github-mirrors/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/ysoftdevs/terraform-aws-eks.git synced 2026-03-30 14:11:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix idempotency with node group remote_access block (#625)

Browse Source 
* add kubernetes provider configuration for managed_node_groups example

* use dynamic block for remote_access

* update changelog
This commit is contained in:
Jeff Hastings
2019-12-11 11:50:09 -05:00
committed by Max Williams
parent 7824e8b263
commit 11d8ee8631
3 changed files with 30 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -18,6 +18,7 @@ project adheres to [Semantic Versioning](http://semver.org/).
- Fix deprecated interpolation-only expression (by @angelabad) - Fix deprecated interpolation-only expression (by @angelabad)
- Updated required version of AWS Provider to >= v2.38.0 for Managed Node Groups (by @wmorgan6796) - Updated required version of AWS Provider to >= v2.38.0 for Managed Node Groups (by @wmorgan6796)
- Updated minimum version of Terraform to avoid a bug (by @dpiddockcmp) - Updated minimum version of Terraform to avoid a bug (by @dpiddockcmp)
- Fix idempotency issues for node groups with no remote_access configuration (by @jeffmhastings)
#### Important notes #### Important notes

16
examples/managed_node_groups/main.tf
View File

@@ -23,6 +23,22 @@ provider "template" {
version = "~> 2.1" version = "~> 2.1"
} }
data "aws_eks_cluster" "cluster" {
name = module.eks.cluster_id
}
data "aws_eks_cluster_auth" "cluster" {
name = module.eks.cluster_id
}
provider "kubernetes" {
host = data.aws_eks_cluster.cluster.endpoint
cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
token = data.aws_eks_cluster_auth.cluster.token
load_config_file = false
version = "~> 1.10"
}
data "aws_availability_zones" "available" { data "aws_availability_zones" "available" {
} }

17
node_groups.tf
View File

@@ -87,10 +87,19 @@ resource "aws_eks_node_group" "workers" {
labels = lookup(each.value, "node_group_k8s_labels", null) labels = lookup(each.value, "node_group_k8s_labels", null)
release_version = lookup(each.value, "ami_release_version", null) release_version = lookup(each.value, "ami_release_version", null)
# This sometimes breaks idempotency as described in https://github.com/terraform-providers/terraform-provider-aws/issues/11063 dynamic "remote_access" {
remote_access { for_each = [
ec2_ssh_key = lookup(each.value, "key_name", "") != "" ? each.value["key_name"] : null for node_group in [each.value] : {
source_security_group_ids = lookup(each.value, "key_name", "") != "" ? lookup(each.value, "source_security_group_ids", []) : null ec2_ssh_key = node_group["key_name"]
source_security_group_ids = lookup(node_group, "source_security_group_ids", [])
}
if lookup(node_group, "key_name", "") != ""
]
content {
ec2_ssh_key = remote_access.value["ec2_ssh_key"]
source_security_group_ids = remote_access.value["source_security_group_ids"]
}
} }
version = aws_eks_cluster.this[0].version version = aws_eks_cluster.this[0].version