How to use @pulumi/eks - 10 common examples

To help you get started, we’ve selected a few @pulumi/eks examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github pulumi / kubernetes-guides / aws / 03-cluster-configuration / index.ts View on Github external
import * as pulumi from "@pulumi/pulumi";
import { config } from "./config";

const projectName = pulumi.getProject();

export const adminsIamRoleArn = config.adminsIamRoleArn
export const devsIamRoleArn = config.devsIamRoleArn
export const stdNodegroupIamRoleArn = config.stdNodegroupIamRoleArn
export const perfNodegroupIamRoleArn = config.perfNodegroupIamRoleArn
const adminsIamRoleName = adminsIamRoleArn.apply(s => s.split("/")).apply(s => s[1])
const devsIamRoleName = devsIamRoleArn.apply(s => s.split("/")).apply(s => s[1])
const stdNodegroupIamRoleName = stdNodegroupIamRoleArn.apply(s => s.split("/")).apply(s => s[1])
const perfNodegroupIamRoleName = perfNodegroupIamRoleArn.apply(s => s.split("/")).apply(s => s[1])

// Create an EKS cluster.
const cluster = new eks.Cluster(`${projectName}`, {
    instanceRoles: [
        aws.iam.Role.get("adminsIamRole", stdNodegroupIamRoleName),
        aws.iam.Role.get("devsIamRole", perfNodegroupIamRoleName),
    ],
    roleMappings: [
        {
            roleArn: config.adminsIamRoleArn,
            groups: ["system:masters"],
            username: "pulumi:admins",
        },
        {
            roleArn: config.devsIamRoleArn,
            groups: ["pulumi:devs"],
            username: "pulumi:alice",
        },
    ],
github pulumi / pulumi-eks / nodejs / eks / examples / managed-nodegroups / index.ts View on Github external
import * as aws from "@pulumi/aws";
import * as eks from "@pulumi/eks";
import * as iam from "./iam";

// IAM roles for the node groups.
const role1 = iam.createRole("example-role1");
const role2 = iam.createRole("example-role2");

// Create an EKS cluster.
const cluster = new eks.Cluster("example-managed-nodegroups", {
    skipDefaultNodeGroup: true,
    deployDashboard: false,
    instanceRoles: [role1, role2],
});

// Export the cluster's kubeconfig.
export const kubeconfig = cluster.kubeconfig;

// Create a simple AWS managed node group using a cluster as input.
const managedNodeGroup1 = eks.createManagedNodeGroup("example-managed-ng1", {
    cluster: cluster,
    nodeGroupName: "aws-managed-ng1",
    nodeRoleArn: role1.arn,
}, cluster);

// Create an explicit AWS managed node group using a cluster as input.
github pulumi / pulumi-eks / nodejs / eks / examples / tags / index.ts View on Github external
"project": "foobar",
        "org": "barfoo",
    },
    clusterSecurityGroupTags: { "myClusterSecurityGroupTag1": "true" },
    nodeSecurityGroupTags: { "myNodeSecurityGroupTag1": "true" },
    clusterTags: { "myClusterTag1": "true" },
    deployDashboard: false,
});

// Export the cluster's kubeconfig.
export const kubeconfig1 = cluster1.kubeconfig;

// Create an EKS cluster with no default node group.
const role0 = iam.createRole("example-tags-role0");
const instanceProfile0 = new aws.iam.InstanceProfile("example-tags-instanceProfile0", {role: role0});
const cluster2 = new eks.Cluster("example-tags-cluster2", {
    skipDefaultNodeGroup: true,
    deployDashboard: false,
    instanceRole: role0,
    tags: {
        "project": "foo",
        "org": "bar",
    },
    clusterSecurityGroupTags: { "myClusterSecurityGroupTag2": "true" },
    nodeSecurityGroupTags: { "myNodeSecurityGroupTag2": "true" },
    clusterTags: { "myClusterTag1": "true" },
});

// There are two approaches that can be used to add additional NodeGroups.
// 1. A `createNodeGroup` API on `eks.Cluster`
// 2. A `NodeGroup` resource which accepts an `eks.Cluster` as input
github pulumi / pulumi-eks / nodejs / eks / examples / tags / index.ts View on Github external
import * as aws from "@pulumi/aws";
import * as eks from "@pulumi/eks";
import * as iam from "./iam";

// Create an EKS cluster with cluster and resource tags.
const cluster1 = new eks.Cluster("example-tags-cluster1", {
    instanceType: "t2.medium",
    desiredCapacity: 1,
    minSize: 1,
    maxSize: 2,
    tags: {
        "project": "foobar",
        "org": "barfoo",
    },
    clusterSecurityGroupTags: { "myClusterSecurityGroupTag1": "true" },
    nodeSecurityGroupTags: { "myNodeSecurityGroupTag1": "true" },
    clusterTags: { "myClusterTag1": "true" },
    deployDashboard: false,
});

// Export the cluster's kubeconfig.
export const kubeconfig1 = cluster1.kubeconfig;
github pulumi / infrastructure-as-code-workshop / labs / aws / typescript / lab-04 / code / step3.ts View on Github external
import * as eks from "@pulumi/eks"

// Create an EKS cluster with the default VPC, and default node group with 
// two t2.medium node instances.
const cluster = new eks.Cluster("eks", {
    deployDashboard: false,
});

export const kubeconfig = cluster.kubeconfig;
github pulumi / pulumi-eks / nodejs / eks / examples / private-workers / index.ts View on Github external
import * as awsx from "@pulumi/awsx";
import * as eks from "@pulumi/eks";

const name = "example-private-subnets-cluster";

