Terraform-aws-eks: Node taints for Node Groups
I have issues
I'm submitting a...
- [ ] bug report
- [ ] feature request
- [X] support request - read the FAQ first!
- [ ] kudos, thank you, warm fuzzy
What is the current behavior?
I need to be able to set taints on newly created node groups. These node groups will be highly varialbe in terms of sizing, so the taints are required on creation.
If this is a bug, how to reproduce? Please include a code sample if relevant.
I thought of adding kubelt_extra_args to the node group defination, but it didnt work, or perhaps thats not the right way to do it?
az3-c = {
desired_capacity = 1
max_capacity = 2
min_capacity = 1
subnets = ["subnet-004514be54bcd7eb7"]
kubelet_extra_args = "--node-labels=function=data_only --register-with-taints=function=data_only:NoSchedule"
instance_type = "m5a.4xlarge"
additional_tags = {
Name = module.eks_dev_label.id
}
}
What's the expected behavior?
Was hoping for a node taint to be applied.
Are you able to fix this problem and submit a PR? Link here if you have already.
Environment details
- Affected module version: "12.1.0"
- OS: Mac
- Terraform version: Terraform v0.12.26
Any other relevant info
mattlawnz
All 3 comments
Maybe it helps you to see what I use?
worker_groups_launch_template = [
{
name = "prometheus-spot-1"
override_instance_types = ["m5.2xlarge", "r5.xlarge", "r5ad.xlarge"]
spot_instance_pools = 3
asg_max_size = 5
additional_userdata = module.bastion_vpc1.user_data_users
kubelet_extra_args = join(" ", [
"--node-labels=cluster_name=xxxxxxx,kubernetes.io/lifecycle=spot,worker_group=prometheus-spot-1,app=prometheus",
"--register-with-taints app=prometheus:NoSchedule"
])
enabled_metrics = local.enabled_metrics
subnets = aws_subnet.private_extra.*.id
tags = [
{
"key" = "k8s.io/cluster-autoscaler/enabled"
"propagate_at_launch" = "false"
"value" = "true"
},
{
"key" = "k8s.io/cluster-autoscaler/xxxxx"
"propagate_at_launch" = "false"
"value" = "true"
}
]
}
]
max-rocket-internet
on 30 Jul 2020
Hi @mattlawnz, it looks like you're using the Managed Node Groups. These do not currently support node tainting. There is a request over on the AWS team's roadmap for this feature: https://github.com/aws/containers-roadmap/issues/864
If you really need to work with node taints then I suggest you use the traditional worker groups similar to Max's example above.
dpiddockcmp
on 9 Aug 2020
Thanks all for the examples & explanation. I have this working as a worker group.
mattlawnz
on 10 Aug 2020
Related issues
kobemtl
路
4Comments
linxcat
路
4Comments
tnimni
路
3Comments
jimmiebtlr
路
3Comments
tonyxiao
路
3Comments
Most helpful comment
Maybe it helps you to see what I use?