From 3eeb07a5cd670b73b534ac3cd311d9bab15c8b2a Mon Sep 17 00:00:00 2001 From: devops0706 Date: Fri, 15 Mar 2024 15:24:11 +0530 Subject: [PATCH 1/5] increased pod capacity in eks worker node --- README.md | 2 + examples/complete/main.tf | 37 ++++++++++--------- modules/managed-nodegroup/README.md | 7 +++- modules/managed-nodegroup/main.tf | 27 +++++++++++++- .../templates/custom-bootstrap-script.sh.tpl | 2 +- modules/managed-nodegroup/variables.tf | 31 ++++++++++++++++ 6 files changed, 85 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 211857f..3892143 100644 --- a/README.md +++ b/README.md @@ -163,6 +163,7 @@ In this module, we have implemented the following CIS Compliance checks for EKS: | [aws_iam_policy.kubernetes_pvc_kms_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | | [aws_iam_policy.node_autoscaler_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | | [aws_iam_role.node_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy_attachment.S3Access_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | | [aws_iam_role_policy_attachment.SSMManagedInstanceCore_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | | [aws_iam_role_policy_attachment.cni_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | | [aws_iam_role_policy_attachment.eks_kms_cluster_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | @@ -172,6 +173,7 @@ In this module, we have implemented the following CIS Compliance checks for EKS: | [aws_iam_role_policy_attachment.node_autoscaler_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | | [aws_launch_template.eks_template](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_template) | resource | | [aws_ami.launch_template_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | +| [aws_iam_policy.S3Access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | | [aws_iam_policy.SSMManagedInstanceCore](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | | [template_file.launch_template_userdata](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) | data source | diff --git a/examples/complete/main.tf b/examples/complete/main.tf index d2816e6..4d450a7 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -147,24 +147,25 @@ module "eks" { } module "managed_node_group_production" { - source = "squareops/eks/aws//modules/managed-nodegroup" - depends_on = [module.vpc, module.eks] - name = "Infra" - min_size = 2 - max_size = 5 - desired_size = 2 - subnet_ids = [module.vpc.private_subnets[0]] - environment = local.environment - kms_key_arn = module.kms.key_arn - capacity_type = "ON_DEMAND" - ebs_volume_size = 50 - instance_types = ["t3a.large", "t2.large", "t2.xlarge", "t3.large", "m5.large"] - kms_policy_arn = module.eks.kms_policy_arn - eks_cluster_name = module.eks.cluster_name - default_addon_enabled = local.default_addon_enabled - worker_iam_role_name = module.eks.worker_iam_role_name - worker_iam_role_arn = module.eks.worker_iam_role_arn - eks_nodes_keypair_name = module.key_pair_eks.key_pair_name + source = "squareops/eks/aws//modules/managed-nodegroup" + depends_on = [module.vpc, module.eks] + name = "Infra" + min_size = 2 + max_size = 5 + desired_size = 2 + subnet_ids = [module.vpc.private_subnets[0]] + environment = local.environment + kms_key_arn = module.kms.key_arn + capacity_type = "ON_DEMAND" + ebs_volume_size = 50 + instance_types = ["t3a.large", "t2.large", "t2.xlarge", "t3.large", "m5.large"] + kms_policy_arn = module.eks.kms_policy_arn + eks_cluster_name = module.eks.cluster_name + default_addon_enabled = local.default_addon_enabled + worker_iam_role_name = module.eks.worker_iam_role_name + worker_iam_role_arn = module.eks.worker_iam_role_arn + managed_ng_pod_capacity = 90 + eks_nodes_keypair_name = module.key_pair_eks.key_pair_name k8s_labels = { "Addons-Services" = "true" } diff --git a/modules/managed-nodegroup/README.md