Additional managed node outputs #644
Conversation
TBeijen
force-pushed
the
managed_node_outputs
branch
from
f9ff4c5 to
ac61778
Compare
|
Sample output in current form: Same order as node group definition. Would this format be favorable over having a list for each attribute, like: The latter might be more consistent with existing worker group outputs but I wonder what would be most user-friendly. Thoughts? |
| @@ -165,3 +165,19 @@ output "node_groups_iam_role_arns" { | |||
| node_group.node_group_name => node_group.node_role_arn | |||
| } | |||
| } | |||
|
|
|||
| output "node_groups" { | |||
| value = [ | |||
There was a problem hiding this comment.
could you please add description ?
There was a problem hiding this comment.
Sure. Was planning on adding a docs .md describing matters in more detail. First I wanted to see if there's feedback on the output structure.
|
The node_groups themselves are generated from a And now I've looked at the code a little closer, the This node_group code is confusing. Why is user input a list of maps, which then get turned into a map of maps based on something that's not enforced unique in the user input? Oh my. Totally out of scope of this PR but I'd love for this to be input: node_groups = {
group1 = { instance_type = "t3.medium" }
group2 = { instance_type = "c5.xlarge" }
}And your outputs to be: node_groups = {
group1 = {
role_arn = "..."
...
}
group2 = {
role_arn = "..."
...
}
} |
I chose list output based on Imo the intermediate map based on something not guaranteed unique is a red flag. In the light of @max-rocket-internet comment in #635 I'm inclined to focus on a poc for a separate managed_node_group module instead. It might be less work than hammering this into a good shape and quite a lot of the complexity in the current state seems to originate from needing to manage lists/maps of inputs and outputs. |
|
Ran with my comments and created #650 |
I think that's a good idea. I'll close this then 🙂 |
Add change from @TBeijin from PR terraform-aws-modules#644
Add change from @TBeijin from PR terraform-aws-modules#644
* WIP Move node_groups to a submodule * Split the old node_groups file up * Start moving locals * Simplify IAM creation logic * depends_on from the TF docs * Wire in the variables * Call module from parent * Allow to customize the role name. As per workers * aws_auth ConfigMap for node_groups * Get the managed_node_groups example to plan * Get the basic example to plan too * create_eks = false works "The true and false result expressions must have consistent types. The given expressions are object and object, respectively." Well, that's useful. But apparently set(string) and set() are ok. So everything else is more complicated. Thanks. * Update Changelog * Update README * Wire in node_groups_defaults * Remove node_groups from workers_defaults_defaults * Synchronize random and node_group defaults * Error: "name_prefix" cannot be longer than 32 * Update READMEs again * Fix double destroy Was producing index errors when running destroy on an empty state. * Remove duplicate iam_role in node_group I think this logic works. Needs some testing with an externally created role. * Fix index fail if node group manually deleted * Keep aws_auth template in top module Downside: count causes issues as usual: can't use distinct() in the child module so there's a template render for every node_group even if only one role is really in use. Hopefully just output noise instead of technical issue * Hack to have node_groups depend on aws_auth etc The AWS Node Groups create or edit the aws-auth ConfigMap so that nodes can join the cluster. This breaks the kubernetes resource which cannot do a force create. Remove the race condition with explicit depend. Can't pull the IAM role out of the node_group any more. * Pull variables via the random_pet to cut logic No point having the same logic in two different places * Pass all ForceNew variables through the pet * Do a deep merge of NG labels and tags * Update README.. again * Additional managed node outputs #644 Add change from @TBeijin from PR #644 * Remove unused local * Use more for_each * Remove the change when create_eks = false * Make documentation less confusing * node_group version user configurable * Pass through raw output from aws_eks_node_groups * Merge workers defaults in the locals This simplifies the random_pet and aws_eks_node_group logic. Which was causing much consernation on the PR. * Fix typo Co-authored-by: Max Williams <max.williams@deliveryhero.com>
* Don't fail on destroy, when provider resource was removed * Update Changelog * Node groups submodule (#650) * WIP Move node_groups to a submodule * Split the old node_groups file up * Start moving locals * Simplify IAM creation logic * depends_on from the TF docs * Wire in the variables * Call module from parent * Allow to customize the role name. As per workers * aws_auth ConfigMap for node_groups * Get the managed_node_groups example to plan * Get the basic example to plan too * create_eks = false works "The true and false result expressions must have consistent types. The given expressions are object and object, respectively." Well, that's useful. But apparently set(string) and set() are ok. So everything else is more complicated. Thanks. * Update Changelog * Update README * Wire in node_groups_defaults * Remove node_groups from workers_defaults_defaults * Synchronize random and node_group defaults * Error: "name_prefix" cannot be longer than 32 * Update READMEs again * Fix double destroy Was producing index errors when running destroy on an empty state. * Remove duplicate iam_role in node_group I think this logic works. Needs some testing with an externally created role. * Fix index fail if node group manually deleted * Keep aws_auth template in top module Downside: count causes issues as usual: can't use distinct() in the child module so there's a template render for every node_group even if only one role is really in use. Hopefully just output noise instead of technical issue * Hack to have node_groups depend on aws_auth etc The AWS Node Groups create or edit the aws-auth ConfigMap so that nodes can join the cluster. This breaks the kubernetes resource which cannot do a force create. Remove the race condition with explicit depend. Can't pull the IAM role out of the node_group any more. * Pull variables via the random_pet to cut logic No point having the same logic in two different places * Pass all ForceNew variables through the pet * Do a deep merge of NG labels and tags * Update README.. again * Additional managed node outputs #644 Add change from @TBeijin from PR #644 * Remove unused local * Use more for_each * Remove the change when create_eks = false * Make documentation less confusing * node_group version user configurable * Pass through raw output from aws_eks_node_groups * Merge workers defaults in the locals This simplifies the random_pet and aws_eks_node_group logic. Which was causing much consernation on the PR. * Fix typo Co-authored-by: Max Williams <max.williams@deliveryhero.com> * Update Changelog * Add public access endpoint CIDRs option (terraform-aws-eks#647) (#673) * Add public access endpoint CIDRs option (terraform-aws-eks#647) * Update required provider version to 2.44.0 * Fix formatting in docs * Re-generate docs with terraform-docs 0.7.0 and bump pre-commit-terraform version (#668) * re-generate docs with terraform-docs 0.7.0 * bump pre-commit-terraform version * Release 8.0.0 (#662) * Release 8.0.0 * Update changelog * remove 'defauls' node group * Make curl silent * Update Changelog Co-authored-by: Daniel Piddock <33028589+dpiddockcmp@users.noreply.github.com> Co-authored-by: Max Williams <max.williams@deliveryhero.com> Co-authored-by: Siddarth Prakash <1428486+sidprak@users.noreply.github.com> Co-authored-by: Thierno IB. BARRY <ibrahima.br@gmail.com>
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
PR o'clock
Description
Work in progress for #643
Additional node group output.
Checklist