Dustin
25d7be004c
The lifecycle of ephemeral Kubernetes worker nodes is driven by events emitted by Amazon EventBridge and delivered via Amazon Simple Notification Service. These events trigger the *dynk8s* provisioner to take the appropriate action based on the state of an EC2 instance. In order to add a node to the cluster using `kubeadm`, a "bootstrap token" needs to be created. When manually adding a node, this would be done e.g. using `kubeadm token create`. Since bootstrap tokens are just a special type of Secret, they can be easily created programmatically as well. When a new EC2 instance enters the "running" state, the provisioner creates a new bootstrap token and associates it with the instance by storing the instance ID in a label in the Secret resource's metadata. The initial implementation of the event handler is rather naïve. It generates a token for every instance, though some instances may not be intended to be used as Kubernetes workers. Ideally, the provisioner would only allocate tokens for instances matching some configurable criteria, such as AWS tags. Further, a token is allocated every time the instance enters the running state, even if a token already exists or is not needed. |
||
|---|---|---|
| .. | ||
| events.rs | ||
| mod.rs | ||
| sns.rs | ||