From 6c5d18b40c1c389526173aa4b360b7a61f768659 Mon Sep 17 00:00:00 2001 From: nerahou Date: Wed, 4 Sep 2024 16:03:50 +0200 Subject: [PATCH] Use vpc-cni addon configuration values to create eniconfigs --- main.tf | 49 ++++++++++++++++++++++++++----------------------- variables.tf | 6 ------ versions.tf | 4 ---- 3 files changed, 26 insertions(+), 33 deletions(-) diff --git a/main.tf b/main.tf index 7ab75ca..17beab1 100644 --- a/main.tf +++ b/main.tf @@ -15,11 +15,31 @@ */ locals { - eni_configs = [for e in var.pods_subnets : { - name = e.availability_zone - subnet = e.id - securityGroups = [aws_eks_cluster.quortex.vpc_config[0].cluster_security_group_id] - }] + + configuration_values = jsonencode( + { + "env" : { + "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" : "true", + "ENI_CONFIG_LABEL_DEF" : "topology.kubernetes.io/zone" + } + "eniConfig" : { + "create" : true, + "region" : "${data.aws_region.current.name}", + "subnets" : { for e in var.pods_subnets : + e.availability_zone => { + id = e.id + securityGroups = [aws_eks_cluster.quortex.vpc_config[0].cluster_security_group_id] + } + } + } + } + ) + subnets = { for e in var.pods_subnets : + e.availability_zone => { + id = e.id + securityGroups = [aws_eks_cluster.quortex.vpc_config[0].cluster_security_group_id] + } + } # The Quortex cluster OIDC issuer. cluster_oidc_issuer = trimprefix(aws_eks_cluster.quortex.identity[0].oidc[0].issuer, "https://") node_group_labels = [ @@ -198,7 +218,7 @@ resource "aws_eks_addon" "vpc_cni_addon" { cluster_name = aws_eks_cluster.quortex.name addon_name = "vpc-cni" addon_version = var.cluster_addons["vpc-cni"].version - configuration_values = try(var.cluster_addons["vpc-cni"].configuration_values, null) + configuration_values = local.configuration_values preserve = try(var.cluster_addons["vpc-cni"].preserve, null) resolve_conflicts_on_update = try(var.cluster_addons["vpc-cni"].resolve_conflicts, "OVERWRITE") resolve_conflicts_on_create = try(var.cluster_addons["vpc-cni"].resolve_conflicts, "OVERWRITE") @@ -221,8 +241,6 @@ resource "aws_eks_addon" "quortex_addon" { service_account_role_arn = lookup(local.addon_irsa_service_account_arn, each.key, null) tags = var.tags - - depends_on = [helm_release.eni_configs] } # This AWS CLI command will add tags to the ASG created by EKS @@ -288,18 +306,3 @@ resource "aws_cloudwatch_log_group" "cluster_logs" { retention_in_days = var.cluster_logs_retention tags = var.tags } - -resource "helm_release" "eni_configs" { - count = var.handle_eni_configs ? 1 : 0 - version = "1.0.0" - chart = "empty" - repository = "https://quortex.github.io/helm-charts" - name = "aws-vpc-cni-config" - - values = [ - templatefile("${path.module}/templates/eniconfigs.yaml", { - eniConfigs : jsonencode(local.eni_configs) - }) - ] - depends_on = [aws_eks_addon.vpc_cni_addon] -} diff --git a/variables.tf b/variables.tf index cf0d3a2..bc0c8ca 100644 --- a/variables.tf +++ b/variables.tf @@ -176,12 +176,6 @@ EOT default = {} } -variable "handle_eni_configs" { - type = bool - description = "To determine if eniconfig resources should be managed by this module" - default = false -} - variable "tags" { type = map(any) description = "The EKS resource tags (a map of key/value pairs) to be applied to the cluster." diff --git a/versions.tf b/versions.tf index 50c8ff2..8029fd1 100644 --- a/versions.tf +++ b/versions.tf @@ -22,10 +22,6 @@ terraform { source = "hashicorp/aws" version = ">=5.0.0" } - helm = { - source = "hashicorp/helm" - version = ">=2.0.0" - } kubernetes = { source = "hashicorp/kubernetes" version = ">=2.0.0"