[FEATURE] Addons such as aws_vpc_cni should optionally be installable via helm

[andrewhibbert]

Is your feature request related to a problem? Please describe

Since many people use custom networking for aws_vpc_cni the modules should allow this to either be configurable via add on or via helm so this extra config can be set.

Describe the solution you'd like

Option to install via helm and provide helm values

[bryantbiggs]

Thank you for the request @andrewhibbert ! Would you mind sharing how you manage this in your cluster today? Do you manually remove the EKS provided VPC CNI plugin and then re-install using Helm? Is your primary use case here to be able to configure VPC CNI custom networking or do you have other use cases you can share?

[andrewhibbert]

Currently we just edit the resources on the fly, but we'd like to do this via code. Primary use case is for VPC CNI custom networking, though I think the module should just provide minimal helm config similar to things like the karpenter module

[bryantbiggs]

Thank you for sharing that info @andrewhibbert - there are a number of similar tickets on the containers roadmap where users are looking for various alternative means of handling the VPC CNI such as aws/containers-roadmap#71

It should be possible to apply a helm config over top of the VPC CNI manifests provided by the EKS service, but we'll have to check out whats possible/feasible and see if there are any issues with managing it this way

[vara-bonthu]

@andrewhibbert I understand and I see lot of customers wants to customize the parameters for VPC CNI deployment. Currently we don't support the self-managed add-on for VPC CNI.

EKS Blueprints supports only EKS Managed Add-on for VPC CNI which makes it easy for customers to manage the Add-on and upgrade to the latest versions. However this doesn't provide flexibility to update the config

For now if you want to implement the self managed VPC CNI add-on use this link https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html#updating-vpc-cni-add-on

We will look at adding VPC CNI Self Managed add-on Helm Chart to our roadmap. This will provide both options for customer to choose between EKS Managed and Self managed

[lupindeterd]

@bryantbiggs I'm not sure if this relevant to this but it seems that the custom value I set through amazon_eks_vpc_cni_config doesn't get applied to the running DaemonSet, I want to change the SNAT env to true from false.

amazon_eks_vpc_cni_config = { set = [{ name = "env.AWS_VPC_K8S_CNI_EXTERNALSNAT" value = "true" } ] }

[bryantbiggs]

@bryantbiggs I'm not sure if this relevant to this but it seems that the custom value I set through amazon_eks_vpc_cni_config doesn't get applied to the running DaemonSet, I want to change the SNAT env to true from false.

amazon_eks_vpc_cni_config = { set = [{ name = "env.AWS_VPC_K8S_CNI_EXTERNALSNAT" value = "true" } ] }

@lupindeterd - the VPC CNI addon is a managed addon and therefore does not currently support custom configurations such as setting environment variables.

[bryantbiggs]

with EKS now supporting addon custom configuration, we are going to close out this issue. thank you!