Interface ICluster
An EKS cluster.
Inherited Members
Namespace: Amazon.CDK.AWS.EKS
Assembly: Amazon.CDK.AWS.EKS.dll
Syntax (csharp)
public interface ICluster : IResource, IConstruct, IDependable, IConnectable
Syntax (vb)
Public Interface ICluster
Inherits IResource, IConstruct, IConstruct, IDependable, IConnectable
Synopsis
Properties
ClusterArn | The unique ARN assigned to the service by AWS in the form of arn:aws:eks:. |
ClusterCertificateAuthorityData | The certificate-authority-data for your cluster. |
ClusterEncryptionConfigKeyArn | Amazon Resource Name (ARN) or alias of the customer master key (CMK). |
ClusterEndpoint | The API Server endpoint URL. |
ClusterHandlerSecurityGroup | A security group to associate with the Cluster Handler's Lambdas. |
ClusterName | The physical name of the Cluster. |
ClusterSecurityGroup | The cluster security group that was created by Amazon EKS for the cluster. |
ClusterSecurityGroupId | The id of the cluster security group that was created by Amazon EKS for the cluster. |
KubectlEnvironment | Custom environment variables when running |
KubectlLambdaRole | An IAM role that can perform kubectl operations against this cluster. |
KubectlLayer | An AWS Lambda layer that includes |
KubectlMemory | Amount of memory to allocate to the provider's lambda function. |
KubectlPrivateSubnets | Subnets to host the |
KubectlProvider | Kubectl Provider for issuing kubectl commands against it. |
KubectlRole | An IAM role that can perform kubectl operations against this cluster. |
KubectlSecurityGroup | A security group to use for |
OnEventLayer | An AWS Lambda layer that includes the NPM dependency |
OpenIdConnectProvider | The Open ID Connect Provider of the cluster used to configure Service Accounts. |
Prune | Indicates whether Kubernetes resources can be automatically pruned. |
Vpc | The VPC in which this Cluster was created. |
Methods
AddCdk8sChart(String, Construct, IKubernetesManifestOptions) | Defines a CDK8s chart in this cluster. |
AddHelmChart(String, IHelmChartOptions) | Defines a Helm chart in this cluster. |
AddManifest(String, IDictionary<String, Object>[]) | Defines a Kubernetes resource in this cluster. |
AddServiceAccount(String, IServiceAccountOptions) | Creates a new service account with corresponding IAM Role (IRSA). |
ConnectAutoScalingGroupCapacity(AutoScalingGroup, IAutoScalingGroupOptions) | Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster. |
Properties
ClusterArn
The unique ARN assigned to the service by AWS in the form of arn:aws:eks:.
string ClusterArn { get; }
Property Value
System.String
Remarks
Attribute: true
ClusterCertificateAuthorityData
The certificate-authority-data for your cluster.
string ClusterCertificateAuthorityData { get; }
Property Value
System.String
Remarks
Attribute: true
ClusterEncryptionConfigKeyArn
Amazon Resource Name (ARN) or alias of the customer master key (CMK).
string ClusterEncryptionConfigKeyArn { get; }
Property Value
System.String
Remarks
Attribute: true
ClusterEndpoint
The API Server endpoint URL.
string ClusterEndpoint { get; }
Property Value
System.String
Remarks
Attribute: true
ClusterHandlerSecurityGroup
A security group to associate with the Cluster Handler's Lambdas.
virtual ISecurityGroup ClusterHandlerSecurityGroup { get; }
Property Value
Remarks
The Cluster Handler's Lambdas are responsible for calling AWS's EKS API.
Requires placeClusterHandlerInVpc
to be set to true.
Default: - No security group.
Attribute: true
ClusterName
The physical name of the Cluster.
string ClusterName { get; }
Property Value
System.String
Remarks
Attribute: true
ClusterSecurityGroup
The cluster security group that was created by Amazon EKS for the cluster.
ISecurityGroup ClusterSecurityGroup { get; }
Property Value
Remarks
Attribute: true
ClusterSecurityGroupId
The id of the cluster security group that was created by Amazon EKS for the cluster.
string ClusterSecurityGroupId { get; }
Property Value
System.String
Remarks
Attribute: true
KubectlEnvironment
Custom environment variables when running kubectl
against this cluster.
virtual IDictionary<string, string> KubectlEnvironment { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.String>
KubectlLambdaRole
An IAM role that can perform kubectl operations against this cluster.
virtual IRole KubectlLambdaRole { get; }
Property Value
Remarks
The role should be mapped to the system:masters
Kubernetes RBAC role.
This role is directly passed to the lambda handler that sends Kube Ctl commands to the cluster.
