Resolve merge conflict in argocd-permissions.adoc

candonov · candonov · commit 31c2a655ac10 · 2026-01-23T20:24:53.000Z
diff --git a/latest/ug/automode/auto-change.adoc b/latest/ug/automode/auto-change.adoc
@@ -14,6 +14,10 @@ To receive notifications of all source file changes to this specific documentati
 https://github.com/awsdocs/amazon-eks-user-guide/commits/mainline/latest/ug/automode/auto-change.adoc.atom
 ----
 
+== December 19, 2025
+
+**Feature**: Added support for secondary IP mode that provisions secondary IP addresses instead of prefix to Auto nodes. The mode maintains a one secondary IP as MinimalIPTarget and save IP resources for customers who don't need to warm up more secondary IPs or prefixes. For more information, see <<auto-node-class-spec>> and <<secondary-IP-mode>>.
+
 == November 19, 2025
 
 **Feature**: Enabled Seekable OCI (SOCI) parallel pull and unpack for G, P, and Trn family instances with local NVMe storage. SOCI parallel pull and unpack is always used for these instance families with EKS Auto Mode and there are no configuration changes required to enable it. For more information on SOCI, see the https://aws.amazon.com/blogs/containers/introducing-seekable-oci-parallel-pull-mode-for-amazon-eks/[launch blog].
diff --git a/latest/ug/automode/automode.adoc b/latest/ug/automode/automode.adoc
@@ -10,6 +10,11 @@ include::../attributes.txt[]
 Automate cluster infrastructure with EKS Auto Mode
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS Auto Mode workshops.
+====
+
 EKS Auto Mode extends {aws} management of Kubernetes clusters beyond the cluster itself, to allow {aws} to also set up and manage the infrastructure that enables the smooth operation of your workloads.
 You can delegate key infrastructure decisions and leverage the expertise of {aws} for day-to-day operations.
 Cluster infrastructure managed by {aws} includes many Kubernetes capabilities as core components, as opposed to add-ons, such as compute autoscaling, pod and service networking, application load balancing, cluster DNS, block storage, and GPU support. 
diff --git a/latest/ug/automode/create-node-class.adoc b/latest/ug/automode/create-node-class.adoc
@@ -201,6 +201,8 @@ spec:
         # Domains to exclude, put all VPC endpoints here
         - .internal
         - .eks.amazonaws.com
+    # ipv4PrefixSize is default to Auto which is prefix and fallback to secondary IP. "32" is the secondary IP mode.
+    ipv4PrefixSize: Auto # or "32"
 
   advancedSecurity:
     # Optional, US regions only: Specifying `fips: true` will cause nodes in the nodeclass to run FIPS compatible AMIs.
@@ -293,3 +295,35 @@ spec:
 * *Network planning*: Ensure adequate IP address space in both node and Pod subnets to support your workload requirements.
 * *Routing configuration*: Verify that route table and network Access Control List (ACL) of the Pod subnets are properly configured for communication between node and Pod subnets.
 * *Availability Zones*: Verify that you've created Pod subnets across multiple AZs. If you are using specific Pod subnet, it must be in the same AZ as the node subnet AZ.
+
+[#secondary-IP-mode]
+== Secondary IP Mode for Pods
+
+The `ipv4PrefixSize` fields enables advanced networking configurations by allowing only allocating secondary IP addresses to nodes. This feature doesn't allocate prefix (/28) to nodes and maintain only one secondary IP as MinimalIPTarget. 
+
+=== Use cases
+
+Use `ipv4PrefixSize` when you need to:
+
+* *Reduced IP utilization*: Only one IP addresses will be warmed up in every node.
+* *Lower pods churning rate*: Pods creation velocity is not a major concern.
+* *No prefix fragmentation*: Prefix caused fragmentation is a major concern or blocker to use Auto mode.
+
+=== Example configuration
+
+[source,yaml]
+----
+apiVersion: eks.amazonaws.com/v1
+kind: NodeClass
+metadata:
+  name: advanced-networking
+spec:
+  role: MyNodeRole
+  
+  advancedNetworking:
+    ipv4PrefixSize: "32"
+----
+
+=== Considerations for secondary IP mode
+
+* *Reduced Pod creation velocity*: Since only one secondary IP is warmed up, the IPAM service need more time to provision IPs on more pods creation.
diff --git a/latest/ug/capabilities/argocd-permissions.adoc b/latest/ug/capabilities/argocd-permissions.adoc
@@ -101,7 +101,7 @@ An identity can be a user or a group.
 
 [source,bash,subs="verbatim,quotes"]
 ----
-aws eksfe update-capability \
+aws eks update-capability \
   --region [.replaceable]`us-east-1` \
   --cluster-name [.replaceable]`cluster` \
   --capability-name [.replaceable]`capname` \
@@ -189,12 +189,12 @@ spec:
   # Source restrictions
   sourceRepos:
   - https://github.com/myorg/team-a-apps
-  
+
   # Destination restrictions
   destinations:
   - namespace: team-a-*
     server: arn:aws:eks:us-west-2:111122223333:cluster/production
-  
+
   # Resource restrictions
   clusterResourceWhitelist:
   - group: ''
diff --git a/latest/ug/clusters/update-cluster.adoc b/latest/ug/clusters/update-cluster.adoc
@@ -10,6 +10,11 @@ include::../attributes.txt[]
 Learn how to update your Amazon EKS cluster to the latest Kubernetes version, ensuring compatibility with nodes and add-ons, and maintaining high availability during the process.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops. 
+====
+
 When a new Kubernetes version is available in Amazon EKS, you can update your Amazon EKS cluster to the latest version.  
 
 [IMPORTANT]
diff --git a/latest/ug/getting-started/install-kubectl.adoc b/latest/ug/getting-started/install-kubectl.adoc
@@ -10,6 +10,11 @@ include::../attributes.txt[]
 Learn how to install or update the `kubectl` and `eksctl` command line tools to work with Kubernetes and Amazon EKS features.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops.
+====
+
 Once the {aws} CLI is installed, there are two other tools you should install to create and manage your Kubernetes clusters:
 
 * `kubectl`: The `kubectl` command line tool is the main tool you will use to manage resources within your Kubernetes cluster. This page describes how to download and set up the `kubectl` binary that matches the version of your Kubernetes cluster. See <<kubectl-install-update,Install or update kubectl>>.
diff --git a/latest/ug/manage-access/aws-access/iam-roles-for-service-accounts.adoc b/latest/ug/manage-access/aws-access/iam-roles-for-service-accounts.adoc
@@ -10,6 +10,11 @@ include::../../attributes.txt[]
 Learn how applications in your Pods can access {aws} services.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops.
+====
+
 Applications in a Pod's containers can use an {aws} SDK or the {aws} CLI to make API requests to {aws} services using {aws} Identity and Access Management (IAM) permissions. Applications must sign their {aws} API requests with {aws} credentials. *IAM roles for service accounts (IRSA)* provide the ability to manage credentials for your applications, similar to the way that Amazon EC2 instance profiles provide credentials to Amazon EC2 instances. Instead of creating and distributing your {aws} credentials to the containers or using the Amazon EC2 instance's role, you associate an IAM role with a Kubernetes service account and configure your Pods to use the service account. You can't use IAM roles for service accounts with <<eks-outposts-local-cluster-overview,local clusters for Amazon EKS on {aws} Outposts>>.
 
 IAM roles for service accounts provide the following benefits:
diff --git a/latest/ug/manage-access/create-kubeconfig.adoc b/latest/ug/manage-access/create-kubeconfig.adoc
@@ -10,6 +10,11 @@ include::../attributes.txt[]
 Learn how to create or update a kubeconfig file for authenticating with your Amazon EKS cluster using kubectl. Follow prerequisites for required tools and permissions.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops.
+====
+
 In this topic, you create a `kubeconfig` file for your cluster (or update an existing one).
 
 The `kubectl` command-line tool uses configuration information in `kubeconfig` files to communicate with the API server of a cluster. For more information, see https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/[Organizing Cluster Access Using kubeconfig Files] in the Kubernetes documentation.
diff --git a/latest/ug/ml/ml-realtime-inference-cluster.adoc b/latest/ug/ml/ml-realtime-inference-cluster.adoc
@@ -10,6 +10,11 @@ include::../attributes.txt[]
 Learn how to set up an Amazon EKS cluster optimized for real-time online inference workloads using GPU-accelerated nodes, Karpenter for autoscaling, and integrate {aws} services to serve a model.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS AI/ML workshops.
+====
+
 == Introduction
 
 This guide offers a hands-on walkthrough for setting up an Amazon Elastic Kubernetes Service (EKS) cluster optimized for real-time online inference workloads, incorporating best practices curated by {aws} experts throughout. It uses an opinionated EKS Quickstart Architecture—a curated set of drivers, instance types, and configurations aligned with {aws} best practices for models, accelerators, and scaling. This approach helps you bypass the task of selecting cluster settings, allowing you to get a functional, pre-configured cluster up and running quickly. Along the way, we'll deploy sample workloads to validate your setup, explain key architectural concepts (such as decoupling CPU-bound tasks from GPU-intensive computations), address common questions (e.g., why choose Bottlerocket AMI over AL2023?), and outline next steps to extend your cluster's capabilities.
diff --git a/latest/ug/ml/ml-realtime-inference.adoc b/latest/ug/ml/ml-realtime-inference.adoc
@@ -10,6 +10,11 @@ include::../attributes.txt[]
 Learn how to set up and manage real-time online inference workloads on Amazon EKS.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS AI/ML workshops.
+====
+
 This section is designed to help you deploy and operate real-time online inference workloads on Amazon Elastic Kubernetes Service (EKS). You'll find guidance on building optimized clusters with GPU-accelerated nodes, integrating {aws} services for storage and autoscaling, deploying sample models for validation, and key architectural considerations such as decoupling CPU and GPU tasks, selecting appropriate AMIs and instance types, and ensuring low-latency exposure of inference endpoints.
 
 [.topiclist]
diff --git a/latest/ug/ml/ml-recipes.adoc b/latest/ug/ml/ml-recipes.adoc
@@ -10,6 +10,11 @@ include::../attributes.txt[]
 Follow bite-sized recipes to optimize your Amazon EKS clusters for AI/ML workloads.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS AI/ML workshops.
+====
+
 This section is designed to provide bite-sized recipes for optimizing your Amazon EKS cluster, particularly for AI/ML workloads involving specialized hardware. You'll find guidance on preventing pods from being scheduled on specific nodes by adding taints to managed node groups, including prerequisites, step-by-step procedures, and deployment considerations.
 
 [.topiclist]
diff --git a/latest/ug/networking/aws-load-balancer-controller.adoc b/latest/ug/networking/aws-load-balancer-controller.adoc
@@ -10,6 +10,11 @@ include::../attributes.txt[]
 Learn how to configure and use the {aws} Load Balancer Controller to expose Kubernetes cluster apps to the internet with {aws} Elastic Load Balancing for Kubernetes services and ingresses.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops. 
+====
+
 The {aws} Load Balancer Controller manages {aws} Elastic Load Balancers for a Kubernetes cluster. You can use the controller to expose your cluster apps to the internet. The controller provisions {aws} load balancers that point to cluster Service or Ingress resources. In other words, the controller creates a single IP address or DNS name that points to multiple pods in your cluster.  
 
 image::images/lbc-overview.png["Architecture diagram. Illustration of traffic coming from internet users, to Amazon Load Balancer. Amazon Load Balancer distributes traffic to pods in the cluster.",scaledwidth=50%]
diff --git a/latest/ug/networking/lbc-helm.adoc b/latest/ug/networking/lbc-helm.adoc
@@ -10,6 +10,12 @@ include::../attributes.txt[]
 Learn how to install the {aws} Load Balancer Controller on Amazon EKS using Helm to manage K8s load balancing with {aws} Cloud. Discover the prerequisites and steps for creating an IAM role, installing with Helm, and verifying the controller deployment.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops. 
+====
+
+
 [TIP]
 ====
 With Amazon EKS Auto Mode, you don't need to install or upgrade networking add-ons. Auto Mode includes pod networking and load balancing capabilities. 
diff --git a/latest/ug/networking/managing-vpc-cni.adoc b/latest/ug/networking/managing-vpc-cni.adoc
@@ -10,6 +10,12 @@ include::../attributes.txt[]
 Discover how the Amazon VPC CNI plugin for Kubernetes add-on works to assign private IP addresses and create network interfaces for Pods and services in your Amazon EKS cluster.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops. 
+====
+
+
 [TIP]
 ====
 With Amazon EKS Auto Mode, you don't need to install or upgrade networking add-ons. Auto Mode includes pod networking and load balancing capabilities. 
diff --git a/latest/ug/versioning/kubernetes-versions-standard.adoc b/latest/ug/versioning/kubernetes-versions-standard.adoc
@@ -10,6 +10,11 @@ include::../attributes.txt[]
 This topic gives important changes to be aware of for each Kubernetes version in standard support.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops. 
+====
+
 This topic gives important changes to be aware of for each Kubernetes version in standard support. When upgrading, carefully review the changes that have occurred between the old and new versions for your cluster.
 
 [#kubernetes-1-34]
diff --git a/latest/ug/versioning/kubernetes-versions.adoc b/latest/ug/versioning/kubernetes-versions.adoc
@@ -11,6 +11,11 @@ include::../attributes.txt[]
 Learn how Amazon EKS supports Kubernetes versions with standard and extended support periods, allowing you to proactively update clusters with the latest versions, features, and security patches.
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops.
+====
+
 Kubernetes rapidly evolves with new features, design updates, and bug fixes. The community releases new Kubernetes minor versions (such as `{k8s-n}`) on average once every four months. Amazon EKS follows the upstream release and deprecation cycle for minor versions. As new Kubernetes versions become available in Amazon EKS, we recommend that you proactively update your clusters to use the latest available version.
 
 A minor version is under standard support in Amazon EKS for the first 14 months after it's released. Once a version is past the end of standard support date, it enters extended support for the next 12 months. Extended support allows you to stay at a specific Kubernetes version for longer at an additional cost per cluster hour. If you haven't updated your cluster before the extended support period ends, your cluster is auto-upgraded to the oldest currently supported extended version.
@@ -61,7 +66,7 @@ To receive notifications of all source file changes to this specific documentati
 
 [source,none]
 ----
-https://github.com/awsdocs/amazon-eks-user-guide/commits/mainline/latest/ug/clusters/kubernetes-versions.adoc.atom
+https://github.com/awsdocs/amazon-eks-user-guide/commits/mainline/latest/ug/versioning/kubernetes-versions.adoc.atom
 ----
 
 [%header,cols="5"]
diff --git a/latest/ug/versioning/platform-versions.adoc b/latest/ug/versioning/platform-versions.adoc
@@ -34,7 +34,7 @@ To receive notifications of all source file changes to this specific documentati
 
 [source,none]
 ----
-https://github.com/awsdocs/amazon-eks-user-guide/commits/mainline/latest/ug/clusters/platform-versions.adoc.atom
+https://github.com/awsdocs/amazon-eks-user-guide/commits/mainline/latest/ug/versioning/platform-versions.adoc.atom
 ----
 
 
diff --git a/latest/ug/what-is/what-is-eks.adoc b/latest/ug/what-is/what-is-eks.adoc
@@ -9,6 +9,10 @@ include::../attributes.txt[]
 Learn to manage containerized applications with Amazon EKS
 --
 
+[TIP]
+====
+https://aws-experience.com/emea/smb/events/series/get-hands-on-with-amazon-eks?trk=4a9b4147-2490-4c63-bc9f-f8a84b122c8c&sc_channel=el[Register] for upcoming Amazon EKS workshops.
+====
 
 ## Amazon EKS: Simplified Kubernetes Management
 
