Skip to main content

astroctl_infra_kubernetes_apply

astroctl infra kubernetes apply

Apply the cluster configurations to create a new cluster

Synopsis

Create a Kubernetes cluster from a YAML specification file.

Credentials prerequisite: run 'astroctl cloud <provider> connect' once before creating clusters.

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ EKS — AWS Elastic Kubernetes Service ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ apiVersion: platform.astropulse.io/v1 kind: K8sCluster spec: clusterName: my-eks-cluster provider: aws region: us-east-1 # AWS region (us-east-1, us-west-2, eu-west-1, ...) clusterSpec: dataPlane: nodeGroups:

  • name: ng-workers minNode: 2 maxNode: 5 machineTypes: [t3.medium] # t3.medium | m5.large | c5.2xlarge | p3.2xlarge | ... instanceType: ondemand # ondemand | spot availabilityZones: [] # optional — omit to auto-select 3 zones labels: # optional — Kubernetes node labels taints: [] # optional — Kubernetes node taints provisioner: type: eks eks: accountId: "123456789012" # 12-digit AWS account ID (required) kubernetesVersion: "1.30" # optional — omit for latest amiFamily: AmazonLinux2023 # optional — AmazonLinux2023 | AmazonLinux2 | Bottlerocket | Ubuntu2004 | Ubuntu2204 | Ubuntu2404 credentials: type: dynamic # uses 'astroctl cloud aws connect' credentials

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ GKE — Google Kubernetes Engine ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ apiVersion: platform.astropulse.io/v1 kind: K8sCluster spec: clusterName: my-gke-cluster provider: gcp region: us-central1 # GCP region (us-central1, europe-west1, asia-east1, ...) clusterSpec: dataPlane: nodeGroups:

  • name: ng-workers minNode: 2 maxNode: 5 machineTypes: [n2-standard-2] # n2-standard-2 | e2-medium | c2-standard-4 | n1-standard-4 | ... instanceType: ondemand availabilityZones: [] # optional — e.g. [us-central1-a, us-central1-b] labels: # optional — Kubernetes node labels provisioner: type: gke gke: projectId: my-gcp-project # GCP project ID (required) kubernetesVersion: "1.30" # optional — omit for channel default releaseChannel: STABLE # optional — RAPID | REGULAR | STABLE (default: STABLE) autopilot: false # optional — true: GKE manages nodes automatically (pay per pod) authorizedNetworks: [] # optional — CIDR blocks allowed to reach the API server (max 50) credentials: type: dynamic # uses 'astroctl cloud gcp connect' WIF credentials

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ AKS — Azure Kubernetes Service ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ apiVersion: platform.astropulse.io/v1 kind: K8sCluster spec: clusterName: my-aks-cluster provider: azure region: eastus # Azure region (eastus, westeurope, southeastasia, ...) clusterSpec: dataPlane: nodeGroups:

  • name: ng-workers # AKS: first node group is the system pool (minNode >= 2) minNode: 2 maxNode: 5 machineTypes: [Standard_D2s_v3] # Standard_D2s_v3 | Standard_B2ms | Standard_D4s_v3 | ... instanceType: ondemand labels: # optional — Kubernetes node labels provisioner: type: aks aks: subscriptionId: "00000000-0000-0000-0000-000000000000" # Azure subscription UUID (required) resourceGroup: my-resource-group # Azure resource group (required) kubernetesVersion: "1.30" # optional — omit for AKS default autoUpgradeChannel: stable # optional — patch | stable | rapid | node-image | none nodeOsUpgradeChannel: NodeImage # optional — SecurityPatch | NodeImage | None | Unmanaged authorizedIPRanges: [] # optional — CIDR blocks for API server access (max 200) credentials: type: dynamic # uses 'astroctl cloud azure connect' credentials

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ selfHosted — Self-managed cluster on AWS or GCP ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ apiVersion: platform.astropulse.io/v1 kind: K8sCluster spec: clusterName: my-selfhosted-cluster provider: aws # aws | gcp region: us-east-1 clusterSpec: controlPlane: # optional — customize control plane nodes nodeGroup: name: control-plane machineTypes: [t3.medium] minNode: 1 # must be odd (1, 3, 5) maxNode: 1 dataPlane: nodeGroups:

  • name: ng-workers minNode: 2 maxNode: 5 machineTypes: [t3.medium] instanceType: ondemand provisioner: type: selfHosted selfHosted: accountId: "123456789012" # AWS account ID or GCP project ID (required) kubernetesVersion: "1.30.5" # optional — full semver only ("1.30.5", not "1.30") credentials: type: vault # vault is the only supported type for selfHosted

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Rules and constraints ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Required: clusterName, provider, region, clusterSpec.dataPlane.nodeGroups (min 1), provisioner.type, and the matching provider spec (eks/gke/aks/selfHosted).

Node group rules:

  • Total maxNode across all groups must be > total minNode (room to scale)
  • minNode >= 1 per group
  • AKS: first node group is the system pool; minNode >= 2
  • selfHosted controlPlane: minNode/maxNode must be odd (1, 3, 5)
  • selfHosted kubernetesVersion: full semver only ("1.30.5", not "1.30")

Credential types: dynamic — platform assumes an IAM/WIF role; requires 'astroctl cloud <p> connect' first (EKS, GKE, AKS) vault — platform retrieves from encrypted vault; requires 'astroctl cloud <p> selfHosted connect' first (selfHosted only)

Discovery commands (use these to find valid values): astroctl infra k8s k8s-version -p <provider> -r <region> # list supported Kubernetes versions astroctl providers machinetypes get -p <provider> -r <region> <machine-type> # validate a machine type astroctl providers regions list -p <provider> # list supported regions

After apply, monitor progress: astroctl infra k8s progress stream CLUSTER_NAME

astroctl infra kubernetes apply [flags]

Examples


# Apply cluster config from a file
astroctl infra k8s apply -f cluster.yaml

# Skip confirmation prompt (CI/automation/MCP)
astroctl infra k8s apply -f cluster.yaml --yes

# Validate without creating (dry-run)
astroctl infra k8s apply -f cluster.yaml --dry-run

# Pipe YAML from stdin (EKS example)
cat cluster-eks.yaml | astroctl infra k8s apply -f - --yes

# Pipe YAML inline
echo 'apiVersion: platform.astropulse.io/v1
kind: K8sCluster
spec:
  clusterName: my-eks
  provider: aws
  region: us-east-1
  clusterSpec:
    dataPlane:
      nodeGroups:
        - name: workers
          minNode: 2
          maxNode: 5
          machineTypes: [t3.medium]
          instanceType: ondemand
  provisioner:
    type: eks
    eks:
      accountId: "123456789012"
      credentials:
        type: dynamic' | astroctl infra k8s apply -f - --yes

Options

      --dry-run       Validate the cluster configuration without creating the cluster
  -f, --file string   The files that contain the configurations to apply. Use '-' to read from stdin.
  -h, --help          help for apply
      --yes           Skip confirmation prompt (for automation/CI)

Options inherited from parent commands

  -o, --output string   Output format (json|yaml) (default "yaml")

SEE ALSO