EKS
An environment can be configured to use EKS instead of ECS or EC2 by changing the provider in mu.yml:
environments:
- name: acceptance
provider: eks
- name: production
provider: eks
No other changes are required. An EKS cluster will be created for each environment and your service will now be deployed in its own namespace in an EKS cluster. The service will be exposed via an NGINX ingress. If you intend to share your environment with multiple services, you will need to add those service names to the rbac: section of the mu.yml file that defines your environments:
rbac:
# Grant the `foo` and `bar` services access to deploy to all environments
- role: deploy
services:
- foo
- bar
# Grant the `baz` service access to deploy to ONLY the `acceptance` environment
- role: deploy
environments:
- acceptance
services:
- baz
If you want to allow additional IAM users to manage the EKS cluster via kubectl you need to add the users to the rbac: section:
rbac:
## Give the `alice` IAM user full admin access to all environments
- role: admin
users:
- alice
## Give the `bob` IAM user read-only access to `acceptance` environment
- role: view
environments:
- acceptance
users:
- bob
You can customize the kubernetes resources in the same way you can customize CloudFormation. For example:
## Customize the Ingress controller for WebSockets
templates:
mu-environment-acceptance-Service-nginx-ingress-service:
metadata:
annotations:
service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "3600"