-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Publish AMI Version in SSM Parameters #423
Labels
enhancement
New feature or request
Comments
bflad
added a commit
to hashicorp/terraform-provider-aws
that referenced
this issue
Feb 26, 2020
…aseVersion argument value Reference: awslabs/amazon-eks-ami#423 Reference: aws/containers-roadmap#771 There is currently no lookup mechanism for these values other than the website. See referenced issue for hopeful path forward via a new SSM Parameter, although there does appear to be a delay between the AMI release and EKS API support. Previous output from acceptance testing (master and latest version testing): ``` --- FAIL: TestAccAWSEksNodeGroup_ReleaseVersion (1225.88s) testing.go:654: Step 0 error: errors during apply: Error: error creating EKS Node Group (tf-acc-test-9113909416381506697:tf-acc-test-9113909416381506697): InvalidParameterException: Requested Node Group release version 1.14.7-20190927 is invalid. Allowed release version is 1.14.8-20191213 --- FAIL: TestAccAWSEksNodeGroup_ReleaseVersion (1375.87s) testing.go:654: Step 0 error: errors during apply: Error: error creating EKS Node Group (tf-acc-test-7174874914828901519:tf-acc-test-7174874914828901519): InvalidParameterException: Requested Node Group release version 1.14.9-20200122 is invalid. Allowed release version is 1.14.8-20191213 ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (1564.18s) ```
bflad
added a commit
to hashicorp/terraform-provider-aws
that referenced
this issue
Mar 4, 2020
…aseVersion argument value (#12172) Reference: awslabs/amazon-eks-ami#423 Reference: aws/containers-roadmap#771 There is currently no lookup mechanism for these values other than the website. See referenced issue for hopeful path forward via a new SSM Parameter, although there does appear to be a delay between the AMI release and EKS API support. Previous output from acceptance testing (master and latest version testing): ``` --- FAIL: TestAccAWSEksNodeGroup_ReleaseVersion (1225.88s) testing.go:654: Step 0 error: errors during apply: Error: error creating EKS Node Group (tf-acc-test-9113909416381506697:tf-acc-test-9113909416381506697): InvalidParameterException: Requested Node Group release version 1.14.7-20190927 is invalid. Allowed release version is 1.14.8-20191213 --- FAIL: TestAccAWSEksNodeGroup_ReleaseVersion (1375.87s) testing.go:654: Step 0 error: errors during apply: Error: error creating EKS Node Group (tf-acc-test-7174874914828901519:tf-acc-test-7174874914828901519): InvalidParameterException: Requested Node Group release version 1.14.9-20200122 is invalid. Allowed release version is 1.14.8-20191213 ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (1564.18s) ```
This has been added. Ex aws ssm get-parameter --name /aws/service/eks/optimized-ami/1.14/amazon-linux-2/recommended/release_version |
@mikestef9 Awesome! I'll double check this shortly. 😄 |
bflad
added a commit
to hashicorp/terraform-provider-aws
that referenced
this issue
May 14, 2020
…change Reference: #13071 Reference: https://aws.amazon.com/blogs/containers/upcoming-changes-to-ip-assignment-for-eks-managed-node-groups/ Reference: awslabs/amazon-eks-ami#423 This also switches the ReleaseVersion testing to use the newly available SSM Parameter, so it is no longer hardcoded and stale. Previously: ``` --- FAIL: TestAccAWSEksNodeGroup_basic (1278.58s) testing.go:683: Step 0 error: errors during apply: Error: error waiting for EKS Node Group (tf-acc-test-8344543808745629148:tf-acc-test-8344543808745629148) creation: Ec2SubnetInvalidConfiguration: One or more Amazon EC2 Subnets of [subnet-09e307c552d8e2396, subnet-09b4b4c79ae9b1c5a] for node group tf-acc-test-8344543808745629148 does not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable auto-assign public IP address for the subnet. See IP addressing in VPC guide: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html#subnet-public-ip. Resource IDs: [subnet-09e307c552d8e2396 subnet-09b4b4c79ae9b1c5a] --- FAIL: TestAccAWSEksNodeGroup_ReleaseVersion (1129.51s) testing.go:683: Step 0 error: errors during apply: Error: error creating EKS Node Group (tf-acc-test-395161592184105116:tf-acc-test-395161592184105116): InvalidParameterException: releaseVersion 1.14.8-20191213 is invalid ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_AmiType (1539.44s) --- PASS: TestAccAWSEksNodeGroup_basic (1485.68s) --- PASS: TestAccAWSEksNodeGroup_disappears (1425.45s) --- PASS: TestAccAWSEksNodeGroup_DiskSize (1551.75s) --- PASS: TestAccAWSEksNodeGroup_InstanceTypes (1545.64s) --- PASS: TestAccAWSEksNodeGroup_Labels (1647.48s) --- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (1578.86s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_Ec2SshKey (1566.70s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_SourceSecurityGroupIds (1698.65s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_DesiredSize (1619.70s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MaxSize (1610.20s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MinSize (1551.41s) --- PASS: TestAccAWSEksNodeGroup_Tags (1501.53s) --- PASS: TestAccAWSEksNodeGroup_Version (1513.24s) ```
bflad
added a commit
to hashicorp/terraform-provider-aws
that referenced
this issue
May 19, 2020
…change (#13323) * service/eks: Fix testing and eks-getting-started example for EKS API change Reference: #13071 Reference: https://aws.amazon.com/blogs/containers/upcoming-changes-to-ip-assignment-for-eks-managed-node-groups/ Reference: awslabs/amazon-eks-ami#423 This also switches the ReleaseVersion testing to use the newly available SSM Parameter, so it is no longer hardcoded and stale. Previously: ``` --- FAIL: TestAccAWSEksNodeGroup_basic (1278.58s) testing.go:683: Step 0 error: errors during apply: Error: error waiting for EKS Node Group (tf-acc-test-8344543808745629148:tf-acc-test-8344543808745629148) creation: Ec2SubnetInvalidConfiguration: One or more Amazon EC2 Subnets of [subnet-09e307c552d8e2396, subnet-09b4b4c79ae9b1c5a] for node group tf-acc-test-8344543808745629148 does not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable auto-assign public IP address for the subnet. See IP addressing in VPC guide: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html#subnet-public-ip. Resource IDs: [subnet-09e307c552d8e2396 subnet-09b4b4c79ae9b1c5a] --- FAIL: TestAccAWSEksNodeGroup_ReleaseVersion (1129.51s) testing.go:683: Step 0 error: errors during apply: Error: error creating EKS Node Group (tf-acc-test-395161592184105116:tf-acc-test-395161592184105116): InvalidParameterException: releaseVersion 1.14.8-20191213 is invalid ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_AmiType (1539.44s) --- PASS: TestAccAWSEksNodeGroup_basic (1485.68s) --- PASS: TestAccAWSEksNodeGroup_disappears (1425.45s) --- PASS: TestAccAWSEksNodeGroup_DiskSize (1551.75s) --- PASS: TestAccAWSEksNodeGroup_InstanceTypes (1545.64s) --- PASS: TestAccAWSEksNodeGroup_Labels (1647.48s) --- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (1578.86s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_Ec2SshKey (1566.70s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_SourceSecurityGroupIds (1698.65s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_DesiredSize (1619.70s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MaxSize (1610.20s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MinSize (1551.41s) --- PASS: TestAccAWSEksNodeGroup_Tags (1501.53s) --- PASS: TestAccAWSEksNodeGroup_Version (1513.24s) ``` * tests/resource/aws_eks_node_group: Fix version test to use version from aws_eks_cluster reference The EKS Cluster would spin up with the latest Kubernetes version while the Node Group could be hardcoded multiple behind. The EKS API unfortunately does not provide a lookup API for versioning yet. Previously: ``` Error: error creating EKS Node Group (tf-acc-test-1420558841397012520:tf-acc-test-1420558841397012520): InvalidParameterException: Nodegroup Kubernetes version should be equal to Cluster kubernetes version 1.16 or be behind be 1 ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_Version (1630.32s) ```
adamdecaf
pushed a commit
to adamdecaf/terraform-provider-aws
that referenced
this issue
May 28, 2020
…change (hashicorp#13323) * service/eks: Fix testing and eks-getting-started example for EKS API change Reference: hashicorp#13071 Reference: https://aws.amazon.com/blogs/containers/upcoming-changes-to-ip-assignment-for-eks-managed-node-groups/ Reference: awslabs/amazon-eks-ami#423 This also switches the ReleaseVersion testing to use the newly available SSM Parameter, so it is no longer hardcoded and stale. Previously: ``` --- FAIL: TestAccAWSEksNodeGroup_basic (1278.58s) testing.go:683: Step 0 error: errors during apply: Error: error waiting for EKS Node Group (tf-acc-test-8344543808745629148:tf-acc-test-8344543808745629148) creation: Ec2SubnetInvalidConfiguration: One or more Amazon EC2 Subnets of [subnet-09e307c552d8e2396, subnet-09b4b4c79ae9b1c5a] for node group tf-acc-test-8344543808745629148 does not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable auto-assign public IP address for the subnet. See IP addressing in VPC guide: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html#subnet-public-ip. Resource IDs: [subnet-09e307c552d8e2396 subnet-09b4b4c79ae9b1c5a] --- FAIL: TestAccAWSEksNodeGroup_ReleaseVersion (1129.51s) testing.go:683: Step 0 error: errors during apply: Error: error creating EKS Node Group (tf-acc-test-395161592184105116:tf-acc-test-395161592184105116): InvalidParameterException: releaseVersion 1.14.8-20191213 is invalid ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_AmiType (1539.44s) --- PASS: TestAccAWSEksNodeGroup_basic (1485.68s) --- PASS: TestAccAWSEksNodeGroup_disappears (1425.45s) --- PASS: TestAccAWSEksNodeGroup_DiskSize (1551.75s) --- PASS: TestAccAWSEksNodeGroup_InstanceTypes (1545.64s) --- PASS: TestAccAWSEksNodeGroup_Labels (1647.48s) --- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (1578.86s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_Ec2SshKey (1566.70s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_SourceSecurityGroupIds (1698.65s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_DesiredSize (1619.70s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MaxSize (1610.20s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MinSize (1551.41s) --- PASS: TestAccAWSEksNodeGroup_Tags (1501.53s) --- PASS: TestAccAWSEksNodeGroup_Version (1513.24s) ``` * tests/resource/aws_eks_node_group: Fix version test to use version from aws_eks_cluster reference The EKS Cluster would spin up with the latest Kubernetes version while the Node Group could be hardcoded multiple behind. The EKS API unfortunately does not provide a lookup API for versioning yet. Previously: ``` Error: error creating EKS Node Group (tf-acc-test-1420558841397012520:tf-acc-test-1420558841397012520): InvalidParameterException: Nodegroup Kubernetes version should be equal to Cluster kubernetes version 1.16 or be behind be 1 ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_Version (1630.32s) ```
iffyuva
pushed a commit
to dockup/terraform-aws
that referenced
this issue
Jun 1, 2020
