File tree Expand file tree Collapse file tree 3 files changed +12
-1
lines changed
manifests/zalando-iam-aws-proxy
node-pools/worker-karpenter Expand file tree Collapse file tree 3 files changed +12
-1
lines changed Original file line number Diff line number Diff line change @@ -47,6 +47,10 @@ karpenter_instance_storage_raid0: "true"
47
47
# Can be set cluster wide or per node pool
48
48
karpenter_in_transit_support_required : " false"
49
49
50
+ # configure whether we allow t instance families for Karpenter nodes
51
+ # t type instances have burstable CPU, which can be undesirable in production
52
+ karpenter_instance_family_t_enabled : " false"
53
+
50
54
# ALB config created by kube-aws-ingress-controller
51
55
kube_aws_ingress_controller_ssl_policy : " ELBSecurityPolicy-TLS-1-2-2017-01"
52
56
kube_aws_ingress_controller_idle_timeout : " 1m"
Original file line number Diff line number Diff line change 27
27
serviceAccountName : zalando-iam-aws-proxy
28
28
containers :
29
29
- name : proxy
30
- image : 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/zalando-iam-aws-proxy:main-1
30
+ image : 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/zalando-iam-aws-proxy:main-2
31
31
args :
32
32
- " --apiserver-url=https://kubernetes.default.svc.cluster.local"
33
33
- " --ca-file-path=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
Original file line number Diff line number Diff line change @@ -157,6 +157,13 @@ spec:
157
157
values :
158
158
# the ARM architecture is too old and flannel breaks
159
159
- " a1"
160
+ #{{ if eq .Cluster.ConfigItems.karpenter_instance_family_t_enabled "false"}}
161
+ # t type instances have burstable CPU, undesired in production
162
+ - " t4g"
163
+ - " t3a"
164
+ - " t3"
165
+ - " t2"
166
+ #{{ end }}
160
167
#{{ if eq .NodePool.ConfigItems.karpenter_in_transit_support_required "true" }}
161
168
- key : karpenter.k8s.aws/instance-encryption-in-transit-supported
162
169
operator : In
You can’t perform that action at this time.
0 commit comments