enhancement: Bumped upstream version of eks module and changed variables to support better handling of node group changes, also added missing provider requirements. (#52)

* enhancement: Bumped upstream version of eks module and changed variables to support better handling of node group changes, also added missing provider requirements.

BREAKING CHANGE: The change to the EKS module had its own breaking change that will require a bit of state management, you can read about it here: https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/docs/upgrades.md#upgrade-module-to-v1700-for-managed-node-groups . Also, this change may require some state management since it changes the name of the node group. You should be able to upgrade gracefully by importing the previous group into the state and removing the old one. Feel free to ask in the community channel at slack.getzero.dev if you have any questions.

* fix: Bump validation workflow to tf 1.0

Author: bmonkman

.chglog/config.yml

@@ -16,12 +16,6 @@ options:
         - test
         - ci
         - breaking
-  commit_groups:
-    # title_maps:
-    #   feat: Features
-    #   fix: Bug Fixes
-    #   perf: Performance Improvements
-    #   refactor: Code Refactoring
   commit_groups:
     group_by: Type
     sort_by: Type

.github/workflows/terraform.yml

@@ -14,7 +14,7 @@ jobs:
     - uses: actions/checkout@v2
     - uses: hashicorp/setup-terraform@v1
       with:
-        terraform_version: 0.14.8 # Required as of Apr 15 2021 because of breaking changes in tf 0.15
+        terraform_version: 1.0.1 # Required as of Apr 15 2021 because of breaking changes in tf 0.15
 
     - name: Terraform fmt
       id: fmt

modules/certificate/README.md

@@ -12,12 +12,13 @@ This module requires an aws provider in the **us-east-1** region to be passed in
 | Name | Version |
 |------|---------|
 | terraform | >= 0.13 |
+| aws | >= 3.37.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| aws | n/a |
+| aws | >= 3.37.0 |
 
 ## Inputs
 

modules/certificate/versions.tf

@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.13"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 3.37.0"
+    }
+  }
 }

modules/eks/README.md

@@ -10,30 +10,27 @@ Create a Kubernetes cluster using EKS.
 | Name | Version |
 |------|---------|
 | terraform | >= 0.13 |
+| aws | >= 3.37.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| aws | n/a |
+| aws | >= 3.37.0 |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | cluster\_name | Name to be given to the EKS cluster | `any` | n/a | yes |
 | cluster\_version | EKS cluster version number to use. Incrementing this will start a cluster upgrade | `any` | n/a | yes |
+| eks\_node\_groups | Map of maps of EKS node group config where keys are node group names | <pre>map(object({<br>    instance_types     = list(string)<br>    asg_min_size       = string<br>    asg_max_size       = string<br>    use_spot_instances = bool<br>    ami_type           = string<br>  }))</pre> | n/a | yes |
 | environment | The environment (stage/prod) | `any` | n/a | yes |
 | iam\_account\_id | Account ID of the current IAM user | `any` | n/a | yes |
 | iam\_role\_mapping | List of mappings of AWS Roles to Kubernetes Groups | <pre>list(object({<br>    iam_role_arn  = string<br>    k8s_role_name = string<br>    k8s_groups    = list(string)<br>  }))</pre> | n/a | yes |
 | private\_subnets | VPC subnets for the EKS cluster | `list(string)` | n/a | yes |
 | project | Name of the project | `any` | n/a | yes |
-| use\_spot\_instances | Enable use of spot instances instead of on-demand. This can provide significant cost savings and should be stable due to the use of the termination handler, but means that individuial nodes could be restarted at any time. May not be suitable for clusters with long-running workloads | `bool` | `false` | no |
 | vpc\_id | VPC ID for EKS cluster | `any` | n/a | yes |
-| worker\_ami\_type | AMI type for the EKS worker instances. The default will be the normal image. Other possibilities are AL2\_x86\_64\_GPU for gpu instances or AL2\_ARM\_64 for ARM instances | `string` | `"AL2_x86_64"` | no |
-| worker\_asg\_max\_size | Maximum number of instances for the EKS ASG | `any` | n/a | yes |
-| worker\_asg\_min\_size | Minimum number of instances for the EKS ASG | `any` | n/a | yes |
-| worker\_instance\_types | Instance types to use for the EKS workers. When use\_spot\_instances is true you may provide multiple instance types and it will diversify across the cheapest pools | `list(string)` | `[]` | no |
 
 ## Outputs
 

modules/eks/main.tf

@@ -7,32 +7,21 @@ data "aws_eks_cluster_auth" "cluster" {
   name = module.eks.cluster_id
 }
 
-module "eks" {
-  source  = "terraform-aws-modules/eks/aws"
-  version = "16.1.0"
-
-  cluster_name    = var.cluster_name
-  cluster_version = var.cluster_version
-  subnets         = var.private_subnets
-  vpc_id          = var.vpc_id
-  enable_irsa     = true
-
-
-  node_groups_defaults = {
-    ami_type  = var.worker_ami_type
-    disk_size = 100
-  }
+locals {
+  # Map this module config to the upstream module config
+  eks_node_group_config = { for n, config in var.eks_node_groups :
+    n => {
+      name = "${var.cluster_name}-${n}"
 
-  node_groups = {
-    cluster = {
-      name = "${var.cluster_name}-eks"
+      desired_capacity = config.asg_min_size
+      max_capacity     = config.asg_max_size
+      min_capacity     = config.asg_min_size
 
-      desired_capacity = var.worker_asg_min_size
-      max_capacity     = var.worker_asg_max_size
-      min_capacity     = var.worker_asg_min_size
+      ami_type       = config.ami_type
+      instance_types = config.instance_types
+      capacity_type  = config.use_spot_instances ? "SPOT" : "ON_DEMAND"
+      disk_size      = 100
 
-      instance_types = var.worker_instance_types
-      capacity_type  = var.use_spot_instances ? "SPOT" : "ON_DEMAND"
       k8s_labels = {
         Environment = var.environment
       }
@@ -41,6 +30,19 @@ module "eks" {
       }
     }
   }
+}
+
+module "eks" {
+  source  = "terraform-aws-modules/eks/aws"
+  version = "17.1.0"
+
+  cluster_name    = var.cluster_name
+  cluster_version = var.cluster_version
+  subnets         = var.private_subnets
+  vpc_id          = var.vpc_id
+  enable_irsa     = true
+
+  node_groups = local.eks_node_group_config
 
   map_roles = concat(
     [{

modules/eks/variables.tf

@@ -23,29 +23,15 @@ variable "vpc_id" {
   description = "VPC ID for EKS cluster"
 }
 
-variable "worker_instance_types" {
-  description = "Instance types to use for the EKS workers. When use_spot_instances is true you may provide multiple instance types and it will diversify across the cheapest pools"
-  type        = list(string)
-  default     = []
-}
-
-variable "worker_ami_type" {
-  description = "AMI type for the EKS worker instances. The default will be the normal image. Other possibilities are AL2_x86_64_GPU for gpu instances or AL2_ARM_64 for ARM instances"
-  type        = string
-  default     = "AL2_x86_64"
-}
-variable "use_spot_instances" {
-  description = "Enable use of spot instances instead of on-demand. This can provide significant cost savings and should be stable due to the use of the termination handler, but means that individuial nodes could be restarted at any time. May not be suitable for clusters with long-running workloads"
-  type        = bool
-  default     = false
-}
-
-variable "worker_asg_min_size" {
-  description = "Minimum number of instances for the EKS ASG"
-}
-
-variable "worker_asg_max_size" {
-  description = "Maximum number of instances for the EKS ASG"
+variable "eks_node_groups" {
+  type = map(object({
+    instance_types     = list(string)
+    asg_min_size       = string
+    asg_max_size       = string
+    use_spot_instances = bool
+    ami_type           = string
+  }))
+  description = "Map of maps of EKS node group config where keys are node group names"
 }
 
 variable "iam_account_id" {

modules/eks/versions.tf

@@ -1,4 +1,11 @@
 
 terraform {
   required_version = ">= 0.13"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 3.37.0"
+    }
+  }
 }