From a458c1df41d42a2112e9ce0086ca0f77ddd5f426 Mon Sep 17 00:00:00 2001
From: maxim <nikromax@gmail.com>
Date: Tue, 26 Apr 2022 11:34:37 +0600
Subject: [PATCH] enh: update k8s cluster to the latest version

---
 terraform/layer1-aws/README.md    | 4 ++--
 terraform/layer1-aws/variables.tf | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/terraform/layer1-aws/README.md b/terraform/layer1-aws/README.md
index 8724b131..6590cda2 100644
--- a/terraform/layer1-aws/README.md
+++ b/terraform/layer1-aws/README.md
@@ -52,14 +52,14 @@
 | <a name="input_create_acm_certificate"></a> [create\_acm\_certificate](#input\_create\_acm\_certificate) | Whether to create acm certificate or use existing | `bool` | `false` | no |
 | <a name="input_create_r53_zone"></a> [create\_r53\_zone](#input\_create\_r53\_zone) | Create R53 zone for main public domain | `bool` | `false` | no |
 | <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | Main public domain name | `any` | n/a | yes |
-| <a name="input_eks_addons"></a> [eks\_addons](#input\_eks\_addons) | A list of installed EKS add-ons | `map` | <pre>{<br>  "coredns": {<br>    "addon_version": "v1.8.4-eksbuild.1",<br>    "resolve_conflicts": "OVERWRITE"<br>  },<br>  "kube-proxy": {<br>    "addon_version": "v1.21.2-eksbuild.2",<br>    "resolve_conflicts": "OVERWRITE"<br>  },<br>  "vpc-cni": {<br>    "addon_version": "v1.10.2-eksbuild.1",<br>    "resolve_conflicts": "OVERWRITE"<br>  }<br>}</pre> | no |
+| <a name="input_eks_addons"></a> [eks\_addons](#input\_eks\_addons) | A list of installed EKS add-ons | `map` | <pre>{<br>  "coredns": {<br>    "addon_version": "v1.8.7-eksbuild.1",<br>    "resolve_conflicts": "OVERWRITE"<br>  },<br>  "kube-proxy": {<br>    "addon_version": "v1.22.6-eksbuild.1",<br>    "resolve_conflicts": "OVERWRITE"<br>  },<br>  "vpc-cni": {<br>    "addon_version": "v1.11.0-eksbuild.1",<br>    "resolve_conflicts": "OVERWRITE"<br>  }<br>}</pre> | no |
 | <a name="input_eks_cloudwatch_log_group_retention_in_days"></a> [eks\_cloudwatch\_log\_group\_retention\_in\_days](#input\_eks\_cloudwatch\_log\_group\_retention\_in\_days) | Number of days to retain log events. Default retention - 90 days. | `number` | `90` | no |
 | <a name="input_eks_cluster_enabled_log_types"></a> [eks\_cluster\_enabled\_log\_types](#input\_eks\_cluster\_enabled\_log\_types) | A list of the desired control plane logging to enable. For more information, see Amazon EKS Control Plane Logging documentation (https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html). Possible values: api, audit, authenticator, controllerManager, scheduler | `list(string)` | <pre>[<br>  "audit"<br>]</pre> | no |
 | <a name="input_eks_cluster_encryption_config_enable"></a> [eks\_cluster\_encryption\_config\_enable](#input\_eks\_cluster\_encryption\_config\_enable) | Enable or not encryption for k8s secrets with aws-kms | `bool` | `false` | no |
 | <a name="input_eks_cluster_endpoint_only_pritunl"></a> [eks\_cluster\_endpoint\_only\_pritunl](#input\_eks\_cluster\_endpoint\_only\_pritunl) | Only Pritunl VPN server will have access to eks endpoint. | `bool` | `false` | no |
 | <a name="input_eks_cluster_endpoint_private_access"></a> [eks\_cluster\_endpoint\_private\_access](#input\_eks\_cluster\_endpoint\_private\_access) | Enable or not private access to cluster endpoint | `bool` | `false` | no |
 | <a name="input_eks_cluster_endpoint_public_access"></a> [eks\_cluster\_endpoint\_public\_access](#input\_eks\_cluster\_endpoint\_public\_access) | Enable or not public access to cluster endpoint | `bool` | `true` | no |
-| <a name="input_eks_cluster_version"></a> [eks\_cluster\_version](#input\_eks\_cluster\_version) | Version of the EKS K8S cluster | `string` | `"1.21"` | no |
+| <a name="input_eks_cluster_version"></a> [eks\_cluster\_version](#input\_eks\_cluster\_version) | Version of the EKS K8S cluster | `string` | `"1.22"` | no |
 | <a name="input_eks_map_roles"></a> [eks\_map\_roles](#input\_eks\_map\_roles) | Additional IAM roles to add to the aws-auth configmap. | <pre>list(object({<br>    rolearn  = string<br>    username = string<br>    groups   = list(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_eks_workers_additional_policies"></a> [eks\_workers\_additional\_policies](#input\_eks\_workers\_additional\_policies) | Additional IAM policy attached to EKS worker nodes | `list(any)` | <pre>[<br>  "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"<br>]</pre> | no |
 | <a name="input_eks_write_kubeconfig"></a> [eks\_write\_kubeconfig](#input\_eks\_write\_kubeconfig) | Flag for eks module to write kubeconfig | `bool` | `false` | no |
diff --git a/terraform/layer1-aws/variables.tf b/terraform/layer1-aws/variables.tf
index 4458ca71..71ddf90d 100644
--- a/terraform/layer1-aws/variables.tf
+++ b/terraform/layer1-aws/variables.tf
@@ -92,7 +92,7 @@ variable "single_nat_gateway" {
 
 # EKS
 variable "eks_cluster_version" {
-  default     = "1.21"
+  default     = "1.22"
   description = "Version of the EKS K8S cluster"
 }
 
@@ -100,15 +100,15 @@ variable "eks_addons" {
   default = {
     coredns = {
       resolve_conflicts = "OVERWRITE"
-      addon_version     = "v1.8.4-eksbuild.1"
+      addon_version     = "v1.8.7-eksbuild.1"
     }
     kube-proxy = {
       resolve_conflicts = "OVERWRITE"
-      addon_version     = "v1.21.2-eksbuild.2"
+      addon_version     = "v1.22.6-eksbuild.1"
     }
     vpc-cni = {
       resolve_conflicts = "OVERWRITE"
-      addon_version     = "v1.10.2-eksbuild.1"
+      addon_version     = "v1.11.0-eksbuild.1"
     }
   }
   description = "A list of installed EKS add-ons"