Windows Managed Node Group support #2350
Comments
|
Requires the Terraform aws-sdk version to be updated hashicorp/terraform-provider-aws#28438 |
|
Any update on this? |
|
There aren't any code changes required so you can in theory use it today, but we will be adding an example and checking to see how it aligns with the rest of the Linux AL2 and Bottlerocket OS usage |
|
If you want to create a windows managed node group using this module, I can confirm that on version Requirements
apiVersion: v1
data:
enable-windows-ipam: "true"
immutable: false
kind: ConfigMap
metadata:
name: amazon-vpc-cni
namespace: kube-systemExampleeks_managed_node_groups = {
windows = {
min_size = 1
desired_size = 1
max_size = 5
platform = "windows"
ami_type = "WINDOWS_CORE_2019_x86_64"
capacity_type = "SPOT"
enable_monitoring = true
disk_size = "100"
use_name_prefix = true
cluster_version = var.aws_eks_cluster_version
instance_types = ["m5d.xlarge", "m5ad.xlarge"]
taints = [
{
key = "os"
value = "windows"
effect = "NO_SCHEDULE"
}
]
},
}, |
|
thank you for sharing @sebas-w ! |
|
@sebas-w Thank you for sharing an example! |
|
@sebas-w This does indeed work unless you set local.node_iam_role_arns_windows currently does not look at When
|
|
Has any work started related to this issue? I have some changes I can contribute to at least resolve the issue with |
|
see this PR if someone can help push it pls |
I'm following this example but the vpc-admission controller is not created. I see the AmazonEKSVPCResourceController role on the clusterrole that was created. Am I missing something else? |
|
Hi, I want to thank @sebas-w and @aamoctz, i was facing the same problems. I started from version 18.31.2, already having Linux managed node groups, EKS 1.22, platform version eks.10." resource "kubernetes_config_map" "amazon_vpc_cni" {
metadata {
name = "amazon-vpc-cni"
namespace = "kube-system"
}
data = {
enable-windows-ipam = "true"
}
}In the definition of the node group I just specified the platform and the ami: myManagedNodeGroup = {
name = "my-managed-node-group"
platform = "windows"
ami_type = "WINDOWS_CORE_2019_x86_64"
...
}The node group was created, then I made changes to the module that builds EKS to correctly update the auth-conf configMap. In main.tf ...
node_iam_role_arns_non_windows = distinct(
compact(
concat(
[for group in module.eks_managed_node_group : group.iam_role_arn if group.platform != "windows"],
[for group in module.self_managed_node_group : group.iam_role_arn if group.platform != "windows"],
var.aws_auth_node_iam_role_arns_non_windows,
)
)
)
node_iam_role_arns_windows = distinct(
compact(
concat(
[for group in module.eks_managed_node_group : group.iam_role_arn if group.platform == "windows"],
[for group in module.self_managed_node_group : group.iam_role_arn if group.platform == "windows"],
var.aws_auth_node_iam_role_arns_windows,
)
)
)
...In modules/eks-managed-node-group/outputs.tf output "platform" {
description = "Identifies if the OS platform is `bottlerocket`, `linux`, or `windows` based"
value = var.platform
}If it can be useful I add that to avoid the "failed to parse Kubernetes args: pod does not have label vpc.amazonaws.com/PrivateIPv4Address" error when scheduling a pod it is also important to set the appropriate nodeSelector: nodeSelector:
kubernetes.io/os: windowsI confirm that in this way I was able to correctly create a Windows node group, apply a test deployment and automatically scale the replicas and therefore the number of nodes. Surely as soon as the module supports the mentioned modifications it will be very useful. |
|
This issue has been automatically marked as stale because it has been open 30 days |
|
Is there anything that can be done to help get the associated PR reviewed and merged? It looks like it should solve this issue, which is a reasonably big impediment to working with working with windows nodes in EKS. |
|
Bump for updates... Can we get this PR merged?
|
|
With the merge of #2477 does this make it possible to have the module provision EKS managed windows nodes? |
|
you can deploy Windows nodes with this module - but you will need to use the default launch template provided by EKS or provide your own launch template or user data when using a custom launch template. As I stated here, #2477 only addresses one small part of this, which is maintaining the IAM role mapping in the aws-auth configmap The Windows node support currently does not match that of AL2 and Bottlerocket in terms of native custom launch template and user data support |
|
This issue has been resolved in version 20.0.0 🎉 |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Is your request related to a new offering from AWS?
Is your request related to a problem? Please describe.
Describe the solution you'd like.
Describe alternatives you've considered.
Additional context
cloud-configin user-data since we will be making changes to support Windows based instances nowThe text was updated successfully, but these errors were encountered: