diff --git a/README.md b/README.md index 15c9b0e..996c38b 100644 --- a/README.md +++ b/README.md @@ -122,6 +122,8 @@ Created resources (if all enabled): Make sure to install [terraform-docs](https://github.com/terraform-docs/terraform-docs) and run `make prepare` before making a commit to make sure the documentation is up to date and the code is valid. +In order to support new version of EKS you need to make sure the addons that we use are compatible with the new target version. You can get a list of addons and their EKS compatiblity with running `aws eks describe-addons-versions` and then searching for the addons that are defined in `cluster/data.tf`. + ## Known limitations - Since EBS has been chosen as the default storage, node groups will be created in a single AZ due to the mounting restriction. diff --git a/cluster/README.md b/cluster/README.md index f857cc6..17daba8 100644 --- a/cluster/README.md +++ b/cluster/README.md @@ -51,9 +51,10 @@ | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [AWS\_ACCESS\_KEY\_ID](#input\_AWS\_ACCESS\_KEY\_ID) | AWS access key associated with an IAM account | `string` | n/a | yes | +| [AWS\_ACCESS\_KEY\_ID](#input\_AWS\_ACCESS\_KEY\_ID) | AWS access key associated with an IAM account | `string` | `""` | no | +| [AWS\_PROFILE](#input\_AWS\_PROFILE) | AWS Profile that resources are created in | `string` | `"default"` | no | | [AWS\_REGION](#input\_AWS\_REGION) | Target AWS region | `string` | `"eu-west-2"` | no | -| [AWS\_SECRET\_ACCESS\_KEY](#input\_AWS\_SECRET\_ACCESS\_KEY) | AWS secret key associated with the access key | `string` | n/a | yes | +| [AWS\_SECRET\_ACCESS\_KEY](#input\_AWS\_SECRET\_ACCESS\_KEY) | AWS secret key associated with the access key | `string` | `""` | no | | [AWS\_SESSION\_TOKEN](#input\_AWS\_SESSION\_TOKEN) | Session token for temporary security credentials from AWS STS | `string` | `""` | no | | [common\_tags](#input\_common\_tags) | Common tags associated to resources created | `map(string)` |
{
"Environment": "dev",
"Project": "radar-base"
}
| no | | [create\_dmz\_node\_group](#input\_create\_dmz\_node\_group) | Whether or not to create a DMZ node group with taints | `bool` | `false` | no | @@ -61,7 +62,7 @@ | [dmz\_node\_size](#input\_dmz\_node\_size) | Node size of the DMZ node group | `map(number)` |
{
"desired": 1,
"max": 2,
"min": 0
}
| no | | [eks\_admins\_group\_users](#input\_eks\_admins\_group\_users) | EKS admin IAM user group | `list(string)` | `[]` | no | | [eks\_cluster\_name](#input\_eks\_cluster\_name) | EKS cluster name | `string` | n/a | yes | -| [eks\_kubernetes\_version](#input\_eks\_kubernetes\_version) | Amazon EKS Kubernetes version | `string` | `"1.28"` | no | +| [eks\_kubernetes\_version](#input\_eks\_kubernetes\_version) | Amazon EKS Kubernetes version | `string` | `"1.31"` | no | | [environment](#input\_environment) | Environment name | `string` | `"dev"` | no | | [instance\_capacity\_type](#input\_instance\_capacity\_type) | Capacity type used by EKS managed node groups | `string` | `"SPOT"` | no | | [instance\_types](#input\_instance\_types) | List of instance types used by EKS managed node groups | `list(any)` |
[
"m5.large",
"m5d.large",
"m5a.large",
"m5ad.large",
"m4.large"
]
