#terraform-aws-modules (2020-10)

terraform Terraform Modules

Discussions related to https://github.com/terraform-aws-modules

Archive: https://archive.sweetops.com/terraform-aws-modules/

2020-10-05

rei avatar

Hi, does someone know the difference between:

https://github.com/cloudposse/terraform-aws-eks-workers/

https://github.com/cloudposse/terraform-aws-eks-node-group And if any, which one should I use? Deploying a new infra

cloudposse/terraform-aws-eks-workers

Terraform module to provision an AWS AutoScaling Group, IAM Role, and Security Group for EKS Workers - cloudposse/terraform-aws-eks-workers

cloudposse/terraform-aws-eks-node-group

Terraform module to provision an EKS Node Group. Contribute to cloudposse/terraform-aws-eks-node-group development by creating an account on GitHub.

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

Node Group is managed node group, where EKS controls eveything

cloudposse/terraform-aws-eks-workers

Terraform module to provision an AWS AutoScaling Group, IAM Role, and Security Group for EKS Workers - cloudposse/terraform-aws-eks-workers

cloudposse/terraform-aws-eks-node-group

Terraform module to provision an EKS Node Group. Contribute to cloudposse/terraform-aws-eks-node-group development by creating an account on GitHub.

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

eks-workers are unmanaged nodes (where you control everything)

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

eks-workers allow you more control and provide some features that managed node group does not have, e.g. it does not support Spot Instances

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

if in doubt, use node-group

2
Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

you also can use both if you have that use-case, in which case you connect both managed and unmanaged nodes to the same EKS cluster

rei avatar

Thank you for the explanation!

Amit Karpe avatar
Amit Karpe

Do we have any guide / documentation to follow and create EKS cluster + NG or Fargate?

rei avatar

Not really

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)
cloudposse/terraform-aws-eks-node-group

Terraform module to provision an EKS Node Group. Contribute to cloudposse/terraform-aws-eks-node-group development by creating an account on GitHub.

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)
cloudposse/terraform-aws-eks-fargate-profile

Terraform module to provision an EKS Fargate Profile - cloudposse/terraform-aws-eks-fargate-profile

rei avatar

I meant a guide or tutorial…

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

examples/complete is a fully working and tested solution.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

there’s no tutorial/guide, but should just be to run terraform init , terraform apply

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Amit Karpe avatar
Amit Karpe

Thanks

2020-10-13

RogierD avatar
RogierD

Hi all, I made a very smol PR to be reviewed: https://github.com/cloudposse/terraform-aws-ec2-instance-group/pull/16

We have forked the terraform-aws-ec2-instance-group to our own repo’s since we wanted to add multiple availability zone setup in the module, we have added this and now we are moving on to the next issue: There seems to be an issue with extra ebs volumes attached. While i was comparing our own module to yours I found this smol issue. Please let me know if there are any questions.

Raised version of module for ssh_key_pair by a-nldisr · Pull Request #16 · cloudposse/terraform-aws-ec2-instance-group

The ssh_key_pair module is pointing to version 0.9.0. However 0.9.0 can only be used with Terraform version 0.12. Result is that this module is broken in 0.12.x+ versions, as you can see in the err…

1

2020-10-14

bazbremner avatar
bazbremner

Just a gentle nudge for https://github.com/cloudposse/terraform-aws-multi-az-subnets/pull/27 - I opened it back at the end of August. Tests have passed, needs an approval and merge, pelase!

Relax AWS provider to permit 2.x and 3.x releases by bazbremner · Pull Request #27 · cloudposse/terraform-aws-multi-az-subnets

what Relaxes the version pinning on the module to allow the existing 2.x and now newer 3.x AWS provider to be used why To allow code that calls this module and requires newer resources that only…

1
Matt Gowie avatar
Matt Gowie

@bazbremner Looks like you have merge conflicts sadly. Mind doing a rebase and we’ll get this merged?

Relax AWS provider to permit 2.x and 3.x releases by bazbremner · Pull Request #27 · cloudposse/terraform-aws-multi-az-subnets

what Relaxes the version pinning on the module to allow the existing 2.x and now newer 3.x AWS provider to be used why To allow code that calls this module and requires newer resources that only…

1
bazbremner avatar
bazbremner

Sure, just in the middle of a pairing session then I’ll rebase and push. I suspect it’ll need another approval after that push.

