Docs: update and polish "Kubernetes on AWS" example

Signed-off-by: Solomon Hykes <sh.github.6811@hykes.org>
2021-04-01 22:37:14 +00:00
parent e701de01c1
commit 48e8b200ae
5 changed files with 48 additions and 15 deletions
--- a/examples/kubernetes-aws/cfn_template_eks_nodegroup.cue
+++ b/examples/kubernetes-aws/cfn_template_eks_nodegroup.cue
@@ -0,0 +1,89 @@
+package main
+
+#CFNTemplate: eksNodeGroup: {
+	AWSTemplateFormatVersion: "2010-09-09"
+	Description:              "Amazon EKS - Node Group"
+	Parameters: {
+		ClusterName: {
+			Type:        "String"
+			Description: "The cluster name provided when the cluster was created. If it is incorrect, nodes will not be able to join the cluster."
+		}
+		NodeAutoScalingGroupDesiredCapacity: {
+			Type:        "Number"
+			Default:     3
+			Description: "Desired capacity of Node Group ASG."
+		}
+		NodeAutoScalingGroupMaxSize: {
+			Type:        "Number"
+			Default:     4
+			Description: "Maximum size of Node Group ASG. Set to at least 1 greater than NodeAutoScalingGroupDesiredCapacity."
+		}
+		NodeAutoScalingGroupMinSize: {
+			Type:        "Number"
+			Default:     1
+			Description: "Minimum size of Node Group ASG."
+		}
+		NodeInstanceType: {
+			Type:                  "String"
+			Default:               "t3.medium"
+			ConstraintDescription: "Must be a valid EC2 instance type"
+			Description:           "EC2 instance type for the node instances"
+		}
+		Subnets: {
+			Type:        "List<AWS::EC2::Subnet::Id>"
+			Description: "The subnets where workers can be created."
+		}
+	}
+	Resources: {
+		NodeInstanceRole: {
+			Type: "AWS::IAM::Role"
+			Properties: {
+				AssumeRolePolicyDocument: {
+					Version: "2012-10-17"
+					Statement: [
+						{
+							Effect: "Allow"
+							Principal: Service: [
+								"ec2.amazonaws.com",
+							]
+							Action: [
+								"sts:AssumeRole",
+							]
+						},
+					]
+				}
+				ManagedPolicyArns: [
+					"arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
+					"arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy",
+					"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly",
+				]
+				Path: "/"
+			}
+		}
+		Nodegroup: {
+			Type: "AWS::EKS::Nodegroup"
+			Properties: {
+				ClusterName: Ref: "ClusterName"
+				NodeRole: "Fn::GetAtt": [
+					"NodeInstanceRole",
+					"Arn",
+				]
+				ScalingConfig: {
+					MaxSize: Ref:     "NodeAutoScalingGroupMaxSize"
+					MinSize: Ref:     "NodeAutoScalingGroupMinSize"
+					DesiredSize: Ref: "NodeAutoScalingGroupDesiredCapacity"
+				}
+				InstanceTypes: [{Ref: "NodeInstanceType"}]
+				AmiType: "AL2_x86_64"
+				Subnets: Ref: "Subnets"
+			}
+		}
+	}
+	Outputs: NodeInstanceRole: {
+		Description: "The node instance role"
+		Value: "Fn::GetAtt": [
+			"NodeInstanceRole",
+			"Arn",
+		]
+	}
+}