AWS関連のオペレーターをArgoCDに登録したい #1243
Assignees
Comments
|
これはまだ課題 |
This was referenced Nov 28, 2021
|
@inductor Cluster Autoscalerに取り掛かろうと思うのですが
@@ -1,31 +1,39 @@
alertmanagerconfigs.monitoring.coreos.com
alertmanagers.monitoring.coreos.com
applications.argoproj.io
-applicationtemplates.dreamkast.cloudnativedays.jp
appprojects.argoproj.io
certificaterequests.cert-manager.io
certificates.cert-manager.io
challenges.acme.cert-manager.io
clusterissuers.cert-manager.io
+clusterresourcesetbindings.addons.cluster.x-k8s.io
+clusterresourcesets.addons.cluster.x-k8s.io
+clusters.cluster.x-k8s.io
+doclusters.infrastructure.cluster.x-k8s.io
+domachines.infrastructure.cluster.x-k8s.io
+domachinetemplates.infrastructure.cluster.x-k8s.io
eniconfigs.crd.k8s.amazonaws.com
extensionservices.projectcontour.io
externalsecrets.kubernetes-client.io
httpproxies.projectcontour.io
ingressclassparams.elbv2.k8s.aws
issuers.cert-manager.io
-manifeststemplates.dreamkast.cloudnativedays.jp
+kubeadmconfigs.bootstrap.cluster.x-k8s.io
+kubeadmconfigtemplates.bootstrap.cluster.x-k8s.io
+kubeadmcontrolplanes.controlplane.cluster.x-k8s.io
+machinedeployments.cluster.x-k8s.io
+machinehealthchecks.cluster.x-k8s.io
+machinepools.exp.cluster.x-k8s.io
+machines.cluster.x-k8s.io
+machinesets.cluster.x-k8s.io
orders.acme.cert-manager.io
podmonitors.monitoring.coreos.com
probes.monitoring.coreos.com
prometheuses.monitoring.coreos.com
prometheusrules.monitoring.coreos.com
-reviewappmanagers.dreamkast.cloudnativedays.jp
-reviewapps.dreamkast.cloudnativedays.jp
+providers.clusterctl.cluster.x-k8s.io
securitygrouppolicies.vpcresources.k8s.aws
servicemonitors.monitoring.coreos.com
targetgroupbindings.elbv2.k8s.aws
thanosrulers.monitoring.coreos.com
-tlscertificatedelegations.projectcontour.io
-volumesnapshotclasses.snapshot.storage.k8s.io
-volumesnapshotcontents.snapshot.storage.k8s.io
-volumesnapshots.snapshot.storage.k8s.io
\ No newline at end of file
+tlscertificatedelegations.projectcontour.io
\ No newline at end of file |
|
Cluster AutoscalerはHelm使ってないです。もともと公式手順に存在してなかったのでベタで入れましたね dev/prd両方入れないと検証もできないのでそれは揃えましょう |
|
全体の手順は以下のような感じですがeksctlまでは実施する必要はないです(既に実施済みなので) # Setup Cluster Autoscaler IAM Policy
cat <<EOF > iam-ca.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeTags",
"autoscaling:SetDesiredCapacity",
"autoscaling:TerminateInstanceInAutoScalingGroup",
"ec2:DescribeLaunchTemplateVersions"
],
"Resource": ["*"]
}
]
}
EOF
aws iam create-policy \
--policy-name AWSClusterAutoscalerIAMPolicy \
--policy-document file://iam-ca.json
eksctl create iamserviceaccount \
--cluster=$CLUSTER_NAME \
--namespace=kube-system \
--name=cluster-autoscaler \
--attach-policy-arn=arn:aws:iam::`aws sts get-caller-identity | jq -r .Account`:policy/AWSClusterAutoscalerIAMPolicy \
--override-existing-serviceaccounts \
--region $CLUSTER_REGION \
--approve
helm upgrade --install cluster-autoscaler autoscaler/cluster-autoscaler \
-n kube-system \
--set autoDiscovery.clusterName=$CLUSTER_NAME --set awsRegion=$CLUSTER_REGION --set rbac.serviceAccount.create=false --set rbac.serviceAccount.name=cluster-autoscaler |
|
む、 https://github.com/kubernetes/autoscaler/tree/master/charts/cluster-autoscaler/templates と見比べると
|
2 tasks
|
cluster.x-k8s.io はEKSが持ってるCluster APIのリソースなので関係ないです |
|
dev-clusterでやりました。 |
2 tasks
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
差分追うのが大変なので
このへんは全部IRSA + Helmで管理できるので近いうちにやりきりたい
The text was updated successfully, but these errors were encountered: