Documentation ¶
Overview ¶
Package v1alpha5 is the v1alpha5 version of the API. +groupName=eksctl.io
Index ¶
- Constants
- Variables
- func ClusterConfigTypeMeta() metav1.TypeMeta
- func ClusterHasInstanceType(cfg *ClusterConfig, hasType func(string) bool) bool
- func DefaultCIDR() ipnet.IPNet
- func DeprecatedVersions() []string
- func Disabled() *bool
- func EKSResourceAccountID(region string) string
- func Enabled() *bool
- func EndpointsEqual(a, b ClusterEndpoints) bool
- func ErrInvalidName(name string) error
- func ErrTooFewAvailabilityZones(azs []string) error
- func HasInstanceType(nodeGroup *NodeGroup, hasType func(string) bool) bool
- func HasInstanceTypeManaged(nodeGroup *ManagedNodeGroup, hasType func(string) bool) bool
- func HasMixedInstances(ng *NodeGroup) bool
- func ImportSubnet(subnets AZSubnetMapping, subnet *ec2types.Subnet, ...) error
- func IsAMI(amiFlag string) bool
- func IsDeprecatedVersion(version string) bool
- func IsDisabled(v *bool) bool
- func IsEmpty(s *string) bool
- func IsEnabled(v *bool) bool
- func IsInvalidNameArg(name string) bool
- func IsSetAndNonEmptyString(s *string) bool
- func IsSupportedVersion(version string) bool
- func IsWindowsImage(imageFamily string) bool
- func Kind(kind string) schema.GroupKind
- func Partition(region string) string
- func PrivateOnly(ces *ClusterEndpoints) bool
- func Register() error
- func Resource(resource string) schema.GroupResource
- func SelectInstanceType(np NodePool) string
- func SetClusterConfigDefaults(cfg *ClusterConfig)
- func SetClusterEndpointAccessDefaults(vpc *ClusterVPC)
- func SetManagedNodeGroupDefaults(ng *ManagedNodeGroup, meta *ClusterMeta, controlPlaneOnOutposts bool)
- func SetNodeGroupDefaults(ng *NodeGroup, meta *ClusterMeta, controlPlaneOnOutposts bool)
- func SupportedCloudWatchClusterLogTypes() []string
- func SupportedNodeVolumeTypes() []string
- func SupportedRegions() []string
- func SupportedVersions() []string
- func ValidateAdditionalEndpointServices(serviceNames []string) error
- func ValidateClusterConfig(cfg *ClusterConfig) error
- func ValidateClusterVersion(clusterConfig *ClusterConfig) error
- func ValidateManagedNodeGroup(index int, ng *ManagedNodeGroup) error
- func ValidateNodeGroup(i int, ng *NodeGroup, cfg *ClusterConfig) error
- func ValidateSecretsEncryption(clusterConfig *ClusterConfig) error
- type AZSubnetMapping
- func (in AZSubnetMapping) DeepCopy() AZSubnetMapping
- func (in AZSubnetMapping) DeepCopyInto(out *AZSubnetMapping)
- func (m AZSubnetMapping) SelectOutpostSubnetIDs() []string
- func (m *AZSubnetMapping) Set(name string, spec AZSubnetSpec)
- func (m *AZSubnetMapping) SetAZ(az string, spec Network)
- func (m *AZSubnetMapping) UnmarshalJSON(b []byte) error
- func (m *AZSubnetMapping) WithAZs() []string
- func (m *AZSubnetMapping) WithCIDRs() []string
- func (m *AZSubnetMapping) WithIDs() []string
- type AZSubnetSpec
- type Addon
- type CapacityReservation
- type CapacityReservationTarget
- type ClusterCloudWatch
- type ClusterCloudWatchLogging
- type ClusterConfig
- func (c *ClusterConfig) AllNodeGroups() []*NodeGroupBase
- func (c *ClusterConfig) AppendAvailabilityZone(newAZ string)
- func (c *ClusterConfig) AppendClusterCloudWatchLogTypes(types ...string)
- func (c *ClusterConfig) CanUseForPrivateNodeGroups() error
- func (c *ClusterConfig) ContainsWildcardCloudWatchLogging() bool
- func (c *ClusterConfig) CustomEndpointsMsg() string
- func (in *ClusterConfig) DeepCopy() *ClusterConfig
- func (in *ClusterConfig) DeepCopyInto(out *ClusterConfig)
- func (in *ClusterConfig) DeepCopyObject() runtime.Object
- func (c *ClusterConfig) DefaultEndpointsMsg() string
- func (c *ClusterConfig) FindNodeGroupOutpostARN() (outpostARN string, found bool)
- func (c *ClusterConfig) FindNodegroup(name string) (*NodeGroupBase, error)
- func (c *ClusterConfig) GetAllNodeGroupNames() []string
- func (c *ClusterConfig) GetOutpost() *Outpost
- func (c *ClusterConfig) GetStatus() *ClusterStatus
- func (c *ClusterConfig) HasAnySubnets() bool
- func (c *ClusterConfig) HasClusterCloudWatchLogging() bool
- func (c *ClusterConfig) HasClusterEndpointAccess() bool
- func (c *ClusterConfig) HasGitOpsFluxConfigured() bool
- func (c ClusterConfig) HasNodes() bool
- func (c *ClusterConfig) HasPrivateEndpointAccess() bool
- func (c *ClusterConfig) HasSufficientPrivateSubnets() bool
- func (c *ClusterConfig) HasSufficientSubnets() error
- func (c *ClusterConfig) HasWindowsNodeGroup() bool
- func (c *ClusterConfig) ID() string
- func (c *ClusterConfig) IPv6Enabled() bool
- func (c *ClusterConfig) IsControlPlaneOnOutposts() bool
- func (c ClusterConfig) IsFargateEnabled() bool
- func (c *ClusterConfig) IsFullyPrivate() bool
- func (c ClusterConfig) LogString() string
- func (c *ClusterConfig) Meta() *ClusterMeta
- func (c *ClusterConfig) NewNodeGroup() *NodeGroup
- func (c *ClusterConfig) SetClusterState(cluster *ekstypes.Cluster) error
- func (c *ClusterConfig) SetDefaultFargateProfile()
- func (c *ClusterConfig) SubnetInfo() string
- func (c *ClusterConfig) UpdateEndpointsMsg() string
- func (c *ClusterConfig) ValidateClusterEndpointConfig() error
- func (c *ClusterConfig) ValidatePrivateCluster() error
- func (c *ClusterConfig) ValidateVPCConfig() error
- type ClusterConfigList
- type ClusterEndpoints
- type ClusterIAM
- type ClusterIAMMeta
- type ClusterIAMServiceAccount
- type ClusterIAMServiceAccountStatus
- type ClusterMeta
- type ClusterNAT
- type ClusterProvider
- type ClusterStatus
- type ClusterSubnets
- type ClusterVPC
- type EKSCTLCreated
- type EndpointService
- type FargateProfile
- type FargateProfileSelector
- type Flux
- type FluxFlags
- type GitOps
- type IAMIdentityMapping
- type IdentityProvider
- type IdentityProviderInterface
- type IdentityProviderType
- type InlineDocument
- type InstanceSelector
- type Karpenter
- type KubernetesNetworkConfig
- type LaunchTemplate
- type ManagedNodeGroup
- func (m *ManagedNodeGroup) BaseNodeGroup() *NodeGroupBase
- func (in *ManagedNodeGroup) DeepCopy() *ManagedNodeGroup
- func (in *ManagedNodeGroup) DeepCopyInto(out *ManagedNodeGroup)
- func (m *ManagedNodeGroup) GetDesiredCapacity() int
- func (m *ManagedNodeGroup) InstanceTypeList() []string
- func (m *ManagedNodeGroup) ListOptions() metav1.ListOptions
- func (m *ManagedNodeGroup) NGTaints() []NodeGroupTaint
- type MetricsCollection
- type Network
- type NodeGroup
- func (n *NodeGroup) BaseNodeGroup() *NodeGroupBase
- func (in *NodeGroup) DeepCopy() *NodeGroup
- func (in *NodeGroup) DeepCopyInto(out *NodeGroup)
- func (n *NodeGroup) GetContainerRuntime() string
- func (n *NodeGroup) GetDesiredCapacity() int
- func (n *NodeGroup) GetInstanceType() string
- func (n *NodeGroup) InstanceTypeList() []string
- func (n *NodeGroup) NGTaints() []NodeGroupTaint
- func (n *NodeGroup) SetInstanceType(instanceType string)
- type NodeGroupBase
- func (in *NodeGroupBase) DeepCopy() *NodeGroupBase
- func (in *NodeGroupBase) DeepCopyInto(out *NodeGroupBase)
- func (n *NodeGroupBase) GetAMIFamily() string
- func (n *NodeGroupBase) GetDesiredCapacity() int
- func (n *NodeGroupBase) ListOptions() metav1.ListOptions
- func (n *NodeGroupBase) NameString() string
- func (n *NodeGroupBase) Size() int
- type NodeGroupBottlerocket
- type NodeGroupIAM
- type NodeGroupIAMAddonPolicies
- type NodeGroupInstancesDistribution
- type NodeGroupSGs
- type NodeGroupSSH
- type NodeGroupTaint
- type NodeGroupType
- type NodeGroupUpdateConfig
- type NodePool
- type OIDCIdentityProvider
- type Outpost
- type OutpostInfo
- type Placement
- type PrivateCluster
- type Profile
- type ProviderConfig
- type STSPresigner
- type ScalingConfig
- type SecretsEncryption
- type SubnetTopology
- type UnsupportedFeatureError
- type VolumeMapping
- type WellKnownPolicies
Constants ¶
const ( CurrentGroupVersion = "v1alpha5" ClusterConfigKind = "ClusterConfig" )
Conventional Kubernetes API contants
const ( Version1_21 = "1.21" Version1_22 = "1.22" Version1_23 = "1.23" Version1_24 = "1.24" // DefaultVersion (default) DefaultVersion = Version1_24 LatestVersion = Version1_24 DockershimDeprecationVersion = Version1_24 )
Values for `KubernetesVersion` All valid values should go in this block
const ( // Version1_10 represents Kubernetes version 1.10.x Version1_10 = "1.10" // Version1_11 represents Kubernetes version 1.11.x Version1_11 = "1.11" // Version1_12 represents Kubernetes version 1.12.x Version1_12 = "1.12" // Version1_13 represents Kubernetes version 1.13.x Version1_13 = "1.13" // Version1_14 represents Kubernetes version 1.14.x Version1_14 = "1.14" // Version1_15 represents Kubernetes version 1.15.x Version1_15 = "1.15" // Version1_16 represents Kubernetes version 1.16.x Version1_16 = "1.16" // Version1_17 represents Kubernetes version 1.17.x Version1_17 = "1.17" // Version1_18 represents Kubernetes version 1.18.x Version1_18 = "1.18" // Version1_19 represents Kubernetes version 1.19.x Version1_19 = "1.19" // Version1_20 represents Kubernetes version 1.20.x Version1_20 = "1.20" )
No longer supported versions
const ( // RegionUSWest1 represents the US West Region North California RegionUSWest1 = "us-west-1" // RegionUSWest2 represents the US West Region Oregon RegionUSWest2 = "us-west-2" // RegionUSEast1 represents the US East Region North Virginia RegionUSEast1 = "us-east-1" // RegionUSEast2 represents the US East Region Ohio RegionUSEast2 = "us-east-2" // RegionCACentral1 represents the Canada Central Region RegionCACentral1 = "ca-central-1" // RegionEUWest1 represents the EU West Region Ireland RegionEUWest1 = "eu-west-1" // RegionEUWest2 represents the EU West Region London RegionEUWest2 = "eu-west-2" // RegionEUWest3 represents the EU West Region Paris RegionEUWest3 = "eu-west-3" // RegionEUNorth1 represents the EU North Region Stockholm RegionEUNorth1 = "eu-north-1" // RegionEUCentral1 represents the EU Central Region Frankfurt RegionEUCentral1 = "eu-central-1" // RegionEUCentral2 represents the EU Central Region Zurich. RegionEUCentral2 = "eu-central-2" // RegionEUSouth1 represents the Eu South Region Milan RegionEUSouth1 = "eu-south-1" // RegionEUSouth2 represents the Eu South Region Spain RegionEUSouth2 = "eu-south-2" // RegionAPNorthEast1 represents the Asia-Pacific North East Region Tokyo RegionAPNorthEast1 = "ap-northeast-1" // RegionAPNorthEast2 represents the Asia-Pacific North East Region Seoul RegionAPNorthEast2 = "ap-northeast-2" // RegionAPNorthEast3 represents the Asia-Pacific North East region Osaka RegionAPNorthEast3 = "ap-northeast-3" // RegionAPSouthEast1 represents the Asia-Pacific South East Region Singapore RegionAPSouthEast1 = "ap-southeast-1" // RegionAPSouthEast2 represents the Asia-Pacific South East Region Sydney RegionAPSouthEast2 = "ap-southeast-2" // RegionAPSouthEast3 represents the Asia-Pacific South East Region Jakarta RegionAPSouthEast3 = "ap-southeast-3" // RegionAPSouth1 represents the Asia-Pacific South Region Mumbai RegionAPSouth1 = "ap-south-1" // RegionAPSouth2 represents the Asia-Pacific South Region Hyderabad RegionAPSouth2 = "ap-south-2" // RegionAPEast1 represents the Asia Pacific Region Hong Kong RegionAPEast1 = "ap-east-1" // RegionMECentral1 represents the Middle East Region Dubai RegionMECentral1 = "me-central-1" // RegionMESouth1 represents the Middle East Region Bahrain RegionMESouth1 = "me-south-1" // RegionSAEast1 represents the South America Region Sao Paulo RegionSAEast1 = "sa-east-1" // RegionAFSouth1 represents the Africa Region Cape Town RegionAFSouth1 = "af-south-1" // RegionCNNorthwest1 represents the China region Ningxia RegionCNNorthwest1 = "cn-northwest-1" // RegionCNNorth1 represents the China region Beijing RegionCNNorth1 = "cn-north-1" // RegionUSGovWest1 represents the region GovCloud (US-West) RegionUSGovWest1 = "us-gov-west-1" // RegionUSGovEast1 represents the region GovCloud (US-East) RegionUSGovEast1 = "us-gov-east-1" // DefaultRegion defines the default region, where to deploy the EKS cluster DefaultRegion = RegionUSWest2 )
Regions
const ( PartitionAWS = "aws" PartitionChina = "aws-cn" PartitionUSGov = "aws-us-gov" )
Partitions
const ( // DefaultNodeImageFamily (default) DefaultNodeImageFamily = NodeImageFamilyAmazonLinux2 NodeImageFamilyAmazonLinux2 = "AmazonLinux2" NodeImageFamilyUbuntu2004 = "Ubuntu2004" NodeImageFamilyUbuntu1804 = "Ubuntu1804" NodeImageFamilyBottlerocket = "Bottlerocket" NodeImageFamilyWindowsServer2019CoreContainer = "WindowsServer2019CoreContainer" NodeImageFamilyWindowsServer2019FullContainer = "WindowsServer2019FullContainer" NodeImageFamilyWindowsServer2022CoreContainer = "WindowsServer2022CoreContainer" NodeImageFamilyWindowsServer2022FullContainer = "WindowsServer2022FullContainer" )
Values for `NodeAMIFamily` All valid values of supported families should go in this block
const ( NodeImageFamilyWindowsServer2004CoreContainer = "WindowsServer2004CoreContainer" NodeImageFamilyWindowsServer20H2CoreContainer = "WindowsServer20H2CoreContainer" )
Deprecated `NodeAMIFamily`
const ( ContainerRuntimeContainerD = "containerd" ContainerRuntimeDockerD = "dockerd" ContainerRuntimeDockerForWindows = "docker" )
Container runtime values.
const ( // DefaultNodeType is the default instance type to use for nodes DefaultNodeType = "m5.large" // DefaultNodeCount defines the default number of nodes to be created DefaultNodeCount = 2 // DefaultMaxSize defines the default maximum number of nodes inside the ASG DefaultMaxSize = 1 // NodeImageResolverAuto represents auto AMI resolver (see ami package) NodeImageResolverAuto = "auto" // NodeImageResolverAutoSSM is used to indicate that the latest EKS AMIs should be used for the nodes. The AMI is selected // using an SSM GetParameter query NodeImageResolverAutoSSM = "auto-ssm" // EksctlVersionTag defines the version of eksctl which is used to provision or update EKS cluster EksctlVersionTag = "alpha.eksctl.io/eksctl-version" // ClusterNameTag defines the tag of the cluster name ClusterNameTag = "alpha.eksctl.io/cluster-name" // ClusterOIDCEnabledTag determines whether OIDC is enabled or not. ClusterOIDCEnabledTag = "alpha.eksctl.io/cluster-oidc-enabled" // OldClusterNameTag defines the tag of the cluster name OldClusterNameTag = "eksctl.cluster.k8s.io/v1alpha1/cluster-name" // NodeGroupNameTag defines the tag of the nodegroup name NodeGroupNameTag = "alpha.eksctl.io/nodegroup-name" // NodeGroupTypeTag defines the nodegroup type as managed or unmanaged NodeGroupTypeTag = "alpha.eksctl.io/nodegroup-type" // OldNodeGroupNameTag defines the tag of the nodegroup name OldNodeGroupNameTag = "eksctl.io/v1alpha2/nodegroup-name" // OldNodeGroupIDTag defines the old version of tag of the nodegroup name OldNodeGroupIDTag = "eksctl.cluster.k8s.io/v1alpha1/nodegroup-id" // IAMServiceAccountNameTag defines the tag of the IAM service account name IAMServiceAccountNameTag = "alpha.eksctl.io/iamserviceaccount-name" // AddonNameTag defines the tag of the IAM service account name AddonNameTag = "alpha.eksctl.io/addon-name" // ClusterNameLabel defines the tag of the cluster name ClusterNameLabel = "alpha.eksctl.io/cluster-name" // NodeGroupNameLabel defines the label of the nodegroup name NodeGroupNameLabel = "alpha.eksctl.io/nodegroup-name" // KarpenterNameTag defines the tag of the Karpenter stack name KarpenterNameTag = "alpha.eksctl.io/karpenter-name" // KarpenterVersionTag defines the tag for Karpenter's version KarpenterVersionTag = "alpha.eksctl.io/karpenter-version" EKSNodeGroupNameLabel = "eks.amazonaws.com/nodegroup" // SpotAllocationStrategyLowestPrice defines the ASG spot allocation strategy of lowest-price SpotAllocationStrategyLowestPrice = "lowest-price" // SpotAllocationStrategyCapacityOptimized defines the ASG spot allocation strategy of capacity-optimized SpotAllocationStrategyCapacityOptimized = "capacity-optimized" // SpotAllocationStrategyCapacityOptimizedPrioritized defines the ASG spot allocation strategy of capacity-optimized-prioritized // Use the capacity-optimized-prioritized allocation strategy and then set the order of instance types in // the list of launch template overrides from highest to lowest priority (first to last in the list). // Amazon EC2 Auto Scaling honors the instance type priorities on a best-effort basis but optimizes // for capacity first. This is a good option for workloads where the possibility of disruption must be // minimized, but also the preference for certain instance types matters. // https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-purchase-options.html#asg-spot-strategy SpotAllocationStrategyCapacityOptimizedPrioritized = "capacity-optimized-prioritized" )
const ( // NodeVolumeTypeGP2 is General Purpose SSD NodeVolumeTypeGP2 = "gp2" // NodeVolumeTypeGP3 is General Purpose SSD which can be optimised for high throughput (default) NodeVolumeTypeGP3 = "gp3" // NodeVolumeTypeIO1 is Provisioned IOPS SSD NodeVolumeTypeIO1 = "io1" // NodeVolumeTypeSC1 is Cold HDD NodeVolumeTypeSC1 = "sc1" // NodeVolumeTypeST1 is Throughput Optimized HDD NodeVolumeTypeST1 = "st1" )
Values for `VolumeType`
const ( // NodeGroupTypeManaged defines a managed nodegroup NodeGroupTypeManaged NodeGroupType = "managed" // NodeGroupTypeUnmanaged defines an unmanaged nodegroup NodeGroupTypeUnmanaged NodeGroupType = "unmanaged" // NodeGroupTypeUnowned defines an unowned managed nodegroup NodeGroupTypeUnowned NodeGroupType = "unowned" // DefaultNodeVolumeThroughput defines the default throughput for gp3 volumes, set to the min value DefaultNodeVolumeThroughput = 125 // DefaultNodeVolumeIO1IOPS defines the default throughput for io1 volumes, set to the min value DefaultNodeVolumeIO1IOPS = 100 // DefaultNodeVolumeGP3IOPS defines the default throughput for gp3, set to the min value DefaultNodeVolumeGP3IOPS = 3000 )
const ( // IPV4Family defines an IP family of v4 to be used when creating a new VPC and cluster. IPV4Family = "IPv4" // IPV6Family defines an IP family of v6 to be used when creating a new VPC and cluster. IPV6Family = "IPv6" )
Values for `IPFamily`
const ( VPCCNIAddon = "vpc-cni" KubeProxyAddon = "kube-proxy" CoreDNSAddon = "coredns" AWSEBSCSIDriverAddon = "aws-ebs-csi-driver" )
Values for core addons
const ( OpenCapacityReservation = "open" NoneCapacityReservation = "none" )
Values for Capacity Reservation Preference
const ( MinThroughput = DefaultNodeVolumeThroughput MaxThroughput = 1000 MinIO1Iops = DefaultNodeVolumeIO1IOPS MaxIO1Iops = 64000 MinGP3Iops = DefaultNodeVolumeGP3IOPS MaxGP3Iops = 16000 OneDay = 86400 )
const ( // ClusterHighlyAvailableNAT configures a highly available NAT gateway ClusterHighlyAvailableNAT = "HighlyAvailable" // ClusterSingleNAT configures a single NAT gateway ClusterSingleNAT = "Single" // ClusterDisableNAT disables NAT ClusterDisableNAT = "Disable" // (default) ClusterNATDefault = ClusterSingleNAT )
Values for `ClusterNAT`
const ( // MinRequiredSubnets is the minimum required number of subnets MinRequiredSubnets = 2 // OutpostsMinRequiredSubnets is the minimum required number of subnets for Outposts. OutpostsMinRequiredSubnets = 1 // MinRequiredAvailabilityZones defines the minimum number of required availability zones MinRequiredAvailabilityZones = MinRequiredSubnets // RecommendedSubnets is the recommended number of subnets RecommendedSubnets = 3 // RecommendedAvailabilityZones defines the default number of required availability zones RecommendedAvailabilityZones = RecommendedSubnets // SubnetTopologyPrivate represents privately-routed subnets SubnetTopologyPrivate SubnetTopology = "Private" // SubnetTopologyPublic represents publicly-routed subnets SubnetTopologyPublic SubnetTopology = "Public" )
const (
// AWSDebugLevel defines the LogLevel for AWS produced logs
AWSDebugLevel = 5
)
const (
AnnotationEKSRoleARN = "eks.amazonaws.com/role-arn"
)
Commonly-used constants
const (
IAMPolicyAmazonEKSCNIPolicy = "AmazonEKS_CNI_Policy"
)
const ReservedProfileNamePrefix = "eks-"
ReservedProfileNamePrefix defines the Fargate profile name prefix reserved for AWS, and which therefore, cannot be used by users. AWS' API should reject the creation of profiles starting with this prefix, but we eagerly validate this client-side.
const (
// Version1_25 represents Kubernetes version 1.25.x
Version1_25 = "1.25"
)
Not yet supported versions
Variables ¶
var ( // EndpointServiceS3 is an EndpointService for S3. EndpointServiceS3 = EndpointService{ Name: "s3", } // EndpointServiceCloudWatch is an EndpointService for CloudWatch Logs. EndpointServiceCloudWatch = EndpointService{ Name: "logs", Optional: true, } )
var ( SchemeGroupVersion = schema.GroupVersion{Group: api.GroupName, Version: CurrentGroupVersion} SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) AddToScheme = SchemeBuilder.AddToScheme )
Conventional Kubernetes API variables
var ( // DefaultWaitTimeout defines the default wait timeout DefaultWaitTimeout = 25 * time.Minute // DefaultNodeSSHPublicKeyPath is the default path to SSH public key DefaultNodeSSHPublicKeyPath = "~/.ssh/id_rsa.pub" // DefaultNodeVolumeType defines the default root volume type to use for // non-Outpost clusters. DefaultNodeVolumeType = NodeVolumeTypeGP3 // DefaultNodeVolumeSize defines the default root volume size DefaultNodeVolumeSize = 80 )
var ( // ErrClusterEndpointNoAccess indicates the config prevents API access ErrClusterEndpointNoAccess = errors.New("Kubernetes API access must have one of public or private clusterEndpoints enabled") // ErrClusterEndpointPrivateOnly warns private-only access requires changes // to AWS resource configuration in order to effectively use clients in the VPC ErrClusterEndpointPrivateOnly = errors.New("warning, having public access disallowed will subsequently interfere with some " + "features of eksctl. This will require running subsequent eksctl (and Kubernetes) " + "commands/API calls from within the VPC. Running these in the VPC requires making " + "updates to some AWS resources. See: " + "https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html " + "for more details") )
var (
AWSNodeMeta = ClusterIAMMeta{
Name: "aws-node",
Namespace: "kube-system",
}
)
var ( // DefaultIPFamily defines the default IP family to use when creating a new VPC and cluster. DefaultIPFamily = IPV4Family )
var EndpointServices = []EndpointService{ { Name: "ec2", RequiresChinaPrefix: true, }, { Name: "ecr.api", RequiresChinaPrefix: true, }, { Name: "ecr.dkr", RequiresChinaPrefix: true, }, EndpointServiceS3, { Name: "sts", RequiresChinaPrefix: true, }, { Name: "ssm", OutpostsOnly: true, }, { Name: "ssmmessages", OutpostsOnly: true, }, { Name: "ec2messages", OutpostsOnly: true, }, { Name: "secretsmanager", OutpostsOnly: true, }, { Name: "cloudformation", Optional: true, RequiresChinaPrefix: true, }, { Name: "autoscaling", Optional: true, }, EndpointServiceCloudWatch, }
EndpointServices is a list of supported endpoint services.
var LogRetentionInDaysValues = []int{1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653}
var SchemaJSON string
SchemaJSON contains the schema
Functions ¶
func ClusterConfigTypeMeta ¶
ClusterConfigTypeMeta constructs TypeMeta for ClusterConfig
func ClusterHasInstanceType ¶
func ClusterHasInstanceType(cfg *ClusterConfig, hasType func(string) bool) bool
ClusterHasInstanceType checks all nodegroups and managed nodegroups for a specific instance type
func DeprecatedVersions ¶
func DeprecatedVersions() []string
DeprecatedVersions are the versions of Kubernetes that EKS used to support but no longer does. See also: https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html
func Disabled ¶
func Disabled() *bool
Disabled return pointer to false value for use in defaulters of *bool fields
func EKSResourceAccountID ¶
EKSResourceAccountID provides worker node resources(ami/ecr image) in different aws account for different aws partitions & opt-in regions.
func Enabled ¶
func Enabled() *bool
Enabled return pointer to true value for use in defaulters of *bool fields
func EndpointsEqual ¶
func EndpointsEqual(a, b ClusterEndpoints) bool
EndpointsEqual returns true of two endpoints have same values after dereferencing any pointers
func ErrInvalidName ¶
errInvalidName error when invalid characters for a name is provided
func HasInstanceType ¶
HasInstanceType returns whether some node in the group fulfils the type check
func HasInstanceTypeManaged ¶
func HasInstanceTypeManaged(nodeGroup *ManagedNodeGroup, hasType func(string) bool) bool
HasInstanceTypeManaged returns whether some node in the managed group fulfils the type check
func HasMixedInstances ¶
HasMixedInstances checks if a nodegroup has mixed instances option declared
func ImportSubnet ¶
func ImportSubnet(subnets AZSubnetMapping, subnet *ec2types.Subnet, makeSubnetAlias func(*ec2types.Subnet) string) error
ImportSubnet loads a given subnet into ClusterConfig. Note that the user must use either AZs as keys OR names as keys and specify
the ID (optionally with AZ and CIDR) OR AZ, optionally with CIDR.
If a user specifies a subnet by AZ without CIDR and ID but multiple subnets exist in this VPC, one will be arbitrarily chosen.
func IsDeprecatedVersion ¶
IsDeprecatedVersion returns true if the given Kubernetes version has been deprecated in EKS
func IsDisabled ¶
IsDisabled will only return true if v is not nil and false
func IsInvalidNameArg ¶
IsInvalidNameArg checks whether the name contains invalid characters
func IsSetAndNonEmptyString ¶
IsSetAndNonEmptyString will only return true if s is not nil and not empty
func IsSupportedVersion ¶
IsSupportedVersion returns true if the given Kubernetes version is supported by eksctl and EKS
func IsWindowsImage ¶
IsWindowsImage reports whether the AMI family is for Windows
func PrivateOnly ¶
func PrivateOnly(ces *ClusterEndpoints) bool
PrivateOnly returns true if public cluster endpoint access is disabled and private cluster endpoint access is enabled, and false otherwise
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
func SelectInstanceType ¶
SelectInstanceType determines which instanceType is relevant for selecting an AMI If the nodegroup has mixed instances it will prefer a GPU instance type over a general class one This is to make sure that the AMI that is selected later is valid for all the types
func SetClusterConfigDefaults ¶
func SetClusterConfigDefaults(cfg *ClusterConfig)
SetClusterConfigDefaults will set defaults for a given cluster
func SetClusterEndpointAccessDefaults ¶
func SetClusterEndpointAccessDefaults(vpc *ClusterVPC)
SetClusterEndpointAccessDefaults sets the default values for cluster endpoint access
func SetManagedNodeGroupDefaults ¶
func SetManagedNodeGroupDefaults(ng *ManagedNodeGroup, meta *ClusterMeta, controlPlaneOnOutposts bool)
SetManagedNodeGroupDefaults sets default values for a ManagedNodeGroup
func SetNodeGroupDefaults ¶
func SetNodeGroupDefaults(ng *NodeGroup, meta *ClusterMeta, controlPlaneOnOutposts bool)
SetNodeGroupDefaults will set defaults for a given nodegroup
func SupportedCloudWatchClusterLogTypes ¶
func SupportedCloudWatchClusterLogTypes() []string
SupportedCloudWatchClusterLogTypes returns all supported logging facilities
func SupportedNodeVolumeTypes ¶
func SupportedNodeVolumeTypes() []string
SupportedNodeVolumeTypes are the volume types that can be used for a node root volume
func SupportedRegions ¶
func SupportedRegions() []string
SupportedRegions are the regions where EKS is available
func SupportedVersions ¶
func SupportedVersions() []string
SupportedVersions are the versions of Kubernetes that EKS supports
func ValidateAdditionalEndpointServices ¶
ValidateAdditionalEndpointServices validates support for the specified additional endpoint services.
func ValidateClusterConfig ¶
func ValidateClusterConfig(cfg *ClusterConfig) error
ValidateClusterConfig checks compatible fields of a given ClusterConfig
func ValidateClusterVersion ¶
func ValidateClusterVersion(clusterConfig *ClusterConfig) error
ValidateClusterVersion validates the cluster version.
func ValidateManagedNodeGroup ¶
func ValidateManagedNodeGroup(index int, ng *ManagedNodeGroup) error
ValidateManagedNodeGroup validates a ManagedNodeGroup and sets some defaults
func ValidateNodeGroup ¶
func ValidateNodeGroup(i int, ng *NodeGroup, cfg *ClusterConfig) error
ValidateNodeGroup checks compatible fields of a given nodegroup
func ValidateSecretsEncryption ¶
func ValidateSecretsEncryption(clusterConfig *ClusterConfig) error
Types ¶
type AZSubnetMapping ¶
type AZSubnetMapping map[string]AZSubnetSpec
AZSubnetMapping holds subnet to AZ mappings. If the key is an AZ, that also becomes the name of the subnet otherwise use the key to refer to this subnet. Schema type is `map[string]AZSubnetSpec`
func AZSubnetMappingFromMap ¶
func AZSubnetMappingFromMap(m map[string]AZSubnetSpec) AZSubnetMapping
func NewAZSubnetMapping ¶
func NewAZSubnetMapping() AZSubnetMapping
func (AZSubnetMapping) DeepCopy ¶
func (in AZSubnetMapping) DeepCopy() AZSubnetMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AZSubnetMapping.
func (AZSubnetMapping) DeepCopyInto ¶
func (in AZSubnetMapping) DeepCopyInto(out *AZSubnetMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AZSubnetMapping) SelectOutpostSubnetIDs ¶
func (m AZSubnetMapping) SelectOutpostSubnetIDs() []string
SelectOutpostSubnetIDs returns all subnets that are on Outposts.
func (*AZSubnetMapping) Set ¶
func (m *AZSubnetMapping) Set(name string, spec AZSubnetSpec)
func (*AZSubnetMapping) SetAZ ¶
func (m *AZSubnetMapping) SetAZ(az string, spec Network)
func (*AZSubnetMapping) UnmarshalJSON ¶
func (m *AZSubnetMapping) UnmarshalJSON(b []byte) error
UnmarshalJSON parses JSON data into a value
func (*AZSubnetMapping) WithAZs ¶
func (m *AZSubnetMapping) WithAZs() []string
WithAZs returns list of subnet AZs
func (*AZSubnetMapping) WithCIDRs ¶
func (m *AZSubnetMapping) WithCIDRs() []string
WithCIDRs returns list of subnet CIDRs
func (*AZSubnetMapping) WithIDs ¶
func (m *AZSubnetMapping) WithIDs() []string
WithIDs returns list of subnet ids
type AZSubnetSpec ¶
type AZSubnetSpec struct { // +optional ID string `json:"id,omitempty"` // AZ is the zone name for this subnet, it can either be an availability zone name // or a local zone name. // AZ can be omitted if the key is an AZ. // +optional AZ string `json:"az,omitempty"` // +optional CIDR *ipnet.IPNet `json:"cidr,omitempty"` CIDRIndex int `json:"-"` OutpostARN string `json:"-"` }
func (*AZSubnetSpec) DeepCopy ¶
func (in *AZSubnetSpec) DeepCopy() *AZSubnetSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AZSubnetSpec.
func (*AZSubnetSpec) DeepCopyInto ¶
func (in *AZSubnetSpec) DeepCopyInto(out *AZSubnetSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Addon ¶
type Addon struct { // +required Name string `json:"name,omitempty"` // +optional Version string `json:"version,omitempty"` // +optional ServiceAccountRoleARN string `json:"serviceAccountRoleARN,omitempty"` // list of ARNs of the IAM policies to attach // +optional AttachPolicyARNs []string `json:"attachPolicyARNs,omitempty"` // AttachPolicy holds a policy document to attach // +optional AttachPolicy InlineDocument `json:"attachPolicy,omitempty"` // ARN of the permissions' boundary to associate // +optional PermissionsBoundary string `json:"permissionsBoundary,omitempty"` // WellKnownPolicies for attaching common IAM policies WellKnownPolicies WellKnownPolicies `json:"wellKnownPolicies,omitempty"` // The metadata to apply to the cluster to assist with categorization and organization. // Each tag consists of a key and an optional value, both of which you define. // +optional Tags map[string]string `json:"tags,omitempty"` // ResolveConflicts determines how to resolve field value conflicts for an EKS add-on // if a value was changed from default ResolveConflicts ekstypes.ResolveConflicts `json:"resolveConflicts,omitempty"` // ConfigurationValues defines the set of configuration properties for add-ons. // For now, all properties will be specified as a JSON string // and have to respect the schema from DescribeAddonConfiguration. // +optional ConfigurationValues string `json:"configurationValues,omitempty"` // Force overwrites an existing self-managed add-on with an EKS managed add-on. // Force is intended to be used when migrating an existing self-managed add-on to an EKS managed add-on. Force bool `json:"-"` // +optional Publishers []string `json:"publishers,omitempty"` // +optional Types []string `json:"types,omitempty"` // +optional Owners []string `json:"owners,omitempty"` }
Addon holds the EKS addon configuration
func (Addon) CanonicalName ¶
func (*Addon) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Addon.
func (*Addon) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CapacityReservation ¶
type CapacityReservation struct { // CapacityReservationPreference defines a nodegroup's Capacity Reservation preferences (either 'open' or 'none') CapacityReservationPreference *string `json:"capacityReservationPreference,omitempty"` // CapacityReservationTarget defines a nodegroup's target Capacity Reservation or Capacity Reservation group (not both at the same time). CapacityReservationTarget *CapacityReservationTarget `json:"capacityReservationTarget,omitempty"` }
CapacityReservation defines a nodegroup's Capacity Reservation targeting option +optional
func (*CapacityReservation) DeepCopy ¶
func (in *CapacityReservation) DeepCopy() *CapacityReservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapacityReservation.
func (*CapacityReservation) DeepCopyInto ¶
func (in *CapacityReservation) DeepCopyInto(out *CapacityReservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CapacityReservationTarget ¶
type CapacityReservationTarget struct { CapacityReservationID *string `json:"capacityReservationID,omitempty"` CapacityReservationResourceGroupARN *string `json:"capacityReservationResourceGroupARN,omitempty"` }
func (*CapacityReservationTarget) DeepCopy ¶
func (in *CapacityReservationTarget) DeepCopy() *CapacityReservationTarget
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapacityReservationTarget.
func (*CapacityReservationTarget) DeepCopyInto ¶
func (in *CapacityReservationTarget) DeepCopyInto(out *CapacityReservationTarget)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterCloudWatch ¶
type ClusterCloudWatch struct { //+optional ClusterLogging *ClusterCloudWatchLogging `json:"clusterLogging,omitempty"` }
ClusterCloudWatch contains config parameters related to CloudWatch
func (*ClusterCloudWatch) DeepCopy ¶
func (in *ClusterCloudWatch) DeepCopy() *ClusterCloudWatch
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCloudWatch.
func (*ClusterCloudWatch) DeepCopyInto ¶
func (in *ClusterCloudWatch) DeepCopyInto(out *ClusterCloudWatch)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterCloudWatchLogging ¶
type ClusterCloudWatchLogging struct { // Types of logging to enable (see [CloudWatch docs](/usage/cloudwatch-cluster-logging/#clusterconfig-examples)). // Valid entries are `CloudWatchLogging` constants //+optional EnableTypes []string `json:"enableTypes,omitempty"` // LogRetentionInDays sets the number of days to retain the logs for (see [CloudWatch docs](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutRetentionPolicy.html#API_PutRetentionPolicy_RequestSyntax)) . // Valid values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, // 1827, and 3653. //+optional LogRetentionInDays int `json:"logRetentionInDays,omitempty"` }
ClusterCloudWatchLogging container config parameters related to cluster logging
func (*ClusterCloudWatchLogging) DeepCopy ¶
func (in *ClusterCloudWatchLogging) DeepCopy() *ClusterCloudWatchLogging
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterCloudWatchLogging.
func (*ClusterCloudWatchLogging) DeepCopyInto ¶
func (in *ClusterCloudWatchLogging) DeepCopyInto(out *ClusterCloudWatchLogging)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterConfig ¶
type ClusterConfig struct { metav1.TypeMeta // +required Metadata *ClusterMeta `json:"metadata"` // +optional KubernetesNetworkConfig *KubernetesNetworkConfig `json:"kubernetesNetworkConfig,omitempty"` // +optional IAM *ClusterIAM `json:"iam,omitempty"` // +optional IAMIdentityMappings []*IAMIdentityMapping `json:"iamIdentityMappings,omitempty"` // +optional IdentityProviders []IdentityProvider `json:"identityProviders,omitempty"` // +optional VPC *ClusterVPC `json:"vpc,omitempty"` // +optional Addons []*Addon `json:"addons,omitempty"` // PrivateCluster allows configuring a fully-private cluster // in which no node has outbound internet access, and private access // to AWS services is enabled via VPC endpoints // +optional PrivateCluster *PrivateCluster `json:"privateCluster,omitempty"` // NodeGroups For information and examples see [nodegroups](/usage/managing-nodegroups) // +optional NodeGroups []*NodeGroup `json:"nodeGroups,omitempty"` // ManagedNodeGroups See [Nodegroups usage](/usage/managing-nodegroups) // and [managed nodegroups](/usage/eks-managed-nodes/) // +optional ManagedNodeGroups []*ManagedNodeGroup `json:"managedNodeGroups,omitempty"` // +optional FargateProfiles []*FargateProfile `json:"fargateProfiles,omitempty"` // +optional AvailabilityZones []string `json:"availabilityZones,omitempty"` // LocalZones specifies a list of local zones where the subnets should be created. // Only self-managed nodegroups can be launched in local zones. These subnets are not passed to EKS. // +optional LocalZones []string `json:"localZones,omitempty"` // See [CloudWatch support](/usage/cloudwatch-cluster-logging/) // +optional CloudWatch *ClusterCloudWatch `json:"cloudWatch,omitempty"` // +optional SecretsEncryption *SecretsEncryption `json:"secretsEncryption,omitempty"` Status *ClusterStatus `json:"-"` // future gitops plans, replacing the Git configuration above // +optional GitOps *GitOps `json:"gitops,omitempty"` // Karpenter specific configuration options. // +optional Karpenter *Karpenter `json:"karpenter,omitempty"` // Outpost specifies the Outpost configuration. // +optional Outpost *Outpost `json:"outpost,omitempty"` }
ClusterConfig is a simple config, to be replaced with Cluster API
func NewClusterConfig ¶
func NewClusterConfig() *ClusterConfig
NewClusterConfig creates new config for a cluster; it doesn't include initial nodegroup, so user must call NewNodeGroup to create one
func (*ClusterConfig) AllNodeGroups ¶
func (c *ClusterConfig) AllNodeGroups() []*NodeGroupBase
AllNodeGroups combines managed and self-managed nodegroups and returns a slice of *api.NodeGroupBase containing both types of nodegroups
func (*ClusterConfig) AppendAvailabilityZone ¶
func (c *ClusterConfig) AppendAvailabilityZone(newAZ string)
AppendAvailabilityZone appends a new AZ to the set
func (*ClusterConfig) AppendClusterCloudWatchLogTypes ¶
func (c *ClusterConfig) AppendClusterCloudWatchLogTypes(types ...string)
AppendClusterCloudWatchLogTypes will append given log types to the config structure
func (*ClusterConfig) CanUseForPrivateNodeGroups ¶
func (c *ClusterConfig) CanUseForPrivateNodeGroups() error
CanUseForPrivateNodeGroups checks whether specified NodeGroups have enough private subnets when private networking is enabled
func (*ClusterConfig) ContainsWildcardCloudWatchLogging ¶
func (c *ClusterConfig) ContainsWildcardCloudWatchLogging() bool
func (*ClusterConfig) CustomEndpointsMsg ¶
func (c *ClusterConfig) CustomEndpointsMsg() string
CustomEndpointsMsg returns a message indicating the EndpointAccess given by the user.
func (*ClusterConfig) DeepCopy ¶
func (in *ClusterConfig) DeepCopy() *ClusterConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterConfig.
func (*ClusterConfig) DeepCopyInto ¶
func (in *ClusterConfig) DeepCopyInto(out *ClusterConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterConfig) DeepCopyObject ¶
func (in *ClusterConfig) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*ClusterConfig) DefaultEndpointsMsg ¶
func (c *ClusterConfig) DefaultEndpointsMsg() string
DefaultEndpointsMsg returns a message that the EndpointAccess is the same as the default.
func (*ClusterConfig) FindNodeGroupOutpostARN ¶
func (c *ClusterConfig) FindNodeGroupOutpostARN() (outpostARN string, found bool)
FindNodeGroupOutpostARN finds nodegroups that are on Outposts and returns the Outpost ARN.
func (*ClusterConfig) FindNodegroup ¶
func (c *ClusterConfig) FindNodegroup(name string) (*NodeGroupBase, error)
FindNodegroup checks if the clusterConfig contains a nodegroup with the given name
func (*ClusterConfig) GetAllNodeGroupNames ¶
func (c *ClusterConfig) GetAllNodeGroupNames() []string
GetAllNodeGroupNames collects and returns names for both managed and unmanaged nodegroups
func (*ClusterConfig) GetOutpost ¶
func (c *ClusterConfig) GetOutpost() *Outpost
GetOutpost returns the Outpost info.
func (*ClusterConfig) GetStatus ¶
func (c *ClusterConfig) GetStatus() *ClusterStatus
GetStatus returns the cluster status.
func (*ClusterConfig) HasAnySubnets ¶
func (c *ClusterConfig) HasAnySubnets() bool
HasAnySubnets checks if any subnets were set
func (*ClusterConfig) HasClusterCloudWatchLogging ¶
func (c *ClusterConfig) HasClusterCloudWatchLogging() bool
HasClusterCloudWatchLogging determines if cluster logging was enabled or not
func (*ClusterConfig) HasClusterEndpointAccess ¶
func (c *ClusterConfig) HasClusterEndpointAccess() bool
HasClusterEndpointAccess determines if endpoint access was configured in config file or not.
func (*ClusterConfig) HasGitOpsFluxConfigured ¶
func (c *ClusterConfig) HasGitOpsFluxConfigured() bool
HasGitOpsFluxConfigured returns true if gitops.flux configuration is not nil
func (ClusterConfig) HasNodes ¶
func (c ClusterConfig) HasNodes() bool
func (*ClusterConfig) HasPrivateEndpointAccess ¶
func (c *ClusterConfig) HasPrivateEndpointAccess() bool
func (*ClusterConfig) HasSufficientPrivateSubnets ¶
func (c *ClusterConfig) HasSufficientPrivateSubnets() bool
HasSufficientPrivateSubnets validates if there is a sufficient number of private subnets available to create a cluster
func (*ClusterConfig) HasSufficientSubnets ¶
func (c *ClusterConfig) HasSufficientSubnets() error
HasSufficientSubnets validates if there is a sufficient number of either private and/or public subnets available to create a cluster, i.e. either non-zero of public or private, and not less then MinRequiredSubnets of each, but allowing to have public-only or private-only
func (*ClusterConfig) HasWindowsNodeGroup ¶
func (c *ClusterConfig) HasWindowsNodeGroup() bool
HasWindowsNodeGroup reports whether the cluster contains any Windows nodegroups.
func (*ClusterConfig) IPv6Enabled ¶
func (c *ClusterConfig) IPv6Enabled() bool
func (*ClusterConfig) IsControlPlaneOnOutposts ¶
func (c *ClusterConfig) IsControlPlaneOnOutposts() bool
IsControlPlaneOnOutposts returns true if the control plane is on Outposts.
func (ClusterConfig) IsFargateEnabled ¶
func (c ClusterConfig) IsFargateEnabled() bool
IsFargateEnabled returns true if Fargate is enabled in this ClusterConfig, or false otherwise.
func (*ClusterConfig) IsFullyPrivate ¶
func (c *ClusterConfig) IsFullyPrivate() bool
IsFullyPrivate returns true if this is a fully-private cluster.
func (ClusterConfig) LogString ¶
func (c ClusterConfig) LogString() string
LogString returns representation of ClusterConfig for logs
func (*ClusterConfig) Meta ¶
func (c *ClusterConfig) Meta() *ClusterMeta
Meta returns the cluster metadata.
func (*ClusterConfig) NewNodeGroup ¶
func (c *ClusterConfig) NewNodeGroup() *NodeGroup
NewNodeGroup creates new nodegroup inside cluster config, it returns pointer to the nodegroup for convenience
func (*ClusterConfig) SetClusterState ¶
func (c *ClusterConfig) SetClusterState(cluster *ekstypes.Cluster) error
SetClusterState updates the cluster state and populates the ClusterStatus using *eks.Cluster.
func (*ClusterConfig) SetDefaultFargateProfile ¶
func (c *ClusterConfig) SetDefaultFargateProfile()
SetDefaultFargateProfile configures this ClusterConfig to have a single Fargate profile called "default", with two selectors matching respectively the "default" and "kube-system" Kubernetes namespaces.
func (*ClusterConfig) SubnetInfo ¶
func (c *ClusterConfig) SubnetInfo() string
SubnetInfo returns a string containing VPC subnet information Useful for error messages and logs
func (*ClusterConfig) UpdateEndpointsMsg ¶
func (c *ClusterConfig) UpdateEndpointsMsg() string
UpdateEndpointsMsg returns a message indicating that they need to use `eksctl utils` to make this config.
func (*ClusterConfig) ValidateClusterEndpointConfig ¶
func (c *ClusterConfig) ValidateClusterEndpointConfig() error
ValidateClusterEndpointConfig checks the endpoint configuration for potential issues
func (*ClusterConfig) ValidatePrivateCluster ¶
func (c *ClusterConfig) ValidatePrivateCluster() error
ValidatePrivateCluster validates the private cluster config
func (*ClusterConfig) ValidateVPCConfig ¶
func (c *ClusterConfig) ValidateVPCConfig() error
ValidateVPCConfig validates the vpc setting if it is defined.
type ClusterConfigList ¶
type ClusterConfigList struct { metav1.TypeMeta metav1.ListMeta `json:"metadata"` Items []ClusterConfig `json:"items"` }
ClusterConfigList is a list of ClusterConfigs
func (*ClusterConfigList) DeepCopy ¶
func (in *ClusterConfigList) DeepCopy() *ClusterConfigList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterConfigList.
func (*ClusterConfigList) DeepCopyInto ¶
func (in *ClusterConfigList) DeepCopyInto(out *ClusterConfigList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterConfigList) DeepCopyObject ¶
func (in *ClusterConfigList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterEndpoints ¶
type ClusterEndpoints struct { PrivateAccess *bool `json:"privateAccess,omitempty"` PublicAccess *bool `json:"publicAccess,omitempty"` }
ClusterEndpoints holds cluster api server endpoint access information
func ClusterEndpointAccessDefaults ¶
func ClusterEndpointAccessDefaults() *ClusterEndpoints
ClusterEndpointAccessDefaults returns a ClusterEndpoints pointer with default values set.
func (*ClusterEndpoints) DeepCopy ¶
func (in *ClusterEndpoints) DeepCopy() *ClusterEndpoints
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterEndpoints.
func (*ClusterEndpoints) DeepCopyInto ¶
func (in *ClusterEndpoints) DeepCopyInto(out *ClusterEndpoints)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterIAM ¶
type ClusterIAM struct { // +optional ServiceRoleARN *string `json:"serviceRoleARN,omitempty"` // permissions boundary for all identity-based entities created by eksctl. // See [AWS Permission Boundary](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) // +optional ServiceRolePermissionsBoundary *string `json:"serviceRolePermissionsBoundary,omitempty"` // role used by pods to access AWS APIs. This role is added to the Kubernetes RBAC for authorization. // See [Pod Execution Role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) // +optional FargatePodExecutionRoleARN *string `json:"fargatePodExecutionRoleARN,omitempty"` // permissions boundary for the fargate pod execution role`. See [EKS Fargate Support](/usage/fargate-support/) // +optional FargatePodExecutionRolePermissionsBoundary *string `json:"fargatePodExecutionRolePermissionsBoundary,omitempty"` // enables the IAM OIDC provider as well as IRSA for the Amazon CNI plugin // +optional WithOIDC *bool `json:"withOIDC,omitempty"` // service accounts to create in the cluster. // See [IAM Service Accounts](/usage/iamserviceaccounts/#usage-with-config-files) // +optional ServiceAccounts []*ClusterIAMServiceAccount `json:"serviceAccounts,omitempty"` // VPCResourceControllerPolicy attaches the IAM policy // necessary to run the VPC controller in the control plane // Defaults to `true` VPCResourceControllerPolicy *bool `json:"vpcResourceControllerPolicy,omitempty"` }
ClusterIAM holds all IAM attributes of a cluster
func NewClusterIAM ¶
func NewClusterIAM() *ClusterIAM
NewClusterIAM creates a new ClusterIAM for a cluster
func (*ClusterIAM) DeepCopy ¶
func (in *ClusterIAM) DeepCopy() *ClusterIAM
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIAM.
