Allow alternative user_data format in node_groups

[scalen]

Is your request related to a new offering from AWS?

Yes (ish) - It relates to supporting the Bottlerocket AMI using node_groups.

Is your request related to a problem? Please describe.

The node_groups module is more opinionated about the user_data for a node group than the worker_groups configuration was, forcing either:

• Use of sh-based cloud-init user data.
• Specification of the complete Launch Template outside of the module

Bottlerocket (a hardened AMI designed for use as a worker node in EKS) uses raw TOML for its user data, not embedded in cloud-init or a shell.

As such, it is very easy to create an older worker_group based on Bottlerocket, but very labour intensive and brittle to create a newer node_group, even when wishing to reuse all of the other Launch Template features provided in this module.

Describe the solution you'd like.

I would like to see the userdata_template_file and userdata_template_extra_args (or similar) module variables replicated from the parent module to the node_groups module. This could easily be made to work with the cloudinit_config resource, which already does templating. To be completely accurate, it should also be possible to set the MIME type of the resulting config file with something along the lines of userdata_mime_type, or to leave it unset when needing raw user data.

I would probably modify the shape of the above recommended variables to be the following, but this is just because I like nested configuration:

variable "user_data" {
  type    = map
  default = {
    template_file       = "${path.module}/templates/userdata.sh.tpl"
    template_extra_args = {}
    mime_type           = "text/x-shellscript"
  }
}

Describe alternatives you've considered.

The only alternative to the above, whilst still using node_groups, appears to be to set create_launch_template to false, duplicate all of the behaviour outside of the module, then pass in the launch_template_id.

However, this is brittle (liable to falling behind the launch configuration in this module) and hard to achieve (as many of the variables set in this module's launch templates are derived from values derived from the inner workings of the module). As such, I do not see it as a truly viable alternative.

The other alternative is to use the older worker_groups variable. However, this suffers from other issues that are solved by node_groups, taking for example the issue of worker group identification in Terraform state as an item in a list: if removing a worker group from the middle of the list, Terraform will instead see the last group in the list removed, and every group from the logically removed group onward as, instead, modified, resulting in their tear down and recreation. node_groups solves this, but cannot currently be used due to the problem that is the subject of this Issue.

[ismailbaskin]

AWS provider ( v3.64.0) supports BOTTLEROCKET_x86_64 but hardcoded userdata.sh.tpl does not allow to use it. hashicorp/terraform-provider-aws#21548

[scalen]

AWS provider ( v3.64.0) supports BOTTLEROCKET_x86_64 but hardcoded userdata.sh.tpl does not allow to use it. hashicorp/terraform-provider-aws#21548

Exactly. That is what the linked PR is designed to fix 🙂

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

[scalen]

/active

[antonbabenko]

This issue has been resolved in version 18.0.0 🎉

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.