Terraform EKS module: cluster version

From wikieduonline
(Redirected from Cluster version)
Jump to navigation Jump to search



Examples output from upgrade[edit]

�[0m�[1mrandom_string.suffix: Refreshing state... [id=243246]�[0m
�[0m�[1mmodule.irsa-ebs-csi.data.aws_caller_identity.current: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].data.aws_partition.current: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].data.aws_partition.current: Reading...�[0m�[0m
�[0m�[1maws_iam_user.mytest: Refreshing state... [id=mytest]�[0m
�[0m�[1mmodule.irsa-ebs-csi.data.aws_partition.current: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].data.aws_partition.current: Read complete after 0s [id=aws]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].data.aws_partition.current: Read complete after 0s [id=aws]�[0m
�[0m�[1mmodule.irsa-ebs-csi.data.aws_partition.current: Read complete after 0s [id=aws]�[0m
�[0m�[1mdata.aws_iam_policy.ebs_csi_policy: Reading...�[0m�[0m
�[0m�[1mmodule.eks.data.aws_partition.current: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].data.aws_caller_identity.current: Reading...�[0m�[0m
�[0m�[1mmodule.eks.data.aws_partition.current: Read complete after 0s [id=aws]�[0m
�[0m�[1mdata.aws_availability_zones.available: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.kms.data.aws_partition.current: Reading...�[0m�[0m
�[0m�[1maws_iam_user.myreadonlytest: Refreshing state... [id=myreadonlytest]�[0m
�[0m�[1mmodule.eks.aws_cloudwatch_log_group.this[0]: Refreshing state... [id=/aws/eks/education-eks-243246/cluster]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].data.aws_caller_identity.current: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.kms.data.aws_partition.current: Read complete after 0s [id=aws]�[0m
�[0m�[1mmodule.vpc.aws_vpc.this[0]: Refreshing state... [id=vpc-019b054439ba8986f]�[0m
�[0m�[1mmodule.eks.data.aws_caller_identity.current: Reading...�[0m�[0m
�[0m�[1mmodule.eks.data.aws_caller_identity.current: Read complete after 1s [id=0123456789]�[0m
�[0m�[1mmodule.eks.module.kms.data.aws_caller_identity.current: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].data.aws_caller_identity.current: Read complete after 1s [id=0123456789]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].data.aws_iam_policy_document.assume_role_policy[0]: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].data.aws_iam_policy_document.assume_role_policy[0]: Read complete after 0s [id=2560088296]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].data.aws_iam_policy_document.assume_role_policy[0]: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].data.aws_iam_policy_document.assume_role_policy[0]: Read complete after 0s [id=2560088296]�[0m
�[0m�[1mmodule.eks.data.aws_iam_session_context.current: Reading...�[0m�[0m
�[0m�[1mmodule.eks.data.aws_iam_session_context.current: Read complete after 0s [id=arn:aws:iam::0123456789:user/martin-test-deleteme]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].aws_iam_role.this[0]: Refreshing state... [id=node-group-2-eks-node-group-20231023195635337400000002]�[0m
�[0m�[1mdata.aws_availability_zones.available: Read complete after 1s [id=us-east-1]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].aws_iam_role.this[0]: Refreshing state... [id=node-group-1-eks-node-group-20231023195635337100000001]�[0m
�[0m�[1mmodule.eks.data.aws_iam_policy_document.assume_role_policy[0]: Reading...�[0m�[0m
�[0m�[1mmodule.eks.data.aws_iam_policy_document.assume_role_policy[0]: Read complete after 0s [id=2764486067]�[0m
�[0m�[1mmodule.eks.aws_iam_role.this[0]: Refreshing state... [id=education-eks-243246-cluster-20231023195635338800000003]�[0m
�[0m�[1mmodule.irsa-ebs-csi.data.aws_caller_identity.current: Read complete after 1s [id=0123456789]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].data.aws_caller_identity.current: Read complete after 1s [id=0123456789]�[0m
�[0m�[1mmodule.eks.module.kms.data.aws_caller_identity.current: Read complete after 0s [id=0123456789]�[0m
