Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use vpc-cni addon configuration values to create eniconfigs
Browse files Browse the repository at this point in the history
nerahou committed Sep 4, 2024
1 parent fb40776 commit 6c5d18b
Showing 3 changed files with 26 additions and 33 deletions.
49 changes: 26 additions & 23 deletions main.tf
Original file line number Diff line number Diff line change
@@ -15,11 +15,31 @@
*/

locals {
eni_configs = [for e in var.pods_subnets : {
name = e.availability_zone
subnet = e.id
securityGroups = [aws_eks_cluster.quortex.vpc_config[0].cluster_security_group_id]
}]

configuration_values = jsonencode(
{
"env" : {
"AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" : "true",
"ENI_CONFIG_LABEL_DEF" : "topology.kubernetes.io/zone"
}
"eniConfig" : {
"create" : true,
"region" : "${data.aws_region.current.name}",
"subnets" : { for e in var.pods_subnets :
e.availability_zone => {
id = e.id
securityGroups = [aws_eks_cluster.quortex.vpc_config[0].cluster_security_group_id]
}
}
}
}
)
subnets = { for e in var.pods_subnets :
e.availability_zone => {
id = e.id
securityGroups = [aws_eks_cluster.quortex.vpc_config[0].cluster_security_group_id]
}
}
# The Quortex cluster OIDC issuer.
cluster_oidc_issuer = trimprefix(aws_eks_cluster.quortex.identity[0].oidc[0].issuer, "https://")
node_group_labels = [
@@ -198,7 +218,7 @@ resource "aws_eks_addon" "vpc_cni_addon" {
cluster_name = aws_eks_cluster.quortex.name
addon_name = "vpc-cni"
addon_version = var.cluster_addons["vpc-cni"].version
configuration_values = try(var.cluster_addons["vpc-cni"].configuration_values, null)
configuration_values = local.configuration_values
preserve = try(var.cluster_addons["vpc-cni"].preserve, null)
resolve_conflicts_on_update = try(var.cluster_addons["vpc-cni"].resolve_conflicts, "OVERWRITE")
resolve_conflicts_on_create = try(var.cluster_addons["vpc-cni"].resolve_conflicts, "OVERWRITE")
@@ -221,8 +241,6 @@ resource "aws_eks_addon" "quortex_addon" {
service_account_role_arn = lookup(local.addon_irsa_service_account_arn, each.key, null)

tags = var.tags

depends_on = [helm_release.eni_configs]
}

# This AWS CLI command will add tags to the ASG created by EKS
@@ -288,18 +306,3 @@ resource "aws_cloudwatch_log_group" "cluster_logs" {
retention_in_days = var.cluster_logs_retention
tags = var.tags
}

resource "helm_release" "eni_configs" {
count = var.handle_eni_configs ? 1 : 0
version = "1.0.0"
chart = "empty"
repository = "https://quortex.github.io/helm-charts"
name = "aws-vpc-cni-config"

values = [
templatefile("${path.module}/templates/eniconfigs.yaml", {
eniConfigs : jsonencode(local.eni_configs)
})
]
depends_on = [aws_eks_addon.vpc_cni_addon]
}
6 changes: 0 additions & 6 deletions variables.tf
Original file line number Diff line number Diff line change
@@ -176,12 +176,6 @@ EOT
default = {}
}

variable "handle_eni_configs" {
type = bool
description = "To determine if eniconfig resources should be managed by this module"
default = false
}

variable "tags" {
type = map(any)
description = "The EKS resource tags (a map of key/value pairs) to be applied to the cluster."
4 changes: 0 additions & 4 deletions versions.tf
Original file line number Diff line number Diff line change
@@ -22,10 +22,6 @@ terraform {
source = "hashicorp/aws"
version = ">=5.0.0"
}
helm = {
source = "hashicorp/helm"
version = ">=2.0.0"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = ">=2.0.0"

0 comments on commit 6c5d18b

Please sign in to comment.