You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- new variable `worker_sg_ingress_from_port` allows to change the minimum port number from which pods will accept communication
12
+
- new variable `worker_sg_ingress_from_port` allows to change the minimum port number from which pods will accept communication (Thanks, @ilyasotkov 👏).
13
+
- expanded on worker example to show how multiple worker autoscaling groups can be created.
14
+
- IPv4 is used explicitly to resolve testing from IPv6 networks (thanks, @tsub 🙏).
15
+
- Configurable public IP attachment and ssh keys for worker groups. Defaults defined in `worker_group_defaults`. Nice, @hatemosphere 🌂
16
+
-`worker_iam_role_name` now an output. Sweet, @artursmet 🕶️
17
+
18
+
### Changed
19
+
20
+
- IAM test role repaired by @lcharkiewicz 💅
21
+
-`kube-proxy` restart no longer needed in userdata. Good catch, @hatemosphere 🔥
22
+
- worker ASG reattachment wasn't possible when using `name`. Moved to `name_prefix` to allow recreation of resources. Kudos again, @hatemosphere 🐧
Copy file name to clipboardExpand all lines: README.md
+20-19Lines changed: 20 additions & 19 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,6 +15,7 @@ Read the [AWS docs on EKS to get connected to the k8s dashboard](https://docs.aw
15
15
- You want to create an EKS cluster and an autoscaling group of workers for the cluster.
16
16
- You want these resources to exist within security groups that allow communication and coordination. These can be user provided or created within the module.
17
17
- You've created a Virtual Private Cloud (VPC) and subnets where you intend to put the EKS resources.
18
+
- If using the default variable value (`true`) for `configure_kubectl_session`, it's required that both [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl) (>=1.10) and [`heptio-authenticator-aws`](https://github.com/heptio/authenticator#4-set-up-kubectl-to-use-heptio-authenticator-for-aws-tokens) are installed and on your shell's PATH.
18
19
19
20
## Usage example
20
21
@@ -31,11 +32,11 @@ module "eks" {
31
32
}
32
33
```
33
34
34
-
## Dependencies
35
+
## Release schedule
35
36
36
-
The `configure_kubectl_session` variable requires that both [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl)
37
-
(>=1.10) and [`heptio-authenticator-aws`](https://github.com/heptio/authenticator#4-set-up-kubectl-to-use-heptio-authenticator-for-aws-tokens)
38
-
are installed and on your shell's PATH.
37
+
Generally the maintainers will try to release the module once every 2 weeks to
38
+
keep up with PR additions. If particularly pressing changes are added or maintainers
39
+
come up with the spare time (hah!), release may happen more often on occasion.
39
40
40
41
## Testing
41
42
@@ -92,20 +93,20 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
92
93
93
94
## Inputs
94
95
95
-
| Name | Description | Type | Default | Required |
| cluster_name | Name of the EKS cluster. Also used as a prefix in names of related resources. | string | - | yes |
98
-
| cluster_security_group_id | If provided, the EKS cluster will be attached to this security group. If not given, a security group will be created with necessary ingres/egress to work with the workers and provide API access to your current IP/32. | string | `` | no |
99
-
| cluster_version | Kubernetes version to use for the EKS cluster. | string | `1.10` | no |
100
-
| config_output_path | Determines where config files are placed if using configure_kubectl_session and you want config files to land outside the current working directory. | string | `./` | no |
101
-
| configure_kubectl_session | Configure the current session's kubectl to use the instantiated EKS cluster. | string |`true`| no |
102
-
| subnets | A list of subnets to place the EKS cluster and workers within. | list | - | yes |
103
-
| tags | A map of tags to add to all resources. | string |`<map>`| no |
104
-
| vpc_id | VPC where the cluster and workers will be deployed. | string | - | yes |
105
-
| worker_groups | A list of maps defining worker group configurations. See workers_group_defaults for valid keys. | list |`<list>`| no |
106
-
| worker_security_group_id | If provided, all workers will be attached to this security group. If not given, a security group will be created with necessary ingres/egress to work with the EKS cluster. | string |``| no |
107
-
