<# THIS FILE IS AUTOMATICALLY GENERATED, DO NOT EDIT! This script is based on the logic from the "Amazon EKS Optimized Windows AMI" EC2 ImageBuilder component, with modifications to use containerd 1.7.0. The original ImageBuilder component logic is Copyright Amazon.com, Inc. or its affiliates, and is licensed under the MIT License. #> # Halt execution if we encounter an error $ErrorActionPreference = 'Stop' # Applies in-place patches to a file function PatchFile { Param ( $File, $Patches ) $patched = Get-Content -Path $File -Raw $Patches.GetEnumerator() | ForEach-Object { $patched = $patched.Replace($_.Key, $_.Value) } Set-Content -Path $File -Value $patched -NoNewline } # Constants $KubernetesPath = "$env:ProgramFiles\Kubernetes" $KubernetesDownload = "https://amazon-eks.s3.amazonaws.com/1.24.7/2022-10-31/bin/windows/amd64" $ContainerdPath = "$env:ProgramFiles\containerd" $EKSPath = "$env:ProgramFiles\Amazon\EKS" $CNIPath = "$EKSPath\cni" $CSIProxyPath = "$EKSPath\bin" $EKSLogsPath = "$env:ProgramData\Amazon\EKS\logs" $TempRoot = "C:\TempEKSArtifactDir" $TempPath = "$TempRoot\EKS-Artifacts" # Create each of our directories foreach ($dir in @($ContainerdPath, $KubernetesPath, $EKSPath, $CNIPath, $CSIProxyPath, $EKSLogsPath, $TempRoot)) { New-Item -Path $dir -ItemType Directory -Force | Out-Null } # Install the NVIDIA GPU drivers $driverBucket = 'ec2-windows-nvidia-drivers' $driver = Get-S3Object -BucketName $driverBucket -KeyPrefix 'latest' -Region 'us-east-1' | Where-Object {$_.Key.Contains('server2022')} Copy-S3Object -BucketName $driverBucket -Key $driver.Key -LocalFile "$TempRoot\driver.exe" -Region 'us-east-1' Start-Process -FilePath "$TempRoot\driver.exe" -ArgumentList @('-s', '-noreboot') -NoNewWindow -Wait # Download the Kubernetes components $webClient = New-Object System.Net.WebClient $webClient.DownloadFile("$KubernetesDownload/kubelet.exe", "$KubernetesPath\kubelet.exe") $webClient.DownloadFile("$KubernetesDownload/kube-proxy.exe", "$KubernetesPath\kube-proxy.exe") $webClient.DownloadFile("$KubernetesDownload/aws-iam-authenticator.exe", "$EKSPath\aws-iam-authenticator.exe") # Download the EKS artifacts archive $webClient.DownloadFile("https://ec2imagebuilder-managed-resources-us-east-1-prod.s3.amazonaws.com/components/eks-optimized-ami-windows/1.24.0/EKS-Artifacts.zip", "C:\EKS-Artifacts.zip") # Extract the EKS artifacts archive Expand-Archive -Path "C:\EKS-Artifacts.zip" -DestinationPath $TempRoot Remove-Item -Path "C:\EKS-Artifacts.zip" -Force # Move the EKS files into place Move-Item -Path "$TempPath\ctr.exe" -Destination "$ContainerdPath\ctr.exe" -Force Move-Item -Path "$TempPath\containerd.exe" -Destination "$ContainerdPath\containerd.exe" -Force Move-Item -Path "$TempPath\containerd-shim-runhcs-v1.exe" -Destination "$ContainerdPath\containerd-shim-runhcs-v1.exe" -Force Move-Item -Path "$TempPath\Start-EKSBootstrap.ps1" -Destination "$EKSPath\Start-EKSBootstrap.ps1" -Force Move-Item -Path "$TempPath\EKS-StartupTask.ps1" -Destination "$EKSPath\EKS-StartupTask.ps1" -Force Move-Item -Path "$TempPath\vpc-shared-eni.exe" -Destination "$CNIPath\vpc-shared-eni.exe" -Force Move-Item -Path "$TempPath\csi-proxy.exe" -Destination "$CSIProxyPath\csi-proxy.exe" -Force # Install the Windows Containers feature # (Note: this is actually a no-op here, since we install the feature beforehand in startup.ps1) Install-WindowsFeature -Name Containers # ------- # TEMPORARY UNTIL EKS ADDS SUPPORT FOR CONTAINERD v1.7.0: # Download and extract the containerd 1.7.0 release build $containerdTarball = "$TempPath\containerd-1.7.0.tar.gz" $containerdFiles = "$TempPath\containerd-1.7.0" $webClient.DownloadFile('https://github.com/containerd/containerd/releases/download/v1.7.0/containerd-1.7.0-windows-amd64.tar.gz', $containerdTarball) New-Item -Path "$containerdFiles" -ItemType Directory -Force | Out-Null tar.exe -xvzf "$containerdTarball" -C "$containerdFiles" # Move the containerd files into place Move-Item -Path "$containerdFiles\bin\containerd.exe" -Destination "$ContainerdPath\containerd.exe" -Force Move-Item -Path "$containerdFiles\bin\containerd-shim-runhcs-v1.exe" -Destination "$ContainerdPath\containerd-shim-runhcs-v1.exe" -Force Move-Item -Path "$containerdFiles\bin\ctr.exe" -Destination "$ContainerdPath\ctr.exe" -Force # Clean up the containerd intermediate files Remove-Item -Path "$containerdFiles" -Recurse -Force Remove-Item -Path "$containerdTarball" -Force # ------- # Patch the containerd setup script to configure a log file (rather than just discarding log output) and to use the upstream pause # container image rather than the EKS version, since the latter appears to cause errors when attempting to create Windows Pods PatchFile -File "$TempPath\Add-ContainerdRuntime.ps1" -Patches @{ "containerd --register-service" = "containerd --register-service --log-file 'C:\ProgramData\containerd\root\output.log'"; "amazonaws.com/eks/pause-windows:latest" = "registry.k8s.io/pause:3.9" } # Add the full Windows Server 2022 base image and the pause image to the list of images to pre-pull $baseLayersFile = "$TempPath\eks.baselayers.config" $baseLayers = Get-Content -Path $baseLayersFile -Raw | ConvertFrom-Json $baseLayers.2022 += "mcr.microsoft.com/windows/server:ltsc2022" $baseLayers.2022 += "registry.k8s.io/pause:3.9" $patchedJson = ConvertTo-Json -Depth 100 -InputObject $baseLayers Set-Content -Path $baseLayersFile -Value $patchedJson -NoNewline # Register containerd as the EKS container runtime Push-Location $TempPath & .\Add-ContainerdRuntime.ps1 -Path "$ContainerdPath" Pop-Location # Perform EKS worker node setup Push-Location $TempPath & .\create-windows-pause-image.ps1 -ContainerRuntime containerd & .\Get-EKSBaseLayers.ps1 -ConfigFile eks.baselayers.config -ContainerRuntime containerd & .\Add-CSIProxy.ps1 -Path "$CSIProxyPath" -LogPath "$EKSLogsPath" & .\EKS-WindowsServiceHost.ps1 & .\Install-EKSWorkerNode.ps1 Pop-Location # Perform cleanup Remove-Item -Path "$TempRoot" -Recurse -Force