IEksContainerDefinition
- class aws_cdk.aws_batch.IEksContainerDefinition(*args, **kwargs)
Bases:
IConstruct
,Protocol
A container that can be run with EKS orchestration on EC2 resources.
Methods
- add_volume(volume)
Mount a Volume to this container.
Automatically added to the Pod.
- Parameters:
volume (
EksVolume
) –- Return type:
None
Attributes
- args
An array of arguments to the entrypoint.
If this isn’t specified, the CMD of the container image is used. This corresponds to the args member in the Entrypoint portion of the Pod in Kubernetes. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to “$(NAME1)” and the NAME1 environment variable doesn’t exist, the command string will remain “$(NAME1).” $$ is replaced with $, and the resulting string isn’t expanded. or example, $$(VAR_NAME) is passed as $(VAR_NAME) whether or not the VAR_NAME environment variable exists.
- command
The entrypoint for the container.
This isn’t run within a shell. If this isn’t specified, the
ENTRYPOINT
of the container image is used. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to"$(NAME1)"
and theNAME1
environment variable doesn’t exist, the command string will remain"$(NAME1)."
$$
is replaced with$
and the resulting string isn’t expanded. For example,$$(VAR_NAME)
will be passed as$(VAR_NAME)
whether or not theVAR_NAME
environment variable exists.The entrypoint can’t be updated.
- cpu_limit
The hard limit of CPUs to present to this container. Must be an even multiple of 0.25.
If your container attempts to exceed this limit, it will be terminated.
At least one of
cpuReservation
andcpuLimit
is required. If both are specified, thencpuLimit
must be at least as large ascpuReservation
.- Default:
No CPU limit
- See:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- cpu_reservation
The soft limit of CPUs to reserve for the container Must be an even multiple of 0.25.
The container will given at least this many CPUs, but may consume more.
At least one of
cpuReservation
andcpuLimit
is required. If both are specified, thencpuLimit
must be at least as large ascpuReservation
.- Default:
No CPUs reserved
- See:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- env
The environment variables to pass to this container.
Note: Environment variables cannot start with “AWS_BATCH”. This naming convention is reserved for variables that AWS Batch sets.
- gpu_limit
The hard limit of GPUs to present to this container.
If your container attempts to exceed this limit, it will be terminated.
If both
gpuReservation
andgpuLimit
are specified, thengpuLimit
must be equal togpuReservation
.- Default:
No GPU limit
- See:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- gpu_reservation
The soft limit of CPUs to reserve for the container Must be an even multiple of 0.25.
The container will given at least this many CPUs, but may consume more.
If both
gpuReservation
andgpuLimit
are specified, thengpuLimit
must be equal togpuReservation
.- Default:
No GPUs reserved
- See:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- image
The image that this container will run.
- image_pull_policy
The image pull policy for this container.
- Default:
ALWAYS
if the:latest
tag is specified,IF_NOT_PRESENT
otherwise
- See:
https://kubernetes.io/docs/concepts/containers/images/#updating-images
- memory_limit
The amount (in MiB) of memory to present to the container.
If your container attempts to exceed the allocated memory, it will be terminated.
Must be larger that 4 MiB
At least one of
memoryLimit
andmemoryReservation
is requiredNote: To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using.
- Default:
No memory limit
- See:
https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html
- memory_reservation
The soft limit (in MiB) of memory to reserve for the container.
Your container will be given at least this much memory, but may consume more.
Must be larger that 4 MiB
When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the memory parameter (if applicable), or all of the available memory on the container instance, whichever comes first.
At least one of
memoryLimit
andmemoryReservation
is required. If both are specified, thenmemoryLimit
must be equal tomemoryReservation
Note: To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using.
- Default:
No memory reserved
- See:
https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html
- name
The name of this container.
- Default:
:
'Default'
- node
The tree node.
- privileged
If specified, gives this container elevated permissions on the host container instance.
The level of permissions are similar to the root user permissions.
This parameter maps to
privileged
policy in the Privileged pod security policies in the Kubernetes documentation.Note: this is only compatible with Kubernetes < v1.25
- readonly_root_filesystem
If specified, gives this container readonly access to its root file system.
This parameter maps to
ReadOnlyRootFilesystem
policy in the Volumes and file systems pod security policies in the Kubernetes documentation.Note: this is only compatible with Kubernetes < v1.25
- run_as_group
If specified, the container is run as the specified group ID (
gid
).If this parameter isn’t specified, the default is the group that’s specified in the image metadata. This parameter maps to
RunAsGroup
andMustRunAs
policy in the Users and groups pod security policies in the Kubernetes documentation.Note: this is only compatible with Kubernetes < v1.25
- run_as_root
If specified, the container is run as a user with a
uid
other than 0.Otherwise, no such rule is enforced. This parameter maps to
RunAsUser
andMustRunAsNonRoot
policy in the Users and groups pod security policies in the Kubernetes documentation.Note: this is only compatible with Kubernetes < v1.25
- Default:
the container is not required to run as a non-root user
- See:
https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups
- run_as_user
If specified, this container is run as the specified user ID (
uid
).This parameter maps to
RunAsUser
andMustRunAs
policy in the Users and groups pod security policies in the Kubernetes documentation.Note: this is only compatible with Kubernetes < v1.25
- Default:
the user that is specified in the image metadata.
- See:
https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups
- volumes
The Volumes to mount to this container.
Automatically added to the Pod.