…change (#13323) * service/eks: Fix testing and eks-getting-started example for EKS API change Reference: hashicorp/terraform-provider-aws#13071 Reference: https://aws.amazon.com/blogs/containers/upcoming-changes-to-ip-assignment-for-eks-managed-node-groups/ Reference: awslabs/amazon-eks-ami#423 This also switches the ReleaseVersion testing to use the newly available SSM Parameter, so it is no longer hardcoded and stale. Previously: ``` --- FAIL: TestAccAWSEksNodeGroup_basic (1278.58s) testing.go:683: Step 0 error: errors during apply: Error: error waiting for EKS Node Group (tf-acc-test-8344543808745629148:tf-acc-test-8344543808745629148) creation: Ec2SubnetInvalidConfiguration: One or more Amazon EC2 Subnets of [subnet-09e307c552d8e2396, subnet-09b4b4c79ae9b1c5a] for node group tf-acc-test-8344543808745629148 does not automatically assign public IP addresses to instances launched into it. If you want your instances to be assigned a public IP address, then you need to enable auto-assign public IP address for the subnet. See IP addressing in VPC guide: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html#subnet-public-ip. Resource IDs: [subnet-09e307c552d8e2396 subnet-09b4b4c79ae9b1c5a] --- FAIL: TestAccAWSEksNodeGroup_ReleaseVersion (1129.51s) testing.go:683: Step 0 error: errors during apply: Error: error creating EKS Node Group (tf-acc-test-395161592184105116:tf-acc-test-395161592184105116): InvalidParameterException: releaseVersion 1.14.8-20191213 is invalid ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_AmiType (1539.44s) --- PASS: TestAccAWSEksNodeGroup_basic (1485.68s) --- PASS: TestAccAWSEksNodeGroup_disappears (1425.45s) --- PASS: TestAccAWSEksNodeGroup_DiskSize (1551.75s) --- PASS: TestAccAWSEksNodeGroup_InstanceTypes (1545.64s) --- PASS: TestAccAWSEksNodeGroup_Labels (1647.48s) --- PASS: TestAccAWSEksNodeGroup_ReleaseVersion (1578.86s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_Ec2SshKey (1566.70s) --- PASS: TestAccAWSEksNodeGroup_RemoteAccess_SourceSecurityGroupIds (1698.65s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_DesiredSize (1619.70s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MaxSize (1610.20s) --- PASS: TestAccAWSEksNodeGroup_ScalingConfig_MinSize (1551.41s) --- PASS: TestAccAWSEksNodeGroup_Tags (1501.53s) --- PASS: TestAccAWSEksNodeGroup_Version (1513.24s) ``` * tests/resource/aws_eks_node_group: Fix version test to use version from aws_eks_cluster reference The EKS Cluster would spin up with the latest Kubernetes version while the Node Group could be hardcoded multiple behind. The EKS API unfortunately does not provide a lookup API for versioning yet. Previously: ``` Error: error creating EKS Node Group (tf-acc-test-1420558841397012520:tf-acc-test-1420558841397012520): InvalidParameterException: Nodegroup Kubernetes version should be equal to Cluster kubernetes version 1.16 or be behind be 1 ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksNodeGroup_Version (1630.32s) ```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What would you like to be added:
Add an "AMI Version" SSM Parameter, e.g.
Why is this needed:
The EKS
CreateNodeGroup
API call accepts a parameter namedreleaseVersion
which needs to match the published "AMI Version" names on the Amazon EKS-Optimized Linux AMI Versions documentation page. e.g.1.14.8-20191213
The SSM Parameters published by the release pipeline do not seem to include this information currently:
In the Terraform AWS Provider, we provide end-to-end testing for that parameter. This testing is currently hardcoded because there does not appear to be a lookup mechanism in SSM or the EKS API for an acceptable value:
https://github.com/terraform-providers/terraform-provider-aws/blob/2db63198564e911f320389268b8f46f53c9ca694/aws/resource_aws_eks_node_group_test.go#L271-L295
And after awhile the EKS API will complain about outdated values:
Having the SSM Parameter available seems like the easiest path, however we are really looking for any lookup mechanism. Operators would then be able to use changes in this value to automatically trigger EKS Node Group upgrades.
Thanks!
Additional References:
The text was updated successfully, but these errors were encountered: