We use CloudFormation to set up the cluster. The AMI and Kubernetes version are specified in the CloudFormation parameters, and we just update the CloudFormation stack.
The master plane updates automatically during stack deployment. To change the worker nodes' AMI, we manually update the Launch Template version in the AWS EKS console.
We use CloudFormation to set up the cluster. The AMI and Kubernetes version are specified in the CloudFormation parameters, and we just update the CloudFormation stack.
The master plane updates automatically during stack deployment. To change the worker nodes' AMI, we manually update the Launch Template version in the AWS EKS console.
We use also UserData script for WorkerNodes: 169.254. 169.254/ latest/ api/token" -H "X-aws- ec2-metadata- token-ttl- seconds: 3600"` ec2-metadata- token: $TOKEN" -s http:// 169.254. 169.254/ latest/ meta-data/ placement/ availability- zone | sed 's/\(.* \)[a-z] /\1/') arn=$(aws --region $region ssm get-parameter --name /proxy/ paas/secret/ arn/${ProxyId} --query 'Parameter.Value' | xargs) =$(aws --region $region secretsmanager get-secret-value --secret-id $secret_arn --query 'SecretString' --output text) ":\"[a- zA-Z0-9+ -]\{0,\ }\"' | awk -F":" '{ print $2 }' | xargs) ":\"[a- zA-Z0-9+ -]\{0,\ }\"' | awk -F":" '{ print $2 }' | xargs) $username: $password@ **blurred* *:8080" /$username: $password@ **blurred* *:8443" proxy=localhost ,127.0. 0.1,169. 254.169. 254,.internal, s3.amazonaws. com,.$region. amazonaws. com,ec2. $region. amazonaws. com PROXY=localhost ,127.0. 0.1,169. 254.169. 254,.internal, s3.amazonaws. com,.$region. amazonaws. com,ec2. $region. amazonaws. com $proxy_ http" > /etc/profile. d/proxy. sh $proxy_ https" >> /etc/profile. d/proxy. sh $proxy_ http" >> /etc/profile. d/proxy. sh $proxy_ https" >> /etc/profile. d/proxy. sh d/proxy. sh d/proxy. sh apt.conf. d/proxy. conf :http:: Proxy \"socks5h: //$username: $password@ **blurred* *:8000\ ";" >> /etc/apt/ apt.conf. d/proxy. conf :https: :Proxy \"socks5h: //$username: $password@ **blurred* *:8000\ ";" >> /etc/apt/ apt.conf. d/proxy. conf CLUSTER_ CA=${EksCluster .CertificateAut horityData} SERVER_ URL=${EksCluste r.Endpoint} CLUSTER_ DNS_IP= 10.100. 0.10 eks/bootstrap. sh ${EksCluster} --kubelet- extra-args '--max-pods=110' --b64-cluster-ca $B64_CLUSTER_CA --apiserver- endpoint $API_SERVER_URL --dns-cluster-ip $K8S_CLUSTER_DNS_IP --use-max-pods false
Content-Type: multipart/mixed; boundary="//"
MIME-Version: 1.0
--//
Content-Type: text/x-shellscript; charset="us-ascii"
#!/bin/bash
# retrieve current region
TOKEN=`curl -sX PUT "http://
region=$(curl -H "X-aws-
secret_
credentials
username=$(echo $credentials | grep -o '\"username\
password=$(echo $credentials | grep -o '\"password\
# build HTTP proxy url
proxy_http="http://
# build HTTPS proxy url
proxy_https="https:/
no_
NO_
/bin/echo "export http_proxy=
/bin/echo "export https_proxy=
/bin/echo "export HTTP_PROXY=
/bin/echo "export HTTPS_PROXY=
/bin/echo "export no_proxy=$no_proxy" >> /etc/profile.
/bin/echo "export NO_PROXY=$no_proxy" >> /etc/profile.
source /etc/profile
# add apt setup script
/bin/echo "# Making Apt Outbound Proxy aware" >> /etc/apt/
/bin/echo "Acquire:
/bin/echo "Acquire:
# join the cluster
B64_
API_
K8S_
/etc/
--//