Skip to content

Instantly share code, notes, and snippets.

@Chris-Carmichael

Chris-Carmichael/eksctl-cilium.sh

Forked from ruzickap/eksctl-cilium.sh
Created January 14, 2023 13:35
Show Gist options
  • Save Chris-Carmichael/e3e561959b9170b9ce653ffa6821e16b to your computer and use it in GitHub Desktop.
Save Chris-Carmichael/e3e561959b9170b9ce653ffa6821e16b to your computer and use it in GitHub Desktop.
Download ZIP
Install Amazon EKS cluster with Cilium CNI using eksctl
Raw
eksctl-cilium.sh
#!/usr/bin/env bash
export CLUSTER_NAME="ruzickap-cilium"
export AWS_DEFAULT_REGION="eu-central-1"
export KUBECONFIG="/tmp/kubeconfig-${CLUSTER_NAME}.conf"
export TAGS="[email protected] Environment=dev Group=Cloud_Native Squad=Cloud_Container_Platform"
set -euxo pipefail
cat > "/tmp/eksctl-${CLUSTER_NAME}.yaml" << EOF
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: ${CLUSTER_NAME}
region: ${AWS_DEFAULT_REGION}
version: "1.21"
tags: &tags
$(echo "${TAGS}" | sed "s/ /\\n /g; s/^/ /g; s/=/: /g")
iam:
withOIDC: true
managedNodeGroups:
- name: managed-ng-1
amiFamily: Bottlerocket
instanceType: t2.medium
desiredCapacity: 2
minSize: 2
maxSize: 3
volumeSize: 30
tags:
<<: *tags
compliance:na:defender: bottlerocket
volumeEncrypted: true
disableIMDSv1: true
taints:
- key: "node.cilium.io/agent-not-ready"
value: "true"
effect: "NoSchedule"
EOF
eksctl create cluster --config-file "/tmp/eksctl-${CLUSTER_NAME}.yaml" --kubeconfig "${KUBECONFIG}"
kubectl delete daemonset -n kube-system aws-node
# https://github.com/cilium/cilium/blob/master/install/kubernetes/cilium/values.yaml
helm repo add cilium https://helm.cilium.io/
helm install cilium cilium/cilium --version 1.11.1 \
--namespace kube-system \
--set egressMasqueradeInterfaces=eth0
echo "export KUBECONFIG=\"/tmp/kubeconfig-${CLUSTER_NAME}.conf\""
sleep 10
cilium status
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment