fix: Allow EKS addnos version config

wandb · Oct 14, 2024 · 97b657c · 97b657c
1 parent 47b06e1
commit 97b657c
Show file tree

Hide file tree

Showing 11 changed files with 113 additions and 45 deletions.
diff --git a/main.tf b/main.tf
@@ -171,6 +171,13 @@ module "app_eks" {
   system_reserved_pid                 = var.system_reserved_pid
 
   aws_loadbalancer_controller_tags = var.aws_loadbalancer_controller_tags
+
+  eks_addon_efs_csi_driver_version = var.eks_addon_efs_csi_driver_version
+  eks_addon_ebs_csi_driver_version = var.eks_addon_ebs_csi_driver_version
+  eks_addon_coredns_version        = var.eks_addon_coredns_version
+  eks_addon_kube_proxy_version     = var.eks_addon_kube_proxy_version
+  eks_addon_vpc_cni_version        = var.eks_addon_vpc_cni_version
+
 }
 
 locals {

diff --git a/modules/app_eks/add-ons.tf b/modules/app_eks/add-ons.tf
@@ -32,43 +32,43 @@ resource "aws_iam_role" "oidc" {
 ### add-ons for eks version 1.28
 
 resource "aws_eks_addon" "aws_efs_csi_driver" {
-   depends_on = [
-     aws_eks_addon.vpc_cni
-   ]
-   cluster_name               = var.namespace
-   addon_name                 = "aws-efs-csi-driver"
-   addon_version              = "v2.0.4-eksbuild.1"
-   resolve_conflicts          = "OVERWRITE"
+  depends_on = [
+    aws_eks_addon.vpc_cni
+  ]
+  cluster_name      = var.namespace
+  addon_name        = "aws-efs-csi-driver"
+  addon_version     = var.eks_addon_efs_csi_driver_version
+  resolve_conflicts = "OVERWRITE"
 }
 
 resource "aws_eks_addon" "aws_ebs_csi_driver" {
   depends_on = [
     aws_eks_addon.vpc_cni
   ]
-  cluster_name                = var.namespace
-  addon_name                  = "aws-ebs-csi-driver"
-  addon_version               = "v1.31.0-eksbuild.1"
-  resolve_conflicts           = "OVERWRITE"
+  cluster_name      = var.namespace
+  addon_name        = "aws-ebs-csi-driver"
+  addon_version     = var.eks_addon_ebs_csi_driver_version
+  resolve_conflicts = "OVERWRITE"
 }
 
 resource "aws_eks_addon" "coredns" {
   depends_on = [
     aws_eks_addon.vpc_cni
   ]
-  cluster_name                = var.namespace
-  addon_name                  = "coredns"
-  addon_version               = "v1.10.1-eksbuild.11"
-  resolve_conflicts           = "OVERWRITE"
+  cluster_name      = var.namespace
+  addon_name        = "coredns"
+  addon_version     = var.eks_addon_coredns_version
+  resolve_conflicts = "OVERWRITE"
 }
 
 resource "aws_eks_addon" "kube_proxy" {
   depends_on = [
     aws_eks_addon.vpc_cni
   ]
-  cluster_name                = var.namespace
-  addon_name                  = "kube-proxy"
-  addon_version               = "v1.28.8-eksbuild.5"
-  resolve_conflicts           = "OVERWRITE"
+  cluster_name      = var.namespace
+  addon_name        = "kube-proxy"
+  addon_version     = var.eks_addon_kube_proxy_version
+  resolve_conflicts = "OVERWRITE"
 }
 
 resource "aws_eks_addon" "vpc_cni" {
@@ -77,7 +77,7 @@ resource "aws_eks_addon" "vpc_cni" {
   ]
   cluster_name             = var.namespace
   addon_name               = "vpc-cni"
-  addon_version            = "v1.18.2-eksbuild.1"
+  addon_version            = var.eks_addon_vpc_cni_version
   resolve_conflicts        = "OVERWRITE"
   service_account_role_arn = aws_iam_role.oidc.arn
 }
diff --git a/modules/app_eks/main.tf b/modules/app_eks/main.tf
@@ -75,7 +75,7 @@ resource "kubernetes_annotations" "gp2" {
   api_version = "storage.k8s.io/v1"
   kind        = "StorageClass"
   force       = "true"
-  depends_on = [module.eks]
+  depends_on  = [module.eks]
 
   metadata {
     name = "gp2"
@@ -92,14 +92,14 @@ resource "kubernetes_storage_class" "gp3" {
       "storageclass.kubernetes.io/is-default-class" = "true"
     }
   }
-  depends_on = [kubernetes_annotations.gp2]
+  depends_on          = [kubernetes_annotations.gp2]
   storage_provisioner = "kubernetes.io/aws-ebs"
   parameters = {
     fsType = "ext4"
-    type = "gp3"
+    type   = "gp3"
   }
-  reclaim_policy = "Delete"
-  volume_binding_mode = "WaitForFirstConsumer"
+  reclaim_policy         = "Delete"
+  volume_binding_mode    = "WaitForFirstConsumer"
   allow_volume_expansion = true
 }
 

diff --git a/modules/app_eks/variables.tf b/modules/app_eks/variables.tf
@@ -151,3 +151,33 @@ variable "aws_loadbalancer_controller_tags" {
   type        = map(string)
   default     = {}
 }
+
+variable "eks_addon_efs_csi_driver_version" {
+  description = "The version of the EFS CSI driver to install."
+  type        = string
+  default     = "v2.0.4-eksbuild.1"
+}
+
+variable "eks_addon_ebs_csi_driver_version" {
+  description = "The version of the EBS CSI driver to install."
+  type        = string
+  default     = "v1.31.0-eksbuild.1"
+}
+
+variable "eks_addon_coredns_version" {
+  description = "The version of the CoreDNS addon to install."
+  type        = string
+  default     = "v1.10.1-eksbuild.11"
+}
+
+variable "eks_addon_kube_proxy_version" {
+  description = "The version of the kube-proxy addon to install."
+  type        = string
+  default     = "v1.28.8-eksbuild.5"
+}
+
+variable "eks_addon_vpc_cni_version" {
+  description = "The version of the VPC CNI addon to install."
+  type        = string
+  default     = "v1.18.2-eksbuild.1"
+}
diff --git a/modules/app_lb/outputs.tf b/modules/app_lb/outputs.tf
@@ -15,9 +15,9 @@ output "tg_app_arn" {
 }
 
 output "alb_name" {
-value =  aws_lb.alb.arn
+  value = aws_lb.alb.arn
 }
 
 output "nlb_security_group" {
-  value = var.enable_private_only_traffic? aws_security_group.inbound_private[0].id : null
+  value = var.enable_private_only_traffic ? aws_security_group.inbound_private[0].id : null
 }
diff --git a/modules/endpoint/main.tf b/modules/endpoint/main.tf
@@ -1,9 +1,9 @@
 resource "aws_vpc_endpoint" "default" {
-  vpc_id              = var.network_id
-  service_name        = var.service_name
-  vpc_endpoint_type   = "Gateway" 
-  auto_accept = true
-  route_table_ids  = var.private_route_table_id
+  vpc_id            = var.network_id
+  service_name      = var.service_name
+  vpc_endpoint_type = "Gateway"
+  auto_accept       = true
+  route_table_ids   = var.private_route_table_id
 
   policy = <<POLICY
 {

diff --git a/modules/endpoint/variables.tf b/modules/endpoint/variables.tf
@@ -1,14 +1,14 @@
 variable "network_id" {
-   type = string
-   description = "ID of the network (VPC) where infrastructure resources will be deployed."
- }
+  type        = string
+  description = "ID of the network (VPC) where infrastructure resources will be deployed."
+}
 
 variable "private_route_table_id" {
-  type = list(string)
+  type        = list(string)
   description = "Private route table ID within the specified network (VPC) where resources will be deployed"
 }
 
 variable "service_name" {
-  type = string
+  type        = string
   description = "Name of the service or vpc endpoint"
 }
diff --git a/modules/iam_role/variables.tf b/modules/iam_role/variables.tf
@@ -4,7 +4,7 @@ variable "namespace" {
 }
 
 variable "aws_iam_openid_connect_provider_url" {
-  type        = string
+  type = string
 }
 
 variable "yace_sa_name" {

diff --git a/modules/private_link/main.tf b/modules/private_link/main.tf
@@ -1,6 +1,6 @@
 locals {
   max_lb_name_length = 32 - length("-nlb")
-  lb_name_truncated  = var.enable_private_only_traffic ?  "${substr(var.namespace, 0, local.max_lb_name_length)}-private-link-nlb" : "${substr(var.namespace, 0, local.max_lb_name_length)}-nlb"
+  lb_name_truncated  = var.enable_private_only_traffic ? "${substr(var.namespace, 0, local.max_lb_name_length)}-private-link-nlb" : "${substr(var.namespace, 0, local.max_lb_name_length)}-nlb"
 }
 
 resource "aws_lb" "nlb" {
@@ -9,10 +9,10 @@ resource "aws_lb" "nlb" {
   load_balancer_type         = "network"
   subnets                    = var.network_private_subnets
   enable_deletion_protection = var.deletion_protection
-  security_groups = var.enable_private_only_traffic ? [var.nlb_security_group] : []
-lifecycle {
-  create_before_destroy = true
-}
+  security_groups            = var.enable_private_only_traffic ? [var.nlb_security_group] : []
+  lifecycle {
+    create_before_destroy = true
+  }
 }
 
 resource "aws_lb_target_group" "nlb" {

diff --git a/modules/private_link/variables.tf b/modules/private_link/variables.tf
@@ -29,8 +29,8 @@ variable "vpc_id" {
 }
 
 variable "enable_private_only_traffic" {
-  type        = bool
+  type = bool
 }
 variable "nlb_security_group" {
-  type        = string
+  type = string
 }
diff --git a/variables.tf b/variables.tf
@@ -427,6 +427,37 @@ variable "aws_loadbalancer_controller_tags" {
   default     = {}
 }
 
+variable "eks_addon_efs_csi_driver_version" {
+  description = "The version of the EFS CSI driver to install."
+  type        = string
+  default     = "v2.0.4-eksbuild.1"
+}
+
+variable "eks_addon_ebs_csi_driver_version" {
+  description = "The version of the EBS CSI driver to install."
+  type        = string
+  default     = "v1.31.0-eksbuild.1"
+}
+
+variable "eks_addon_coredns_version" {
+  description = "The version of the CoreDNS addon to install."
+  type        = string
+  default     = "v1.10.1-eksbuild.11"
+}
+
+variable "eks_addon_kube_proxy_version" {
+  description = "The version of the kube-proxy addon to install."
+  type        = string
+  default     = "v1.28.8-eksbuild.5"
+}
+
+variable "eks_addon_vpc_cni_version" {
+  description = "The version of the VPC CNI addon to install."
+  type        = string
+  default     = "v1.18.2-eksbuild.1"
+}
+
+
 ##########################################
 # External Bucket                        #
 ##########################################