K
Q

eks cluster - adding worker nodes - how does applying a configmap makes my nodes visible to the k8s cluster?

2/25/2019

I'm trying out AWS EKS following this guide https://learn.hashicorp.com/terraform/aws/eks-intro

I understand all the steps except for the last one where the instructions say to apply a configmap. Before this step, I couldn't see my worker nodes from the cluster kubectl get nodes. But, I can see my worker nodes after applying this configmap. Can someone please explain to me how this configmap actually accomplishes this feat.

Here is the configmap:

apiVersion: v1
kind: ConfigMap
metadata:
  name: aws-auth
  namespace: kube-system
data:
  mapRoles: |
    - rolearn: ${aws_iam_role.demo-node.arn}
      username: system:node:{{EC2PrivateDNSName}}
      groups:
        - system:bootstrappers
        - system:nodes

Thanks,

Ashutosh Singh

-- ashutosh singh
amazon-web-services
eks
kubernetes

Similar Questions

windows 2016 kubectl.exe :No connection could be made because the target machine actively refused it
ServiceAccount secrets are mounted with restrictive permissions in OpenTelekomCloud's ClusterContainerEngine
Asp.NET Core HealthChecksUI - empty
How to deploy a dynamically scalable AI service that run on GPUs in GKE?
Jenkins on Kubernetes & Git: SSL Certificate Problem with Self Signed Certificates
Is it possilbe to export private AWS ACM cert and use it on nginx ingress

1 Answer

2/25/2019

The data in that configmap are what enables the worker node to join the cluster. Specifically, it needs the proper role ARN permissions. In the tutorial you are following, look at how aws_iam_role.demo-node.arn is defined, then look up the permissions associated with those policies. You can experiment around and remove/add other policies and see how it affects the node's ability to interact with the cluster.

-- swagrov
Source: StackOverflow