Add AWS Cloud Provider Docs

[geoffcline]

Description of changes:
Add AWS cloud provider page.
Add description of well known labels and corresponding behavior on AWS. For example, launch nodes in a particular availability zone.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[netlify]

✔️ Deploy Preview for karpenter-docs-prod ready!

🔨 Explore the source changes: 9758057

🔍 Inspect the deploy log: https://app.netlify.com/sites/karpenter-docs-prod/deploys/6104713f03b39b00082c96da

😎 Browse the preview: https://deploy-preview-557--karpenter-docs-prod.netlify.app/docs/cloud-providers/aws

[geoffcline]

Changed page https://deploy-preview-557--karpenter-docs-prod.netlify.app/docs/cloud-providers/aws/

[rothgar]

Should this be = or :?

[geoffcline]

The kubernetes docs use =, and I merely assumed they had a good reason

https://kubernetes.io/docs/reference/labels-annotations-taints/

[ellistarn]

This field is actually fully vendor neutral, so it should probably exist in vendor neutral docs. It just happens that for AWS, the values accepted are aws specific.

[geoffcline]

I would like to keep this here for now. The info in this section is largely AWS specific.

[ellistarn]

Any label starting with node.k8s.aws is AWS specific. IIUC, we're using this one https://kubernetes.io/docs/reference/labels-annotations-taints/#nodekubernetesioinstance-type

[geoffcline]

thanks for the reviews all! I pushed an update and responded to some comments.

[ellistarn]

I think allowlist is the wrong frame. Karpenter is built on a concepts of defaults (provisioner) + overrides (pod). A pod can specify a node selector for an instance type that is not in the provisioner's defaults.

[geoffcline]

I'm confused - if a pod specifies an instance type not in karpenter's instance type list, karpenter will still provision it?

[ellistarn]

Correct. The provisioner controls a set of defaults, but if the pod has a specific opinion, it will override the instance type and we'll use that.

[geoffcline]

This definitely needs to be documented.

[ellistarn]

"Regarding AWS" seems like an awkward way to start a sentence to me. Also -- specifying the number in the sentence will easily become stale as we add more things to this list.

[geoffcline]

this will be resolved after we refactor the categories

[ellistarn]

What about Architecture and Operating System and Zone?

[geoffcline]

Instance type is specified as it's own list in the crd yaml, so I kept it separate.

"Node labels" are things that go under "labels:" in the provisioner crd.

I also separated the pod GPU stuff because it only makes sense to include a podspec and not the provisioner crd.

I'm very open to alternate ways to structure some page. I did struggle with trying to make it more than a random list.

[ellistarn]

Here's how I think about it:

Vendor neutral constraints (provisioner top level fields, pod.spec.nodeSelector)

• instance type
• zone
• architecture
• operating system

Vendor specific constraints (provisioner.spec.labels, pod.spec.nodeSelector)

• [aws] capacity type
• [aws] launch template
• [aws] security groups
• [aws] subnets

[ellistarn]

I think this pod label's piece isn't quite accurate. Specifically, these are pod.spec.nodeSelector. They're choosing node labels.

[geoffcline]

what is a good more general name? pod requirements?

[ellistarn]

This isn't true -- see overrides above.

[ellistarn]

I'd avoid use of the word "intelligently", as it implies something that it's not. It's just logic.

[geoffcline]

I changed it to "...karpenter will determine the instance type..."

[ellistarn]

It will binpack pending pods into the smallest number of nodes allowed by scheduling constraints. This is to minimize node overhead.

[geoffcline]

what is the difference between minimizing node overhead and maximizing node utilization?

[ellistarn]

It's a classical NP-Hard computer science problem to minimize node overhead. Minimizing the number of nodes (which is what we do currently) minimizes the node overhead, which tends to do better w.r.t overall utilization.

e.g.
Given 2 pods, 1 core + 35 cores = 36 cores total. It's NP-Hard to calculate that this should be two instances (c5.9xlarge + c5.large), and instead our logic will provision a c5.12xlarge, which is 8 additional "wasted" cores. However, pods that get created in the future will be able to schedule here, so in the limit of the cluster, it's likely this capacity will get used, but the node-level overhead (daemonsets, etc) will be reduced.

[ellistarn]

I'd avoid language like "More specifically". Just state what it is.

[geoffcline]

I'm leaning towards keeping it.

What does it mean to use bottlerocket by default? It means we create a launch template for you with that OS.

[ellistarn]

We should state that customers should rely on Karpenter's default launch templates unless their use case requires something else.

[geoffcline]

I'm hesitant to add this. I think the reader would understand when a different launch template is needed.

Is there an unexpected consequence of using your own launch template?

[ellistarn]

This is a first class field in the provisioner (since it's an upstream k8s concept), and a nodeSelector at the pod level (since everything is a nodeSelector for pods).

[geoffcline]

I'm reluctant to fragment the docs further at this point. For this release (where we only support AWS), I would like to have a single page where users can ctrl-f for the different tags/values.

[ellistarn]

Can you clarify that this should be done in addition to resources. Otherwise the kubelet won't allocate the GPU to the pod.

[geoffcline]

I clarified this, but the new content needs further review. I misunderstood this previously.

[geoffcline]

Note to self: revert desc of AZ IDs

[geoffcline]

pushed a revision removing description of AZ IDs

[akestner]

Worked on this together