xpk/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/terraform-aws-modules/terraform-aws-eks.git synced 2025-09-09 19:32:58 +08:00
Code Activity

fix: Remediate type mismatch for EFA interfaces and ensure correct (local) definition is used (#3491)

Browse Source
This commit is contained in:
Bryant Biggs
2025-08-24 12:59:13 -05:00
committed by GitHub
parent f56e87eecd
commit 3959b65672
8 changed files with 92 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/eks-managed-node-group/README.md
+1 -1
View File
@@ -169,7 +169,7 @@ module "eks_managed_node_group" {
| <a name="input_metadata_options"></a> [metadata\_options](#input\_metadata\_options) | Customize the metadata options for the instance | <pre>object({<br/> http_endpoint = optional(string, "enabled")<br/> http_protocol_ipv6 = optional(string)<br/> http_put_response_hop_limit = optional(number, 1)<br/> http_tokens = optional(string, "required")<br/> instance_metadata_tags = optional(string)<br/> })</pre> | <pre>{<br/> "http_endpoint": "enabled",<br/> "http_put_response_hop_limit": 1,<br/> "http_tokens": "required"<br/>}</pre> | no |
| <a name="input_min_size"></a> [min\_size](#input\_min\_size) | Minimum number of instances/nodes | `number` | `1` | no |
| <a name="input_name"></a> [name](#input\_name) | Name of the EKS managed node group | `string` | `""` | no |
| <a name="input_network_interfaces"></a> [network\_interfaces](#input\_network\_interfaces) | Customize network interfaces to be attached at instance boot time | <pre>list(object({<br/> associate_carrier_ip_address = optional(bool)<br/> associate_public_ip_address = optional(bool)<br/> connection_tracking_specification = optional(object({<br/> tcp_established_timeout = optional(number)<br/> udp_stream_timeout = optional(number)<br/> udp_timeout = optional(number)<br/> }))<br/> delete_on_termination = optional(bool)<br/> description = optional(string)<br/> device_index = optional(number)<br/> ena_srd_specification = optional(object({<br/> ena_srd_enabled = optional(bool)<br/> ena_srd_udp_specification = optional(object({<br/> ena_srd_udp_enabled = optional(bool)<br/> }))<br/> }))<br/> interface_type = optional(string)<br/> ipv4_address_count = optional(number)<br/> ipv4_addresses = optional(list(string))<br/> ipv4_prefix_count = optional(number)<br/> ipv4_prefixes = optional(list(string))<br/> ipv6_address_count = optional(number)<br/> ipv6_addresses = optional(list(string))<br/> ipv6_prefix_count = optional(number)<br/> ipv6_prefixes = optional(list(string))<br/> network_card_index = optional(number)<br/> network_interface_id = optional(string)<br/> primary_ipv6 = optional(bool)<br/> private_ip_address = optional(string)<br/> security_groups = optional(list(string), [])<br/> subnet_id = optional(string)<br/> }))</pre> | `[]` | no |
| <a name="input_network_interfaces"></a> [network\_interfaces](#input\_network\_interfaces) | Customize network interfaces to be attached at instance boot time | <pre>list(object({<br/> associate_carrier_ip_address = optional(bool)<br/> associate_public_ip_address = optional(bool)<br/> connection_tracking_specification = optional(object({<br/> tcp_established_timeout = optional(number)<br/> udp_stream_timeout = optional(number)<br/> udp_timeout = optional(number)<br/> }))<br/> delete_on_termination = optional(bool)<br/> description = optional(string)<br/> device_index = optional(number)<br/> ena_srd_specification = optional(object({<br/> ena_srd_enabled = optional(bool)<br/> ena_srd_udp_specification = optional(object({<br/> ena_srd_udp_enabled = optional(bool)<br/> }))<br/> }))<br/> interface_type = optional(string)<br/> ipv4_address_count = optional(number)<br/> ipv4_addresses = optional(list(string))<br/> ipv4_prefix_count = optional(number)<br/> ipv4_prefixes = optional(list(string))<br/> ipv6_address_count = optional(number)<br/> ipv6_addresses = optional(list(string))<br/> ipv6_prefix_count = optional(number)<br/> ipv6_prefixes = optional(list(string))<br/> network_card_index = optional(number)<br/> network_interface_id = optional(string)<br/> primary_ipv6 = optional(bool)<br/> private_ip_address = optional(string)<br/> security_groups = optional(list(string), [])<br/> }))</pre> | `[]` | no |
