Interface IClusterOptions
Options for EKS clusters.
Inherited Members
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.AWS.EKS.dll
Syntax (csharp)
public interface IClusterOptions : ICommonClusterOptions
Syntax (vb)
Public Interface IClusterOptions
Inherits ICommonClusterOptions
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.EC2;
using Amazon.CDK.AWS.EKS;
using Amazon.CDK.AWS.IAM;
using Amazon.CDK.AWS.KMS;
using Amazon.CDK.AWS.Lambda;
using Amazon.CDK;
AlbControllerVersion albControllerVersion;
EndpointAccess endpointAccess;
Key key;
KubernetesVersion kubernetesVersion;
LayerVersion layerVersion;
var policy;
Role role;
SecurityGroup securityGroup;
Size size;
Subnet subnet;
SubnetFilter subnetFilter;
Vpc vpc;
var clusterOptions = new ClusterOptions {
Version = kubernetesVersion,
// the properties below are optional
AlbController = new AlbControllerOptions {
Version = albControllerVersion,
// the properties below are optional
Policy = policy,
Repository = "repository"
},
ClusterHandlerEnvironment = new Dictionary<string, string> {
{ "clusterHandlerEnvironmentKey", "clusterHandlerEnvironment" }
},
ClusterHandlerSecurityGroup = securityGroup,
ClusterName = "clusterName",
CoreDnsComputeType = CoreDnsComputeType.EC2,
EndpointAccess = endpointAccess,
KubectlEnvironment = new Dictionary<string, string> {
{ "kubectlEnvironmentKey", "kubectlEnvironment" }
},
KubectlLayer = layerVersion,
KubectlMemory = size,
MastersRole = role,
OnEventLayer = layerVersion,
OutputClusterName = false,
OutputConfigCommand = false,
OutputMastersRoleArn = false,
PlaceClusterHandlerInVpc = false,
Prune = false,
Role = role,
SecretsEncryptionKey = key,
SecurityGroup = securityGroup,
ServiceIpv4Cidr = "serviceIpv4Cidr",
Vpc = vpc,
VpcSubnets = new [] { new SubnetSelection {
AvailabilityZones = new [] { "availabilityZones" },
OnePerAz = false,
SubnetFilters = new [] { subnetFilter },
SubnetGroupName = "subnetGroupName",
SubnetName = "subnetName",
Subnets = new [] { subnet },
SubnetType = SubnetType.ISOLATED
} }
};
Synopsis
Properties
AlbController | Install the AWS Load Balancer Controller onto the cluster. |
ClusterHandlerEnvironment | Custom environment variables when interacting with the EKS endpoint to manage the cluster lifecycle. |
ClusterHandlerSecurityGroup | A security group to associate with the Cluster Handler's Lambdas. |
CoreDnsComputeType | Controls the "eks.amazonaws.com/compute-type" annotation in the CoreDNS configuration on your cluster to determine which compute type to use for CoreDNS. |
EndpointAccess | Configure access to the Kubernetes API server endpoint.. |
KubectlEnvironment | Environment variables for the kubectl execution. |
KubectlLayer | An AWS Lambda Layer which includes |
KubectlMemory | Amount of memory to allocate to the provider's lambda function. |
MastersRole | An IAM role that will be added to the |
OnEventLayer | An AWS Lambda Layer which includes the NPM dependency |
OutputMastersRoleArn | Determines whether a CloudFormation output with the ARN of the "masters" IAM role will be synthesized (if |
PlaceClusterHandlerInVpc | If set to true, the cluster handler functions will be placed in the private subnets of the cluster vpc, subject to the |
Prune | Indicates whether Kubernetes resources added through |
SecretsEncryptionKey | KMS secret for envelope encryption for Kubernetes secrets. |
ServiceIpv4Cidr | The CIDR block to assign Kubernetes service IP addresses from. |
Properties
AlbController
Install the AWS Load Balancer Controller onto the cluster.
virtual IAlbControllerOptions AlbController { get; }
Property Value
Remarks
Default: - The controller is not installed.
See: https://kubernetes-sigs.github.io/aws-load-balancer-controller
ClusterHandlerEnvironment
Custom environment variables when interacting with the EKS endpoint to manage the cluster lifecycle.
virtual IDictionary<string, string> ClusterHandlerEnvironment { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.String>
Remarks
Default: - No environment variables.
ClusterHandlerSecurityGroup
A security group to associate with the Cluster Handler's Lambdas.
virtual ISecurityGroup ClusterHandlerSecurityGroup { get; }
Property Value
Remarks
The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
Requires placeClusterHandlerInVpc
to be set to true.
Default: - No security group.
CoreDnsComputeType
Controls the "eks.amazonaws.com/compute-type" annotation in the CoreDNS configuration on your cluster to determine which compute type to use for CoreDNS.
virtual Nullable<CoreDnsComputeType> CoreDnsComputeType { get; }
Property Value
System.Nullable<CoreDnsComputeType>
Remarks
Default: CoreDnsComputeType.EC2 (for FargateCluster
the default is FARGATE)
EndpointAccess
Configure access to the Kubernetes API server endpoint..
virtual EndpointAccess EndpointAccess { get; }
Property Value
Remarks
Default: EndpointAccess.PUBLIC_AND_PRIVATE
See: https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html
KubectlEnvironment
Environment variables for the kubectl execution.
virtual IDictionary<string, string> KubectlEnvironment { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.String>
Remarks
Only relevant for kubectl enabled clusters.
Default: - No environment variables.
KubectlLayer
An AWS Lambda Layer which includes kubectl
, Helm and the AWS CLI.
virtual ILayerVersion KubectlLayer { get; }
Property Value
Remarks
By default, the provider will use the layer included in the "aws-lambda-layer-kubectl" SAR application which is available in all commercial regions.
To deploy the layer locally, visit https://github.com/aws-samples/aws-lambda-layer-kubectl/blob/master/cdk/README.md for instructions on how to prepare the .zip file and then define it in your app as follows:
var layer = new LayerVersion(this, "kubectl-layer", new LayerVersionProps {
Code = Code.FromAsset($"{__dirname}/layer.zip"),
CompatibleRuntimes = new [] { Runtime.PROVIDED }
});
Default: - the layer provided by the aws-lambda-layer-kubectl
SAR app.
See: https://github.com/aws-samples/aws-lambda-layer-kubectl
KubectlMemory
Amount of memory to allocate to the provider's lambda function.
virtual Size KubectlMemory { get; }
Property Value
Remarks
Default: Size.gibibytes(1)
MastersRole
An IAM role that will be added to the system:masters
Kubernetes RBAC group.
virtual IRole MastersRole { get; }
Property Value
Remarks
Default: - a role that assumable by anyone with permissions in the same account will automatically be defined
See: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#default-roles-and-role-bindings
OnEventLayer
An AWS Lambda Layer which includes the NPM dependency proxy-agent
.
virtual ILayerVersion OnEventLayer { get; }
Property Value
Remarks
This layer is used by the onEvent handler to route AWS SDK requests through a proxy.
By default, the provider will use the layer included in the "aws-lambda-layer-node-proxy-agent" SAR application which is available in all commercial regions.
To deploy the layer locally define it in your app as follows:
var layer = new LayerVersion(this, "proxy-agent-layer", new LayerVersionProps {
Code = Code.FromAsset($"{__dirname}/layer.zip"),
CompatibleRuntimes = new [] { Runtime.NODEJS_14_X }
});
Default: - a layer bundled with this module.
OutputMastersRoleArn
Determines whether a CloudFormation output with the ARN of the "masters" IAM role will be synthesized (if mastersRole
is specified).
virtual Nullable<bool> OutputMastersRoleArn { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
PlaceClusterHandlerInVpc
If set to true, the cluster handler functions will be placed in the private subnets of the cluster vpc, subject to the vpcSubnets
selection strategy.
virtual Nullable<bool> PlaceClusterHandlerInVpc { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: false
Prune
Indicates whether Kubernetes resources added through addManifest()
can be automatically pruned.
virtual Nullable<bool> Prune { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
When this is enabled (default), prune labels will be
allocated and injected to each resource. These labels will then be used
when issuing the kubectl apply
operation with the --prune
switch.
Default: true
SecretsEncryptionKey
KMS secret for envelope encryption for Kubernetes secrets.
virtual IKey SecretsEncryptionKey { get; }
Property Value
Remarks
Default: - By default, Kubernetes stores all secret object data within etcd and all etcd volumes used by Amazon EKS are encrypted at the disk-level using AWS-Managed encryption keys.
ServiceIpv4Cidr
The CIDR block to assign Kubernetes service IP addresses from.
virtual string ServiceIpv4Cidr { get; }
Property Value
System.String
Remarks
Default: - Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks