Last active
November 5, 2020 15:19
-
-
Save thepoppingone/2422317d3395896e21b4e8f55f4bc702 to your computer and use it in GitHub Desktop.
eks nodegroups
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "aws_eks_node_group" "your-eks-cluster-ng" { | |
| cluster_name = aws_eks_cluster.your-eks-cluster.name | |
| node_group_name = "your-eks-cluster-ng-hardened" | |
| node_role_arn = aws_iam_role.your-eks-cluster-ng.arn | |
| subnet_ids = [var.network_subnets.pvt[0].id, var.network_subnets.pvt[1].id, var.network_subnets.pvt[2].id] | |
| # instance_types = ["t3.medium"] -> this is removed and shifted to the custom launch template | |
| tags = merge(var.default_tags, map("Name", "your-eks-cluster-ng")) | |
| scaling_config { | |
| desired_size = var.asg_desired_size | |
| max_size = var.asg_max_size | |
| min_size = var.asg_min_size | |
| } | |
| launch_template { | |
| name = aws_launch_template.your_eks_launch_template.name | |
| version = aws_launch_template.your_eks_launch_template.latest_version | |
| } | |
| # Ensure that IAM Role permissions are created before and deleted after EKS Node Group handling. | |
| # Otherwise, EKS will not be able to properly delete EC2 Instances and Elastic Network Interfaces. | |
| depends_on = [ | |
| aws_iam_role_policy_attachment.your-eks-cluster-ng-AmazonEKSWorkerNodePolicy, | |
| aws_iam_role_policy_attachment.your-eks-cluster-ng-AmazonEKS_CNI_Policy, | |
| aws_iam_role_policy_attachment.your-eks-cluster-ng-AmazonEC2ContainerRegistryReadOnly, | |
| ] | |
| lifecycle { | |
| create_before_destroy = true | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment