Cluster-api-provider-aws controllers by default, reconcile cluster-api objects across all namespaces in the cluster. However, it is possible to restrict reconciliation to a single namespace and this document tells you how.
- Grouping clusters into a namespace based on the AWS account will allow
managing clusters across multiple AWS accounts. This will require each
cluster-api-provider-awscontroller to have credentials to their respective AWS accounts. These credentials can be created as kubernetes secret and be mounted in the pod at
/home/.awsor as environment variables.
- Grouping clusters into a namespace based on their environment, (test,
qualification, canary, production) will allow a phased rolling out of
- Grouping clusters into a namespace based on the infrastructure provider will allow running multiple cluster-api provider implementations side-by-side and manage clusters across infrastructure providers.
- Create the namespace that
cluster-api-provider-awscontroller will watch for cluster-api objects
cat <<EOF | kubectl apply -f - apiVersion: v1 kind: Namespace metadata: name: my-pet-clusters #edit if necessary EOF
Specifically, edit the container spec for
cluster-api-aws-controller, in the
aws-provider-controller-manager statefulset, to pass a value to the
- -namespace=my-pet-clusters # edit this if necessary
aws-provider-controller-manager-0 pod restarts,
cluster-api-provider-aws controllers will only reconcile the cluster-api
objects in the