Amazon Linux

apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: <EKS_Cluster_Name> version: "<EKS_Version>" region: <Region> cloudWatch: clusterLogging: enableTypes: ["*"] iamIdentityMappings: - arn: arn:aws:iam::<Account ID>:role/<Role name> groups: - system:masters username: admin noDuplicateARNs: true iam: withOIDC: true serviceAccounts: - metadata: name: aws-load-balancer-controller namespace: kube-system wellKnownPolicies: awsLoadBalancerController: true - metadata: name: cert-manager namespace: cert-manager wellKnownPolicies: certManager: true - metadata: name: cluster-autoscaler namespace: kube-system labels: {aws-usage: "cluster-ops"} wellKnownPolicies: autoScaler: true - metadata: name: autoscaler-service namespace: kube-system attachPolicy: Version: "2012-10-17" Statement: - Effect: Allow Action: - "autoscaling:DescribeAutoScalingGroups" - "autoscaling:DescribeAutoScalingInstances" - "autoscaling:DescribeLaunchConfigurations" - "autoscaling:DescribeTags" - "autoscaling:SetDesiredCapacity" - "autoscaling:TerminateInstanceInAutoScalingGroup" - "ec2:DescribeLaunchTemplateVersions" Resource: '*' vpc: subnets: public: <Region>a: { id: public_a } <Region>b: { id: public_b } <Region>c: { id: public_c } private: <Region>a: { id: private_a } <Region>b: { id: private_b } <Region>c: { id: private_c } managedNodeGroups: - name: <Worker Node Group name> labels: { <key>: <value> } instanceName: <Instance name> instanceType: <Instance Type> desiredCapacity: 2 minSize: 2 maxSize: 20 privateNetworking: true tags: k8s.io/cluster-autoscaler/enabled: "true" k8s.io/cluster-autoscaler/<EKS_Cluster_Name>: "owned"

apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: <EKS_Cluster_Name> version: "<EKS_Version>" region: <Region> tags: karpenter.sh/discovery: <EKS_Cluster_Name> cloudWatch: clusterLogging: enableTypes: ["*"] iamIdentityMappings: - arn: arn:aws:iam::<Account ID>:role/<Role name> groups: - system:masters username: admin noDuplicateARNs: true iam: withOIDC: true serviceAccounts: - metadata: name: aws-load-balancer-controller namespace: kube-system wellKnownPolicies: awsLoadBalancerController: true - metadata: name: cert-manager namespace: cert-manager wellKnownPolicies: certManager: true karpenter: version: '0.37.0' createServiceAccount: true vpc: subnets: public: <Region>a: { id: public_a } <Region>b: { id: public_b } <Region>c: { id: public_c } private: <Region>a: { id: private_a } <Region>b: { id: private_b } <Region>c: { id: private_c } managedNodeGroups: - name: <Worker Node Group name> labels: { <key>: <value> } instanceName: <Instance name> instanceType: <Instance Type> desiredCapacity: 2 minSize: 2 maxSize: 20 privateNetworking: true

apiVersion: karpenter.sh/v1alpha5 kind: Provisioner metadata: name: apps spec: requirements: - key: karpenter.k8s.aws/instance-size operator: NotIn values: [nano, micro, small] # Instance Size - key: "node.kubernetes.io/instance-type" operator: In values: ["c5.large"] # Instance Type - key: "kubernetes.io/arch" operator: In values: ["amd64"] - key: "karpenter.sh/capacity-type" operator: In values: ["on-demand"] # ["on-demand", "spot"] - key: "topology.kubernetes.io/zone" # AZ operator: In values: ["ap-northeast-2a", "ap-northeast-2b", "ap-northeast-2c"] providerRef: name: apps-provider taints: - key: dedicated value: app effect: NoSchedule ttlSecondsAfterEmpty: 300 # ttlSecondsUntilExpired: 2592000 # 30 Days = 60 * 60 * 24 * 30 Seconds; --- apiVersion: karpenter.k8s.aws/v1alpha1 kind: AWSNodeTemplate metadata: name: apps-provider spec: amiFamily: Bottlerocket subnetSelector: # required karpenter.sh/discovery: skills-cluster securityGroupSelector: # required, when not using launchTemplate karpenter.sh/discovery: skills-cluster blockDeviceMappings: - deviceName: /dev/xvda ebs: volumeType: gp3 volumeSize: 20Gi deleteOnTermination: true # userData: "" metadataOptions: httpEndpoint: enabled httpProtocolIPv6: disabled httpPutResponseHopLimit: 2 httpTokens: required