-
Notifications
You must be signed in to change notification settings - Fork 128
/
cluster.yml
90 lines (83 loc) · 2.23 KB
/
cluster.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
---
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: quorum-cluster
region: ap-southeast-2
version: "1.23"
# It is recommended that you let eksctl deploy a new VPC for your cluster, it will automatically tag the subnets with the appropriate tags. You may use an existing VPC if you wish but take note of the necessary subnet tags: https://github.com/weaveworks/eksctl/blob/main/examples/04-existing-vpc.yaml https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html
vpc:
# id: vpc-
cidr: "10.0.0.0/16"
clusterEndpoints:
publicAccess: true
privateAccess: true
# subnets:
# public:
# public-a:
# id: subnet-
# public-b:
# id: subnet-
# public-c:
# id: subnet-
# private:
# private-a:
# id: subnet-
# private-b:
# id: subnet-
# private-c:
# id: subnet-
managedNodeGroups:
- name: ng-1
instanceType: m5.xlarge
desiredCapacity: 6 # increase this capacity if you need member/rpc nodes or more validators
privateNetworking: true
labels: { role: workers }
# subnets:
# - private-a
# - private-b
# - private-c
iam:
withAddonPolicies:
ebs: true
efs: true
cloudWatch:
clusterLogging:
enableTypes: ["*"]
logRetentionInDays: 60
# optional but recommended
#secretsEncryption:
# keyARN: "arn:aws:kms:us-east-2:..."
iam:
withOIDC: true
serviceAccounts:
- metadata:
name: quorum-ebs-efs-csi-drivers
namespace: kube-system
wellKnownPolicies:
ebsCSIController: true
efsCSIController: true
roleName: quorum-ebs-efs-csi-drivers
- metadata:
name: ebs-csi-controller-sa
namespace: kube-system
wellKnownPolicies:
ebsCSIController: true
roleName: quorum-ebs-csi-drivers
- metadata:
name: efs-csi-controller-sa
namespace: kube-system
wellKnownPolicies:
efsCSIController: true
roleName: quorum-efs-csi-drivers
addons:
- name: vpc-cni
version: latest
attachPolicyARNs:
- arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
- name: coredns
version: latest
- name: kube-proxy
version: latest
- name: aws-ebs-csi-driver
version: latest