mirror of https://github.com/kubernetes/kops.git
1245 lines
36 KiB
JSON
1245 lines
36 KiB
JSON
{
|
|
"Resources": {
|
|
"AWSAutoScalingAutoScalingGroupmasterustest1amasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::AutoScaling::AutoScalingGroup",
|
|
"Properties": {
|
|
"AutoScalingGroupName": "master-us-test-1a.masters.launchtemplates.example.com",
|
|
"LaunchConfigurationName": {
|
|
"Ref": "AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatesexamplecom"
|
|
},
|
|
"MaxSize": 1,
|
|
"MinSize": 1,
|
|
"VPCZoneIdentifier": [
|
|
{
|
|
"Ref": "AWSEC2Subnetustest1alaunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "master-us-test-1a.masters.launchtemplates.example.com",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/master",
|
|
"Value": "1",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "kops.k8s.io/instancegroup",
|
|
"Value": "master-us-test-1a",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned",
|
|
"PropagateAtLaunch": true
|
|
}
|
|
],
|
|
"MetricsCollection": [
|
|
{
|
|
"Granularity": "1Minute",
|
|
"Metrics": [
|
|
"GroupDesiredCapacity",
|
|
"GroupInServiceInstances",
|
|
"GroupMaxSize",
|
|
"GroupMinSize",
|
|
"GroupPendingInstances",
|
|
"GroupStandbyInstances",
|
|
"GroupTerminatingInstances",
|
|
"GroupTotalInstances"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSAutoScalingAutoScalingGroupmasterustest1bmasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::AutoScaling::AutoScalingGroup",
|
|
"Properties": {
|
|
"AutoScalingGroupName": "master-us-test-1b.masters.launchtemplates.example.com",
|
|
"LaunchConfigurationName": {
|
|
"Ref": "AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"MaxSize": 1,
|
|
"MinSize": 1,
|
|
"VPCZoneIdentifier": [
|
|
{
|
|
"Ref": "AWSEC2Subnetustest1blaunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "master-us-test-1b.masters.launchtemplates.example.com",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/master",
|
|
"Value": "1",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "kops.k8s.io/instancegroup",
|
|
"Value": "master-us-test-1b",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned",
|
|
"PropagateAtLaunch": true
|
|
}
|
|
],
|
|
"MetricsCollection": [
|
|
{
|
|
"Granularity": "1Minute",
|
|
"Metrics": [
|
|
"GroupDesiredCapacity",
|
|
"GroupInServiceInstances",
|
|
"GroupMaxSize",
|
|
"GroupMinSize",
|
|
"GroupPendingInstances",
|
|
"GroupStandbyInstances",
|
|
"GroupTerminatingInstances",
|
|
"GroupTotalInstances"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSAutoScalingAutoScalingGroupmasterustest1cmasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::AutoScaling::AutoScalingGroup",
|
|
"Properties": {
|
|
"AutoScalingGroupName": "master-us-test-1c.masters.launchtemplates.example.com",
|
|
"LaunchConfigurationName": {
|
|
"Ref": "AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"MaxSize": 1,
|
|
"MinSize": 1,
|
|
"VPCZoneIdentifier": [
|
|
{
|
|
"Ref": "AWSEC2Subnetustest1claunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "master-us-test-1c.masters.launchtemplates.example.com",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/master",
|
|
"Value": "1",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "kops.k8s.io/instancegroup",
|
|
"Value": "master-us-test-1c",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned",
|
|
"PropagateAtLaunch": true
|
|
}
|
|
],
|
|
"MetricsCollection": [
|
|
{
|
|
"Granularity": "1Minute",
|
|
"Metrics": [
|
|
"GroupDesiredCapacity",
|
|
"GroupInServiceInstances",
|
|
"GroupMaxSize",
|
|
"GroupMinSize",
|
|
"GroupPendingInstances",
|
|
"GroupStandbyInstances",
|
|
"GroupTerminatingInstances",
|
|
"GroupTotalInstances"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSAutoScalingAutoScalingGroupnodeslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::AutoScaling::AutoScalingGroup",
|
|
"Properties": {
|
|
"AutoScalingGroupName": "nodes.launchtemplates.example.com",
|
|
"LaunchConfigurationName": {
|
|
"Ref": "AWSAutoScalingLaunchConfigurationnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"MaxSize": 2,
