Install SSM Agent on Amazon EKS worker nodes by using Kubernetes DaemonSet

• https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/install-ssm-agent-on-amazon-eks-worker-nodes-by-using-kubernetes-daemonset.html

cat << EOF > ssm_daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  labels:
    k8s-app: ssm-installer
  name: ssm-installer
  namespace: kube-system
spec:
  selector:
    matchLabels:
      k8s-app: ssm-installer
  template:
    metadata:
      labels:
        k8s-app: ssm-installer
    spec:
      containers:
      - name: sleeper
        image: busybox
        command: ['sh', '-c', 'echo I keep things running! && sleep 3600']
      initContainers:
      - image: amazonlinux
        imagePullPolicy: Always
        name: ssm
        command: ["/bin/bash"]
        args: ["-c","echo '* * * * * root yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm & rm -rf /etc/cron.d/ssmstart' > /etc/cron.d/ssmstart"]
        securityContext:
          allowPrivilegeEscalation: true
        volumeMounts:
        - mountPath: /etc/cron.d
          name: cronfile
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      volumes:
      - name: cronfile
        hostPath:
          path: /etc/cron.d
          type: Directory
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      terminationGracePeriodSeconds: 30
EOF

Related[edit]

• AmazonSSMManagedInstanceCore
• yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm

See also[edit]

• amazon-ssm-agent [ -register | --help ], package, /etc/cron.d/ssmstart
• AWS Systems Manager Session Manager, port forwarding, aws ssm start-session, amazon-ssm-agent, ssm-installer
• EKS, eksctl, EKS add-ons, Amazon EKS cluster role, Terraform EKS, Kubernetes Autoscaler, Karpenter, Terraform module: EKS, Terraform resource: aws eks node group, Terraform data source: aws_eks_cluster, AWS Controllers for Kubernetes, AWS Load Balancer Controller, Amazon EKS Anywhere, Kustomize, aws-iam-authenticator, ACK, tEKS, Amazon EKS authorization, Amazon EKS authentication, Nodegroup, EKS storage, aws-ebs-csi-driver, aws-efs-csi-driver, aws-load-balancer-controller, amazon-vpc-cni-k8s, EKS security, EKS Best Practices Guides, hardeneks, EKS versions, fargate-scheduler, eks-connector, Resilience in Amazon EKS, EKS control plane logging, Security groups for Pods in EKS