feat: Add support for addons #1443
Conversation
| # Hack for a homemade `depends_on` https://discuss.hashicorp.com/t/tips-howto-implement-module-depends-on-emulation/2305/2 | ||
| # Will be removed in Terraform 0.13 with the support of module's `depends_on` https://github.com/hashicorp/terraform/issues/10462 | ||
| variable "eks_depends_on" { | ||
| description = "List of references to other resources this submodule depends on." |
There was a problem hiding this comment.
maybe this should me moved to module level as terraform from some time allowing it?
There was a problem hiding this comment.
This pattern is used in modules/fargate and modules/node_groups, I just copied it from there to keep everything consistent.
I'm not sure which example you require, as eks_depends_on is defined in addons.tf in the root of the main module, https://github.com/tnimni/terraform-aws-eks/blob/feature/addons/addons.tf#L11-L14
modules/addons/variables.tf
Outdated
|
|
||
| variable "coredns_versions" { | ||
| # Versions are taken from https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html#updating-coredns-add-on | ||
| type = map(any) |
There was a problem hiding this comment.
I think better will be map(string) just to not loose type over time
modules/addons/variables.tf
Outdated
|
|
||
| variable "kube_proxy_versions" { | ||
| # Versions are taken from https://docs.aws.amazon.com/eks/latest/userguide/managing-kube-proxy.html#updating-kube-proxy-add-on | ||
| type = map(any) |
There was a problem hiding this comment.
I think better will be map(string) just to not loose type over time
modules/addons/variables.tf
Outdated
| variable "vpc_cni_versions" { | ||
| # Versions are taken from https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html#updating-vpc-cni-add-on | ||
| # Latest patch version is taken from https://github.com/aws/amazon-vpc-cni-k8s | ||
| type = map(any) |
There was a problem hiding this comment.
I think better will be map(string) just to not loose type over time
| # Will be removed in Terraform 0.13 with the support of module's `depends_on` https://github.com/hashicorp/terraform/issues/10462 | ||
| variable "eks_depends_on" { | ||
| description = "List of references to other resources this submodule depends on." | ||
| type = any |
There was a problem hiding this comment.
probably string will be better
There was a problem hiding this comment.
based on https://github.com/tnimni/terraform-aws-eks/blob/feature/addons/modules/fargate/variables.tf#L59-L65 , I copied it to keep everything consistent
There was a problem hiding this comment.
yup, this was created before modules were supporting dependncies. Lets maintainers decide does we want to leave this for consistency or we will start using module dependency.
modules/addons/outputs.tf
Outdated
| @@ -0,0 +1,14 @@ | |||
| output "vpc_cni_id" { | |||
| description = "The id of the Amazon VPC CNI addon" | |||
| value = aws_eks_addon.vpc_cni[0].id | |||
There was a problem hiding this comment.
does it will be working when I will not create this addon (there will be no element 0)?
| cluster_name = var.cluster_name | ||
| addon_name = "coredns" | ||
| resolve_conflicts = "OVERWRITE" | ||
| addon_version = lookup(var.coredns_versions, var.cluster_version, "Not Found") |
There was a problem hiding this comment.
how AWS API will react when we pass "Not Found", does there is validation on their end?
There was a problem hiding this comment.
This is on purpose, it will not even reach aws api. terraform plan will throw an error stating the addon version can not be "Not Found" giving a hint for the user that the cluster version is not supported by the module
Uncomment 1.20
Update README.md
|
Please can the defaults not be to enable these. |
|
@stevehipwell |
|
Can we please get this approved? @barryib |
|
Good work here @tnimni - hoping for it to be merged soon. |
Thank you |
|
So if we enable the vpc cni addon then should we pass |
…sing the vpc cni addon
Hi, I checked and aws recommend it here https://docs.aws.amazon.com/eks/latest/userguide/cni-iam-role.html I added to the example and also updated the main module readme to reflect that the variable attach_worker_cni_policy should be set to false if deploying the vpc cni addon I appreciate your input |
|
Hi Awesome. We're waiting for it. |
|
Same Same, nice work @tnimni 👏 |
|
@nikitacr7 @thapakazi thank you both |
|
@tnimni This is great!!! I do have one request though. Can you add support for tags like the node_groups module https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/node_groups.tf#L9 Thanks |
I'll have a look into it Edit: I have added tags to addons use addon_tags = { |
|
EKS 1.21 just came out this week so it might be worth adding it now. Either way this is great work @tnimni Thank you for doing this. |
|
Thanks @antonbabenko your design deals with my concerns and will allow anyone who wants to use addons to do so without impacting any of us who choose not to. |
|
This PR has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
We'd love to have support for this, is this PR still being worked on? |
I'm waiting for the provider to be updated
I'm considering releasing this as a stand alone module, perhaps n 2 weeks time |
|
This PR has been automatically marked as stale because it has been open 30 days |
|
not stale |
|
Any updates on this? Now that EKS version 1.21 is out there, can we introduce this to the module directly |
|
This PR has been automatically marked as stale because it has been open 30 days |
|
Not stale |
|
This issue has been resolved in version 18.0.0 🎉 |
|
I think this was closed in error... I do not see any of the changes from this PR in master or the 18.0.3 release. |
|
Line 220 in 3c66863 |
|
Huh ok so it was refactored and done differently from this PR ( |
|
yes, see convo above #1443 (comment) there are examples of using this features as well |
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
PR o'clock
Description
Add support for eks addons recommended by aws
https://docs.aws.amazon.com/eks/latest/userguide/eks-add-ons.html
The default behavior will NOT install the addons to the cluster.
Requires irsa to be enabled to deploy the VPC CNI addon
Checklist