CreateNodegroup - Amazon Elastic Kubernetes Service

CreateNodegroup

Creates a managed worker node group for an Amazon EKS cluster. You can only create a node group for your cluster that is equal to the current Kubernetes version for the cluster. All node groups are created with the latest AMI release version for the respective minor Kubernetes version of the cluster, unless you deploy a custom AMI using a launch template. For more information about using launch templates, see Launch template support.

An Amazon EKS managed node group is an Amazon EC2 Auto Scaling group and associated Amazon EC2 instances that are managed by AWS for an Amazon EKS cluster. Each node group uses a version of the Amazon EKS optimized Amazon Linux 2 AMI. For more information, see Managed Node Groups in the Amazon EKS User Guide.

Request Syntax

POST /clusters/name/node-groups HTTP/1.1 Content-type: application/json { "amiType": "string", "clientRequestToken": "string", "diskSize": number, "instanceTypes": [ "string" ], "labels": { "string" : "string" }, "launchTemplate": { "id": "string", "name": "string", "version": "string" }, "nodegroupName": "string", "nodeRole": "string", "releaseVersion": "string", "remoteAccess": { "ec2SshKey": "string", "sourceSecurityGroups": [ "string" ] }, "scalingConfig": { "desiredSize": number, "maxSize": number, "minSize": number }, "subnets": [ "string" ], "tags": { "string" : "string" }, "version": "string" }

URI Request Parameters

The request uses the following URI parameters.

name

The name of the cluster to create the node group in.

Required: Yes

Request Body

The request accepts the following data in JSON format.

amiType

The AMI type for your node group. GPU instance types should use the AL2_x86_64_GPU AMI type. Non-GPU instances should use the AL2_x86_64 AMI type. Arm instances should use the AL2_ARM_64 AMI type. All types use the Amazon EKS optimized Amazon Linux 2 AMI. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Type: String

Valid Values: AL2_x86_64 | AL2_x86_64_GPU | AL2_ARM_64

Required: No

clientRequestToken

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.

Type: String

Required: No

diskSize

The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Type: Integer

Required: No

instanceTypes

The instance type to use for your node group. You can specify a single instance type for a node group. The default value for instanceTypes is t3.medium. If you choose a GPU instance type, be sure to specify AL2_x86_64_GPU with the amiType parameter. If you specify launchTemplate, then don't specify instanceTypes, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Type: Array of strings

Required: No

labels

The Kubernetes labels to be applied to the nodes in the node group when they are created.

Type: String to string map

Key Length Constraints: Minimum length of 1. Maximum length of 63.

Value Length Constraints: Minimum length of 1. Maximum length of 253.

Required: No

launchTemplate

An object representing a node group's launch template specification. If specified, then do not specify instanceTypes, diskSize, or remoteAccess and make sure that the launch template meets the requirements in launchTemplateSpecification.

Type: LaunchTemplateSpecification object

Required: No

nodegroupName

The unique name to give your node group.

Type: String

Required: Yes

nodeRole

The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to AWS APIs on your behalf. Worker nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch worker nodes and register them into a cluster, you must create an IAM role for those worker nodes to use when they are launched. For more information, see Amazon EKS Worker Node IAM Role in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Type: String

Required: Yes

releaseVersion

The AMI version of the Amazon EKS optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see Amazon EKS optimized Amazon Linux 2 AMI versions in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Type: String

Required: No

remoteAccess

The remote access (SSH) configuration to use with your node group. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Type: RemoteAccessConfig object

Required: No

scalingConfig

The scaling configuration details for the Auto Scaling group that is created for your node group.

Type: NodegroupScalingConfig object

Required: No

subnets

The subnets to use for the Auto Scaling group that is created for your node group. These subnets must have the tag key kubernetes.io/cluster/CLUSTER_NAME with a value of shared, where CLUSTER_NAME is replaced with the name of your cluster. If you specify launchTemplate, then don't specify SubnetId in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Type: Array of strings

Required: Yes

tags

The metadata to apply to the node group to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Node group tags do not propagate to any other resources associated with the node group, such as the Amazon EC2 instances or subnets.

