Kubernetes Configuration Files

config.yaml

This file instructs the pf-update-kube --build command how to generate the cluster connection info file (cluster_info).

This command must be run by a superuser with root access to all clusters. This enables non-superusers to use cluster_info to setup their personal kubeconfig files without needing access to the infrastructure modules (via pf-update-kube).

config.yaml Format

YAML Schema

clusters = list(object({
module = string
}))

The clusters key contains an array of objects:

ValueDescriptionExample
moduleThe path to the aws_eks module deployment relative to the environments_dir directoryenv/region/aws_eks

Example

clusters:
- module: production/us-east-2/aws_eks
- module: development/us-east-1/aws_eks
- module: development/us-east-2/aws_eks

config.user.yaml

This file instructs the pf-update-kube command how to generate a user-specific kubeconfig file.

This is required because each user will have different access levels to each cluster. Running pf-kube-update requires that the cluster_info file is set up (via pf-update-kube --build).

config.user.yaml Format

YAML Schema

clusters = list(object({
name = string
aws_profile = string
}))

The clusters key contains an array of objects:

ValueDescriptionExample
nameThe name of the cluster. The full list of available cluster names can be found in <kube_dir>/cluster_info.production-primary
aws_profileThe AWS profile to use to authenticate with the cluster. Must be a valid profile in <aws_dir>/config.production-superuser

Example

clusters:
- name: "production-primary"
aws_profile: "production-superuser"

cluster_info

This is a space-delimited file with each line representing metadata for a particular cluster. The columns are:

  • cluster name
  • cluster region
  • cluster API server URL
  • md5 hash of the CA cert data for the API server

Example

production-primary us-east-2 https://83063DDB274B2A04B6A7DC29DCB1740E.gr7.us-east-2.eks.amazonaws.com 44f5cb46f1d07e4f3806f26cc4424d97
development-primary us-east-2 https://6B4CCB112AD882D9331473BA90CB8F80.yl4.us-east-2.eks.amazonaws.com b56614e34b012836c761ac2c1b816ada