Releases: cloudposse/terraform-aws-eks-cluster
Releases · cloudposse/terraform-aws-eks-cluster
0.12.0 Add OIDC Issuer to module output
what
- Add OIDC Issuer to module output
why
- To enable module consumers to link IAM roles to service accounts, as described here.
0.11.1 Update README
what
- Rebuild README
why
- Fixed
terraform_modules
link
0.11.0 Terraform Cloud compatibility. Allow installing external packages. Allow assuming IAM roles
what
- Terraform Cloud compatibility
- Allow installing external packages
- Allow assuming IAM roles
- Update provisioner "local-exec":
- Optionally install external packages (AWS CLI and
kubectl
) if the workstation that runsterraform plan/apply
does not have them installed - Optionally assume IAM role before executing the command
aws eks update-kubeconfig
- Optionally install external packages (AWS CLI and
why
- Installing external packages allows the module to be provisioned on Terraform Cloud where the workers are running on plain Ubuntu without having AWS CLI and
kubectl
installed - Assuming IAM role before executing the command
aws eks update-kubeconfig
allows the module to be provisioned on Terraform Cloud in multi-account setup, where we provide TF Cloud with the IAM User access keys from the identity account and allow it to assume an IAM Role into the AWS account where the module gets provisioned
0.10.0 Fix eks-cluster example. Add eks_worker_ami_name_filter variable to the example
what
- Fix eks-cluster example. Add eks_worker_ami_name_filter variable to the example
why
-
most_recent variable does not work as expected.
-
Enforce usage of eks_worker_ami_name_filter variable to set the right kubernetes version for EKS workers,
otherwise the first version of Kubernetes supported by AWS (v1.11) for EKS workers will be used, but
EKS control plane will use the version specified by kubernetes_version variable.
0.9.0 Add configmap file path and template file path as variables
what
- Add configmap file path and template file path as variables
why
- Make it configurable
0.8.0 Add ability to change local exec interpreter from a variable
what
- Add ability to change local exec interpreter from a variable
why
- In some cases terraform
local-exec
is failing in CI/CD as default interpreter is/bin/sh
which was exiting with non zero status code. Change the interpreter to/bin/bash
fixes the issue.
0.7.1 Add runtime rendered config map file to .gitignore
what
- Add runtime rendered config map file to .gitignore
why
- Ignore the configmap files generated by terraform
0.7.0 Use `join` for configmap auth file and template file in auth.tf
what
- Use
join
forconfigmap
auth file and template file inauth.tf
why
- Cleaner TF 0.12 syntax
0.6.0 Cluster improvements
what
- Adds examples for multi-worker clusters
- Groups relevant arguments
- Removes need for
workers_security_group_count
why
- The module supports many worker group in one cluster - the new example shows it
- TF 0.12 works without using
workers_security_group_count
var
0.5.0 Convert to TF 0.12. Add tests. Add Codefresh test pipeline
what
- Port module to Terraform 0.12
- Pin all providers
- Add example for testing
- Add
bats
andterratest
for the example - Add Codefresh badge to point to the test pipeline in
terraform-modules
project - Update README
why
- Module currently does not work with 0.12. Much easier syntax
- Better regression control
- Automatically test the example on every commit and pull request
- Provision resources on AWS in the test account and check the outputs for the correct values
terraform-modules
project contains pipelines for all terraform modules
new features
- You can specify additional IAM Roles, Users and AWS accounts to be added to the Auth ConfigMap to allow to authenticate and access the EKS cluster
- The Auth ConfigMap accepts a list of worker node ARNs to allow many different worker node groups to join the same EKS cluster
- Terratest now checks for all worker nodes to join the EKS cluster
Waiting for worker nodes to join the EKS cluster
Worker Node ip-172-16-119-111.us-east-2.compute.internal has joined the EKS cluster at 2019-10-01 00:47:51 +0000 UTC
Worker Node ip-172-16-155-103.us-east-2.compute.internal has joined the EKS cluster at 2019-10-01 00:48:01 +0000 UTC
All worker nodes have joined the EKS cluster
- To apply the Auth ConfigMap, the module does not construct
kubeconfig
anymore. Instead it readskubeconfig
from the cluster after it gets provisioned