Terraform-aws-eks: module error when using loops to define node_groups
I have issues
module fails with generated node_groups variable that depends on another module outputs(vpc)
I'm submitting a...
- [x] bug report
- [ ] feature request
- [ ] support request - read the FAQ first!
- [ ] kudos, thank you, warm fuzzy
What is the current behavior?
I am using for loops to define the worker_groups based on vpc module outputs. While this works, it fails if I try to apply the same logic for node_groups.
If this is a bug, how to reproduce? Please include a code sample if relevant.
- clean run
- no need to upgrade from versions prior to
8.0.0
node_groups variable:
module "eks" {
...
node_groups = merge(
{
for idx in range(length(module.vpc.private_subnets)) :
"node-${module.vpc.azs[idx]}-${idx}" => {
min_capacity = 1
desired_capacity = 3
max_capacity = 5
subnets = ["${module.vpc.private_subnets[idx]}"]
}
}, {}
)
...
$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
module.eks.data.aws_caller_identity.current: Refreshing state...
module.eks.data.aws_iam_policy_document.cluster_assume_role_policy: Refreshing state...
module.eks.data.aws_iam_policy_document.workers_assume_role_policy: Refreshing state...
module.eks.data.aws_ami.eks_worker: Refreshing state...
module.eks.data.aws_ami.eks_worker_windows: Refreshing state...
------------------------------------------------------------------------
Error: Invalid count argument
on .terraform/modules/eks/terraform-aws-modules-terraform-aws-eks-a9db852/aws_auth.tf line 46, in data "template_file" "node_group_arns":
46: count = var.create_eks ? length(module.node_groups.aws_auth_roles) : 0
The "count" value depends on resource attributes that cannot be determined
until apply, so Terraform cannot predict how many instances will be created.
To work around this, use the -target argument to first apply only the
resources that the count depends on.
md5-8977ae78cf5821a222e632c61b9e2a63
$ terraform version
Terraform v0.12.19
+ provider.aws v2.44.0
+ provider.kubernetes v1.10.0
+ provider.local v1.4.0
+ provider.null v2.1.2
+ provider.random v2.2.1
+ provider.template v2.1.2
Any other relevant info
swapzero
All 4 comments
The node_groups module makes heavy use of for_each. Thus the keys given in the node_groups map must be known to Terraform at plan time.
Drop the merge and your sample plan above should apply. I was able to do a terraform plan.
You will likely have to do some gymnastics if you want to do more than this single for loop.
dpiddockcmp
on 16 Jan 2020
I've done some "gymnastics" to be able to solve my issue (configure multiple node groups, each scoped to a single AZ), here is an ugly version, maybe it could help someone:
node_groups = {
for ng in concat(
[ for idx in range(length(module.vpc.public_subnets)):
{
subnets = [module.vpc.public_subnets[idx]]
name = "rick-${module.vpc.azs[idx]}"
min_capacity = 1
desired_capacity = 3
max_capacity = 5
k8s_labels = {
"nodelabel" = "rick"
}
}
],
[ for idx in range(length(module.vpc.public_subnets)):
{
subnet = module.vpc.public_subnets[idx]
name = "morty-${module.vpc.azs[idx]}"
desired_capacity = 2
k8s_labels = {
"nodelabel" = "morty"
}
}
],
):
"${ng.name}" => ng
}
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
![stale[bot] picture](https://avatars3.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 19 Apr 2020
This issue has been automatically closed because it has not had recent activity since being marked as stale.
stale[bot]
on 19 May 2020
Related issues
maganuk
路
4Comments
tokiwong
路
4Comments
linxcat
路
4Comments
mojochao
路
3Comments
tnimni
路
3Comments
Most helpful comment
I've done some "gymnastics" to be able to solve my issue (configure multiple node groups, each scoped to a single AZ), here is an ugly version, maybe it could help someone: