diff --git a/README.md b/README.md
index 9c792d6e242..54e92dec465 100644
--- a/README.md
+++ b/README.md
@@ -143,17 +143,16 @@ Apache 2 Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraf
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 0.13.1 |
-| [aws](#requirement\_aws) | >= 3.37.0 |
+| [aws](#requirement\_aws) | >= 3.40.0 |
| [http](#requirement\_http) | >= 2.4.1 |
| [kubernetes](#requirement\_kubernetes) | >= 1.11.1 |
| [local](#requirement\_local) | >= 1.4 |
-| [random](#requirement\_random) | >= 2.1 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 3.37.0 |
+| [aws](#provider\_aws) | >= 3.40.0 |
| [http](#provider\_http) | >= 2.4.1 |
| [kubernetes](#provider\_kubernetes) | >= 1.11.1 |
| [local](#provider\_local) | >= 1.4 |
diff --git a/aws_auth.tf b/aws_auth.tf
index f549dcce776..6eb563203d3 100644
--- a/aws_auth.tf
+++ b/aws_auth.tf
@@ -1,5 +1,3 @@
-data "aws_caller_identity" "current" {}
-
locals {
auth_launch_template_worker_roles = [
for index in range(0, var.create_eks ? local.worker_group_launch_template_count : 0) : {
diff --git a/data.tf b/data.tf
index a7c00eb5635..875ca5e8eed 100644
--- a/data.tf
+++ b/data.tf
@@ -1,3 +1,7 @@
+data "aws_partition" "current" {}
+
+data "aws_caller_identity" "current" {}
+
data "aws_iam_policy_document" "workers_assume_role_policy" {
statement {
sid = "EKSWorkerAssumeRole"
@@ -82,8 +86,6 @@ data "aws_iam_instance_profile" "custom_worker_group_launch_template_iam_instanc
)
}
-data "aws_partition" "current" {}
-
data "http" "wait_for_cluster" {
count = var.create_eks && var.manage_aws_auth ? 1 : 0
url = format("%s/healthz", aws_eks_cluster.this[0].endpoint)
diff --git a/docs/upgrades.md b/docs/upgrades.md
new file mode 100644
index 00000000000..a56b81045ac
--- /dev/null
+++ b/docs/upgrades.md
@@ -0,0 +1,30 @@
+# How to handle the terraform-aws-eks module upgrade
+
+## Upgrade to v17.0.0
+
+In this release, we now decided to remove random_pet resources in Managed Node Groups (MNG). Those were used to recreate MNG if something changed. But they were causing a lot of issues. To upgrade the module without recreating your MNG, you will need to explicitly reuse their previous name and set them in your MNG `name` argument.
+
+```hcl
+module "eks" {
+ source = "terraform-aws-modules/eks/aws"
+ version = "16.0.1"
+
+ cluster_name = "your-cluster-name"
+ cluster_version = "1.20"
+ # ...
+
+ node_groups = {
+ example = {
+ name = "your-pre-v17.0.0-managed-node-group-name"
+ desired_capacity = 1
+ max_capacity = 10
+ min_capacity = 1
+
+ # ...
+ }
+ }
+ # ...
+}
+```
+
+After the first apply, we recommand you to create a new node group and let the module use the `node_group_name_prefix` (by removing the `name` argument) to generate names and collision during node groups re-creation if needed, because the lifce cycle is `create_before_destroy = true`.
diff --git a/modules/fargate/README.md b/modules/fargate/README.md
index 459c355fe84..858ec968b7d 100644
--- a/modules/fargate/README.md
+++ b/modules/fargate/README.md
@@ -21,13 +21,13 @@ Helper submodule to create and manage resources related to `aws_eks_fargate_prof
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 0.13.1 |
-| [aws](#requirement\_aws) | >= 3.22.0 |
+| [aws](#requirement\_aws) | >= 3.40.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 3.22.0 |
+| [aws](#provider\_aws) | >= 3.40.0 |
## Modules
diff --git a/modules/fargate/versions.tf b/modules/fargate/versions.tf
index 1263d791e83..2051547e513 100644
--- a/modules/fargate/versions.tf
+++ b/modules/fargate/versions.tf
@@ -2,6 +2,6 @@ terraform {
required_version = ">= 0.13.1"
required_providers {
- aws = ">= 3.22.0"
+ aws = ">= 3.40.0"
}
}
diff --git a/modules/node_groups/README.md b/modules/node_groups/README.md
index a4d45024b52..0cb1138ca08 100644
--- a/modules/node_groups/README.md
+++ b/modules/node_groups/README.md
@@ -33,7 +33,8 @@ The role ARN specified in `var.default_iam_role_arn` will be used by default. In
| launch\_template_version | The version of the LT to use | string | none |
| max\_capacity | Max number of workers | number | `var.workers_group_defaults[asg_max_size]` |
| min\_capacity | Min number of workers | number | `var.workers_group_defaults[asg_min_size]` |
-| name | Name of the node group | string | Auto generated |
+| name | Name of the node group | string | Will use autogenerate name prefix |
+| name_prefix | Name prefix of the node group | string | Auto generated |
| source\_security\_group\_ids | Source security groups for remote access to workers | list(string) | If key\_name is specified: THE REMOTE ACCESS WILL BE OPENED TO THE WORLD |
| subnets | Subnets to contain workers | list(string) | `var.workers_group_defaults[subnets]` |
| version | Kubernetes version | string | Provider default behavior |
@@ -50,16 +51,14 @@ The role ARN specified in `var.default_iam_role_arn` will be used by default. In
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 0.13.1 |
-| [aws](#requirement\_aws) | >= 3.22.0 |
-| [random](#requirement\_random) | >= 2.1 |
+| [aws](#requirement\_aws) | >= 3.40.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 3.22.0 |
+| [aws](#provider\_aws) | >= 3.40.0 |
| [cloudinit](#provider\_cloudinit) | n/a |
-| [random](#provider\_random) | >= 2.1 |
## Modules
@@ -71,7 +70,6 @@ No modules.
|------|------|
| [aws_eks_node_group.workers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_group) | resource |
| [aws_launch_template.workers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_template) | resource |
-| [random_pet.node_groups](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) | resource |
| [cloudinit_config.workers_userdata](https://registry.terraform.io/providers/hashicorp/cloudinit/latest/docs/data-sources/config) | data source |
## Inputs
diff --git a/modules/node_groups/launchtemplate.tf b/modules/node_groups/launch_template.tf
similarity index 81%
rename from modules/node_groups/launchtemplate.tf
rename to modules/node_groups/launch_template.tf
index 7b50350dd2d..6ad2b68f858 100644
--- a/modules/node_groups/launchtemplate.tf
+++ b/modules/node_groups/launch_template.tf
@@ -1,5 +1,6 @@
data "cloudinit_config" "workers_userdata" {
- for_each = { for k, v in local.node_groups_expanded : k => v if v["create_launch_template"] }
+ for_each = { for k, v in local.node_groups_expanded : k => v if v["create_launch_template"] }
+
gzip = false
base64_encode = true
boundary = "//"
@@ -12,7 +13,6 @@ data "cloudinit_config" "workers_userdata" {
kubelet_extra_args = each.value["kubelet_extra_args"]
}
)
-
}
}
@@ -23,9 +23,10 @@ data "cloudinit_config" "workers_userdata" {
# Trivia: AWS transparently creates a copy of your LaunchTemplate and actually uses that copy then for the node group. If you DONT use a custom AMI,
