feat: Add support for ami AL2023

Author: bmagic

node_group_advanced.tf

@@ -69,7 +69,7 @@ resource "aws_iam_instance_profile" "quortex" {
 data "aws_ami" "eks_worker_image" {
   filter {
     name   = "name"
-    values = ["amazon-eks-node-al2023-x86_64-standard-${local.kubernetes_worker_nodes_version}-v*"]
+    values = var.ami_al2023 ? ["amazon-eks-node-al2023-x86_64-standard-${local.kubernetes_worker_nodes_version}-v*"] : ["amazon-eks-node-${local.kubernetes_worker_nodes_version}-v*"]
   }
   most_recent = true
   owners      = ["self", "amazon"]
@@ -91,12 +91,41 @@ resource "aws_launch_template" "quortex_launch_tpl" {
 
   update_default_version = true
 
-  user_data = base64encode(
+  user_data = var.ami_al2023 ? base64encode(
     templatefile(
-      "${path.module}/userdata.sh.tpl",
+      "${path.module}/templates/al2023_user_data.tpl",
+      {
+        cluster_name            = aws_eks_cluster.quortex.name
+        cluster_endpoint        = aws_eks_cluster.quortex.endpoint
+        cluster_auth_base64     = aws_eks_cluster.quortex.certificate_authority[0].data
+        cluster_service_cidr    = aws_eks_cluster.quortex.kubernetes_network_config[0].service_ipv4_cidr
+        discard_unpacked_layers = var.discard_unpacked_layers
+        # define the k8s node taints (passed to --kubelet-extra-args)
+        node_taints = length(each.value.taints) == 0 ? "" : join(",", [for k, v in lookup(each.value, "taints", {}) : "${k}=${v}"])
+        # define the k8s node labels (passed to --kubelet-extra-args)
+        node_labels = join(
+          ",",
+          [
+            for k, v in
+            merge(
+              # Built-in labels
+              {
+                "eks.amazonaws.com/nodegroup-image" = local.ami_id_worker,
+                "eks.amazonaws.com/nodegroup"       = each.key,
+                "nodegroup"                         = each.key
+              },
+              # User-specified labels
+              lookup(each.value, "labels", {}),
+            )
+          : "${k}=${v}"]
+        )
+      }
+    )) : base64encode(
+    templatefile(
+      "${path.module}/templates/al2_user_data.tpl",
       {
         warm_pool = lookup(each.value, "warm_pool_enabled", false)
-        script = templatefile("${path.module}/cluster_connect.sh.tpl",
+        script = templatefile("${path.module}/templates/cluster_connect.sh.tpl",
           {
             cluster_name       = aws_eks_cluster.quortex.name
             base64_cluster_ca  = aws_eks_cluster.quortex.certificate_authority[0].data

templates/al2023_user_data.tpl

@@ -0,0 +1,19 @@
+---
+apiVersion: node.eks.aws/v1alpha1
+kind: NodeConfig
+spec:
+  cluster:
+    name: ${cluster_name}
+    apiServerEndpoint: ${cluster_endpoint}
+    certificateAuthority: ${cluster_auth_base64}
+    cidr: ${cluster_service_cidr}
+  kubelet:
+    flags:
+      - --node-labels=${node_labels}
+      - --register-with-taints=${node_taints}
+%{ if discard_unpacked_layers == false }
+  containerd:
+    config: |
+      [plugins."io.containerd.grpc.v1.cri".containerd]
+      discard_unpacked_layers = false
+%{ endif }

userdata.sh.tpl templates/al2_user_data.tpluserdata.sh.tpl renamed to templates/al2_user_data.tpl

@@ -216,6 +216,12 @@ variable "discard_unpacked_layers" {
   description = "Set to false to keep unpacked layers on the node after the image is pulled. By default, EKS will clean up the unpacked layers to save disk space."
 }
 
+variable "ami_al2023" {
+  description = "Whether to use Amazon Linux 2023 AMI for worker nodes (only applies to advanced_node_groups)."
+  type        = bool
+  default     = false
+}
+
 variable "node_use_max_pods_allowed" {
   type        = bool
   default     = false