feat: Enable update in place for node groups with cluster placement group strategy (#3045)

* feat(eks):added subnet az filter for eks nodegroup placement groups * fix: Correct logice for restricting placement group to AZ * fix: Ensure node group args are passed from root module --------- Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
2026-04-30 20:34:37 +02:00 · 2024-08-05 23:13:39 +08:00
parent bfa5821113
commit 75db486530
8 changed files with 97 additions and 25 deletions
--- a/modules/eks-managed-node-group/README.md
+++ b/modules/eks-managed-node-group/README.md
@@ -97,7 +97,7 @@ module "eks_managed_node_group" {
 | [aws_iam_policy_document.role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
 | [aws_ssm_parameter.ami](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ssm_parameter) | data source |
-| [aws_subnets.efa](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source |
+| [aws_subnets.placement_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets) | data source |

 ## Inputs

@@ -169,6 +169,7 @@ module "eks_managed_node_group" {
 | <a name="input_name"></a> [name](#input\_name) | Name of the EKS managed node group | `string` | `""` | no |
 | <a name="input_network_interfaces"></a> [network\_interfaces](#input\_network\_interfaces) | Customize network interfaces to be attached at instance boot time | `list(any)` | `[]` | no |
 | <a name="input_placement"></a> [placement](#input\_placement) | The placement of the instance | `map(string)` | `{}` | no |
+| <a name="input_placement_group_az"></a> [placement\_group\_az](#input\_placement\_group\_az) | Availability zone where placement group is created (ex. `eu-west-1c`) | `string` | `null` | no |
 | <a name="input_placement_group_strategy"></a> [placement\_group\_strategy](#input\_placement\_group\_strategy) | The placement group strategy | `string` | `"cluster"` | no |
 | <a name="input_platform"></a> [platform](#input\_platform) | [DEPRECATED - use `ami_type` instead. Will be removed in `v21.0`] Identifies the OS platform as `bottlerocket`, `linux` (AL2), `al2023`, or `windows` | `string` | `"linux"` | no |
 | <a name="input_post_bootstrap_user_data"></a> [post\_bootstrap\_user\_data](#input\_post\_bootstrap\_user\_data) | User data that is appended to the user data script after of the EKS bootstrap script. Not used when `ami_type` = `BOTTLEROCKET_*` | `string` | `""` | no |
--- a/modules/eks-managed-node-group/main.tf
+++ b/modules/eks-managed-node-group/main.tf
@@ -39,6 +39,8 @@ data "aws_ec2_instance_type" "this" {
 }

 locals {
+  enable_efa_support = var.create && var.enable_efa_support
+
  efa_instance_type = try(element(var.instance_types, 0), "")
  num_network_cards = try(data.aws_ec2_instance_type.this[0].maximum_network_cards, 0)

@@ -52,7 +54,7 @@ locals {
    }
  ]

-  network_interfaces = var.enable_efa_support ? local.efa_network_interfaces : var.network_interfaces
+  network_interfaces = local.enable_efa_support ? local.efa_network_interfaces : var.network_interfaces
 }

 ################################################################################
@@ -63,7 +65,7 @@ locals {
  launch_template_name = coalesce(var.launch_template_name, "${var.name}-eks-node-group")
  security_group_ids   = compact(concat([var.cluster_primary_security_group_id], var.vpc_security_group_ids))

-  placement = var.create && (var.enable_efa_support || var.create_placement_group) ? { group_name = aws_placement_group.this[0].name } : var.placement
+  placement = local.create_placement_group ? { group_name = aws_placement_group.this[0].name } : var.placement
 }

 resource "aws_launch_template" "this" {
@@ -390,7 +392,7 @@ resource "aws_eks_node_group" "this" {
  # Required
  cluster_name  = var.cluster_name
  node_role_arn = var.create_iam_role ? aws_iam_role.this[0].arn : var.iam_role_arn
-  subnet_ids    = var.enable_efa_support ? data.aws_subnets.efa[0].ids : var.subnet_ids
+  subnet_ids    = local.create_placement_group ? data.aws_subnets.placement_group[0].ids : var.subnet_ids

  scaling_config {
    min_size     = var.min_size
@@ -605,8 +607,12 @@ resource "aws_iam_role_policy" "this" {
 # Placement Group
 ################################################################################

+locals {
+  create_placement_group = var.create && (local.enable_efa_support || var.create_placement_group)
+}
+
 resource "aws_placement_group" "this" {
-  count = var.create && (var.enable_efa_support || var.create_placement_group) ? 1 : 0
+  count = local.create_placement_group ? 1 : 0

  name     = "${var.cluster_name}-${var.name}"
  strategy = var.placement_group_strategy
@@ -624,8 +630,11 @@ resource "aws_placement_group" "this" {
 ################################################################################

 # Find the availability zones supported by the instance type
+# TODO - remove at next breaking change
+# Force users to be explicit about which AZ to use when using placement groups,
+# with or without EFA support
 data "aws_ec2_instance_type_offerings" "this" {
-  count = var.create && var.enable_efa_support ? 1 : 0
+  count = local.enable_efa_support ? 1 : 0

  filter {
    name   = "instance-type"
@@ -637,17 +646,31 @@ data "aws_ec2_instance_type_offerings" "this" {

 # Reverse the lookup to find one of the subnets provided based on the availability
 # availability zone ID of the queried instance type (supported)
-data "aws_subnets" "efa" {
-  count = var.create && var.enable_efa_support ? 1 : 0
+data "aws_subnets" "placement_group" {
+  count = local.create_placement_group ? 1 : 0

  filter {
    name   = "subnet-id"
    values = var.subnet_ids
  }

-  filter {
-    name   = "availability-zone-id"
-    values = data.aws_ec2_instance_type_offerings.this[0].locations
+  # The data source can lookup the first available AZ or you can specify an AZ (next filter)
+  dynamic "filter" {
+    for_each = var.enable_efa_support && var.placement_group_az == null ? [1] : []
+
+    content {
+      name   = "availability-zone-id"
+      values = data.aws_ec2_instance_type_offerings.this[0].locations
+    }
+  }
+
+  dynamic "filter" {
+    for_each = var.placement_group_az != null ? [var.placement_group_az] : []
+
+    content {
+      name   = "availability-zone"
+      values = [filter.value]
+    }
  }
 }

--- a/modules/eks-managed-node-group/variables.tf
+++ b/modules/eks-managed-node-group/variables.tf
@@ -303,6 +303,7 @@ variable "create_placement_group" {
  default     = false
 }

+# TODO - remove at next breaking change
 variable "placement_group_strategy" {
  description = "The placement group strategy"
  type        = string
@@ -337,6 +338,12 @@ variable "subnet_ids" {
  default     = null
 }

+variable "placement_group_az" {
+  description = "Availability zone where placement group is created (ex. `eu-west-1c`)"
+  type        = string
+  default     = null
+}
+
 variable "min_size" {
  description = "Minimum number of instances/nodes"
  type        = number