NodeClasses
Node Classes enable configuration of AWS specific settings.
Each NodePool must reference an EC2NodeClass using spec.template.spec.nodeClassRef
.
Multiple NodePools may point to the same EC2NodeClass.
apiVersion: karpenter.sh/v1beta1
kind: NodePool
metadata:
name: default
spec:
template:
spec:
nodeClassRef:
apiVersion: karpenter.k8s.aws/v1beta1
kind: EC2NodeClass
name: default
---
apiVersion: karpenter.k8s.aws/v1beta1
kind: EC2NodeClass
metadata:
name: default
spec:
# required, resolves a default ami and userdata
amiFamily: AL2
# required, discovers subnets to attach to instances
subnetSelectorTerms:
- tags:
karpenter.sh/discovery: "${CLUSTER_NAME}"
# required, discovers security groups to attach to instances
securityGroupSelectorTerms:
- tags:
karpenter.sh/discovery: "${CLUSTER_NAME}"
# optional, discovers amis to override the amiFamily's default
amiSelectorTerms:
- tags:
karpenter.sh/discovery: "${CLUSTER_NAME}"
# optional, IAM role to use for the node identity
role: "KarpenterNodeRole-${CLUSTER_NAME}"
# optional, overrides autogenerated userdata with a merge semantic
userData: |
echo "Hello world"
# optional, propagates tags to underlying EC2 resources
tags:
team: team-a
app: team-a-app
# optional, configures IMDS for the instance
metadataOptions:
httpEndpoint: enabled
httpProtocolIPv6: disabled
httpPutResponseHopLimit: 2
httpTokens: required
# optional, configures storage devices for the instance
blockDeviceMappings:
- deviceName: /dev/xvda
ebs:
volumeSize: 100Gi
volumeType: gp3
iops: 10000
encrypted: true
kmsKeyID: "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
deleteOnTermination: true
throughput: 125
snapshotID: snap-0123456789
# optional, configures detailed monitoring for the instance
detailedMonitoring: true
status:
# resolved subnets
subnets:
- id: subnet-0a462d98193ff9fac
zone: us-east-2b
- id: subnet-0322dfafd76a609b6
zone: us-east-2c
- id: subnet-0727ef01daf4ac9fe
zone: us-east-2b
- id: subnet-00c99aeafe2a70304
zone: us-east-2a
- id: subnet-023b232fd5eb0028e
zone: us-east-2c
- id: subnet-03941e7ad6afeaa72
zone: us-east-2a
# resolved security groups
securityGroups:
- id: sg-041513b454818610b
name: ClusterSharedNodeSecurityGroup
- id: sg-0286715698b894bca
name: ControlPlaneSecurityGroup-1AQ073TSAAPW
# resolved AMIs
amis:
- id: ami-01234567890123456
name: custom-ami-amd64
requirements:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- id: ami-01234567890123456
name: custom-ami-arm64
requirements:
- key: kubernetes.io/arch
operator: In
values:
- arm64
# generated instance profile name
instanceProfile: "${CLUSTER_NAME}-0123456778901234567789"
Refer to the NodePool docs for settings applicable to all providers. To explore various EC2NodeClass
configurations, refer to the examples provided in the Karpenter Github repository.
spec.amiFamily
AMIFamily is a required field, dictating both the default bootstrapping logic for nodes provisioned through this EC2NodeClass
but also selecting a group of recommended, latest AMIs by default. Currently, Karpenter supports amiFamily
values AL2
, Bottlerocket
, Ubuntu
, Windows2019
, Windows2022
and Custom
. GPUs are only supported by default with AL2
and Bottlerocket
. The AL2
amiFamily does not support ARM64 GPU instance types unless you specify a custom amiSelector. Default bootstrapping logic is shown below for each of the supported families.
AL2
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="//"
--//
Content-Type: text/x-shellscript; charset="us-ascii"
#!/bin/bash -xe
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
/etc/eks/bootstrap.sh 'test-cluster' --apiserver-endpoint 'https://test-cluster' --b64-cluster-ca 'ca-bundle' \
--dns-cluster-ip '10.100.0.10' \
--use-max-pods false \
--container-runtime containerd \
--kubelet-extra-args '--node-labels=karpenter.sh/capacity-type=on-demand,karpenter.sh/nodepool=test --max-pods=110'
--//--
Bottlerocket
[settings]
[settings.kubernetes]
api-server = 'https://test-cluster'
cluster-certificate = 'ca-bundle'
cluster-name = 'test-cluster'
cluster-dns-ip = '10.100.0.10'
max-pods = 110
[settings.kubernetes.node-labels]
'karpenter.sh/capacity-type' = 'on-demand'
'karpenter.sh/nodepool' = 'test'
Ubuntu
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="//"
--//
Content-Type: text/x-shellscript; charset="us-ascii"
#!/bin/bash -xe
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
/etc/eks/bootstrap.sh 'test-cluster' --apiserver-endpoint 'https://test-cluster' --b64-cluster-ca 'ca-bundle' \
--dns-cluster-ip '10.100.0.10' \
--use-max-pods false \
--kubelet-extra-args '--node-labels="karpenter.sh/capacity-type=on-demand,karpenter.sh/nodepool=test" --max-pods=110'
--//--
Windows2019
<powershell>
[string]$EKSBootstrapScriptFile = "$env:ProgramFiles\Amazon\EKS\Start-EKSBootstrap.ps1"
& $EKSBootstrapScriptFile -EKSClusterName 'test-cluster' -APIServerEndpoint 'https://test-cluster' -Base64ClusterCA 'ca-bundle' -KubeletExtraArgs '--node-labels="karpenter.sh/capacity-type=on-demand,karpenter.sh/nodepool=test" --max-pods=110' -DNSClusterIP '10.100.0.10'
</powershell>
Windows2022
<powershell>
[string]$EKSBootstrapScriptFile = "$env:ProgramFiles\Amazon\EKS\Start-EKSBootstrap.ps1"
& $EKSBootstrapScriptFile -EKSClusterName 'test-cluster' -APIServerEndpoint 'https://test-cluster' -Base64ClusterCA 'ca-bundle' -KubeletExtraArgs '--node-labels="karpenter.sh/capacity-type=on-demand,karpenter.sh/nodepool=test" --max-pods=110' -DNSClusterIP '10.100.0.10'
</powershell>
Note
Karpenter will automatically query for the appropriate EKS optimized AMI via AWS Systems Manager (SSM). In the case of theCustom
AMIFamily, no default AMIs are defined. As a result, amiSelectorTerms
must be specified to inform Karpenter on which custom AMIs are to be used.
Custom
The Custom
AMIFamily ships without any default userData to allow you to configure custom bootstrapping for control planes or images that don’t support the default methods from the other families.
spec.subnetSelectorTerms
The EC2NodeClass
discovers subnets through ids or tags. When launching nodes, a subnet is automatically chosen that matches the desired zone. If multiple subnets exist for a zone, the one with the most available IP addresses will be used.
Tip
Subnets may be specified by any tag, includingName
. Selecting tag values using wildcards (*
) is supported.
Examples
Select all with a specified tag key:
spec:
subnetSelectorTerms:
- tags:
karpenter.sh/discovery/MyClusterName: '*'
Select by name and tag (all criteria must match):
spec:
subnetSelectorTerms:
- tags:
Name: my-subnet
MyTag: '' # matches all resources with the tag
Select using multiple tag terms:
spec:
subnetSelectorTerms:
- tags:
Name: "my-subnet-1"
- tags:
Name: "my-subnet-2"
Select using wildcards:
spec:
subnetSelectorTerms:
- tags:
Name: "*Public*"
Select using ids:
spec:
subnetSelectorTerms:
- id: "subnet-09fa4a0a8f233a921"
- id: "subnet-0471ca205b8a129ae"
spec.securityGroupSelectorTerms
The security group of an instance is comparable to a set of firewall rules. EKS creates at least two security groups by default.
Tip
Security groups may be specified by any tag, including “Name”. Selecting tags using wildcards (*
) is supported.
Note
When launching nodes, Karpenter uses all the security groups that match the selector. If you choose to use the kubernetes.io/cluster/$CLUSTER_NAME
tag for discovery, note that this may result in failures using the AWS Load Balancer controller. The Load Balancer controller only supports a single security group having that tag key. See this issue for more details.
To verify if this restriction affects you, run the following commands.
CLUSTER_VPC_ID="$(aws eks describe-cluster --name $CLUSTER_NAME --query cluster.resourcesVpcConfig.vpcId --output text)"
aws ec2 describe-security-groups –filters Name=vpc-id,Values=$CLUSTER_VPC_ID Name=tag-key,Values=kubernetes.io/cluster/$CLUSTER_NAME –query 'SecurityGroups[].[GroupName]' –output text
If multiple securityGroups are printed, you will need a more specific securityGroupSelector. We generally recommend that you use the karpenter.sh/discovery: $CLUSTER_NAME
tag selector instead.
Examples
Select all assigned to a cluster:
spec:
securityGroupSelectorTerms:
- tags:
kubernetes.io/cluster/$CLUSTER_NAME: "owned"
Select all with a specified tag key:
spec:
securityGroupSelectorTerms:
- tags:
MyTag: '*'
Select by name and tag (all criteria must match):
spec:
securityGroupSelectorTerms:
- name: my-security-group
tags:
MyTag: '*' # matches all resources with the tag
Select using multiple tag terms:
spec:
securityGroupSelectorTerms:
- tags:
Name: "my-security-group-1"
- tags:
Name: "my-security-group-2"
Select by name using a wildcard:
spec:
securityGroupSelectorTerms:
- name: "*Public*"
Select using ids:
spec:
securityGroupSelector:
- id: "sg-063d7acfb4b06c82c"
- id: "sg-06e0cf9c198874591"
spec.amiSelectorTerms
AMISelector is used to configure custom AMIs for Karpenter to use, where the AMIs are discovered through ids, owners, name, and tags. This field is optional, and Karpenter will use the latest EKS-optimized AMIs for the AMIFamily if no amiSelectorTerms are specified. To select an AMI by name, use the name
field in the selector term. To select an AMI by id, use the id
field in the selector term. To ensure that AMIs are owned by the expected owner, use the owner
field - you can use a combination of account aliases (e.g. self
amazon
, your-aws-account-name
) and account IDs. If this is not set, it defaults to self,amazon
.
Tip
AMIs may be specified by any AWS tag, includingName
. Selecting by tag or by name using wildcards (*
) is supported.
Note
If amiSelectorTerms
match more than one AMI, Karpenter will automatically determine which AMI best fits the workloads on the launched worker node under the following constraints:
- When launching nodes, Karpenter automatically determines which architecture a custom AMI is compatible with and will use images that match an instanceType’s requirements.
- If multiple AMIs are found that can be used, Karpenter will choose the latest one.
- If no AMIs are found that can be used, then no nodes will be provisioned.
Examples
Select all with a specified tag:
amiSelectorTerms:
- tags:
karpenter.sh/discovery/MyClusterName: '*'
Select by name:
amiSelectorTerms:
- name: my-ami
Select by Name
tag:
amiSelector:
- tags:
Name: my-ami
Select by name and owner:
amiSelector:
- name: my-ami
owner: self
- name: my-ami
owner: 0123456789
Select by name using a wildcard:
spec:
amiSelectorTerms:
- name: "*EKS*"
Select by all under an owner:
spec:
amiSelectorTerms:
- name: "*"
owner: self
Specify using ids:
amiSelector:
- id: "ami-123"
- id: "ami-456"
spec.role
Role
is a required field and is necessary to tell Karpenter which identity nodes from this EC2NodeClass
should assume. If using the Karpenter Getting Started Guide to deploy Karpenter, you can use the KarpenterNodeRole-$CLUSTER_NAME
role provisioned by that process.
spec:
role: "KarpenterNodeRole-$CLUSTER_NAME"
spec.tags
Karpenter adds tags to all resources it creates, including EC2 Instances, EBS volumes, and Launch Templates. The default set of tags are listed below.
Name: <node-name>
karpenter.sh/nodeclaim: <nodeclaim-name>
karpenter.sh/nodepool: <nodepool-name>
kubernetes.io/cluster/<cluster-name>: owned
Additional tags can be added in the tags section, which will be merged with the default tags specified above.
spec:
tags:
InternalAccountingTag: 1234
dev.corp.net/app: Calculator
dev.corp.net/team: MyTeam
Note
Karpenter allows overrides of the default “Name” tag but does not allow overrides to restricted domains (such as “karpenter.sh”, “karpenter.k8s.aws”, and “kubernetes.io/cluster”). This ensures that Karpenter is able to correctly auto-discover nodes that it owns.spec.metadataOptions
Control the exposure of Instance Metadata Service on EC2 Instances launched by this EC2NodeClass using a generated launch template.