Type: String to string map

Map Entries: Maximum number of 50 items.

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Value Length Constraints: Maximum length of 256.

Required: No

version

The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support in the Amazon EKS User Guide.

Type: String

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "nodegroup": { "amiType": "string", "clusterName": "string", "createdAt": number, "diskSize": number, "health": { "issues": [ { "code": "string", "message": "string", "resourceIds": [ "string" ] } ] }, "instanceTypes": [ "string" ], "labels": { "string" : "string" }, "launchTemplate": { "id": "string", "name": "string", "version": "string" }, "modifiedAt": number, "nodegroupArn": "string", "nodegroupName": "string", "nodeRole": "string", "releaseVersion": "string", "remoteAccess": { "ec2SshKey": "string", "sourceSecurityGroups": [ "string" ] }, "resources": { "autoScalingGroups": [ { "name": "string" } ], "remoteAccessSecurityGroup": "string" }, "scalingConfig": { "desiredSize": number, "maxSize": number, "minSize": number }, "status": "string", "subnets": [ "string" ], "tags": { "string" : "string" }, "version": "string" } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

nodegroup

The full description of your new node group.

Type: Nodegroup object

Errors

For information about the errors that are common to all actions, see Common Errors.

ClientException

These errors are usually caused by a client action. Actions can include using an action or resource on behalf of a user that doesn't have permissions to use the action or resource or specifying an identifier that is not valid.

HTTP Status Code: 400

InvalidParameterException

The specified parameter is invalid. Review the available parameters for the API request.

HTTP Status Code: 400

InvalidRequestException

The request is invalid given the state of the cluster. Check the state of the cluster and the associated operations.

HTTP Status Code: 400

ResourceInUseException

The specified resource is in use.

HTTP Status Code: 409

ResourceLimitExceededException

You have encountered a service limit on the specified resource.

HTTP Status Code: 400

ServerException

These errors are usually caused by a server-side issue.

HTTP Status Code: 500

ServiceUnavailableException

The service is unavailable. Back off and retry the operation.

HTTP Status Code: 503

Examples

In the following example or examples, the Authorization header contents (AUTHPARAMS) must be replaced with an AWS Signature Version 4 signature. For more information about creating these signatures, see Signature Version 4 Signing Process in the AWS General Reference.

You need to learn how to sign HTTP requests only if you intend to manually create them. When you use the AWS Command Line Interface (AWS CLI) or one of the AWS SDKs to make requests to AWS, these tools automatically sign the requests for you with the access key that you specify when you configure the tools. When you use these tools, you don't need to learn how to sign requests yourself.

Example 1

This example creates a managed node group without a launch template that uses an Amazon EKS optimized AMI with GPU support on p2.xlarge instances.

Sample Request

POST /clusters/prod/node-groups HTTP/1.1 Host: eks.us-west-2.amazonaws.com Accept-Encoding: identity User-Agent: aws-cli/1.16.298 Python/3.6.0 Windows/10 botocore/1.13.34 X-Amz-Date: 20200812T151423Z Authorization: AUTHPARAMS Content-Length: 454 { "nodegroupName": "my-nodegroup-gpu", "scalingConfig": { "minSize": 2, "maxSize": 2, "desiredSize": 2 }, "subnets": ["subnet-0ebe45f14d9993e94", "subnet-009b4e4f44b70f83e", "subnet-0bec11589750eda21", "subnet-0ff9df29c39e41fa0"], "instanceTypes": ["p2.xlarge"], "amiType": "AL2_x86_64_GPU", "remoteAccess": { "ec2SshKey": "id_rsa" }, "nodeRole": "arn:aws:iam::012345678910:role/NodeInstanceRole", "clientRequestToken": "34c281f6-7079-4e9c-a267-f8983956880d" }

Sample Response

HTTP/1.1 200 OK Date: Wed, 12 Aug 2020 15:14:24 GMT Content-Type: application/json Content-Length: 951 x-amzn-RequestId: d369e009-bc96-4dd5-861a-6effe5aaf0a5 x-amz-apigw-id: DAc5BGsWvHcF_bw= X-Amzn-Trace-Id: Root=1-5dc9a839-294790909d31f4845b62b150 Connection: keep-alive { "nodegroup": { "nodegroupName": "my-nodegroup-gpu2", "nodegroupArn": "arn:aws:eks:us-west-2:012345678910:nodegroup/lt-testing/my-nodegroup-gpu2/1cb9f19e-472f-c5b7-9f0e-1af15c57f815", "clusterName": "lt-testing", "version": "1.17", "releaseVersion": "1.17.9-20200804", "createdAt": 1.597245264844E9, "modifiedAt": 1.597245264844E9, "status": "CREATING", "scalingConfig": { "minSize": 2, "maxSize": 2, "desiredSize": 2 }, "instanceTypes": ["p2.xlarge"], "subnets": ["subnet-0ebe45f14d9993e94", "subnet-009b4e4f44b70f83e", "subnet-0bec11589750eda21", "subnet-0ff9df29c39e41fa0"], "remoteAccess": { "ec2SshKey": "id_rsa", "sourceSecurityGroups": null }, "amiType": "AL2_x86_64_GPU", "nodeRole": "arn:aws:iam::012345678910:role/NodeInstanceRole", "labels": null, "resources": null, "diskSize": 20, "health": { "issues": [] }, "launchTemplate": null, "tags": {} } }

Example 2

This example creates a managed node group with an Amazon EKS optimized AMI using version 2 of a launch template named my-launch-template.

Sample Request

POST /clusters/lt-testing/node-groups HTTP/1.1 Host: eks.us-west-2.amazonaws.com Accept-Encoding: identity User-Agent: aws-cli/1.16.298 Python/3.6.0 Windows/10 botocore/1.13.34 X-Amz-Date: 20200812T135927Z Authorization: AUTHPARAMS Content-Length: 433 { "nodegroupName": "my-nodegroup", "scalingConfig": { "minSize": 2, "maxSize": 2, "desiredSize": 2 }, "subnets": ["subnet-0ebe45f14d9993e94", "subnet-009b4e4f44b70f83e", "subnet-0bec11589750eda21", "subnet-0ff9df29c39e41fa0"], "amiType": "AL2_x86_64", "nodeRole": "arn:aws:iam::012345678910:role/NodeInstanceRole", "launchTemplate": { "name": "my-launch-template", "version": "2" }, "clientRequestToken": "be327909-8b10-47fd-a701-a0c979530a92" }

Sample Response

HTTP/1.1 200 OK Date: Wed, 12 Aug 2020 13:59:32 GMT Content-Type: application/json Content-Length: 1028 x-amzn-RequestId: d369e009-bc96-4dd5-861a-6effe5aaf0a5 x-amz-apigw-id: DAc5BGsWvHcF_bw= X-Amzn-Trace-Id: Root=1-5dc9a839-294790909d31f4845b62b150 Connection: keep-alive { "nodegroup": { "nodegroupName": "my-nodegroup", "nodegroupArn": "arn:aws:eks:us-west-2:012345678910:nodegroup/my-cluster/my-nodegroup/66b9f17b-fcfd-9622-d4cc-23431aa3fdf4", "clusterName": "my-cluster", "version": "1.17", "releaseVersion": "1.17.9-20200804", "createdAt": 1.597240771904E9, "modifiedAt": 1.597240771904E9, "status": "CREATING", "scalingConfig": { "minSize": 2, "maxSize": 2, "desiredSize": 2 }, "instanceTypes": null, "subnets": ["subnet-0ebe45f14d9993e94", "subnet-009b4e4f44b70f83e", "subnet-0bec11589750eda21", "subnet-0ff9df29c39e41fa0"], "remoteAccess": null, "amiType": "AL2_x86_64", "nodeRole": "arn:aws:iam::012345678910:role/NodeInstanceRole", "labels": null, "resources": null, "diskSize": null, "health": { "issues": [] }, "launchTemplate": { "name": "my-template", "version": "2", "id": "lt-0c7d58a2c9e1ae077" }, "tags": {} } }

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: