Skip to content

Commit

Permalink
docs: Update IRSA Annotation on Karpenter Installation (#5346)
Browse files Browse the repository at this point in the history
  • Loading branch information
@engedaam
engedaam authored Dec 15, 2023
1 parent c3f295d commit 364236d
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 6 deletions.
2 changes: 2 additions & 0 deletions website/content/en/docs/getting-started/getting-started-with-karpenter/_index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,8 @@ See [Enabling Windows support](https://docs.aws.amazon.com/eks/latest/userguide/

{{% alert title="Warning" color="warning" %}}
Karpenter supports using [Kubernetes Common Expression Language](https://kubernetes.io/docs/reference/using-api/cel/) for validating its Custom Resource Definitions out-of-the-box; however, this feature is not supported on versions of Kubernetes < 1.25. If you are running an earlier version of Kubernetes, you will need to use the Karpenter admission webhooks for validation instead. You can enable these webhooks with `--set webhook.enabled=true` when applying the Karpenter helm chart.

Karpenter now supports using [Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html) to authenticate AWS SDK to make API requests to AWS services using AWS Identity and Access Management (IAM) permissions. This feature not supported on versions of Kubernetes < 1.24. If you are running an earlier version of Kubernetes, you will need to use the [IAM Roles for Service Accounts(IRSA)](https://docs.aws.amazon.com/emr/latest/EMR-on-EKS-DevelopmentGuide/setting-up-enable-IAM.html) for pod authentication instead. You can enable these IRSA with `--set "serviceAccount.annotations.eks\.amazonaws\.com/role-arn=${KARPENTER_IAM_ROLE_ARN}"` when applying the Karpenter helm chart.
{{% /alert %}}

{{% alert title="Warning" color="warning" %}}
Expand Down
2 changes: 0 additions & 2 deletions ...en/docs/getting-started/getting-started-with-karpenter/scripts/step08-apply-helm-chart.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@
helm registry logout public.ecr.aws

helm upgrade --install karpenter oci://public.ecr.aws/karpenter/karpenter --version "${KARPENTER_VERSION}" --namespace "${KARPENTER_NAMESPACE}" --create-namespace \
# Optionally run on fargate or on k8s 1.23
# --set "serviceAccount.annotations.eks\.amazonaws\.com/role-arn=${KARPENTER_IAM_ROLE_ARN}" \
--set "settings.clusterName=${CLUSTER_NAME}" \
--set "settings.interruptionQueue=${CLUSTER_NAME}" \
--set controller.resources.requests.cpu=1 \
Expand Down
2 changes: 2 additions & 0 deletions ...ite/content/en/preview/getting-started/getting-started-with-karpenter/_index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,8 @@ See [Enabling Windows support](https://docs.aws.amazon.com/eks/latest/userguide/

{{% alert title="Warning" color="warning" %}}
Karpenter supports using [Kubernetes Common Expression Language](https://kubernetes.io/docs/reference/using-api/cel/) for validating its Custom Resource Definitions out-of-the-box; however, this feature is not supported on versions of Kubernetes < 1.25. If you are running an earlier version of Kubernetes, you will need to use the Karpenter admission webhooks for validation instead. You can enable these webhooks with `--set webhook.enabled=true` when applying the Karpenter helm chart.

Karpenter now supports using [Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html) to authenticate AWS SDK to make API requests to AWS services using AWS Identity and Access Management (IAM) permissions. This feature not supported on versions of Kubernetes < 1.24. If you are running an earlier version of Kubernetes, you will need to use the [IAM Roles for Service Accounts(IRSA)](https://docs.aws.amazon.com/emr/latest/EMR-on-EKS-DevelopmentGuide/setting-up-enable-IAM.html) for pod authentication instead. You can enable these IRSA with `--set "serviceAccount.annotations.eks\.amazonaws\.com/role-arn=${KARPENTER_IAM_ROLE_ARN}"` when applying the Karpenter helm chart.
{{% /alert %}}

{{% alert title="Warning" color="warning" %}}
Expand Down
2 changes: 0 additions & 2 deletions ...preview/getting-started/getting-started-with-karpenter/scripts/step08-apply-helm-chart.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@
helm registry logout public.ecr.aws

helm upgrade --install karpenter oci://public.ecr.aws/karpenter/karpenter --version "${KARPENTER_VERSION}" --namespace "${KARPENTER_NAMESPACE}" --create-namespace \
# Optionally run on fargate or on k8s 1.23
# --set "serviceAccount.annotations.eks\.amazonaws\.com/role-arn=${KARPENTER_IAM_ROLE_ARN}" \
--set "settings.clusterName=${CLUSTER_NAME}" \
--set "settings.interruptionQueue=${CLUSTER_NAME}" \
--set controller.resources.requests.cpu=1 \
Expand Down
2 changes: 2 additions & 0 deletions website/content/en/v0.33/getting-started/getting-started-with-karpenter/_index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,8 @@ See [Enabling Windows support](https://docs.aws.amazon.com/eks/latest/userguide/

{{% alert title="Warning" color="warning" %}}
Karpenter supports using [Kubernetes Common Expression Language](https://kubernetes.io/docs/reference/using-api/cel/) for validating its Custom Resource Definitions out-of-the-box; however, this feature is not supported on versions of Kubernetes < 1.25. If you are running an earlier version of Kubernetes, you will need to use the Karpenter admission webhooks for validation instead. You can enable these webhooks with `--set webhook.enabled=true` when applying the Karpenter helm chart.

Karpenter now supports using [Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html) to authenticate AWS SDK to make API requests to AWS services using AWS Identity and Access Management (IAM) permissions. This feature not supported on versions of Kubernetes < 1.24. If you are running an earlier version of Kubernetes, you will need to use the [IAM Roles for Service Accounts(IRSA)](https://docs.aws.amazon.com/emr/latest/EMR-on-EKS-DevelopmentGuide/setting-up-enable-IAM.html) for pod authentication instead. You can enable these IRSA with `--set "serviceAccount.annotations.eks\.amazonaws\.com/role-arn=${KARPENTER_IAM_ROLE_ARN}"` when applying the Karpenter helm chart.
{{% /alert %}}

{{% alert title="Warning" color="warning" %}}
Expand Down
2 changes: 0 additions & 2 deletions ...n/v0.33/getting-started/getting-started-with-karpenter/scripts/step08-apply-helm-chart.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@
helm registry logout public.ecr.aws

helm upgrade --install karpenter oci://public.ecr.aws/karpenter/karpenter --version "${KARPENTER_VERSION}" --namespace "${KARPENTER_NAMESPACE}" --create-namespace \
# Optionally run on fargate or on k8s 1.23
# --set "serviceAccount.annotations.eks\.amazonaws\.com/role-arn=${KARPENTER_IAM_ROLE_ARN}" \
--set "settings.clusterName=${CLUSTER_NAME}" \
--set "settings.interruptionQueue=${CLUSTER_NAME}" \
--set controller.resources.requests.cpu=1 \
Expand Down

0 comments on commit 364236d

Please sign in to comment.