update karpenter.tf

Author: sohanyadav

karpenter.tf

@@ -72,34 +72,28 @@ resource "helm_release" "karpenter_crd" {
   version    = var.karpenter_version
 }
 
-
-resource "null_resource" "karpenter_ec2_node_class_apply" {
+resource "kubectl_manifest" "karpenter_ec2_node_class" {
   count = var.karpenter_enabled ? 1 : 0
 
-  provisioner "local-exec" {
-    command = <<EOT
-cat <<EOF | kubectl apply -f -
+  yaml_body = <<EOT
 apiVersion: karpenter.k8s.aws/v1
 kind: EC2NodeClass
 metadata:
   name: default
 spec:
   metadataOptions:
-    httpEndpoint: enabled
-    httpProtocolIPv6: disabled
-    httpPutResponseHopLimit: 1
-    httpTokens: optional
+    httpEndpoint: ${var.karpenter_metadata_options.httpEndpoint}
+    httpProtocolIPv6: ${var.karpenter_metadata_options.httpProtocolIPv6}
+    httpPutResponseHopLimit: ${var.karpenter_metadata_options.httpPutResponseHopLimit}
+    httpTokens: ${var.karpenter_metadata_options.httpTokens}
   blockDeviceMappings:
-    - deviceName: /dev/xvda
-      ebs:
-        volumeSize: 20Gi
-        volumeType: gp3
-        encrypted: true
-    - deviceName: /dev/xvdb
+  %{ for mapping in var.karpenter_block_device_mappings }
+    - deviceName: ${mapping.deviceName}
       ebs:
-        volumeSize: 50Gi
-        volumeType: gp3
-        encrypted: true
+        volumeSize: ${mapping.ebs.volumeSize}
+        volumeType: ${mapping.ebs.volumeType}
+        encrypted: ${mapping.ebs.encrypted}
+  %{ endfor }
   amiFamily: ${var.karpenter_ami_family}
   role: ${aws_iam_role.node.name}
   securityGroupSelectorTerms:
@@ -108,14 +102,14 @@ spec:
   - id: ${aws_subnet.public[0].id}
   - id: ${aws_subnet.public[1].id}
   amiSelectorTerms:
-    - alias: bottlerocket@latest
-EOF
+  %{ for term in var.karpenter_ami_selector_terms }
+    - alias: ${term.alias}
+  %{ endfor }
 EOT
-  }
 
   depends_on = [
     aws_eks_cluster.cluster,
     helm_release.karpenter_crd,
     helm_release.karpenter
   ]
-}
+}

variables.tf

@@ -461,3 +461,41 @@ variable "s3_csi_bucket_names" {
   default     = [""]
 }
 
+variable "karpenter_metadata_options" {
+  description = "Metadata options for the EC2NodeClass"
+  default = {
+    httpEndpoint         = "enabled"
+    httpProtocolIPv6     = "disabled"
+    httpPutResponseHopLimit = 1
+    httpTokens           = "optional"
+  }
+}
+
+variable "karpenter_block_device_mappings" {
+  description = "Block device mappings for the EC2NodeClass"
+  default = [
+    {
+      deviceName = "/dev/xvda"
+      ebs = {
+        volumeSize = "20Gi"
+        volumeType = "gp3"
+        encrypted  = true
+      }
+    },
+    {
+      deviceName = "/dev/xvdb"
+      ebs = {
+        volumeSize = "50Gi"
+        volumeType = "gp3"
+        encrypted  = true
+      }
+    }
+  ]
+}
+
+variable "karpenter_ami_selector_terms" {
+  description = "AMI selector terms for the EC2NodeClass"
+  default = [
+    { alias = "bottlerocket@latest" }
+  ]
+}