diff --git a/examples/instance_refresh/main.tf b/examples/instance_refresh/main.tf index e19b4b4e21..dd7af88a2e 100644 --- a/examples/instance_refresh/main.tf +++ b/examples/instance_refresh/main.tf @@ -217,10 +217,9 @@ resource "helm_release" "aws_node_termination_handler" { # ensures that node termination does not require the lifecycle action to be completed, # and thus allows the ASG to be destroyed cleanly. resource "aws_autoscaling_lifecycle_hook" "aws_node_termination_handler" { - for_each = toset(module.eks.workers_asg_names) - + count = length(module.eks.workers_asg_names) name = "aws-node-termination-handler" - autoscaling_group_name = each.value + autoscaling_group_name = module.eks.workers_asg_names[count.index] lifecycle_transition = "autoscaling:EC2_INSTANCE_TERMINATING" heartbeat_timeout = 300 default_result = "CONTINUE" @@ -239,9 +238,11 @@ module "eks" { asg_max_size = 2 asg_desired_capacity = 2 instance_refresh_enabled = true - instance_refresh_triggers = ["tag"] + instance_refresh_instance_warmup = 60 public_ip = true metadata_http_put_response_hop_limit = 3 + update_default_version = true + instance_refresh_triggers = ["tag"] tags = [ { key = "aws-node-termination-handler/managed" diff --git a/local.tf b/local.tf index 3fa7c1f442..b7b7310ab7 100644 --- a/local.tf +++ b/local.tf @@ -75,7 +75,8 @@ locals { root_block_device_name = data.aws_ami.eks_worker.root_device_name # Root device name for workers. If non is provided, will assume default AMI was used. root_kms_key_id = "" # The KMS key to use when encrypting the root storage device launch_template_id = null # The id of the launch template used for managed node_groups - launch_template_version = "$Latest" # The lastest version of the launch template to use in the autoscaling group + launch_template_version = "$Latest" # The latest version of the launch template to use in the autoscaling group + update_default_version = false # Update the autoscaling group launch template's default version upon each update launch_template_placement_tenancy = "default" # The placement tenancy for instances launch_template_placement_group = null # The name of the placement group into which to launch the instances, if any. root_encrypted = false # Whether the volume should be encrypted or not diff --git a/workers_launch_template.tf b/workers_launch_template.tf index f22a48f294..0576286b97 100644 --- a/workers_launch_template.tf +++ b/workers_launch_template.tf @@ -141,7 +141,13 @@ resource "aws_autoscaling_group" "workers_launch_template" { version = lookup( var.worker_groups_launch_template[count.index], "launch_template_version", - local.workers_group_defaults["launch_template_version"], + lookup( + var.worker_groups_launch_template[count.index], + "launch_template_version", + local.workers_group_defaults["launch_template_version"] + ) == "$Latest" + ? aws_launch_template.workers_launch_template.*.latest_version[count.index] + : aws_launch_template.workers_launch_template.*.default_version[count.index] ) } @@ -169,7 +175,13 @@ resource "aws_autoscaling_group" "workers_launch_template" { version = lookup( var.worker_groups_launch_template[count.index], "launch_template_version", - local.workers_group_defaults["launch_template_version"], + lookup( + var.worker_groups_launch_template[count.index], + "launch_template_version", + local.workers_group_defaults["launch_template_version"] + ) == "$Latest" + ? aws_launch_template.workers_launch_template.*.latest_version[count.index] + : aws_launch_template.workers_launch_template.*.default_version[count.index] ) } } @@ -278,6 +290,12 @@ resource "aws_launch_template" "workers_launch_template" { count.index, )}" + update_default_version = lookup( + var.worker_groups_launch_template[count.index], + "update_default_version", + local.workers_group_defaults["update_default_version"], + ) + network_interfaces { associate_public_ip_address = lookup( var.worker_groups_launch_template[count.index],