1. Docs
  2. Reference
  3. Platform API
  4. Cluster app charts
  5. cluster-eks

Last modified November 27, 2024

cluster-eks chart reference

The cluster-eks chart templates all the AWS infrastructure resources that are necessary to create a Cluster API EKS cluster.

Chart Configuration Reference

AWS settings

.global.providerSpecific.additionalResourceTags

Additional resource tags
object 
Additional tags to add to AWS resources created by the cluster.

.global.providerSpecific.additionalResourceTags.*

Tag value
string 

.global.providerSpecific.ami

Amazon machine image (AMI)
string 
If specified, this image will be used to provision EC2 instances.

.global.providerSpecific.awsAccountId

AWS account ID
string 
AWS Account ID of the AWSClusterRoleIdentity IAM role, recommendation is to leave this value empty as it will be automatically calculated. This value is needed for tests.

.global.providerSpecific.awsClusterRoleIdentityName

Cluster role identity name
string 
Name of an AWSClusterRoleIdentity object. This in turn refers to the IAM role used to create all AWS cloud resources when creating the cluster. The role can be in another AWS account in order to create all resources in that account. Note: This name does not refer directly to an IAM role name/ARN.

.global.providerSpecific.region

Region
string 

Connectivity

.global.connectivity.availabilityZoneUsageLimit

Availability zones
integer 
Maximum number of availability zones (AZ) that should be used in a region. If a region has more than this number of AZs then this number of AZs will be picked randomly when creating subnets.

.global.connectivity.baseDomain

Base DNS domain
string 

.global.connectivity.network

Network
object 

.global.connectivity.network.pods

Pods
object 

.global.connectivity.network.pods.cidrBlocks

Pod subnets
array 

.global.connectivity.network.pods.cidrBlocks[*]

Pod subnet
string 
IPv4 address range for pods, in CIDR notation. Must be within the 100.64.0.0/10 or 198.19.0.0/16 range. The CIDR block size must be betwen /16 and /28.

.global.connectivity.network.services

Services
object 

.global.connectivity.network.services.cidrBlocks

K8s Service subnets
array 

.global.connectivity.network.services.cidrBlocks[*]

Service subnet
string 
IPv4 address range for kubernetes services, in CIDR notation.

.global.connectivity.network.vpcCidr

VPC subnet
string 
IPv4 address range to assign to this cluster's VPC, in CIDR notation.

.global.connectivity.podSubnets

Pod Subnets
array 
Pod Subnets are created and tagged based on this definition.

.global.connectivity.podSubnets[*]

Subnet
object 

.global.connectivity.podSubnets[*].cidrBlocks

Network
array 

.global.connectivity.podSubnets[*].cidrBlocks[*]

object 

.global.connectivity.podSubnets[*].cidrBlocks[*].availabilityZone

Availability zone
string 

.global.connectivity.podSubnets[*].cidrBlocks[*].cidr

Address range
string 
IPv4 address range, in CIDR notation.

.global.connectivity.podSubnets[*].cidrBlocks[*].tags

Tags
object 
AWS resource tags to assign to this subnet.

.global.connectivity.podSubnets[*].cidrBlocks[*].tags.*

Tag value
string 

.global.connectivity.podSubnets[*].tags

Tags
object 
AWS resource tags to assign to this CIDR block.

.global.connectivity.podSubnets[*].tags.*

Tag value
string 

.global.connectivity.proxy

Proxy
object 
Whether/how outgoing traffic is routed through proxy servers.

.global.connectivity.proxy.enabled

Enable
boolean 

.global.connectivity.proxy.httpProxy

HTTP proxy
string 
To be passed to the HTTP_PROXY environment variable in all hosts.

.global.connectivity.proxy.httpsProxy

HTTPS proxy
string 
To be passed to the HTTPS_PROXY environment variable in all hosts.

.global.connectivity.proxy.noProxy

No proxy
string 
To be passed to the NO_PROXY environment variable in all hosts.

.global.connectivity.subnets

Subnets
array 
Subnets are created and tagged based on this definition.

