跳转至

eks-auto-mode-sample

attachments/eks-auto-mode-sample/IMG-eks-auto-mode-sample.png

components

limitation

  • https://docs.aws.amazon.com/eks/latest/userguide/auto-networking.html
  • Security Groups per Pod (SGPP).
  • Custom Networking. The IP Addresses of Pods and Nodes must be from the same CIDR Block.
  • Warm IP, warm prefix, and warm ENI configurations.
  • Minimum IP targets configuration.
  • Enabling or disabling prefix delegation.
  • Other configurations supported by the open-source AWS CNI.
  • Network Policy configurations such as conntrack timer customization (default is 300s).
  • Exporting network event logs to CloudWatch.

pricing

  • 额外收取 auto mode 管理的 EC2 节点的 Ondemond 价格 12% (link)

sample

load balancer controller

  • test pod with service and ingress
    ---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: echoserver
spec:
  selector:
    matchLabels:
      app: echoserver
  replicas: 1
  template:
    metadata:
      labels:
        app: echoserver
    spec:
      containers:
      - image: k8s.gcr.io/e2e-test-images/echoserver:2.5
        imagePullPolicy: Always
        name: echoserver
        ports:
        - containerPort: 8080

---
apiVersion: v1
kind: Service
metadata:
  name: echoserver
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
    service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
spec:
  loadBalancerClass: eks.amazonaws.com/nlb
  ports:

    - port: 80
      targetPort: 8080
      protocol: TCP
  type: LoadBalancer
  selector:
    app: echoserver

---
apiVersion: networking.k8s.io/v1
kind: IngressClass
metadata:
  labels:
    app.kubernetes.io/name: LoadBalancerController
  name: eks-alb
spec:
  controller: eks.amazonaws.com/alb
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: echoserver
  annotations:
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
spec:
  ingressClassName: eks-alb
  rules:

  - host: '*.us-west-2.elb.amazonaws.com'
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: echoserver
            port:
              number: 80

ebs csi

  • storage class

    apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: eks-auto-ebs-csi-sc
  annotations:
    storageclass.kubernetes.io/is-default-class: "true"
provisioner: ebs.csi.eks.amazonaws.com
volumeBindingMode: WaitForFirstConsumer
parameters:
  type: gp3

  • test pod

    ---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: test-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 9Gi
  # 不指定 storageClassName,将使用默认的 StorageClass

---
apiVersion: v1
kind: Pod
metadata:
  name: test-pod
spec:
  containers:

  - name: test-container
    image: nginx
    volumeMounts:
    - name: test-volume
      mountPath: /test-data
  volumes:
  - name: test-volume
    persistentVolumeClaim:
      claimName: test-pvc