| worker_sg_ingress_from_port | Minimum port number from which pods will accept communication. Must be changed to a lower value if some pods in your cluster will expose a port lower than 1025 (e.g. 22, 80, or 443). |string |`1025`| no |
108
-
| workers_group_defaults | Default values for target groups as defined by the list of maps. | map |`<map>`| no |
96
+
| Name | Description | Type | Default | Required |
| cluster_name | Name of the EKS cluster. Also used as a prefix in names of related resources. | string | - | yes |
99
+
| cluster_security_group_id | If provided, the EKS cluster will be attached to this security group. If not given, a security group will be created with necessary ingres/egress to work with the workers and provide API access to your current IP/32. | string | `` | no |
100
+
| cluster_version | Kubernetes version to use for the EKS cluster. | string | `1.10` | no |
101
+
| config_output_path | Determines where config files are placed if using configure_kubectl_session and you want config files to land outside the current working directory. | string | `./` | no |
102
+
| configure_kubectl_session | Configure the current session's kubectl to use the instantiated EKS cluster. | string |`true`| no |
103
+
| subnets | A list of subnets to place the EKS cluster and workers within. | list | - | yes |
104
+
| tags | A map of tags to add to all resources. | string |`<map>`| no |
105
+
| vpc_id | VPC where the cluster and workers will be deployed. | string | - | yes |
106
+
| worker_groups | A list of maps defining worker group configurations. See workers_group_defaults for valid keys. | list |`<list>`| no |
107
+
| worker_security_group_id | If provided, all workers will be attached to this security group. If not given, a security group will be created with necessary ingres/egress to work with the EKS cluster. | string |``| no |
108
+
| worker_sg_ingress_from_port | Minimum port number from which pods will accept communication. Must be changed to a lower value if some pods in your cluster will expose a port lower than 1025 (e.g. 22, 80, or 443). |string |`1025`| no |
109
+
| workers_group_defaults | Default values for target groups as defined by the list of maps. | map |`<map>`| no |
109
110
110
111
## Outputs
111
112
@@ -118,6 +119,6 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
118
119
| cluster_version | The Kubernetes server version for the EKS cluster. |
119
120
| config_map_aws_auth | A kubernetes configuration to authenticate to this EKS cluster. |
120
121
| kubeconfig | kubectl config file contents for this EKS cluster. |
122
+
| worker_iam_role_name | IAM role name attached to EKS workers |
121
123
| worker_security_group_id | Security group ID attached to the EKS workers. |
122
124
| workers_asg_arns | IDs of the autoscaling groups containing workers. |
123
-
| worker_iam_role_name | IAM role name attached to EKS workers. |
Copy file name to clipboardExpand all lines: main.tf
+5-4Lines changed: 5 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -16,6 +16,7 @@
16
16
** You want to create an EKS cluster and an autoscaling group of workers for the cluster.
17
17
** You want these resources to exist within security groups that allow communication and coordination. These can be user provided or created within the module.
18
18
** You've created a Virtual Private Cloud (VPC) and subnets where you intend to put the EKS resources.
19
+
** If using the default variable value (`true`) for `configure_kubectl_session`, it's required that both [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl) (>=1.10) and [`heptio-authenticator-aws`](https://github.com/heptio/authenticator#4-set-up-kubectl-to-use-heptio-authenticator-for-aws-tokens) are installed and on your shell's PATH.
19
20
20
21
* ## Usage example
21
22
@@ -32,11 +33,11 @@
32
33
* }
33
34
* ```
34
35
35
-
* ## Dependencies
36
+
* ## Release schedule
36
37
37
-
* The `configure_kubectl_session` variable requires that both [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/#install-kubectl)
38
-
(>=1.10) and [`heptio-authenticator-aws`](https://github.com/heptio/authenticator#4-set-up-kubectl-to-use-heptio-authenticator-for-aws-tokens)
39
-
are installed and on your shell's PATH.
38
+
* Generally the maintainers will try to release the module once every 2 weeks to
39
+
* keep up with PR additions. If particularly pressing changes are added or maintainers
40
+
* come up with the spare time (hah!), release may happen more often on occasion.
0 commit comments