Refer to recommended, security best practices for limiting exposure of Instance Metadata and User Data to pods.
If metadataOptions are omitted from this EC2NodeClass, the following default settings are applied:
spec:
metadataOptions:
httpEndpoint: enabled
httpProtocolIPv6: disabled
httpPutResponseHopLimit: 2
httpTokens: required
spec.blockDeviceMappings
The blockDeviceMappings
field in an EC2NodeClass
can be used to control the Elastic Block Storage (EBS) volumes that Karpenter attaches to provisioned nodes. Karpenter uses default block device mappings for the AMIFamily specified. For example, the Bottlerocket
AMI Family defaults with two block device mappings, one for Bottlerocket’s control volume and the other for container resources such as images and logs.
spec:
blockDeviceMappings:
- deviceName: /dev/xvda
ebs:
volumeSize: 100Gi
volumeType: gp3
iops: 10000
encrypted: true
kmsKeyID: "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
deleteOnTermination: true
throughput: 125
snapshotID: snap-0123456789
The following blockDeviceMapping defaults are used for each AMIFamily
if no blockDeviceMapping
overrides are specified in the EC2NodeClass
AL2
spec:
blockDeviceMappings:
- deviceName: /dev/xvda
ebs:
volumeSize: 20Gi
volumeType: gp3
encrypted: true
Bottlerocket
spec:
blockDeviceMappings:
# Root device
- deviceName: /dev/xvda
ebs:
volumeSize: 4Gi
volumeType: gp3
encrypted: true
# Data device: Container resources such as images and logs
- deviceName: /dev/xvdb
ebs:
volumeSize: 20Gi
volumeType: gp3
encrypted: true
Ubuntu
spec:
blockDeviceMappings:
- deviceName: /dev/sda1
ebs:
volumeSize: 20Gi
volumeType: gp3
encrypted: true
Windows2019/Windows2022
spec:
blockDeviceMappings:
- deviceName: /dev/sda1
ebs:
volumeSize: 50Gi
volumeType: gp3
encrypted: true
Custom
The Custom
AMIFamily ships without any default blockDeviceMappings
.
spec.userData
You can control the UserData that is applied to your worker nodes via this field. This allows you to run custom scripts or pass-through custom configuration to Karpenter instances on start-up.
apiVersion: karpenter.k8s.aws/v1beta1
kind: EC2NodeClass
metadata:
name: bottlerocket-example
spec:
...
amiFamily: Bottlerocket
userData: |
[settings.kubernetes]
"kube-api-qps" = 30
"shutdown-grace-period" = "30s"
"shutdown-grace-period-for-critical-pods" = "30s"
[settings.kubernetes.eviction-hard]
"memory.available" = "20%"
This example adds SSH keys to allow remote login to the node (replace my-authorized_keys with your key file):
Note
Instead of using SSH as set up in this example, you can use Session Manager (SSM) or EC2 Instance Connect to gain shell access to Karpenter nodes. See Node NotReady troubleshooting for an example of starting an SSM session from the command line or EC2 Instance Connect documentation to connect to nodes using SSH.apiVersion: karpenter.k8s.aws/v1beta1
kind: EC2NodeClass
metadata:
name: al2-example
spec:
...
amiFamily: AL2
userData: |
#!/bin/bash
mkdir -p ~ec2-user/.ssh/
touch ~ec2-user/.ssh/authorized_keys
cat >> ~ec2-user/.ssh/authorized_keys <<EOF
{{ insertFile "../my-authorized_keys" | indent 4 }}
EOF
chmod -R go-w ~ec2-user/.ssh/authorized_keys
chown -R ec2-user ~ec2-user/.ssh
For more examples on configuring fields for different AMI families, see the examples here.
Karpenter will merge the userData you specify with the default userData for that AMIFamily. See the AMIFamily section for more details on these defaults. View the sections below to understand the different merge strategies for each AMIFamily.
AL2/Ubuntu
- Your UserData can be in the MIME multi part archive format.
- Karpenter will transform your custom user-data as a MIME part, if necessary, and then merge a final MIME part to the end of your UserData parts which will bootstrap the worker node. Karpenter will have full control over all the parameters being passed to the bootstrap script.
- Karpenter will continue to set MaxPods, ClusterDNS and all other parameters defined in
spec.kubeletConfiguration
as before.
- Karpenter will continue to set MaxPods, ClusterDNS and all other parameters defined in
Consider the following example to understand how your custom UserData will be merged -
Passed-in UserData (bash)
#!/bin/bash
echo "Running custom user data script"
Passed-in UserData (MIME)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="BOUNDARY"
--BOUNDARY
Content-Type: text/x-shellscript; charset="us-ascii"
#!/bin/bash
echo "Running custom user data script"
--BOUNDARY--
Merged UserData
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="//"
--//
Content-Type: text/x-shellscript; charset="us-ascii"
#!/bin/bash
echo "Running custom user data script"
--//
Content-Type: text/x-shellscript; charset="us-ascii"
#!/bin/bash -xe
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
/etc/eks/bootstrap.sh 'test-cluster' --apiserver-endpoint 'https://test-cluster' --b64-cluster-ca 'ca-bundle' \
--use-max-pods false \
--container-runtime containerd \
--kubelet-extra-args '--node-labels=karpenter.sh/capacity-type=on-demand,karpenter.sh/nodepool=test --max-pods=110'
--//--
Note
You can also set kubelet-config properties by modifying the kubelet-config.json file before the EKS bootstrap script starts the kubelet:
apiVersion: karpenter.k8s.aws/v1beta1
kind: EC2NodeClass
metadata:
name: kubelet-config-example
spec:
...
amiFamily: AL2
userData: |
#!/bin/bash
echo "$(jq '.kubeAPIQPS=50' /etc/kubernetes/kubelet/kubelet-config.json)" > /etc/kubernetes/kubelet/kubelet-config.json
Bottlerocket
- Your UserData must be valid TOML.
- Karpenter will automatically merge settings to ensure successful bootstrap including
cluster-name
,api-server
andcluster-certificate
. Any labels and taints that need to be set based on pod requirements will also be specified in the final merged UserData.- All Kubelet settings that Karpenter applies will override the corresponding settings in the provided UserData. For example, if you’ve specified
settings.kubernetes.cluster-name
, it will be overridden. - If MaxPods is specified via the binary arg to Karpenter, the value will override anything specified in the UserData.
- If ClusterDNS is specified via
spec.kubeletConfiguration
, then that value will override anything specified in the UserData.
- All Kubelet settings that Karpenter applies will override the corresponding settings in the provided UserData. For example, if you’ve specified
- Unknown TOML fields will be ignored when the final merged UserData is generated by Karpenter.
Consider the following example to understand how your custom UserData settings will be merged in.
Passed-in UserData
[settings.kubernetes.eviction-hard]
"memory.available" = "12%"
[settings.kubernetes]
"unknown-setting" = "unknown"
[settings.kubernetes.node-labels]
'field.controlled.by/karpenter' = 'will-be-overridden'
Merged UserData
[settings]
[settings.kubernetes]
api-server = 'https://cluster'
cluster-certificate = 'ca-bundle'
cluster-name = 'cluster'
[settings.kubernetes.node-labels]
'karpenter.sh/capacity-type' = 'on-demand'
'karpenter.sh/nodepool' = 'default'
[settings.kubernetes.node-taints]
[settings.kubernetes.eviction-hard]
'memory.available' = '12%%'
Windows2019/Windows2022
- Your UserData must be specified as PowerShell commands.
- The UserData specified will be prepended to a Karpenter managed section that will bootstrap the kubelet.
- Karpenter will continue to set ClusterDNS and all other parameters defined in spec.kubeletConfiguration as before.
Consider the following example to understand how your custom UserData settings will be merged in.
Passed-in UserData
Write-Host "Running custom user data script"
Merged UserData
<powershell>
Write-Host "Running custom user data script"
[string]$EKSBootstrapScriptFile = "$env:ProgramFiles\Amazon\EKS\Start-EKSBootstrap.ps1"
& $EKSBootstrapScriptFile -EKSClusterName 'test-cluster' -APIServerEndpoint 'https://test-cluster' -Base64ClusterCA 'ca-bundle' -KubeletExtraArgs '--node-labels="karpenter.sh/capacity-type=spot,karpenter.sh/nodepool=windows2022" --max-pods=110' -DNSClusterIP '10.0.100.10'
</powershell>
Windows Support Notice
Currently, Karpenter does not specify -ServiceCIDR
to EKS Windows AMI Bootstrap script.
