xpk/terraform-aws-eks
1
0
Fork 0
mirror of https://github.com/terraform-aws-modules/terraform-aws-eks.git synced 2025-09-09 19:32:58 +08:00
Code Activity

chore: Use # for comments. It's the recommended way to start comment and it's more idiomatic (#1079)

Browse Source
This commit is contained in:
Thierno IB. BARRY
2020-11-02 08:35:12 +01:00
committed by GitHub
parent 127a3a8831
commit 571e4e7f4b
4 changed files with 34 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files
examples/launch_templates_with_managed_node_groups/launchtemplate.tf
+23 -21
View File
@@ -11,12 +11,12 @@ data "template_file" "launch_template_userdata" {
}
}
// this is based on the LT that EKS would create if no custom one is specified (aws ec2 describe-launch-template-versions --launch-template-id xxx)
// there are several more options one could set but you probably dont need to modify them
// you can take the default and add your custom AMI and/or custom tags
//
// Trivia: AWS transparently creates a copy of your LaunchTemplate and actually uses that copy then for the node group. If you DONT use a custom AMI,
// then the default user-data for bootstrapping a cluster is merged in the copy.
# This is based on the LT that EKS would create if no custom one is specified (aws ec2 describe-launch-template-versions --launch-template-id xxx)
# there are several more options one could set but you probably dont need to modify them
# you can take the default and add your custom AMI and/or custom tags
#
# Trivia: AWS transparently creates a copy of your LaunchTemplate and actually uses that copy then for the node group. If you DONT use a custom AMI,
# then the default user-data for bootstrapping a cluster is merged in the copy.
resource "aws_launch_template" "default" {
name_prefix = "eks-example-"
description = "Default Launch-Template"
@@ -29,10 +29,11 @@ resource "aws_launch_template" "default" {
volume_size = 100
volume_type = "gp2"
delete_on_termination = true
//encrypted = true
// enable this if you want to encrypt your node root volumes with a KMS/CMK. encryption of PVCs is handled via k8s StorageClass tho
// you also need to attach data.aws_iam_policy_document.ebs_decryption.json from the disk_encryption_policy.tf to the KMS/CMK key then !!
//kms_key_id = var.kms_key_arn
# encrypted = true
# Enable this if you want to encrypt your node root volumes with a KMS/CMK. encryption of PVCs is handled via k8s StorageClass tho
# you also need to attach data.aws_iam_policy_document.ebs_decryption.json from the disk_encryption_policy.tf to the KMS/CMK key then !!
# kms_key_id = var.kms_key_arn
}
}
@@ -48,19 +49,20 @@ resource "aws_launch_template" "default" {
security_groups = [module.eks.worker_security_group_id]
}
//image_id = var.ami_id // if you want to use a custom AMI
# if you want to use a custom AMI
# image_id = var.ami_id
// if you use a custom AMI, you need to supply via user-data, the bootstrap script as EKS DOESNT merge its managed user-data then
// you can add more than the minimum code you see in the template, e.g. install SSM agent, see https://github.com/aws/containers-roadmap/issues/593#issuecomment-577181345
//
// (optionally you can use https://registry.terraform.io/providers/hashicorp/cloudinit/latest/docs/data-sources/cloudinit_config to render the script, example: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/997#issuecomment-705286151)
# If you use a custom AMI, you need to supply via user-data, the bootstrap script as EKS DOESNT merge its managed user-data then
# you can add more than the minimum code you see in the template, e.g. install SSM agent, see https://github.com/aws/containers-roadmap/issues/593#issuecomment-577181345
#
# (optionally you can use https://registry.terraform.io/providers/hashicorp/cloudinit/latest/docs/data-sources/cloudinit_config to render the script, example: https://github.com/terraform-aws-modules/terraform-aws-eks/pull/997#issuecomment-705286151)
// user_data = base64encode(
// data.template_file.launch_template_userdata.rendered,
// )
# user_data = base64encode(
# data.template_file.launch_template_userdata.rendered,
# )
// supplying custom tags to EKS instances is another use-case for LaunchTemplates
# Supplying custom tags to EKS instances is another use-case for LaunchTemplates
tag_specifications {
resource_type = "instance"
@@ -69,7 +71,7 @@ resource "aws_launch_template" "default" {
}
}
// supplying custom tags to EKS instances root volumes is another use-case for LaunchTemplates. (doesnt add tags to dynamically provisioned volumes via PVC tho)
# Supplying custom tags to EKS instances root volumes is another use-case for LaunchTemplates. (doesnt add tags to dynamically provisioned volumes via PVC tho)
tag_specifications {
resource_type = "volume"
@@ -78,7 +80,7 @@ resource "aws_launch_template" "default" {
}
}
// tag the LT itself
# Tag the LT itself
tags = {
CustomTag = "EKS example"
}