.global.connectivity.subnets[*]

Subnet
object 

.global.connectivity.subnets[*].cidrBlocks

Network
array 

.global.connectivity.subnets[*].cidrBlocks[*]

object 

.global.connectivity.subnets[*].cidrBlocks[*].availabilityZone

Availability zone
string 

.global.connectivity.subnets[*].cidrBlocks[*].cidr

Address range
string 
IPv4 address range, in CIDR notation.

.global.connectivity.subnets[*].cidrBlocks[*].tags

Tags
object 
AWS resource tags to assign to this subnet.

.global.connectivity.subnets[*].cidrBlocks[*].tags.*

Tag value
string 

.global.connectivity.subnets[*].isPublic

Public
boolean 

.global.connectivity.subnets[*].tags

Tags
object 
AWS resource tags to assign to this CIDR block.

.global.connectivity.subnets[*].tags.*

Tag value
string 

Control plane

.global.controlPlane.apiMode

API mode
string 
Whether the Kubernetes API server load balancer should be reachable from the internet (public) or internal only (private).

.global.controlPlane.logging

Logging
object 

.global.controlPlane.logging.apiServer

Api Server
boolean 
Enable or disable Api server logging to CloudWatch (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).

.global.controlPlane.logging.audit

Audit
boolean 
Enable or disable audit logging to CloudWatch (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).

.global.controlPlane.logging.authenticator

Authenticator
boolean 
Enable or disable IAM Authenticator logging to CloudWatch (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).

.global.controlPlane.logging.controllerManager

Controller Manager
boolean 
Enable or disable Controller Manager logging to CloudWatch (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html).

.global.controlPlane.oidcIdentityProviderConfig

OIDC identity provider config
object 
OIDC identity provider configuration for the Kubernetes API server.

.global.controlPlane.oidcIdentityProviderConfig.clientId

Client ID
string 
Client ID of the OIDC identity provider.

.global.controlPlane.oidcIdentityProviderConfig.groupsClaim

Groups claim
string 
Claim to use for mapping groups.

.global.controlPlane.oidcIdentityProviderConfig.groupsPrefix

Groups prefix
string 
Prefix to use for mapping groups.

.global.controlPlane.oidcIdentityProviderConfig.identityProviderConfigName

Identity provider config name
string 
Name of the OIDC identity provider config.

.global.controlPlane.oidcIdentityProviderConfig.issuerUrl

Issuer URL
string 
URL of the OIDC identity provider.

.global.controlPlane.oidcIdentityProviderConfig.requiredClaims

Required claims
object 
Required claims for the OIDC identity provider.

.global.controlPlane.oidcIdentityProviderConfig.requiredClaims.*

Claim
string 

.global.controlPlane.oidcIdentityProviderConfig.tags

Tags
object 
AWS resource tags to assign to the IAM OIDC provider.

.global.controlPlane.oidcIdentityProviderConfig.tags.*

Tag value
string 

.global.controlPlane.oidcIdentityProviderConfig.usernameClaim

Username claim
string 
Claim to use for mapping usernames.

.global.controlPlane.oidcIdentityProviderConfig.usernamePrefix

Username prefix
string 
Prefix to use for mapping usernames.

.global.controlPlane.roleMapping

Role mappings
array 

.global.controlPlane.roleMapping[*]

Role mapping
object 
Maps AWS IAM role to Kubernetes role.

.global.controlPlane.roleMapping[*].groups

Groups
array 
Kubernetes groups.

.global.controlPlane.roleMapping[*].groups[*]

Group
string 
Kubernetes group, for example `system:masters`.

.global.controlPlane.roleMapping[*].rolearn

AWS Role ARN
string 
Full ARN of the AWS IAM role.

.global.controlPlane.roleMapping[*].username

Kubernetes username
string 
Kubernetes username, for example `cluster-admin`.

Internal

For Giant Swarm internal use only, not stable, or not supported by UIs.

.internal.hashSalt

Hash salt
string 
If specified, this token is used as a salt to the hash suffix of some resource names. Can be used to force-recreate some resources.

.internal.kubernetesVersion

Kubernetes version
string 

.internal.nodePools

Default node pool
object 

.internal.nodePools.PATTERN

Node pool
object 

.internal.nodePools.PATTERN.availabilityZones

Availability zones
array 

.internal.nodePools.PATTERN.availabilityZones[*]

Availability zone
string 

.internal.nodePools.PATTERN.customNodeLabels

Custom node labels
array 

.internal.nodePools.PATTERN.customNodeLabels[*]

Label
string 

.internal.nodePools.PATTERN.customNodeTaints

Custom node taints
array 

.internal.nodePools.PATTERN.customNodeTaints[*]

object 

.internal.nodePools.PATTERN.customNodeTaints[*].effect

Effect
string 

.internal.nodePools.PATTERN.customNodeTaints[*].key

Key
string 

.internal.nodePools.PATTERN.customNodeTaints[*].value

Value
string 

.internal.nodePools.PATTERN.instanceType

EC2 instance type
string 

.internal.nodePools.PATTERN.maxSize

Maximum number of nodes
integer 

.internal.nodePools.PATTERN.minSize

Minimum number of nodes
integer 

.internal.nodePools.PATTERN.rootVolumeSizeGB

Root volume size (GB)
integer 

.internal.nodePools.PATTERN.subnetTags

Subnet tags
array 
Tags to filter which AWS subnets will be used for this node pool.

.internal.nodePools.PATTERN.subnetTags[*]

Subnet tag
object 

.internal.nodePools.PATTERN.subnetTags[*].*

Tag value
string 

.internal.sandboxContainerImage

Kubectl image
object 

.internal.sandboxContainerImage.name

Repository
string 

.internal.sandboxContainerImage.registry

Registry
string 

.internal.sandboxContainerImage.tag

Tag
string 

Kubectl image

.kubectlImage.name

Repository
string 

.kubectlImage.registry

Registry
string 

.kubectlImage.tag

Tag
string 

Metadata

.global.metadata.description

Cluster description
string 
User-friendly description of the cluster's purpose.

.global.metadata.name

Cluster name
string 
Unique identifier, cannot be changed after creation.

.global.metadata.organization

Organization
string 

.global.metadata.preventDeletion

Prevent cluster deletion
boolean 

.global.metadata.servicePriority

Service priority
string 
The relative importance of this cluster.

Node pools

Node pools of the cluster. If not specified, this defaults to the value of `internal.nodePools`.

.global.nodePools.PATTERN

Node pool
object 

.global.nodePools.PATTERN.availabilityZones

Availability zones
array 

.global.nodePools.PATTERN.availabilityZones[*]

Availability zone
string 

.global.nodePools.PATTERN.customNodeLabels

Custom node labels
array 

.global.nodePools.PATTERN.customNodeLabels[*]

Label
string 

.global.nodePools.PATTERN.customNodeTaints

Custom node taints
array 

.global.nodePools.PATTERN.customNodeTaints[*]

object 

.global.nodePools.PATTERN.customNodeTaints[*].effect

Effect
string 

.global.nodePools.PATTERN.customNodeTaints[*].key

Key
string 

.global.nodePools.PATTERN.customNodeTaints[*].value

Value
string 

.global.nodePools.PATTERN.instanceType

EC2 instance type
string 

.global.nodePools.PATTERN.maxSize

Maximum number of nodes
integer 

.global.nodePools.PATTERN.minSize

Minimum number of nodes
integer 

.global.nodePools.PATTERN.rootVolumeSizeGB

Root volume size (GB)
integer 

.global.nodePools.PATTERN.subnetTags

Subnet tags
array 
Tags to filter which AWS subnets will be used for this node pool.

.global.nodePools.PATTERN.subnetTags[*]

Subnet tag
object 

.global.nodePools.PATTERN.subnetTags[*].*

Tag value
string 

Other global

.global.managementCluster

Management cluster
string 
Name of the Cluster API cluster managing this workload cluster.

Other

.baseDomain

Base DNS domain
string 

.cluster-shared

Library chart
object 

.managementCluster

Management cluster
string 
Name of the Cluster API cluster managing this workload cluster.

.provider

Cluster API provider name
string 

Further reading

This part of our documentation refers to our vintage product. The content may be not valid anymore for our current product. Please check our new documentation hub for the latest state of our docs.