Windows worker nodes will use 172.20.0.0/16
or 10.100.0.0/16
for Kubernetes service IP address ranges based on the IP address of the primary interface.
The effective ServiceCIDR can be verified at $env:ProgramData\Amazon\EKS\cni\config\vpc-bridge.conf
on the worker node.
Support for the Windows ServiceCIDR argument can be tracked in a Karpenter Github Issue. Currently, if the effective ServiceCIDR is incorrect for your windows worker nodes, you can add the following userData as a workaround.
spec:
userData: |
$global:EKSCluster = Get-EKSCluster -Name my-cluster
Custom
- No merging is performed, your UserData must perform all setup required of the node to allow it to join the cluster.
spec.detailedMonitoring
Enabling detailed monitoring controls the EC2 detailed monitoring feature. If you enable this option, the Amazon EC2 console displays monitoring graphs with a 1-minute period for the instances that Karpenter launches.
spec:
detailedMonitoring: true
status.subnets
status.subnets
contains the resolved id
and zone
of the subnets that were selected by the spec.subnetSelectorTerms
for the node class. The subnets will be sorted by the available IP address count in decreasing order.
Examples
spec:
subnetSelectorTerms:
- tags:
karpenter.sh/discovery: "${CLUSTER_NAME}"
status:
subnets:
- id: subnet-0a462d98193ff9fac
zone: us-east-2b
- id: subnet-0322dfafd76a609b6
zone: us-east-2c
- id: subnet-0727ef01daf4ac9fe
zone: us-east-2b
- id: subnet-00c99aeafe2a70304
zone: us-east-2a
- id: subnet-023b232fd5eb0028e
zone: us-east-2c
- id: subnet-03941e7ad6afeaa72
zone: us-east-2a
status.securityGroups
status.securityGroups
contains the resolved id
and name
of the security groups that were selected by the spec.securityGroupSelectorTerms
for the node class. The subnets will be sorted by the available IP address count in decreasing order.
Examples
spec:
securityGroupSelectorTerms:
- tags:
karpenter.sh/discovery: "${CLUSTER_NAME}"
status:
securityGroups:
- id: sg-041513b454818610b
name: ClusterSharedNodeSecurityGroup
- id: sg-0286715698b894bca
name: ControlPlaneSecurityGroup-1AQ073TSAAPW
status.amis
status.amis
contains the resolved id
, name
, and requirements
of either the default AMIs for the spec.amiFamily
or the AMIs selected by the spec.amiSelectorTerms
if this field is specified.
Examples
Default AMIs resolved from the AL2 AMIFamily:
spec:
amiFamily: AL2
status:
amis:
- id: ami-03c3a3dcda64f5b75
name: amazon-linux-2-gpu
requirements:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- key: karpenter.k8s.aws/instance-gpu-count
operator: Exists
- id: ami-03c3a3dcda64f5b75
name: amazon-linux-2-gpu
requirements:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- key: karpenter.k8s.aws/instance-accelerator-count
operator: Exists
- id: ami-06afb2d101cc4b8bd
name: amazon-linux-2-arm64
requirements:
- key: kubernetes.io/arch
operator: In
values:
- arm64
- key: karpenter.k8s.aws/instance-gpu-count
operator: DoesNotExist
- key: karpenter.k8s.aws/instance-accelerator-count
operator: DoesNotExist
- id: ami-0e28b76d768af234e
name: amazon-linux-2
requirements:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- key: karpenter.k8s.aws/instance-gpu-count
operator: DoesNotExist
- key: karpenter.k8s.aws/instance-accelerator-count
operator: DoesNotExist
AMIs resolved from spec.amiSelectorTerms
:
spec:
amiFamily: AL2
amiSelectorTerms:
- tags:
karpenter.sh/discovery: "${CLUSTER_NAME}"
status:
amis:
- id: ami-01234567890123456
name: custom-ami-amd64
requirements:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- id: ami-01234567890123456
name: custom-ami-arm64
requirements:
- key: kubernetes.io/arch
operator: In
values:
- arm64
status.instanceProfile
status.instanceProfile
contains the resolved instance profile generated by Karpenter from the spec.role
spec:
role: "KarpenterNodeRole-${CLUSTER_NAME}"
status:
instanceProfile: "${CLUSTER_NAME}-0123456778901234567789"