本文内容非常基础,就是熟悉一下写博客,建议不用看,就是一些官方文档内容
karpenter install
export KARPENTER_VERSION=v0.27.3
export CLUSTER_NAME="${USER}-karpenter-demo"
export AWS_DEFAULT_REGION="cn-north-1"
export AWS_ACCOUNT_ID="$(aws sts get-caller-identity --query Account --output text)"
export TEMPOUT=$(mktemp)
echo $KARPENTER_VERSION $CLUSTER_NAME $AWS_DEFAULT_REGION $AWS_ACCOUNT_ID $TEMPOUTcurl -fsSL https://karpenter.sh/"${KARPENTER_VERSION}"/getting-started/getting-started-with-karpenter/cloudformation.yaml > $TEMPOUT && aws cloudformation deploy --stack-name "Karpenter-${CLUSTER_NAME}" --template-file "${TEMPOUT}" --capabilities CAPABILITY_NAMED_IAM --parameter-overrides "ClusterName=${CLUSTER_NAME}"
eksctl create cluster -f - <<EOF
---
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: ${CLUSTER_NAME}
region: ${AWS_DEFAULT_REGION}
version: "1.24"
tags:
karpenter.sh/discovery: ${CLUSTER_NAME}
iam:
withOIDC: true
serviceAccounts:
- metadata:
name: karpenter
namespace: karpenter
roleName: ${CLUSTER_NAME}-karpenter
attachPolicyARNs:
- arn:aws-cn:iam::${AWS_ACCOUNT_ID}:policy/KarpenterControllerPolicy-${CLUSTER_NAME}
roleOnly: true
iamIdentityMappings:
- arn: "arn:aws-cn:iam::${AWS_ACCOUNT_ID}:role/KarpenterNodeRole-${CLUSTER_NAME}"
username: system:node:{{EC2PrivateDNSName}}
groups:
- system:bootstrappers
- system:nodes
managedNodeGroups:
- instanceType: m5.large
amiFamily: AmazonLinux2
name: ${CLUSTER_NAME}-ng
desiredCapacity: 2
minSize: 1
maxSize: 10
## Optionally run on fargate
# fargateProfiles:
# - name: karpenter
# selectors:
# - namespace: karpenter
EOF
export CLUSTER_ENDPOINT="$(aws eks describe-cluster --name ${CLUSTER_NAME} --query "cluster.endpoint" --output text)"
export KARPENTER_IAM_ROLE_ARN="arn:aws-cn:iam::${AWS_ACCOUNT_ID}:role/${CLUSTER_NAME}-karpenter"
echo $CLUSTER_ENDPOINT $KARPENTER_IAM_ROLE_ARNaws iam create-service-linked-role --aws-service-name spot.amazonaws.com || true
# If the role has already been successfully created, you will see:
# An error occurred (InvalidInput) when calling the CreateServiceLinkedRole operation: Service role name AWSServiceRoleForEC2Spot has been taken in this account, please try a different suffix.
docker logout public.ecr.aws
helm upgrade --install karpenter oci://public.ecr.aws/karpenter/karpenter --version ${KARPENTER_VERSION} --namespace karpenter --create-namespace --set serviceAccount.annotations."eks\.amazonaws\.com/role-arn"=${KARPENTER_IAM_ROLE_ARN} --set settings.aws.clusterName=${CLUSTER_NAME} --set settings.aws.defaultInstanceProfile=KarpenterNodeInstanceProfile-${CLUSTER_NAME} --set settings.aws.interruptionQueueName=${CLUSTER_NAME} --set controller.resources.requests.cpu=1 --set controller.resources.requests.memory=1Gi --set controller.resources.limits.cpu=1 --set controller.resources.limits.memory=1Gi --waitcat <<EOF | kubectl apply -f -
apiVersion: karpenter.sh/v1alpha5
kind: Provisioner
metadata:
name: default
spec:
requirements:
- key: karpenter.sh/capacity-type
operator: In
values: ["spot"]
limits:
resources:
cpu: 1000
providerRef:
name: default
ttlSecondsAfterEmpty: 30
---
apiVersion: karpenter.k8s.aws/v1alpha1
kind: AWSNodeTemplate
metadata:
name: default
spec:
subnetSelector:
karpenter.sh/discovery: ${CLUSTER_NAME}
securityGroupSelector:
karpenter.sh/discovery: ${CLUSTER_NAME}
EOF
测试deployment
cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: inflate
spec:
replicas: 0
selector:
matchLabels:
app: inflate
template:
metadata:
labels:
app: inflate
spec:
nodeSelector:
disktype: ssd
terminationGracePeriodSeconds: 0
containers:
- name: inflate
image: public.ecr.aws/eks-distro/kubernetes/pause:3.7
resources:
requests:
cpu: 1
EOF
kubectl scale deployment inflate --replicas 5偷跑节点组
由于eks控制台展示的数据是从集群内部获取的,因此当使用provisoner创建节点的时候可以打标签偷跑,
eks.amazonaws.com/nodegroup=ec2-user-karpenter-demo-ng
测试一下就是这个标签
5 apiVersion: karpenter.sh/v1alpha5
6 kind: Provisioner
7 metadata:
8 annotations:
9 kubectl.kubernetes.io/last-applied-configuration: |
10 {"apiVersion":"karpenter.sh/v1alpha5","kind":"Provisioner","metadata":{"annotations":{},"name":"default"},"spec":{"limits":{"resources":{"cpu":1000}},"providerRef":{"name":"default"},"requirements":[{"key":"karpenter.sh/capacity-type","operator":"In","values":["spot"]}],"ttlSecondsAfterEmpty":30}}
11 creationTimestamp: "2023-05-09T14:37:27Z"
12 generation: 3
13 name: default
14 resourceVersion: "337668"
15 uid: c132ec6f-06ae-4153-ad87-2eaf2de7ee6e
16 spec:
17 labels:
18 alpha.eksctl.io/nodegroup-name: ec2-user-karpenter-demo-ng
19 eks.amazonaws.com/nodegroup: ec2-user-karpenter-demo-ng
20 limits:
21 resources:
22 cpu: 1k
23 providerRef:
24 name: default
25 requirements:
26 - key: karpenter.sh/capacity-type
27 operator: In
28 values:
29 - spot
30 - key: kubernetes.io/os
31 operator: In
32 values:
33 - linux
34 - key: kubernetes.io/arch
35 operator: In
36 values:
37 - amd64
38 - key: karpenter.k8s.aws/instance-category
39 operator: In
40 values:
41 - c
42 - m
43 - r
44 - key: karpenter.k8s.aws/instance-generation
45 operator: Gt
46 values:
47 - "2"
48 ttlSecondsAfterEmpty: 30
49 status:
50 resources:
51 attachable-volumes-aws-ebs: "78"
52 cpu: "20"
53 ephemeral-storage: 41918424Ki
54 memory: 46104900Ki
55 pods: "292"
~
