSpec) DeepCopyInto ¶
func (in *AZSubnetSpec) DeepCopyInto(out *AZSubnetSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AccessConfig ¶ added in v0.167.0
type AccessConfig struct { // AuthenticationMode specifies the authentication mode for a cluster. AuthenticationMode ekstypes.AuthenticationMode `json:"authenticationMode,omitempty"` // BootstrapClusterCreatorAdminPermissions specifies whether the cluster creator IAM principal was set as a cluster // admin access entry during cluster creation time. BootstrapClusterCreatorAdminPermissions *bool `json:"bootstrapClusterCreatorAdminPermissions,omitempty"` // AccessEntries specifies a list of access entries for the cluster. // +optional AccessEntries []AccessEntry `json:"accessEntries,omitempty"` }
AccessConfig specifies the access config for a cluster.
func (*AccessConfig) DeepCopy ¶ added in v0.167.0
func (in *AccessConfig) DeepCopy() *AccessConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessConfig.
func (*AccessConfig) DeepCopyInto ¶ added in v0.167.0
func (in *AccessConfig) DeepCopyInto(out *AccessConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AccessEntry ¶ added in v0.167.0
type AccessEntry struct { // existing IAM principal ARN to associate with an access entry PrincipalARN ARN `json:"principalARN"` // `EC2_LINUX`, `EC2_WINDOWS`, `FARGATE_LINUX` or `STANDARD` // +optional Type string `json:"type,omitempty"` // set of Kubernetes groups to map to the principal ARN // +optional KubernetesGroups []string `json:"kubernetesGroups,omitempty"` // username to map to the principal ARN // +optional KubernetesUsername string `json:"kubernetesUsername,omitempty"` // set of policies to associate with an access entry // +optional AccessPolicies []AccessPolicy `json:"accessPolicies,omitempty"` }
AccessEntry represents an access entry for managing access to a cluster.
func (*AccessEntry) DeepCopy ¶ added in v0.167.0
func (in *AccessEntry) DeepCopy() *AccessEntry
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessEntry.
func (*AccessEntry) DeepCopyInto ¶ added in v0.167.0
func (in *AccessEntry) DeepCopyInto(out *AccessEntry)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AccessEntryType ¶ added in v0.177.0
type AccessEntryType string
AccessEntryType represents the type of access entry.
const ( // AccessEntryTypeLinux specifies the EC2 Linux access entry type. AccessEntryTypeLinux AccessEntryType = "EC2_LINUX" // AccessEntryTypeWindows specifies the Windows access entry type. AccessEntryTypeWindows AccessEntryType = "EC2_WINDOWS" // AccessEntryTypeFargateLinux specifies the Fargate Linux access entry type. AccessEntryTypeFargateLinux AccessEntryType = "FARGATE_LINUX" // AccessEntryTypeHybridLinux specifies the Hybrid Linux access entry type. AccessEntryTypeHybridLinux AccessEntryType = "HYBRID_LINUX" // AccessEntryTypeStandard specifies a standard access entry type. AccessEntryTypeStandard AccessEntryType = "STANDARD" )
func GetAccessEntryType ¶ added in v0.177.0
func GetAccessEntryType(ng *NodeGroup) AccessEntryType
GetAccessEntryType returns the access entry type for the specified AMI family.
type AccessPolicy ¶ added in v0.167.0
type AccessPolicy struct { PolicyARN ARN `json:"policyARN"` AccessScope AccessScope `json:"accessScope"` }
An AccessPolicy represents a policy to associate with an access entry.
func (*AccessPolicy) DeepCopy ¶ added in v0.167.0
func (in *AccessPolicy) DeepCopy() *AccessPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessPolicy.
func (*AccessPolicy) DeepCopyInto ¶ added in v0.167.0
func (in *AccessPolicy) DeepCopyInto(out *AccessPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AccessScope ¶ added in v0.167.0
type AccessScope struct { // `namespace` or `cluster` Type ekstypes.AccessScopeType `json:"type"` // Scope access to namespace(s) // +optional Namespaces []string `json:"namespaces,omitempty"` }
AccessScope defines the scope of an access policy.
func (*AccessScope) DeepCopy ¶ added in v0.167.0
func (in *AccessScope) DeepCopy() *AccessScope
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessScope.
func (*AccessScope) DeepCopyInto ¶ added in v0.167.0
func (in *AccessScope) DeepCopyInto(out *AccessScope)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Addon ¶
type Addon struct { // +required Name string `json:"name,omitempty"` // +optional Version string `json:"version,omitempty"` // +optional ServiceAccountRoleARN string `json:"serviceAccountRoleARN,omitempty"` // list of ARNs of the IAM policies to attach // +optional AttachPolicyARNs []string `json:"attachPolicyARNs,omitempty"` // AttachPolicy holds a policy document to attach // +optional AttachPolicy InlineDocument `json:"attachPolicy,omitempty"` // ARN of the permissions' boundary to associate // +optional PermissionsBoundary string `json:"permissionsBoundary,omitempty"` // WellKnownPolicies for attaching common IAM policies WellKnownPolicies WellKnownPolicies `json:"wellKnownPolicies,omitempty"` // The metadata to apply to the cluster to assist with categorization and organization. // Each tag consists of a key and an optional value, both of which you define. // +optional Tags map[string]string `json:"tags,omitempty"` // ResolveConflicts determines how to resolve field value conflicts for an EKS add-on // if a value was changed from default ResolveConflicts ekstypes.ResolveConflicts `json:"resolveConflicts,omitempty"` // PodIdentityAssociations holds a list of associations to be configured for the addon // +optional PodIdentityAssociations *[]PodIdentityAssociation `json:"podIdentityAssociations,omitempty"` // UseDefaultPodIdentityAssociations uses the pod identity associations recommended by the EKS API. // Defaults to false. // +optional UseDefaultPodIdentityAssociations bool `json:"useDefaultPodIdentityAssociations,omitempty"` // ConfigurationValues defines the set of configuration properties for add-ons. // For now, all properties will be specified as a JSON string // and have to respect the schema from DescribeAddonConfiguration. // +optional ConfigurationValues string `json:"configurationValues,omitempty"` // Force overwrites an existing self-managed add-on with an EKS managed add-on. // Force is intended to be used when migrating an existing self-managed add-on to an EKS managed add-on. Force bool `json:"-"` // +optional Publishers []string `json:"publishers,omitempty"` // +optional Types []string `json:"types,omitempty"` // +optional Owners []string `json:"owners,omitempty"` }
Addon holds the EKS addon configuration
func (Addon) CanonicalName ¶
func (*Addon) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Addon.
func (*Addon) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (Addon) HasIRSAPoliciesSet ¶ added in v0.181.0
func (Addon) HasIRSASet ¶ added in v0.181.0
func (Addon) HasPodIDsSet ¶ added in v0.181.0
type AddonsConfig ¶ added in v0.181.0
type AddonsConfig struct { // AutoApplyPodIdentityAssociations specifies whether to automatically apply pod identity associations // for supported addons that require IAM permissions. // +optional AutoApplyPodIdentityAssociations bool `json:"autoApplyPodIdentityAssociations,omitempty"` // DisableDefaultAddons enables or disables creation of default networking addons when the cluster // is created. // By default, all default addons are installed as EKS addons. // +optional DisableDefaultAddons bool `json:"disableDefaultAddons,omitempty"` }
AddonsConfig holds the addons config.
func (*AddonsConfig) DeepCopy ¶ added in v0.181.0
func (in *AddonsConfig) DeepCopy() *AddonsConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AddonsConfig.
func (*AddonsConfig) DeepCopyInto ¶ added in v0.181.0
func (in *AddonsConfig) DeepCopyInto(out *AddonsConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AutoModeConfig ¶ added in v0.195.0
type AutoModeConfig struct { // Enabled enables or disables Auto Mode. Enabled *bool `json:"enabled,omitempty"` // NodeRoleARN is the node role to use for nodes launched by Auto Mode. NodeRoleARN ARN `json:"nodeRoleARN,omitempty"` // NodePools is a list of node pools to create. NodePools *[]string `json:"nodePools,omitempty"` }
func (*AutoModeConfig) DeepCopy ¶ added in v0.195.0
func (in *AutoModeConfig) DeepCopy() *AutoModeConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutoModeConfig.
func (*AutoModeConfig) DeepCopyInto ¶ added in v0.195.0
func (in *AutoModeConfig) DeepCopyInto(out *AutoModeConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AutoModeConfig) HasNodePools ¶ added in v0.195.0
func (a *AutoModeConfig) HasNodePools() bool
HasNodePools reports whether any node pools are specified.
type CapacityReservation ¶ added in v0.108.0
type CapacityReservation struct { // CapacityReservationPreference defines a nodegroup's Capacity Reservation preferences (either 'open' or 'none') CapacityReservationPreference *string `json:"capacityReservationPreference,omitempty"` // CapacityReservationTarget defines a nodegroup's target Capacity Reservation or Capacity Reservation group (not both at the same time). CapacityReservationTarget *CapacityReservationTarget `json:"capacityReservationTarget,omitempty"` }
CapacityReservation defines a nodegroup's Capacity Reservation targeting option +optional
func (*CapacityReservation) DeepCopy ¶ added in v0.108.0
func (in *CapacityReservation) DeepCopy() *CapacityReservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapacityReservation.
func (*CapacityReservation) DeepCopyInto ¶ added in v0.108.0
func (in *CapacityReservation) DeepCopyInto(out *CapacityReservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CapacityReservationTarget ¶ added in v0.108.0
type CapacityReservationTarget struct { CapacityReservationID *string `json:"capacityReservationID,omitempty"` CapacityReservationResourceGroupARN *string `json:"capacityReservationResourceGroupARN,omitempty"` }
func (*CapacityReservationTarget) DeepCopy ¶ added in v0.108.0
func (in *CapacityReservationTarget) DeepCopy() *CapacityReservationTarget
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapacityReservationTarget.
func (*CapacityReservationTarget) DeepCopyInto ¶ added in v0.108.0
func (in *CapacityReservationTarget) DeepCopyInto(out *CapacityReservationTarget)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterCloudWatch ¶
type ClusterCloudWatch struct { //+optional ClusterLogging *ClusterCloudWatchLogging `json:"clusterLogging,omitempty"` }
ClusterCloudWatch contains config parameters related to CloudWatch
func (*ClusterCloudWatch) DeepCopy ¶
func (in *ClusterCloudWatch) DeepCopy() *ClusterCloudWatch
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCloudWatch.
func (*ClusterCloudWatch) DeepCopyInto ¶
func (in *ClusterCloudWatch) DeepCopyInto(out *ClusterCloudWatch)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterCloudWatchLogging ¶
type ClusterCloudWatchLogging struct { // Types of logging to enable (see [CloudWatch docs](/usage/cloudwatch-cluster-logging/#clusterconfig-examples)). // Valid entries are `CloudWatchLogging` constants //+optional EnableTypes []string `json:"enableTypes,omitempty"` // LogRetentionInDays sets the number of days to retain the logs for (see [CloudWatch docs](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutRetentionPolicy.html#API_PutRetentionPolicy_RequestSyntax)) . // Valid values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, // 1827, and 3653. //+optional LogRetentionInDays int `json:"logRetentionInDays,omitempty"` }
ClusterCloudWatchLogging container config parameters related to cluster logging
func (*ClusterCloudWatchLogging) DeepCopy ¶
func (in *ClusterCloudWatchLogging) DeepCopy() *ClusterCloudWatchLogging
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCloudWatchLogging.
func (*ClusterCloudWatchLogging) DeepCopyInto ¶
func (in *ClusterCloudWatchLogging) DeepCopyInto(out *ClusterCloudWatchLogging)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterConfig ¶
type ClusterConfig struct { metav1.TypeMeta // +required Metadata *ClusterMeta `json:"metadata"` // +optional KubernetesNetworkConfig *KubernetesNetworkConfig `json:"kubernetesNetworkConfig,omitempty"` // AutoModeConfig holds the config for Auto Mode. // +optional AutoModeConfig *AutoModeConfig `json:"autoModeConfig,omitempty"` // +optional RemoteNetworkConfig *RemoteNetworkConfig `json:"remoteNetworkConfig,omitempty"` // +optional IAM *ClusterIAM `json:"iam,omitempty"` // +optional IAMIdentityMappings []*IAMIdentityMapping `json:"iamIdentityMappings,omitempty"` // +optional IdentityProviders []IdentityProvider `json:"identityProviders,omitempty"` // AccessConfig specifies the access config for a cluster. // +optional AccessConfig *AccessConfig `json:"accessConfig,omitempty"` // +optional VPC *ClusterVPC `json:"vpc,omitempty"` // +optional Addons []*Addon `json:"addons,omitempty"` // AddonsConfig specifies the configuration for addons. // +optional AddonsConfig AddonsConfig `json:"addonsConfig,omitempty"` // PrivateCluster allows configuring a fully-private cluster // in which no node has outbound internet access, and private access // to AWS services is enabled via VPC endpoints // +optional PrivateCluster *PrivateCluster `json:"privateCluster,omitempty"` // NodeGroups For information and examples see [nodegroups](/usage/managing-nodegroups) // +optional NodeGroups []*NodeGroup `json:"nodeGroups,omitempty"` // ManagedNodeGroups See [Nodegroups usage](/usage/managing-nodegroups) // and [managed nodegroups](/usage/eks-managed-nodes/) // +optional ManagedNodeGroups []*ManagedNodeGroup `json:"managedNodeGroups,omitempty"` // +optional FargateProfiles []*FargateProfile `json:"fargateProfiles,omitempty"` // +optional AvailabilityZones []string `json:"availabilityZones,omitempty"` // LocalZones specifies a list of local zones where the subnets should be created. // Only self-managed nodegroups can be launched in local zones. These subnets are not passed to EKS. // +optional LocalZones []string `json:"localZones,omitempty"` // See [CloudWatch support](/usage/cloudwatch-cluster-logging/) // +optional CloudWatch *ClusterCloudWatch `json:"cloudWatch,omitempty"` // +optional SecretsEncryption *SecretsEncryption `json:"secretsEncryption,omitempty"` Status *ClusterStatus `json:"-"` // future gitops plans, replacing the Git configuration above // +optional GitOps *GitOps `json:"gitops,omitempty"` // Karpenter specific configuration options. // +optional Karpenter *Karpenter `json:"karpenter,omitempty"` // Outpost specifies the Outpost configuration. // +optional Outpost *Outpost `json:"outpost,omitempty"` // ZonalShiftConfig specifies the zonal shift configuration. ZonalShiftConfig *ZonalShiftConfig `json:"zonalShiftConfig,omitempty"` }
ClusterConfig is a simple config, to be replaced with Cluster API
func NewClusterConfig ¶
func NewClusterConfig() *ClusterConfig
NewClusterConfig creates new config for a cluster; it doesn't include initial nodegroup, so user must call NewNodeGroup to create one
func (*ClusterConfig) AllNodeGroups ¶
func (c *ClusterConfig) AllNodeGroups() []*NodeGroupBase
AllNodeGroups combines managed and self-managed nodegroups and returns a slice of *api.NodeGroupBase containing both types of nodegroups
func (*ClusterConfig) AppendAvailabilityZone ¶
func (c *ClusterConfig) AppendAvailabilityZone(newAZ string)
AppendAvailabilityZone appends a new AZ to the set
func (*ClusterConfig) AppendClusterCloudWatchLogTypes ¶
func (c *ClusterConfig) AppendClusterCloudWatchLogTypes(types ...string)
AppendClusterCloudWatchLogTypes will append given log types to the config structure
func (*ClusterConfig) CanUseForPrivateNodeGroups ¶ added in v0.40.0
func (c *ClusterConfig) CanUseForPrivateNodeGroups() error
CanUseForPrivateNodeGroups checks whether specified NodeGroups have enough private subnets when private networking is enabled
func (*ClusterConfig) ContainsWildcardCloudWatchLogging ¶ added in v0.48.0
func (c *ClusterConfig) ContainsWildcardCloudWatchLogging() bool
func (*ClusterConfig) CustomEndpointsMsg ¶
func (c *ClusterConfig) CustomEndpointsMsg() string
CustomEndpointsMsg returns a message indicating the EndpointAccess given by the user.
func (*ClusterConfig) DeepCopy ¶
func (in *ClusterConfig) DeepCopy() *ClusterConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterConfig.
func (*ClusterConfig) DeepCopyInto ¶
func (in *ClusterConfig) DeepCopyInto(out *ClusterConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterConfig) DeepCopyObject ¶
func (in *ClusterConfig) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*ClusterConfig) DefaultEndpointsMsg ¶
func (c *ClusterConfig) DefaultEndpointsMsg() string
DefaultEndpointsMsg returns a message that the EndpointAccess is the same as the default.
func (*ClusterConfig) FindNodeGroupOutpostARN ¶ added in v0.112.0
func (c *ClusterConfig) FindNodeGroupOutpostARN() (outpostARN string, found bool)
FindNodeGroupOutpostARN finds nodegroups that are on Outposts and returns the Outpost ARN.
func (*ClusterConfig) FindNodegroup ¶
func (c *ClusterConfig) FindNodegroup(name string) (*NodeGroupBase, error)
FindNodegroup checks if the clusterConfig contains a nodegroup with the given name
func (*ClusterConfig) GetAllNodeGroupNames ¶
func (c *ClusterConfig) GetAllNodeGroupNames() []string
GetAllNodeGroupNames collects and returns names for both managed and unmanaged nodegroups
func (*ClusterConfig) GetOutpost ¶ added in v0.112.0
func (c *ClusterConfig) GetOutpost() *Outpost
GetOutpost returns the Outpost info.
func (*ClusterConfig) GetStatus ¶ added in v0.112.0
func (c *ClusterConfig) GetStatus() *ClusterStatus
GetStatus returns the cluster status.
func (*ClusterConfig) HasAnySubnets ¶
func (c *ClusterConfig) HasAnySubnets() bool
HasAnySubnets checks if any subnets were set
func (*ClusterConfig) HasClusterCloudWatchLogging ¶
func (c *ClusterConfig) HasClusterCloudWatchLogging() bool
HasClusterCloudWatchLogging determines if cluster logging was enabled or not
func (*ClusterConfig) HasClusterEndpointAccess ¶
func (c *ClusterConfig) HasClusterEndpointAccess() bool
HasClusterEndpointAccess determines if endpoint access was configured in config file or not.
func (*ClusterConfig) HasGitOpsFluxConfigured ¶ added in v0.39.0
func (c *ClusterConfig) HasGitOpsFluxConfigured() bool
HasGitOpsFluxConfigured returns true if gitops.flux configuration is not nil
func (ClusterConfig) HasNodes ¶ added in v0.82.0
func (c ClusterConfig) HasNodes() bool
func (*ClusterConfig) HasPrivateEndpointAccess ¶
func (c *ClusterConfig) HasPrivateEndpointAccess() bool
func (*ClusterConfig) HasRemoteNetworkingConfigured ¶ added in v0.195.0
func (c *ClusterConfig) HasRemoteNetworkingConfigured() bool
func (*ClusterConfig) HasSufficientPrivateSubnets ¶
func (c *ClusterConfig) HasSufficientPrivateSubnets() bool
HasSufficientPrivateSubnets validates if there is a sufficient number of private subnets available to create a cluster
func (*ClusterConfig) HasSufficientSubnets ¶
func (c *ClusterConfig) HasSufficientSubnets() error
HasSufficientSubnets validates if there is a sufficient number of either private and/or public subnets available to create a cluster, i.e. either non-zero of public or private, and not less then MinRequiredSubnets of each, but allowing to have public-only or private-only
func (*ClusterConfig) HasWindowsNodeGroup ¶ added in v0.74.0
func (c *ClusterConfig) HasWindowsNodeGroup() bool
HasWindowsNodeGroup reports whether the cluster contains any Windows nodegroups.
func (*ClusterConfig) ID ¶ added in v0.112.0
func (c *ClusterConfig) ID() string
ID returns the cluster ID.
func (*ClusterConfig) IPv6Enabled ¶ added in v0.83.0
func (c *ClusterConfig) IPv6Enabled() bool
func (*ClusterConfig) IsAutoModeEnabled ¶ added in v0.195.0
func (c *ClusterConfig) IsAutoModeEnabled() bool
IsAutoModeEnabled reports whether Auto Mode is enabled.
func (*ClusterConfig) IsControlPlaneOnOutposts ¶ added in v0.112.0
func (c *ClusterConfig) IsControlPlaneOnOutposts() bool
IsControlPlaneOnOutposts returns true if the control plane is on Outposts.
func (ClusterConfig) IsFargateEnabled ¶
func (c ClusterConfig) IsFargateEnabled() bool
IsFargateEnabled returns true if Fargate is enabled in this ClusterConfig, or false otherwise.
func (*ClusterConfig) IsFullyPrivate ¶ added in v0.112.0
func (c *ClusterConfig) IsFullyPrivate() bool
IsFullyPrivate returns true if this is a fully-private cluster.
func (ClusterConfig) LogString ¶
func (c ClusterConfig) LogString() string
LogString returns representation of ClusterConfig for logs
func (*ClusterConfig) Meta ¶ added in v0.112.0
func (c *ClusterConfig) Meta() *ClusterMeta
Meta returns the cluster metadata.
func (*ClusterConfig) NewNodeGroup ¶
func (c *ClusterConfig) NewNodeGroup() *NodeGroup
NewNodeGroup creates new nodegroup inside cluster config, it returns pointer to the nodegroup for convenience
func (*ClusterConfig) SetClusterState ¶ added in v0.112.0
func (c *ClusterConfig) SetClusterState(cluster *ekstypes.Cluster) error
SetClusterState updates the cluster state and populates the ClusterStatus using *eks.Cluster.
func (*ClusterConfig) SetDefaultFargateProfile ¶
func (c *ClusterConfig) SetDefaultFargateProfile()
SetDefaultFargateProfile configures this ClusterConfig to have a single Fargate profile called "default", with two selectors matching respectively the "default" and "kube-system" Kubernetes namespaces.
func (*ClusterConfig) SubnetInfo ¶ added in v0.40.0
func (c *ClusterConfig) SubnetInfo() string
SubnetInfo returns a string containing VPC subnet information Useful for error messages and logs
func (*ClusterConfig) UpdateEndpointsMsg ¶
func (c *ClusterConfig) UpdateEndpointsMsg() string
UpdateEndpointsMsg returns a message indicating that they need to use `eksctl utils` to make this config.
func (*ClusterConfig) ValidateClusterEndpointConfig ¶
func (c *ClusterConfig) ValidateClusterEndpointConfig() error
ValidateClusterEndpointConfig checks the endpoint configuration for potential issues
func (*ClusterConfig) ValidatePrivateCluster ¶
func (c *ClusterConfig) ValidatePrivateCluster() error
ValidatePrivateCluster validates the private cluster config
func (*ClusterConfig) ValidateVPCConfig ¶ added in v0.79.0
func (c *ClusterConfig) ValidateVPCConfig() error
ValidateVPCConfig validates the vpc setting if it is defined.
type ClusterConfigList ¶
type ClusterConfigList struct { metav1.TypeMeta metav1.ListMeta `json:"metadata"` Items []ClusterConfig `json:"items"` }
ClusterConfigList is a list of ClusterConfigs
func (*ClusterConfigList) DeepCopy ¶
func (in *ClusterConfigList) DeepCopy() *ClusterConfigList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterConfigList.
func (*ClusterConfigList) DeepCopyInto ¶
func (in *ClusterConfigList) DeepCopyInto(out *ClusterConfigList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterConfigList) DeepCopyObject ¶
func (in *ClusterConfigList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterEndpoints ¶
type ClusterEndpoints struct { PrivateAccess *bool `json:"privateAccess,omitempty"` PublicAccess *bool `json:"publicAccess,omitempty"` }
ClusterEndpoints holds cluster api server endpoint access information
func ClusterEndpointAccessDefaults ¶
func ClusterEndpointAccessDefaults() *ClusterEndpoints
ClusterEndpointAccessDefaults returns a ClusterEndpoints pointer with default values set.
func (*ClusterEndpoints) DeepCopy ¶
func (in *ClusterEndpoints) DeepCopy() *ClusterEndpoints
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterEndpoints.
func (*ClusterEndpoints) DeepCopyInto ¶
func (in *ClusterEndpoints) DeepCopyInto(out *ClusterEndpoints)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterIAM ¶
type ClusterIAM struct { // +optional ServiceRoleARN *string `json:"serviceRoleARN,omitempty"` // permissions boundary for all identity-based entities created by eksctl. // See [AWS Permission Boundary](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // +optional ServiceRolePermissionsBoundary *string `json:"serviceRolePermissionsBoundary,omitempty"` // role used by pods to access AWS APIs. This role is added to the Kubernetes RBAC for authorization. // See [Pod Execution Role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) // +optional FargatePodExecutionRoleARN *string `json:"fargatePodExecutionRoleARN,omitempty"` // permissions boundary for the fargate pod execution role`. See [EKS Fargate Support](/usage/fargate-support/) // +optional FargatePodExecutionRolePermissionsBoundary *string `json:"fargatePodExecutionRolePermissionsBoundary,omitempty"` // enables the IAM OIDC provider as well as IRSA for the Amazon CNI plugin // +optional WithOIDC *bool `json:"withOIDC,omitempty"` // service accounts to create in the cluster. // See [IAM Service Accounts](/usage/iamserviceaccounts/#usage-with-config-files) // +optional ServiceAccounts []*ClusterIAMServiceAccount `json:"serviceAccounts,omitempty"` // pod identity associations to create in the cluster. // See [Pod Identity Associations](/usage/pod-identity-associations) // +optional PodIdentityAssociations []PodIdentityAssociation `json:"podIdentityAssociations,omitempty"` // VPCResourceControllerPolicy attaches the IAM policy // necessary to run the VPC controller in the control plane // Defaults to `true` VPCResourceControllerPolicy *bool `json:"vpcResourceControllerPolicy,omitempty"` }
ClusterIAM holds all IAM attributes of a cluster
func NewClusterIAM ¶
func NewClusterIAM() *ClusterIAM
NewClusterIAM creates a new ClusterIAM for a cluster
func (*ClusterIAM) DeepCopy ¶
func (in *ClusterIAM) DeepCopy() *ClusterIAM
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIAM.
func (*ClusterIAM) DeepCopyInto ¶
func (in *ClusterIAM) DeepCopyInto(out *ClusterIAM)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterIAMMeta ¶
type ClusterIAMMeta struct { // +optional Name string `json:"name,omitempty"` // +optional Namespace string `json:"namespace,omitempty"` // +optional Labels map[string]string `json:"labels,omitempty"` // +optional Annotations map[string]string `json:"annotations,omitempty"` }
ClusterIAMMeta holds information we can use to create ObjectMeta for service accounts
func ClusterIAMServiceAccountNameStringToClusterIAMMeta ¶
func ClusterIAMServiceAccountNameStringToClusterIAMMeta(name string) (*ClusterIAMMeta, error)
ClusterIAMServiceAccountNameStringToClusterIAMMeta constructs metav1.ObjectMeta from <ns>/<name> string
func (*ClusterIAMMeta) AsObjectMeta ¶
func (iamMeta *ClusterIAMMeta) AsObjectMeta() metav1.ObjectMeta
AsObjectMeta gives us the k8s ObjectMeta needed to create the service account
func (*ClusterIAMMeta) DeepCopy ¶
func (in *ClusterIAMMeta) DeepCopy() *ClusterIAMMeta
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIAMMeta.
func (*ClusterIAMMeta) DeepCopyInto ¶
func (in *ClusterIAMMeta) DeepCopyInto(out *ClusterIAMMeta)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterIAMServiceAccount ¶
type ClusterIAMServiceAccount struct { ClusterIAMMeta `json:"metadata,omitempty"` // list of ARNs of the IAM policies to attach // +optional AttachPolicyARNs []string `json:"attachPolicyARNs,omitempty"` WellKnownPolicies WellKnownPolicies `json:"wellKnownPolicies,omitempty"` // AttachPolicy holds a policy document to attach to this service account // +optional AttachPolicy InlineDocument `json:"attachPolicy,omitempty"` // ARN of the role to attach to the service account AttachRoleARN string `json:"attachRoleARN,omitempty"` // ARN of the permissions boundary to associate with the service account // +optional PermissionsBoundary string `json:"permissionsBoundary,omitempty"` // +optional Status *ClusterIAMServiceAccountStatus `json:"status,omitempty"` // Specific role name instead of the Cloudformation-generated role name // +optional RoleName string `json:"roleName,omitempty"` // Specify if only the IAM Service Account role should be created without creating/annotating the service account // +optional RoleOnly *bool `json:"roleOnly,omitempty"` // AWS tags for the service account // +optional Tags map[string]string `json:"tags,omitempty"` }
ClusterIAMServiceAccount holds an IAM service account metadata and configuration
func IAMServiceAccountsWithImplicitServiceAccounts ¶ added in v0.39.0
func IAMServiceAccountsWithImplicitServiceAccounts(cfg *ClusterConfig) []*ClusterIAMServiceAccount
IAMServiceAccountsWithImplicitServiceAccounts adds implicitly created IAM SAs that need to be explicitly deleted.
func (*ClusterIAMServiceAccount) DeepCopy ¶
func (in *ClusterIAMServiceAccount) DeepCopy() *ClusterIAMServiceAccount
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIAMServiceAccount.
func (*ClusterIAMServiceAccount) DeepCopyInto ¶
func (in *ClusterIAMServiceAccount) DeepCopyInto(out *ClusterIAMServiceAccount)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterIAMServiceAccount) NameString ¶
func (sa *ClusterIAMServiceAccount) NameString() string
NameString returns common name string
func (*ClusterIAMServiceAccount) SetAnnotations ¶
func (sa *ClusterIAMServiceAccount) SetAnnotations()
SetAnnotations sets eks.amazonaws.com/role-arn annotation according to IAM role used
type ClusterIAMServiceAccountStatus ¶
type ClusterIAMServiceAccountStatus struct { // +optional RoleARN *string `json:"roleARN,omitempty"` // +optional StackName *string `json:"stackName,omitempty"` // +optional Tags map[string]string `json:"tags,omitempty"` // +optional Capabilities []string `json:"capabilities,omitempty"` }
ClusterIAMServiceAccountStatus holds status of the IAM service account
func (*ClusterIAMServiceAccountStatus) DeepCopy ¶
func (in *ClusterIAMServiceAccountStatus) DeepCopy() *ClusterIAMServiceAccountStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIAMServiceAccountStatus.
func (*ClusterIAMServiceAccountStatus) DeepCopyInto ¶
func (in *ClusterIAMServiceAccountStatus) DeepCopyInto(out *ClusterIAMServiceAccountStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterMeta ¶
type ClusterMeta struct { // Name of the cluster // +required Name string `json:"name"` // the AWS region hosting this cluster // +required Region string `json:"region"` // Valid variants are `KubernetesVersion` constants // +optional Version string `json:"version,omitempty"` // Tags are used to tag AWS resources created by eksctl // +optional Tags map[string]string `json:"tags,omitempty"` // Annotations are arbitrary metadata ignored by `eksctl`. // +optional Annotations map[string]string `json:"annotations,omitempty"` // Internal fields // AccountID the ID of the account hosting this cluster AccountID string `json:"-"` }
ClusterMeta contains general cluster information
func (*ClusterMeta) DeepCopy ¶
func (in *ClusterMeta) DeepCopy() *ClusterMeta
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMeta.
func (*ClusterMeta) DeepCopyInto ¶
func (in *ClusterMeta) DeepCopyInto(out *ClusterMeta)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterMeta) LogString ¶
func (c *ClusterMeta) LogString() string
LogString returns representation of ClusterMeta for logs
func (*ClusterMeta) String ¶
func (c *ClusterMeta) String() string
String returns canonical representation of ClusterMeta
type ClusterNAT ¶
type ClusterNAT struct { // Valid variants are `ClusterNAT` constants Gateway *string `json:"gateway,omitempty"` }
ClusterNAT NAT config
func DefaultClusterNAT ¶
func DefaultClusterNAT() *ClusterNAT
DefaultClusterNAT will set the default value for Cluster NAT mode
func (*ClusterNAT) DeepCopy ¶
func (in *ClusterNAT) DeepCopy() *ClusterNAT
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterNAT.
func (*ClusterNAT) DeepCopyInto ¶
func (in *ClusterNAT) DeepCopyInto(out *ClusterNAT)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterProvider ¶
type ClusterProvider interface { CloudFormation() awsapi.CloudFormation CloudFormationRoleARN() string CloudFormationDisableRollback() bool ASG() awsapi.ASG EKS() awsapi.EKS SSM() awsapi.SSM CloudTrail() awsapi.CloudTrail CloudWatchLogs() awsapi.CloudWatchLogs IAM() awsapi.IAM Region() string Profile() Profile WaitTimeout() time.Duration CredentialsProvider() aws.CredentialsProvider AWSConfig() aws.Config ELB() awsapi.ELB ELBV2() awsapi.ELBV2 STS() awsapi.STS STSPresigner() STSPresigner EC2() awsapi.EC2 Outposts() awsapi.Outposts }
ClusterProvider is the interface to AWS APIs
type ClusterStatus ¶
type ClusterStatus struct { Endpoint string `json:"endpoint,omitempty"` CertificateAuthorityData []byte `json:"certificateAuthorityData,omitempty"` ARN string `json:"arn,omitempty"` KubernetesNetworkConfig *KubernetesNetworkConfig `json:"-"` ID string `json:"-"` APIServerUnreachable bool `json:"-"` StackName string `json:"stackName,omitempty"` EKSCTLCreated EKSCTLCreated `json:"eksctlCreated,omitempty"` }
ClusterStatus holds read-only attributes of a cluster
func (*ClusterStatus) DeepCopy ¶
func (in *ClusterStatus) DeepCopy() *ClusterStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterStatus.
func (*ClusterStatus) DeepCopyInto ¶
func (in *ClusterStatus) DeepCopyInto(out *ClusterStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterSubnets ¶
type ClusterSubnets struct { Private AZSubnetMapping `json:"private,omitempty"` Public AZSubnetMapping `json:"public,omitempty"` }
ClusterSubnets holds private and public subnets
func (*ClusterSubnets) DeepCopy ¶
func (in *ClusterSubnets) DeepCopy() *ClusterSubnets
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterSubnets.
func (*ClusterSubnets) DeepCopyInto ¶
func (in *ClusterSubnets) DeepCopyInto(out *ClusterSubnets)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterVPC ¶
type ClusterVPC struct { // global CIDR and VPC ID // +optional Network // SecurityGroup (aka the ControlPlaneSecurityGroup) for communication between control plane and nodes // +optional SecurityGroup string `json:"securityGroup,omitempty"` // Subnets are keyed by AZ for convenience. // See [this example](/examples/reusing-iam-and-vpc/) // as well as [using existing // VPCs](/usage/vpc-networking/#use-existing-vpc-other-custom-configuration). // +optional Subnets *ClusterSubnets `json:"subnets,omitempty"` // LocalZoneSubnets represents subnets in local zones. // This field is used internally and is not part of the ClusterConfig schema. LocalZoneSubnets *ClusterSubnets `json:"-"` // HostnameType is the type of hostname to use for EC2 instances. HostnameType string `json:"hostnameType,omitempty"` // for additional CIDR associations, e.g. a CIDR for // private subnets or any ad-hoc subnets // +optional ExtraCIDRs []string `json:"extraCIDRs,omitempty"` // for additional IPv6 CIDR associations, e.g. a CIDR for // private subnets or any ad-hoc subnets // +optional ExtraIPv6CIDRs []string `json:"extraIPv6CIDRs,omitempty"` SharedNodeSecurityGroup string `json:"sharedNodeSecurityGroup,omitempty"` // cluster security group and the shared node security group. // This allows unmanaged nodes to communicate with the control plane // and managed nodes. // This option cannot be disabled when using eksctl created security groups. // Defaults to `true` // +optional ManageSharedNodeSecurityGroupRules *bool `json:"manageSharedNodeSecurityGroupRules,omitempty"` // AutoAllocateIPV6 requests an IPv6 CIDR block with /56 prefix for the VPC // +optional AutoAllocateIPv6 *bool `json:"autoAllocateIPv6,omitempty"` // +optional NAT *ClusterNAT `json:"nat,omitempty"` // See [managing access to API](/usage/vpc-networking/#managing-access-to-the-kubernetes-api-server-endpoints) // +optional ClusterEndpoints *ClusterEndpoints `json:"clusterEndpoints,omitempty"` // PublicAccessCIDRs are which CIDR blocks to allow access to public // k8s API endpoint // +optional PublicAccessCIDRs []string `json:"publicAccessCIDRs,omitempty"` // ControlPlaneSubnetIDs configures the subnets for the control plane. // +optional ControlPlaneSubnetIDs []string `json:"controlPlaneSubnetIDs,omitempty"` // ControlPlaneSecurityGroupIDs configures the security groups for the control plane. // +optional ControlPlaneSecurityGroupIDs []string `json:"controlPlaneSecurityGroupIDs,omitempty"` }
ClusterVPC holds global subnet and all child subnets
func NewClusterVPC ¶
func NewClusterVPC(ipv6Enabled bool) *ClusterVPC
NewClusterVPC creates new VPC config for a cluster
func (*ClusterVPC) DeepCopy ¶
func (in *ClusterVPC) DeepCopy() *ClusterVPC
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterVPC.
func (*ClusterVPC) DeepCopyInto ¶
func (in *ClusterVPC) DeepCopyInto(out *ClusterVPC)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterVPC) FindOutpostSubnetsARN ¶ added in v0.112.0
func (v *ClusterVPC) FindOutpostSubnetsARN() (outpostARN string, found bool)
FindOutpostSubnetsARN finds all subnets that are on Outposts and returns the Outpost ARN.
type CustomStringSlice ¶ added in v0.166.0
type CustomStringSlice []string
AWS allows string or []string as value, we convert everything to []string to avoid casting
func (CustomStringSlice) DeepCopy ¶ added in v0.166.0
func (in CustomStringSlice) DeepCopy() CustomStringSlice
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomStringSlice.
func (CustomStringSlice) DeepCopyInto ¶ added in v0.166.0
func (in CustomStringSlice) DeepCopyInto(out *CustomStringSlice)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CustomStringSlice) UnmarshalJSON ¶ added in v0.166.0
func (c *CustomStringSlice) UnmarshalJSON(b []byte) error
type EKSCTLCreated ¶
type EKSCTLCreated string
type EndpointService ¶ added in v0.127.0
type EndpointService struct { // Name is the name of the endpoint service. Name string // Optional specifies whether the service is optional. Optional bool // OutpostsOnly specifies whether the endpoint is required only for Outposts clusters. OutpostsOnly bool // RequiresChinaPrefix is true if the endpoint service requires a prefix for China regions. RequiresChinaPrefix bool // RequiresISOPrefix is true if the endpoint service requires a prefix for ISO regions. RequiresISOPrefix bool }
EndpointService represents a VPC endpoint service.
func MapOptionalEndpointServices ¶ added in v0.127.0
func MapOptionalEndpointServices(endpointServiceNames []string, cloudWatchLoggingEnabled bool) ([]EndpointService, error)
MapOptionalEndpointServices maps a list of endpoint service names to []EndpointService.
func RequiredEndpointServices ¶
func RequiredEndpointServices(controlPlaneOnOutposts bool) []EndpointService
RequiredEndpointServices returns a list of endpoint services that are required for a fully-private cluster.
func (*EndpointService) DeepCopy ¶ added in v0.127.0
func (in *EndpointService) DeepCopy() *EndpointService
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointService.
func (*EndpointService) DeepCopyInto ¶ added in v0.127.0
func (in *EndpointService) DeepCopyInto(out *EndpointService)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FargateProfile ¶
type FargateProfile struct { // Name of the Fargate profile. // +required Name string `json:"name"` // PodExecutionRoleARN is the IAM role's ARN to use to run pods onto Fargate. PodExecutionRoleARN string `json:"podExecutionRoleARN,omitempty"` // Selectors define the rules to select workload to schedule onto Fargate. Selectors []FargateProfileSelector `json:"selectors"` // Subnets which Fargate should use to do network placement of the selected workload. // If none provided, all subnets for the cluster will be used. // +optional Subnets []string `json:"subnets,omitempty"` // Used to tag the AWS resources // +optional Tags map[string]string `json:"tags,omitempty"` // The current status of the Fargate profile. Status string `json:"status"` }
FargateProfile defines the settings used to schedule workload onto Fargate.
func (*FargateProfile) DeepCopy ¶
func (in *FargateProfile) DeepCopy() *FargateProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FargateProfile.
func (*FargateProfile) DeepCopyInto ¶
func (in *FargateProfile) DeepCopyInto(out *FargateProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (FargateProfile) Validate ¶
func (fp FargateProfile) Validate() error
Validate validates this FargateProfile object.
type FargateProfileSelector ¶
type FargateProfileSelector struct { // Namespace is the Kubernetes namespace from which to select workload. // +required Namespace string `json:"namespace"` // Labels are the Kubernetes label selectors to use to select workload. // +optional Labels map[string]string `json:"labels,omitempty"` }
FargateProfileSelector defines rules to select workload to schedule onto Fargate.
func (*FargateProfileSelector) DeepCopy ¶
func (in *FargateProfileSelector) DeepCopy() *FargateProfileSelector
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FargateProfileSelector.
func (*FargateProfileSelector) DeepCopyInto ¶
func (in *FargateProfileSelector) DeepCopyInto(out *FargateProfileSelector)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (FargateProfileSelector) Validate ¶
func (fps FargateProfileSelector) Validate() error
Validate validates this FargateProfileSelector object.
type Flux ¶ added in v0.39.0
type Flux struct { // The repository hosting service. Can be either Github or Gitlab. GitProvider string `json:"gitProvider,omitempty"` // Flags is an arbitrary map of string to string to pass any flags to Flux bootstrap // via eksctl see https://fluxcd.io/docs/ for information on all flags Flags FluxFlags `json:"flags,omitempty"` }
Flux groups all configuration options related to a Git repository used for GitOps Toolkit (Flux v2).
func (*Flux) DeepCopy ¶ added in v0.39.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Flux.
func (*Flux) DeepCopyInto ¶ added in v0.39.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FluxFlags ¶ added in v0.53.0
FluxFlags is a map of string for passing arbitrary flags to Flux bootstrap
func (FluxFlags) DeepCopy ¶ added in v0.53.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FluxFlags.
func (FluxFlags) DeepCopyInto ¶ added in v0.53.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitOps ¶ added in v0.39.0
type GitOps struct { // Flux holds options to enable Flux v2 on your cluster Flux *Flux `json:"flux,omitempty"` }
GitOps groups all configuration options related to enabling GitOps Toolkit on a cluster and linking it to a Git repository. Note: this will replace the older Git types
func (*GitOps) DeepCopy ¶ added in v0.39.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitOps.
func (*GitOps) DeepCopyInto ¶ added in v0.39.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMIdentityMapping ¶ added in v0.112.0
type IAMIdentityMapping struct { // +optional ARN string `json:"arn,omitempty"` Username string `json:"username,omitempty"` Groups []string `json:"groups,omitempty"` Account string `json:"account,omitempty"` ServiceName string `json:"serviceName,omitempty"` Namespace string `json:"namespace,omitempty"` NoDuplicateARNs bool `json:"noDuplicateARNs,omitempty"` }
IAMIdentityMapping contains IAM accounts, users, roles and services that will be added to the aws-auth configmap to enable access to the cluster
func (*IAMIdentityMapping) DeepCopy ¶ added in v0.112.0
func (in *IAMIdentityMapping) DeepCopy() *IAMIdentityMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMIdentityMapping.
func (*IAMIdentityMapping) DeepCopyInto ¶ added in v0.112.0
func (in *IAMIdentityMapping) DeepCopyInto(out *IAMIdentityMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMIdentityMapping) Validate ¶ added in v0.112.0
func (im *IAMIdentityMapping) Validate() error
type IAMPolicyDocument ¶ added in v0.166.0
type IAMPolicyDocument struct { Version string `json:"Version"` ID string `json:"Id,omitempty"` Statements []IAMStatement `json:"Statement"` }
Internal type IAMPolicyDocument represents an IAM assume role policy document
func (*IAMPolicyDocument) DeepCopy ¶ added in v0.166.0
func (in *IAMPolicyDocument) DeepCopy() *IAMPolicyDocument
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyDocument.
func (*IAMPolicyDocument) DeepCopyInto ¶ added in v0.166.0
func (in *IAMPolicyDocument) DeepCopyInto(out *IAMPolicyDocument)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMStatement ¶ added in v0.166.0
type IAMStatement struct { Sid string `json:"Sid,omitempty"` // statement ID, service specific Effect string `json:"Effect"` // Allow or Deny Principal map[string]CustomStringSlice `json:"Principal,omitempty"` // principal that is allowed or denied NotPrincipal map[string]CustomStringSlice `json:"NotPrincipal,omitempty"` // exception to a list of principals Action CustomStringSlice `json:"Action"` // allowed or denied action NotAction CustomStringSlice `json:"NotAction,omitempty"` // matches everything except Resource CustomStringSlice `json:"Resource,omitempty"` // object or objects that the statement covers NotResource CustomStringSlice `json:"NotResource,omitempty"` // matches everything except Condition json.RawMessage `json:"Condition,omitempty"` // conditions for when a policy is in effect }
Internal type IAMStatement represents an IAM policy document statement
func (*IAMStatement) DeepCopy ¶ added in v0.166.0
func (in *IAMStatement) DeepCopy() *IAMStatement
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMStatement.
func (*IAMStatement) DeepCopyInto ¶ added in v0.166.0
func (in *IAMStatement) DeepCopyInto(out *IAMStatement)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMStatement) ToMapOfInterfaces ¶ added in v0.166.0
func (s *IAMStatement) ToMapOfInterfaces() map[string]interface{}
type IdentityProvider ¶ added in v0.39.0
type IdentityProvider struct { Inner IdentityProviderInterface // contains filtered or unexported fields }
IdentityProvider holds an identity provider configuration. See [the example eksctl config](https://github.com/eksctl-io/eksctl/blob/main/examples/27-oidc-provider.yaml). Schema type is one of `OIDCIdentityProvider`
func FromIdentityProvider ¶ added in v0.39.0
func FromIdentityProvider(idp IdentityProviderInterface) IdentityProvider
func (*IdentityProvider) DeepCopy ¶ added in v0.39.0
func (in *IdentityProvider) DeepCopy() *IdentityProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProvider.
func (*IdentityProvider) DeepCopyInto ¶ added in v0.39.0
func (in *IdentityProvider) DeepCopyInto(out *IdentityProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IdentityProvider) MarshalJSON ¶ added in v0.82.0
func (ip *IdentityProvider) MarshalJSON() ([]byte, error)
func (*IdentityProvider) UnmarshalJSON ¶ added in v0.39.0
func (ip *IdentityProvider) UnmarshalJSON(data []byte) error
type IdentityProviderInterface ¶ added in v0.39.0
type IdentityProviderInterface interface { DeepCopyIdentityProviderInterface() IdentityProviderInterface Type() IdentityProviderType }
IdentityProviderInterface is a dummy interface to give some extra type safety
type IdentityProviderType ¶ added in v0.39.0
type IdentityProviderType string
const (
OIDCIdentityProviderType IdentityProviderType = "oidc"
)
type InlineDocument ¶
type InlineDocument map[string]interface{}
InlineDocument holds any arbitrary JSON/YAML documents, such as extra config parameters or IAM policies
func (*InlineDocument) DeepCopy ¶
func (in *InlineDocument) DeepCopy() *InlineDocument
DeepCopy is needed to generate kubernetes types for InlineDocument
func (InlineDocument) DeepCopyInto ¶
func (in InlineDocument) DeepCopyInto(out *InlineDocument)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type InstanceSelector ¶ added in v0.44.0
type InstanceSelector struct { // VCPUs specifies the number of vCPUs VCPUs int `json:"vCPUs,omitempty"` // Memory specifies the memory // The unit defaults to GiB Memory string `json:"memory,omitempty"` // GPUs specifies the number of GPUs. // It can be set to 0 to select non-GPU instance types. GPUs *int `json:"gpus,omitempty"` // CPU Architecture of the EC2 instance type. // Valid variants are: // `"x86_64"` // `"amd64"` // `"arm64"` CPUArchitecture string `json:"cpuArchitecture,omitempty"` }
InstanceSelector holds EC2 instance selector options
func (*InstanceSelector) DeepCopy ¶ added in v0.44.0
func (in *InstanceSelector) DeepCopy() *InstanceSelector
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstanceSelector.
func (*InstanceSelector) DeepCopyInto ¶ added in v0.44.0
func (in *InstanceSelector) DeepCopyInto(out *InstanceSelector)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (InstanceSelector) IsZero ¶ added in v0.44.0
func (is InstanceSelector) IsZero() bool
IsZero returns true if all fields hold a zero value
type Karpenter ¶ added in v0.80.0
type Karpenter struct { // Version defines the Karpenter version to install // +required Version string `json:"version"` // CreateServiceAccount create a service account or not. // +optional CreateServiceAccount *bool `json:"createServiceAccount,omitempty"` // DefaultInstanceProfile override the default IAM instance profile // +optional DefaultInstanceProfile *string `json:"defaultInstanceProfile,omitempty"` // WithSpotInterruptionQueue if true, adds all required policies and rules // for supporting Spot Interruption Queue on Karpenter deployments WithSpotInterruptionQueue *bool `json:"withSpotInterruptionQueue,omitempty"` }
Karpenter provides configuration options
func (*Karpenter) DeepCopy ¶ added in v0.80.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Karpenter.
func (*Karpenter) DeepCopyInto ¶ added in v0.80.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KubernetesNetworkConfig ¶
type KubernetesNetworkConfig struct { // Valid variants are `IPFamily` constants // +optional IPFamily string `json:"ipFamily,omitempty"` // ServiceIPv4CIDR is the CIDR range from where `ClusterIP`s are assigned ServiceIPv4CIDR string `json:"serviceIPv4CIDR,omitempty"` }
KubernetesNetworkConfig contains cluster networking options
func (*KubernetesNetworkConfig) DeepCopy ¶
func (in *KubernetesNetworkConfig) DeepCopy() *KubernetesNetworkConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesNetworkConfig.
func (*KubernetesNetworkConfig) DeepCopyInto ¶
func (in *KubernetesNetworkConfig) DeepCopyInto(out *KubernetesNetworkConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KubernetesNetworkConfig) IPv6Enabled ¶ added in v0.80.0
func (k *KubernetesNetworkConfig) IPv6Enabled() bool
type LaunchTemplate ¶
type LaunchTemplate struct { // Launch template ID // +required ID string `json:"id,omitempty"` // Launch template version // Defaults to the default launch template version // TODO support $Default, $Latest Version *string `json:"version,omitempty"` }
func (*LaunchTemplate) DeepCopy ¶
func (in *LaunchTemplate) DeepCopy() *LaunchTemplate
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LaunchTemplate.
func (*LaunchTemplate) DeepCopyInto ¶
func (in *LaunchTemplate) DeepCopyInto(out *LaunchTemplate)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ManagedNodeGroup ¶
type ManagedNodeGroup struct { *NodeGroupBase // InstanceTypes specifies a list of instance types InstanceTypes []string `json:"instanceTypes,omitempty"` // Spot creates a spot nodegroup Spot bool `json:"spot,omitempty"` // Taints taints to apply to the nodegroup Taints []NodeGroupTaint `json:"taints,omitempty"` // UpdateConfig configures how to update NodeGroups. // +optional UpdateConfig *NodeGroupUpdateConfig `json:"updateConfig,omitempty"` // LaunchTemplate specifies an existing launch template to use // for the nodegroup LaunchTemplate *LaunchTemplate `json:"launchTemplate,omitempty"` // ReleaseVersion the AMI version of the EKS optimized AMI to use ReleaseVersion string `json:"releaseVersion"` // NodeRepairConfig configures the auto repair feature of the nodegroup // +optional NodeRepairConfig *NodeGroupNodeRepairConfig `json:"nodeRepairConfig,omitempty"` Unowned bool `json:"-"` }
ManagedNodeGroup represents an EKS-managed nodegroup
func NewManagedNodeGroup ¶
func NewManagedNodeGroup() *ManagedNodeGroup
NewManagedNodeGroup creates a new ManagedNodeGroup
func (*ManagedNodeGroup) BaseNodeGroup ¶
func (m *ManagedNodeGroup) BaseNodeGroup() *NodeGroupBase
BaseNodeGroup implements NodePool
func (*ManagedNodeGroup) DeepCopy ¶
func (in *ManagedNodeGroup) DeepCopy() *ManagedNodeGroup
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedNodeGroup.
func (*ManagedNodeGroup) DeepCopyInto ¶
func (in *ManagedNodeGroup) DeepCopyInto(out *ManagedNodeGroup)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ManagedNodeGroup) GetDesiredCapacity ¶ added in v0.82.0
func (m *ManagedNodeGroup) GetDesiredCapacity() int
func (*ManagedNodeGroup) InstanceTypeList ¶ added in v0.40.0
func (m *ManagedNodeGroup) InstanceTypeList() []string
func (*ManagedNodeGroup) ListOptions ¶
func (m *ManagedNodeGroup) ListOptions() metav1.ListOptions
func (*ManagedNodeGroup) NGTaints ¶ added in v0.53.0
func (m *ManagedNodeGroup) NGTaints() []NodeGroupTaint
NGTaints implements NodePool
type MetricsCollection ¶
type MetricsCollection struct { // +required Granularity string `json:"granularity"` // +optional Metrics []string `json:"metrics,omitempty"` }
MetricsCollection used by the scaling config, see [cloudformation docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-metricscollection.html)
func (*MetricsCollection) DeepCopy ¶
func (in *MetricsCollection) DeepCopy() *MetricsCollection
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsCollection.
func (*MetricsCollection) DeepCopyInto ¶
func (in *MetricsCollection) DeepCopyInto(out *MetricsCollection)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Network ¶
type Network struct { // +optional ID string `json:"id,omitempty"` // +optional CIDR *ipnet.IPNet `json:"cidr,omitempty"` // +optional IPv6Cidr string `json:"ipv6Cidr,omitempty"` // +optional IPv6Pool string `json:"ipv6Pool,omitempty"` }
Network holds ID and CIDR
func (*Network) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Network.
