From d71e5662ac3aa2be8e167d66ca04ae518f4116f8 Mon Sep 17 00:00:00 2001 From: D Ther Date: Tue, 7 Mar 2023 17:55:31 +0700 Subject: [PATCH 1/5] fix: karpenter eventbridge naming --- modules/kubernetes-addons/karpenter/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/kubernetes-addons/karpenter/main.tf b/modules/kubernetes-addons/karpenter/main.tf index 70382bf450..f25b84088c 100644 --- a/modules/kubernetes-addons/karpenter/main.tf +++ b/modules/kubernetes-addons/karpenter/main.tf @@ -37,7 +37,7 @@ resource "aws_sqs_queue_policy" "this" { resource "aws_cloudwatch_event_rule" "this" { for_each = { for k, v in local.event_rules : k => v if var.enable_spot_termination } - name = each.value.name + name = join("-", [each.value.name, var.addon_context.eks_cluster_id]) description = each.value.description event_pattern = jsonencode(each.value.event_pattern) tags = merge( From d406ad48047e1d4b7ceffb107f01f6dd68e952a5 Mon Sep 17 00:00:00 2001 From: D Ther Date: Wed, 15 Mar 2023 10:09:03 +0700 Subject: [PATCH 2/5] using name_prefix instead of name --- modules/kubernetes-addons/karpenter/main.tf | 2 +- modules/kubernetes-addons/karpenter/variables.tf | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/modules/kubernetes-addons/karpenter/main.tf b/modules/kubernetes-addons/karpenter/main.tf index f25b84088c..a9f94efa2e 100644 --- a/modules/kubernetes-addons/karpenter/main.tf +++ b/modules/kubernetes-addons/karpenter/main.tf @@ -37,7 +37,7 @@ resource "aws_sqs_queue_policy" "this" { resource "aws_cloudwatch_event_rule" "this" { for_each = { for k, v in local.event_rules : k => v if var.enable_spot_termination } - name = join("-", [each.value.name, var.addon_context.eks_cluster_id]) + name_prefix = "${var.rule_name_prefix}${each.value.name}-" description = each.value.description event_pattern = jsonencode(each.value.event_pattern) tags = merge( diff --git a/modules/kubernetes-addons/karpenter/variables.tf b/modules/kubernetes-addons/karpenter/variables.tf index 21daffef11..ca0bd61936 100644 --- a/modules/kubernetes-addons/karpenter/variables.tf +++ b/modules/kubernetes-addons/karpenter/variables.tf @@ -68,3 +68,9 @@ variable "sqs_queue_kms_data_key_reuse_period_seconds" { type = number default = null } + +variable "rule_name_prefix" { + description = "Prefix used for all event bridge rules" + type = string + default = "Karpenter" +} \ No newline at end of file From 7fd77bd19c4589836ee22b51316c185dab5caaaf Mon Sep 17 00:00:00 2001 From: D Ther Date: Wed, 15 Mar 2023 10:20:55 +0700 Subject: [PATCH 3/5] using name_prefix instead of name --- modules/kubernetes-addons/karpenter/main.tf | 2 +- modules/kubernetes-addons/karpenter/variables.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/kubernetes-addons/karpenter/main.tf b/modules/kubernetes-addons/karpenter/main.tf index a9f94efa2e..2045686fa6 100644 --- a/modules/kubernetes-addons/karpenter/main.tf +++ b/modules/kubernetes-addons/karpenter/main.tf @@ -37,7 +37,7 @@ resource "aws_sqs_queue_policy" "this" { resource "aws_cloudwatch_event_rule" "this" { for_each = { for k, v in local.event_rules : k => v if var.enable_spot_termination } - name_prefix = "${var.rule_name_prefix}${each.value.name}-" + name_prefix = "${var.karpenter_event_rule_name_prefix}${each.value.name}-" description = each.value.description event_pattern = jsonencode(each.value.event_pattern) tags = merge( diff --git a/modules/kubernetes-addons/karpenter/variables.tf b/modules/kubernetes-addons/karpenter/variables.tf index ca0bd61936..54dcbd2e5b 100644 --- a/modules/kubernetes-addons/karpenter/variables.tf +++ b/modules/kubernetes-addons/karpenter/variables.tf @@ -69,7 +69,7 @@ variable "sqs_queue_kms_data_key_reuse_period_seconds" { default = null } -variable "rule_name_prefix" { +variable "karpenter_event_rule_name_prefix" { description = "Prefix used for all event bridge rules" type = string default = "Karpenter" From 2f365d25f09999c8b952c37a016ce25e5881ab49 Mon Sep 17 00:00:00 2001 From: D Ther Date: Wed, 15 Mar 2023 10:34:18 +0700 Subject: [PATCH 4/5] using name_prefix instead of name --- modules/kubernetes-addons/README.md | 1 + modules/kubernetes-addons/karpenter/README.md | 1 + modules/kubernetes-addons/karpenter/main.tf | 2 +- modules/kubernetes-addons/karpenter/variables.tf | 4 ++-- modules/kubernetes-addons/main.tf | 1 + modules/kubernetes-addons/variables.tf | 6 ++++++ 6 files changed, 12 insertions(+), 3 deletions(-) diff --git a/modules/kubernetes-addons/README.md b/modules/kubernetes-addons/README.md index 2d682a152c..77db0ca5af 100644 --- a/modules/kubernetes-addons/README.md +++ b/modules/kubernetes-addons/README.md @@ -274,6 +274,7 @@ | [irsa\_iam\_permissions\_boundary](#input\_irsa\_iam\_permissions\_boundary) | IAM permissions boundary for IRSA roles | `string` | `""` | no | | [irsa\_iam\_role\_path](#input\_irsa\_iam\_role\_path) | IAM role path for IRSA roles | `string` | `"/"` | no | | [karpenter\_enable\_spot\_termination\_handling](#input\_karpenter\_enable\_spot\_termination\_handling) | Determines whether to enable native spot termination handling | `bool` | `false` | no | +| [karpenter\_event\_rule\_name\_prefix](#input\_karpenter\_event\_rule\_name\_prefix) | Prefix used for karpenter event bridge rules | `string` | `"Karpenter"` | no | | [karpenter\_helm\_config](#input\_karpenter\_helm\_config) | Karpenter autoscaler add-on config | `any` | `{}` | no | | [karpenter\_irsa\_policies](#input\_karpenter\_irsa\_policies) | Additional IAM policies for a IAM role for service accounts | `list(string)` | `[]` | no | | [karpenter\_node\_iam\_instance\_profile](#input\_karpenter\_node\_iam\_instance\_profile) | Karpenter Node IAM Instance profile id | `string` | `""` | no | diff --git a/modules/kubernetes-addons/karpenter/README.md b/modules/kubernetes-addons/karpenter/README.md index 5342000c07..cfb717a003 100644 --- a/modules/kubernetes-addons/karpenter/README.md +++ b/modules/kubernetes-addons/karpenter/README.md @@ -48,6 +48,7 @@ For more details checkout [Karpenter](https://karpenter.sh/docs/getting-started/ | [manage\_via\_gitops](#input\_manage\_via\_gitops) | Determines if the add-on should be managed via GitOps. | `bool` | `false` | no | | [node\_iam\_instance\_profile](#input\_node\_iam\_instance\_profile) | Karpenter Node IAM Instance profile id | `string` | `""` | no | | [path](#input\_path) | Path in which to create the Karpenter policy | `string` | `"/"` | no | +| [rule\_name\_prefix](#input\_rule\_name\_prefix) | Prefix used for all event bridge rules | `string` | `"Karpenter"` | no | | [sqs\_queue\_kms\_data\_key\_reuse\_period\_seconds](#input\_sqs\_queue\_kms\_data\_key\_reuse\_period\_seconds) | The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again | `number` | `null` | no | | [sqs\_queue\_kms\_master\_key\_id](#input\_sqs\_queue\_kms\_master\_key\_id) | The ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK | `string` | `null` | no | | [sqs\_queue\_managed\_sse\_enabled](#input\_sqs\_queue\_managed\_sse\_enabled) | Enable server-side encryption (SSE) for a SQS queue | `bool` | `true` | no | diff --git a/modules/kubernetes-addons/karpenter/main.tf b/modules/kubernetes-addons/karpenter/main.tf index 2045686fa6..a9f94efa2e 100644 --- a/modules/kubernetes-addons/karpenter/main.tf +++ b/modules/kubernetes-addons/karpenter/main.tf @@ -37,7 +37,7 @@ resource "aws_sqs_queue_policy" "this" { resource "aws_cloudwatch_event_rule" "this" { for_each = { for k, v in local.event_rules : k => v if var.enable_spot_termination } - name_prefix = "${var.karpenter_event_rule_name_prefix}${each.value.name}-" + name_prefix = "${var.rule_name_prefix}${each.value.name}-" description = each.value.description event_pattern = jsonencode(each.value.event_pattern) tags = merge( diff --git a/modules/kubernetes-addons/karpenter/variables.tf b/modules/kubernetes-addons/karpenter/variables.tf index 54dcbd2e5b..e133d6301e 100644 --- a/modules/kubernetes-addons/karpenter/variables.tf +++ b/modules/kubernetes-addons/karpenter/variables.tf @@ -69,8 +69,8 @@ variable "sqs_queue_kms_data_key_reuse_period_seconds" { default = null } -variable "karpenter_event_rule_name_prefix" { +variable "rule_name_prefix" { description = "Prefix used for all event bridge rules" type = string default = "Karpenter" -} \ No newline at end of file +} diff --git a/modules/kubernetes-addons/main.tf b/modules/kubernetes-addons/main.tf index 15e842b308..8f301570db 100644 --- a/modules/kubernetes-addons/main.tf +++ b/modules/kubernetes-addons/main.tf @@ -321,6 +321,7 @@ module "karpenter" { irsa_policies = var.karpenter_irsa_policies node_iam_instance_profile = var.karpenter_node_iam_instance_profile enable_spot_termination = var.karpenter_enable_spot_termination_handling + rule_name_prefix = var.karpenter_event_rule_name_prefix manage_via_gitops = var.argocd_manage_add_ons addon_context = local.addon_context sqs_queue_managed_sse_enabled = var.sqs_queue_managed_sse_enabled diff --git a/modules/kubernetes-addons/variables.tf b/modules/kubernetes-addons/variables.tf index 7ca52ca2e0..9012b54b9c 100644 --- a/modules/kubernetes-addons/variables.tf +++ b/modules/kubernetes-addons/variables.tf @@ -911,6 +911,12 @@ variable "karpenter_enable_spot_termination_handling" { default = false } +variable "karpenter_event_rule_name_prefix" { + description = "Prefix used for karpenter event bridge rules" + type = string + default = "Karpenter" +} + variable "sqs_queue_managed_sse_enabled" { description = "Enable server-side encryption (SSE) for a SQS queue" type = bool From a6be776f03c18f911cb72241254a09086350360d Mon Sep 17 00:00:00 2001 From: D Ther Date: Wed, 15 Mar 2023 11:02:24 +0700 Subject: [PATCH 5/5] using name_prefix instead of name --- docs/add-ons/karpenter.md | 2 ++ modules/kubernetes-addons/karpenter/main.tf | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/add-ons/karpenter.md b/docs/add-ons/karpenter.md index 1bdbf3b74a..4ec6777e1d 100644 --- a/docs/add-ons/karpenter.md +++ b/docs/add-ons/karpenter.md @@ -18,6 +18,8 @@ You can optionally customize the Helm chart that deploys `Karpenter` via the fol enable_karpenter = true # Queue optional for native handling of instance termination events karpenter_sqs_queue_arn = "arn:aws:sqs:us-west-2:444455556666:queue1" + # Optional to add name prefix for Karpenter's event bridge rules + karpenter_event_rule_name_prefix = "Karpenter" # Optional karpenter_helm_config karpenter_helm_config = { name = "karpenter" diff --git a/modules/kubernetes-addons/karpenter/main.tf b/modules/kubernetes-addons/karpenter/main.tf index a9f94efa2e..99465519ae 100644 --- a/modules/kubernetes-addons/karpenter/main.tf +++ b/modules/kubernetes-addons/karpenter/main.tf @@ -37,7 +37,7 @@ resource "aws_sqs_queue_policy" "this" { resource "aws_cloudwatch_event_rule" "this" { for_each = { for k, v in local.event_rules : k => v if var.enable_spot_termination } - name_prefix = "${var.rule_name_prefix}${each.value.name}-" + name_prefix = "${var.rule_name_prefix}-${each.value.name}-" description = each.value.description event_pattern = jsonencode(each.value.event_pattern) tags = merge(