Skip to content

Commit

Permalink
EKS: replace autoscaling group with dedicated node group resource
Browse files Browse the repository at this point in the history
  • Loading branch information
@pst
pst committed May 23, 2020
1 parent b208a14 commit 7885080
Show file tree
Hide file tree
Showing 6 changed files with 29 additions and 189 deletions.
30 changes: 10 additions & 20 deletions aws/_modules/eks/node_pool.tf
View file
Original file line number Diff line number Diff line change
@@ -1,30 +1,20 @@
module "node_pool" {
source = "./node_pool"

metadata_name = var.metadata_name
metadata_labels = var.metadata_labels

pool_name = "default"

metadata_labels = var.metadata_labels
eks_metadata_tags = local.eks_metadata_tags

cluster_name = aws_eks_cluster.current.name
cluster_endpoint = aws_eks_cluster.current.endpoint
cluster_version = aws_eks_cluster.current.version
cluster_ca = aws_eks_cluster.current.certificate_authority[0].data

iam_instance_profile_name = aws_iam_instance_profile.nodes.name
role_arn = aws_iam_role.node.arn
cluster_name = aws_eks_cluster.current.name
node_group_name = "default"

security_groups = [aws_security_group.nodes.id]
role_arn = aws_iam_role.node.arn

instance_type = var.instance_type
desired_capacity = var.desired_capacity
max_size = var.max_size
min_size = var.min_size
subnet_ids = aws_subnet.current.*.id

root_device_volume_size = var.root_device_volume_size
root_device_encrypted = var.root_device_encrypted
instance_type = var.instance_type
desired_size = var.desired_capacity
max_size = var.max_size
min_size = var.min_size

vpc_zone_identifiers = aws_subnet.current.*.id
disk_size = var.root_device_volume_size
}
67 changes: 4 additions & 63 deletions aws/_modules/eks/node_pool/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,76 +1,17 @@
data "aws_ami" "eks_node" {
filter {
name = "name"
values = ["amazon-eks-node-${var.cluster_version}-v*"]
}

most_recent = true
owners = ["602401143452"] # Amazon EKS AMI Account ID
}

locals {
node_userdata = <<USERDATA
#!/bin/bash
set -o xtrace
/etc/eks/bootstrap.sh --apiserver-endpoint '${var.cluster_endpoint}' --b64-cluster-ca '${var.cluster_ca}' '${var.cluster_name}'
USERDATA

}

resource "aws_launch_configuration" "nodes" {
associate_public_ip_address = true
iam_instance_profile = var.iam_instance_profile_name
image_id = data.aws_ami.eks_node.id
instance_type = var.instance_type
name_prefix = var.metadata_name
security_groups = var.security_groups
user_data_base64 = base64encode(local.node_userdata)

root_block_device {
volume_size = var.root_device_volume_size
encrypted = var.root_device_encrypted
}

lifecycle {
create_before_destroy = true
}
}

resource "aws_autoscaling_group" "nodes" {
desired_capacity = var.desired_capacity
launch_configuration = aws_launch_configuration.nodes.id
max_size = var.max_size
min_size = var.min_size
name = var.metadata_name
vpc_zone_identifier = var.vpc_zone_identifiers

tag {
key = "Name"
value = var.metadata_name
propagate_at_launch = true
}

tag {
key = "kubernetes.io/cluster/${var.metadata_name}"
value = "owned"
propagate_at_launch = true
}
}

resource "aws_eks_node_group" "nodes" {
cluster_name = var.cluster_name
node_group_name = var.pool_name
node_group_name = var.node_group_name
node_role_arn = var.role_arn
subnet_ids = var.vpc_zone_identifiers
subnet_ids = var.subnet_ids

scaling_config {
desired_size = var.desired_capacity
desired_size = var.desired_size
max_size = var.max_size
min_size = var.min_size
}

instance_types = [var.instance_type]
disk_size = var.root_device_volume_size
disk_size = var.disk_size

tags = var.eks_metadata_tags
labels = var.metadata_labels
Expand Down
44 changes: 4 additions & 40 deletions aws/_modules/eks/node_pool/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,3 @@
variable "metadata_name" {
type = string
description = "Metadata name to use."
}

variable "metadata_labels" {
type = map(string)
description = "Metadata labels to use."
Expand All @@ -13,27 +8,12 @@ variable "eks_metadata_tags" {
description = "EKS metadata tags to use."
}

variable "cluster_version" {
type = string
description = "Kubernetes version of the EKS cluster."
}

variable "cluster_endpoint" {
type = string
description = "Kubernetes API endpoint of the EKS cluster."
}

variable "cluster_ca" {
type = string
description = "Certificate authority of the EKS cluster."
}

variable "cluster_name" {
type = string
description = "Cluster name of the EKS cluster."
}

variable "pool_name" {
variable "node_group_name" {
type = string
description = "Name for this node pool."
}
Expand All @@ -43,22 +23,12 @@ variable "role_arn" {
description = "ARN of the IAM role for worker nodes."
}

variable "iam_instance_profile_name" {
type = string
description = "IAM instance profile to use for nodes."
}

variable "instance_type" {
type = string
description = "AWS instance type to use for nodes."
}

variable "security_groups" {
type = list(string)
description = "List of security group IDs to use for nodes."
}

variable "desired_capacity" {
variable "desired_size" {
type = string
description = "Desired number of worker nodes."
}
Expand All @@ -73,19 +43,13 @@ variable "min_size" {
description = "Minimum number of worker nodes."
}

variable "root_device_encrypted" {
type = bool
default = true
description = "Will encrypted the root device."
}

variable "root_device_volume_size" {
variable "disk_size" {
type = string
default = "20"
description = "Will set the volume size of the root device"
}

variable "vpc_zone_identifiers" {
variable "subnet_ids" {
type = list(string)
description = "List of VPC subnet IDs to use for nodes."
}
11 changes: 0 additions & 11 deletions aws/_modules/eks/sg_masters.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,3 @@ resource "aws_security_group_rule" "masters_ingress_apiserver_public" {
to_port = 443
type = "ingress"
}

resource "aws_security_group_rule" "masters_ingress_apiserver_nodes" {
description = "Allow pods to communicate with the cluster API Server"
from_port = 443
protocol = "tcp"
security_group_id = aws_security_group.masters.id
source_security_group_id = aws_security_group.nodes.id
to_port = 443
type = "ingress"
}

44 changes: 0 additions & 44 deletions aws/_modules/eks/sg_workers.tf
View file

This file was deleted.

22 changes: 11 additions & 11 deletions tests/clusters.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,14 @@ module "eks_zero" {
configuration = var.clusters["eks_zero"]
}

#module "gke_zero" {
# source = "../google/cluster"
#
# configuration = var.clusters["gke_zero"]
#}
#
#module "aks_zero" {
# source = "../azurerm/cluster"
#
# configuration = var.clusters["aks_zero"]
#}
module "gke_zero" {
source = "../google/cluster"

configuration = var.clusters["gke_zero"]
}

module "aks_zero" {
source = "../azurerm/cluster"

configuration = var.clusters["aks_zero"]
}

0 comments on commit 7885080

Please sign in to comment.