func (*Network) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroup ¶
type NodeGroup struct { *NodeGroupBase //+optional InstancesDistribution *NodeGroupInstancesDistribution `json:"instancesDistribution,omitempty"` // +optional ASGMetricsCollection []MetricsCollection `json:"asgMetricsCollection,omitempty"` // CPUCredits configures [T3 Unlimited](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode.html), valid only for T-type instances // +optional CPUCredits *string `json:"cpuCredits,omitempty"` // Associate load balancers with auto scaling group // +optional ClassicLoadBalancerNames []string `json:"classicLoadBalancerNames,omitempty"` // Associate target group with auto scaling group // +optional TargetGroupARNs []string `json:"targetGroupARNs,omitempty"` // Taints taints to apply to the nodegroup // +optional Taints taintsWrapper `json:"taints,omitempty"` // UpdateConfig configures how to update NodeGroups. // +optional UpdateConfig *NodeGroupUpdateConfig `json:"updateConfig,omitempty"` // [Custom // address](/usage/vpc-networking/#custom-cluster-dns-address) used for DNS // lookups // +optional ClusterDNS string `json:"clusterDNS,omitempty"` // [Customize `kubelet` config](/usage/customizing-the-kubelet/) // +optional KubeletExtraConfig *InlineDocument `json:"kubeletExtraConfig,omitempty"` // ContainerRuntime defines the runtime (CRI) to use for containers on the node // +optional ContainerRuntime *string `json:"containerRuntime,omitempty"` // MaxInstanceLifetime defines the maximum amount of time in seconds an instance stays alive. // +optional MaxInstanceLifetime *int `json:"maxInstanceLifetime,omitempty"` // LocalZones specifies a list of local zones where the nodegroup should be launched. // The cluster should have been created with all of the local zones specified in this field. // +optional LocalZones []string `json:"localZones,omitempty"` }
NodeGroup holds configuration attributes that are specific to an unmanaged nodegroup
func NewNodeGroup ¶
func NewNodeGroup() *NodeGroup
NewNodeGroup creates a new NodeGroup, and returns a pointer to it
func (*NodeGroup) BaseNodeGroup ¶
func (n *NodeGroup) BaseNodeGroup() *NodeGroupBase
BaseNodeGroup implements NodePool
func (*NodeGroup) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroup.
func (*NodeGroup) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*NodeGroup) GetContainerRuntime ¶ added in v0.61.0
GetContainerRuntime returns the container runtime.
func (*NodeGroup) GetDesiredCapacity ¶ added in v0.82.0
func (*NodeGroup) GetInstanceType ¶ added in v0.112.0
GetInstanceType returns the instance type.
func (*NodeGroup) InstanceTypeList ¶ added in v0.40.0
func (*NodeGroup) NGTaints ¶ added in v0.53.0
func (n *NodeGroup) NGTaints() []NodeGroupTaint
NGTaints implements NodePool
func (*NodeGroup) SetInstanceType ¶ added in v0.112.0
SetInstanceType sets the instance type.
type NodeGroupBase ¶
type NodeGroupBase struct { // +required Name string `json:"name"` // Valid variants are `NodeAMIFamily` constants // +optional AMIFamily string `json:"amiFamily,omitempty"` // +optional InstanceType string `json:"instanceType,omitempty"` // Limit [nodes to specific // AZs](/usage/autoscaling/#zone-aware-auto-scaling) // +optional AvailabilityZones []string `json:"availabilityZones,omitempty"` // Limit nodes to specific subnets // +optional Subnets []string `json:"subnets,omitempty"` // +optional InstancePrefix string `json:"instancePrefix,omitempty"` // +optional InstanceName string `json:"instanceName,omitempty"` // +optional *ScalingConfig // +optional // VolumeSize gigabytes // Defaults to `80` VolumeSize *int `json:"volumeSize,omitempty"` // +optional // SSH configures ssh access for this nodegroup SSH *NodeGroupSSH `json:"ssh,omitempty"` // +optional Labels map[string]string `json:"labels,omitempty"` // Enable [private // networking](/usage/vpc-networking/#use-private-subnets-for-initial-nodegroup) // for nodegroup // +optional PrivateNetworking bool `json:"privateNetworking"` // Applied to the Autoscaling Group and to the EC2 instances (unmanaged), // Applied to the EKS Nodegroup resource and to the EC2 instances (managed) // +optional Tags map[string]string `json:"tags,omitempty"` // +optional IAM *NodeGroupIAM `json:"iam,omitempty"` // Specify [custom AMIs](/usage/custom-ami-support/), `auto-ssm`, `auto`, or `static` // +optional AMI string `json:"ami,omitempty"` // +optional SecurityGroups *NodeGroupSGs `json:"securityGroups,omitempty"` // +optional MaxPodsPerNode int `json:"maxPodsPerNode,omitempty"` // See [relevant AWS // docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-rollingupdate-suspendprocesses) // +optional ASGSuspendProcesses []string `json:"asgSuspendProcesses,omitempty"` // EBSOptimized enables [EBS // optimization](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) // +optional EBSOptimized *bool `json:"ebsOptimized,omitempty"` // Valid variants are `VolumeType` constants // +optional VolumeType *string `json:"volumeType,omitempty"` // +optional VolumeName *string `json:"volumeName,omitempty"` // +optional VolumeEncrypted *bool `json:"volumeEncrypted,omitempty"` // +optional VolumeKmsKeyID *string `json:"volumeKmsKeyID,omitempty"` // +optional VolumeIOPS *int `json:"volumeIOPS,omitempty"` // +optional VolumeThroughput *int `json:"volumeThroughput,omitempty"` // Additional Volume Configurations // +optional AdditionalVolumes []*VolumeMapping `json:"additionalVolumes,omitempty"` // PreBootstrapCommands are executed before bootstrapping instances to the // cluster // +optional PreBootstrapCommands []string `json:"preBootstrapCommands,omitempty"` // Override `eksctl`'s bootstrapping script // +optional OverrideBootstrapCommand *string `json:"overrideBootstrapCommand,omitempty"` // Propagate all taints and labels to the ASG automatically. // +optional PropagateASGTags *bool `json:"propagateASGTags,omitempty"` // DisableIMDSv1 requires requests to the metadata service to use IMDSv2 tokens // Defaults to `true` // +optional DisableIMDSv1 *bool `json:"disableIMDSv1,omitempty"` // DisablePodIMDS blocks all IMDS requests from non-host networking pods // Defaults to `false` // +optional DisablePodIMDS *bool `json:"disablePodIMDS,omitempty"` // Placement specifies the placement group in which nodes should // be spawned // +optional Placement *Placement `json:"placement,omitempty"` // EFAEnabled creates the maximum allowed number of EFA-enabled network // cards on nodes in this group. // +optional EFAEnabled *bool `json:"efaEnabled,omitempty"` // InstanceSelector specifies options for EC2 instance selector InstanceSelector *InstanceSelector `json:"instanceSelector,omitempty"` // Internal fields // Some AMIs (bottlerocket) have a separate volume for the OS AdditionalEncryptedVolume string `json:"-"` // Bottlerocket specifies settings for Bottlerocket nodes // +optional Bottlerocket *NodeGroupBottlerocket `json:"bottlerocket,omitempty"` // Enable EC2 detailed monitoring // +optional EnableDetailedMonitoring *bool `json:"enableDetailedMonitoring,omitempty"` // CapacityReservation defines reservation policy for a nodegroup CapacityReservation *CapacityReservation `json:"capacityReservation,omitempty"` // OutpostARN specifies the Outpost ARN in which the nodegroup should be created. // +optional OutpostARN string `json:"outpostARN,omitempty"` }
NodeGroupBase represents the base nodegroup config for self-managed and managed nodegroups
func (*NodeGroupBase) DeepCopy ¶
func (in *NodeGroupBase) DeepCopy() *NodeGroupBase
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupBase.
func (*NodeGroupBase) DeepCopyInto ¶
func (in *NodeGroupBase) DeepCopyInto(out *NodeGroupBase)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*NodeGroupBase) GetAMIFamily ¶
func (n *NodeGroupBase) GetAMIFamily() string
GetAMIFamily returns the AMI family
func (*NodeGroupBase) GetDesiredCapacity ¶ added in v0.82.0
func (n *NodeGroupBase) GetDesiredCapacity() int
func (*NodeGroupBase) ListOptions ¶
func (n *NodeGroupBase) ListOptions() metav1.ListOptions
ListOptions returns metav1.ListOptions with label selector for the nodegroup
func (*NodeGroupBase) NameString ¶
func (n *NodeGroupBase) NameString() string
NameString returns the nodegroup name
func (*NodeGroupBase) Size ¶
func (n *NodeGroupBase) Size() int
Size returns the minimum nodegroup size
type NodeGroupBottlerocket ¶
type NodeGroupBottlerocket struct { // +optional EnableAdminContainer *bool `json:"enableAdminContainer,omitempty"` // Settings contains any [bottlerocket // settings](https://bottlerocket.dev/en/os/latest/#/api/settings/) // +optional Settings *InlineDocument `json:"settings,omitempty"` }
NodeGroupBottlerocket holds the configuration for Bottlerocket based NodeGroups.
func (*NodeGroupBottlerocket) DeepCopy ¶
func (in *NodeGroupBottlerocket) DeepCopy() *NodeGroupBottlerocket
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupBottlerocket.
func (*NodeGroupBottlerocket) DeepCopyInto ¶
func (in *NodeGroupBottlerocket) DeepCopyInto(out *NodeGroupBottlerocket)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupIAM ¶
type NodeGroupIAM struct { // AttachPolicy holds a policy document to attach // +optional AttachPolicy InlineDocument `json:"attachPolicy,omitempty"` // list of ARNs of the IAM policies to attach // +optional AttachPolicyARNs []string `json:"attachPolicyARNs,omitempty"` // InstanceProfileARN holds the ARN of instance profile, not supported for Managed NodeGroups // +optional InstanceProfileARN string `json:"instanceProfileARN,omitempty"` // +optional InstanceRoleARN string `json:"instanceRoleARN,omitempty"` // +optional InstanceRoleName string `json:"instanceRoleName,omitempty"` // +optional InstanceRolePermissionsBoundary string `json:"instanceRolePermissionsBoundary,omitempty"` // +optional WithAddonPolicies NodeGroupIAMAddonPolicies `json:"withAddonPolicies,omitempty"` }
NodeGroupIAM holds all IAM attributes of a NodeGroup
func (*NodeGroupIAM) DeepCopy ¶
func (in *NodeGroupIAM) DeepCopy() *NodeGroupIAM
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupIAM.
func (*NodeGroupIAM) DeepCopyInto ¶
func (in *NodeGroupIAM) DeepCopyInto(out *NodeGroupIAM)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupIAMAddonPolicies ¶
type NodeGroupIAMAddonPolicies struct { // +optional // ImageBuilder allows for full ECR (Elastic Container Registry) access. This is useful for building, for // example, a CI server that needs to push images to ECR ImageBuilder *bool `json:"imageBuilder"` // +optional // AutoScaler enables IAM policy for cluster-autoscaler AutoScaler *bool `json:"autoScaler"` // +optional // ExternalDNS adds the external-dns project policies for Amazon Route 53 ExternalDNS *bool `json:"externalDNS"` // +optional // CertManager enables the ability to add records to Route 53 in order to solve the DNS01 challenge. More information can be found // [here](https://cert-manager.io/docs/configuration/acme/dns01/route53/#set-up-a-iam-role) CertManager *bool `json:"certManager"` // +optional // AppMesh enables full access to AppMesh AppMesh *bool `json:"appMesh"` // +optional // AppMeshPreview enables full access to AppMesh Preview AppMeshPreview *bool `json:"appMeshPreview"` // +optional // EBS enables the new EBS CSI (Elastic Block Store Container Storage Interface) driver EBS *bool `json:"ebs"` // +optional FSX *bool `json:"fsx"` // +optional EFS *bool `json:"efs"` // +optional AWSLoadBalancerController *bool `json:"awsLoadBalancerController"` // +optional DeprecatedALBIngress *bool `json:"albIngress"` // +optional XRay *bool `json:"xRay"` // +optional CloudWatch *bool `json:"cloudWatch"` }
NodeGroupIAMAddonPolicies holds all IAM addon policies
func (*NodeGroupIAMAddonPolicies) DeepCopy ¶
func (in *NodeGroupIAMAddonPolicies) DeepCopy() *NodeGroupIAMAddonPolicies
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupIAMAddonPolicies.