// Create a VPC that uses private subnets.
const network = new awsx.Network(name, {
    numberOfAvailabilityZones: 2,
    usePrivateSubnets: true,
});

// Create a cluster with the desired specs, that does not auto assign a public
// IP to its workers.
const cluster = new eks.Cluster(name, {
    deployDashboard: false,
    desiredCapacity: 1,
    maxSize: 1,
    vpcId: network.vpcId,
    subnetIds: network.subnetIds,
    nodeAssociatePublicIpAddress: false,
});

export const kubeconfig = cluster.kubeconfig;
github pulumi / pulumi-eks / nodejs / eks / examples / nodegroup / index.ts View on Github external
// Export the cluster's kubeconfig.
export const kubeconfig1 = cluster1.kubeconfig;

/**
 * Per NodeGroup IAM: each NodeGroup will bring its own, specific instance
 * role and profile.
 */

const role1 = iam.createRole("example-role1");
const role2 = iam.createRole("example-role2");
const instanceProfile1 = new aws.iam.InstanceProfile("example-instanceProfile1", {role: role1});
const instanceProfile2 = new aws.iam.InstanceProfile("example-instanceProfile2", {role: role2});

// Create an EKS cluster with many IAM roles to register with the cluster auth.
const cluster2 = new eks.Cluster("example-nodegroup-iam-advanced", {
    skipDefaultNodeGroup: true,
    deployDashboard: false,
    instanceRoles: [role1, role2],
});

// Create node groups using a different `instanceProfile` tied to one of the many
// instance roles registered with the cluster auth through `instanceRoles`.
cluster2.createNodeGroup("example-ng-advanced-ondemand", {
    instanceType: "t2.medium",
    desiredCapacity: 1,
    minSize: 1,
    maxSize: 2,
    labels: {"ondemand": "true"},
    instanceProfile: instanceProfile1,
});
github pulumi / infrastructure-as-code-workshop / labs / aws / typescript / lab-04 / code / step2.ts View on Github external
import * as eks from "@pulumi/eks"

// Create an EKS cluster with the default VPC, and default node group with 
// two t2.medium node instances.
const cluster = new eks.Cluster("eks", {
    deployDashboard: false,
});
github pulumi / examples / aws-ts-eks-migrate-nodegroups / index.ts View on Github external
// Allocate a new VPC with custom settings, and a public & private subnet per AZ.
const vpc = new awsx.ec2.Vpc(`${projectName}`, {
    cidrBlock: "172.16.0.0/16",
    subnets: [{ type: "public" }, { type: "private" }],
});

// Export VPC ID and Subnets.
export const vpcId = vpc.id;
export const allVpcSubnets = vpc.privateSubnetIds.concat(vpc.publicSubnetIds);

// Create 3 IAM Roles and matching InstanceProfiles to use with the nodegroups.
const roles = iam.createRoles(projectName, 3);
const instanceProfiles = iam.createInstanceProfiles(projectName, roles);

// Create an EKS cluster.
const myCluster = new eks.Cluster(`${projectName}`, {
    version: "1.13",
    vpcId: vpcId,
    subnetIds: allVpcSubnets,
    nodeAssociatePublicIpAddress: false,
    skipDefaultNodeGroup: true,
    deployDashboard: false,
    instanceRoles: roles,
    enabledClusterLogTypes: ["api", "audit", "authenticator",
        "controllerManager", "scheduler"],
});
export const kubeconfig = myCluster.kubeconfig;
export const clusterName = myCluster.core.cluster.name;

// Create a Standard node group of t2.medium workers.
const ngStandard = utils.createNodeGroup(`${projectName}-ng-standard`, {
    ami: "ami-03a55127c613349a7", // k8s v1.13.7 in us-west-2
github pulumi / pulumi-eks / nodejs / eks / examples / nodegroup / index.ts View on Github external
* Identical IAM for all NodeGroups: all NodeGroups share the same `instanceRole`.
 */

// Create example IAM roles and profiles to show to use them with NodeGroups.
// Note, all roles for the instance profiles are requried to at least have
// the following EKS Managed Policies attached to successfully auth and join the
// cluster:
//   - "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"
//   - "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
//   - "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
const role0 = iam.createRole("example-role0");
const instanceProfile0 = new aws.iam.InstanceProfile("example-instanceProfile0", {role: role0});

// Create an EKS cluster with a shared IAM instance role to register with the
// cluster auth.
const cluster1 = new eks.Cluster("example-nodegroup-iam-simple", {
    skipDefaultNodeGroup: true,
    deployDashboard: false,
    instanceRole: role0,
});

// There are two approaches that can be used to add additional NodeGroups.
// 1. A `createNodeGroup` API on `eks.Cluster`
// 2. A `NodeGroup` resource which accepts an `eks.Cluster` as input

// Create the node group using an `instanceProfile` tied to the shared, cluster
// instance role registered with the cluster auth through `instanceRole`.
cluster1.createNodeGroup("example-ng-simple-ondemand", {
    instanceType: "t2.medium",
    desiredCapacity: 1,
    minSize: 1,
    maxSize: 2,

@pulumi/eks

Pulumi Amazon Web Services (AWS) EKS Components.

Apache-2.0
Latest version published 20 days ago

Package Health Score

84 / 100
Full package analysis