|
|
"MinSize": 2,
|
|
"VPCZoneIdentifier": [
|
|
{
|
|
"Ref": "AWSEC2Subnetustest1blaunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "nodes.launchtemplates.example.com",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/node",
|
|
"Value": "1",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "kops.k8s.io/instancegroup",
|
|
"Value": "nodes",
|
|
"PropagateAtLaunch": true
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned",
|
|
"PropagateAtLaunch": true
|
|
}
|
|
],
|
|
"MetricsCollection": [
|
|
{
|
|
"Granularity": "1Minute",
|
|
"Metrics": [
|
|
"GroupDesiredCapacity",
|
|
"GroupInServiceInstances",
|
|
"GroupMaxSize",
|
|
"GroupMinSize",
|
|
"GroupPendingInstances",
|
|
"GroupStandbyInstances",
|
|
"GroupTerminatingInstances",
|
|
"GroupTotalInstances"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSAutoScalingLaunchConfigurationmasterustest1amasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::AutoScaling::LaunchConfiguration",
|
|
"Properties": {
|
|
"AssociatePublicIpAddress": true,
|
|
"BlockDeviceMappings": [
|
|
{
|
|
"DeviceName": "/dev/xvda",
|
|
"Ebs": {
|
|
"VolumeType": "gp2",
|
|
"VolumeSize": 64,
|
|
"DeleteOnTermination": true
|
|
}
|
|
}
|
|
],
|
|
"IamInstanceProfile": {
|
|
"Ref": "AWSIAMInstanceProfilemasterslaunchtemplatesexamplecom"
|
|
},
|
|
"ImageId": "ami-12345678",
|
|
"InstanceType": "t3.medium",
|
|
"KeyName": "kubernetes.launchtemplates.example.com-c4:a6:ed:9a:a8:89:b9:e2:c3:9c:d6:63:eb:9c:71:57",
|
|
"SecurityGroups": [
|
|
{
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"UserData": "extracted",
|
|
"InstanceMonitoring": false
|
|
}
|
|
},
|
|
"AWSAutoScalingLaunchConfigurationmasterustest1bmasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::AutoScaling::LaunchConfiguration",
|
|
"Properties": {
|
|
"AssociatePublicIpAddress": true,
|
|
"BlockDeviceMappings": [
|
|
{
|
|
"DeviceName": "/dev/xvda",
|
|
"Ebs": {
|
|
"VolumeType": "gp2",
|
|
"VolumeSize": 64,
|
|
"DeleteOnTermination": true
|
|
}
|
|
}
|
|
],
|
|
"IamInstanceProfile": {
|
|
"Ref": "AWSIAMInstanceProfilemasterslaunchtemplatesexamplecom"
|
|
},
|
|
"ImageId": "ami-12345678",
|
|
"InstanceType": "t3.medium",
|
|
"KeyName": "kubernetes.launchtemplates.example.com-c4:a6:ed:9a:a8:89:b9:e2:c3:9c:d6:63:eb:9c:71:57",
|
|
"SecurityGroups": [
|
|
{
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"UserData": "extracted",
|
|
"InstanceMonitoring": false
|
|
}
|
|
},
|
|
"AWSAutoScalingLaunchConfigurationmasterustest1cmasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::AutoScaling::LaunchConfiguration",
|
|
"Properties": {
|
|
"AssociatePublicIpAddress": true,
|
|
"BlockDeviceMappings": [
|
|
{
|
|
"DeviceName": "/dev/xvda",
|
|
"Ebs": {
|
|
"VolumeType": "gp2",
|
|
"VolumeSize": 64,
|
|
"DeleteOnTermination": true
|
|
}
|
|
}
|
|
],
|
|
"IamInstanceProfile": {
|
|
"Ref": "AWSIAMInstanceProfilemasterslaunchtemplatesexamplecom"
|
|
},
|
|
"ImageId": "ami-12345678",
|
|
"InstanceType": "t3.medium",
|
|
"KeyName": "kubernetes.launchtemplates.example.com-c4:a6:ed:9a:a8:89:b9:e2:c3:9c:d6:63:eb:9c:71:57",
|
|
"SecurityGroups": [
|
|
{
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"UserData": "extracted",
|
|
"InstanceMonitoring": false
|
|
}
|
|
},
|
|
"AWSAutoScalingLaunchConfigurationnodeslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::AutoScaling::LaunchConfiguration",
|
|
"Properties": {
|
|
"AssociatePublicIpAddress": true,
|
|
"BlockDeviceMappings": [
|
|
{
|
|
"DeviceName": "/dev/xvda",
|
|
"Ebs": {
|
|
"VolumeType": "gp2",
|
|
"VolumeSize": 128,
|
|
"DeleteOnTermination": true
|
|
}
|
|
}
|
|
],
|
|
"IamInstanceProfile": {
|
|
"Ref": "AWSIAMInstanceProfilenodeslaunchtemplatesexamplecom"
|
|
},
|
|
"ImageId": "ami-12345678",
|
|
"InstanceType": "t3.medium",
|
|
"KeyName": "kubernetes.launchtemplates.example.com-c4:a6:ed:9a:a8:89:b9:e2:c3:9c:d6:63:eb:9c:71:57",
|
|
"SecurityGroups": [
|
|
{
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"SpotPrice": "0.1",
|
|
"UserData": "extracted",
|
|
"InstanceMonitoring": false
