terraform-provider-kops
terraform-provider-kops copied to clipboard
eddycharly
instance group changes
I have added max instance lifetime to my instance groups and that seems to have caused Terraform to always have changes. The same seems to be true for removal of the kubelet-config on the instancegroups (which I haven't touched at all actually).
# module.k8s.kops_instance_group.masters["a"] will be updated in-place
~ resource "kops_instance_group" "masters" {
id = "k8s.xxx.yy/master-eu-west-1a"
~ max_instance_lifetime = "&Duration{Duration:168h0m0s,}" -> "168h"
name = "master-eu-west-1a"
~ revision = 15 -> 16
# (29 unchanged attributes hidden)
- kubelet {
- allow_privileged = false -> null
- allowed_unsafe_sysctls = [] -> null
- authentication_token_webhook = false -> null
- babysit_daemons = false -> null
- configure_cbr0 = false -> null
- container_log_max_files = 0 -> null
- docker_disable_shared_pid = false -> null
- enable_cadvisor_json_endpoints = false -> null
- enable_custom_metrics = false -> null
- enable_debugging_handlers = false -> null
- event_burst = 0 -> null
- event_qps = 0 -> null
- eviction_max_pod_grace_period = 0 -> null
- experimental_allowed_unsafe_sysctls = [] -> null
- fail_swap_on = false -> null
- feature_gates = {} -> null
- image_gc_high_threshold_percent = 0 -> null
- image_gc_low_threshold_percent = 0 -> null
- kernel_memcg_notification = false -> null
- kube_reserved = {} -> null
- log_level = 0 -> null
- max_pods = 0 -> null
- network_plugin_mtu = 0 -> null
- node_labels = {
- "kops.k8s.io/instancegroup" = "master-eu-west-1a"
- "kops.k8s.io/kops-controller-pki" = ""
- "node-role.kubernetes.io/control-plane" = ""
- "node.kubernetes.io/exclude-from-external-load-balancers" = ""
} -> null
- nvidia_gp_us = 0 -> null
- pod_pids_limit = 0 -> null
- protect_kernel_defaults = false -> null
- read_only_port = 0 -> null
- reconcile_cidr = false -> null
- register_node = false -> null
- register_schedulable = false -> null
- registry_burst = 0 -> null
- registry_pull_qps = 0 -> null
- require_kubeconfig = false -> null
- rotate_certificates = false -> null
- serialize_image_pulls = false -> null
- system_reserved = {} -> null
- taints = [] -> null
- tls_cipher_suites = [] -> null
}
# (2 unchanged blocks hidden)
}
Sorry for the late reply, I was quite busy lately.
I will try to look at it tomorrow.
Seems like the IG kubelet-thingy is it's own issue. Tried making it computed in the InstanceGroupSpec and that removed the diff. Would that cause any problems somewhere? It seemed to be possible to set it on the IG and have it update, correct? Made a PR for it here: #792
Ok, a final PR from me for now in #793. Not sure if this might break something else. Building the provider with those 3 makes my apply keep quiet at least.