func (*NodeGroupIAMAddonPolicies) DeepCopyInto ¶
func (in *NodeGroupIAMAddonPolicies) DeepCopyInto(out *NodeGroupIAMAddonPolicies)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupInstancesDistribution ¶
type NodeGroupInstancesDistribution struct { // +required InstanceTypes []string `json:"instanceTypes,omitempty"` // Defaults to `on demand price` // +optional MaxPrice *float64 `json:"maxPrice,omitempty"` // Defaults to `0` // +optional OnDemandBaseCapacity *int `json:"onDemandBaseCapacity,omitempty"` // Range [0-100] // Defaults to `100` // +optional OnDemandPercentageAboveBaseCapacity *int `json:"onDemandPercentageAboveBaseCapacity,omitempty"` // Range [1-20] // Defaults to `2` // +optional SpotInstancePools *int `json:"spotInstancePools,omitempty"` // +optional SpotAllocationStrategy *string `json:"spotAllocationStrategy,omitempty"` // Enable [capacity // rebalancing](https://docs.aws.amazon.com/autoscaling/ec2/userguide/capacity-rebalance.html) // for spot instances // +optional CapacityRebalance bool `json:"capacityRebalance"` }
NodeGroupInstancesDistribution holds the configuration for [spot instances](/usage/spot-instances/)
func (*NodeGroupInstancesDistribution) DeepCopy ¶
func (in *NodeGroupInstancesDistribution) DeepCopy() *NodeGroupInstancesDistribution
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupInstancesDistribution.
func (*NodeGroupInstancesDistribution) DeepCopyInto ¶
func (in *NodeGroupInstancesDistribution) DeepCopyInto(out *NodeGroupInstancesDistribution)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupNodeRepairConfig ¶ added in v0.199.0
type NodeGroupNodeRepairConfig struct { // Enables the auto repair feature for the nodegroup // +optional Enabled *bool `json:"enabled,omitempty"` }
NodeGroupNodeRepairConfig contains the auto repair configuration for the nodegroup
type NodeGroupSGs ¶
type NodeGroupSGs struct { // AttachIDs attaches additional security groups to the nodegroup // +optional AttachIDs []string `json:"attachIDs,omitempty"` // shared among all nodegroups in the cluster // Not supported for managed nodegroups // Defaults to `true` // +optional WithShared *bool `json:"withShared"` // WithLocal attach a security group // local to this nodegroup // Not supported for managed nodegroups // Defaults to `true` // +optional WithLocal *bool `json:"withLocal"` }
NodeGroupSGs controls security groups for this nodegroup
func (*NodeGroupSGs) DeepCopy ¶
func (in *NodeGroupSGs) DeepCopy() *NodeGroupSGs
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupSGs.
func (*NodeGroupSGs) DeepCopyInto ¶
func (in *NodeGroupSGs) DeepCopyInto(out *NodeGroupSGs)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupSSH ¶
type NodeGroupSSH struct { // +optional If Allow is true the SSH configuration provided is used, otherwise it is ignored. Only one of // PublicKeyPath, PublicKey and PublicKeyName can be configured Allow *bool `json:"allow"` // +optional The path to the SSH public key to be added to the nodes SSH keychain. If Allow is true this value // defaults to "~/.ssh/id_rsa.pub", otherwise the value is ignored. PublicKeyPath *string `json:"publicKeyPath,omitempty"` // +optional Public key to be added to the nodes SSH keychain. If Allow is false this value is ignored. PublicKey *string `json:"publicKey,omitempty"` // +optional Public key name in EC2 to be added to the nodes SSH keychain. If Allow is false this value // is ignored. PublicKeyName *string `json:"publicKeyName,omitempty"` // +optional SourceSecurityGroupIDs []string `json:"sourceSecurityGroupIds,omitempty"` // Enables the ability to [SSH onto nodes using SSM](/introduction#ssh-access) // +optional EnableSSM *bool `json:"enableSsm,omitempty"` }
NodeGroupSSH holds all the ssh access configuration to a NodeGroup
func (*NodeGroupSSH) DeepCopy ¶
func (in *NodeGroupSSH) DeepCopy() *NodeGroupSSH
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupSSH.
func (*NodeGroupSSH) DeepCopyInto ¶
func (in *NodeGroupSSH) DeepCopyInto(out *NodeGroupSSH)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupTaint ¶ added in v0.50.0
type NodeGroupTaint struct { Key string `json:"key,omitempty"` Value string `json:"value,omitempty"` Effect corev1.TaintEffect `json:"effect,omitempty"` }
NodeGroupTaint represents a Kubernetes taint
func (*NodeGroupTaint) DeepCopy ¶ added in v0.50.0
func (in *NodeGroupTaint) DeepCopy() *NodeGroupTaint
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupTaint.
func (*NodeGroupTaint) DeepCopyInto ¶ added in v0.50.0
func (in *NodeGroupTaint) DeepCopyInto(out *NodeGroupTaint)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupUpdateConfig ¶ added in v0.55.0
type NodeGroupUpdateConfig struct { // when updating a nodegroup (specified as number) // +optional MaxUnavailable *int `json:"maxUnavailable,omitempty"` // when updating a nodegroup (specified as percentage) // +optional MaxUnavailablePercentage *int `json:"maxUnavailablePercentage,omitempty"` }
NodeGroupUpdateConfig contains the configuration for updating NodeGroups.
func (*NodeGroupUpdateConfig) DeepCopy ¶ added in v0.55.0
func (in *NodeGroupUpdateConfig) DeepCopy() *NodeGroupUpdateConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupUpdateConfig.
func (*NodeGroupUpdateConfig) DeepCopyInto ¶ added in v0.55.0
func (in *NodeGroupUpdateConfig) DeepCopyInto(out *NodeGroupUpdateConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodePool ¶
type NodePool interface { // BaseNodeGroup returns the base nodegroup BaseNodeGroup() *NodeGroupBase // NGTaints returns the taints to apply for this nodegroup NGTaints() []NodeGroupTaint // InstanceTypeList returns a list of instances that are configured for that nodegroup InstanceTypeList() []string }
NodePool represents a group of nodes that share the same configuration Ideally the NodeGroup type should be renamed to UnmanagedNodeGroup or SelfManagedNodeGroup and this interface should be called NodeGroup
type OIDCIdentityProvider ¶ added in v0.39.0
type OIDCIdentityProvider struct { // +required Name string `json:"name,omitempty"` // +required IssuerURL string `json:"issuerURL,omitempty"` // +required ClientID string `json:"clientID,omitempty"` UsernameClaim string `json:"usernameClaim,omitempty"` UsernamePrefix string `json:"usernamePrefix,omitempty"` GroupsClaim string `json:"groupsClaim,omitempty"` GroupsPrefix string `json:"groupsPrefix,omitempty"` RequiredClaims map[string]string `json:"requiredClaims,omitempty"` Tags map[string]string `json:"tags,omitempty"` }
OIDCIdentityProvider holds the spec of an OIDC provider to use for EKS authzn
func (*OIDCIdentityProvider) DeepCopy ¶ added in v0.39.0
func (in *OIDCIdentityProvider) DeepCopy() *OIDCIdentityProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProvider.
func (*OIDCIdentityProvider) DeepCopyIdentityProviderInterface ¶ added in v0.39.0
func (p *OIDCIdentityProvider) DeepCopyIdentityProviderInterface() IdentityProviderInterface
func (*OIDCIdentityProvider) DeepCopyInto ¶ added in v0.39.0
func (in *OIDCIdentityProvider) DeepCopyInto(out *OIDCIdentityProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*OIDCIdentityProvider) Type ¶ added in v0.39.0
func (p *OIDCIdentityProvider) Type() IdentityProviderType
type Outpost ¶ added in v0.112.0
type Outpost struct { // ControlPlaneOutpostARN specifies the Outpost ARN in which the control plane should be created. ControlPlaneOutpostARN string `json:"controlPlaneOutpostARN"` // ControlPlaneInstanceType specifies the instance type to use for creating the control plane instances. ControlPlaneInstanceType string `json:"controlPlaneInstanceType"` // ControlPlanePlacement specifies the placement configuration for control plane instances on Outposts. ControlPlanePlacement *Placement `json:"controlPlanePlacement,omitempty"` }
Outpost holds the Outpost configuration.
func (*Outpost) DeepCopy ¶ added in v0.112.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Outpost.
func (*Outpost) DeepCopyInto ¶ added in v0.112.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Outpost) GetInstanceType ¶ added in v0.112.0
GetInstanceType returns the control plane instance type.
func (*Outpost) HasPlacementGroup ¶ added in v0.125.0
HasPlacementGroup reports whether this Outpost has a placement group.
func (*Outpost) SetInstanceType ¶ added in v0.112.0
SetInstanceType sets the control plane instance type.
type OutpostInfo ¶ added in v0.112.0
type OutpostInfo interface { // IsControlPlaneOnOutposts returns true if the control plane is on Outposts. IsControlPlaneOnOutposts() bool // GetOutpost returns the Outpost info. GetOutpost() *Outpost }
OutpostInfo describes the Outpost info.
type Placement ¶
type Placement struct {
GroupName string `json:"groupName,omitempty"`
}
Placement specifies placement group information
func (*Placement) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Placement.
func (*Placement) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PodIdentityAssociation ¶ added in v0.165.0
type PodIdentityAssociation struct { Namespace string `json:"namespace"` ServiceAccountName string `json:"serviceAccountName"` RoleARN string `json:"roleARN"` // +optional CreateServiceAccount bool `json:"createServiceAccount,omitempty"` // +optional RoleName string `json:"roleName,omitempty"` // +optional PermissionsBoundaryARN string `json:"permissionsBoundaryARN,omitempty"` // +optional PermissionPolicyARNs []string `json:"permissionPolicyARNs,omitempty"` // +optional PermissionPolicy InlineDocument `json:"permissionPolicy,omitempty"` // +optional WellKnownPolicies WellKnownPolicies `json:"wellKnownPolicies,omitempty"` // +optional Tags map[string]string `json:"tags,omitempty"` }
func (*PodIdentityAssociation) DeepCopy ¶ added in v0.165.0
func (in *PodIdentityAssociation) DeepCopy() *PodIdentityAssociation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodIdentityAssociation.
func (*PodIdentityAssociation) DeepCopyInto ¶ added in v0.165.0
func (in *PodIdentityAssociation) DeepCopyInto(out *PodIdentityAssociation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (PodIdentityAssociation) NameString ¶ added in v0.166.0
func (p PodIdentityAssociation) NameString() string
type PrivateCluster ¶
type PrivateCluster struct { // Enabled enables creation of a fully-private cluster. Enabled bool `json:"enabled"` // SkipEndpointCreation skips the creation process for endpoints completely. This is only used in case of an already // provided VPC and if the user decided to set it to true. SkipEndpointCreation bool `json:"skipEndpointCreation"` // AdditionalEndpointServices specifies additional endpoint services that // must be enabled for private access. // Valid entries are "cloudformation", "autoscaling" and "logs". AdditionalEndpointServices []string `json:"additionalEndpointServices,omitempty"` }
PrivateCluster defines the configuration for a fully-private cluster.
func (*PrivateCluster) DeepCopy ¶
func (in *PrivateCluster) DeepCopy() *PrivateCluster
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrivateCluster.
func (*PrivateCluster) DeepCopyInto ¶
func (in *PrivateCluster) DeepCopyInto(out *PrivateCluster)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Profile ¶
Profile is the AWS profile to use.
func (*Profile) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Profile.
func (*Profile) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProviderConfig ¶
type ProviderConfig struct { CloudFormationRoleARN string CloudFormationDisableRollback bool Region string Profile Profile WaitTimeout time.Duration }
ProviderConfig holds global parameters for all interactions with AWS APIs
func (*ProviderConfig) DeepCopy ¶
func (in *ProviderConfig) DeepCopy() *ProviderConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderConfig.
func (*ProviderConfig) DeepCopyInto ¶
func (in *ProviderConfig) DeepCopyInto(out *ProviderConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RemoteNetwork ¶ added in v0.195.0
type RemoteNetwork struct {
CIDRs []string `json:"cidrs,omitempty"`
}
RemoteNetwork
func (*RemoteNetwork) DeepCopy ¶ added in v0.195.0
func (in *RemoteNetwork) DeepCopy() *RemoteNetwork
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteNetwork.
func (*RemoteNetwork) DeepCopyInto ¶ added in v0.195.0
func (in *RemoteNetwork) DeepCopyInto(out *RemoteNetwork)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RemoteNetworkConfig ¶ added in v0.195.0
type RemoteNetworkConfig struct { // +optional IAM *RemoteNodesIAM `json:"iam,omitempty"` // +required VPCGatewayID *VPCGateway `json:"vpcGatewayID,omitempty"` // +required RemoteNodeNetworks []*RemoteNetwork `json:"remoteNodeNetworks,omitempty"` // +optional RemotePodNetworks []*RemoteNetwork `json:"remotePodNetworks,omitempty"` }
RemoteNetworkConfig
func (*RemoteNetworkConfig) DeepCopy ¶ added in v0.195.0
func (in *RemoteNetworkConfig) DeepCopy() *RemoteNetworkConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteNetworkConfig.
func (*RemoteNetworkConfig) DeepCopyInto ¶ added in v0.195.0
func (in *RemoteNetworkConfig) DeepCopyInto(out *RemoteNetworkConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RemoteNetworkConfig) HasRemoteNodesEnabled ¶ added in v0.195.0
func (r *RemoteNetworkConfig) HasRemoteNodesEnabled() bool
func (*RemoteNetworkConfig) ToRemoteNetworksPool ¶ added in v0.195.0
func (r *RemoteNetworkConfig) ToRemoteNetworksPool() []string
type RemoteNodesIAM ¶ added in v0.195.0
type RemoteNodesIAM struct { // Provider the AWS service responsible for provisioning IAM credentials to remote nodes. // Valid options are `SSM` (System Manager), default, and `IRA` (IAM Roles anywhere). // Required IRA config (i.e. TrustAnchor, AnywhereProfile) will be created by eksctl behind the scenes. // +optional Provider *string `json:"provider,omitempty"` // RoleARN the IAM Role ARN to be added to aws-auth configmap for remote nodes. // If not set, eksctl creates the role behind the scenes, adds an entry into the configmap and sets up any other SSM/IRA config. // If set, eksctl will only add the configmap entry, while creating any required SSM/IRA config falls under user's responsibility. // +optional RoleARN *string `json:"roleARN,omitempty"` // CABundleCert the CA bundle certificate used by IRA trust anchor. // Can't be set if Provider is SSM. // +optional CABundleCert *string `json:"caBundleCert,omitempty"` }
func (*RemoteNodesIAM) DeepCopy ¶ added in v0.195.0
func (in *RemoteNodesIAM) DeepCopy() *RemoteNodesIAM
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteNodesIAM.
func (*RemoteNodesIAM) DeepCopyInto ¶ added in v0.195.0
func (in *RemoteNodesIAM) DeepCopyInto(out *RemoteNodesIAM)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type STSPresigner ¶ added in v0.92.0
type STSPresigner interface {
PresignGetCallerIdentity(ctx context.Context, params *sts.GetCallerIdentityInput, optFns ...func(*sts.PresignOptions)) (*v4.PresignedHTTPRequest, error)
}
STSPresigner defines the method to pre-sign GetCallerIdentity requests to add a proper header required by EKS for authentication from the outside.
type ScalingConfig ¶
type ScalingConfig struct { // +optional DesiredCapacity *int `json:"desiredCapacity,omitempty"` // +optional MinSize *int `json:"minSize,omitempty"` // +optional MaxSize *int `json:"maxSize,omitempty"` }
ScalingConfig defines the scaling config
func (*ScalingConfig) DeepCopy ¶
func (in *ScalingConfig) DeepCopy() *ScalingConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScalingConfig.
func (*ScalingConfig) DeepCopyInto ¶
func (in *ScalingConfig) DeepCopyInto(out *ScalingConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretsEncryption ¶
type SecretsEncryption struct { // +required KeyARN string `json:"keyARN,omitempty"` }
SecretsEncryption defines the configuration for KMS encryption provider
func (*SecretsEncryption) DeepCopy ¶
func (in *SecretsEncryption) DeepCopy() *SecretsEncryption
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretsEncryption.
func (*SecretsEncryption) DeepCopyInto ¶
func (in *SecretsEncryption) DeepCopyInto(out *SecretsEncryption)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SubnetTopology ¶
type SubnetTopology string
SubnetTopology can be SubnetTopologyPrivate or SubnetTopologyPublic
func SubnetTopologies ¶
func SubnetTopologies() []SubnetTopology
SubnetTopologies returns a list of topologies
type UnsupportedFeatureError ¶ added in v0.39.0
UnsupportedFeatureError is an error that represents an unsupported feature +k8s:deepcopy-gen=false
func (*UnsupportedFeatureError) Error ¶ added in v0.39.0
func (u *UnsupportedFeatureError) Error() string
type VPCGateway ¶ added in v0.195.0
type VPCGateway string
VPCGatewayID the ID of the gateway that facilitates external connectivity from customer's VPC to their remote network(s). Valid options are Transit Gateway and Virtual Private Gateway.
func (*VPCGateway) IsSet ¶ added in v0.195.0
func (v *VPCGateway) IsSet() bool
func (*VPCGateway) IsTransitGateway ¶ added in v0.195.0
func (v *VPCGateway) IsTransitGateway() bool
func (*VPCGateway) IsVirtualPrivateGateway ¶ added in v0.195.0
func (v *VPCGateway) IsVirtualPrivateGateway() bool
type VolumeMapping ¶ added in v0.83.0
type VolumeMapping struct { // +optional // VolumeSize gigabytes // Defaults to `80` VolumeSize *int `json:"volumeSize,omitempty"` // Valid variants are `VolumeType` constants // +optional VolumeType *string `json:"volumeType,omitempty"` // +optional VolumeName *string `json:"volumeName,omitempty"` // +optional VolumeEncrypted *bool `json:"volumeEncrypted,omitempty"` // +optional VolumeKmsKeyID *string `json:"volumeKmsKeyID,omitempty"` // +optional VolumeIOPS *int `json:"volumeIOPS,omitempty"` // +optional VolumeThroughput *int `json:"volumeThroughput,omitempty"` // +optional SnapshotID *string `json:"snapshotID,omitempty"` }
VolumeMapping Additional Volume Configurations
func (*VolumeMapping) DeepCopy ¶ added in v0.83.0
func (in *VolumeMapping) DeepCopy() *VolumeMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeMapping.
func (*VolumeMapping) DeepCopyInto ¶ added in v0.83.0
func (in *VolumeMapping) DeepCopyInto(out *VolumeMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type WellKnownPolicies ¶ added in v0.39.0
type WellKnownPolicies struct { // ImageBuilder allows for full ECR (Elastic Container Registry) access. ImageBuilder bool `json:"imageBuilder,inline"` // AutoScaler adds policies for cluster-autoscaler. See [autoscaler AWS // docs](https://docs.aws.amazon.com/eks/latest/userguide/cluster-autoscaler.html). AutoScaler bool `json:"autoScaler,inline"` // AWSLoadBalancerController adds policies for using the // aws-load-balancer-controller. See [Load Balancer // docs](https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html). AWSLoadBalancerController bool `json:"awsLoadBalancerController,inline"` // ExternalDNS adds external-dns policies for Amazon Route 53. // See [external-dns // docs](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md). ExternalDNS bool `json:"externalDNS,inline"` // CertManager adds cert-manager policies. See [cert-manager // docs](https://cert-manager.io/docs/configuration/acme/dns01/route53). CertManager bool `json:"certManager,inline"` // EBSCSIController adds policies for using the // ebs-csi-controller. See [aws-ebs-csi-driver // docs](https://github.com/kubernetes-sigs/aws-ebs-csi-driver#set-up-driver-permission). EBSCSIController bool `json:"ebsCSIController,inline"` // EFSCSIController adds policies for using the // efs-csi-controller. See [aws-efs-csi-driver // docs](https://aws.amazon.com/blogs/containers/introducing-efs-csi-dynamic-provisioning). EFSCSIController bool `json:"efsCSIController,inline"` }
WellKnownPolicies for attaching common IAM policies
func (*WellKnownPolicies) DeepCopy ¶ added in v0.39.0
func (in *WellKnownPolicies) DeepCopy() *WellKnownPolicies
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WellKnownPolicies.
func (*WellKnownPolicies) DeepCopyInto ¶ added in v0.39.0
func (in *WellKnownPolicies) DeepCopyInto(out *WellKnownPolicies)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*WellKnownPolicies) HasPolicy ¶ added in v0.39.0
func (p *WellKnownPolicies) HasPolicy() bool
func (*WellKnownPolicies) Set ¶ added in v0.165.0
func (p *WellKnownPolicies) Set(policiesStr string) error
func (*WellKnownPolicies) String ¶ added in v0.165.0
func (p *WellKnownPolicies) String() string
func (*WellKnownPolicies) Type ¶ added in v0.165.0
func (p *WellKnownPolicies) Type() string
type ZonalShiftConfig ¶ added in v0.194.0
type ZonalShiftConfig struct { // Enabled enables or disables zonal shift. Enabled *bool `json:"enabled,omitempty"` }
ZonalShiftConfig holds the zonal shift configuration.
func (*ZonalShiftConfig) DeepCopy ¶ added in v0.195.0
func (in *ZonalShiftConfig) DeepCopy() *ZonalShiftConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ZonalShiftConfig.
func (*ZonalShiftConfig) DeepCopyInto ¶ added in v0.195.0
func (in *ZonalShiftConfig) DeepCopyInto(out *ZonalShiftConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files ¶
- access_entry.go
- addon.go
- auto_mode.go
- cloudwatch.go
- defaults.go
- doc.go
- endpoint_service.go
- generate.go
- iam.go
- identity_provider.go
- identitymapping.go
- instance.go
- known_addons.go
- nodegroups.go
- partitions.go
- register.go
- types.go
- validation.go
- vpc.go
- well_known_iam_policy.go
- zz_generated.deepcopy.go
- zz_generated.defaults.go