search

pulumi / pulumi-eks

A Pulumi component for easily creating and managing an Amazon EKS Cluster
https://www.pulumi.com/registry/packages/eks/
Apache License 2.0
171 stars 82 forks source link

Add scalar types for most commonly used resource outputs #1445

Closed flostadler closed 1 month ago

flostadler commented 1 month ago

To ease the impact of the breaking API changes caused by generating the node SDK, we decided to add additional scalar inputs that simplify UX across all SDKs (for more details see internal doc).

This change adds the scalar properties mentioned in the doc and adds acceptance tests for them. While adding the acceptance tests I noticed that running pods on Fargate doesn't work deterministically. In some cases the cluster fails to get healthy (coredns stuck in pending). This was caused by a race-condition between coredns starting and the fargate profile being created. If the fargate profile deployed after coredns, the pods got stuck in pending because they got assigned to the default-scheduler instead of the fargate-scheduler. The fix is relatively easy; making coredns depend on the fargate profile.

I'll separately update the migration guide.

New properties

Existing Resource New Top Level Property Description
clusterSecurityGroup: Output<aws.ec2.SecurityGroup \| undefined> clusterSecurityGroupId: Output<string> Only really useful property of a security group. Used to add additional ingress/egress rules. Default to the EKS created security group id
nodeSecurityGroup: Output<aws.ec2.SecurityGroup \| undefined> nodeSecurityGroupId: Output<string>
eksClusterIngressRule: Output<aws.ec2.SecurityGroupRule \| undefined> clusterIngressRuleId: Output<string> Only really useful property of a rule. Default to ””
defaultNodeGroup: Output<eks.NodeGroupData \| undefined> defaultNodeGroupAsgName: Output<string> The only useful property of the default node group is the auto scaling group. Exposing its name allows users to reference it in IAM roles, tags, etc. Default to ””
core fargateProfile: Output<aws.eks.FargateProfile \| undefined> fargateProfileId: Output<string> The id of the fargate profile. Can be used to reference it. Default to ””
fargateProfileStatus: Output<string> The status of the fargate profile. Default to ””
oidcProvider: Output<aws.iam.OpenIdConnectProvider \| undefined> oidcProviderArn: Output<string> & oidcProviderUrl: Output<string> & oidcIssuer: Output<string Arn and Url are properties needed to set up IAM identities for pods (required for the assume role policy of the IAM role). Users currently need to trim the https:// part of the url to actually use it. We should expose oidcProvider with that already done to ease usage.

Fixes https://github.com/pulumi/pulumi-eks/issues/1041

github-actions[bot] commented 1 month ago

Does the PR have any schema changes?

Looking good! No breaking changes found. No new resources/functions.

pulumi-bot commented 1 month ago

This PR has been shipped in release v3.0.0-beta.2.