amazon-eks

When using Amazon's K8s offering, the EKS service, at some point you need to connect the Kubernetes API and configuration to the infrastructure established within AWS. Especially we need a kubeconfig with proper credentials and URLs to connect to the k8s control plane provided by EKS. The Amazon commandline tool aws provides a routine for this task aws eks update-kubeconfig --kubeconfig /path/to/kubecfg.yaml --name <EKS-cluster-name> Question: do the same through Python/boto3 When looking at the Boto API documentation , I seem to be unable to spot the equivalent for the above mentioned aws

I am running EKS in private subnet and thus unable to create an internet facing load balancer but was able to create Internal LoadBalancer. Is there any way I can create Loadbalancer(probably Manually) in public subnet and point to the pods running in EKS in the private subnet. I was thinking of creating the chain of load balancer in which External load balancer will point to internal load balancer but that too is not possible as the IP address of the internal load balancer is reserved IP. Can I try some other way to route the traffic from the internet to pod? I had the same issue and it was

Let me describe my scenario: TL;DR When I create a deployment on Kubernetes with 1 attached volume, everything works perfectly. When I create the same deployment, but with a second volume attached (total: 2 volumes), the pod gets stuck on "Pending" with errors: pod has unbound PersistentVolumeClaims (repeated 2 times) 0/2 nodes are available: 2 node(s) had no available volume zone. Already checked that the volumes are created in the correct availability zones. Detailed description I have a cluster set up using Amazon EKS, with 2 nodes. I have the following default storage class: kind:

EKS documentation says "When you create an Amazon EKS cluster, the IAM entity (user or role) is automatically granted system:master permissions in the cluster's RBAC configuration". But after the EKS cluster creation, if you check the aws-auth config map, it does NOT have the ARN mapping to system:masters group. But I am able to access the cluster via kubectl. So if the aws-auth (heptio config map) DOES NOT have the my ARN (I was the one who created the EKS cluster) mapped to system:masters group, how does the heptio aws authenticator authenticate me? I got to know the answer. Basically on the

Is there a way to add node labels when deploying worker nodes in EKS. I do not see an option in the CF template available for worker nodes. EKS-CF-Workers The only option I see right now is to use kubectl label command to add labels which is post cluster setup. However, the need to have complete automation which means applications are deployed automatically post cluster deployments and labels help in achieving the segregation. Luis Govea With the new EKS-optimized AMIs(amazon-eks-node-vXX) and Cloudformation template refactors provided by AWS it is now possible to add node labels as simple as