b/modules/managed-nodegroup/README.md index 81e5c47..f9798ab 100644 --- a/modules/managed-nodegroup/README.md +++ b/modules/managed-nodegroup/README.md @@ -22,6 +22,7 @@ No requirements. |------|---------| | [aws](#provider\_aws) | n/a | | [template](#provider\_template) | n/a | +| [null](#provider\_null) | n/a | ## Modules @@ -31,11 +32,13 @@ No modules. | Name | Type | |------|------| +| [aws_eks_addon.managed_ng_addons](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon) | resource | | [aws_eks_node_group.managed_ng](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group) | resource | | [aws_launch_template.eks_template](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_template) | resource | +| [null_resource.update_vpc_cni_env_var](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [aws_ami.launch_template_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | | [aws_eks_cluster.eks](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source | -| [aws_iam_role.worker_iam_role_name](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_role) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | | [template_file.launch_template_userdata](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) | data source | ## Inputs @@ -68,6 +71,8 @@ No modules. | [worker\_iam\_role\_name](#input\_worker\_iam\_role\_name) | The name of the EKS Worker IAM role. | `string` | `""` | no | | [ipv6\_enabled](#input\_ipv6\_enabled) | Whether IPv6 enabled or not | `bool` | `false` | no | | [default\_addon\_enabled](#input\_default\_addon\_enabled) | Enable default addon(VPC-CNI, AWS-EBS-CSI-DRIVER) with Cluster creation | `bool` | `false` | no | +| [managed\_ng\_pod\_capacity](#input\_managed\_ng\_pod\_capacity) | Maximum number of pods you want to schedule on one node. This value should not exceed 110. | `number` | `70` | no | +| [addons](#input\_addons) | n/a | 
map(object({
    name    = string
    version = string
  }))
| 
{
  "coredns": {
    "name": "coredns",
    "version": "v1.10.1-eksbuild.4"
  },
  "ebs_csi": {
    "name": "aws-ebs-csi-driver",
    "version": "v1.28.0-eksbuild.1"
  },
  "kube_proxy": {
    "name": "kube-proxy",
    "version": "v1.27.6-eksbuild.2"
  },
  "vpc_cni": {
    "name": "vpc-cni",
    "version": "v1.16.4-eksbuild.2"
  }
}
| no | ## Outputs diff --git a/modules/managed-nodegroup/main.tf b/modules/managed-nodegroup/main.tf index 1cfa843..171dc53 100644 --- a/modules/managed-nodegroup/main.tf +++ b/modules/managed-nodegroup/main.tf @@ -2,6 +2,8 @@ data "aws_eks_cluster" "eks" { name = var.eks_cluster_name } +data "aws_region" "current" {} + data "aws_ami" "launch_template_ami" { owners = ["602401143452"] most_recent = true @@ -21,6 +23,7 @@ data "template_file" "launch_template_userdata" { cluster_auth_base64 = data.aws_eks_cluster.eks.certificate_authority[0].data image_low_threshold_percent = var.image_low_threshold_percent image_high_threshold_percent = var.image_high_threshold_percent + managed_ng_pod_capacity = var.managed_ng_pod_capacity } } @@ -89,4 +92,26 @@ resource "aws_eks_node_group" "managed_ng" { Name = format("%s-%s-%s", var.environment, var.name, "ng") Environment = var.environment } -} \ No newline at end of file +} + +resource "aws_eks_addon" "managed_ng_addons" { + depends_on = [aws_eks_node_group.managed_ng] + for_each = var.addons + cluster_name = var.eks_cluster_name + addon_name = each.value.name + addon_version = each.value.version + resolve_conflicts_on_create = "OVERWRITE" +} + +resource "null_resource" "update_vpc_cni_env_var" { + depends_on = [aws_eks_addon.managed_ng_addons["vpc_cni"]] + + provisioner "local-exec" { + command = <<-EOF + aws eks update-kubeconfig --name ${var.eks_cluster_name} --region ${data.aws_region.current.name} && + kubectl set env daemonset aws-node -n kube-system ENABLE_PREFIX_DELEGATION=true && + kubectl set env