terraform-aws-eks icon indicating copy to clipboard operation
terraform-aws-eks copied to clipboard

Published 20 hours ago β€’ verified publisher icon terraform-aws-modules

Karpenter roles to follow new policy guide from new release v0.32.x

Open guilinden opened this issue 2 years ago β€’ 1 comments

Is your request related to a new offering from AWS?

Is this functionality available in the AWS provider for Terraform? See CHANGELOG.md, too.

  • No πŸ›‘: please wait to file a request until the functionality is avaialble in the AWS provider
  • Yes βœ…: please list the AWS provider version which introduced this functionality

Is your request related to a problem? Please describe.

The new Karpenter version moved the product to beta and changed how the IAM policies for the controller and nodes should be configured.

Describe the solution you'd like.

Follow Karpenter provided policy: https://github.com/aws/karpenter/blob/main/website/content/en/docs/upgrading/v1beta1-controller-policy.json

Describe alternatives you've considered.

You could provide a new additional policy, but I believe the default behavior of the module should be aligned with the latest Karpenter version

Additional context

I would like to work on this feature if there is no active work yet

guilinden avatar Nov 07 '23 22:11 guilinden

This is coming on v20.x https://github.com/terraform-aws-modules/terraform-aws-eks/issues/2733#issuecomment-1706544786

bryantbiggs avatar Nov 07 '23 23:11 bryantbiggs

Is there any timeline/estimated release date for v20.0.0? EKS 1.29 has kinda forced my hand on dealing with Karpenter.

ERROR controller.awsnodetemplate karpenter version is not compatible with K8s version 1.29

Does anyone know of any workarounds for dealing with the karpenter 32.0+ changes in the meantime, short of abandoning the module and managing it myself?

johnjeffers avatar Jan 29 '24 18:01 johnjeffers

@johnjeffers thats not related to this module - v20 should be live today/tomorrow and it has an IAM policy aligned with the current upstream project recommendation but you will still see that error message due to https://github.com/aws/karpenter-provider-aws/issues/5528

bryantbiggs avatar Jan 30 '24 15:01 bryantbiggs

@bryantbiggs Thanks for that info. I know that the module isn't the reason for the error message. What I didn't know is that Karpenter 0.33 isn't compatible with k8s 1.29. I thought I'd be able to get past that error by upgrading, which I hadn't done yet because I was waiting for v20 of the module.

johnjeffers avatar Jan 30 '24 15:01 johnjeffers

ya, I was testing v20 changes this morning which has 1.29 as the default in the examples and then discovered that little nugget during testing

bryantbiggs avatar Jan 30 '24 16:01 bryantbiggs

This issue has been resolved in version 20.0.0 :tada:

antonbabenko avatar Feb 02 '24 14:02 antonbabenko

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

github-actions[bot] avatar Mar 04 '24 02:03 github-actions[bot]