func (*ClusterIAM) DeepCopyInto ¶
func (in *ClusterIAM) DeepCopyInto(out *ClusterIAM)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterIAMMeta ¶
type ClusterIAMMeta struct { // +optional Name string `json:"name,omitempty"` // +optional Namespace string `json:"namespace,omitempty"` // +optional Labels map[string]string `json:"labels,omitempty"` // +optional Annotations map[string]string `json:"annotations,omitempty"` }
ClusterIAMMeta holds information we can use to create ObjectMeta for service accounts
func ClusterIAMServiceAccountNameStringToClusterIAMMeta ¶
func ClusterIAMServiceAccountNameStringToClusterIAMMeta(name string) (*ClusterIAMMeta, error)
ClusterIAMServiceAccountNameStringToClusterIAMMeta constructs metav1.ObjectMeta from <ns>/<name> string
func (*ClusterIAMMeta) AsObjectMeta ¶
func (iamMeta *ClusterIAMMeta) AsObjectMeta() metav1.ObjectMeta
AsObjectMeta gives us the k8s ObjectMeta needed to create the service account
func (*ClusterIAMMeta) DeepCopy ¶
func (in *ClusterIAMMeta) DeepCopy() *ClusterIAMMeta
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIAMMeta.
func (*ClusterIAMMeta) DeepCopyInto ¶
func (in *ClusterIAMMeta) DeepCopyInto(out *ClusterIAMMeta)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterIAMServiceAccount ¶
type ClusterIAMServiceAccount struct { ClusterIAMMeta `json:"metadata,omitempty"` // list of ARNs of the IAM policies to attach // +optional AttachPolicyARNs []string `json:"attachPolicyARNs,omitempty"` WellKnownPolicies WellKnownPolicies `json:"wellKnownPolicies,omitempty"` // AttachPolicy holds a policy document to attach to this service account // +optional AttachPolicy InlineDocument `json:"attachPolicy,omitempty"` // ARN of the role to attach to the service account AttachRoleARN string `json:"attachRoleARN,omitempty"` // ARN of the permissions boundary to associate with the service account // +optional PermissionsBoundary string `json:"permissionsBoundary,omitempty"` // +optional Status *ClusterIAMServiceAccountStatus `json:"status,omitempty"` // Specific role name instead of the Cloudformation-generated role name // +optional RoleName string `json:"roleName,omitempty"` // Specify if only the IAM Service Account role should be created without creating/annotating the service account // +optional RoleOnly *bool `json:"roleOnly,omitempty"` // AWS tags for the service account // +optional Tags map[string]string `json:"tags,omitempty"` }
ClusterIAMServiceAccount holds an IAM service account metadata and configuration
func IAMServiceAccountsWithImplicitServiceAccounts ¶
func IAMServiceAccountsWithImplicitServiceAccounts(cfg *ClusterConfig) []*ClusterIAMServiceAccount
IAMServiceAccountsWithImplicitServiceAccounts adds implicitly created IAM SAs that need to be explicitly deleted.
func (*ClusterIAMServiceAccount) DeepCopy ¶
func (in *ClusterIAMServiceAccount) DeepCopy() *ClusterIAMServiceAccount
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIAMServiceAccount.
func (*ClusterIAMServiceAccount) DeepCopyInto ¶
func (in *ClusterIAMServiceAccount) DeepCopyInto(out *ClusterIAMServiceAccount)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterIAMServiceAccount) NameString ¶
func (sa *ClusterIAMServiceAccount) NameString() string
NameString returns common name string
func (*ClusterIAMServiceAccount) SetAnnotations ¶
func (sa *ClusterIAMServiceAccount) SetAnnotations()
SetAnnotations sets eks.amazonaws.com/role-arn annotation according to IAM role used
type ClusterIAMServiceAccountStatus ¶
type ClusterIAMServiceAccountStatus struct { // +optional RoleARN *string `json:"roleARN,omitempty"` }
ClusterIAMServiceAccountStatus holds status of the IAM service account
func (*ClusterIAMServiceAccountStatus) DeepCopy ¶
func (in *ClusterIAMServiceAccountStatus) DeepCopy() *ClusterIAMServiceAccountStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIAMServiceAccountStatus.
func (*ClusterIAMServiceAccountStatus) DeepCopyInto ¶
func (in *ClusterIAMServiceAccountStatus) DeepCopyInto(out *ClusterIAMServiceAccountStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterMeta ¶
type ClusterMeta struct { // Name of the cluster // +required Name string `json:"name"` // the AWS region hosting this cluster // +required Region string `json:"region"` // Valid variants are `KubernetesVersion` constants // +optional Version string `json:"version,omitempty"` // Tags are used to tag AWS resources created by eksctl // +optional Tags map[string]string `json:"tags,omitempty"` // Annotations are arbitrary metadata ignored by `eksctl`. // +optional Annotations map[string]string `json:"annotations,omitempty"` }
ClusterMeta contains general cluster information
func (*ClusterMeta) DeepCopy ¶
func (in *ClusterMeta) DeepCopy() *ClusterMeta
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterMeta.
func (*ClusterMeta) DeepCopyInto ¶
func (in *ClusterMeta) DeepCopyInto(out *ClusterMeta)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterMeta) LogString ¶
func (c *ClusterMeta) LogString() string
LogString returns representation of ClusterMeta for logs
func (*ClusterMeta) String ¶
func (c *ClusterMeta) String() string
String returns canonical representation of ClusterMeta
type ClusterNAT ¶
type ClusterNAT struct { // Valid variants are `ClusterNAT` constants Gateway *string `json:"gateway,omitempty"` }
ClusterNAT NAT config
func DefaultClusterNAT ¶
func DefaultClusterNAT() *ClusterNAT
DefaultClusterNAT will set the default value for Cluster NAT mode
func (*ClusterNAT) DeepCopy ¶
func (in *ClusterNAT) DeepCopy() *ClusterNAT
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterNAT.
func (*ClusterNAT) DeepCopyInto ¶
func (in *ClusterNAT) DeepCopyInto(out *ClusterNAT)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterProvider ¶
type ClusterProvider interface { CloudFormation() awsapi.CloudFormation CloudFormationRoleARN() string CloudFormationDisableRollback() bool ASG() awsapi.ASG EKS() awsapi.EKS SSM() awsapi.SSM CloudTrail() awsapi.CloudTrail CloudWatchLogs() awsapi.CloudWatchLogs IAM() awsapi.IAM Region() string Profile() Profile WaitTimeout() time.Duration ConfigProvider() client.ConfigProvider Session() *session.Session ELB() awsapi.ELB ELBV2() awsapi.ELBV2 STS() awsapi.STS STSPresigner() STSPresigner EC2() awsapi.EC2 Outposts() awsapi.Outposts }
ClusterProvider is the interface to AWS APIs
type ClusterStatus ¶
type ClusterStatus struct { Endpoint string `json:"endpoint,omitempty"` CertificateAuthorityData []byte `json:"certificateAuthorityData,omitempty"` ARN string `json:"arn,omitempty"` KubernetesNetworkConfig *KubernetesNetworkConfig `json:"-"` ID string `json:"-"` APIServerUnreachable bool `json:"-"` StackName string `json:"stackName,omitempty"` EKSCTLCreated EKSCTLCreated `json:"eksctlCreated,omitempty"` }
ClusterStatus holds read-only attributes of a cluster
func (*ClusterStatus) DeepCopy ¶
func (in *ClusterStatus) DeepCopy() *ClusterStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterStatus.
func (*ClusterStatus) DeepCopyInto ¶
func (in *ClusterStatus) DeepCopyInto(out *ClusterStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterSubnets ¶
type ClusterSubnets struct { Private AZSubnetMapping `json:"private,omitempty"` Public AZSubnetMapping `json:"public,omitempty"` }
ClusterSubnets holds private and public subnets
func (*ClusterSubnets) DeepCopy ¶
func (in *ClusterSubnets) DeepCopy() *ClusterSubnets
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterSubnets.
func (*ClusterSubnets) DeepCopyInto ¶
func (in *ClusterSubnets) DeepCopyInto(out *ClusterSubnets)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterVPC ¶
type ClusterVPC struct { // global CIDR and VPC ID // +optional Network // SecurityGroup (aka the ControlPlaneSecurityGroup) for communication between control plane and nodes // +optional SecurityGroup string `json:"securityGroup,omitempty"` // Subnets are keyed by AZ for convenience. // See [this example](/examples/reusing-iam-and-vpc/) // as well as [using existing // VPCs](/usage/vpc-networking/#use-existing-vpc-other-custom-configuration). // +optional Subnets *ClusterSubnets `json:"subnets,omitempty"` // LocalZoneSubnets represents subnets in local zones. // This field is used internally and is not part of the ClusterConfig schema. LocalZoneSubnets *ClusterSubnets `json:"-"` // for additional CIDR associations, e.g. a CIDR for // private subnets or any ad-hoc subnets // +optional ExtraCIDRs []string `json:"extraCIDRs,omitempty"` // for additional IPv6 CIDR associations, e.g. a CIDR for // private subnets or any ad-hoc subnets // +optional ExtraIPv6CIDRs []string `json:"extraIPv6CIDRs,omitempty"` SharedNodeSecurityGroup string `json:"sharedNodeSecurityGroup,omitempty"` // cluster security group and the shared node security group. // This allows unmanaged nodes to communicate with the control plane // and managed nodes. // This option cannot be disabled when using eksctl created security groups. // Defaults to `true` // +optional ManageSharedNodeSecurityGroupRules *bool `json:"manageSharedNodeSecurityGroupRules,omitempty"` // AutoAllocateIPV6 requests an IPv6 CIDR block with /56 prefix for the VPC // +optional AutoAllocateIPv6 *bool `json:"autoAllocateIPv6,omitempty"` // +optional NAT *ClusterNAT `json:"nat,omitempty"` // See [managing access to API](/usage/vpc-networking/#managing-access-to-the-kubernetes-api-server-endpoints) // +optional ClusterEndpoints *ClusterEndpoints `json:"clusterEndpoints,omitempty"` // PublicAccessCIDRs are which CIDR blocks to allow access to public // k8s API endpoint // +optional PublicAccessCIDRs []string `json:"publicAccessCIDRs,omitempty"` }
ClusterVPC holds global subnet and all child subnets
func NewClusterVPC ¶
func NewClusterVPC(ipv6Enabled bool) *ClusterVPC
NewClusterVPC creates new VPC config for a cluster
func (*ClusterVPC) DeepCopy ¶
func (in *ClusterVPC) DeepCopy() *ClusterVPC
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterVPC.
func (*ClusterVPC) DeepCopyInto ¶
func (in *ClusterVPC) DeepCopyInto(out *ClusterVPC)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterVPC) FindOutpostSubnetsARN ¶
func (v *ClusterVPC) FindOutpostSubnetsARN() (outpostARN string, found bool)
FindOutpostSubnetsARN finds all subnets that are on Outposts and returns the Outpost ARN.
type EKSCTLCreated ¶
type EKSCTLCreated string
type EndpointService ¶
type EndpointService struct { // Name is the name of the endpoint service. Name string // Optional specifies whether the service is optional. Optional bool // OutpostsOnly specifies whether the endpoint is required only for Outposts clusters. OutpostsOnly bool // RequiresChinaPrefix is true if the endpoint service requires a prefix for China regions. RequiresChinaPrefix bool }
EndpointService represents a VPC endpoint service.
func MapOptionalEndpointServices ¶
func MapOptionalEndpointServices(endpointServiceNames []string, cloudWatchLoggingEnabled bool) ([]EndpointService, error)
MapOptionalEndpointServices maps a list of endpoint service names to []EndpointService.
func RequiredEndpointServices ¶
func RequiredEndpointServices(controlPlaneOnOutposts bool) []EndpointService
RequiredEndpointServices returns a list of endpoint services that are required for a fully-private cluster.
func (*EndpointService) DeepCopy ¶
func (in *EndpointService) DeepCopy() *EndpointService
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointService.
func (*EndpointService) DeepCopyInto ¶
func (in *EndpointService) DeepCopyInto(out *EndpointService)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FargateProfile ¶
type FargateProfile struct { // Name of the Fargate profile. // +required Name string `json:"name"` // PodExecutionRoleARN is the IAM role's ARN to use to run pods onto Fargate. PodExecutionRoleARN string `json:"podExecutionRoleARN,omitempty"` // Selectors define the rules to select workload to schedule onto Fargate. Selectors []FargateProfileSelector `json:"selectors"` // Subnets which Fargate should use to do network placement of the selected workload. // If none provided, all subnets for the cluster will be used. // +optional Subnets []string `json:"subnets,omitempty"` // Used to tag the AWS resources // +optional Tags map[string]string `json:"tags,omitempty"` // The current status of the Fargate profile. Status string `json:"status"` }
FargateProfile defines the settings used to schedule workload onto Fargate.
func (*FargateProfile) DeepCopy ¶
func (in *FargateProfile) DeepCopy() *FargateProfile
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FargateProfile.
func (*FargateProfile) DeepCopyInto ¶
func (in *FargateProfile) DeepCopyInto(out *FargateProfile)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (FargateProfile) Validate ¶
func (fp FargateProfile) Validate() error
Validate validates this FargateProfile object.
type FargateProfileSelector ¶
type FargateProfileSelector struct { // Namespace is the Kubernetes namespace from which to select workload. // +required Namespace string `json:"namespace"` // Labels are the Kubernetes label selectors to use to select workload. // +optional Labels map[string]string `json:"labels,omitempty"` }
FargateProfileSelector defines rules to select workload to schedule onto Fargate.
func (*FargateProfileSelector) DeepCopy ¶
func (in *FargateProfileSelector) DeepCopy() *FargateProfileSelector
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FargateProfileSelector.
func (*FargateProfileSelector) DeepCopyInto ¶
func (in *FargateProfileSelector) DeepCopyInto(out *FargateProfileSelector)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (FargateProfileSelector) Validate ¶
func (fps FargateProfileSelector) Validate() error
Validate validates this FargateProfileSelector object.
type Flux ¶
type Flux struct { // The repository hosting service. Can be either Github or Gitlab. GitProvider string `json:"gitProvider,omitempty"` // Flags is an arbitrary map of string to string to pass any flags to Flux bootstrap // via eksctl see https://fluxcd.io/docs/ for information on all flags Flags FluxFlags `json:"flags,omitempty"` }
Flux groups all configuration options related to a Git repository used for GitOps Toolkit (Flux v2).
func (*Flux) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Flux.
func (*Flux) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FluxFlags ¶
FluxFlags is a map of string for passing arbitrary flags to Flux bootstrap
func (FluxFlags) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FluxFlags.
func (FluxFlags) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GitOps ¶
type GitOps struct { // Flux holds options to enable Flux v2 on your cluster Flux *Flux `json:"flux,omitempty"` }
GitOps groups all configuration options related to enabling GitOps Toolkit on a cluster and linking it to a Git repository. Note: this will replace the older Git types
func (*GitOps) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitOps.
func (*GitOps) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMIdentityMapping ¶
type IAMIdentityMapping struct { // +optional ARN string `json:"arn,omitempty"` Username string `json:"username,omitempty"` Groups []string `json:"groups,omitempty"` Account string `json:"account,omitempty"` ServiceName string `json:"serviceName,omitempty"` Namespace string `json:"namespace,omitempty"` NoDuplicateARNs bool `json:"noDuplicateARNs,omitempty"` }
IAMIdentityMapping contains IAM accounts, users, roles and services that will be added to the aws-auth configmap to enable access to the cluster
func (*IAMIdentityMapping) DeepCopy ¶
func (in *IAMIdentityMapping) DeepCopy() *IAMIdentityMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMIdentityMapping.
func (*IAMIdentityMapping) DeepCopyInto ¶
func (in *IAMIdentityMapping) DeepCopyInto(out *IAMIdentityMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMIdentityMapping) Validate ¶
func (im *IAMIdentityMapping) Validate() error
type IdentityProvider ¶
type IdentityProvider struct { Inner IdentityProviderInterface // contains filtered or unexported fields }
IdentityProvider holds an identity provider configuration. See [the example eksctl config](https://github.com/weaveworks/eksctl/blob/main/examples/27-oidc-provider.yaml). Schema type is one of `OIDCIdentityProvider`
func FromIdentityProvider ¶
func FromIdentityProvider(idp IdentityProviderInterface) IdentityProvider
func (*IdentityProvider) DeepCopy ¶
func (in *IdentityProvider) DeepCopy() *IdentityProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProvider.
func (*IdentityProvider) DeepCopyInto ¶
func (in *IdentityProvider) DeepCopyInto(out *IdentityProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IdentityProvider) MarshalJSON ¶
func (ip *IdentityProvider) MarshalJSON() ([]byte, error)
func (*IdentityProvider) UnmarshalJSON ¶
func (ip *IdentityProvider) UnmarshalJSON(data []byte) error
type IdentityProviderInterface ¶
type IdentityProviderInterface interface { DeepCopyIdentityProviderInterface() IdentityProviderInterface Type() IdentityProviderType }
IdentityProviderInterface is a dummy interface to give some extra type safety
type IdentityProviderType ¶
type IdentityProviderType string
const (
OIDCIdentityProviderType IdentityProviderType = "oidc"
)
type InlineDocument ¶
type InlineDocument map[string]interface{}
InlineDocument holds any arbitrary JSON/YAML documents, such as extra config parameters or IAM policies
func (*InlineDocument) DeepCopy ¶
func (in *InlineDocument) DeepCopy() *InlineDocument
DeepCopy is needed to generate kubernetes types for InlineDocument
func (InlineDocument) DeepCopyInto ¶
func (in InlineDocument) DeepCopyInto(out *InlineDocument)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type InstanceSelector ¶
type InstanceSelector struct { // VCPUs specifies the number of vCPUs VCPUs int `json:"vCPUs,omitempty"` // Memory specifies the memory // The unit defaults to GiB Memory string `json:"memory,omitempty"` // GPUs specifies the number of GPUs. // It can be set to 0 to select non-GPU instance types. GPUs *int `json:"gpus,omitempty"` // CPU Architecture of the EC2 instance type. // Valid variants are: // `"x86_64"` // `"amd64"` // `"arm64"` CPUArchitecture string `json:"cpuArchitecture,omitempty"` }
InstanceSelector holds EC2 instance selector options
func (*InstanceSelector) DeepCopy ¶
func (in *InstanceSelector) DeepCopy() *InstanceSelector
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstanceSelector.
func (*InstanceSelector) DeepCopyInto ¶
func (in *InstanceSelector) DeepCopyInto(out *InstanceSelector)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (InstanceSelector) IsZero ¶
func (is InstanceSelector) IsZero() bool
IsZero returns true if all fields hold a zero value
type Karpenter ¶
type Karpenter struct { // Version defines the Karpenter version to install // +required Version string `json:"version"` // CreateServiceAccount create a service account or not. // +optional CreateServiceAccount *bool `json:"createServiceAccount,omitempty"` // DefaultInstanceProfile override the default IAM instance profile // +optional DefaultInstanceProfile *string `json:"defaultInstanceProfile,omitempty"` }
Karpenter provides configuration options
func (*Karpenter) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Karpenter.
func (*Karpenter) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KubernetesNetworkConfig ¶
type KubernetesNetworkConfig struct { // Valid variants are `IPFamily` constants // +optional IPFamily string `json:"ipFamily,omitempty"` // ServiceIPv4CIDR is the CIDR range from where `ClusterIP`s are assigned ServiceIPv4CIDR string `json:"serviceIPv4CIDR,omitempty"` }
KubernetesNetworkConfig contains cluster networking options
func (*KubernetesNetworkConfig) DeepCopy ¶
func (in *KubernetesNetworkConfig) DeepCopy() *KubernetesNetworkConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesNetworkConfig.
func (*KubernetesNetworkConfig) DeepCopyInto ¶
func (in *KubernetesNetworkConfig) DeepCopyInto(out *KubernetesNetworkConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KubernetesNetworkConfig) IPv6Enabled ¶
func (k *KubernetesNetworkConfig) IPv6Enabled() bool
type LaunchTemplate ¶
type LaunchTemplate struct { // Launch template ID // +required ID string `json:"id,omitempty"` // Launch template version // Defaults to the default launch template version // TODO support $Default, $Latest Version *string `json:"version,omitempty"` }
func (*LaunchTemplate) DeepCopy ¶
func (in *LaunchTemplate) DeepCopy() *LaunchTemplate
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LaunchTemplate.
func (*LaunchTemplate) DeepCopyInto ¶
func (in *LaunchTemplate) DeepCopyInto(out *LaunchTemplate)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ManagedNodeGroup ¶
type ManagedNodeGroup struct { *NodeGroupBase // InstanceTypes specifies a list of instance types InstanceTypes []string `json:"instanceTypes,omitempty"` // Spot creates a spot nodegroup Spot bool `json:"spot,omitempty"` // Taints taints to apply to the nodegroup Taints []NodeGroupTaint `json:"taints,omitempty"` // UpdateConfig configures how to update NodeGroups. // +optional UpdateConfig *NodeGroupUpdateConfig `json:"updateConfig,omitempty"` // LaunchTemplate specifies an existing launch template to use // for the nodegroup LaunchTemplate *LaunchTemplate `json:"launchTemplate,omitempty"` // ReleaseVersion the AMI version of the EKS optimized AMI to use ReleaseVersion string `json:"releaseVersion"` Unowned bool `json:"-"` }
ManagedNodeGroup represents an EKS-managed nodegroup TODO Validate for unmapped fields and throw an error
func NewManagedNodeGroup ¶
func NewManagedNodeGroup() *ManagedNodeGroup
NewManagedNodeGroup creates a new ManagedNodeGroup
func (*ManagedNodeGroup) BaseNodeGroup ¶
func (m *ManagedNodeGroup) BaseNodeGroup() *NodeGroupBase
BaseNodeGroup implements NodePool
func (*ManagedNodeGroup) DeepCopy ¶
func (in *ManagedNodeGroup) DeepCopy() *ManagedNodeGroup
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedNodeGroup.
func (*ManagedNodeGroup) DeepCopyInto ¶
func (in *ManagedNodeGroup) DeepCopyInto(out *ManagedNodeGroup)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ManagedNodeGroup) GetDesiredCapacity ¶
func (m *ManagedNodeGroup) GetDesiredCapacity() int
func (*ManagedNodeGroup) InstanceTypeList ¶
func (m *ManagedNodeGroup) InstanceTypeList() []string
func (*ManagedNodeGroup) ListOptions ¶
func (m *ManagedNodeGroup) ListOptions() metav1.ListOptions
func (*ManagedNodeGroup) NGTaints ¶
func (m *ManagedNodeGroup) NGTaints() []NodeGroupTaint
NGTaints implements NodePool
type MetricsCollection ¶
type MetricsCollection struct { // +required Granularity string `json:"granularity"` // +optional Metrics []string `json:"metrics,omitempty"` }
MetricsCollection used by the scaling config, see [cloudformation docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-metricscollection.html)
func (*MetricsCollection) DeepCopy ¶
func (in *MetricsCollection) DeepCopy() *MetricsCollection
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsCollection.
func (*MetricsCollection) DeepCopyInto ¶
func (in *MetricsCollection) DeepCopyInto(out *MetricsCollection)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Network ¶
type Network struct { // +optional ID string `json:"id,omitempty"` // +optional CIDR *ipnet.IPNet `json:"cidr,omitempty"` // +optional IPv6Cidr string `json:"ipv6Cidr,omitempty"` // +optional IPv6Pool string `json:"ipv6Pool,omitempty"` }
Network holds ID and CIDR
func (*Network) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Network.
func (*Network) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroup ¶
type NodeGroup struct { *NodeGroupBase //+optional InstancesDistribution *NodeGroupInstancesDistribution `json:"instancesDistribution,omitempty"` // +optional ASGMetricsCollection []MetricsCollection `json:"asgMetricsCollection,omitempty"` // CPUCredits configures [T3 Unlimited](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode.html), valid only for T-type instances // +optional CPUCredits *string `json:"cpuCredits,omitempty"` // Associate load balancers with auto scaling group // +optional ClassicLoadBalancerNames []string `json:"classicLoadBalancerNames,omitempty"` // Associate target group with auto scaling group // +optional TargetGroupARNs []string `json:"targetGroupARNs,omitempty"` // Taints taints to apply to the nodegroup // +optional Taints taintsWrapper `json:"taints,omitempty"` // UpdateConfig configures how to update NodeGroups. // +optional UpdateConfig *NodeGroupUpdateConfig `json:"updateConfig,omitempty"` // [Custom // address](/usage/vpc-networking/#custom-cluster-dns-address) used for DNS // lookups // +optional ClusterDNS string `json:"clusterDNS,omitempty"` // [Customize `kubelet` config](/usage/customizing-the-kubelet/) // +optional KubeletExtraConfig *InlineDocument `json:"kubeletExtraConfig,omitempty"` // ContainerRuntime defines the runtime (CRI) to use for containers on the node // +optional ContainerRuntime *string `json:"containerRuntime,omitempty"` // MaxInstanceLifetime defines the maximum amount of time in seconds an instance stays alive. // +optional MaxInstanceLifetime *int `json:"maxInstanceLifetime,omitempty"` // LocalZones specifies a list of local zones where the nodegroup should be launched. // The cluster should have been created with all of the local zones specified in this field. // +optional LocalZones []string `json:"localZones,omitempty"` }
NodeGroup holds configuration attributes that are specific to an unmanaged nodegroup
func NewNodeGroup ¶
func NewNodeGroup() *NodeGroup
NewNodeGroup creates a new NodeGroup, and returns a pointer to it
func (*NodeGroup) BaseNodeGroup ¶
func (n *NodeGroup) BaseNodeGroup() *NodeGroupBase
BaseNodeGroup implements NodePool
func (*NodeGroup) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroup.
