Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

support multiple role arns in karpenter #4

Merged
merged 5 commits into from
Apr 22, 2024
Merged

support multiple role arns in karpenter #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
7675e7e
support multiple role arns in karpenter
shubhamrai1993 Apr 22, 2024
64bb599
terraform-docs: automated action
github-actions[bot] Apr 22, 2024
7e2f3c0
Accepting additional role for additional role arn
shubhamrai1993 Apr 22, 2024
92ca948
terraform-docs: automated action
github-actions[bot] Apr 22, 2024
2db25c6
Ran terraform fmt
shubhamrai1993 Apr 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,9 @@ Truefoundry AWS Karpenter Module

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_additional_controller_node_iam_role_arns"></a> [additional\_controller\_node\_iam\_role\_arns](#input\_additional\_controller\_node\_iam\_role\_arns) | The additional node iam roles to be used by karpenter | `list(string)` | `[]` | no |
| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Cluster Name to install karpenter | `string` | n/a | yes |
| <a name="input_controller_node_iam_role_arn"></a> [controller\_node\_iam\_role\_arn](#input\_controller\_node\_iam\_role\_arn) | The initial node iam role arn | `string` | n/a | yes |
| <a name="input_controller_node_iam_role_arn"></a> [controller\_node\_iam\_role\_arn](#input\_controller\_node\_iam\_role\_arn) | The node iam role for the initial node group to be used by karpenter | `string` | n/a | yes |
| <a name="input_controller_nodegroup_name"></a> [controller\_nodegroup\_name](#input\_controller\_nodegroup\_name) | The initial nodegroup name | `string` | n/a | yes |
| <a name="input_k8s_service_account_name"></a> [k8s\_service\_account\_name](#input\_k8s\_service\_account\_name) | The k8s karpenter service account name | `string` | n/a | yes |
| <a name="input_k8s_service_account_namespace"></a> [k8s\_service\_account\_namespace](#input\_k8s\_service\_account\_namespace) | The k8s karpenter namespace | `string` | n/a | yes |
Expand Down
4 changes: 2 additions & 2 deletions main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@ module "karpenter_irsa_role" {
attach_karpenter_controller_policy = true

karpenter_controller_cluster_id = var.cluster_name
karpenter_controller_node_iam_role_arns = [var.controller_node_iam_role_arn]
karpenter_controller_node_iam_role_arns = flatten([var.controller_node_iam_role_arn, var.additional_controller_node_iam_role_arns])

attach_vpc_cni_policy = true
vpc_cni_enable_ipv4 = true

role_policy_arns = {
"sqs_policy" = aws_iam_policy.sqs.arn
}
Expand Down
6 changes: 3 additions & 3 deletions output.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
output "karpenter_role_arn" {
value = module.karpenter_irsa_role.iam_role_arn
value = module.karpenter_irsa_role.iam_role_arn
description = "Karpenter role ARN"
}

output "karpenter_instance_profile_id" {
value = aws_iam_instance_profile.karpenter.id
value = aws_iam_instance_profile.karpenter.id
description = "Karpenter instance profile ID"
}

output "karpenter_sqs_name" {
value = aws_sqs_queue.karpenter.name
value = aws_sqs_queue.karpenter.name
description = "Name of the SQS queue for interruption handling"
}
4 changes: 2 additions & 2 deletions sqs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
resource "aws_sqs_queue" "karpenter" {
name = "${var.cluster_name}-karpenter"
message_retention_seconds = var.message_retention_seconds
sqs_managed_sse_enabled = var.sqs_enable_encryption
tags = local.tags
sqs_managed_sse_enabled = var.sqs_enable_encryption
tags = local.tags
}

data "aws_iam_policy_document" "sqs" {
Expand Down
16 changes: 11 additions & 5 deletions variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,24 +19,30 @@ variable "oidc_provider_arn" {
}

variable "controller_node_iam_role_arn" {
description = "The initial node iam role arn"
description = "The node iam role for the initial node group to be used by karpenter"
type = string
}

variable "additional_controller_node_iam_role_arns" {
description = "The additional node iam roles to be used by karpenter"
type = list(string)
default = []
}

variable "controller_nodegroup_name" {
description = "The initial nodegroup name"
type = string
}
variable "sqs_enable_encryption" {
description = "Enable Server side encryption for SQS"
type = bool
default = true
type = bool
default = true
}

variable "message_retention_seconds" {
description = "Message retention in seconds for SQS queue"
type = number
default = 300
type = number
default = 300
}

variable "tags" {
Expand Down
Loading