Class ClusterProps
Common configuration props for EKS clusters.
Inheritance
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.AWS.EKS.dll
Syntax (csharp)
public class ClusterProps : Object, IClusterProps, IClusterOptions, ICommonClusterOptions
Syntax (vb)
Public Class ClusterProps
Inherits Object
Implements IClusterProps, IClusterOptions, ICommonClusterOptions
Remarks
ExampleMetadata: infused
Examples
Vpc vpc;
new Cluster(this, "HelloEKS", new ClusterProps {
Version = KubernetesVersion.V1_21,
Vpc = vpc,
VpcSubnets = new [] { new SubnetSelection { SubnetType = SubnetType.PRIVATE_WITH_NAT } }
});
Synopsis
Constructors
ClusterProps() |
Properties
AlbController | Install the AWS Load Balancer Controller onto the cluster. |
ClusterHandlerEnvironment | Custom environment variables when interacting with the EKS endpoint to manage the cluster lifecycle. |
ClusterHandlerSecurityGroup | A security group to associate with the Cluster Handler's Lambdas. |
ClusterLogging | The cluster log types which you want to enable. |
ClusterName | Name for the cluster. |
CoreDnsComputeType | Controls the "eks.amazonaws.com/compute-type" annotation in the CoreDNS configuration on your cluster to determine which compute type to use for CoreDNS. |
DefaultCapacity | Number of instances to allocate as an initial capacity for this cluster. |
DefaultCapacityInstance | The instance type to use for the default capacity. |
DefaultCapacityType | The default capacity type for the cluster. |
EndpointAccess | Configure access to the Kubernetes API server endpoint.. |
KubectlEnvironment | Environment variables for the kubectl execution. |
KubectlLambdaRole | The IAM role to pass to the Kubectl Lambda Handler. |
KubectlLayer | An AWS Lambda Layer which includes |
KubectlMemory | Amount of memory to allocate to the provider's lambda function. |
MastersRole | An IAM role that will be added to the |
OnEventLayer | An AWS Lambda Layer which includes the NPM dependency |
OutputClusterName | Determines whether a CloudFormation output with the name of the cluster will be synthesized. |
OutputConfigCommand | Determines whether a CloudFormation output with the |
OutputMastersRoleArn | Determines whether a CloudFormation output with the ARN of the "masters" IAM role will be synthesized (if |
PlaceClusterHandlerInVpc | If set to true, the cluster handler functions will be placed in the private subnets of the cluster vpc, subject to the |
Prune | Indicates whether Kubernetes resources added through |
Role | Role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. |
SecretsEncryptionKey | KMS secret for envelope encryption for Kubernetes secrets. |
SecurityGroup | Security Group to use for Control Plane ENIs. |
ServiceIpv4Cidr | The CIDR block to assign Kubernetes service IP addresses from. |
Tags | The tags assigned to the EKS cluster. |
Version | The Kubernetes version to run in the cluster. |
Vpc | The VPC in which to create the Cluster. |
VpcSubnets | Where to place EKS Control Plane ENIs. |
Constructors
ClusterProps()
public ClusterProps()
Properties
AlbController
Install the AWS Load Balancer Controller onto the cluster.
public IAlbControllerOptions AlbController { get; set; }
Property Value
Remarks
Default: - The controller is not installed.
See: https://kubernetes-sigs.github.io/aws-load-balancer-controller
ClusterHandlerEnvironment
Custom environment variables when interacting with the EKS endpoint to manage the cluster lifecycle.
public IDictionary<string, string> ClusterHandlerEnvironment { get; set; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.String>
Remarks
Default: - No environment variables.
ClusterHandlerSecurityGroup
A security group to associate with the Cluster Handler's Lambdas.
public ISecurityGroup ClusterHandlerSecurityGroup { get; set; }
Property Value
Remarks
The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
Requires placeClusterHandlerInVpc
to be set to true.
Default: - No security group.
ClusterLogging
The cluster log types which you want to enable.
public ClusterLoggingTypes[] ClusterLogging { get; set; }
Property Value
Remarks
Default: - none
ClusterName
Name for the cluster.
public string ClusterName { get; set; }
Property Value
System.String
Remarks
Default: - Automatically generated name
CoreDnsComputeType
Controls the "eks.amazonaws.com/compute-type" annotation in the CoreDNS configuration on your cluster to determine which compute type to use for CoreDNS.
public Nullable<CoreDnsComputeType> CoreDnsComputeType { get; set; }
Property Value
System.Nullable<CoreDnsComputeType>
Remarks
Default: CoreDnsComputeType.EC2 (for FargateCluster
the default is FARGATE)
DefaultCapacity
Number of instances to allocate as an initial capacity for this cluster.
public Nullable<double> DefaultCapacity { get; set; }
Property Value
System.Nullable<System.Double>
Remarks
Instance type can be configured through defaultCapacityInstanceType
,
which defaults to m5.large
.
Use cluster.addAutoScalingGroupCapacity
to add additional customized capacity. Set this
to 0
is you wish to avoid the initial capacity allocation.
Default: 2
DefaultCapacityInstance
The instance type to use for the default capacity.
public InstanceType DefaultCapacityInstance { get; set; }
Property Value
Remarks
This will only be taken
into account if defaultCapacity
is > 0.
Default: m5.large
DefaultCapacityType
The default capacity type for the cluster.
public Nullable<DefaultCapacityType> DefaultCapacityType { get; set; }
Property Value
System.Nullable<DefaultCapacityType>
Remarks
Default: NODEGROUP
EndpointAccess
Configure access to the Kubernetes API server endpoint..
public EndpointAccess EndpointAccess { get; set; }
Property Value
Remarks
Default: EndpointAccess.PUBLIC_AND_PRIVATE
See: https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
KubectlEnvironment
Environment variables for the kubectl execution.
public IDictionary<string, string> KubectlEnvironment { get; set; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.String>
Remarks
Only relevant for kubectl enabled clusters.
Default: - No environment variables.
KubectlLambdaRole
The IAM role to pass to the Kubectl Lambda Handler.
public IRole KubectlLambdaRole { get; set; }
Property Value
Remarks
Default: - Default Lambda IAM Execution Role
KubectlLayer
An AWS Lambda Layer which includes kubectl
, Helm and the AWS CLI.
public ILayerVersion KubectlLayer { get; set; }
Property Value
Remarks
By default, the provider will use the layer included in the "aws-lambda-layer-kubectl" SAR application which is available in all commercial regions.
To deploy the layer locally, visit https://github.com/aws-samples/aws-lambda-layer-kubectl/blob/master/cdk/README.md for instructions on how to prepare the .zip file and then define it in your app as follows:
var layer = new LayerVersion(this, "kubectl-layer", new LayerVersionProps {
Code = Code.FromAsset($"{__dirname}/layer.zip"),
CompatibleRuntimes = new [] { Runtime.PROVIDED }
});
Default: - the layer provided by the aws-lambda-layer-kubectl
SAR app.
See: https://github.com/aws-samples/aws-lambda-layer-kubectl
KubectlMemory
Amount of memory to allocate to the provider's lambda function.
public Size KubectlMemory { get; set; }
Property Value
Remarks
Default: Size.gibibytes(1)
MastersRole
An IAM role that will be added to the system:masters
Kubernetes RBAC group.
public IRole MastersRole { get; set; }
Property Value
Remarks
Default: - a role that assumable by anyone with permissions in the same account will automatically be defined
See: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#default-roles-and-role-bindings
OnEventLayer
An AWS Lambda Layer which includes the NPM dependency proxy-agent
.
public ILayerVersion OnEventLayer { get; set; }
Property Value
Remarks
This layer is used by the onEvent handler to route AWS SDK requests through a proxy.
By default, the provider will use the layer included in the "aws-lambda-layer-node-proxy-agent" SAR application which is available in all commercial regions.
To deploy the layer locally define it in your app as follows:
var layer = new LayerVersion(this, "proxy-agent-layer", new LayerVersionProps {
Code = Code.FromAsset($"{__dirname}/layer.zip"),
CompatibleRuntimes = new [] { Runtime.NODEJS_14_X }
});
Default: - a layer bundled with this module.
OutputClusterName
Determines whether a CloudFormation output with the name of the cluster will be synthesized.
public Nullable<bool> OutputClusterName { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
OutputConfigCommand
Determines whether a CloudFormation output with the aws eks update-kubeconfig
command will be synthesized.
public Nullable<bool> OutputConfigCommand { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
This command will include the cluster name and, if applicable, the ARN of the masters IAM role.
Default: true
OutputMastersRoleArn
Determines whether a CloudFormation output with the ARN of the "masters" IAM role will be synthesized (if mastersRole
is specified).
public Nullable<bool> OutputMastersRoleArn { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
PlaceClusterHandlerInVpc
If set to true, the cluster handler functions will be placed in the private subnets of the cluster vpc, subject to the vpcSubnets
selection strategy.
public Nullable<bool> PlaceClusterHandlerInVpc { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
Prune
Indicates whether Kubernetes resources added through addManifest()
can be automatically pruned.
public Nullable<bool> Prune { get; set; }
Property Value
System.Nullable<System.Boolean>
Remarks
When this is enabled (default), prune labels will be
allocated and injected to each resource. These labels will then be used
when issuing the kubectl apply
operation with the --prune
switch.
Default: true
Role
Role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.
public IRole Role { get; set; }
Property Value
Remarks
Default: - A role is automatically created for you
SecretsEncryptionKey
KMS secret for envelope encryption for Kubernetes secrets.
public IKey SecretsEncryptionKey { get; set; }
Property Value
Remarks
Default: - By default, Kubernetes stores all secret object data within etcd and all etcd volumes used by Amazon EKS are encrypted at the disk-level using AWS-Managed encryption keys.
SecurityGroup
Security Group to use for Control Plane ENIs.
public ISecurityGroup SecurityGroup { get; set; }
Property Value
Remarks
Default: - A security group is automatically created
ServiceIpv4Cidr
The CIDR block to assign Kubernetes service IP addresses from.
public string ServiceIpv4Cidr { get; set; }
Property Value
System.String
Remarks
Default: - Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks
Tags
The tags assigned to the EKS cluster.
public IDictionary<string, string> Tags { get; set; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.String>
Remarks
Default: - none
Version
The Kubernetes version to run in the cluster.
public KubernetesVersion Version { get; set; }
Property Value
Vpc
The VPC in which to create the Cluster.
public IVpc Vpc { get; set; }
Property Value
Remarks
Default: - a VPC with default configuration will be created and can be accessed through cluster.vpc
.
VpcSubnets
Where to place EKS Control Plane ENIs.
public ISubnetSelection[] VpcSubnets { get; set; }
Property Value
Remarks
If you want to create public load balancers, this must include public subnets.
For example, to only select private subnets, supply the following:
vpcSubnets: [{ subnetType: ec2.SubnetType.PRIVATE_WITH_NAT }]
Default: - All public and private subnets