in cdk/backend/backend_stack.py [0:0]
def create_eks(self, vpc):
# create eks cluster with amd nodegroup
cluster = eks.Cluster(self, "EKS", vpc=vpc, version=eks.KubernetesVersion.V1_18,
default_capacity_instance=ec2.InstanceType("m5.large"),
default_capacity=1)
# add arm/graviton nodegroup
cluster.add_nodegroup_capacity("graviton", desired_size=1,
instance_type=ec2.InstanceType("m6g.large"),
nodegroup_name="graviton", node_role=cluster.default_nodegroup.role)
# add secret access to eks node role
cluster.default_nodegroup.role.add_managed_policy(
iam.ManagedPolicy.from_aws_managed_policy_name("SecretsManagerReadWrite"))
# create service account
sa = self.add_service_account(cluster=cluster, name="aws-load-balancer-controller",
namespace="kube-system")
# add helm charts
ingress = cluster.add_helm_chart("LBIngress", chart="aws-load-balancer-controller",
release="aws-load-balancer-controller",
repository="https://aws.github.io/eks-charts",
namespace="kube-system", values={
"clusterName": cluster.cluster_name,
"serviceAccount.name": "aws-load-balancer-controller",
"serviceAccount.create": "false"
})
return cluster