Skip to content
This repository has been archived by the owner on Aug 28, 2024. It is now read-only.

Commit

Permalink
everything is working consistently. shipping it
Browse files Browse the repository at this point in the history
  • Loading branch information
@brandonjbjelland
brandonjbjelland committed Aug 10, 2023
1 parent 5149163 commit 76ff2c9
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 10 deletions.
8 changes: 2 additions & 6 deletions install/kubernetes/aws/eks-cluster.yaml.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,6 @@ metadata:
environment: dev
karpenter.sh/discovery: ${CLUSTER_NAME}

karpenter:
withSpotInterruptionQueue: true
version: "v0.29.0"

managedNodeGroups:
- name: builder-ng
privateNetworking: true
Expand Down Expand Up @@ -41,7 +37,7 @@ addons:
- name: coredns

iamIdentityMappings:
- arn: "arn:${AWS_PARTITION}:iam::${AWS_ACCOUNT_ID}:role/KarpenterNodeRole-${CLUSTER_NAME}"
- arn: "arn:aws:iam::${AWS_ACCOUNT_ID}:role/KarpenterNodeRole-${CLUSTER_NAME}"
username: system:node:{{EC2PrivateDNSName}}
groups:
- system:bootstrappers
Expand All @@ -56,7 +52,7 @@ iam:
roleName: ${CLUSTER_NAME}-karpenter
attachPolicyARNs:
# this is used as spec.instanceProfile in the karpenter AWSNodeTemplate
- arn:${AWS_PARTITION}:iam::${AWS_ACCOUNT_ID}:policy/KarpenterControllerPolicy-${CLUSTER_NAME}
- arn:aws:iam::${AWS_ACCOUNT_ID}:policy/KarpenterControllerPolicy-${CLUSTER_NAME}
roleOnly: true
- metadata:
name: ebs-csi-controller-sa
Expand Down
2 changes: 1 addition & 1 deletion install/kubernetes/aws/karpenter-provisioner.yaml.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ kind: AWSNodeTemplate
metadata:
name: default
spec:
instanceProfile: eksctl-KarpenterNodeInstanceProfile-${CLUSTER_NAME}
instanceProfile: KarpenterNodeInstanceProfile-${CLUSTER_NAME}
subnetSelector:
karpenter.sh/discovery: ${CLUSTER_NAME}
securityGroupSelector:
Expand Down
4 changes: 4 additions & 0 deletions install/scripts/aws-down.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,10 @@ export ARTIFACTS_BUCKET_NAME=${AWS_ACCOUNT_ID}-${CLUSTER_NAME}-artifacts
envsubst <${kubernetes_dir}/aws/eks-cluster.yaml.tpl >${kubernetes_dir}/aws/eks-cluster.yaml
eksctl delete cluster -f ${kubernetes_dir}/aws/eks-cluster.yaml || true

aws cloudformation delete-stack \
--stack-name "Karpenter-${CLUSTER_NAME}" \
--region ${REGION} || true

aws ecr delete-repository \
--repository-name ${ARTIFACTS_REPO_NAME} \
--region ${REGION} >/dev/null || true
Expand Down
29 changes: 26 additions & 3 deletions install/scripts/aws-up.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,12 @@ script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
kubernetes_dir=${script_dir}/../kubernetes

EKSCTL_ENABLE_CREDENTIAL_CACHE=1
karpenter_version=v0.29.2
export CLUSTER_NAME=substratus
export REGION=us-west-2
export ARTIFACTS_REPO_NAME=${CLUSTER_NAME}
export ARTIFACTS_BUCKET_NAME=${AWS_ACCOUNT_ID}-${CLUSTER_NAME}-artifacts
karpenter_iam_role_arn="arn:aws:iam::${AWS_ACCOUNT_ID}:role/${CLUSTER_NAME}-karpenter"
tempout=$(mktemp)

aws s3 mb s3://${ARTIFACTS_BUCKET_NAME} \
Expand All @@ -24,16 +26,37 @@ aws ecr create-repository \
--repository-name ${ARTIFACTS_REPO_NAME} \
--region ${REGION} >/dev/null || true

curl -fsSL https://raw.githubusercontent.com/aws/karpenter/"${karpenter_version}"/website/content/en/preview/getting-started/getting-started-with-karpenter/cloudformation.yaml >$tempout
aws cloudformation deploy \
--stack-name "Karpenter-${CLUSTER_NAME}" \
--template-file "${tempout}" \
--capabilities CAPABILITY_NAMED_IAM \
--region ${REGION} \
--parameter-overrides "ClusterName=${CLUSTER_NAME}"

envsubst <${kubernetes_dir}/aws/eks-cluster.yaml.tpl >${kubernetes_dir}/aws/eks-cluster.yaml
eksctl create cluster -f ${kubernetes_dir}/aws/eks-cluster.yaml ||
eksctl upgrade cluster -f ${kubernetes_dir}/aws/eks-cluster.yaml

aws iam create-service-linked-role \
--aws-service-name spot.amazonaws.com || true

aws eks update-kubeconfig \
--region ${REGION} \
--name ${CLUSTER_NAME}
# Logout of helm registry to perform an unauthenticated pull against the public ECR
helm registry logout public.ecr.aws || true
helm upgrade \
--create-namespace \
--install karpenter oci://public.ecr.aws/karpenter/karpenter \
--version ${karpenter_version} \
--namespace karpenter \
--set serviceAccount.annotations."eks\.amazonaws\.com/role-arn"=${karpenter_iam_role_arn} \
--set settings.aws.clusterName=${CLUSTER_NAME} \
--set settings.aws.defaultInstanceProfile=KarpenterNodeInstanceProfile-${CLUSTER_NAME} \
--set settings.aws.interruptionQueueName=${CLUSTER_NAME} \
--set controller.resources.requests.cpu=1 \
--set controller.resources.requests.memory=1Gi \
--set controller.resources.limits.cpu=1 \
--set controller.resources.limits.memory=1Gi \
--wait

envsubst <${kubernetes_dir}/aws/karpenter-provisioner.yaml.tpl >${kubernetes_dir}/aws/karpenter-provisioner.yaml
kubectl apply -f ${kubernetes_dir}/aws/karpenter-provisioner.yaml
Expand Down

0 comments on commit 76ff2c9

Please sign in to comment.