Created
March 28, 2021 17:31
-
-
Save tbaums/0c4261c86dfa3e33ad8b32982b2a8ad8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aws eks update-kubeconfig --name $CLUSTERNAME | |
export INSTANCE_TYPE=m5d.4xlarge | |
aws eks create-nodegroup \ | |
--cluster-name ${CLUSTERNAME?} \ | |
--nodegroup-name general-workers \ | |
--disk-size 200 \ | |
--scaling-config minSize=1,maxSize=3,desiredSize=2 \ | |
--subnets ${SUBNETIDS?} \ | |
--instance-types ${INSTANCE_TYPE?} \ | |
--ami-type AL2_x86_64 \ | |
--node-role arn:aws:iam::${ACCOUNT_ID?}:role/eksWorkerNodeRole \ | |
--labels role=general-worker \ | |
--tags owner=${AWS_ACCOUNT?}/${AWS_IAM_USER?},kubernetes.io/cluster/${CLUSTERNAME?}=owned \ | |
--kubernetes-version 1.17 | |
# add IAM user to cluster access configmap | |
cat<<EOF | kubectl apply -f - | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: aws-auth | |
namespace: kube-system | |
data: | |
mapRoles: | | |
- rolearn: arn:aws:sts::409688176173:assumed-role/mtanenbaum-ekf-max/i-05fb2a592c2c060ad | |
username: system:node:{{EC2PrivateDNSName}} | |
groups: | |
- system:bootstrappers | |
- system:nodes | |
mapUsers: | | |
- userarn: arn:aws:iam::409688176173:user/michael.tanenbaum | |
username: iam-user-mtanenbaum-admin | |
groups: | |
- system:masters | |
EOF | |
#rok-tools currently requires a file in paths below, even if using IAM Role attached to jumphost | |
mkdir ~/.aws | |
touch ~/.aws/config | |
touch ~/.aws/credentials | |
rok-deploy |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment