AWS Fargate integration for serverless Kubernetes workloads providing namespace and selector-based pod scheduling without managing EC2 instances.
Fargate profile for running pods on AWS Fargate compute.
/**
* Fargate profile for running pods on Fargate
*/
class FargateProfile extends Construct implements ITaggable {
constructor(scope: Construct, id: string, props: FargateProfileProps);
/** Fargate profile ARN */
readonly fargateProfileArn: string;
/** Fargate profile name */
readonly fargateProfileName: string;
/** Pod execution role */
readonly podExecutionRole: iam.IRole;
/** Resource tags */
readonly tags: TagManager;
}
/**
* Fargate profile properties
*/
interface FargateProfileProps extends FargateProfileOptions {
/** EKS cluster */
readonly cluster: ICluster;
}
/**
* Fargate profile configuration options
*/
interface FargateProfileOptions {
/** Pod selectors */
readonly selectors: Selector[];
/** Fargate profile name */
readonly fargateProfileName?: string;
/** Pod execution role */
readonly podExecutionRole?: iam.IRole;
/** VPC configuration */
readonly vpc?: ec2.IVpc;
/** VPC subnets */
readonly subnets?: ec2.SubnetSelection;
/** Resource tags */
readonly tags?: { [key: string]: string };
}Usage Examples:
import * as eks from "@aws-cdk/aws-eks";
// Basic Fargate profile for specific namespace
const fargateProfile = cluster.addFargateProfile("FargateProfile", {
selectors: [
{ namespace: "default" },
{ namespace: "kube-system" },
],
});
// Advanced Fargate profile with label selectors
const appProfile = cluster.addFargateProfile("AppProfile", {
fargateProfileName: "app-profile",
selectors: [
{
namespace: "production",
labels: {
"compute-type": "fargate",
"app": "web-server",
},
},
{
namespace: "staging",
labels: {
"compute-type": "fargate",
},
},
],
subnets: { subnetType: ec2.SubnetType.PRIVATE },
});/**
* Fargate profile selector
*/
interface Selector {
/** Kubernetes namespace */
readonly namespace: string;
/** Pod labels */
readonly labels?: { [key: string]: string };
}/**
* EKS cluster running entirely on AWS Fargate
*/
class FargateCluster extends Cluster {
constructor(scope: Construct, id: string, props: FargateClusterProps);
/** Default Fargate profile */
readonly defaultProfile: FargateProfile;
}
/**
* Fargate cluster properties
*/
interface FargateClusterProps extends ClusterOptions {
/** VPC to launch the cluster in */
readonly vpc?: ec2.IVpc;
/** Kubernetes version */
readonly version: KubernetesVersion;
/** Default profile configuration */
readonly defaultProfile?: FargateProfileOptions;
}Fargate Cluster Usage:
import * as eks from "@aws-cdk/aws-eks";
// Create Fargate-only cluster
const fargateCluster = new eks.FargateCluster(this, "FargateCluster", {
version: eks.KubernetesVersion.V1_21,
defaultProfile: {
selectors: [
{ namespace: "default" },
{ namespace: "kube-system" },
],
},
});
// Deploy application to Fargate
fargateCluster.addManifest("WebApp", {
apiVersion: "apps/v1",
kind: "Deployment",
metadata: {
name: "webapp",
namespace: "default",
},
spec: {
replicas: 3,
selector: { matchLabels: { app: "webapp" } },
template: {
metadata: {
labels: {
app: "webapp",
"compute-type": "fargate",
},
},
spec: {
containers: [{
name: "app",
image: "nginx:latest",
ports: [{ containerPort: 80 }],
}],
},
},
},
});The pod execution role is automatically created if not provided, with the following permissions:
/**
* Default pod execution role permissions
*/
interface PodExecutionRolePermissions {
/** EKS Fargate pod execution role policy */
readonly amazonEKSFargatePodExecutionRolePolicy: string;
/** ECR read access for pulling container images */
readonly amazonEC2ContainerRegistryReadOnly: string;
}Resource Requirements:
Networking:
Storage:
Limitations: