-
Tiger authored
There are several steps to this process: * GitLab assumes the role provided by the user and stores a set of temporary credentials on the provider record. By default these credentials are valid for one hour. * A CloudFormation stack is created, based on the template in vendor/aws/cloudformation/eks_cluster.yaml. This triggers creation of all resources required for an EKS cluster. * GitLab polls the status of the stack until all resources are ready, which takes somewhere between 10 and 15 minutes in most cases. * When the cluster is ready, GitLab stores the cluster details and fetches another set of temporary credentials, this time to allow connecting to the cluster via Kubeclient. These credentials are valid for one minute. * GitLab configures the worker nodes so that they are able to authenticate to the cluster, and creates a service account for itself for future operations. * Finally, all details and credentials that are no longer required are removed.
e1932b5c