| no | diff --git a/cluster/data.tf b/cluster/data.tf index d2c32ac..fb6d7bd 100644 --- a/cluster/data.tf +++ b/cluster/data.tf @@ -1,42 +1,42 @@ locals { eks_core_versions = { - "1.29" : { - "cluster_version" = "1.29" + "1.31" : { + "cluster_version" = "1.31" "cluster_addons" = { - "coredns" = "v1.11.1-eksbuild.4" - "kube_proxy" = "v1.29.0-eksbuild.2" - "vpc_cni" = "v1.16.4-eksbuild.2" - "ebs_csi_driver" = "v1.26.1-eksbuild.1" + "coredns" = "v1.11.3-eksbuild.2" + "kube_proxy" = "v1.31.2-eksbuild.3" + "vpc_cni" = "v1.19.0-eksbuild.1" + "ebs_csi_driver" = "v1.37.0-eksbuild.1" } }, - "1.28" : { - "cluster_version" = "1.28" + "1.30" : { + "cluster_version" = "1.30" "cluster_addons" = { - "coredns" = "v1.10.1-eksbuild.10" - "kube_proxy" = "v1.28.1-eksbuild.1" - "vpc_cni" = "v1.16.4-eksbuild.2" - "ebs_csi_driver" = "v1.26.1-eksbuild.1" + "coredns" = "v1.11.3-eksbuild.2" + "kube_proxy" = "v1.30.6-eksbuild.3" + "vpc_cni" = "v1.19.0-eksbuild.1" + "ebs_csi_driver" = "v1.37.0-eksbuild.1" } }, - "1.27" : { - "cluster_version" = "1.27" + "1.29" : { + "cluster_version" = "1.29" "cluster_addons" = { - "coredns" = "v1.10.1-eksbuild.7" - "kube_proxy" = "v1.27.10-eksbuild.2" - "vpc_cni" = "v1.15.3-eksbuild.1" - "ebs_csi_driver" = "v1.25.0-eksbuild.1" + "coredns" = "v1.11.3-eksbuild.2" + "kube_proxy" = "v1.29.10-eksbuild.3" + "vpc_cni" = "v1.19.0-eksbuild.1" + "ebs_csi_driver" = "v1.37.0-eksbuild.1" } }, - "1.26" : { - "cluster_version" = "1.26" + "1.28" : { + "cluster_version" = "1.28" "cluster_addons" = { - "coredns" = "v1.9.3-eksbuild.2" - "kube_proxy" = "v1.26.2-eksbuild.1" - "vpc_cni" = "v1.12.2-eksbuild.1" - "ebs_csi_driver" = "v1.17.0-eksbuild.1" + "coredns" = "v1.10.1-eksbuild.15" + "kube_proxy" = "v1.28.15-eksbuild.4" + "vpc_cni" = "v1.19.0-eksbuild.1" + "ebs_csi_driver" = "v1.37.0-eksbuild.1" } - } + }, } storage_classes = { @@ -46,4 +46,4 @@ locals { io2 = "radar-base-ebs-sc-io2" } -} \ No newline at end of file +} diff --git a/cluster/variables.tf b/cluster/variables.tf index ac23027..e487a71 100644 --- a/cluster/variables.tf +++ b/cluster/variables.tf @@ -59,11 +59,11 @@ variable "common_tags" { variable "eks_kubernetes_version" { type = string description = "Amazon EKS Kubernetes version" - default = "1.28" + default = "1.31" validation { - condition = contains(["1.29", "1.28", "1.27", "1.26"], var.eks_kubernetes_version) - error_message = "Invalid EKS Kubernetes version. Supported versions are '1.29', '1.28', '1.27', '1.26'." + condition = contains(["1.31", "1.30", "1.29", "1.28"], var.eks_kubernetes_version) + error_message = "Invalid EKS Kubernetes version. Supported versions are '1.31', '1.30', '1.29', '1.28'." } } diff --git a/config/README.md b/config/README.md index 315492c..e9f9d8c 100644 --- a/config/README.md +++ b/config/README.md @@ -85,6 +85,7 @@ | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [AWS\_ACCESS\_KEY\_ID](#input\_AWS\_ACCESS\_KEY\_ID) | AWS access key associated with an IAM account | `string` | n/a | yes | +| [AWS\_PROFILE](#input\_AWS\_PROFILE) | AWS Profile that resources are created in | `string` | `"default"` | no | | [AWS\_REGION](#input\_AWS\_REGION) | Target AWS region | `string` | `"eu-west-2"` | no | | [AWS\_SECRET\_ACCESS\_KEY](#input\_AWS\_SECRET\_ACCESS\_KEY) | AWS secret key associated with the access key | `string` | n/a | yes | | [AWS\_SESSION\_TOKEN](#input\_AWS\_SESSION\_TOKEN) | Session token for temporary security credentials from AWS STS | `string` | `""` | no |