daemonset aws-node -n kube-system WARM_PREFIX_TARGET=1 && + kubectl set env daemonset aws-node -n kube-system WARM_ENI_TARGET=1 + EOF + } +} diff --git a/modules/managed-nodegroup/templates/custom-bootstrap-script.sh.tpl b/modules/managed-nodegroup/templates/custom-bootstrap-script.sh.tpl index 9eb271a..03498d3 100644 --- a/modules/managed-nodegroup/templates/custom-bootstrap-script.sh.tpl +++ b/modules/managed-nodegroup/templates/custom-bootstrap-script.sh.tpl @@ -25,7 +25,7 @@ fi yum update -y && yum install vim wget curl -y -/etc/eks/bootstrap.sh '${cluster_name}' --apiserver-endpoint '${endpoint}' --b64-cluster-ca '${cluster_auth_base64}' +/etc/eks/bootstrap.sh '${cluster_name}' --apiserver-endpoint '${endpoint}' --b64-cluster-ca '${cluster_auth_base64}' --use-max-pods false --kubelet-extra-args '--max-pods=${managed_ng_pod_capacity}' --==MYBOUNDARY==-- diff --git a/modules/managed-nodegroup/variables.tf b/modules/managed-nodegroup/variables.tf index 0dacab4..72507eb 100644 --- a/modules/managed-nodegroup/variables.tf +++ b/modules/managed-nodegroup/variables.tf @@ -154,3 +154,34 @@ variable "default_addon_enabled" { default = false type = bool } + +variable "managed_ng_pod_capacity" { + description = "Maximum number of pods you want to schedule on one node. This value should not exceed 110." + default = 70 + type = number +} + +variable "addons" { + type = map(object({ + name = string + version = string + })) + default = { + coredns = { + name = "coredns" + version = "v1.10.1-eksbuild.4" + } + vpc_cni = { + name = "vpc-cni" + version = "v1.16.4-eksbuild.2" + } + kube_proxy = { + name = "kube-proxy" + version = "v1.27.6-eksbuild.2" + } + ebs_csi = { + name = "aws-ebs-csi-driver" + version = "v1.28.0-eksbuild.1" + } + } +} From c3aa0a4debb3f771d0b21a1ac8bf33dc6d279cf3 Mon Sep 17 00:00:00 2001 From: Rohit Singh <107384244+RohitSquareops@users.noreply.github.com> Date: Tue, 19 Mar 2024 16:21:34 +0530 Subject: [PATCH 2/5] updated code structure --- README.md | 1 + examples/complete-ipv6/main.tf | 1 + main.tf | 15 +++++++++++++++ .../templates/custom-bootstrap-scriptipv6.sh.tpl | 2 +- modules/managed-nodegroup/variables.tf | 15 ++++++++------- 5 files changed, 26 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 3892143..210586a 100644 --- a/README.md +++ b/README.md @@ -81,6 +81,7 @@ module "managed_node_group_production" { worker_iam_role_name = module.eks.worker_iam_role_name worker_iam_role_arn = module.eks.worker_iam_role_arn default_addon_enabled = true + managed_ng_pod_capacity= 90 eks_nodes_keypair_name = "key-pair-name" k8s_labels = { "Addons-Services" = "true" diff --git a/examples/complete-ipv6/main.tf b/examples/complete-ipv6/main.tf index 86832b0..b1b95cc 100644 --- a/examples/complete-ipv6/main.tf +++ b/examples/complete-ipv6/main.tf @@ -169,6 +169,7 @@ module "managed_node_group_production" { kms_policy_arn = module.eks.kms_policy_arn eks_cluster_name = module.eks.cluster_name default_addon_enabled = local.default_addon_enabled + managed_ng_pod_capacity= 90 worker_iam_role_name = module.eks.worker_iam_role_name worker_iam_role_arn = module.eks.worker_iam_role_arn eks_nodes_keypair_name = module.key_pair_eks.key_pair_name diff --git a/main.tf b/main.tf index 458107c..bf83487 100644 --- a/main.tf +++ b/main.tf @@ -1,3 +1,5 @@ +data "aws_region" "current" {} + module "eks_addon" { count = var.default_addon_enabled ? 1 : 0 source = "terraform-aws-modules/eks/aws" @@ -50,6 +52,19 @@ module "eks_addon" { } } +resource "null_resource" "update_vpc_cni_prifix" { + count = var.default_addon_enabled ? 1 : 0 + depends_on = [module.eks_addon] + provisioner "local-exec" { + command = <<-EOF + aws eks update-kubeconfig --name ${module.eks[0].cluster_name} --region ${data.aws_region.current.name} && + kubectl set env daemonset aws-node -n kube-system ENABLE_PREFIX_DELEGATION=true && + kubectl set env daemonset aws-node -n kube-system WARM_PREFIX_TARGET=1 && + kubectl set env daemonset aws-node -n kube-system WARM_ENI_TARGET=1 + EOF + } +} + module "eks" { count = var.default_addon_enabled ? 0 : 1 source = "terraform-aws-modules/eks/aws" diff --git a/modules/managed-nodegroup/templates/custom-bootstrap-scriptipv6.sh.tpl b/modules/managed-nodegroup/templates/custom-bootstrap-scriptipv6.sh.tpl index ab0cce2..a463049 100644 --- a/modules/managed-nodegroup/templates/custom-bootstrap-scriptipv6.sh.tpl +++ b/modules/managed-nodegroup/templates/custom-bootstrap-scriptipv6.sh.tpl @@ -19,4 +19,4 @@ fi yum update -y yum install -y vim wget curl -/etc/eks/bootstrap.sh '${cluster_name}' --apiserver-endpoint '${endpoint}' --b64-cluster-ca '${cluster_auth_base64}' --ip-family ipv6 --service-ipv6-cidr $(aws eks describe-cluster --name=${cluster_name} --output=text --query 'cluster.{serviceIpv6Cidr: kubernetesNetworkConfig.serviceIpv6Cidr}') +/etc/eks/bootstrap.sh '${cluster_name}' --apiserver-endpoint '${endpoint}' --b64-cluster-ca '${cluster_auth_base64}' --use-max-pods false --kubelet-extra-args '--max-pods=${managed_ng_pod_capacity}' diff --git a/modules/managed-nodegroup/variables.tf b/modules/managed-nodegroup/variables.tf index 72507eb..7561746 100644 --- a/modules/managed-nodegroup/variables.tf +++ b/modules/managed-nodegroup/variables.tf @@ -162,16 +162,17 @@ variable "managed_ng_pod_capacity" { } variable "addons" { - type = map(object({ - name = string - version = string + description = "A map variable representing various Kubernetes add-ons with their respective name and version." + type = map(object({ + name = string + version = string })) - default = { - coredns = { + default = { + coredns = { name = "coredns" version = "v1.10.1-eksbuild.4" } - vpc_cni = { + vpc_cni = { name = "vpc-cni" version = "v1.16.4-eksbuild.2" } @@ -179,7 +180,7 @@ variable "addons" { name = "kube-proxy" version = "v1.27.6-eksbuild.2" } - ebs_csi = { + ebs_csi = { name = "aws-ebs-csi-driver" version = "v1.28.0-eksbuild.1" } From 6384120ff46a3fef81199efc9ea6ccce2496af9f Mon Sep 17 00:00:00 2001 From: Rohit Singh <107384244+RohitSquareops@users.noreply.github.com> Date: Wed, 20 Mar 2024 13:50:09 +0530 Subject: [PATCH 3/5] updated structure --- main.tf | 5 +++-- variables.tf | 6 ++++++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index bf83487..7162b7e 100644 --- a/main.tf +++ b/main.tf @@ -52,12 +52,12 @@ module "eks_addon" { } } -resource "null_resource" "update_vpc_cni_prifix" { +resource "null_resource" "update_cni_prifix" { count = var.default_addon_enabled ? 1 : 0 depends_on = [module.eks_addon] provisioner "local-exec" { command = <<-EOF - aws eks update-kubeconfig --name ${module.eks[0].cluster_name} --region ${data.aws_region.current.name} && + aws eks update-kubeconfig --name ${module.eks_addons[0].cluster_name} --region ${data.aws_region.current.name} && kubectl set env daemonset aws-node -n kube-system ENABLE_PREFIX_DELEGATION=true && kubectl set env daemonset aws-node -n kube-system WARM_PREFIX_TARGET=1 && kubectl set env daemonset aws-node -n kube-system WARM_ENI_TARGET=1 @@ -271,6 +271,7 @@ data "template_file" "launch_template_userdata" { cluster_auth_base64 = module.eks_addon[0].cluster_certificate_authority_data image_low_threshold_percent = var.image_low_threshold_percent image_high_threshold_percent = var.image_high_threshold_percent + managed_ng_pod_capacity = var.managed_ng_pod_capacity } } diff --git a/variables.tf b/variables.tf index 08583a5..7fc7f81 100644 --- a/variables.tf +++ b/variables.tf @@ -220,3 +220,9 @@ variable "worker_iam_role_name" { type = string default = "" } + +variable "managed_ng_pod_capacity" { + description = "Maximum number of pods you want to schedule on one node. This value should not exceed 110." + default = 70 + type = number +} \ No newline