# then the default user-data for bootstrapping a cluster is merged in the copy.
resource "aws_launch_template" "workers" {
- for_each = { for k, v in local.node_groups_expanded : k => v if v["create_launch_template"] }
- name_prefix = lookup(each.value, "name", join("-", [var.cluster_name, each.key, random_pet.node_groups[each.key].id]))
- description = lookup(each.value, "name", join("-", [var.cluster_name, each.key, random_pet.node_groups[each.key].id]))
+ for_each = { for k, v in local.node_groups_expanded : k => v if v["create_launch_template"] }
+
+ name_prefix = local.node_groups_names[each.key]
+ description = format("EKS Managed Node Group custom LT for %s", local.node_groups_names[each.key])
update_default_version = true
block_device_mappings {
@@ -79,7 +80,7 @@ resource "aws_launch_template" "workers" {
lookup(var.node_groups_defaults, "additional_tags", {}),
lookup(var.node_groups[each.key], "additional_tags", {}),
{
- Name = lookup(each.value, "name", join("-", [var.cluster_name, each.key, random_pet.node_groups[each.key].id]))
+ Name = local.node_groups_names[each.key]
}
)
}
@@ -93,12 +94,12 @@ resource "aws_launch_template" "workers" {
lookup(var.node_groups_defaults, "additional_tags", {}),
lookup(var.node_groups[each.key], "additional_tags", {}),
{
- Name = lookup(each.value, "name", join("-", [var.cluster_name, each.key, random_pet.node_groups[each.key].id]))
+ Name = local.node_groups_names[each.key]
}
)
}
- # Supplying custom tags to EKS instances ENI's
+ # Supplying custom tags to EKS instances ENI's
tag_specifications {
resource_type = "network-interface"
@@ -107,7 +108,7 @@ resource "aws_launch_template" "workers" {
lookup(var.node_groups_defaults, "additional_tags", {}),
lookup(var.node_groups[each.key], "additional_tags", {}),
{
- Name = lookup(each.value, "name", join("-", [var.cluster_name, each.key, random_pet.node_groups[each.key].id]))
+ Name = local.node_groups_names[each.key]
}
)
}
diff --git a/modules/node_groups/locals.tf b/modules/node_groups/locals.tf
index 3c510d70ab4..192b7a01d18 100644
--- a/modules/node_groups/locals.tf
+++ b/modules/node_groups/locals.tf
@@ -25,4 +25,14 @@ locals {
var.node_groups_defaults,
v,
) if var.create_eks }
+
+ node_groups_names = { for k, v in local.node_groups_expanded : k => lookup(
+ v,
+ "name",
+ lookup(
+ v,
+ "name_prefix",
+ join("-", [var.cluster_name, k])
+ )
+ ) }
}
diff --git a/modules/node_groups/node_groups.tf b/modules/node_groups/node_groups.tf
index afb65059f8f..a0ae456fa7b 100644
--- a/modules/node_groups/node_groups.tf
+++ b/modules/node_groups/node_groups.tf
@@ -1,7 +1,8 @@
resource "aws_eks_node_group" "workers" {
for_each = local.node_groups_expanded
- node_group_name = lookup(each.value, "name", join("-", [var.cluster_name, each.key, random_pet.node_groups[each.key].id]))
+ node_group_name_prefix = lookup(each.value, "name", null) == null ? local.node_groups_names[each.key] : null
+ node_group_name = lookup(each.value, "name", null)
cluster_name = var.cluster_name
node_role_arn = each.value["iam_role_arn"]
diff --git a/modules/node_groups/random.tf b/modules/node_groups/random.tf
deleted file mode 100644
index 5f505a8c157..00000000000
--- a/modules/node_groups/random.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-resource "random_pet" "node_groups" {
- for_each = local.node_groups_expanded
-
- separator = "-"
- length = 2
-
- keepers = {
- ami_type = lookup(each.value, "ami_type", null)
- disk_size = lookup(each.value, "disk_size", null)
- capacity_type = lookup(each.value, "capacity_type", null)
- iam_role_arn = each.value["iam_role_arn"]
- instance_types = join("|", compact(
- lookup(each.value, "instance_types", [])
- ))
-
- key_name = each.value["key_name"]
-
- source_security_group_ids = join("|", compact(
- lookup(each.value, "source_security_group_ids", [])
- ))
- subnet_ids = join("|", each.value["subnets"])
- node_group_name = join("-", [var.cluster_name, each.key])
- launch_template = lookup(each.value, "launch_template_id", null)
- }
-
- lifecycle {
- create_before_destroy = true
- }
-
- depends_on = [var.ng_depends_on]
-}
diff --git a/modules/node_groups/versions.tf b/modules/node_groups/versions.tf
index 9fb30e02ba2..2051547e513 100644
--- a/modules/node_groups/versions.tf
+++ b/modules/node_groups/versions.tf
@@ -2,7 +2,6 @@ terraform {
required_version = ">= 0.13.1"
required_providers {
- aws = ">= 3.22.0"
- random = ">= 2.1"
+ aws = ">= 3.40.0"
}
}
diff --git a/versions.tf b/versions.tf
index 877ef298bde..db42ebeb2fa 100644
--- a/versions.tf
+++ b/versions.tf
@@ -2,9 +2,8 @@ terraform {
required_version = ">= 0.13.1"
required_providers {
- aws = ">= 3.37.0"
+ aws = ">= 3.40.0"
local = ">= 1.4"
- random = ">= 2.1"
kubernetes = ">= 1.11.1"
http = {
source = "terraform-aws-modules/http"