如何使用Terraform配置AWS EKS自动缩放器?

时间:2019-09-13 18:51:38

标签: kubernetes terraform amazon-eks

我正在使用AWS EKS提供程序(github.com/terraform-aws-modules/terraform-aws-eks)。我正在使用https://learn.hashicorp.com/terraform/aws/eks-intro

跟随本教程

但是,这似乎没有启用自动缩放功能...似乎缺少了cluster-autoscaler pod /守护程序?

Terraform是否可以提供此功能?还是我需要按照以下指南进行设置:https://eksworkshop.com/scaling/deploy_ca/

2 个答案:

答案 0 :(得分:2)

您可以使用Terraform部署Kubernetes资源。既有Kubernetes提供者,又有Helm提供者。 

data "aws_eks_cluster_auth" "authentication" {
  name = "${var.cluster_id}"
}

provider "kubernetes" {
  # Use the token generated by AWS iam authenticator to connect as the provider does not support exec auth
  # see: https://github.com/terraform-providers/terraform-provider-kubernetes/issues/161
  host = "${var.cluster_endpoint}"

  cluster_ca_certificate = "${base64decode(var.cluster_certificate_authority_data)}"
  token                  = "${data.aws_eks_cluster_auth.authentication.token}"
  load_config_file       = false
}

provider "helm" {
  install_tiller  = "true"
  tiller_image    = "gcr.io/kubernetes-helm/tiller:v2.12.3"
}

resource "helm_release" "cluster_autoscaler" {
  name       = "cluster-autoscaler"
  repository = "stable"
  chart      = "cluster-autoscaler"
  namespace  = "kube-system"
  version    = "0.12.2"

  set {
    name  = "autoDiscovery.enabled"
    value = "true"
  }

  set {
    name  = "autoDiscovery.clusterName"
    value = "${var.cluster_name}"
  }

  set {
    name  = "cloudProvider"
    value = "aws"
  }

  set {
    name  = "awsRegion"
    value = "${data.aws_region.current_region.name}"
  }

  set {
    name  = "rbac.create"
    value = "true"
  }

  set {
    name  = "sslCertPath"
    value = "/etc/ssl/certs/ca-bundle.crt"
  }
}

答案 1 :(得分:0)

下面的答案仍未完成...但是至少可以使我更进一步……

1。

kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default
helm install stable/cluster-autoscaler --name my-release --set "autoscalingGroups[0].name=demo,autoscalingGroups[0].maxSize=10,autoscalingGroups[0].minSize=1" --set rbac.create=true

然后手动修复证书路径:

kubectl edit deployments my-release-aws-cluster-autoscaler

替换以下内容:

path: /etc/ssl/certs/ca-bundle.crt

使用

path: /etc/ssl/certs/ca-certificates.crt

2。

在AWS控制台中,将AdministratorAccess策略分配给terraform-eks-demo-node角色。

3。

使用(nodes)更新kubectl edit deployments my-release-aws-cluster-autoscaler参数

        - --nodes=1:10:terraform-eks-demo20190922124246790200000007
相关问题
最新问题