logo标签列表

如何使用Terraform配置AWS EKS自动缩放器?

kubernetesterraformamazon-eks
7
我强烈推荐利用这个:https://github.com/terraform-aws-modules/terraform-aws-eks - Matt Schuchard
这就是我正在使用的(教程中使用的)。 - Chris Stryczynski
2个回答
6

您可以使用Terraform部署Kubernetes资源。有Kubernetes提供程序和Helm提供程序。

data "aws_eks_cluster_auth" "authentication" {
  name = "${var.cluster_id}"
}

provider "kubernetes" {
  # Use the token generated by AWS iam authenticator to connect as the provider does not support exec auth
  # see: https://github.com/terraform-providers/terraform-provider-kubernetes/issues/161
  host = "${var.cluster_endpoint}"

  cluster_ca_certificate = "${base64decode(var.cluster_certificate_authority_data)}"
  token                  = "${data.aws_eks_cluster_auth.authentication.token}"
  load_config_file       = false
}

provider "helm" {
  install_tiller  = "true"
  tiller_image    = "gcr.io/kubernetes-helm/tiller:v2.12.3"
}

resource "helm_release" "cluster_autoscaler" {
  name       = "cluster-autoscaler"
  repository = "stable"
  chart      = "cluster-autoscaler"
  namespace  = "kube-system"
  version    = "0.12.2"

  set {
    name  = "autoDiscovery.enabled"
    value = "true"
  }

  set {
    name  = "autoDiscovery.clusterName"
    value = "${var.cluster_name}"
  }

  set {
    name  = "cloudProvider"
    value = "aws"
  }

  set {
    name  = "awsRegion"
    value = "${data.aws_region.current_region.name}"
  }

  set {
    name  = "rbac.create"
    value = "true"
  }

  set {
    name  = "sslCertPath"
    value = "/etc/ssl/certs/ca-bundle.crt"
  }
}
1
好的,虽然这在教程中缺失有些奇怪,但我会尝试一下! - Chris Stryczynski
1
Hashicorp的教程主要关注于部署EKS,而不是特别关注如何获得一个完全运行的Kubernetes集群。Metrics-server仍在Kubernetes项目中孵化。 - Blokje5
由于某种奇怪的原因,它给了我这个错误:* helm_release.cluster_autoscaler: error installing: Post https://ABB06A6EE62F55C039BB284DD4BB2DB3.gr7.us-west-2.eks.amazonaws.com/apis/extensions/v1beta1/namespaces/kube-system/deployments: dial tcp: lookup ABB06A6EE62F55C039BB284DD4BB2DB3.gr7.us-west-2.eks.amazonaws.com: no such host但是我完全不认识那个端点?它也不在tfstate文件中。 - Chris Stryczynski
遇到了“helm_release.cluster_autoscaler: context deadline exceeded”错误...不确定是否与https://github.com/terraform-providers/terraform-provider-helm/issues/183有关。 - Chris Stryczynski
嗯,我之前没有遇到过这个问题。 - Blokje5
1

下面的回答仍然不完整...但至少让我有了一些进展...

1.

kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default
helm install stable/cluster-autoscaler --name my-release --set "autoscalingGroups[0].name=demo,autoscalingGroups[0].maxSize=10,autoscalingGroups[0].minSize=1" --set rbac.create=true

然后手动修复证书路径:

kubectl edit deployments my-release-aws-cluster-autoscaler

请将以下内容替换:
path: /etc/ssl/certs/ca-bundle.crt

With

path: /etc/ssl/certs/ca-certificates.crt

2.

在AWS控制台中,将AdministratorAccess策略授权给terraform-eks-demo-node角色。

3.

使用(kubectl edit deployments my-release-aws-cluster-autoscaler)更新nodes参数。

        - --nodes=1:10:terraform-eks-demo20190922124246790200000007
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接