@pulumi/eks 2.8.1 → 2.9.0-alpha.1727304793

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (125) hide show
  1. package/addon.d.ts +61 -13
  2. package/addon.js +45 -18
  3. package/addon.js.map +1 -1
  4. package/cluster.d.ts +291 -585
  5. package/cluster.js +120 -947
  6. package/cluster.js.map +1 -1
  7. package/clusterCreationRoleProvider.d.ts +28 -0
  8. package/clusterCreationRoleProvider.js +47 -0
  9. package/clusterCreationRoleProvider.js.map +1 -0
  10. package/clusterMixins.d.ts +71 -0
  11. package/clusterMixins.js +107 -0
  12. package/clusterMixins.js.map +1 -0
  13. package/index.d.ts +31 -7
  14. package/index.js +80 -34
  15. package/index.js.map +1 -1
  16. package/managedNodeGroup.d.ts +221 -0
  17. package/managedNodeGroup.js +81 -0
  18. package/managedNodeGroup.js.map +1 -0
  19. package/nodeGroup.d.ts +273 -0
  20. package/nodeGroup.js +93 -0
  21. package/nodeGroup.js.map +1 -0
  22. package/nodeGroupSecurityGroup.d.ts +51 -0
  23. package/nodeGroupSecurityGroup.js +60 -0
  24. package/nodeGroupSecurityGroup.js.map +1 -0
  25. package/nodeGroupV2.d.ts +280 -0
  26. package/nodeGroupV2.js +90 -0
  27. package/nodeGroupV2.js.map +1 -0
  28. package/nodegroupMixins.d.ts +203 -0
  29. package/{securitygroup.js → nodegroupMixins.js} +25 -36
  30. package/nodegroupMixins.js.map +1 -0
  31. package/package.json +8 -36
  32. package/provider.d.ts +21 -0
  33. package/provider.js +38 -0
  34. package/provider.js.map +1 -0
  35. package/{storageclass.js → storageclassMixins.js} +1 -14
  36. package/storageclassMixins.js.map +1 -0
  37. package/types/enums/index.d.ts +170 -0
  38. package/types/enums/index.js +145 -0
  39. package/types/enums/index.js.map +1 -0
  40. package/types/index.d.ts +4 -0
  41. package/types/index.js +13 -0
  42. package/types/index.js.map +1 -0
  43. package/types/input.d.ts +745 -0
  44. package/types/input.js +30 -0
  45. package/types/input.js.map +1 -0
  46. package/types/output.d.ts +422 -0
  47. package/types/output.js +5 -0
  48. package/types/output.js.map +1 -0
  49. package/utilities.d.ts +8 -1
  50. package/utilities.js +90 -17
  51. package/utilities.js.map +1 -1
  52. package/vpcCniAddon.d.ts +175 -0
  53. package/vpcCniAddon.js +88 -0
  54. package/vpcCniAddon.js.map +1 -0
  55. package/LICENSE +0 -202
  56. package/README.md +0 -77
  57. package/authenticationMode.d.ts +0 -24
  58. package/authenticationMode.js +0 -172
  59. package/authenticationMode.js.map +0 -1
  60. package/authenticationMode.test.d.ts +0 -1
  61. package/authenticationMode.test.js +0 -208
  62. package/authenticationMode.test.js.map +0 -1
  63. package/cert-thumprint.d.ts +0 -16
  64. package/cert-thumprint.js +0 -113
  65. package/cert-thumprint.js.map +0 -1
  66. package/cmd/provider/addon.d.ts +0 -1
  67. package/cmd/provider/addon.js +0 -40
  68. package/cmd/provider/addon.js.map +0 -1
  69. package/cmd/provider/cluster.d.ts +0 -1
  70. package/cmd/provider/cluster.js +0 -71
  71. package/cmd/provider/cluster.js.map +0 -1
  72. package/cmd/provider/cni.d.ts +0 -2
  73. package/cmd/provider/cni.js +0 -291
  74. package/cmd/provider/cni.js.map +0 -1
  75. package/cmd/provider/index.d.ts +0 -1
  76. package/cmd/provider/index.js +0 -171
  77. package/cmd/provider/index.js.map +0 -1
  78. package/cmd/provider/nodegroup.d.ts +0 -1
  79. package/cmd/provider/nodegroup.js +0 -89
  80. package/cmd/provider/nodegroup.js.map +0 -1
  81. package/cmd/provider/randomSuffix.d.ts +0 -1
  82. package/cmd/provider/randomSuffix.js +0 -52
  83. package/cmd/provider/randomSuffix.js.map +0 -1
  84. package/cmd/provider/schema.json +0 -1909
  85. package/cmd/provider/securitygroup.d.ts +0 -1
  86. package/cmd/provider/securitygroup.js +0 -41
  87. package/cmd/provider/securitygroup.js.map +0 -1
  88. package/cni/README.md +0 -6
  89. package/cni/aws-k8s-cni.yaml +0 -602
  90. package/cni.d.ts +0 -177
  91. package/cni.js +0 -64
  92. package/cni.js.map +0 -1
  93. package/dashboard/heapster-rbac.yaml +0 -12
  94. package/dashboard/heapster.yaml +0 -46
  95. package/dashboard/influxdb.yaml +0 -40
  96. package/dashboard/kubernetes-dashboard.yaml +0 -167
  97. package/dashboard.d.ts +0 -5
  98. package/dashboard.js +0 -58
  99. package/dashboard.js.map +0 -1
  100. package/dependencies.d.ts +0 -2
  101. package/dependencies.js +0 -81
  102. package/dependencies.js.map +0 -1
  103. package/dependencies.test.d.ts +0 -1
  104. package/dependencies.test.js +0 -133
  105. package/dependencies.test.js.map +0 -1
  106. package/nodegroup.d.ts +0 -515
  107. package/nodegroup.js +0 -1152
  108. package/nodegroup.js.map +0 -1
  109. package/nodegroup.test.d.ts +0 -1
  110. package/nodegroup.test.js +0 -336
  111. package/nodegroup.test.js.map +0 -1
  112. package/package.json.dev +0 -67
  113. package/randomSuffix.d.ts +0 -1
  114. package/randomSuffix.js +0 -51
  115. package/randomSuffix.js.map +0 -1
  116. package/securitygroup.d.ts +0 -52
  117. package/securitygroup.js.map +0 -1
  118. package/servicerole.d.ts +0 -43
  119. package/servicerole.js +0 -72
  120. package/servicerole.js.map +0 -1
  121. package/storageclass.js.map +0 -1
  122. package/utils.d.ts +0 -23
  123. package/utils.js +0 -16
  124. package/utils.js.map +0 -1
  125. /package/{storageclass.d.ts → storageclassMixins.d.ts} +0 -0
package/cni.d.ts DELETED
@@ -1,177 +0,0 @@
1
- import * as pulumi from "@pulumi/pulumi";
2
- /**
3
- * VpcCniOptions describes the configuration options available for the Amazon VPC CNI plugin for Kubernetes.
4
- */
5
- export interface VpcCniOptions {
6
- /**
7
- * Specifies whether NodePort services are enabled on a worker node's primary network interface. This requires
8
- * additional iptables rules and that the kernel's reverse path filter on the primary interface is set to loose.
9
- *
10
- * Defaults to true.
11
- */
12
- nodePortSupport?: pulumi.Input<boolean>;
13
- /**
14
- * Specifies that your pods may use subnets and security groups (within the same VPC as your control plane
15
- * resources) that are independent of your cluster's `resourcesVpcConfig`.
16
- *
17
- * Defaults to false.
18
- */
19
- customNetworkConfig?: pulumi.Input<boolean>;
20
- /**
21
- * Specifies whether an external NAT gateway should be used to provide SNAT of secondary ENI IP addresses. If set
22
- * to true, the SNAT iptables rule and off-VPC IP rule are not applied, and these rules are removed if they have
23
- * already been applied.
24
- *
25
- * Defaults to false.
26
- */
27
- externalSnat?: pulumi.Input<boolean>;
28
- /**
29
- * Specifies the number of free elastic network interfaces (and all of their available IP addresses) that the ipamD
30
- * daemon should attempt to keep available for pod assignment on the node.
31
- *
32
- * Defaults to 1.
33
- */
34
- warmEniTarget?: pulumi.Input<number>;
35
- /**
36
- * Specifies the number of free IP addresses that the ipamD daemon should attempt to keep available for pod
37
- * assignment on the node.
38
- */
39
- warmIpTarget?: pulumi.Input<number>;
40
- /**
41
- * WARM_PREFIX_TARGET will allocate one full (/28) prefix even if a single IP is consumed with the existing prefix.
42
- * Ref: https://github.com/aws/amazon-vpc-cni-k8s/blob/master/docs/prefix-and-ip-target.md
43
- */
44
- warmPrefixTarget?: pulumi.Input<number>;
45
- /**
46
- * IPAMD will start allocating (/28) prefixes to the ENIs with ENABLE_PREFIX_DELEGATION set to true.
47
- * Ref: https://github.com/aws/amazon-vpc-cni-k8s/blob/master/docs/prefix-and-ip-target.md
48
- */
49
- enablePrefixDelegation?: pulumi.Input<boolean>;
50
- /**
51
- * VPC CNI can operate in either IPv4 or IPv6 mode. Setting ENABLE_IPv6 to true. will configure it in IPv6 mode.
52
- * Note that IPv6 is only supported in Prefix Delegation mode so enablePrefixDelegation must also be set.
53
- *
54
- * Ref: https://github.com/aws/amazon-vpc-cni-k8s/blob/master/README.md#enable_ipv6-v1100
55
- */
56
- enableIpv6?: pulumi.Input<boolean>;
57
- /**
58
- * Specifies the log level used for logs.
59
- *
60
- * Defaults to "DEBUG".
61
- * See more options: https://git.io/fj92K
62
- */
63
- logLevel?: pulumi.Input<string>;
64
- /**
65
- * Specifies the file path used for logs.
66
- *
67
- * Defaults to "stdout" to emit Pod logs for `kubectl logs`.
68
- */
69
- logFile?: pulumi.Input<string>;
70
- /**
71
- * Specifies the aws-node container image to use in the AWS CNI cluster DaemonSet.
72
- *
73
- * Defaults to the official AWS CNI image in ECR.
74
- */
75
- image?: pulumi.Input<string>;
76
- /**
77
- * Specifies the aws-eks-nodeagent container image to use in the AWS CNI cluster DaemonSet.
78
- *
79
- * Defaults to the official AWS CNI image in ECR.
80
- */
81
- nodeAgentImage?: pulumi.Input<string>;
82
- /**
83
- * Specifies the init container image to use in the AWS CNI cluster DaemonSet.
84
- *
85
- * Defaults to the official AWS CNI init container image in ECR.
86
- */
87
- initImage?: pulumi.Input<string>;
88
- /**
89
- * Specifies the veth prefix used to generate the host-side veth device
90
- * name for the CNI.
91
- *
92
- * The prefix can be at most 4 characters long.
93
- *
94
- * Defaults to "eni".
95
- */
96
- vethPrefix?: pulumi.Input<string>;
97
- /**
98
- * Used to configure the MTU size for attached ENIs. The valid range is
99
- * from 576 to 9001.
100
- *
101
- * Defaults to 9001.
102
- */
103
- eniMtu?: pulumi.Input<number>;
104
- eniConfigLabelDef?: pulumi.Input<string>;
105
- /**
106
- * Specifies the log level used for plugin logs.
107
- *
108
- * Defaults to "DEBUG".
109
- */
110
- pluginLogLevel?: pulumi.Input<string>;
111
- /**
112
- * Specifies the file path used for plugin logs.
113
- *
114
- * Defaults to "stdout" to emit Plugin logs.
115
- */
116
- pluginLogFile?: pulumi.Input<string>;
117
- /**
118
- * Specifies whether to allow IPAMD to add the `vpc.amazonaws.com/has-trunk-attached` label to the node if the
119
- * instance has capacity to attach an additional ENI.
120
- *
121
- * If using liveness and readiness probes, you will also need to disable TCP early demux.
122
- *
123
- * Defaults to "false".
124
- */
125
- enablePodEni?: pulumi.Input<boolean>;
126
- /**
127
- * Allows the kubelet's liveness and readiness probes to connect via TCP when pod ENI is enabled.
128
- * This will slightly increase local TCP connection latency.
129
- *
130
- * Defaults to "false".
131
- */
132
- disableTcpEarlyDemux?: pulumi.Input<boolean>;
133
- /**
134
- * Specifies whether ipamd should configure rp filter for primary interface.
135
- *
136
- * Defaults to "false".
137
- */
138
- cniConfigureRpfilter?: pulumi.Input<boolean>;
139
- /**
140
- * Specifies that your pods may use subnets and security groups that are independent of your worker node's
141
- * VPC configuration. By default, pods share the same subnet and security groups as the worker node's primary
142
- * interface. Setting this variable to true causes ipamd to use the security groups and VPC subnet in a worker
143
- * node's ENIConfig for elastic network interface allocation. You must create an ENIConfig custom resource for
144
- * each subnet that your pods will reside in, and then annotate or label each worker node to use a specific
145
- * ENIConfig (multiple worker nodes can be annotated or labelled with the same ENIConfig). Worker nodes can only
146
- * be annotated with a single ENIConfig at a time, and the subnet in the ENIConfig must belong to the same
147
- * Availability Zone that the worker node resides in. For more information, see CNI Custom Networking in the
148
- * Amazon EKS User Guide.
149
- *
150
- * Defaults to "false".
151
- */
152
- cniCustomNetworkCfg?: pulumi.Input<boolean>;
153
- /**
154
- * Specifies whether an external NAT gateway should be used to provide SNAT of secondary ENI IP addresses. If set
155
- * to true, the SNAT iptables rule and off-VPC IP rule are not applied, and these rules are removed if they have
156
- * already been applied. Disable SNAT if you need to allow inbound communication to your pods from external VPNs,
157
- * direct connections, and external VPCs, and your pods do not need to access the Internet directly via an Internet
158
- * Gateway. However, your nodes must be running in a private subnet and connected to the internet through an AWS NAT
159
- * Gateway or another external NAT device.
160
- *
161
- * Defaults to "false".
162
- */
163
- cniExternalSnat?: pulumi.Input<boolean>;
164
- /**
165
- * Pass privilege to containers securityContext
166
- * this is required when SELinux is enabled
167
- * This value will not be passed to the CNI config by default
168
- */
169
- securityContextPrivileged?: pulumi.Input<boolean>;
170
- }
171
- /**
172
- * VpcCni manages the configuration of the Amazon VPC CNI plugin for Kubernetes by applying its YAML chart. Once Pulumi is
173
- * able to programatically manage existing infrastructure, we can replace this with a real k8s resource.
174
- */
175
- export declare class VpcCni extends pulumi.CustomResource {
176
- constructor(name: string, kubeconfig: pulumi.Input<any>, args?: VpcCniOptions, opts?: pulumi.CustomResourceOptions);
177
- }
package/cni.js DELETED
@@ -1,64 +0,0 @@
1
- "use strict";
2
- // Copyright 2016-2019, Pulumi Corporation.
3
- //
4
- // Licensed under the Apache License, Version 2.0 (the "License");
5
- // you may not use this file except in compliance with the License.
6
- // You may obtain a copy of the License at
7
- //
8
- // http://www.apache.org/licenses/LICENSE-2.0
9
- //
10
- // Unless required by applicable law or agreed to in writing, software
11
- // distributed under the License is distributed on an "AS IS" BASIS,
12
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
- // See the License for the specific language governing permissions and
14
- // limitations under the License.
15
- Object.defineProperty(exports, "__esModule", { value: true });
16
- exports.VpcCni = void 0;
17
- const pulumi = require("@pulumi/pulumi");
18
- const utilities = require("./utilities");
19
- // Dynamic providers don't currently work well with multi-language components [1]. To workaround this, the
20
- // dynamic providers in this library have been ported to be custom resources implemented by the new provider
21
- // plugin. An alias is used and care has been taken in the implementation inside the provider to avoid any
22
- // diffs for any existing stacks that were created using the old dynamic provider.
23
- // [1] https://github.com/pulumi/pulumi/issues/5455
24
- /**
25
- * VpcCni manages the configuration of the Amazon VPC CNI plugin for Kubernetes by applying its YAML chart. Once Pulumi is
26
- * able to programatically manage existing infrastructure, we can replace this with a real k8s resource.
27
- */
28
- class VpcCni extends pulumi.CustomResource {
29
- constructor(name, kubeconfig, args, opts) {
30
- const defaultOpts = {
31
- version: utilities.getVersion(),
32
- // This was previously implemented as a dynamic provider, so alias the old type.
33
- aliases: [{ type: "pulumi-nodejs:dynamic:Resource" }],
34
- };
35
- opts = pulumi.mergeOptions(opts, defaultOpts);
36
- super("eks:index:VpcCni", name, {
37
- kubeconfig: kubeconfig,
38
- nodePortSupport: args === null || args === void 0 ? void 0 : args.nodePortSupport,
39
- customNetworkConfig: args === null || args === void 0 ? void 0 : args.customNetworkConfig,
40
- externalSnat: args === null || args === void 0 ? void 0 : args.externalSnat,
41
- warmEniTarget: args === null || args === void 0 ? void 0 : args.warmEniTarget,
42
- warmIpTarget: args === null || args === void 0 ? void 0 : args.warmIpTarget,
43
- enablePrefixDelegation: args === null || args === void 0 ? void 0 : args.enablePrefixDelegation,
44
- enableIpv6: args === null || args === void 0 ? void 0 : args.enableIpv6,
45
- warmPrefixTarget: args === null || args === void 0 ? void 0 : args.warmPrefixTarget,
46
- logLevel: args === null || args === void 0 ? void 0 : args.logLevel,
47
- logFile: args === null || args === void 0 ? void 0 : args.logFile,
48
- image: args === null || args === void 0 ? void 0 : args.image,
49
- nodeAgentImage: args === null || args === void 0 ? void 0 : args.nodeAgentImage,
50
- initImage: args === null || args === void 0 ? void 0 : args.initImage,
51
- eniConfigLabelDef: args === null || args === void 0 ? void 0 : args.eniConfigLabelDef,
52
- pluginLogLevel: args === null || args === void 0 ? void 0 : args.pluginLogLevel,
53
- pluginLogFile: args === null || args === void 0 ? void 0 : args.pluginLogFile,
54
- enablePodEni: args === null || args === void 0 ? void 0 : args.enablePodEni,
55
- disableTcpEarlyDemux: args === null || args === void 0 ? void 0 : args.disableTcpEarlyDemux,
56
- cniConfigureRpfilter: args === null || args === void 0 ? void 0 : args.cniConfigureRpfilter,
57
- cniCustomNetworkCfg: args === null || args === void 0 ? void 0 : args.cniCustomNetworkCfg,
58
- cniExternalSnat: args === null || args === void 0 ? void 0 : args.cniExternalSnat,
59
- securityContextPrivileged: args === null || args === void 0 ? void 0 : args.securityContextPrivileged,
60
- }, opts);
61
- }
62
- }
63
- exports.VpcCni = VpcCni;
64
- //# sourceMappingURL=cni.js.map
