我在AWS(Linux)上使用带有工作者节点的terraform代码配置的EKS集群(1.16)。下面的代码用于创建eks worker节点(Linux):
resource "aws_eks_node_group" "default-worker-nodes-group" {
cluster_name = "${var.eks_cluster_name}"
node_group_name = "${var.eks_cluster_node_group_name}"
node_role_arn = "${var.eks_worker_node_role_arn}"
subnet_ids = ["${var.eks_worker_subnet_ids}"]
ami_type = "${var.ami_type}"
instance_types = "${var.instance_type}"
disk_size = "${var.volume_size}"
release_version = "${var.release_version}"
version = "${var.eks_cluster_version}"
remote_access {
ec2_ssh_key = "${var.ec2_ssh_key}"
source_security_group_ids = ["${var.eks_worker_security_groups_ids}"]
}
}
我想添加其他Windows worker节点。怎么做?
我在下面定义Linux节点的实例角色的ARN。对于Windows,我可以使用与Linux相同的角色吗?换句话说,Windows节点的实例角色的ARN与Linux节点的实例角色的ARN相同吗?
#eks workers roles
resource "aws_iam_role" "eks-workernode-role" {
name = "${var.eks_workernode_iam_role_name}"
assume_role_policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
POLICY
}
data:
mapRoles: |
- rolearn: ${aws_iam_role.eks-workernode-role.arn}
username: system:node:{{EC2PrivateDNSName}}
groups:
- system:bootstrappers
- system:nodes
答案 0 :(得分:1)
您需要使用Windows-AMI的AMI,请参见Amazon EKS optimized Windows AMIs。
您还需要Launching self-managed Windows nodes中所述的aws-auth ConfigMap中的角色,与mapRoles类似
groups:
- system:bootstrappers
- system:nodes
- eks:kube-proxy-windows