Tags: aws
By default Kublr automatically creates all AWS required to run a secure Kubernetes cluster in a single AWS CloudFormation stack. At the same time, sometimes additional resources are necessary to implement complex or extended use-cases.
Kublr supports inclusion of additional AWS Cloudformation resources in the cluster specification.
This makes it possible to tie the additional resources lifecycle to the cluster.
The additional resources can also be referred to in certain cluster specification fields, such as additional security groups, subnets etc.
[Supported in Kublr 1.19.0 and later] Additional resources and parameters can be specified in the following fields in the cluster specification:
- spec.locations[*].aws.resourcesCloudFormationExtras
All resources specified in this section in the cluster spec are included as is in the Cloudformation template section Resources. spec.master.locations[*].aws.asgCloudFormationExtras
spec.nodes[*].locations[*].aws.asgCloudFormationExtras
All fields specified in this section in the cluster spec in the master or a node group are included as is in the Cloudformation template in the corresponding autoscaling group resource.
This is useful to specify the group update policy and potentially other top level ASG properties.- spec.master.locations[*].aws.asgPropertiesCloudFormationExtras
spec.nodes[*].locations[*].aws.asgPropertiesCloudFormationExtras
All fields specified in this section in the cluster spec in the master or a node group are included as is in the Cloudformation template in the corresponding autoscaling group resource in the Properties section. spec.master.locations[*].aws.launchConfigurationPropertiesCloudFormationExtras
spec.nodes[*].locations[*].aws.launchConfigurationPropertiesCloudFormationExtras
All fields specified in this section in the cluster spec in the master or a node group are included as is in the Cloudformation template in the corresponding launch configuration resource in the Properties section, if the corresponding instance group uses launch configuration (group type is asg-lc).spec.master.locations[*].aws.launchTemplateDataCloudFormationExtras
spec.nodes[*].locations[*].aws.launchTemplateDataCloudFormationExtras
All fields specified in this section in the cluster spec in the master or a node group are included as is in the Cloudformation template in the corresponding launch template resource in the Data section, if the corresponding instance group uses launch template (group type is asg-lt).spec.master.locations[*].aws.mixedInstancesPolicyCloudFormationExtras
spec.nodes[*].locations[*].aws.mixedInstancesPolicyCloudFormationExtras
All fields specified in this section in the cluster spec in the master or a node group are included as is in the Cloudformation template in the corresponding autoscaling group resource in the Properties.MixedInstancePolicy section, if the corresponding instance group uses mixed instance policy and launch template (group type is asg-mip).[Kublr 1.19.3+] spec.secretStore.awsS3.secretExchangeBucketCloudFormationExtras
All fields specified in this section in the cluster spec are included as is in the S3 bucket CloudFormation resource section in the cluster CloudFormation template
[Supported in Kublr 1.19.3 and later] The following fields of the cluster specification can reference AWS resources using Cloudformation functions such as Ref or GetAtt:
- spec.locations[*].aws.existingSecurityGroupIds
- spec.master.locations[*].aws.existingSecurityGroupIds
spec.nodes[*].locations[*].aws.existingSecurityGroupIds - spec.master.locations[*].aws.subnetIds
spec.nodes[*].locations[*].aws.subnetIds - spec.master.locations[*].aws.privateMasterPublicElbSubnetIds
spec.nodes[*].locations[*].aws.privateMasterPublicElbSubnetIds - spec.master.locations[*].aws.loadBalancerNames
spec.nodes[*].locations[*].aws.loadBalancerNames - spec.master.locations[*].aws.targetGroupARNs
spec.nodes[*].locations[*].aws.targetGroupARNs - spec.secretStore.awsS3.secretExchangeBucketCloudFormationExtras
- [Kublr 1.22.0+] spec.master.locations[*].aws.masterVolume.kmsKeyId
See examples of using these capabilities for advanced configurations:
- Deploy cluster on AWS with EFS persistence
- Using custom security groups in AWS cluster
- Using custom subnets in AWS cluster
- Using encrypted S3 bucket for the AWS cluster secret exchange store