By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Difference in eksctl between privateNetworking: true and privateCluster: enabled: true

0

I understand that adding

privateCluster:
  enabled: true

When creating the cluster makes it a fully private cluster. But then how does that differ from adding:

 clusterEndpoints:
    privateAccess: true
    publicAccess: false

To the VPC section and:

    privateNetworking: true

to the managedNodeGroups section instead of the privateCluster option? Because I found you cannot have all 3 in the same yaml file.

To me it sounds like privateNetworking means the networking will be private and not allow access to the internet unless via a NAT. And clusterEndpoints: privateAccess:true to me means you can access the AWS Endpoints via a private VPCE.

Topics
Containers
Tags
Amazon Elastic Kubernetes Service
Language
English
Systemgeek
asked a year ago352 views
1 Answer
0
Accepted Answer

The only required field to create a fully-private cluster is privateCluster.enabled:

privateCluster:
  enabled: true

It is an error to leave privateNetworking unset in a fully-private cluster. privateNetworking must be explicitly set for a fully-private cluster

privateNetworking: true

A fully-private cluster does not support modifying clusterEndpointAccess during cluster creation. It is an error to set either clusterEndpoints.publicAccess or clusterEndpoints.privateAccess, as a fully-private cluster can have private access only, and allowing modification of these fields can break the cluster.

Reference: https://eksctl.io/usage/eks-private-cluster/

rePost-User-3109351
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content