Enable lifecycle management of core cluster addons. #456
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We're going to need this in order to do cluster upgrades one environment at a time.
Enable EKS management of the three core cluster addons which are installed by default: coredns, kube-proxy, vpc-cni. Without this, EKS still installs the default versions of these addons but doesn't manage their lifecycle, leaving it to the user to manually make any necessary upgrades or changes during a cluster upgrade. I added a module variable for overriding the default addon versions just in case we ever need to do so (i.e. in the unlikely event that Amazon were to make a bad version the default), but I don't expect we'll actually need it. We don't want to pin these versions because it would defeat the benefit of Amazon managing the core addons for us and make things less reliable and secure overall. Tested: applied in test account, addon versions remain as expected. Checked that overriding a version to the default version produces no diff. Checked that overriding a version to a non-default version produces the expected diff.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Enable EKS management of the three core cluster addons which are installed by default: coredns, kube-proxy, vpc-cni.
Without this, EKS still installs the default versions of these addons but doesn't manage their lifecycle, leaving it to the user to manually make any necessary upgrades or changes during a cluster upgrade.
I added a module variable for overriding the default addon versions just in case we ever need to do so (i.e. in the unlikely event that Amazon were to make a bad version the default), but I don't expect we'll actually need it. We don't want to pin these versions because it would defeat the benefit of Amazon managing the core addons for us and make things less reliable and secure overall.
Also stop hardcoding the cluster version, as we'll need it to vary between environments when rolling out cluster upgrades.
Tested: applied in test account, addon versions remain as expected. Checked that overriding a version to the default version produces no diff. Checked that overriding a version to a non-default version produces the expected diff.
Trello card