Support bottlerocket bootstrapping for node groups

[ulm0]

PR o'clock

Description

Fixes #1694

Allow bootstrap bottlerocket nodes.

...
  node_groups_defaults = {
    ami_type      = "BOTTLEROCKET_x86_64" # https://docs.aws.amazon.com/eks/latest/APIReference/API_Nodegroup.html#AmazonEKS-Type-Nodegroup-amiType
    disk_size     = 50
    disk_type     = "gp3"
    capacity_type = "SPOT"
  }
  node_groups = {
    system = {
      create_launch_template   = true
      desired_capacity         = 1
      max_capacity             = 10
      min_capacity             = 1
      instance_types           = ["c5n.2xlarge"]
      enable_admin_container   = false
      enable_control_container = true
      additional_userdata      = <<EOF
[settings.kubernetes.node-labels]
"node.kubernetes.io/environment" = "Production"
EOF
      update_config = {
        max_unavailable_percentage = 50 # or set `max_unavailable`
      }
    }
  }
...

Checklist

• README.md has been updated after any changes to variables and outputs. See https://github.com/terraform-aws-modules/terraform-aws-eks/#doc-generation

[hi-artem]

Doesn't bottlerocket ami ships with 2 ebs volumes? I think you will need to add another block_device_mappings in the launch template. Something like that:

 block_device_mappings {
    device_name = "/dev/xvdb"

    ebs {
      volume_size           = lookup(each.value, "disk_size", null)
      volume_type           = lookup(each.value, "disk_type", null)
      iops                  = lookup(each.value, "disk_iops", null)
      throughput            = lookup(each.value, "disk_throughput", null)
      encrypted             = lookup(each.value, "disk_encrypted", null)
      kms_key_id            = lookup(each.value, "disk_kms_key_id", null)
      delete_on_termination = true
    }
  }

Updated Indeed there are two volumes required for bottlerocket ami. More info - bottlerocket-os/bottlerocket#1203

[hi-artem]

Need to address issue with 2 volumes. See my comment above.

[hi-artem]

To simplify logic here, we can only care about /dev/xvdb sizing./dev/xvda contains operating system itself: the active & passive partitions, the bootloader, the dm-verity data, and the data store for the Bottlerocket API. We really shouldn't set its sizing explicitly. It should always be the same as in Bottlerocket AMI.

[ulm0]

Nice finding @hi-artem will address this topic asap.

[ulm0]

Hi @hi-artem just added

device_name = length(split("BOTTLEROCKET", each.value["ami_type"])) > 1 ? "/dev/xvdb" : "/dev/xvda"

This sould do the work

[ulm0]

Hi @johndietz just did some changes, the PR should be now good to go

[stevehipwell]

@ulm0 could you take a look at #1645 and offer feedback; I think it's a more generic solution but some things might be missing?

[dusansusic]

@ulm0 AWS provider must be bumped to >= 3.64.

https://github.com/hashicorp/terraform-provider-aws/releases/tag/v3.64.0

[antonbabenko]

This issue has been resolved in version 18.0.0 🎉

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.