Carlos Rivera Senior Solutions Architect – AWS Public Sector

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Karpenter is an open-source, flexible, and high-performance Kubernetes cluster autoscaler. Dynamic, group- less node provisioning Open source and Kubernetes-native What is Karpenter? Automatic node sizing Rapid scaling

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. How CA provisions nodes on AWS Application Scheduler/HPA Pending Pods CA ASG EC2 Fleet (Instance)

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. How Karpenter provisions nodes on AWS 4 Application Scheduler/HPA Pending Pods CA ASG EC2 API EC2 Fleet (Instance) consolidates instance orchestration responsibilities within a single system Karpenter

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. How Karpenter Works • Deeply integrated with EC2 § EC2 Fleet API, no ASGs • Deeply Kubernetes native § Watch API, Labels, Finalizers • Automated instance selection § Matches workload needs to instance type based on the Provisoner profile • Karpenter terminates underutilized nodes Pending pods Existing capacity Just-in-time capacity Unschedulable pods API call to EC2 Right-sized instances. No ASGs to manage

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. apiVersion: karpenter.sh/v1alpha5 kind: Provisioner metadata: name: default spec: labels: intent: apps ttlSecondsAfterEmpty: 30 requirements: - key: karpenter.sh/capacity-type operator: In values: ["spot“,”on-demand”] - key: node.kubernetes.io/instance-type operator: In values: [“m5.large”, “m5.2xlarge”, “c5.large”, “c5.xlarge”] - key: karpenter.sh/capacity-type operator: In values: ["spot", "on-demand"] - key: topology.kubernetes.io/zone operator: In values: ["us-west-2a", "us-west-2b"] limits: resources: cpu: 1000 provider: securityGroupSelector: karpenter.sh/discovery: ${CLUSTER_NAME} • Provisioner – Custom Resource to provision nodes with a set of optional attributes (ex- Labels, Requirements, TTL) • A single provisioner can manage compute for multiple teams and workloads • Create a default provisioner (named “default”) for common scenarios • Multiple provisioners for isolating compute for different needs Compute provisioning with Provisioner CRD https://karpenter.sh/v0.30.0/provisioner/

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Flexible Cluster Auto Scaling with Karpenter Karpenter Provisioner Workload with matching scheduling constraints

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Flexible Cluster Auto Scaling with Karpenter Karpenter Provisioner Workload with matching scheduling constraints

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. 9 Default: all instance types, excluding metal Pending pods HPA/Application >> 1 vCPU request Node Karpenter New node Provisioning and scheduling decisions • Early binding to provisioned nodes vs. placeholder instances • Remove scheduler version dependency OR instanceTypes: [m5.large, m5.2xlarge, …] Karpenter scale-up

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Karpenter scale-in Pending pods HPA<< 1 vCPU request Node Karpenter Terminations • Remove underutilized nodes (empty nodes) • Node TTL • No longer future work: defragmentation (ver 0.15 – cluster consolidation) i.e. - remove nodes with pods that can be relocated, replace nodes with cheaper instances ttlSecondsAfterEmpty: seconds the controller will wait before attempting to delete a node, measured from when the node is detected to be empty 10 sec *If not specified, the feature is disabled and nodes will never scale down

Thank you! © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.