Manage aws_eks_addon resources

[nitrocode]

what

• Manage aws_eks_addon resources

why

• To install addons using a variable

references

• Closes Ability to install and manage EKS addons #113
• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon
• Validation https://github.com/juozasget/terraform-provider-aws/blob/0d232c2ccd5c09f9c130f64925a25b6fcd7b8b49/aws/resource_aws_eks_addon.go#L61
• terraform-aws-eks is working on an implementation too

notes

module "eks" {
  # ...
  addons = [
    {
      addon_name               = "vpc-cni"
      addon_version            = "v1.8.0-eksbuild.1"
      resolve_conflicts        = "NONE"
      service_account_role_arn = null
    }
  ]
  # ...
}

[nitrocode]

/test all

[nitrocode]

/test all

[nitrocode]

This has been released as https://github.com/cloudposse/terraform-aws-eks-cluster/releases/tag/0.43.0 !

[z0rc]

Testing single vpc-cni addon is not enough. At least add coredns, ideally all three: kube-proxy, vpc-cni and coredns should be tested. Otherwise resulting cluster differs from expected default EKS setup.

Also while doing so you might stumble across hashicorp/terraform-provider-aws#20404. Workaround for this issue requires delaying installation of coredns addon until some workers are available. This is doable in terraform by adding something like depends_on = [aws_eks_node_group.workers] for addon resource, which isn't achievable with current implementation.

[nitrocode]

@z0rc I tested it out the recommended addons in a draft #126 and you're correct.

We cannot add a depends_on = [module.eks_node_group] to the aws_eks_addon resource since the node groups are created in its own module.

Perhaps it may be best to have the eks addons in its own module so the depends_on can be used or simply create the addons from outside the terraform-aws-eks-cluster module. 🤔

[nitrocode]

@z0rc please review #126 and let me know if that works for you