Configurable local exec command for waiting until cluster is healthy (#701)

* Configurable local exec command for waiting until cluster is healthy * readme * line feeds * format * fix readme * fix readme * Configurable local exec command for waiting until cluster is healthy (#1) * Configurable local exec command for waiting until cluster is healthy * readme * line feeds * format * fix readme * fix readme * change log * Configurable local exec wait 4 cluster op (#2) * Configurable local exec command for waiting until cluster is healthy * readme * line feeds * format * fix readme * fix readme * change log * changelog (#3) * Changelog (#4) * changelog * changelog * simplify wait_for_cluster command * readme * no op for manage auth false * formatting * docs? not sure * linter * specify dependency to wait for cluster more accurately
2026-01-16 08:37:18 +01:00 · 2020-01-27 10:29:24 -05:00
parent 317b9481ad
commit 905d9f05a9
5 changed files with 20 additions and 10 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,7 +9,7 @@ project adheres to [Semantic Versioning](http://semver.org/).

 ## [[v8.?.?](https://github.com/terraform-aws-modules/terraform-aws-eks/compare/v8.1.0...HEAD)] - YYYY-MM-DD]

- Write your awesome change here (by @you)
+- Include ability to configure custom os-specific command for waiting until kube cluster is healthy (@sanjeevgiri)

 # History

--- a/README.md
+++ b/README.md
@@ -174,7 +174,6 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | kubeconfig_aws_authenticator_command_args | Default arguments passed to the authenticator command. Defaults to [token -i $cluster_name]. | list(string) | `[]` | no |
 | kubeconfig_aws_authenticator_env_variables | Environment variables that should be used when executing the authenticator. e.g. { AWS_PROFILE = "eks"}. | map(string) | `{}` | no |
 | kubeconfig_name | Override the default name used for items kubeconfig. | string | `""` | no |
-| local_exec_interpreter | Command to run for local-exec resources. Must be a shell-style interpreter. If you are on Windows Git Bash is a good choice. | list(string) | `[ "/bin/sh", "-c" ]` | no |
 | manage_aws_auth | Whether to apply the aws-auth configmap file. | string | `"true"` | no |
 | manage_cluster_iam_resources | Whether to let the module manage cluster IAM resources. If set to false, cluster_iam_role_name must be specified. | bool | `"true"` | no |
 | manage_worker_autoscaling_policy | Whether to let the module manage the cluster autoscaling iam policy. | bool | `"true"` | no |
@@ -188,6 +187,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | subnets | A list of subnets to place the EKS cluster and workers within. | list(string) | n/a | yes |
 | tags | A map of tags to add to all resources. | map(string) | `{}` | no |
 | vpc_id | VPC where the cluster and workers will be deployed. | string | n/a | yes |
+| wait_for_cluster_cmd | Custom local-exec command to execute for determining if the eks cluster is healthy. Cluster endpoint will be available as an environment variable called ENDPOINT | string | `"until curl -k -s $ENDPOINT/healthz \u003e/dev/null; do sleep 4; done"` | no |
 | worker_additional_security_group_ids | A list of additional security group ids to attach to worker instances | list(string) | `[]` | no |
 | worker_ami_name_filter | Name filter for AWS EKS worker AMI. If not provided, the latest official AMI for the specified 'cluster_version' is used. | string | `""` | no |
 | worker_ami_name_filter_windows | Name filter for AWS EKS Windows worker AMI. If not provided, the latest official AMI for the specified 'cluster_version' is used. | string | `""` | no |
--- a/aws_auth.tf
+++ b/aws_auth.tf
@@ -50,8 +50,8 @@ data "template_file" "node_group_arns" {
 }

 resource "kubernetes_config_map" "aws_auth" {
-  depends_on = [aws_eks_cluster.this]
  count      = var.create_eks && var.manage_aws_auth ? 1 : 0
+  depends_on = [null_resource.wait_for_cluster[0]]

  metadata {
    name      = "aws-auth"
--- a/cluster.tf
+++ b/cluster.tf
@@ -32,10 +32,20 @@ resource "aws_eks_cluster" "this" {
    aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy,
    aws_cloudwatch_log_group.this
  ]
+}
+
+resource "null_resource" "wait_for_cluster" {
+  count = var.manage_aws_auth ? 1 : 0
+
+  depends_on = [
+    aws_eks_cluster.this[0]
+  ]
+
  provisioner "local-exec" {
-    command = <<EOT
-    until curl -k -s ${aws_eks_cluster.this[0].endpoint}/healthz >/dev/null; do sleep 4; done
-  EOT
+    command = var.wait_for_cluster_cmd
+    environment = {
+      ENDPOINT = aws_eks_cluster.this[0].endpoint
+    }
  }
 }

--- a/variables.tf
+++ b/variables.tf
@@ -198,10 +198,10 @@ variable "cluster_delete_timeout" {
  default     = "15m"
 }

-variable "local_exec_interpreter" {
-  description = "Command to run for local-exec resources. Must be a shell-style interpreter. If you are on Windows Git Bash is a good choice."
-  type        = list(string)
-  default     = ["/bin/sh", "-c"]
+variable "wait_for_cluster_cmd" {
+  description = "Custom local-exec command to execute for determining if the eks cluster is healthy. Cluster endpoint will be available as an environment variable called ENDPOINT"
+  type        = string
+  default     = "until curl -k -s $ENDPOINT/healthz >/dev/null; do sleep 4; done"
 }

 variable "worker_create_initial_lifecycle_hooks" {