| <a name="input_node_repair_config"></a> [node\_repair\_config](#input\_node\_repair\_config) | The node auto repair configuration for the node group | <pre>object({<br/> enabled = optional(bool, true)<br/> })</pre> | `null` | no |
| <a name="input_partition"></a> [partition](#input\_partition) | The AWS partition - pass through value to reduce number of GET requests from data sources | `string` | `""` | no |
| <a name="input_placement"></a> [placement](#input\_placement) | The placement of the instance | <pre>object({<br/> affinity = optional(string)<br/> availability_zone = optional(string)<br/> group_name = optional(string)<br/> host_id = optional(string)<br/> host_resource_group_arn = optional(string)<br/> partition_number = optional(number)<br/> spread_domain = optional(string)<br/> tenancy = optional(string)<br/> })</pre> | `null` | no |
modules/eks-managed-node-group/main.tf
+38 -6
View File
@@ -41,7 +41,7 @@ module "user_data" {
################################################################################
data "aws_ec2_instance_type" "this" {
count = var.create && var.enable_efa_support ? 1 : 0
count = local.enable_efa_support ? 1 : 0
region = var.region
@@ -62,6 +62,24 @@ locals {
device_index = i == 0 ? 0 : 1
network_card_index = i
interface_type = var.enable_efa_only ? contains(concat([0], var.efa_indices), i) ? "efa" : "efa-only" : "efa"
# Null out due to error: The true and false result expressions must have consistent types. The 'true' value is tuple, but the 'false' value is list of objects.
associate_carrier_ip_address = null
connection_tracking_specification = null
description = "EFA${var.enable_efa_only ? "-only" : ""} Network Interface ${i}"
ena_srd_specification = null
ipv4_address_count = null
ipv4_addresses = null
ipv4_prefix_count = null
ipv4_prefixes = null
ipv6_address_count = null
ipv6_addresses = null
ipv6_prefix_count = null
ipv6_prefixes = null
network_interface_id = null
primary_ipv6 = null
private_ip_address = null
security_groups = []
}
]
@@ -247,7 +265,7 @@ resource "aws_launch_template" "this" {
name_prefix = var.launch_template_use_name_prefix ? "${local.launch_template_name}-" : null
dynamic "network_interfaces" {
for_each = length(var.network_interfaces) > 0 ? var.network_interfaces : []
for_each = length(local.network_interfaces) > 0 ? local.network_interfaces : []
content {
associate_carrier_ip_address = network_interfaces.value.associate_carrier_ip_address
@@ -688,9 +706,16 @@ locals {
{
all_self_efa = {
description = "Node to node EFA"
protocol = "-1"
from_port = 0
ip_protocol = "-1"
self = true
# Null out due to variable type and not using `try()` in resource
cidr_ipv4 = null
cidr_ipv6 = null
from_port = null
name = null
prefix_list_id = null
tags = {}
}
} : k => v if var.enable_efa_support
},
@@ -700,9 +725,16 @@ locals {
{
all_self_efa = {
description = "Node to node EFA"
protocol = "-1"
to_port = 0
ip_protocol = "-1"
self = true
# Null out due to variable type and not using `try()` in resource
cidr_ipv4 = null
cidr_ipv6 = null
to_port = null
name = null
prefix_list_id = null
tags = {}
}
} : k => v if var.enable_efa_support
},
modules/eks-managed-node-group/variables.tf
-1
View File
@@ -384,7 +384,6 @@ variable "network_interfaces" {
primary_ipv6 = optional(bool)
private_ip_address = optional(string)
security_groups = optional(list(string), [])
subnet_id = optional(string)
}))
default = []
nullable = false