Use vpc-cni addon configuration values to create eniconfigs

quortex · Sep 4, 2024 · db95d49 · db95d49
1 parent fb40776
commit db95d49
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 29 deletions.
diff --git a/main.tf b/main.tf
@@ -15,11 +15,24 @@
 */
 
 locals {
-  eni_configs = [for e in var.pods_subnets : {
-    name           = e.availability_zone
-    subnet         = e.id
-    securityGroups = [aws_eks_cluster.quortex.vpc_config[0].cluster_security_group_id]
-  }]
+  vpc_cni_configuration_values = var.custom_networking ? jsonencode(
+    {
+      "env" : {
+        "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" : "true",
+        "ENI_CONFIG_LABEL_DEF" : "topology.kubernetes.io/zone"
+      }
+      "eniConfig" : {
+        "create" : true,
+        "region" : data.aws_region.current.name,
+        "subnets" : { for e in var.pods_subnets :
+          e.availability_zone => {
+            id             = e.id
+            securityGroups = [aws_eks_cluster.quortex.vpc_config[0].cluster_security_group_id]
+          }
+        }
+      }
+    }
+  ) : null
   # The Quortex cluster OIDC issuer.
   cluster_oidc_issuer = trimprefix(aws_eks_cluster.quortex.identity[0].oidc[0].issuer, "https://")
   node_group_labels = [
@@ -198,7 +211,7 @@ resource "aws_eks_addon" "vpc_cni_addon" {
   cluster_name                = aws_eks_cluster.quortex.name
   addon_name                  = "vpc-cni"
   addon_version               = var.cluster_addons["vpc-cni"].version
-  configuration_values        = try(var.cluster_addons["vpc-cni"].configuration_values, null)
+  configuration_values        = try(var.cluster_addons["vpc-cni"].configuration_values, local.vpc_cni_configuration_values)
   preserve                    = try(var.cluster_addons["vpc-cni"].preserve, null)
   resolve_conflicts_on_update = try(var.cluster_addons["vpc-cni"].resolve_conflicts, "OVERWRITE")
   resolve_conflicts_on_create = try(var.cluster_addons["vpc-cni"].resolve_conflicts, "OVERWRITE")
@@ -221,8 +234,6 @@ resource "aws_eks_addon" "quortex_addon" {
   service_account_role_arn    = lookup(local.addon_irsa_service_account_arn, each.key, null)
 
   tags = var.tags
-
-  depends_on = [helm_release.eni_configs]
 }
 
 # This AWS CLI command will add tags to the ASG created by EKS
@@ -288,18 +299,3 @@ resource "aws_cloudwatch_log_group" "cluster_logs" {
   retention_in_days = var.cluster_logs_retention
   tags              = var.tags
 }
-
-resource "helm_release" "eni_configs" {
-  count      = var.handle_eni_configs ? 1 : 0
-  version    = "1.0.0"
-  chart      = "empty"
-  repository = "https://quortex.github.io/helm-charts"
-  name       = "aws-vpc-cni-config"
-
-  values = [
-    templatefile("${path.module}/templates/eniconfigs.yaml", {
-      eniConfigs : jsonencode(local.eni_configs)
-    })
-  ]
-  depends_on = [aws_eks_addon.vpc_cni_addon]
-}
diff --git a/variables.tf b/variables.tf
@@ -176,9 +176,9 @@ EOT
   default     = {}
 }
 
-variable "handle_eni_configs" {
+variable "custom_networking" {
   type        = bool
-  description = "To determine if eniconfig resources should be managed by this module"
+  description = "Whether custom networking is enabled, defaults to false. Adds default configuration values to vpc-cni addon if true"
   default     = false
 }
 

diff --git a/versions.tf b/versions.tf
@@ -22,10 +22,6 @@ terraform {
       source  = "hashicorp/aws"
       version = ">=5.0.0"
     }
-    helm = {
-      source  = "hashicorp/helm"
-      version = ">=2.0.0"
-    }
     kubernetes = {
       source  = "hashicorp/kubernetes"
       version = ">=2.0.0"