* fix: Update AWS provider version to support `AL2023_*` AMI types
* fix: Ensure the cluster service CIDR is passed to the AL2023 user data where its required
* feat: Add support for enabling EFA resources
* feat: Add support for creating placement group and ensuring subnet ID used supports the instance type provided
* chore: Update README and examples
* feat: Update AWS provider MSV to support `maximum_network_cards` attribute
* fix: Update self-managed example after last round of testing; improve EFA support wording
* feat: Replace `resolve_conflicts` with `resolve_conflicts_on_create`/`delete`; raise MSV of AWS provider to `v5.0` to support
* fix: Replace dynamic DNS suffix for `sts:AssumeRole` API calls for static suffix
* feat: Add module tag
* feat: Align Karpenter permissions with Karpenter v1beta1/v0.32 permissions from upstream
* refactor: Move `aws-auth` ConfigMap functionality to its own sub-module
* chore: Update examples
* feat: Add state `moved` block for Karpenter Pod Identity role re-name
* fix: Correct variable `create` description
* feat: Add support for cluster access entries
* chore: Bump MSV of Terraform to `1.3`
* fix: Replace defunct kubectl provider with an updated forked equivalent
* chore: Update and validate examples for access entry; clean up provider usage
* docs: Correct double redundant variable descriptions
* feat: Add support for Cloudwatch log group class argument
* fix: Update usage tag placement, fix Karpenter event spelling, add upcoming changes section to upgrade guide
* feat: Update Karpenter module to generalize naming used and align policy with the upstream Karpenter policy
* feat: Add native support for Windows based managed nodegroups similar to AL2 and Bottlerocket
* feat: Update self-managed nodegroup module to use latest features of ASG
* docs: Update and simplify docs
* fix: Correct variable description for AMI types
* fix: Update upgrade guide with changes; rename Karpenter controller resource names to support migrating for users
* docs: Complete upgrade guide docs for migration and changes applied
* Update examples/karpenter/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* Update examples/outposts/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
* Update modules/karpenter/README.md
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
---------
Co-authored-by: Anton Babenko <anton@antonbabenko.com>
BREAKING CHANGES: We now decided to remove `random_pet` resources in Managed Node Groups (MNG). Those were used to recreate MNG if something change and also simulate the newly added argument `node_group_name_prefix`. But they were causing a lot of troubles. To upgrade the module without recreating your MNG, you will need to explicitly reuse their previous name and set them in your MNG `name` argument. Please see [upgrade docs](https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/docs/upgrades.md#upgrade-module-to-v1700-for-managed-node-groups) for more details.
BREAKING CHANGES: We remove the dependency on the deprecated `hashicorp/template` provider and use the Terraform built in `templatefile` function. This will broke some workflows due to previously being able to pass in the raw contents of a template file for processing. The `templatefile` function requires a template file that exists before running a plan.
NOTES: Using the [terraform-aws-modules/http](https://registry.terraform.io/providers/terraform-aws-modules/http/latest) provider is a more platform agnostic way to wait for the cluster availability than using a local-exec. With this change we're able to provision EKS clusters and manage the `aws_auth` configmap while still using the `hashicorp/tfc-agent` docker image.
Additional support for Terraform v0.13 and aws v3!
- The update to the vpc module in examples was, strictly speaking, unnecessary but it adds the terraform block with supported versions.
- Update for iam module in the example was very necessary to support new versions
- Workaround for "Provider produced inconsistent final plan" when creating ASGs at the same time as the cluster. See https://github.com/terraform-providers/terraform-provider-aws/issues/14085 for full details.
- Blacklist 0.13.0 as it was too strict when migrating from aws v2 to v3 about dropped attributes.
NOTES: Addition of the IMDSv2 metadata configuration block to Launch Templates will cause a diff to be generated for existing Launch Templates on first Terraform apply. The defaults match existing behaviour.
* Create kubeconfig with non-executable permissions
Kubeconfig does not really need to be executable, so let's not create it with executable bit set.
* Bump tf version
* Remove template_file for generating kubeconfig
Push logic from terraform down to the template. Makes the formatting
slightly easier to follow
* Remove template_file for generating userdata
Updates to the eks_cluster now do not trigger recreation of launch
configurations
* Remove template_file for LT userdata
* Remove template dependency
BREAKING CHANGE: The terraform-aws-eks module now require at least kubernetes `1.11.1`. This may cause terraform to fail to init if users have set version = "1.10" like we had in the examples.
* wait for cluster to respond before creating auth config map
* adds changelog entry
* fixup tf format
* fixup kubernetes required version
* fixup missing local for kubeconfig_filename
* combine wait for cluster into provisioner on cluster; change status check to /healthz on endpoint
* fix: make kubernetes provider version more permissive
* Finished first cut of managed node groups
* Updated formatting and extra fields.
* Updating Changelog and README
* Fixing formatting
* Fixing docs.
* Updating required Version
* Updating changelog
* Adding example for managed node groups
* Managed IAM Roles for Nodegroups now have correct policies. Tags can now be added to node groups.
* Fixing bug where people could set source_security_group_ids without setting ssh key causing a race condition within the aws provider.
* Adding lifecycle create_before_destroy
* Adding random pet names for create_before_destroy
* Updating per comments.
* Updating required versions of terraform
* Updating per comments.
* Updating vars
* Updating minimum version for terraform
* Change worker_groups_managed_node_groups to node_groups
* Using for_each on the random_pet
* Adding changes recommended by @eytanhanig
* Update node_groups.tf
* run terraform upgrade tool
* fix post upgrade TODOs
* use strict typing for variables
* upgrade examples, point them at VPC module tf 0.12 PR
* remove unnecessary `coalesce()` calls
coalesce(lookup(map, key, ""), default) -> lookup(map, key, default)
* Fix autoscaling_enabled broken (#1)
* always set a value for tags, fix coalescelist calls
* always set a value for these tags
* fix tag value
* fix tag value
* default element available
* added default value
* added a general default
without this default - TF is throwing an error when running a destroy
* Fix CI
* Change vpc module back to `terraform-aws-modules/vpc/aws` in example
* Update CHANGELOG.md
* Change type of variable `cluster_log_retention_in_days` to number
* Remove `xx_count` variables
* Actual lists instead of strings with commas
* Remove `xx_count` variable from docs
* Replace element with list indexing
* Change variable `worker_group_tags` to a attribute of worker_group
* Fix workers_launch_template_mixed tags
* Change override_instance_type_x variables to list.
* Update CHANGELOG.md
