as long as the main cluster can talk to the other clusters then you shouldn’t need anything else. you’re just hitting the kube api, so as long as that’s accessible.
and you can keep the original cluster running both yeah.
l
Laura Lin
12/21/2022, 9:18 PM
Can I reuse all the aws permissioning roles ?
Is there a step needed to have the clusters talk to each other? Or as long as they have the same roles + in the same vpc that it should be ok
y
Yee
12/21/2022, 9:32 PM
the additional clusters don’t need to talk to each other, they just need to talk back to admin (for eventing) but this will use the same ingress that everyone else uses.
so yeah that setting might be different.
in the cluster with both the admin address for propeller might just be the k8s service dns. but for the additional clusters, the admin address you’ll need to configure is the ingress one.
l
Laura Lin
12/21/2022, 10:33 PM
does the data plane cluster have to in the original cluster's EKS created security group? or just the general security group's are ok
k
Kevin Su
01/12/2023, 10:52 PM
I think it should use original cluster’s EKS created security group. otherwise, you will get some connection issues