kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add minimum version for specifying an AMI through an SSM parameter

This commit is contained in:
Ciprian Hacman 2022-11-21 07:33:41 +02:00
parent a2ed86d261
commit 159fa89ae6
2 changed files with 8 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docs/operations/images.md
View File

@ -2,14 +2,13 @@
As of Kubernetes 1.18 the default images used by kOps are the **[official Ubuntu 20.04](#ubuntu-2004-focal)** images.
You can choose a different image for an instance group by editing it with `kops edit ig nodes`. You should see an `image` field in one of the following formats:
You can choose a different image for an instance group by editing it with `kops edit ig nodes`.
* `ami-abcdef` - specifies an AMI by id directly
* `<owner>/<name>` specifies an AMI by its owner's account ID and name properties
* `<alias>/<name>` specifies an AMI by its [owner's alias](#owner-aliases) and name properties
* `ssm:<ssm_parameter>` specifies an AMI through an SSM parameter
Using the AMI id is precise, but ids vary by region. It is often more convenient to use the `<owner/alias>/<name>` if equivalent images with the same name have been copied to other regions.
For AWS, you should set the `image` field in one of the following formats:
* `ami-abcdef` - specifies an image by id directly (image id is precise, but ids vary by region)
* `<owner>/<name>` specifies an image by its owner's account ID and name properties
* `<alias>/<name>` specifies an image by its [owner's alias](#owner-aliases) and name properties
* `ssm:<ssm_parameter>` specifies an image through an SSM parameter (kOps 1.26+)
```yaml
image: ami-00579fbb15b954340
@ -18,10 +17,6 @@ image: ubuntu/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20200423
image: ssm:/aws/service/canonical/ubuntu/server/20.04/stable/current/amd64/hvm/ebs-gp2/ami-id
```
You can find the name for an image using:
`aws ec2 describe-images --region us-east-1 --image-id ami-00579fbb15b954340`
## Security Updates
Automated security updates are handled by kOps for Debian, Flatcar and Ubuntu distros. This can be disabled by editing the cluster configuration:

2
docs/tutorial/working-with-instancegroups.md
View File

@ -194,6 +194,8 @@ using preemptible/spot instances you might be waiting for a long time.
## Fetching images via AWS SSM (AWS Only)
{{ kops_feature_table(kops_added_default='1.26') }}
If you are using AWS, you can dynamically fetch instance group images from an AWS SSM Parameter. kOps will automatically fetch SSM Parameter and lookup the AMI ID on every `kops update cluster` run. This is useful if you often update your images and don't want to update your instance group configuration every time. Your SSM Parameter must start with `ssm:` and contain the full path of the SSM Parameter.
An example spec looks like this: