fix: Ensure the correct service CIDR and IP family is used in the rendered user data (#2963)

* fix: Ensuring the correct service CIDR and IP family is used in the rendered user data * chore: Updates from testing and validating * chore: Fix example destroy instructions * fix: Only require `cluster_service_cidr` when `create = true` * chore: Clean up commented out code and add note on check length
2026-03-24 02:11:04 +01:00 · 2024-03-12 10:36:19 -04:00
parent 907f70cffd
commit aeb9f0c990
55 changed files with 384 additions and 148 deletions
--- a/modules/_user_data/main.tf
+++ b/modules/_user_data/main.tf
@@ -1,3 +1,17 @@
+# The `cluster_service_cidr` is required when `create == true`
+# This is a hacky way to make that logic work, otherwise Terraform always wants a value
+# and supplying any old value like `""` or `null` is not valid and will silently
+# fail to join nodes to the cluster
+resource "null_resource" "validate_cluster_service_cidr" {
+  lifecycle {
+    precondition {
+      # The length 6 is currently arbitrary, but it's a safe bet that the CIDR will be longer than that
+      # The main point is that a value needs to be provided when `create = true`
+      condition     = var.create ? length(local.cluster_service_cidr) > 6 : true
+      error_message = "`cluster_service_cidr` is required when `create = true`."
+    }
+  }
+}

 locals {
  template_path = {
@@ -7,6 +21,8 @@ locals {
    windows      = "${path.module}/../../templates/windows_user_data.tpl"
  }

+  cluster_service_cidr = try(coalesce(var.cluster_service_ipv4_cidr, var.cluster_service_cidr), "")
+
  user_data = base64encode(templatefile(
    coalesce(var.user_data_template_path, local.template_path[var.platform]),
    {
@@ -18,14 +34,15 @@ locals {
      cluster_endpoint    = var.cluster_endpoint
      cluster_auth_base64 = var.cluster_auth_base64

-      # Required by AL2023
-      cluster_service_cidr = var.cluster_service_cidr
+      cluster_service_cidr = local.cluster_service_cidr
+      cluster_ip_family    = var.cluster_ip_family
+      # Bottlerocket
+      cluster_dns_ip = try(cidrhost(local.cluster_service_cidr, 10), "")

      # Optional
-      cluster_service_ipv4_cidr = var.cluster_service_ipv4_cidr != null ? var.cluster_service_ipv4_cidr : ""
-      bootstrap_extra_args      = var.bootstrap_extra_args
-      pre_bootstrap_user_data   = var.pre_bootstrap_user_data
-      post_bootstrap_user_data  = var.post_bootstrap_user_data
+      bootstrap_extra_args     = var.bootstrap_extra_args
+      pre_bootstrap_user_data  = var.pre_bootstrap_user_data
+      post_bootstrap_user_data = var.post_bootstrap_user_data
    }
  ))