-
Notifications
You must be signed in to change notification settings - Fork 320
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[EKS] Managed Node Groups Launch Template Support #585
Comments
will this allow adding node taints for EKS managed node groups? |
This issue has the unintended potential to become a bucket for all features. Let's make sure we track the launch template support separately from other feature requests like custom AMIs, passing user data, tainting nodes during provisioning/editing nodegroups. Launch template should definitely support any feature supported by NodeGroups just in a declarative way. @ivanmp91 - Can you please open an issue if one doesn't exist for node taints and describe the use case and the expected workflow that needs to support node tainting? I am assuming here that you want nodes to be tainted as part of provisioning / editing nodegroups? |
Hi @eswarbala ! That's right, I'd like to have nodes tainted as part of the provisioning/editing nodegroups. Looks like somebody else created an issue: #507, my use case it's pretty much the same as the one already described, but I'm gonna provide some more details there. Thanks! |
Will this feature allow adding nodes to NLB target groups? |
we have use case to configure forward proxy to the managed worker nodes, looking forward to have this feature released. |
The managed nodegroup currently only allows IAM role with following attached IAM policies:
It does not support the usage of IAM roles for the nodes without the above managed policies, even though the roles have required capabilities. Supporting this feature as well as can help on doing IAM role customization. |
Can this feature also support associate public IPs for nodes = false. Would like to have private subnets of managed nodes (no public IPs) on the nodes. |
Hi all! My questions are: thanks |
Update version ( update-nodegroup-version api ) is disallowed if the Launch Template of the ASG has been modified since customer changes are not guaranteed to be sticky after our upgrade. To be able to perform update and upgrade operation on the node group, kindly revert the manual changes made on the node group resources. Thanks |
When using IAM Roles for Service Accounts (IRSA), the best practice describe in https://docs.aws.amazon.com/eks/latest/userguide/restrict-ec2-credential-access.html is to edit the launch config user-data of the worker node to use iptables block docker container access to the metadata server. When we were running self managed worker nodes, we had this configured in the user-data. The managed worker nodes don't seem to do this on their own (they really should, no?), and there's no way to add it via existing EKS managed worker node apis. |
Hey all, Thanks |
Hi @jhoule-splice we are working on this feature, but as per the roadmap guidelines, we can't share specific timelines in this forum. |
Will this support tagging of ec2 instances launched by managed worker node groups? #608 |
Managed node groups now supports EC2 launch templates! See the launch blog and EKS documentation for more details This launch addresses the following feature requests, and these issues will be closed soon:
The latest eksctl release supports launch template functionality. Excited to see all the use cases this unlocks for applications running on managed node groups, and as always, we welcome your feedback! |
Great feature! Congrats |
It seems launch templates with BlockDeviceMappings are not passed to EKS API. at least not through cloudformation calls to eks. I see "blockDeviceMapping": {}, In the EKS runIntances call. This, even though the launch template id was included in create node group request |
Launch template support ability to launch managed nodes using a provided EC2 launch template. This will support multiple customization options for managed nodes including providing custom AMIs and passing user data during node provisioning.
The text was updated successfully, but these errors were encountered: