* Support adding additional cluster dns ranges to bottlerocket template
* Add example for multiple dns ips
* fmt, and tf docs
* fix: Use a list by default for cluster-dns-ip
---------
Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
* fix: Ensuring the correct service CIDR and IP family is used in the rendered user data
* chore: Updates from testing and validating
* chore: Fix example destroy instructions
* fix: Only require `cluster_service_cidr` when `create = true`
* chore: Clean up commented out code and add note on check length
* fix: Update AWS provider version to support `AL2023_*` AMI types
* fix: Ensure the cluster service CIDR is passed to the AL2023 user data where its required
* feat: Replace `resolve_conflicts` with `resolve_conflicts_on_create`/`delete`; raise MSV of AWS provider to `v5.0` to support
* fix: Replace dynamic DNS suffix for `sts:AssumeRole` API calls for static suffix
* feat: Add module tag
* feat: Align Karpenter permissions with Karpenter v1beta1/v0.32 permissions from upstream
* refactor: Move `aws-auth` ConfigMap functionality to its own sub-module
* chore: Update examples
* feat: Add state `moved` block for Karpenter Pod Identity role re-name
* fix: Correct variable `create` description
* feat: Add support for cluster access entries
* chore: Bump MSV of Terraform to `1.3`
* fix: Replace defunct kubectl provider with an updated forked equivalent
* chore: Update and validate examples for access entry; clean up provider usage
* docs: Correct double redundant variable descriptions
* feat: Add support for Cloudwatch log group class argument
* fix: Update usage tag placement, fix Karpenter event spelling, add upcoming changes section to upgrade guide
* feat: Update Karpenter module to generalize naming used and align policy with the upstream Karpenter policy
* feat: Add native support for Windows based managed nodegroups similar to AL2 and Bottlerocket
* feat: Update self-managed nodegroup module to use latest features of ASG
* docs: Update and simplify docs
* fix: Correct variable description for AMI types
* fix: Update upgrade guide with changes; rename Karpenter controller resource names to support migrating for users
* docs: Complete upgrade guide docs for migration and changes applied
* Update examples/karpenter/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* Update examples/outposts/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* Update modules/karpenter/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
---------
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
In order to be a text file according to POSIX, file needs to be composed of
text lines. Text line is defined as sequence of characters ending in \n. Sadly,
`~}` did strip everything including the \n, so the kubeconfing did not end
with a new line. Output empty string at the end to make sure of it.
* Remove template_file for generating kubeconfig
Push logic from terraform down to the template. Makes the formatting
slightly easier to follow
* Remove template_file for generating userdata
Updates to the eks_cluster now do not trigger recreation of launch
configurations
* Remove template_file for LT userdata
* Remove template dependency
This commit changes the way aws auth is managed. Before a local file
was used the generate the template and a null resource to apply it. This
is now switched to the terraform kubernetes provider.
* Add Windows support
* Assign eks:kube-proxy-windows group to worker nodes
* Add Instructions for adding Windows Workers at FAQ.md
* Remove unnecessary variables from userdata_windows.tpl
* Update CHANGELOG.md
* Support map users and roles to multiple groups
* Simplify code by rename `user_arn` to `userarn`, `role_arn` to `rolearn`
* Next version should be 6.x because PR this is a breaking change.
* Update example variables.tf
* Change indent to 2
* Fix map-aws-auth.yaml maybe invalid yaml.
* allow creating an IAM role for each worker group
* moved change from 'changed' to 'added'
* create multiple roles not just profiles
* fix config_map_aws_auth generation
* don't duplicate worker-role templating
* specify ARNs for worker groups individually
todo fix aws_auth configmap
* fixed AWS auth
* fix aws_iam_instance_profile.workers name
fix iam_instance_profile fallback
* fix outputs
* fix iam_instance_profile calculation
* hopefully fix aws auth configmap generation
* manually fill out remainder of arn
* remove depends_on in worker_role_arns template file
this was causing resources to be recreated every time
* fmt
* fix typo, move iam_role_id default to defaults map