|
|
}
|
|
},
|
|
"AWSEC2DHCPOptionslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::DHCPOptions",
|
|
"Properties": {
|
|
"DomainName": "us-test-1.compute.internal",
|
|
"DomainNameServers": [
|
|
"AmazonProvidedDNS"
|
|
],
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2InternetGatewaylaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::InternetGateway",
|
|
"Properties": {
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2Route00000": {
|
|
"Type": "AWS::EC2::Route",
|
|
"Properties": {
|
|
"RouteTableId": {
|
|
"Ref": "AWSEC2RouteTablelaunchtemplatesexamplecom"
|
|
},
|
|
"DestinationCidrBlock": "0.0.0.0/0",
|
|
"GatewayId": {
|
|
"Ref": "AWSEC2InternetGatewaylaunchtemplatesexamplecom"
|
|
}
|
|
}
|
|
},
|
|
"AWSEC2RouteTablelaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::RouteTable",
|
|
"Properties": {
|
|
"VpcId": {
|
|
"Ref": "AWSEC2VPClaunchtemplatesexamplecom"
|
|
},
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/kops/role",
|
|
"Value": "public"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupEgressmasteregress": {
|
|
"Type": "AWS::EC2::SecurityGroupEgress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 0,
|
|
"ToPort": 0,
|
|
"IpProtocol": "-1",
|
|
"CidrIp": "0.0.0.0/0"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupEgressnodeegress": {
|
|
"Type": "AWS::EC2::SecurityGroupEgress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 0,
|
|
"ToPort": 0,
|
|
"IpProtocol": "-1",
|
|
"CidrIp": "0.0.0.0/0"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngressallmastertomaster": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"SourceSecurityGroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 0,
|
|
"ToPort": 0,
|
|
"IpProtocol": "-1"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngressallmastertonode": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"SourceSecurityGroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 0,
|
|
"ToPort": 0,
|
|
"IpProtocol": "-1"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngressallnodetonode": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"SourceSecurityGroupId": {
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 0,
|
|
"ToPort": 0,
|
|
"IpProtocol": "-1"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngresshttpsexternaltomaster00000": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 443,
|
|
"ToPort": 443,
|
|
"IpProtocol": "tcp",
|
|
"CidrIp": "0.0.0.0/0"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngressnodetomastertcp12379": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"SourceSecurityGroupId": {
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 1,
|
|
"ToPort": 2379,
|
|
"IpProtocol": "tcp"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngressnodetomastertcp23824000": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"SourceSecurityGroupId": {
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 2382,
|
|
"ToPort": 4000,
|
|
"IpProtocol": "tcp"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngressnodetomastertcp400365535": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"SourceSecurityGroupId": {
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 4003,
|
|
"ToPort": 65535,
|
|
"IpProtocol": "tcp"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngressnodetomasterudp165535": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"SourceSecurityGroupId": {
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 1,
|
|
"ToPort": 65535,
|
|
"IpProtocol": "udp"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngresssshexternaltomaster00000": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 22,
|
|
"ToPort": 22,
|
|
"IpProtocol": "tcp",
|
|
"CidrIp": "0.0.0.0/0"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupIngresssshexternaltonode00000": {
|
|
"Type": "AWS::EC2::SecurityGroupIngress",
|
|
"Properties": {
|
|
"GroupId": {
|
|
"Ref": "AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom"
|
|
},
|
|
"FromPort": 22,
|
|
"ToPort": 22,
|
|
"IpProtocol": "tcp",
|
|
"CidrIp": "0.0.0.0/0"