KubectlLayer
An AWS Lambda layer that includes kubectl
, helm
and the aws
CLI.
virtual ILayerVersion KubectlLayer { get; }
Property Value
Remarks
If not defined, a default layer will be used.
KubectlMemory
Amount of memory to allocate to the provider's lambda function.
virtual Size KubectlMemory { get; }
Property Value
KubectlPrivateSubnets
Subnets to host the kubectl
compute resources.
virtual ISubnet[] KubectlPrivateSubnets { get; }
Property Value
ISubnet[]
Remarks
If this is undefined, the k8s endpoint is expected to be accessible publicly.
KubectlProvider
Kubectl Provider for issuing kubectl commands against it.
virtual IKubectlProvider KubectlProvider { get; }
Property Value
Remarks
If not defined, a default provider will be used
KubectlRole
An IAM role that can perform kubectl operations against this cluster.
virtual IRole KubectlRole { get; }
Property Value
Remarks
The role should be mapped to the system:masters
Kubernetes RBAC role.
KubectlSecurityGroup
A security group to use for kubectl
execution.
virtual ISecurityGroup KubectlSecurityGroup { get; }
Property Value
Remarks
If this is undefined, the k8s endpoint is expected to be accessible publicly.
OnEventLayer
An AWS Lambda layer that includes the NPM dependency proxy-agent
.
virtual ILayerVersion OnEventLayer { get; }
Property Value
Remarks
If not defined, a default layer will be used.
OpenIdConnectProvider
The Open ID Connect Provider of the cluster used to configure Service Accounts.
IOpenIdConnectProvider OpenIdConnectProvider { get; }
Property Value
Prune
Indicates whether Kubernetes resources can be automatically pruned.
bool Prune { get; }
Property Value
System.Boolean
Remarks
When
this is enabled (default), prune labels will be allocated and injected to
each resource. These labels will then be used when issuing the kubectl apply
operation with the --prune
switch.
Vpc
Methods
AddCdk8sChart(String, Construct, IKubernetesManifestOptions)
Defines a CDK8s chart in this cluster.
KubernetesManifest AddCdk8sChart(string id, Construct chart, IKubernetesManifestOptions options = null)
Parameters
- id System.String
logical id of this chart.
- chart Constructs.Construct
the cdk8s chart.
- options IKubernetesManifestOptions
logical id of this chart.
Returns
a KubernetesManifest
construct representing the chart.
AddHelmChart(String, IHelmChartOptions)
Defines a Helm chart in this cluster.
HelmChart AddHelmChart(string id, IHelmChartOptions options)
Parameters
- id System.String
logical id of this chart.
- options IHelmChartOptions
options of this chart.
Returns
a HelmChart
construct
AddManifest(String, IDictionary<String, Object>[])
Defines a Kubernetes resource in this cluster.
KubernetesManifest AddManifest(string id, params IDictionary<string, object>[] manifest)
Parameters
- id System.String
logical id of this manifest.
- manifest System.Collections.Generic.IDictionary<System.String, System.Object>[]
a list of Kubernetes resource specifications.
Returns
a KubernetesManifest
object.
Remarks
The manifest will be applied/deleted using kubectl as needed.
AddServiceAccount(String, IServiceAccountOptions)
Creates a new service account with corresponding IAM Role (IRSA).
ServiceAccount AddServiceAccount(string id, IServiceAccountOptions options = null)
Parameters
- id System.String
logical id of service account.
- options IServiceAccountOptions
service account options.
Returns
ConnectAutoScalingGroupCapacity(AutoScalingGroup, IAutoScalingGroupOptions)
Connect capacity in the form of an existing AutoScalingGroup to the EKS cluster.
void ConnectAutoScalingGroupCapacity(AutoScalingGroup autoScalingGroup, IAutoScalingGroupOptions options)
Parameters
- autoScalingGroup AutoScalingGroup
[disable-awslint:ref-via-interface].
- options IAutoScalingGroupOptions
options for adding auto scaling groups, like customizing the bootstrap script.
Remarks
The AutoScalingGroup must be running an EKS-optimized AMI containing the /etc/eks/bootstrap.sh script. This method will configure Security Groups, add the right policies to the instance role, apply the right tags, and add the required user data to the instance's launch configuration.
Spot instances will be labeled lifecycle=Ec2Spot
and tainted with PreferNoSchedule
.
If kubectl is enabled, the
spot interrupt handler
daemon will be installed on all spot instances to handle
EC2 Spot Instance Termination Notices.
Prefer to use addAutoScalingGroupCapacity
if possible.
See: https://docs.aws.amazon.com/eks/latest/userguide/launch-workers.html