OBJECTIVE: Setup EKS Kubernetes with 2 Autoscaling groups in private and public subnets. One nodes group stack should have 3-10 nodes in private subnets. Second nodes group stack should have 2-4 nodes in public subnets.
ISSUE: AWS IAM Authenticator configuration map unregister from EKS cluster different nodes group.
SOLUTION:
Create AWS IAM Authenticator configuration map with both nodes groups:
cat > ./aws-auth-cm-all.yaml <
apiVersion: v1
kind: ConfigMap
metadata:
name: aws-auth
namespace: kube-system
data:
mapRoles: |
- rolearn: ${EKS_INSTANCE_ROLE_PUBLIC}
username: system:node:{{EC2PrivateDNSName}}
groups:
- system:bootstrappers
- system:nodes
- rolearn: ${EKS_INSTANCE_ROLE_PRIVATE}
username: system:node:{{EC2PrivateDNSName}}
groups:
- system:bootstrappers
- system:nodes
EOF
cat ./aws-auth-cm-all.yaml
kubectl apply -f ./aws-auth-cm-all.yamlLINKS:
https://docs.aws.amazon.com/eks/latest/userguide/launch-workers.html
P.S. I have to change Blog to different, code friendly.
Сообщения
