Skip to content

Latest commit

 

History

History
114 lines (95 loc) · 10.6 KB

README.md

File metadata and controls

114 lines (95 loc) · 10.6 KB

EKS node_groups submodule

Helper submodule to create and manage resources related to eks_node_groups.

Node Groups' IAM Role

The role ARN specified in var.default_iam_role_arn will be used by default. In a simple configuration this will be the worker role created by the parent module.

iam_role_arn must be specified in either var.node_groups_defaults or var.node_groups if the default parent IAM role is not being created for whatever reason, for example if manage_worker_iam_resources is set to false in the parent.

node_groups and node_groups_defaults keys

node_groups_defaults is a map that can take the below keys. Values will be used if not specified in individual node groups.

node_groups is a map of maps. Key of first level will be used as unique value for for_each resources and in the aws_eks_node_group name. Inner map can take the below values.

Name Description Type If unset
additional_tags Additional tags to apply to node group map(string) Only var.tags applied
ami_release_version AMI version of workers string Provider default behavior
ami_type AMI Type. See Terraform or AWS docs string Provider default behavior
ami_id ID of custom AMI. If you use a custom AMI, you need to set ami_is_eks_optimized string Provider default behavior
ami_is_eks_optimized If the custom AMI is an EKS optimised image, ignored if ami_id is not set. If this is true then bootstrap.sh is called automatically (max pod logic needs to be manually set), if this is false you need to provide all the node configuration in pre_userdata bool true
capacity_type Type of instance capacity to provision. Options are ON_DEMAND and SPOT string Provider default behavior
create_launch_template Create and use a default launch template bool false
desired_capacity Desired number of workers number var.workers_group_defaults[asg_desired_capacity]
disk_encrypted Whether the root disk will be encrypyted. Requires create_launch_template to be true and disk_kms_key_id to be set bool false
disk_kms_key_id KMS Key used to encrypt the root disk. Requires both create_launch_template and disk_encrypted to be true string ""
disk_size Workers' disk size number Provider default behavior
disk_type Workers' disk type. Require create_launch_template to be true string Provider default behavior
disk_throughput Workers' disk throughput. Require create_launch_template to be true and disk_type to be gp3 number Provider default behavior
disk_iops Workers' disk IOPS. Require create_launch_template to be true and disk_type to be gp3 number Provider default behavior
ebs_optimized Enables/disables EBS optimization. Require create_launch_template to be true bool true if defined instance\_types are not present in var.ebs\_optimized\_not\_supported
enable_monitoring Enables/disables detailed monitoring. Require create_launch_template to be true bool true
eni_delete Delete the Elastic Network Interface (ENI) on termination (if set to false you will have to manually delete before destroying) bool true
force_update_version Force version update if existing pods are unable to be drained due to a pod disruption budget issue. bool Provider default behavior
iam_role_arn IAM role ARN for workers string var.default_iam_role_arn
instance_types Node group's instance type(s). Multiple types can be specified when capacity_type="SPOT". list [var.workers_group_defaults[instance_type]]
k8s_labels Kubernetes labels map(string) No labels applied
key_name Key name for workers. Set to empty string to disable remote access string var.workers_group_defaults[key_name]
bootstrap_env Provide environment variables to customise bootstrap.sh. Require create_launch_template to be true map(string) {}
kubelet_extra_args Extra arguments for kubelet, this is automatically merged with labels. Require create_launch_template to be true string ""
launch_template_id The id of a aws_launch_template to use string No LT used
launch_template_version The version of the LT to use  string none
max_capacity Max number of workers number var.workers_group_defaults[asg_max_size]
min_capacity Min number of workers number var.workers_group_defaults[asg_min_size]
update_config.max_unavailable_percentage Max percentage of unavailable nodes during update. (e.g. 25, 50, etc) number null if update_config.max_unavailable is set
update_config.max_unavailable Max number of unavailable nodes during update number null if update_config.max_unavailable_percentage is set
name Name of the node group. If you don't really need this, we recommend you to use name_prefix instead. string Will use the autogenerate name prefix
name_prefix Name prefix of the node group string Auto generated
pre_userdata userdata to pre-append to the default userdata. Require create_launch_template to be true string ""
public_ip Associate a public ip address with a worker. Require create_launch_template to be true string false
source_security_group_ids Source security groups for remote access to workers list(string) If key_name is specified: THE REMOTE ACCESS WILL BE OPENED TO THE WORLD
subnets Subnets to contain workers list(string) var.workers_group_defaults[subnets]
version Kubernetes version string Provider default behavior
taints Kubernetes node taints list(map) empty
timeouts A map of timeouts for create/update/delete operations. map(string) Provider default behavior
update_default_version Whether or not to set the new launch template version the Default bool true
metadata_http_endpoint The state of the instance metadata service. Requires create_launch_template to be true string var.workers_group_defaults[metadata_http_endpoint]
metadata_http_tokens If session tokens are required. Requires create_launch_template to be true string var.workers_group_defaults[metadata_http_tokens]
metadata_http_put_response_hop_limit The desired HTTP PUT response hop limit for instance metadata requests. Requires create_launch_template to be true number var.workers_group_defaults[metadata_http_put_response_hop_limit]

Requirements

Name Version
terraform >= 0.13.1
aws >= 3.56.0
cloudinit >= 2.0

Providers

Name Version
aws >= 3.56.0
cloudinit >= 2.0

Modules

No modules.

Resources

Name Type
aws_eks_node_group.workers resource
aws_launch_template.workers resource
cloudinit_config.workers_userdata data source

Inputs

Name Description Type Default Required
cluster_auth_base64 Base64 encoded CA of parent cluster string "" no
cluster_endpoint Endpoint of parent cluster string "" no
cluster_name Name of parent cluster string "" no
create_eks Controls if EKS resources should be created (it affects almost all resources) bool true no
default_iam_role_arn ARN of the default IAM worker role to use if one is not specified in var.node_groups or var.node_groups_defaults string "" no
ebs_optimized_not_supported List of instance types that do not support EBS optimization list(string) [] no
ng_depends_on List of references to other resources this submodule depends on any null no
node_groups Map of maps of eks_node_groups to create. See "node_groups and node_groups_defaults keys" section in README.md for more details any {} no
node_groups_defaults map of maps of node groups to create. See "node_groups and node_groups_defaults keys" section in README.md for more details any {} no
tags A map of tags to add to all resources map(string) {} no
worker_additional_security_group_ids A list of additional security group ids to attach to worker instances list(string) [] no
worker_security_group_id If provided, all workers will be attached to this security group. If not given, a security group will be created with necessary ingress/egress to work with the EKS cluster. string "" no
workers_group_defaults Workers group defaults from parent any {} no

Outputs

Name Description
aws_auth_roles Roles for use in aws-auth ConfigMap
node_groups Outputs from EKS node groups. Map of maps, keyed by var.node_groups keys. See aws_eks_node_group Terraform documentation for values