adamacosta
commented
1 year ago I believe you mean in the download.sh, right? Currently, to handle this, you can disable the download stage in cloud-init (set the Terraform variable "download" to false) and provide an AMI that already has the rke2 and awscli packages installed. I'm not sure if SLES 15 needs anything else (RHEL 9, which isn't yet supported by rke2, needs conntrack, socat, container-selinux, and iptables-nft).
For some context, these modules were originally created for our use on Platform One in a GovCloud environment that didn't have SLES AMIs available or approved for use and were created well before SuSE's acquisition of Rancher. Agreed we should be able to detect SLES and handle it at this point, though.
It is a bit of an ironic omission that SuSE OS's are not covered in the context of this IaC. I have FIPS enabled SuSE 15sp5 AMI's in my account that I would like to use.
Side note, the RHEL, Ubuntu, etc. AMI's pulled in as data calls will build without FIPS (as far as I can tell) which may be of value for some to know/notice.