* WIP Move node_groups to a submodule
* Split the old node_groups file up
* Start moving locals
* Simplify IAM creation logic
* depends_on from the TF docs
* Wire in the variables
* Call module from parent
* Allow to customize the role name. As per workers
* aws_auth ConfigMap for node_groups
* Get the managed_node_groups example to plan
* Get the basic example to plan too
* create_eks = false works
"The true and false result expressions must have consistent types. The
given expressions are object and object, respectively."
Well, that's useful. But apparently set(string) and set() are ok. So
everything else is more complicated. Thanks.
* Update Changelog
* Update README
* Wire in node_groups_defaults
* Remove node_groups from workers_defaults_defaults
* Synchronize random and node_group defaults
* Error: "name_prefix" cannot be longer than 32
* Update READMEs again
* Fix double destroy
Was producing index errors when running destroy on an empty state.
* Remove duplicate iam_role in node_group
I think this logic works. Needs some testing with an externally created
role.
* Fix index fail if node group manually deleted
* Keep aws_auth template in top module
Downside: count causes issues as usual: can't use distinct() in the
child module so there's a template render for every node_group even if
only one role is really in use. Hopefully just output noise instead of
technical issue
* Hack to have node_groups depend on aws_auth etc
The AWS Node Groups create or edit the aws-auth ConfigMap so that nodes
can join the cluster. This breaks the kubernetes resource which cannot
do a force create. Remove the race condition with explicit depend.
Can't pull the IAM role out of the node_group any more.
* Pull variables via the random_pet to cut logic
No point having the same logic in two different places
* Pass all ForceNew variables through the pet
* Do a deep merge of NG labels and tags
* Update README.. again
* Additional managed node outputs #644
Add change from @TBeijin from PR #644
* Remove unused local
* Use more for_each
* Remove the change when create_eks = false
* Make documentation less confusing
* node_group version user configurable
* Pass through raw output from aws_eks_node_groups
* Merge workers defaults in the locals
This simplifies the random_pet and aws_eks_node_group logic. Which was
causing much consernation on the PR.
* Fix typo
Co-authored-by: Max Williams <max.williams@deliveryhero.com>
* Finished first cut of managed node groups
* Updated formatting and extra fields.
* Updating Changelog and README
* Fixing formatting
* Fixing docs.
* Updating required Version
* Updating changelog
* Adding example for managed node groups
* Managed IAM Roles for Nodegroups now have correct policies. Tags can now be added to node groups.
* Fixing bug where people could set source_security_group_ids without setting ssh key causing a race condition within the aws provider.
* Adding lifecycle create_before_destroy
* Adding random pet names for create_before_destroy
* Updating per comments.
* Updating required versions of terraform
* Updating per comments.
* Updating vars
* Updating minimum version for terraform
* Change worker_groups_managed_node_groups to node_groups
* Using for_each on the random_pet
* Adding changes recommended by @eytanhanig
* Update node_groups.tf
This commit changes the way aws auth is managed. Before a local file
was used the generate the template and a null resource to apply it. This
is now switched to the terraform kubernetes provider.
* add doc for minimum iam permission
Signed-off-by: kahootali <kahoot.ali@gmail.com>
* refer iam doc in readme
Signed-off-by: kahootali <kahoot.ali@gmail.com>
* remove iam permissions from examples
* set alphabetically the iam permissons
* Create ASG tags via for - utility from terraform 12
* Updated support for mixed ASG in worker_groups_launch_template variable
* Updated launch_template example to include spot and mixed ASG with worker_groups_launch_template variable
* Removed old config
* Removed workers_launch_template_mixed.tf file, added support for mixed/spot in workers_launch_template variable
* Updated examples/spot_instances/main.tf with Mixed Spot and ondemand instances
* Removed launch_template_mixed from relevant files
* Updated README.md file
* Removed workers_launch_template.tf.bkp
* Fixed case with null on_demand_allocation_strategy and Spot allocation
* Fixed workers_launch_template.tf, covered spot instances via Launch Template
* Support map users and roles to multiple groups
* Simplify code by rename `user_arn` to `userarn`, `role_arn` to `rolearn`
* Next version should be 6.x because PR this is a breaking change.
* Update example variables.tf
* Change indent to 2
* Fix map-aws-auth.yaml maybe invalid yaml.
* Update to EKS 1.13
* Revert "Pin terraform version < 0.12"
This reverts commit 4c71b12218378914c276715a85a61ac5aece9fa0.
* Update providers in examples and format
* run terraform upgrade tool
* fix post upgrade TODOs
* use strict typing for variables
* upgrade examples, point them at VPC module tf 0.12 PR
* remove unnecessary `coalesce()` calls
coalesce(lookup(map, key, ""), default) -> lookup(map, key, default)
* Fix autoscaling_enabled broken (#1)
* always set a value for tags, fix coalescelist calls
* always set a value for these tags
* fix tag value
* fix tag value
* default element available
* added default value
* added a general default
without this default - TF is throwing an error when running a destroy
* Fix CI
* Change vpc module back to `terraform-aws-modules/vpc/aws` in example
* Update CHANGELOG.md
* Change type of variable `cluster_log_retention_in_days` to number
* Remove `xx_count` variables
* Actual lists instead of strings with commas
* Remove `xx_count` variable from docs
* Replace element with list indexing
* Change variable `worker_group_tags` to a attribute of worker_group
* Fix workers_launch_template_mixed tags
* Change override_instance_type_x variables to list.
* Update CHANGELOG.md
* adding 3 examples
* removing old example
* updating PR template
* fix this typo
* update after renaming default example
* add missing launch_template_mixed stuff to aws_auth
* fix 2 examples with public subnets
* update changelog for new minor release
* Allow per worker group ASG tags to be set
* Format
* Set correct defaults
* Implement hack that will use the first item in the list if a matching item does not exist for the worker group
* Use a map that will map from the worker group name to the tags to get around the issue where list indexing does not work with a list of lists
* Format
* Cleanup
* Fix sample
* README
* Added map_roles_count and user_roles_count (#1)
* Update readme for new vars
* updated tests to include count
* fix syntax error
* updated changelog
* Added map_accounts_count variable for consistency
* Fix counts in example and user latest terraform-docs to generate readme
* changing syntax when referring to map keys without lookup function
* Replacing map function with actual maps for easier reading
* replacing map function in example
* replacing map function in workers.tf and readme/main
* update changelog
* Allow additional security groups to be included for all workers and each worker group #47
* update changelog with reference to issue and be more descriptive
* Update CHANGELOG.md
* address pr comments and rebase
* rebase
* fix bug introduced by PR#115 that sets the AMI id to the default value of "" always
* rebase
* align default value of additional_security_group_ids to be pulled from local var workers_group_defaults_defaults
