1. Answers
  2. Configuring Kubernetes Karpenter Provisioner on AWS

How do I configure a Kubernetes karpenter.sh provisioner on AWS?

In this guide, we will configure a Kubernetes Karpenter provisioner on AWS using Pulumi. Karpenter is an open-source node provisioning project built for Kubernetes. It simplifies cluster operations by automatically launching just the right compute resources to handle your cluster’s workloads.

We will set up the necessary IAM roles, policies, and the provisioner itself. This setup assumes you already have a Kubernetes cluster running on AWS.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as k8s from "@pulumi/kubernetes";

// Define the IAM role for Karpenter
const karpenterRole = new aws.iam.Role("karpenterRole", {
    assumeRolePolicy: aws.iam.assumeRolePolicyForPrincipal({
        Service: "karpenter.amazonaws.com",
    }),
});

// Attach the necessary policies to the IAM role
const karpenterPolicy = new aws.iam.RolePolicyAttachment("karpenterPolicy", {
    role: karpenterRole.name,
    policyArn: "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
});

// Define the Kubernetes namespace for Karpenter
const karpenterNamespace = new k8s.core.v1.Namespace("karpenter", {
    metadata: {
        name: "karpenter",
    },
});

// Define the Karpenter Helm chart
const karpenterChart = new k8s.helm.v3.Chart("karpenter", {
    chart: "karpenter",
    version: "0.5.0",
    fetchOpts: {
        repo: "https://charts.karpenter.sh",
    },
    namespace: karpenterNamespace.metadata.name,
    values: {
        serviceAccount: {
            create: false,
            name: "karpenter",
        },
        controller: {
            clusterName: "your-cluster-name",
            clusterEndpoint: "https://your-cluster-endpoint",
            aws: {
                defaultInstanceProfile: "your-instance-profile",
            },
        },
    },
});

// Define the Karpenter provisioner
const karpenterProvisioner = new k8s.apiextensions.CustomResource("karpenterProvisioner", {
    apiVersion: "karpenter.sh/v1alpha5",
    kind: "Provisioner",
    metadata: {
        name: "default",
    },
    spec: {
        limits: {
            resources: {
                cpu: "1000",
                memory: "1000Gi",
            },
        },
        provider: {
            aws: {
                instanceProfile: "your-instance-profile",
                subnetSelector: {
                    "karpenter.sh/discovery": "your-cluster-name",
                },
                securityGroupSelector: {
                    "karpenter.sh/discovery": "your-cluster-name",
                },
            },
        },
        ttlSecondsAfterEmpty: 30,
    },
}, { dependsOn: karpenterChart });

export const karpenterNamespaceName = karpenterNamespace.metadata.name;
export const provisionerName = karpenterProvisioner.metadata.name;

Key Points

  • IAM Role: Created an IAM role for Karpenter with the necessary policies.
  • Namespace: Created a Kubernetes namespace for Karpenter.
  • Helm Chart: Deployed the Karpenter Helm chart in the specified namespace.
  • Provisioner: Defined a Karpenter provisioner with resource limits and AWS-specific configurations.

Summary

We configured a Kubernetes Karpenter provisioner on AWS using Pulumi. This included setting up IAM roles, deploying the Karpenter Helm chart, and defining the provisioner with specific resource limits and AWS configurations. This setup helps in automatically provisioning the right compute resources for your Kubernetes cluster.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up