-
-
Notifications
You must be signed in to change notification settings - Fork 29
/
Copy pathnode.tf
103 lines (92 loc) · 3.34 KB
/
node.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# EKS currently documents this required userdata for EKS worker nodes to
# properly configure Kubernetes applications on the EC2 instance.
# We utilize a Terraform local here to simplify Base64 encoding this
# information into the AutoScaling Launch Configuration.
# More information: https://amazon-eks.s3-us-west-2.amazonaws.com/1.10.3/2018-06-05/amazon-eks-nodegroup.yaml
locals {
node-userdata = <<USERDATA
#!/bin/bash -xe
set -o xtrace
/etc/eks/bootstrap.sh --apiserver-endpoint '${aws_eks_cluster.cluster.endpoint}' --b64-cluster-ca '${aws_eks_cluster.cluster.certificate_authority[0].data}' '${var.environment_name}'
USERDATA
}
resource "aws_launch_configuration" "asg_nodes" {
for_each = var.asg_nodes
iam_instance_profile = aws_iam_instance_profile.node.name
image_id = data.aws_ssm_parameter.eks_ami.value
instance_type = each.value.instance_type
name_prefix = "${var.environment_name}-nodes-${each.key}"
spot_price = each.value.spot_price
security_groups = [
aws_eks_cluster.cluster.vpc_config[0].cluster_security_group_id,
aws_security_group.node.id
]
user_data_base64 = base64encode(local.node-userdata)
associate_public_ip_address = each.value.nodes_in_public_subnet
metadata_options {
http_endpoint = "enabled"
http_tokens = "required"
}
root_block_device {
volume_size = each.value.node_disk_size
encrypted = true
}
lifecycle {
create_before_destroy = true
}
}
resource "aws_autoscaling_group" "asg_nodes" {
for_each = var.asg_nodes
desired_capacity = each.value.nodes_desired_capacity
launch_configuration = aws_launch_configuration.asg_nodes[each.key].id
max_size = each.value.nodes_max_size
min_size = each.value.nodes_min_size
name = "${var.environment_name}-nodes-${each.key}"
max_instance_lifetime = each.value.max_instance_lifetime
vpc_zone_identifier = length(each.value.subnet_ids) == 0 ? (each.value.nodes_in_public_subnet ? aws_subnet.public.*.id : aws_subnet.private.*.id) : each.value.subnet_ids
enabled_metrics = lookup(each.value, "node_enabled_metrics", [
"GroupDesiredCapacity",
"GroupInServiceCapacity",
"GroupInServiceInstances",
"GroupMaxSize",
"GroupMinSize",
"GroupPendingCapacity",
"GroupPendingInstances",
"GroupStandbyCapacity",
"GroupStandbyInstances",
"GroupTerminatingCapacity",
"GroupTerminatingInstances",
"GroupTotalCapacity",
"GroupTotalInstances"
])
tag {
key = "Name"
value = "${var.environment_name}-nodes-${each.key}"
propagate_at_launch = true
}
tag {
key = "kubernetes.io/cluster/${var.environment_name}"
value = "owned"
propagate_at_launch = true
}
tag {
key = "k8s.io/cluster-autoscaler/${var.environment_name}"
value = "owned"
propagate_at_launch = true
}
tag {
key = "k8s.io/cluster-autoscaler/enabled"
value = "TRUE"
propagate_at_launch = true
}
tag {
key = "KubespotEnvironment"
value = var.environment_name
propagate_at_launch = true
}
tag {
key = "karpenter.sh/discovery"
value = var.environment_name
propagate_at_launch = true
}
}