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupmasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::SecurityGroup",
|
|
"Properties": {
|
|
"VpcId": {
|
|
"Ref": "AWSEC2VPClaunchtemplatesexamplecom"
|
|
},
|
|
"GroupDescription": "Security group for masters",
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "masters.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2SecurityGroupnodeslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::SecurityGroup",
|
|
"Properties": {
|
|
"VpcId": {
|
|
"Ref": "AWSEC2VPClaunchtemplatesexamplecom"
|
|
},
|
|
"GroupDescription": "Security group for nodes",
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "nodes.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2SubnetRouteTableAssociationustest1alaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::SubnetRouteTableAssociation",
|
|
"Properties": {
|
|
"SubnetId": {
|
|
"Ref": "AWSEC2Subnetustest1alaunchtemplatesexamplecom"
|
|
},
|
|
"RouteTableId": {
|
|
"Ref": "AWSEC2RouteTablelaunchtemplatesexamplecom"
|
|
}
|
|
}
|
|
},
|
|
"AWSEC2SubnetRouteTableAssociationustest1blaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::SubnetRouteTableAssociation",
|
|
"Properties": {
|
|
"SubnetId": {
|
|
"Ref": "AWSEC2Subnetustest1blaunchtemplatesexamplecom"
|
|
},
|
|
"RouteTableId": {
|
|
"Ref": "AWSEC2RouteTablelaunchtemplatesexamplecom"
|
|
}
|
|
}
|
|
},
|
|
"AWSEC2SubnetRouteTableAssociationustest1claunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::SubnetRouteTableAssociation",
|
|
"Properties": {
|
|
"SubnetId": {
|
|
"Ref": "AWSEC2Subnetustest1claunchtemplatesexamplecom"
|
|
},
|
|
"RouteTableId": {
|
|
"Ref": "AWSEC2RouteTablelaunchtemplatesexamplecom"
|
|
}
|
|
}
|
|
},
|
|
"AWSEC2Subnetustest1alaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::Subnet",
|
|
"Properties": {
|
|
"VpcId": {
|
|
"Ref": "AWSEC2VPClaunchtemplatesexamplecom"
|
|
},
|
|
"CidrBlock": "10.0.1.0/24",
|
|
"AvailabilityZone": "us-test-1a",
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "us-test-1a.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "SubnetType",
|
|
"Value": "Public"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/role/elb",
|
|
"Value": "1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2Subnetustest1blaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::Subnet",
|
|
"Properties": {
|
|
"VpcId": {
|
|
"Ref": "AWSEC2VPClaunchtemplatesexamplecom"
|
|
},
|
|
"CidrBlock": "10.0.2.0/24",
|
|
"AvailabilityZone": "us-test-1b",
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "us-test-1b.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "SubnetType",
|
|
"Value": "Public"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/role/elb",
|
|
"Value": "1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2Subnetustest1claunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::Subnet",
|
|
"Properties": {
|
|
"VpcId": {
|
|
"Ref": "AWSEC2VPClaunchtemplatesexamplecom"
|
|
},
|
|
"CidrBlock": "10.0.3.0/24",
|
|
"AvailabilityZone": "us-test-1c",
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "us-test-1c.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "SubnetType",
|
|
"Value": "Public"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/role/elb",
|
|
"Value": "1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2VPCDHCPOptionsAssociationlaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::VPCDHCPOptionsAssociation",
|
|
"Properties": {
|
|
"VpcId": {
|
|
"Ref": "AWSEC2VPClaunchtemplatesexamplecom"
|
|
},
|
|
"DhcpOptionsId": {
|
|
"Ref": "AWSEC2DHCPOptionslaunchtemplatesexamplecom"
|
|
}
|
|
}
|
|
},
|
|
"AWSEC2VPCGatewayAttachmentlaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::VPCGatewayAttachment",
|
|
"Properties": {
|
|
"VpcId": {
|
|
"Ref": "AWSEC2VPClaunchtemplatesexamplecom"
|
|
},
|
|
"InternetGatewayId": {
|
|
"Ref": "AWSEC2InternetGatewaylaunchtemplatesexamplecom"
|
|
}
|
|
}
|
|
},
|
|
"AWSEC2VPClaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::VPC",
|
|
"Properties": {
|
|
"CidrBlock": "10.0.0.0/16",
|
|