at end of file From 88b42e75f7288565b63e62b8185e58965f13557c Mon Sep 17 00:00:00 2001 From: Rohit Singh <107384244+RohitSquareops@users.noreply.github.com> Date: Wed, 20 Mar 2024 13:53:49 +0530 Subject: [PATCH 4/5] Updated example reference --- examples/complete/main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 4d450a7..29080e2 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -118,6 +118,7 @@ module "eks" { cluster_endpoint_public_access = true cluster_endpoint_public_access_cidrs = ["0.0.0.0/0"] create_aws_auth_configmap = true + managed_ng_pod_capacity = 90 default_addon_enabled = local.default_addon_enabled eks_nodes_keypair_name = module.key_pair_eks.key_pair_name aws_auth_roles = [ From aa4e638fc5e81c5a781dabdf46da3f1bf1d49e61 Mon Sep 17 00:00:00 2001 From: devops0706 Date: Wed, 20 Mar 2024 13:57:55 +0530 Subject: [PATCH 5/5] run precommit --- README.md | 4 +++ examples/complete-ipv6/main.tf | 38 +++++++++++++------------- modules/managed-nodegroup/README.md | 2 +- modules/managed-nodegroup/variables.tf | 14 +++++----- variables.tf | 2 +- 5 files changed, 32 insertions(+), 28 deletions(-) diff --git a/README.md b/README.md index 210586a..7678e66 100644 --- a/README.md +++ b/README.md @@ -145,6 +145,7 @@ In this module, we have implemented the following CIS Compliance checks for EKS: | Name | Version | |------|---------| +| [null](#provider\_null) | n/a | | [aws](#provider\_aws) | >= 4.47 | | [template](#provider\_template) | n/a | @@ -173,9 +174,11 @@ In this module, we have implemented the following CIS Compliance checks for EKS: | [aws_iam_role_policy_attachment.eks_worker_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | | [aws_iam_role_policy_attachment.node_autoscaler_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | | [aws_launch_template.eks_template](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_template) | resource | +| [null_resource.update_cni_prifix](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | | [aws_ami.launch_template_ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source | | [aws_iam_policy.S3Access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | | [aws_iam_policy.SSMManagedInstanceCore](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source | | [template_file.launch_template_userdata](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) | data source | ## Inputs @@ -219,6 +222,7 @@ In this module, we have implemented the following CIS Compliance checks for EKS: | [k8s\_labels](#input\_k8s\_labels) | Labels to be applied to the Kubernetes node groups. | `map(any)` | `{}` | no | | [worker\_iam\_role\_arn](#input\_worker\_iam\_role\_arn) | The ARN of the worker role for EKS. | `string` | `""` | no | | [worker\_iam\_role\_name](#input\_worker\_iam\_role\_name) | The name of the EKS Worker IAM role. | `string` | `""` | no | +| [managed\_ng\_pod\_capacity](#input\_managed\_ng\_pod\_capacity) | Maximum number of pods you want to schedule on one node. This value should not exceed 110. | `number` | `70` | no | ## Outputs diff --git a/examples/complete-ipv6/main.tf b/examples/complete-ipv6/main.tf index b1b95cc..d4ae54f 100644 --- a/examples/complete-ipv6/main.tf +++ b/examples/complete-ipv6/main.tf @@ -154,25 +154,25 @@ module "eks" { } module "managed_node_group_production" { - source = "squareops/eks/aws//modules/managed-nodegroup" - depends_on = [module.vpc, module.eks] - name = "Infra" - min_size = 1 - max_size = 3 - desired_size = 1 - subnet_ids = [module.vpc.private_subnets[0]] - environment = local.environment - kms_key_arn = module.kms.key_arn - capacity_type = "ON_DEMAND" - ebs_volume_size = 50 - instance_types = ["t3a.large", "t3.large", "m5.large"] - kms_policy_arn = module.eks.kms_policy_arn - eks_cluster_name = module.eks.cluster_name - default_addon_enabled = local.default_addon_enabled - managed_ng_pod_capacity= 90 - worker_iam_role_name = module.eks.worker_iam_role_name - worker_iam_role_arn = module.eks.worker_iam_role_arn - eks_nodes_keypair_name = module.key_pair_eks.key_pair_name + source = "squareops/eks/aws//modules/managed-nodegroup" + depends_on = [module.vpc, module.eks] + name = "Infra" + min_size = 1 + max_size = 3 + desired_size = 1 + subnet_ids = [module.vpc.private_subnets[0]] + environment = local.environment + kms_key_arn = module.kms.key_arn + capacity_type = "ON_DEMAND" + ebs_volume_size = 50 + instance_types = ["t3a.large", "t3.large", "m5.large"] + kms_policy_arn = module.eks.kms_policy_arn + eks_cluster_name = module.eks.cluster_name + default_addon_enabled = local.default_addon_enabled + managed_ng_pod_capacity = 90 + worker_iam_role_name = module.eks.worker_iam_role_name + worker_iam_role_arn = module.eks.worker_iam_role_arn + eks_nodes_keypair_name = module.key_pair_eks.key_pair_name k8s_labels = { "Addon-Services" = "true" } diff --git a/modules/managed-nodegroup/README.md b/modules/managed-nodegroup/README.md index f9798ab..9b343bb 100644 --- a/modules/managed-nodegroup/README.md +++ b/modules/managed-nodegroup/README.md @@ -72,7 +72,7 @@ No modules. | [ipv6\_enabled](#input\_ipv6\_enabled) | Whether IPv6 enabled or not | `bool` | `false` | no | | [default\_addon\_enabled](#input\_default\_addon\_enabled) | Enable default addon(VPC-CNI, AWS-EBS-CSI-DRIVER) with Cluster creation | `bool` | `false` | no | | [managed\_ng\_pod\_capacity](#input\_managed\_ng\_pod\_capacity) | Maximum number of pods you want to schedule on one node. This value should not exceed 110. | `number` | `70` | no | -| [addons](#input\_addons) | n/a | 
map(object({
    name    = string
    version = string
  }))
| 
{
  "coredns": {
    "name": "coredns",
    "version": "v1.10.1-eksbuild.4"
  },
  "ebs_csi": {
    "name": "aws-ebs-csi-driver",
    "version": "v1.28.0-eksbuild.1"
  },
  "kube_proxy": {
    "name": "kube-proxy",
    "version": "v1.27.6-eksbuild.2"
  },
  "vpc_cni": {
    "name": "vpc-cni",
    "version": "v1.16.4-eksbuild.2"
  }
}
| no | +| [addons](#input\_addons) | A map variable representing various Kubernetes add-ons with their respective name and version. | 
map(object({
    name    = string
    version = string
  }))
| 
{
  "coredns": {
    "name": "coredns",
    "version": "v1.10.1-eksbuild.4"
  },
  "ebs_csi": {
    "name": "aws-ebs-csi-driver",
    "version": "v1.28.0-eksbuild.1"
  },
  "kube_proxy": {
    "name": "kube-proxy",
    "version": "v1.27.6-eksbuild.2"
  },
  "vpc_cni": {
    "name": "vpc-cni",
    "version": "v1.16.4-eksbuild.2"
  }
}
| no | ## Outputs diff --git a/modules/managed-nodegroup/variables.tf b/modules/managed-nodegroup/variables.tf index 7561746..fa2f2ef 100644 --- a/modules/managed-nodegroup/variables.tf +++ b/modules/managed-nodegroup/variables.tf @@ -163,16 +163,16 @@ variable "managed_ng_pod_capacity" { variable "addons" { description = "A map variable representing various Kubernetes add-ons with their respective name and version." - type = map(object({ - name = string - version = string + type = map(object({ + name = string + version = string })) - default = { - coredns = { + default = { + coredns = { name = "coredns" version = "v1.10.1-eksbuild.4" } - vpc_cni = { + vpc_cni = { name = "vpc-cni" version = "v1.16.4-eksbuild.2" } @@ -180,7 +180,7 @@ variable "addons" { name = "kube-proxy" version = "v1.27.6-eksbuild.2" } - ebs_csi = { + ebs_csi = { name = "aws-ebs-csi-driver" version = "v1.28.0-eksbuild.1" } diff --git a/variables.tf b/variables.tf index 7fc7f81..d7d730d 100644 --- a/variables.tf +++ b/variables.tf @@ -225,4 +225,4 @@ variable "managed_ng_pod_capacity" { description = "Maximum number of pods you want to schedule on one node. This value should not exceed 110." default = 70 type = number -} \ No newline at end of file +}