Skip to content

v13.0.0
Compare
Choose a tag to compare
@barryib barryib released this 06 Oct 07:40
· 607 commits to master since this release
v13.0.0
d6f3a42
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

BUG FIXES:

  • Use customer managed policy instead of inline policy for cluster_elb_sl_role_creation (#1039)
  • More compatibility fixes for Terraform v0.13 and aws v3 (#976)
  • Create cluster_private_access security group rules when it should (#981)
  • random_pet with LT workers under 0.13.0 (#940)

ENHANCEMENTS:

  • Make the cpu_credits optional for workers launch template (#1030)
  • update the wait_for_cluster_cmd logic to use curl if wget doesn't exist (#1002)

FEATURES:

  • Add load_balancers parameter to associate a CLB (Classic Load Balancer) to worker groups ASG (#992)
  • Dynamic Partition for IRSA to support AWS-CN Deployments (#1028)
  • Add AmazonEKSVPCResourceController to cluster policy to be able to set AWS Security Groups for pod (#1011)
  • Cluster version is now a required variable. (#972)

CI:

  • Bump terraform pre-commit hook version and re-run terraform-docs with the latest version to fix the CI (#1033)
  • fix CI lint job (#973)

DOCS:

  • Add important notes about the retry logic and the wget requirement (#999)
  • Update README about cluster_version variable requirement (#988)
  • Mixed spot + on-demand instance documentation (#967)
  • Describe key_name is about AWS EC2 key pairs (#970)
  • Better documentation of cluster_id output blocking (#955)

BREAKING CHANGES:

  • Default for cluster_endpoint_private_access_cidrs is now null instead of ["0.0.0.0/0"]. It makes the variable required when cluster_create_endpoint_private_access_sg_rule is set to true. This will force everyone who want to have a private access to set explicitly their allowed subnets for the sake of the principle of least access by default.
  • cluster_version variable is now required.

NOTES:

  • The usage of customer managed policy, not an inline policy, for the cluster_elb_sl_role_creation policy is common for "enterprise" AWS users to disallow inline policies with an SCP rule for auditing-related reasons, and this accomplishes the same thing.
  • credit_specification for worker groups launch template can now be set to null so that we can use non burstable EC2 families
  • Starting in v12.1.0 the cluster_id output depends on the
    wait_for_cluster null resource. This means that initialisation of the
    kubernetes provider will be blocked until the cluster is really ready,
    if the module is set to manage the aws_auth ConfigMap and user followed
    the typical Usage Example. kubernetes resources in the same plan do not
    need to depend on anything explicitly.
Assets 2
Loading