func (*NodeGroup) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*NodeGroup) GetContainerRuntime ¶
GetContainerRuntime returns the container runtime.
func (*NodeGroup) GetDesiredCapacity ¶
func (*NodeGroup) GetInstanceType ¶
GetInstanceType returns the instance type.
func (*NodeGroup) InstanceTypeList ¶
func (*NodeGroup) NGTaints ¶
func (n *NodeGroup) NGTaints() []NodeGroupTaint
NGTaints implements NodePool
func (*NodeGroup) SetInstanceType ¶
SetInstanceType sets the instance type.
type NodeGroupBase ¶
type NodeGroupBase struct { // +required Name string `json:"name"` // Valid variants are `NodeAMIFamily` constants // +optional AMIFamily string `json:"amiFamily,omitempty"` // +optional InstanceType string `json:"instanceType,omitempty"` // Limit [nodes to specific // AZs](/usage/autoscaling/#zone-aware-auto-scaling) // +optional AvailabilityZones []string `json:"availabilityZones,omitempty"` // Limit nodes to specific subnets // +optional Subnets []string `json:"subnets,omitempty"` // +optional InstancePrefix string `json:"instancePrefix,omitempty"` // +optional InstanceName string `json:"instanceName,omitempty"` // +optional *ScalingConfig // +optional // VolumeSize gigabytes // Defaults to `80` VolumeSize *int `json:"volumeSize,omitempty"` // +optional // SSH configures ssh access for this nodegroup SSH *NodeGroupSSH `json:"ssh,omitempty"` // +optional Labels map[string]string `json:"labels,omitempty"` // Enable [private // networking](/usage/vpc-networking/#use-private-subnets-for-initial-nodegroup) // for nodegroup // +optional PrivateNetworking bool `json:"privateNetworking"` // Applied to the Autoscaling Group and to the EC2 instances (unmanaged), // Applied to the EKS Nodegroup resource and to the EC2 instances (managed) // +optional Tags map[string]string `json:"tags,omitempty"` // +optional IAM *NodeGroupIAM `json:"iam,omitempty"` // Specify [custom AMIs](/usage/custom-ami-support/), `auto-ssm`, `auto`, or `static` // +optional AMI string `json:"ami,omitempty"` // +optional SecurityGroups *NodeGroupSGs `json:"securityGroups,omitempty"` // +optional MaxPodsPerNode int `json:"maxPodsPerNode,omitempty"` // See [relevant AWS // docs](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-rollingupdate-suspendprocesses) // +optional ASGSuspendProcesses []string `json:"asgSuspendProcesses,omitempty"` // EBSOptimized enables [EBS // optimization](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) // +optional EBSOptimized *bool `json:"ebsOptimized,omitempty"` // Valid variants are `VolumeType` constants // +optional VolumeType *string `json:"volumeType,omitempty"` // +optional VolumeName *string `json:"volumeName,omitempty"` // +optional VolumeEncrypted *bool `json:"volumeEncrypted,omitempty"` // +optional VolumeKmsKeyID *string `json:"volumeKmsKeyID,omitempty"` // +optional VolumeIOPS *int `json:"volumeIOPS,omitempty"` // +optional VolumeThroughput *int `json:"volumeThroughput,omitempty"` // Additional Volume Configurations // +optional AdditionalVolumes []*VolumeMapping `json:"additionalVolumes,omitempty"` // PreBootstrapCommands are executed before bootstrapping instances to the // cluster // +optional PreBootstrapCommands []string `json:"preBootstrapCommands,omitempty"` // Override `eksctl`'s bootstrapping script // +optional OverrideBootstrapCommand *string `json:"overrideBootstrapCommand,omitempty"` // Propagate all taints and labels to the ASG automatically. // +optional PropagateASGTags *bool `json:"propagateASGTags,omitempty"` // DisableIMDSv1 requires requests to the metadata service to use IMDSv2 tokens // Defaults to `false` // +optional DisableIMDSv1 *bool `json:"disableIMDSv1,omitempty"` // DisablePodIMDS blocks all IMDS requests from non host networking pods // Defaults to `false` // +optional DisablePodIMDS *bool `json:"disablePodIMDS,omitempty"` // Placement specifies the placement group in which nodes should // be spawned // +optional Placement *Placement `json:"placement,omitempty"` // EFAEnabled creates the maximum allowed number of EFA-enabled network // cards on nodes in this group. // +optional EFAEnabled *bool `json:"efaEnabled,omitempty"` // InstanceSelector specifies options for EC2 instance selector InstanceSelector *InstanceSelector `json:"instanceSelector,omitempty"` // Internal fields // Some AMIs (bottlerocket) have a separate volume for the OS AdditionalEncryptedVolume string `json:"-"` // Bottlerocket specifies settings for Bottlerocket nodes // +optional Bottlerocket *NodeGroupBottlerocket `json:"bottlerocket,omitempty"` // Enable EC2 detailed monitoring // +optional EnableDetailedMonitoring *bool `json:"enableDetailedMonitoring,omitempty"` // CapacityReservation defines reservation policy for a nodegroup CapacityReservation *CapacityReservation `json:"capacityReservation,omitempty"` // OutpostARN specifies the Outpost ARN in which the nodegroup should be created. // +optional OutpostARN string `json:"outpostARN,omitempty"` }
NodeGroupBase represents the base nodegroup config for self-managed and managed nodegroups
func (*NodeGroupBase) DeepCopy ¶
func (in *NodeGroupBase) DeepCopy() *NodeGroupBase
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupBase.
func (*NodeGroupBase) DeepCopyInto ¶
func (in *NodeGroupBase) DeepCopyInto(out *NodeGroupBase)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*NodeGroupBase) GetAMIFamily ¶
func (n *NodeGroupBase) GetAMIFamily() string
GetAMIFamily returns the AMI family
func (*NodeGroupBase) GetDesiredCapacity ¶
func (n *NodeGroupBase) GetDesiredCapacity() int
func (*NodeGroupBase) ListOptions ¶
func (n *NodeGroupBase) ListOptions() metav1.ListOptions
ListOptions returns metav1.ListOptions with label selector for the nodegroup
func (*NodeGroupBase) NameString ¶
func (n *NodeGroupBase) NameString() string
NameString returns the nodegroup name
func (*NodeGroupBase) Size ¶
func (n *NodeGroupBase) Size() int
Size returns the minimum nodegroup size
type NodeGroupBottlerocket ¶
type NodeGroupBottlerocket struct { // +optional EnableAdminContainer *bool `json:"enableAdminContainer,omitempty"` // Settings contains any [bottlerocket // settings](https://github.com/bottlerocket-os/bottlerocket/#description-of-settings) // +optional Settings *InlineDocument `json:"settings,omitempty"` }
NodeGroupBottlerocket holds the configuration for Bottlerocket based NodeGroups.
func (*NodeGroupBottlerocket) DeepCopy ¶
func (in *NodeGroupBottlerocket) DeepCopy() *NodeGroupBottlerocket
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupBottlerocket.
func (*NodeGroupBottlerocket) DeepCopyInto ¶
func (in *NodeGroupBottlerocket) DeepCopyInto(out *NodeGroupBottlerocket)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupIAM ¶
type NodeGroupIAM struct { // AttachPolicy holds a policy document to attach // +optional AttachPolicy InlineDocument `json:"attachPolicy,omitempty"` // list of ARNs of the IAM policies to attach // +optional AttachPolicyARNs []string `json:"attachPolicyARNs,omitempty"` // +optional InstanceProfileARN string `json:"instanceProfileARN,omitempty"` // +optional InstanceRoleARN string `json:"instanceRoleARN,omitempty"` // +optional InstanceRoleName string `json:"instanceRoleName,omitempty"` // +optional InstanceRolePermissionsBoundary string `json:"instanceRolePermissionsBoundary,omitempty"` // +optional WithAddonPolicies NodeGroupIAMAddonPolicies `json:"withAddonPolicies,omitempty"` }
NodeGroupIAM holds all IAM attributes of a NodeGroup
func (*NodeGroupIAM) DeepCopy ¶
func (in *NodeGroupIAM) DeepCopy() *NodeGroupIAM
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupIAM.
func (*NodeGroupIAM) DeepCopyInto ¶
func (in *NodeGroupIAM) DeepCopyInto(out *NodeGroupIAM)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupIAMAddonPolicies ¶
type NodeGroupIAMAddonPolicies struct { // +optional // ImageBuilder allows for full ECR (Elastic Container Registry) access. This is useful for building, for // example, a CI server that needs to push images to ECR ImageBuilder *bool `json:"imageBuilder"` // +optional // AutoScaler enables IAM policy for cluster-autoscaler AutoScaler *bool `json:"autoScaler"` // +optional // ExternalDNS adds the external-dns project policies for Amazon Route 53 ExternalDNS *bool `json:"externalDNS"` // +optional // CertManager enables the ability to add records to Route 53 in order to solve the DNS01 challenge. More information can be found // [here](https://cert-manager.io/docs/configuration/acme/dns01/route53/#set-up-a-iam-role) CertManager *bool `json:"certManager"` // +optional // AppMesh enables full access to AppMesh AppMesh *bool `json:"appMesh"` // +optional // AppMeshPreview enables full access to AppMesh Preview AppMeshPreview *bool `json:"appMeshPreview"` // +optional // EBS enables the new EBS CSI (Elastic Block Store Container Storage Interface) driver EBS *bool `json:"ebs"` // +optional FSX *bool `json:"fsx"` // +optional EFS *bool `json:"efs"` // +optional AWSLoadBalancerController *bool `json:"awsLoadBalancerController"` // +optional DeprecatedALBIngress *bool `json:"albIngress"` // +optional XRay *bool `json:"xRay"` // +optional CloudWatch *bool `json:"cloudWatch"` }
NodeGroupIAMAddonPolicies holds all IAM addon policies
func (*NodeGroupIAMAddonPolicies) DeepCopy ¶
func (in *NodeGroupIAMAddonPolicies) DeepCopy() *NodeGroupIAMAddonPolicies
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupIAMAddonPolicies.
func (*NodeGroupIAMAddonPolicies) DeepCopyInto ¶
func (in *NodeGroupIAMAddonPolicies) DeepCopyInto(out *NodeGroupIAMAddonPolicies)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupInstancesDistribution ¶
type NodeGroupInstancesDistribution struct { // +required InstanceTypes []string `json:"instanceTypes,omitempty"` // Defaults to `on demand price` // +optional MaxPrice *float64 `json:"maxPrice,omitempty"` // Defaults to `0` // +optional OnDemandBaseCapacity *int `json:"onDemandBaseCapacity,omitempty"` // Range [0-100] // Defaults to `100` // +optional OnDemandPercentageAboveBaseCapacity *int `json:"onDemandPercentageAboveBaseCapacity,omitempty"` // Range [1-20] // Defaults to `2` // +optional SpotInstancePools *int `json:"spotInstancePools,omitempty"` // +optional SpotAllocationStrategy *string `json:"spotAllocationStrategy,omitempty"` // Enable [capacity // rebalancing](https://docs.aws.amazon.com/autoscaling/ec2/userguide/capacity-rebalance.html) // for spot instances // +optional CapacityRebalance bool `json:"capacityRebalance"` }
NodeGroupInstancesDistribution holds the configuration for [spot instances](/usage/spot-instances/)
func (*NodeGroupInstancesDistribution) DeepCopy ¶
func (in *NodeGroupInstancesDistribution) DeepCopy() *NodeGroupInstancesDistribution
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupInstancesDistribution.
func (*NodeGroupInstancesDistribution) DeepCopyInto ¶
func (in *NodeGroupInstancesDistribution) DeepCopyInto(out *NodeGroupInstancesDistribution)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupSGs ¶
type NodeGroupSGs struct { // AttachIDs attaches additional security groups to the nodegroup // +optional AttachIDs []string `json:"attachIDs,omitempty"` // shared among all nodegroups in the cluster // Defaults to `true` // +optional WithShared *bool `json:"withShared"` // WithLocal attach a security group // local to this nodegroup // Not supported for managed nodegroups // Defaults to `true` // +optional WithLocal *bool `json:"withLocal"` }
NodeGroupSGs controls security groups for this nodegroup
func (*NodeGroupSGs) DeepCopy ¶
func (in *NodeGroupSGs) DeepCopy() *NodeGroupSGs
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupSGs.
func (*NodeGroupSGs) DeepCopyInto ¶
func (in *NodeGroupSGs) DeepCopyInto(out *NodeGroupSGs)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupSSH ¶
type NodeGroupSSH struct { // +optional If Allow is true the SSH configuration provided is used, otherwise it is ignored. Only one of // PublicKeyPath, PublicKey and PublicKeyName can be configured Allow *bool `json:"allow"` // +optional The path to the SSH public key to be added to the nodes SSH keychain. If Allow is true this value // defaults to "~/.ssh/id_rsa.pub", otherwise the value is ignored. PublicKeyPath *string `json:"publicKeyPath,omitempty"` // +optional Public key to be added to the nodes SSH keychain. If Allow is false this value is ignored. PublicKey *string `json:"publicKey,omitempty"` // +optional Public key name in EC2 to be added to the nodes SSH keychain. If Allow is false this value // is ignored. PublicKeyName *string `json:"publicKeyName,omitempty"` // +optional SourceSecurityGroupIDs []string `json:"sourceSecurityGroupIds,omitempty"` // Enables the ability to [SSH onto nodes using SSM](/introduction#ssh-access) // +optional EnableSSM *bool `json:"enableSsm,omitempty"` }
NodeGroupSSH holds all the ssh access configuration to a NodeGroup
func (*NodeGroupSSH) DeepCopy ¶
func (in *NodeGroupSSH) DeepCopy() *NodeGroupSSH
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupSSH.
func (*NodeGroupSSH) DeepCopyInto ¶
func (in *NodeGroupSSH) DeepCopyInto(out *NodeGroupSSH)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupTaint ¶
type NodeGroupTaint struct { Key string `json:"key,omitempty"` Value string `json:"value,omitempty"` Effect corev1.TaintEffect `json:"effect,omitempty"` }
NodeGroupTaint represents a Kubernetes taint
func (*NodeGroupTaint) DeepCopy ¶
func (in *NodeGroupTaint) DeepCopy() *NodeGroupTaint
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupTaint.
func (*NodeGroupTaint) DeepCopyInto ¶
func (in *NodeGroupTaint) DeepCopyInto(out *NodeGroupTaint)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodeGroupUpdateConfig ¶
type NodeGroupUpdateConfig struct { // when updating a nodegroup (specified as number) // +optional MaxUnavailable *int `json:"maxUnavailable,omitempty"` // when updating a nodegroup (specified as percentage) // +optional MaxUnavailablePercentage *int `json:"maxUnavailablePercentage,omitempty"` }
NodeGroupUpdateConfig contains the configuration for updating NodeGroups.
func (*NodeGroupUpdateConfig) DeepCopy ¶
func (in *NodeGroupUpdateConfig) DeepCopy() *NodeGroupUpdateConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeGroupUpdateConfig.
func (*NodeGroupUpdateConfig) DeepCopyInto ¶
func (in *NodeGroupUpdateConfig) DeepCopyInto(out *NodeGroupUpdateConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NodePool ¶
type NodePool interface { // BaseNodeGroup returns the base nodegroup BaseNodeGroup() *NodeGroupBase // NGTaints returns the taints to apply for this nodegroup NGTaints() []NodeGroupTaint // InstanceTypeList returns a list of instances that are configured for that nodegroup InstanceTypeList() []string }
NodePool represents a group of nodes that share the same configuration Ideally the NodeGroup type should be renamed to UnmanagedNodeGroup or SelfManagedNodeGroup and this interface should be called NodeGroup
type OIDCIdentityProvider ¶
type OIDCIdentityProvider struct { // +required Name string `json:"name,omitempty"` // +required IssuerURL string `json:"issuerURL,omitempty"` // +required ClientID string `json:"clientID,omitempty"` UsernameClaim string `json:"usernameClaim,omitempty"` UsernamePrefix string `json:"usernamePrefix,omitempty"` GroupsClaim string `json:"groupsClaim,omitempty"` GroupsPrefix string `json:"groupsPrefix,omitempty"` RequiredClaims map[string]string `json:"requiredClaims,omitempty"` Tags map[string]string `json:"tags,omitempty"` }
OIDCIdentityProvider holds the spec of an OIDC provider to use for EKS authzn
func (*OIDCIdentityProvider) DeepCopy ¶
func (in *OIDCIdentityProvider) DeepCopy() *OIDCIdentityProvider
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProvider.
func (*OIDCIdentityProvider) DeepCopyIdentityProviderInterface ¶
func (p *OIDCIdentityProvider) DeepCopyIdentityProviderInterface() IdentityProviderInterface
func (*OIDCIdentityProvider) DeepCopyInto ¶
func (in *OIDCIdentityProvider) DeepCopyInto(out *OIDCIdentityProvider)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*OIDCIdentityProvider) Type ¶
func (p *OIDCIdentityProvider) Type() IdentityProviderType
type Outpost ¶
type Outpost struct { // ControlPlaneOutpostARN specifies the Outpost ARN in which the control plane should be created. ControlPlaneOutpostARN string `json:"controlPlaneOutpostARN"` // ControlPlaneInstanceType specifies the instance type to use for creating the control plane instances. ControlPlaneInstanceType string `json:"controlPlaneInstanceType"` // ControlPlanePlacement specifies the placement configuration for control plane instances on Outposts. ControlPlanePlacement *Placement `json:"controlPlanePlacement,omitempty"` }
Outpost holds the Outpost configuration.
func (*Outpost) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Outpost.
func (*Outpost) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Outpost) GetInstanceType ¶
GetInstanceType returns the control plane instance type.
func (*Outpost) HasPlacementGroup ¶
HasPlacementGroup reports whether this Outpost has a placement group.
func (*Outpost) SetInstanceType ¶
SetInstanceType sets the control plane instance type.
type OutpostInfo ¶
type OutpostInfo interface { // IsControlPlaneOnOutposts returns true if the control plane is on Outposts. IsControlPlaneOnOutposts() bool // GetOutpost returns the Outpost info. GetOutpost() *Outpost }
OutpostInfo describes the Outpost info.
type Placement ¶
type Placement struct {
GroupName string `json:"groupName,omitempty"`
}
Placement specifies placement group information
func (*Placement) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Placement.
func (*Placement) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PrivateCluster ¶
type PrivateCluster struct { // Enabled enables creation of a fully-private cluster. Enabled bool `json:"enabled"` // SkipEndpointCreation skips the creation process for endpoints completely. This is only used in case of an already // provided VPC and if the user decided to set it to true. SkipEndpointCreation bool `json:"skipEndpointCreation"` // AdditionalEndpointServices specifies additional endpoint services that // must be enabled for private access. // Valid entries are "cloudformation", "autoscaling" and "logs". AdditionalEndpointServices []string `json:"additionalEndpointServices,omitempty"` }
PrivateCluster defines the configuration for a fully-private cluster.
func (*PrivateCluster) DeepCopy ¶
func (in *PrivateCluster) DeepCopy() *PrivateCluster
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrivateCluster.
func (*PrivateCluster) DeepCopyInto ¶
func (in *PrivateCluster) DeepCopyInto(out *PrivateCluster)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Profile ¶
Profile is the AWS profile to use.
func (*Profile) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Profile.
func (*Profile) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ProviderConfig ¶
type ProviderConfig struct { CloudFormationRoleARN string CloudFormationDisableRollback bool Region string Profile Profile WaitTimeout time.Duration }
ProviderConfig holds global parameters for all interactions with AWS APIs
func (*ProviderConfig) DeepCopy ¶
func (in *ProviderConfig) DeepCopy() *ProviderConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProviderConfig.
func (*ProviderConfig) DeepCopyInto ¶
func (in *ProviderConfig) DeepCopyInto(out *ProviderConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type STSPresigner ¶
type STSPresigner interface {
PresignGetCallerIdentity(ctx context.Context, params *sts.GetCallerIdentityInput, optFns ...func(*sts.PresignOptions)) (*v4.PresignedHTTPRequest, error)
}
STSPresigner defines the method to pre-sign GetCallerIdentity requests to add a proper header required by EKS for authentication from the outside.
type ScalingConfig ¶
type ScalingConfig struct { // +optional DesiredCapacity *int `json:"desiredCapacity,omitempty"` // +optional MinSize *int `json:"minSize,omitempty"` // +optional MaxSize *int `json:"maxSize,omitempty"` }
ScalingConfig defines the scaling config
func (*ScalingConfig) DeepCopy ¶
func (in *ScalingConfig) DeepCopy() *ScalingConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScalingConfig.
func (*ScalingConfig) DeepCopyInto ¶
func (in *ScalingConfig) DeepCopyInto(out *ScalingConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretsEncryption ¶
type SecretsEncryption struct { // +required KeyARN string `json:"keyARN,omitempty"` }
SecretsEncryption defines the configuration for KMS encryption provider
func (*SecretsEncryption) DeepCopy ¶
func (in *SecretsEncryption) DeepCopy() *SecretsEncryption
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretsEncryption.
func (*SecretsEncryption) DeepCopyInto ¶
func (in *SecretsEncryption) DeepCopyInto(out *SecretsEncryption)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SubnetTopology ¶
type SubnetTopology string
SubnetTopology can be SubnetTopologyPrivate or SubnetTopologyPublic
func SubnetTopologies ¶
func SubnetTopologies() []SubnetTopology
SubnetTopologies returns a list of topologies
type UnsupportedFeatureError ¶
UnsupportedFeatureError is an error that represents an unsupported feature +k8s:deepcopy-gen=false
func (*UnsupportedFeatureError) Error ¶
func (u *UnsupportedFeatureError) Error() string
type VolumeMapping ¶
type VolumeMapping struct { // +optional // VolumeSize gigabytes // Defaults to `80` VolumeSize *int `json:"volumeSize,omitempty"` // Valid variants are `VolumeType` constants // +optional VolumeType *string `json:"volumeType,omitempty"` // +optional VolumeName *string `json:"volumeName,omitempty"` // +optional VolumeEncrypted *bool `json:"volumeEncrypted,omitempty"` // +optional VolumeKmsKeyID *string `json:"volumeKmsKeyID,omitempty"` // +optional VolumeIOPS *int `json:"volumeIOPS,omitempty"` // +optional VolumeThroughput *int `json:"volumeThroughput,omitempty"` // +optional SnapshotID *string `json:"snapshotID,omitempty"` }
VolumeMapping Additional Volume Configurations
func (*VolumeMapping) DeepCopy ¶
func (in *VolumeMapping) DeepCopy() *VolumeMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeMapping.
func (*VolumeMapping) DeepCopyInto ¶
func (in *VolumeMapping) DeepCopyInto(out *VolumeMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type WellKnownPolicies ¶
type WellKnownPolicies struct { // ImageBuilder allows for full ECR (Elastic Container Registry) access. ImageBuilder bool `json:"imageBuilder,inline"` // AutoScaler adds policies for cluster-autoscaler. See [autoscaler AWS // docs](https://docs.aws.amazon.com/eks/latest/userguide/cluster-autoscaler.html). AutoScaler bool `json:"autoScaler,inline"` // AWSLoadBalancerController adds policies for using the // aws-load-balancer-controller. See [Load Balancer // docs](https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-controller.html). AWSLoadBalancerController bool `json:"awsLoadBalancerController,inline"` // ExternalDNS adds external-dns policies for Amazon Route 53. // See [external-dns // docs](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md). ExternalDNS bool `json:"externalDNS,inline"` // CertManager adds cert-manager policies. See [cert-manager // docs](https://cert-manager.io/docs/configuration/acme/dns01/route53). CertManager bool `json:"certManager,inline"` // EBSCSIController adds policies for using the // ebs-csi-controller. See [aws-ebs-csi-driver // docs](https://github.com/kubernetes-sigs/aws-ebs-csi-driver#set-up-driver-permission). EBSCSIController bool `json:"ebsCSIController,inline"` // EFSCSIController adds policies for using the // efs-csi-controller. See [aws-efs-csi-driver // docs](https://aws.amazon.com/blogs/containers/introducing-efs-csi-dynamic-provisioning). EFSCSIController bool `json:"efsCSIController,inline"` }
WellKnownPolicies for attaching common IAM policies
func (*WellKnownPolicies) DeepCopy ¶
func (in *WellKnownPolicies) DeepCopy() *WellKnownPolicies
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WellKnownPolicies.
func (*WellKnownPolicies) DeepCopyInto ¶
func (in *WellKnownPolicies) DeepCopyInto(out *WellKnownPolicies)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*WellKnownPolicies) HasPolicy ¶
func (p *WellKnownPolicies) HasPolicy() bool