diff --git a/charts/karpenter/templates/aggregate-clusterrole.yaml b/charts/karpenter/templates/aggregate-clusterrole.yaml index 155cccea565a..4f71da66b4ba 100644 --- a/charts/karpenter/templates/aggregate-clusterrole.yaml +++ b/charts/karpenter/templates/aggregate-clusterrole.yaml @@ -13,6 +13,12 @@ rules: - apiGroups: ["karpenter.sh"] resources: ["provisioners", "provisioners/status", "machines", "machines/status"] verbs: ["get", "list", "watch", "create", "delete", "patch"] + - apiGroups: ["karpenter.sh"] + resources: ["nodepools", "nodepools/status", "nodeclaims", "nodeclaims/status"] + verbs: ["get", "list", "watch", "create", "delete", "patch"] - apiGroups: ["karpenter.k8s.aws"] resources: ["awsnodetemplates"] verbs: ["get", "list", "watch", "create", "delete", "patch"] + - apiGroups: ["compute.k8s.aws"] + resources: ["nodeclasses"] + verbs: ["get", "list", "watch", "create", "delete", "patch"] diff --git a/charts/karpenter/templates/clusterrole-core.yaml b/charts/karpenter/templates/clusterrole-core.yaml index 2b28bfb826e9..76752a65b039 100644 --- a/charts/karpenter/templates/clusterrole-core.yaml +++ b/charts/karpenter/templates/clusterrole-core.yaml @@ -32,6 +32,9 @@ rules: - apiGroups: ["karpenter.sh"] resources: ["provisioners", "provisioners/status", "machines", "machines/status"] verbs: ["get", "list", "watch"] + - apiGroups: ["karpenter.sh"] + resources: ["nodepools", "nodepools/status", "nodeclaims", "nodeclaims/status"] + verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["pods", "nodes", "persistentvolumes", "persistentvolumeclaims", "replicationcontrollers", "namespaces"] verbs: ["get", "list", "watch"] @@ -56,6 +59,12 @@ rules: - apiGroups: ["karpenter.sh"] resources: ["provisioners", "provisioners/status"] verbs: ["update", "patch"] + - apiGroups: ["karpenter.sh"] + resources: ["nodeclaims", "nodeclaims/status"] + verbs: ["create", "delete", "update", "patch"] + - apiGroups: ["karpenter.sh"] + resources: ["nodepools", "nodepools/status"] + verbs: ["update", "patch"] - apiGroups: [""] resources: ["events"] verbs: ["create", "patch"] diff --git a/charts/karpenter/templates/clusterrole.yaml b/charts/karpenter/templates/clusterrole.yaml index 66ba10b0a393..8580931421a0 100644 --- a/charts/karpenter/templates/clusterrole.yaml +++ b/charts/karpenter/templates/clusterrole.yaml @@ -30,11 +30,11 @@ metadata: rules: # Read - apiGroups: ["karpenter.k8s.aws"] - resources: ["awsnodetemplates"] + resources: ["awsnodetemplates", "ec2nodeclasses"] verbs: ["get", "list", "watch"] # Write - apiGroups: ["karpenter.k8s.aws"] - resources: ["awsnodetemplates", "awsnodetemplates/status"] + resources: ["awsnodetemplates", "awsnodetemplates/status", "ec2nodeclasses", "ec2nodeclasses/status"] verbs: ["patch", "update"] {{- if .Values.webhook.enabled }} - apiGroups: ["admissionregistration.k8s.io"] @@ -45,4 +45,4 @@ rules: resources: ["mutatingwebhookconfigurations"] verbs: ["update"] resourceNames: ["defaulting.webhook.karpenter.k8s.aws"] -{{- end }} \ No newline at end of file +{{- end }} diff --git a/pkg/controllers/controllers.go b/pkg/controllers/controllers.go index e91c0c4710f8..3dd8529debcc 100644 --- a/pkg/controllers/controllers.go +++ b/pkg/controllers/controllers.go @@ -51,6 +51,7 @@ func NewControllers(ctx context.Context, sess *session.Session, clk clock.Clock, linkController := nodeclaimlink.NewController(kubeClient, cloudProvider) controllers := []controller.Controller{ nodeclass.NewNodeTemplateController(kubeClient, recorder, subnetProvider, securityGroupProvider, amiProvider, instanceProfileProvider), + nodeclass.NewNodeClassController(kubeClient, recorder, subnetProvider, securityGroupProvider, amiProvider, instanceProfileProvider), linkController, nodeclaimgarbagecollection.NewController(kubeClient, cloudProvider, linkController), }