refactor: do not use templates/alb-ingress-controller-values.yaml and set necessary values in the eks-aws-loadbalancer-controller.tf (#188)

mglotov · web-flow · commit 0403bacac785 · 2021-11-17T13:50:15.000+06:00
diff --git a/terraform/layer2-k8s/eks-aws-loadbalancer-controller.tf b/terraform/layer2-k8s/eks-aws-loadbalancer-controller.tf
@@ -4,16 +4,29 @@ locals {
     enabled       = local.helm_releases[index(local.helm_releases.*.id, "aws-load-balancer-controller")].enabled
     chart         = local.helm_releases[index(local.helm_releases.*.id, "aws-load-balancer-controller")].chart
     repository    = local.helm_releases[index(local.helm_releases.*.id, "aws-load-balancer-controller")].repository
-    chart_version = local.helm_releases[index(local.helm_releases.*.id, "aws-load-balancer-controller")].version
+    chart_version = local.helm_releases[index(local.helm_releases.*.id, "aws-load-balancer-controller")].chart_version
     namespace     = local.helm_releases[index(local.helm_releases.*.id, "aws-load-balancer-controller")].namespace
   }
-  alb_ingress_controller = templatefile("${path.module}/templates/alb-ingress-controller-values.yaml",
-    {
-      role_arn     = local.aws_load_balancer_controller.enabled ? module.aws_iam_aws_loadbalancer_controller[0].role_arn : "",
-      region       = local.region,
-      cluster_name = local.eks_cluster_id,
-      vpc_id       = local.vpc_id
-  })
+  aws_load_balancer_controller_values = <<VALUES
+clusterName: ${local.eks_cluster_id}
+region: ${local.region}
+vpcId: ${local.eks_cluster_id}
+
+serviceAccount:
+  create: true
+  annotations:
+     "eks.amazonaws.com/role-arn": ${local.aws_load_balancer_controller.enabled ? module.aws_iam_aws_loadbalancer_controller[0].role_arn : ""}
+
+affinity:
+  nodeAffinity:
+    requiredDuringSchedulingIgnoredDuringExecution:
+      nodeSelectorTerms:
+      - matchExpressions:
+        - key: eks.amazonaws.com/capacityType
+          operator: In
+          values:
+            - ON_DEMAND
+VALUES
 }
 
 #tfsec:ignore:kubernetes-network-no-public-egress tfsec:ignore:kubernetes-network-no-public-ingress
@@ -318,7 +331,7 @@ resource "helm_release" "aws_loadbalancer_controller" {
   max_history = var.helm_release_history_size
 
   values = [
-    local.alb_ingress_controller
+    local.aws_load_balancer_controller_values
   ]
 
 }
diff --git a/terraform/layer2-k8s/helm-releases.yaml b/terraform/layer2-k8s/helm-releases.yaml
@@ -3,7 +3,7 @@ releases:
     enabled: false
     chart: aws-load-balancer-controller
     repository: https://aws.github.io/eks-charts
-    version: 1.2.6
+    chart_version: 1.2.6
     namespace: aws-load-balancer-controller
   - id: aws-node-termination-handler
     enabled: true
diff --git a/terraform/layer2-k8s/templates/alb-ingress-controller-values.yaml b/terraform/layer2-k8s/templates/alb-ingress-controller-values.yaml
