Skip to content

Commit

Permalink
feat: Add support for allowing EFA network interfaces (terraform-aws-…
Browse files Browse the repository at this point in the history
  • Loading branch information
bryantbiggs authored and spr-mweber3 committed Apr 26, 2022
1 parent 38850fe commit 62b703d
Show file tree
Hide file tree
Showing 3 changed files with 46 additions and 9 deletions.
31 changes: 31 additions & 0 deletions examples/self_managed_node_group/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,37 @@ module "eks" {
}
}

efa = {
min_size = 1
max_size = 2
desired_size = 1

# aws ec2 describe-instance-types --region eu-west-1 --filters Name=network-info.efa-supported,Values=true --query "InstanceTypes[*].[InstanceType]" --output text | sort
instance_type = "c5n.9xlarge"

post_bootstrap_user_data = <<-EOT
# Install EFA
curl -O https://efa-installer.amazonaws.com/aws-efa-installer-latest.tar.gz
tar -xf aws-efa-installer-latest.tar.gz && cd aws-efa-installer
./efa_installer.sh -y --minimal
fi_info -p efa -t FI_EP_RDM
# Disable ptrace
sysctl -w kernel.yama.ptrace_scope=0
EOT

network_interfaces = [
{
description = "EFA interface example"
delete_on_termination = true
device_index = 0
associate_public_ip_address = false
interface_type = "efa"
}
]
}

# Complete
complete = {
name = "complete-self-mng"
Expand Down
13 changes: 8 additions & 5 deletions modules/eks-managed-node-group/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@ locals {
use_custom_launch_template = var.create_launch_template || var.launch_template_name != ""

launch_template_name_int = coalesce(var.launch_template_name, "${var.name}-eks-node-group")

security_group_ids = compact(concat([try(aws_security_group.this[0].id, ""), var.cluster_primary_security_group_id], var.vpc_security_group_ids))
}

resource "aws_launch_template" "this" {
Expand All @@ -54,7 +56,7 @@ resource "aws_launch_template" "this" {
key_name = var.key_name
user_data = module.user_data.user_data

vpc_security_group_ids = compact(concat([try(aws_security_group.this[0].id, ""), var.cluster_primary_security_group_id], var.vpc_security_group_ids))
vpc_security_group_ids = length(var.network_interfaces) > 0 ? [] : local.security_group_ids

default_version = var.launch_template_default_version
update_default_version = var.update_launch_template_default_version
Expand Down Expand Up @@ -208,16 +210,17 @@ resource "aws_launch_template" "this" {
delete_on_termination = lookup(network_interfaces.value, "delete_on_termination", null)
description = lookup(network_interfaces.value, "description", null)
device_index = lookup(network_interfaces.value, "device_index", null)
ipv4_addresses = lookup(network_interfaces.value, "ipv4_addresses", null) != null ? network_interfaces.value.ipv4_addresses : []
interface_type = lookup(network_interfaces.value, "interface_type", null)
ipv4_addresses = try(network_interfaces.value.ipv4_addresses, [])
ipv4_address_count = lookup(network_interfaces.value, "ipv4_address_count", null)
ipv6_addresses = lookup(network_interfaces.value, "ipv6_addresses", null) != null ? network_interfaces.value.ipv6_addresses : []
ipv6_addresses = try(network_interfaces.value.ipv6_addresses, [])
ipv6_address_count = lookup(network_interfaces.value, "ipv6_address_count", null)
network_interface_id = lookup(network_interfaces.value, "network_interface_id", null)
private_ip_address = lookup(network_interfaces.value, "private_ip_address", null)
security_groups = lookup(network_interfaces.value, "security_groups", null) != null ? network_interfaces.value.security_groups : []
security_groups = compact(concat(try(network_interfaces.value.security_groups, []), local.security_group_ids))
# Set on EKS managed node group, will fail if set here
# https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html#launch-template-basics
# subnet_id = lookup(network_interfaces.value, "subnet_id", null)
# subnet_id = lookup(network_interfaces.value, "subnet_id", null)
}
}

Expand Down
11 changes: 7 additions & 4 deletions modules/self-managed-node-group/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,8 @@ module "user_data" {

locals {
launch_template_name_int = coalesce(var.launch_template_name, "${var.name}-node-group")

security_group_ids = compact(concat([try(aws_security_group.this[0].id, ""), var.cluster_primary_security_group_id], var.vpc_security_group_ids))
}

resource "aws_launch_template" "this" {
Expand All @@ -59,7 +61,7 @@ resource "aws_launch_template" "this" {
key_name = var.key_name
user_data = module.user_data.user_data

vpc_security_group_ids = compact(concat([try(aws_security_group.this[0].id, ""), var.cluster_primary_security_group_id], var.vpc_security_group_ids))
vpc_security_group_ids = length(var.network_interfaces) > 0 ? [] : local.security_group_ids

default_version = var.launch_template_default_version
update_default_version = var.update_launch_template_default_version
Expand Down Expand Up @@ -203,13 +205,14 @@ resource "aws_launch_template" "this" {
delete_on_termination = lookup(network_interfaces.value, "delete_on_termination", null)
description = lookup(network_interfaces.value, "description", null)
device_index = lookup(network_interfaces.value, "device_index", null)
ipv4_addresses = lookup(network_interfaces.value, "ipv4_addresses", null) != null ? network_interfaces.value.ipv4_addresses : []
interface_type = lookup(network_interfaces.value, "interface_type", null)
ipv4_addresses = try(network_interfaces.value.ipv4_addresses, [])
ipv4_address_count = lookup(network_interfaces.value, "ipv4_address_count", null)
ipv6_addresses = lookup(network_interfaces.value, "ipv6_addresses", null) != null ? network_interfaces.value.ipv6_addresses : []
ipv6_addresses = try(network_interfaces.value.ipv6_addresses, [])
ipv6_address_count = lookup(network_interfaces.value, "ipv6_address_count", null)
network_interface_id = lookup(network_interfaces.value, "network_interface_id", null)
private_ip_address = lookup(network_interfaces.value, "private_ip_address", null)
security_groups = lookup(network_interfaces.value, "security_groups", null) != null ? network_interfaces.value.security_groups : []
security_groups = compact(concat(try(network_interfaces.value.security_groups, []), local.security_group_ids))
subnet_id = lookup(network_interfaces.value, "subnet_id", null)
}
}
Expand Down

0 comments on commit 62b703d

Please sign in to comment.