"EnableDnsHostnames": true,
|
|
"EnableDnsSupport": true,
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2Volumeustest1aetcdeventslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::Volume",
|
|
"Properties": {
|
|
"AvailabilityZone": "us-test-1a",
|
|
"Size": 20,
|
|
"VolumeType": "gp2",
|
|
"Encrypted": false,
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "us-test-1a.etcd-events.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "k8s.io/etcd/events",
|
|
"Value": "us-test-1a/us-test-1a,us-test-1b,us-test-1c"
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/master",
|
|
"Value": "1"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2Volumeustest1aetcdmainlaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::Volume",
|
|
"Properties": {
|
|
"AvailabilityZone": "us-test-1a",
|
|
"Size": 20,
|
|
"VolumeType": "gp2",
|
|
"Encrypted": false,
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "us-test-1a.etcd-main.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "k8s.io/etcd/main",
|
|
"Value": "us-test-1a/us-test-1a,us-test-1b,us-test-1c"
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/master",
|
|
"Value": "1"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2Volumeustest1betcdeventslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::Volume",
|
|
"Properties": {
|
|
"AvailabilityZone": "us-test-1b",
|
|
"Size": 20,
|
|
"VolumeType": "gp2",
|
|
"Encrypted": false,
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "us-test-1b.etcd-events.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "k8s.io/etcd/events",
|
|
"Value": "us-test-1b/us-test-1a,us-test-1b,us-test-1c"
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/master",
|
|
"Value": "1"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2Volumeustest1betcdmainlaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::Volume",
|
|
"Properties": {
|
|
"AvailabilityZone": "us-test-1b",
|
|
"Size": 20,
|
|
"VolumeType": "gp2",
|
|
"Encrypted": false,
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "us-test-1b.etcd-main.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "k8s.io/etcd/main",
|
|
"Value": "us-test-1b/us-test-1a,us-test-1b,us-test-1c"
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/master",
|
|
"Value": "1"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2Volumeustest1cetcdeventslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::Volume",
|
|
"Properties": {
|
|
"AvailabilityZone": "us-test-1c",
|
|
"Size": 20,
|
|
"VolumeType": "gp2",
|
|
"Encrypted": false,
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "us-test-1c.etcd-events.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "k8s.io/etcd/events",
|
|
"Value": "us-test-1c/us-test-1a,us-test-1b,us-test-1c"
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/master",
|
|
"Value": "1"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSEC2Volumeustest1cetcdmainlaunchtemplatesexamplecom": {
|
|
"Type": "AWS::EC2::Volume",
|
|
"Properties": {
|
|
"AvailabilityZone": "us-test-1c",
|
|
"Size": 20,
|
|
"VolumeType": "gp2",
|
|
"Encrypted": false,
|
|
"Tags": [
|
|
{
|
|
"Key": "KubernetesCluster",
|
|
"Value": "launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "Name",
|
|
"Value": "us-test-1c.etcd-main.launchtemplates.example.com"
|
|
},
|
|
{
|
|
"Key": "k8s.io/etcd/main",
|
|
"Value": "us-test-1c/us-test-1a,us-test-1b,us-test-1c"
|
|
},
|
|
{
|
|
"Key": "k8s.io/role/master",
|
|
"Value": "1"
|
|
},
|
|
{
|
|
"Key": "kubernetes.io/cluster/launchtemplates.example.com",
|
|
"Value": "owned"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSIAMInstanceProfilemasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::IAM::InstanceProfile",
|
|
"Properties": {
|
|
"Roles": [
|
|
{
|
|
"Ref": "AWSIAMRolemasterslaunchtemplatesexamplecom"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSIAMInstanceProfilenodeslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::IAM::InstanceProfile",
|
|
"Properties": {
|
|
"Roles": [
|
|
{
|
|
"Ref": "AWSIAMRolenodeslaunchtemplatesexamplecom"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"AWSIAMPolicymasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::IAM::Policy",
|
|
"Properties": {
|
|
"PolicyName": "masters.launchtemplates.example.com",
|
|
"Roles": [
|
|
{
|
|
"Ref": "AWSIAMRolemasterslaunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"PolicyDocument": {
|
|
"Statement": [
|
|
{
|
|
"Action": [
|
|
"ec2:*"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"autoscaling:DescribeAutoScalingGroups",
|
|
"autoscaling:DescribeAutoScalingInstances",
|
|
"autoscaling:DescribeLaunchConfigurations",
|
|
"autoscaling:DescribeTags",
|
|
"autoscaling:SetDesiredCapacity",
|
|
"autoscaling:TerminateInstanceInAutoScalingGroup",
|
|
"autoscaling:UpdateAutoScalingGroup",
|
|
"ec2:DescribeLaunchTemplateVersions"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"elasticloadbalancing:*"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"iam:ListServerCertificates",
|
|
"iam:GetServerCertificate"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"route53:ChangeResourceRecordSets",
|
|
"route53:ListResourceRecordSets",
|
|
"route53:GetHostedZone"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"arn:aws:route53:::hostedzone/Z1AFAKE1ZON3YO"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"route53:GetChange"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"arn:aws:route53:::change/*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"route53:ListHostedZones"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"route53:ListHostedZones"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"ecr:GetAuthorizationToken",
|
|
"ecr:BatchCheckLayerAvailability",
|
|
"ecr:GetDownloadUrlForLayer",
|
|
"ecr:GetRepositoryPolicy",
|
|
"ecr:DescribeRepositories",
|
|
"ecr:ListImages",
|
|
"ecr:BatchGetImage"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
}
|
|
],
|
|
"Version": "2012-10-17"
|
|
}
|
|
}
|
|
},
|
|
"AWSIAMPolicynodeslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::IAM::Policy",
|
|
"Properties": {
|
|
"PolicyName": "nodes.launchtemplates.example.com",
|
|
"Roles": [
|
|
{
|
|
"Ref": "AWSIAMRolenodeslaunchtemplatesexamplecom"
|
|
}
|
|
],
|
|
"PolicyDocument": {
|
|
"Statement": [
|
|
{
|
|
"Action": [
|
|
"ec2:DescribeInstances",
|
|
"ec2:DescribeRegions"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"route53:ChangeResourceRecordSets",
|
|
"route53:ListResourceRecordSets",
|
|
"route53:GetHostedZone"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"arn:aws:route53:::hostedzone/Z1AFAKE1ZON3YO"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"route53:GetChange"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"arn:aws:route53:::change/*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"route53:ListHostedZones"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"route53:ListHostedZones"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
},
|
|
{
|
|
"Action": [
|
|
"ecr:GetAuthorizationToken",
|
|
"ecr:BatchCheckLayerAvailability",
|
|
"ecr:GetDownloadUrlForLayer",
|
|
"ecr:GetRepositoryPolicy",
|
|
"ecr:DescribeRepositories",
|
|
"ecr:ListImages",
|
|
"ecr:BatchGetImage"
|
|
],
|
|
"Effect": "Allow",
|
|
"Resource": [
|
|
"*"
|
|
]
|
|
}
|
|
],
|
|
"Version": "2012-10-17"
|
|
}
|
|
}
|
|
},
|
|
"AWSIAMRolemasterslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::IAM::Role",
|
|
"Properties": {
|
|
"RoleName": "masters.launchtemplates.example.com",
|
|
"AssumeRolePolicyDocument": {
|
|
"Statement": [
|
|
{
|
|
"Action": "sts:AssumeRole",
|
|
"Effect": "Allow",
|
|
"Principal": {
|
|
"Service": "ec2.amazonaws.com"
|
|
}
|
|
}
|
|
],
|
|
"Version": "2012-10-17"
|
|
}
|
|
}
|
|
},
|
|
"AWSIAMRolenodeslaunchtemplatesexamplecom": {
|
|
"Type": "AWS::IAM::Role",
|
|
"Properties": {
|
|
"RoleName": "nodes.launchtemplates.example.com",
|
|
"AssumeRolePolicyDocument": {
|
|
"Statement": [
|
|
{
|
|
"Action": "sts:AssumeRole",
|
|
"Effect": "Allow",
|
|
"Principal": {
|
|
"Service": "ec2.amazonaws.com"
|
|
}
|
|
}
|
|
],
|
|
"Version": "2012-10-17"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|