In order to ensure proper ordering when running terraform destroy. This will block Terraform from removing up security group rules before the cluster has finished its clean up chores.
In order to be a text file according to POSIX, file needs to be composed of
text lines. Text line is defined as sequence of characters ending in \n. Sadly,
`~}` did strip everything including the \n, so the kubeconfing did not end
with a new line. Output empty string at the end to make sure of it.
NOTES: New variable `worker_create_cluster_primary_security_group_rules` to allow communication between pods on workers and pods using the primary cluster security group (Managed Node Groups or Fargate). It defaults to `false` to avoid potential conflicts with existing security group rules users may have implemented.
BREAKING CHANGES: The default `cluster_version` is now 1.16. Kubernetes 1.16 includes a number of deprecated API removals, and you need to ensure your applications and add ons are updated, or workloads could fail after the upgrade is complete. For more information on the API removals, see the [Kubernetes blog post](https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/). For action you may need to take before upgrading, see the steps in the [EKS documentation](https://docs.aws.amazon.com/eks/latest/userguide/update-cluster.html). Please set explicitly your `cluster_version` to an older EKS version until your workloads are ready for Kubernetes 1.16.
* Create kubeconfig with non-executable permissions
Kubeconfig does not really need to be executable, so let's not create it with executable bit set.
* Bump tf version
* Remove template_file for generating kubeconfig
Push logic from terraform down to the template. Makes the formatting
slightly easier to follow
* Remove template_file for generating userdata
Updates to the eks_cluster now do not trigger recreation of launch
configurations
* Remove template_file for LT userdata
* Remove template dependency
* Add support for EC2 principal in assume worker role policy for China AWS
* Remove local partition according to requested change
Co-authored-by: Valeri GOLUBEV <vgolubev@kyriba.com>
BREAKING CHANGE: The terraform-aws-eks module now require at least kubernetes `1.11.1`. This may cause terraform to fail to init if users have set version = "1.10" like we had in the examples.
Setting `manage_aws_auth = false` removes the ordering dependency
between node_group and eks_cluster generating an error on first apply.
This fixes that use case.
Fixes#793