1
bazbremner avatar
bazbremner

Sorry, took longer than I expected to get around to this. Rebased and pushed, waiting on the tests now.

bazbremner avatar
bazbremner

Right, triggered the tests explicitly (nothing had happened after ~15 minutes - is that deliberate?), they’ve passed. @Matt Gowie over to you for another review and merge, please.

2020-10-15

Cody Moore avatar
Cody Moore

I ran into a recent issue with: https://github.com/cloudposse/terraform-aws-eks-node-group concerning a cycle dependency. Has anyone else ran into this:

Error: Cycle: module.node-group.aws_eks_node_group.cbd[0] (destroy deposed 3fbf533a), module.node-group.aws_iam_role_policy_attachment.amazon_eks_worker_node_autoscaler_policy[0] (destroy), module.node-group.aws_eks_node_group.cbd[0]

?

cloudposse/terraform-aws-eks-node-group

Terraform module to provision an EKS Node Group. Contribute to cloudposse/terraform-aws-eks-node-group development by creating an account on GitHub.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@Jeremy G (Cloud Posse)

cloudposse/terraform-aws-eks-node-group

Terraform module to provision an EKS Node Group. Contribute to cloudposse/terraform-aws-eks-node-group development by creating an account on GitHub.

Jeremy G (Cloud Posse) avatar
Jeremy G (Cloud Posse)

The current terraform-aws-eks-node-group requires Terraform v0.13.3 or later. This is documented in the release notes.

Cody Moore avatar
Cody Moore

It was ran via atlantis using tfv0.13.4

Jeremy G (Cloud Posse) avatar
Jeremy G (Cloud Posse)

@Cody Moore I suggest you double-check that, as this error is expected when you run TF 0.13.2 or earlier and was fixed in TF 0.13.3

Cody Moore avatar
Cody Moore

Hmm interesting ok

Cody Moore avatar
Cody Moore

Will do, thank you

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Release v0.12.0: Remove autoscaler permissions from worker role · cloudposse/terraform-aws-eks-node-group

Potentially breaking changes Terraform 0.13.3 or later required This release requires Terraform 0.13.3 or later because it is affected by these bugs that are fixed in 0.13.3: hashicorp/terraform#2…

1
Cody Moore avatar
Cody Moore

Yep definitely running terraform 0.13.4

Cody Moore avatar
Cody Moore

Cycle is in different order if that makes any difference:

Error: Cycle: module.node-group.aws_iam_role_policy_attachment.amazon_eks_worker_node_autoscaler_policy[0] (destroy), module.node-group.aws_eks_node_group.cbd[0], module.node-group.aws_eks_node_group.cbd[0] (destroy deposed 39e8a12f)
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Cody Moore avatar
Cody Moore

Yea, still stumped on this.. Tabling for now and will try again later. Any advice for debugging the cycle?

Jeremy G (Cloud Posse) avatar
Jeremy G (Cloud Posse)

No, the order does not matter, nor do the start and end points (it is a cycle, after all). I suggest trying with TF 0.13.3. We have not used TF 0.13.4 with this module and it is possible there was a regression in Terraform. Also try TF 0.14. If it still does not work, I suggest looking at this TF bug and seeing if it suggests anything to you with respect to fixing the issue or opening a new bug report.

Cycle error when removing a resource along with create_before_destroy · Issue #26226 · hashicorp/terraform

Terraform fails to apply a plan, citing a dependency cycle, but I think that is wrong. I am not positive, because I do not quite understand how to parse the error message I am getting; maybe if I c…

1
Shankar Kumar Chaudhary avatar
Shankar Kumar Chaudhary

i got such issue when using terraform terraform_0.12.24 after updating aws-modules to latest one

Cody Moore avatar
Cody Moore

I ended up manually deleting one of the resources then reapplying, that worked

Jeremy G (Cloud Posse) avatar
Jeremy G (Cloud Posse)
08:17:56 PM

@Jeremy G (Cloud Posse) has joined the channel

2020-10-19

Cody Moore avatar
Cody Moore

What’s the state of https://github.com/cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms ? I noticed that the repo is pretty far behind now with TF 0.13 out. I was going to help with the update but realized that it was partially done in a few PRs

cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms

Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail. - cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms

Matt Gowie avatar
Matt Gowie

@Cody Moore It’s common that there are some older modules that just haven’t been updated to 0.12 syntax because CP started saying “We’re only going to upgrade modules to 0.12 if they have tests and pass those tests as that is the only sustainable way that we can support 200+ modules”.

So it looks like there were attempts to upgrade to 0.12, but none of them went all the way through the process. If you really want to bring that module into the new world then please feel free to fork the furthest along of those PRs, update it as far as you can to add tests and get them passing, and put it up on PR. I’d be happy to review and help you along in the process.

cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms

Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail. - cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms

Matt Gowie avatar
Matt Gowie
Bring this module into the new world by Gowiem · Pull Request #9 · cloudposse/terraform-aws-iam-user

what This builds off of the work from @chess-seventh and @ivanmartos to bring this module up-to-date with the latest and greatest Cloud Posse practices: Adds 0.12+ support Updates tests to use new…

Convert to TF 0.12. Add tests. Add Codefresh test pipeline by aknysh · Pull Request #14 · cloudposse/terraform-aws-ssm-parameter-store

what Port module to Terraform 0.12 Pin all providers Add example for testing Add bats and terratest for the example Add Codefresh badge to point to the test pipeline in terraform-modules project U…

Cody Moore avatar
Cody Moore

Gotcha, makes sense. Updating to 0.12 is really the first goal then right? With that said, the main testing infra used is CodeFresh like in the example PR given: https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn/pull/45/files ?

Also, a lot of the PRs are close as well, so I can also just use them as reference, since there isn’t just one that is the ‘furthest’ along imo

Convert to TF 0.12. Add tests. Add Codefresh test pipeline by aknysh · Pull Request #45 · cloudposse/terraform-aws-cloudfront-s3-cdn

what Port module to Terraform 0.12 Pin all providers Add example for testing Add bats and terratest for the example Add Codefresh badge to point to the test pipeline in terraform-modules project U…

Matt Gowie avatar
Matt Gowie

We’re no longer using CodeFresh. Check out the iam-user module PR above. CodeFresh was removed from the CP module toolset in between 0.12 and 0.13. We’re now using GH actions and there is an associated “ChatOps” workflow file for that.

1
Matt Gowie avatar
Matt Gowie

And yeah, if you want start fresh and use the existing PRs against that module as reference then go for it.

Cody Moore avatar
Cody Moore

Ah yep, ok I see that now. Thanks for the clarification. I’ll take a stab at that. Thanks!

Matt Gowie avatar
Matt Gowie

No problem! Let me know if you have any other questions while you’re going through it.

1
Cody Moore avatar
Cody Moore

Will do

2020-10-26

Lyubomir avatar
Lyubomir

Hi all, I’ve been working with the EKS terraform modules, and I ran into an issue with scaling nodegroups from this repo - https://github.com/cloudposse/terraform-aws-eks-node-group So the problem is that I try to increase desired_size by specifying higher value, however the changes for desired_size are being ignored because of the following code in the [main.tf](http://main.tf)

  lifecycle {
    create_before_destroy = false
    ignore_changes        = [scaling_config[0].desired_size]
  }

Can anyone explain why desired_size has to be ignored in this situation ?

cloudposse/terraform-aws-eks-node-group

Terraform module to provision an EKS Node Group. Contribute to cloudposse/terraform-aws-eks-node-group development by creating an account on GitHub.

Lyubomir avatar
Lyubomir

is this the correct channel for such question ?

Lyubomir avatar
Lyubomir

I will post in #terraform

2020-10-31

davidvasandani avatar
davidvasandani

Does anyone know why the module bitflight-public/terraform-aws-app-mesh which looks like a CloudPosse module is no longer available via the CloudPosse GitHub Org?

bitflight-public/terraform-aws-app-mesh

Terraform module for creating the app mesh resources - bitflight-public/terraform-aws-app-mesh

    keyboard_arrow_up