package/cni.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"cni.js","sourceRoot":"","sources":["../cni.ts"],"names":[],"mappings":";AAAA,2CAA2C;AAC3C,EAAE;AACF,kEAAkE;AAClE,mEAAmE;AACnE,0CAA0C;AAC1C,EAAE;AACF,iDAAiD;AACjD,EAAE;AACF,sEAAsE;AACtE,oEAAoE;AACpE,2EAA2E;AAC3E,sEAAsE;AACtE,iCAAiC;;;AAEjC,yCAAyC;AACzC,yCAAyC;AAyMzC,0GAA0G;AAC1G,4GAA4G;AAC5G,0GAA0G;AAC1G,kFAAkF;AAClF,mDAAmD;AAEnD;;;GAGG;AACH,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAC7C,YACI,IAAY,EACZ,UAA6B,EAC7B,IAAoB,EACpB,IAAmC;QAEnC,MAAM,WAAW,GAAG;YAChB,OAAO,EAAE,SAAS,CAAC,UAAU,EAAE;YAC/B,gFAAgF;YAChF,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,gCAAgC,EAAE,CAAC;SACxD,CAAC;QACF,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QAC9C,KAAK,CACD,kBAAkB,EAClB,IAAI,EACJ;YACI,UAAU,EAAE,UAAU;YACtB,eAAe,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe;YACtC,mBAAmB,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,mBAAmB;YAC9C,YAAY,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY;YAChC,aAAa,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,aAAa;YAClC,YAAY,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY;YAChC,sBAAsB,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,sBAAsB;YACpD,UAAU,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,UAAU;YAC5B,gBAAgB,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,gBAAgB;YACxC,QAAQ,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,QAAQ;YACxB,OAAO,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO;YACtB,KAAK,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,KAAK;YAClB,cAAc,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc;YACpC,SAAS,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,SAAS;YAC1B,iBAAiB,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,iBAAiB;YAC1C,cAAc,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc;YACpC,aAAa,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,aAAa;YAClC,YAAY,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY;YAChC,oBAAoB,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,oBAAoB;YAChD,oBAAoB,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,oBAAoB;YAChD,mBAAmB,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,mBAAmB;YAC9C,eAAe,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe;YACtC,yBAAyB,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,yBAAyB;SAC7D,EACD,IAAI,CACP,CAAC;IACN,CAAC;CACJ;AA5CD,wBA4CC"}
@@ -1,12 +0,0 @@
1
- kind: ClusterRoleBinding
2
- apiVersion: rbac.authorization.k8s.io/v1beta1
3
- metadata:
4
- name: heapster
5
- roleRef:
6
- apiGroup: rbac.authorization.k8s.io
7
- kind: ClusterRole
8
- name: system:heapster
9
- subjects:
10
- - kind: ServiceAccount
11
- name: heapster
12
- namespace: kube-system
@@ -1,46 +0,0 @@
1
- apiVersion: v1
2
- kind: ServiceAccount
3
- metadata:
4
- name: heapster
5
- namespace: kube-system
6
- ---
7
- apiVersion: extensions/v1beta1
8
- kind: Deployment
9
- metadata:
10
- name: heapster
11
- namespace: kube-system
12
- spec:
13
- replicas: 1
14
- template:
15
- metadata:
16
- labels:
17
- task: monitoring
18
- k8s-app: heapster
19
- spec:
20
- serviceAccountName: heapster
21
- containers:
22
- - name: heapster
23
- image: k8s.gcr.io/heapster-amd64:v1.5.4
24
- imagePullPolicy: IfNotPresent
25
- command:
26
- - /heapster
27
- - --source=kubernetes:https://kubernetes.default
28
- - --sink=influxdb:http://monitoring-influxdb.kube-system.svc:8086
29
- ---
30
- apiVersion: v1
31
- kind: Service
32
- metadata:
33
- labels:
34
- task: monitoring
35
- # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
36
- # If you are NOT using this as an addon, you should comment out this line.
37
- kubernetes.io/cluster-service: "true"
38
- kubernetes.io/name: Heapster
39
- name: heapster
40
- namespace: kube-system
41
- spec:
42
- ports:
43
- - port: 80
44
- targetPort: 8082
45
- selector:
46
- k8s-app: heapster
@@ -1,40 +0,0 @@
1
- apiVersion: extensions/v1beta1
2
- kind: Deployment
3
- metadata:
4
- name: monitoring-influxdb
5
- namespace: kube-system
6
- spec:
7
- replicas: 1
8
- template:
9
- metadata:
10
- labels:
11
- task: monitoring
12
- k8s-app: influxdb
13
- spec:
14
- containers:
15
- - name: influxdb
16
- image: k8s.gcr.io/heapster-influxdb-amd64:v1.5.2
17
- volumeMounts:
18
- - mountPath: /data
19
- name: influxdb-storage
20
- volumes:
21
- - name: influxdb-storage
22
- emptyDir: {}
23
- ---
24
- apiVersion: v1
25
- kind: Service
26
- metadata:
27
- labels:
28
- task: monitoring
29
- # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
30
- # If you are NOT using this as an addon, you should comment out this line.
31
- kubernetes.io/cluster-service: "true"
32
- kubernetes.io/name: monitoring-influxdb
33
- name: monitoring-influxdb
34
- namespace: kube-system
35
- spec:
36
- ports:
37
- - port: 8086
38
- targetPort: 8086
39
- selector:
40
- k8s-app: influxdb
@@ -1,167 +0,0 @@
1
- # Copyright 2017 The Kubernetes Authors.
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # http://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
-
15
- # Configuration to deploy release version of the Dashboard UI compatible with
16
- # Kubernetes 1.8.
17
- #
18
- # Example usage: kubectl create -f <this_file>
19
-
20
- # ------------------- Dashboard Secret ------------------- #
21
-
22
- apiVersion: v1
23
- kind: Secret
24
- metadata:
25
- labels:
26
- k8s-app: kubernetes-dashboard
27
- name: kubernetes-dashboard-certs
28
- namespace: kube-system
29
- type: Opaque
30
-
31
- ---
32
- # ------------------- Dashboard Service Account ------------------- #
33
-
34
- apiVersion: v1
35
- kind: ServiceAccount
36
- metadata:
37
- labels:
38
- k8s-app: kubernetes-dashboard
39
- name: kubernetes-dashboard
40
- namespace: kube-system
41
-
42
- ---
43
- # ------------------- Dashboard Role & Role Binding ------------------- #
44
-
45
- kind: Role
46
- apiVersion: rbac.authorization.k8s.io/v1
47
- metadata:
48
- name: kubernetes-dashboard-minimal
49
- namespace: kube-system
50
- rules:
51
- # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
52
- - apiGroups: [""]
53
- resources: ["secrets"]
54
- verbs: ["create"]
55
- # Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
56
- - apiGroups: [""]
57
- resources: ["configmaps"]
58
- verbs: ["create"]
59
- # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
60
- - apiGroups: [""]
61
- resources: ["secrets"]
62
- resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]
63
- verbs: ["get", "update", "delete"]
64
- # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
65
- - apiGroups: [""]
66
- resources: ["configmaps"]
67
- resourceNames: ["kubernetes-dashboard-settings"]
68
- verbs: ["get", "update"]
69
- # Allow Dashboard to get metrics from heapster.
70
- - apiGroups: [""]
71
- resources: ["services"]
72
- resourceNames: ["heapster"]
73
- verbs: ["proxy"]
74
- - apiGroups: [""]
75
- resources: ["services/proxy"]
76
- resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
77
- verbs: ["get"]
78
-
79
- ---
80
- apiVersion: rbac.authorization.k8s.io/v1
81
- kind: RoleBinding
82
- metadata:
83
- name: kubernetes-dashboard-minimal
84
- namespace: kube-system
85
- roleRef:
86
- apiGroup: rbac.authorization.k8s.io
87
- kind: Role
88
- name: kubernetes-dashboard-minimal
89
- subjects:
90
- - kind: ServiceAccount
91
- name: kubernetes-dashboard
92
- namespace: kube-system
93
-
94
- ---
95
- # ------------------- Dashboard Deployment ------------------- #
96
-
97
- kind: Deployment
98
- apiVersion: apps/v1beta2
99
- metadata:
100
- labels:
101
- k8s-app: kubernetes-dashboard
102
- name: kubernetes-dashboard
103
- namespace: kube-system
104
- spec:
105
- replicas: 1
106
- revisionHistoryLimit: 10
107
- selector:
108
- matchLabels:
109
- k8s-app: kubernetes-dashboard
110
- template:
111
- metadata:
112
- labels:
113
- k8s-app: kubernetes-dashboard
114
- spec:
115
- containers:
116
- - name: kubernetes-dashboard
117
- image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3
118
- ports:
119
- - containerPort: 8443
120
- protocol: TCP
121
- args:
122
- - --auto-generate-certificates
123
- # Uncomment the following line to manually specify Kubernetes API server Host
124
- # If not specified, Dashboard will attempt to auto discover the API server and connect
125
- # to it. Uncomment only if the default does not work.
126
- # - --apiserver-host=http://my-address:port
127
- volumeMounts:
128
- - name: kubernetes-dashboard-certs
129
- mountPath: /certs
130
- # Create on-disk volume to store exec logs
131
- - mountPath: /tmp
132
- name: tmp-volume
133
- livenessProbe:
134
- httpGet:
135
- scheme: HTTPS
136
- path: /
137
- port: 8443
138
- initialDelaySeconds: 30
139
- timeoutSeconds: 30
140
- volumes:
141
- - name: kubernetes-dashboard-certs
142
- secret:
143
- secretName: kubernetes-dashboard-certs
144
- - name: tmp-volume
145
- emptyDir: {}
146
- serviceAccountName: kubernetes-dashboard
147
- # Comment the following tolerations if Dashboard must not be deployed on master
148
- tolerations:
149
- - key: node-role.kubernetes.io/master
150
- effect: NoSchedule
151
-
152
- ---
153
- # ------------------- Dashboard Service ------------------- #
154
-
155
- kind: Service
156
- apiVersion: v1
157
- metadata:
158
- labels:
159
- k8s-app: kubernetes-dashboard
160
- name: kubernetes-dashboard
161
- namespace: kube-system
162
- spec:
163
- ports:
164
- - port: 443
165
- targetPort: 8443
166
- selector:
167
- k8s-app: kubernetes-dashboard
package/dashboard.d.ts DELETED
@@ -1,5 +0,0 @@
1
- import * as k8s from "@pulumi/kubernetes";
2
- import * as pulumi from "@pulumi/pulumi";
3
- export interface DashboardOptions {
4
- }
5
- export declare function createDashboard(name: string, args: DashboardOptions, parent: pulumi.ComponentResource, k8sProvider: k8s.Provider): void;
package/dashboard.js DELETED
@@ -1,58 +0,0 @@
1
- "use strict";
2
- // Copyright 2016-2019, Pulumi Corporation.
3
- //
4
- // Licensed under the Apache License, Version 2.0 (the "License");
5
- // you may not use this file except in compliance with the License.
6
- // You may obtain a copy of the License at
7
- //
8
- // http://www.apache.org/licenses/LICENSE-2.0
9
- //
10
- // Unless required by applicable law or agreed to in writing, software
11
- // distributed under the License is distributed on an "AS IS" BASIS,
12
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
- // See the License for the specific language governing permissions and
14
- // limitations under the License.
15
- Object.defineProperty(exports, "__esModule", { value: true });
16
- exports.createDashboard = void 0;
17
- const k8s = require("@pulumi/kubernetes");
18
- const fs = require("fs");
19
- const path = require("path");
20
- function createDashboard(name, args, parent, k8sProvider) {
21
- // Deploy the latest version of the k8s dashboard.
22
- const dashboardYaml = [
23
- path.join(__dirname, "dashboard/kubernetes-dashboard.yaml"),
24
- path.join(__dirname, "dashboard/heapster.yaml"),
25
- path.join(__dirname, "dashboard/influxdb.yaml"),
26
- path.join(__dirname, "dashboard/heapster-rbac.yaml"),
27
- ].map((filePath) => fs.readFileSync(filePath).toString());
28
- const dashboard = new k8s.yaml.ConfigGroup(`${name}-dashboard`, {
29
- yaml: dashboardYaml,
30
- }, { parent: parent, providers: { kubernetes: k8sProvider } });
31
- // Create a service account for admin access.
32
- const adminAccount = new k8s.core.v1.ServiceAccount(`${name}-eks-admin`, {
33
- metadata: {
34
- name: "eks-admin",
35
- namespace: "kube-system",
36
- },
37
- }, { parent: parent, provider: k8sProvider });
38
- // Create a role binding for the admin account.
39
- const adminRoleBinding = new k8s.rbac.v1.ClusterRoleBinding(`${name}-eks-admin`, {
40
- metadata: {
41
- name: "eks-admin",
42
- },
43
- roleRef: {
44
- apiGroup: "rbac.authorization.k8s.io",
45
- kind: "ClusterRole",
46
- name: "cluster-admin",
47
- },
48
- subjects: [
49
- {
50
- kind: "ServiceAccount",
51
- name: "eks-admin",
52
- namespace: "kube-system",
53
- },
54
- ],
55
- }, { parent: parent, provider: k8sProvider });
56
- }
57
- exports.createDashboard = createDashboard;
58
- //# sourceMappingURL=dashboard.js.map
package/dashboard.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"dashboard.js","sourceRoot":"","sources":["../dashboard.ts"],"names":[],"mappings":";AAAA,2CAA2C;AAC3C,EAAE;AACF,kEAAkE;AAClE,mEAAmE;AACnE,0CAA0C;AAC1C,EAAE;AACF,iDAAiD;AACjD,EAAE;AACF,sEAAsE;AACtE,oEAAoE;AACpE,2EAA2E;AAC3E,sEAAsE;AACtE,iCAAiC;;;AAEjC,0CAA0C;AAE1C,yBAAyB;AACzB,6BAA6B;AAI7B,SAAgB,eAAe,CAC3B,IAAY,EACZ,IAAsB,EACtB,MAAgC,EAChC,WAAyB;IAEzB,kDAAkD;IAClD,MAAM,aAAa,GAAG;QAClB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,qCAAqC,CAAC;QAC3D,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,CAAC;QAC/C,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,yBAAyB,CAAC;QAC/C,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,8BAA8B,CAAC;KACvD,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC1D,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,WAAW,CACtC,GAAG,IAAI,YAAY,EACnB;QACI,IAAI,EAAE,aAAa;KACtB,EACD,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,EAAE,UAAU,EAAE,WAAW,EAAE,EAAE,CAC7D,CAAC;IAEF,6CAA6C;IAC7C,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,cAAc,CAC/C,GAAG,IAAI,YAAY,EACnB;QACI,QAAQ,EAAE;YACN,IAAI,EAAE,WAAW;YACjB,SAAS,EAAE,aAAa;SAC3B;KACJ,EACD,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,CAC5C,CAAC;IAEF,+CAA+C;IAC/C,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,kBAAkB,CACvD,GAAG,IAAI,YAAY,EACnB;QACI,QAAQ,EAAE;YACN,IAAI,EAAE,WAAW;SACpB;QACD,OAAO,EAAE;YACL,QAAQ,EAAE,2BAA2B;YACrC,IAAI,EAAE,aAAa;YACnB,IAAI,EAAE,eAAe;SACxB;QACD,QAAQ,EAAE;YACN;gBACI,IAAI,EAAE,gBAAgB;gBACtB,IAAI,EAAE,WAAW;gBACjB,SAAS,EAAE,aAAa;aAC3B;SACJ;KACJ,EACD,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,CAC5C,CAAC;AACN,CAAC;AAvDD,0CAuDC"}
package/dependencies.d.ts DELETED
@@ -1,2 +0,0 @@
1
- export declare function assertCompatibleKubectlVersionExists(): void;
2
- export declare function assertCompatibleAWSCLIExists(): void;
package/dependencies.js DELETED
@@ -1,81 +0,0 @@
1
- "use strict";
2
- // Copyright 2016-2022, Pulumi Corporation.
3
- //
4
- // Licensed under the Apache License, Version 2.0 (the "License");
5
- // you may not use this file except in compliance with the License.
6
- // You may obtain a copy of the License at
7
- //
8
- // http://www.apache.org/licenses/LICENSE-2.0
9
- //
10
- // Unless required by applicable law or agreed to in writing, software
11
- // distributed under the License is distributed on an "AS IS" BASIS,
12
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
- // See the License for the specific language governing permissions and
14
- // limitations under the License.
15
- Object.defineProperty(exports, "__esModule", { value: true });
16
- exports.assertCompatibleAWSCLIExists = exports.assertCompatibleKubectlVersionExists = void 0;
17
- const childProcess = require("child_process");
18
- const semver = require("semver");
19
- const which = require("which");
20
- const minKubectlVersion = "1.24.0";
21
- const minAWSCLIV1Version = "1.24.0";
22
- const minAWSCLIV2Version = "2.7.0";
23
- function assertCompatibleKubectlVersionExists() {
24
- try {
25
- which.sync("kubectl");
26
- }
27
- catch (err) {
28
- throw new Error("kubectl is missing. See https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl for installation instructions.");
29
- }
30
- const kubectlVersionJson = childProcess.execSync(`kubectl version --client=true --output=json`, {
31
- stdio: ["pipe", "pipe", "ignore"],
32
- encoding: "utf8",
33
- });
34
- let kctlVersion;
35
- try {
36
- kctlVersion = JSON.parse(kubectlVersionJson);
37
- }
38
- catch (err) {
39
- throw new Error(`Failed to parse kubectl version JSON output. Received: ${kubectlVersionJson}`);
40
- }
41
- const kcVersion = semver.clean(kctlVersion.clientVersion.gitVersion, {
42
- loose: true,
43
- });
44
- if (semver.lt(kcVersion, minKubectlVersion)) {
45
- throw new Error(`At least v${minKubectlVersion} of kubectl is required.` +
46
- ` Current version is: ${kcVersion}. See https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl for instructions on installing the latest.`);
47
- }
48
- }
49
- exports.assertCompatibleKubectlVersionExists = assertCompatibleKubectlVersionExists;
50
- function assertCompatibleAWSCLIExists() {
51
- try {
52
- which.sync("aws");
53
- }
54
- catch (err) {
55
- throw new Error("Could not find aws CLI for EKS. See https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html for installation instructions.");
56
- }
57
- const awscli = childProcess.execSync(`aws --version`, {
58
- stdio: ["pipe", "pipe", "ignore"],
59
- encoding: "utf8",
60
- });
61
- const version = awscli.split(" ")[0].replace("aws-cli/", "");
62
- const semverCleaned = semver.clean(version, {
63
- loose: true,
64
- });
65
- switch (semver.major(semverCleaned)) {
66
- case 1:
67
- if (semver.lt(semverCleaned, minAWSCLIV1Version)) {
68
- throw new Error(`At least v${minAWSCLIV1Version} of aws-cli is required.` +
69
- ` Current version is: ${semverCleaned}. See https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html for installation instructions.`);
70
- }
71
- break;
72
- default:
73
- if (semver.lt(semverCleaned, minAWSCLIV2Version)) {
74
- throw new Error(`At least v${minAWSCLIV2Version} of aws-cli is required.` +
75
- ` Current version is: ${semverCleaned}. See https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html for installation instructions.`);
76
- }
77
- break;
78
- }
79
- }
80
- exports.assertCompatibleAWSCLIExists = assertCompatibleAWSCLIExists;
81
- //# sourceMappingURL=dependencies.js.map