�[0m�[1mdata.aws_iam_policy.ebs_csi_policy: Read complete after 1s [id=arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].aws_iam_role_policy_attachment.this["arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"]: Refreshing state... [id=node-group-1-eks-node-group-20231023195635337100000001-20231023195636648300000005]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].aws_iam_role_policy_attachment.this["arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"]: Refreshing state... [id=node-group-2-eks-node-group-20231023195635337400000002-20231023195636831100000007]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].aws_iam_role_policy_attachment.this["arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"]: Refreshing state... [id=node-group-2-eks-node-group-20231023195635337400000002-20231023195636831400000008]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].aws_iam_role_policy_attachment.this["arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"]: Refreshing state... [id=node-group-1-eks-node-group-20231023195635337100000001-20231023195636520400000004]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].aws_iam_role_policy_attachment.this["arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy"]: Refreshing state... [id=node-group-2-eks-node-group-20231023195635337400000002-20231023195636862200000009]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].aws_iam_role_policy_attachment.this["arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"]: Refreshing state... [id=node-group-1-eks-node-group-20231023195635337100000001-20231023195636696100000006]�[0m
�[0m�[1mmodule.eks.aws_iam_role_policy_attachment.this["AmazonEKSClusterPolicy"]: Refreshing state... [id=education-eks-243246-cluster-20231023195635338800000003-2023102319563713340000000b]�[0m
�[0m�[1mmodule.eks.aws_iam_role_policy_attachment.this["AmazonEKSVPCResourceController"]: Refreshing state... [id=education-eks-243246-cluster-20231023195635338800000003-2023102319563711560000000a]�[0m
�[0m�[1mmodule.eks.module.kms.data.aws_iam_policy_document.this[0]: Reading...�[0m�[0m
�[0m�[1mmodule.eks.module.kms.data.aws_iam_policy_document.this[0]: Read complete after 0s [id=541649920]�[0m
�[0m�[1mmodule.eks.module.kms.aws_kms_key.this[0]: Refreshing state... [id=ce97ffc1-05a4-4a1a-b95e-2134f11342ee]�[0m
�[0m�[1mmodule.vpc.aws_default_route_table.default[0]: Refreshing state... [id=rtb-05bdd1b2d22b10d55]�[0m
�[0m�[1mmodule.vpc.aws_default_security_group.this[0]: Refreshing state... [id=sg-0cdd9572bdec8f281]�[0m
�[0m�[1mmodule.eks.aws_security_group.cluster[0]: Refreshing state... [id=sg-054d392632191bfa3]�[0m
�[0m�[1mmodule.vpc.aws_default_network_acl.this[0]: Refreshing state... [id=acl-0a7fd0c09b85b1ac4]�[0m
�[0m�[1mmodule.vpc.aws_route_table.public[0]: Refreshing state... [id=rtb-076037b95ce2971d8]�[0m
�[0m�[1mmodule.vpc.aws_subnet.public[0]: Refreshing state... [id=subnet-03f71147754a92669]�[0m
�[0m�[1mmodule.vpc.aws_subnet.public[1]: Refreshing state... [id=subnet-036eec7530e6b96cd]�[0m
�[0m�[1mmodule.vpc.aws_subnet.public[2]: Refreshing state... [id=subnet-0b097f074852e0e9b]�[0m
�[0m�[1mmodule.eks.aws_security_group.node[0]: Refreshing state... [id=sg-0ce4315c011c68799]�[0m
�[0m�[1mmodule.vpc.aws_route_table.private[0]: Refreshing state... [id=rtb-05e5dbeceabb534dd]�[0m
�[0m�[1mmodule.vpc.aws_internet_gateway.this[0]: Refreshing state... [id=igw-01c9bfd893488f9d6]�[0m
�[0m�[1mmodule.vpc.aws_subnet.private[2]: Refreshing state... [id=subnet-0853063705e6b6d64]�[0m
�[0m�[1mmodule.vpc.aws_subnet.private[1]: Refreshing state... [id=subnet-09688e9a045b6deec]�[0m
�[0m�[1mmodule.vpc.aws_subnet.private[0]: Refreshing state... [id=subnet-055ffeb84798b48a6]�[0m
�[0m�[1mmodule.eks.module.kms.aws_kms_alias.this["cluster"]: Refreshing state... [id=alias/eks/education-eks-243246]�[0m
�[0m�[1mmodule.eks.aws_iam_policy.cluster_encryption[0]: Refreshing state... [id=arn:aws:iam::0123456789:policy/education-eks-243246-cluster-ClusterEncryption2023102319565580180000000f]�[0m
�[0m�[1mmodule.vpc.aws_route_table_association.public[1]: Refreshing state... [id=rtbassoc-010cc89abb0a2aff2]�[0m
�[0m�[1mmodule.vpc.aws_route_table_association.public[0]: Refreshing state... [id=rtbassoc-0dee808b7e86323d2]�[0m
�[0m�[1mmodule.vpc.aws_route_table_association.public[2]: Refreshing state... [id=rtbassoc-06ff2c9e183abb72a]�[0m
�[0m�[1mmodule.vpc.aws_route.public_internet_gateway[0]: Refreshing state... [id=r-rtb-076037b95ce2971d81080289494]�[0m
�[0m�[1mmodule.vpc.aws_eip.nat[0]: Refreshing state... [id=eipalloc-0f5e4c7ba0c1a846f]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["ingress_cluster_4443_webhook"]: Refreshing state... [id=sgrule-2695018031]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["ingress_cluster_6443_webhook"]: Refreshing state... [id=sgrule-1776341433]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["ingress_cluster_kubelet"]: Refreshing state... [id=sgrule-3732875185]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["ingress_cluster_443"]: Refreshing state... [id=sgrule-108857454]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["ingress_cluster_8443_webhook"]: Refreshing state... [id=sgrule-2059201944]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["egress_all"]: Refreshing state... [id=sgrule-3816935441]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["ingress_nodes_ephemeral"]: Refreshing state... [id=sgrule-3075861772]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["ingress_self_coredns_tcp"]: Refreshing state... [id=sgrule-3724333930]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["ingress_cluster_9443_webhook"]: Refreshing state... [id=sgrule-505273939]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.node["ingress_self_coredns_udp"]: Refreshing state... [id=sgrule-2040754309]�[0m
�[0m�[1mmodule.eks.aws_security_group_rule.cluster["ingress_nodes_443"]: Refreshing state... [id=sgrule-187463799]�[0m
�[0m�[1mmodule.vpc.aws_route_table_association.private[0]: Refreshing state... [id=rtbassoc-06ba36d324ab611af]�[0m
�[0m�[1mmodule.vpc.aws_route_table_association.private[2]: Refreshing state... [id=rtbassoc-0c4b351be2a99dde4]�[0m
�[0m�[1mmodule.vpc.aws_route_table_association.private[1]: Refreshing state... [id=rtbassoc-044982e004aa03b29]�[0m
�[0m�[1mmodule.eks.aws_iam_role_policy_attachment.cluster_encryption[0]: Refreshing state... [id=education-eks-243246-cluster-20231023195635338800000003-20231023195656466900000010]�[0m
�[0m�[1mmodule.vpc.aws_nat_gateway.this[0]: Refreshing state... [id=nat-0b02ddd4c96f9da23]�[0m
�[0m�[1mmodule.vpc.aws_route.private_nat_gateway[0]: Refreshing state... [id=r-rtb-05e5dbeceabb534dd1080289494]�[0m
�[0m�[1mmodule.eks.aws_eks_cluster.this[0]: Refreshing state... [id=education-eks-243246]�[0m
�[0m�[1mmodule.eks.time_sleep.this[0]: Refreshing state... [id=2023-10-23T20:06:50Z]�[0m
�[0m�[1mmodule.irsa-ebs-csi.data.aws_iam_policy_document.assume_role_with_oidc[0]: Reading...�[0m�[0m
�[0m�[1mmodule.eks.aws_iam_openid_connect_provider.oidc_provider[0]: Refreshing state... [id=arn:aws:iam::0123456789:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/88EFA4CC88D176ABC9202E400B06D199]�[0m
�[0m�[1mmodule.irsa-ebs-csi.data.aws_iam_policy_document.assume_role_with_oidc[0]: Read complete after 0s [id=3193215977]�[0m
�[0m�[1mmodule.irsa-ebs-csi.aws_iam_role.this[0]: Refreshing state... [id=AmazonEKSTFEBSCSIRole-education-eks-243246]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].aws_launch_template.this[0]: Refreshing state... [id=lt-004f72271f3aa6d0c]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].aws_launch_template.this[0]: Refreshing state... [id=lt-088eb5d8738054516]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["two"].aws_eks_node_group.this[0]: Refreshing state... [id=education-eks-243246:node-group-2-20231023200651814800000019]�[0m
�[0m�[1mmodule.eks.module.eks_managed_node_group["one"].aws_eks_node_group.this[0]: Refreshing state... [id=education-eks-243246:node-group-1-20231023200651814700000017]�[0m
�[0m�[1mmodule.irsa-ebs-csi.aws_iam_role_policy_attachment.custom[0]: Refreshing state... [id=AmazonEKSTFEBSCSIRole-education-eks-243246-20231023200621687900000012]�[0m
�[0m�[1maws_eks_addon.ebs-csi: Refreshing state... [id=education-eks-243246:aws-ebs-csi-driver]�[0m
�[0m�[1mmodule.eks.kubernetes_config_map_v1_data.aws_auth[0]: Refreshing state... [id=kube-system/aws-auth]�[0m

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  �[33m~�[0m update in-place�[0m
�[32m+�[0m/�[31m-�[0m create replacement and then destroy�[0m
 �[36m<=�[0m read (data resources)�[0m

Terraform will perform the following actions:

�[1m  # module.eks.data.tls_certificate.this[0]�[0m will be read during apply
  # (depends on a resource or a module with changes pending)
�[0m �[36m<=�[0m�[0m data "tls_certificate" "this" {
      �[32m+�[0m�[0m certificates = (known after apply)
      �[32m+�[0m�[0m id           = (known after apply)
      �[32m+�[0m�[0m url          = "https://oidc.eks.us-east-1.amazonaws.com/id/88EFA4CC88D176ABC9202E400B06D199"
    }

�[1m  # module.eks.aws_eks_cluster.this[0]�[0m will be updated in-place
�[0m  �[33m~�[0m�[0m resource "aws_eks_cluster" "this" {
        id                        = "education-eks-243246"
        name                      = "education-eks-243246"
        tags                      = {}
      �[33m~�[0m�[0m version                   = "1.27" �[33m->�[0m�[0m "1.28"
        �[90m# (10 unchanged attributes hidden)�[0m�[0m

        �[90m# (4 unchanged blocks hidden)�[0m�[0m
    }

�[1m  # module.eks.aws_iam_openid_connect_provider.oidc_provider[0]�[0m will be updated in-place
�[0m  �[33m~�[0m�[0m resource "aws_iam_openid_connect_provider" "oidc_provider" {
        id              = "arn:aws:iam::0123456789:oidc-provider/oidc.eks.us-east-1.amazonaws.com/id/88EFA4CC88D176ABC9202E400B06D199"
        tags            = {
            "Name" = "education-eks-243246-eks-irsa"
        }
      �[33m~�[0m�[0m thumbprint_list = [
          �[31m-�[0m�[0m "9e99a48a9960b14926bb7f3b02e22da2b0ab7280",
          �[31m-�[0m�[0m "06b25927c42a721631c1efd9431e648fa62e1e39",
          �[31m-�[0m�[0m "414a2060b738c635cc7fc243e052615592830c53",
          �[31m-�[0m�[0m "aaa68bb211d468db8a8a19561ccba2e4043dcc80",
        ] -> (known after apply)
        �[90m# (4 unchanged attributes hidden)�[0m�[0m
    }

�[1m  # module.eks.kubernetes_config_map_v1_data.aws_auth[0]�[0m will be updated in-place
�[0m  �[33m~�[0m�[0m resource "kubernetes_config_map_v1_data" "aws_auth" {
      �[33m~�[0m�[0m data          = {
          �[33m~�[0m�[0m "mapRoles"    = <<-EOT
              �[31m-�[0m�[0m - groups:
              �[31m-�[0m�[0m   - system:bootstrappers
              �[31m-�[0m�[0m   - system:nodes
              �[31m-�[0m�[0m   rolearn: arn:aws:iam::0123456789:role/node-group-1-eks-node-group-20231023195635337100000001
              �[31m-�[0m�[0m   username: system:node:{{EC2PrivateDNSName}}
              �[31m-�[0m�[0m - groups:
              �[31m-�[0m�[0m   - system:bootstrappers
              �[31m-�[0m�[0m   - system:nodes
              �[31m-�[0m�[0m   rolearn: arn:aws:iam::0123456789:role/node-group-2-eks-node-group-20231023195635337400000002
              �[31m-�[0m�[0m   username: system:node:{{EC2PrivateDNSName}}
              �[32m+�[0m�[0m - "groups":
              �[32m+�[0m�[0m   - "system:bootstrappers"
              �[32m+�[0m�[0m   - "system:nodes"
              �[32m+�[0m�[0m   "rolearn": "arn:aws:iam::0123456789:role/node-group-1-eks-node-group-20231023195635337100000001"
              �[32m+�[0m�[0m   "username": "system:node:{{EC2PrivateDNSName}}"
              �[32m+�[0m�[0m - "groups":
              �[32m+�[0m�[0m   - "system:bootstrappers"
              �[32m+�[0m�[0m   - "system:nodes"
              �[32m+�[0m�[0m   "rolearn": "arn:aws:iam::0123456789:role/node-group-2-eks-node-group-20231023195635337400000002"
              �[32m+�[0m�[0m   "username": "system:node:{{EC2PrivateDNSName}}"
            EOT
          �[33m~�[0m�[0m "mapUsers"    = <<-EOT
              �[31m-�[0m�[0m - groups:
              �[31m-�[0m�[0m   - system:masters
              �[31m-�[0m�[0m   userarn: arn:aws:iam::0123456789:user/mytest
              �[31m-�[0m�[0m   username: mytest
              �[31m-�[0m�[0m - userarn: arn:aws:iam::0123456789:user/myreadonlytest
              �[31m-�[0m�[0m   username: discovery-read-only-user
              �[32m+�[0m�[0m - "groups":
              �[32m+�[0m�[0m   - "system:masters"
              �[32m+�[0m�[0m   "userarn": "arn:aws:iam::0123456789:user/mytest"
              �[32m+�[0m�[0m   "username": "mytest"
            EOT
            �[90m# (1 unchanged element hidden)�[0m�[0m
        }
        id            = "kube-system/aws-auth"
        �[90m# (2 unchanged attributes hidden)�[0m�[0m

        �[90m# (1 unchanged block hidden)�[0m�[0m
    }

�[1m  # module.eks.time_sleep.this[0]�[0m must be �[1m�[31mreplaced�[0m
�[0m�[32m+�[0m/�[31m-�[0m�[0m resource "time_sleep" "this" {
      �[33m~�[0m�[0m id              = "2023-10-23T20:06:50Z" -> (known after apply)
      �[33m~�[0m�[0m triggers        = { �[31m# forces replacement�[0m�[0m
          �[33m~�[0m�[0m "cluster_version"                    = "1.27" �[33m->�[0m�[0m "1.28"
            �[90m# (3 unchanged elements hidden)�[0m�[0m
        }
        �[90m# (1 unchanged attribute hidden)�[0m�[0m
    }

�[1m  # module.eks.module.eks_managed_node_group["one"].aws_eks_node_group.this[0]�[0m will be updated in-place
�[0m  �[33m~�[0m�[0m resource "aws_eks_node_group" "this" {
        id                     = "education-eks-243246:node-group-1-20231023200651814700000017"
        tags                   = {
            "Name" = "node-group-1"
        }
      �[33m~�[0m�[0m version                = "1.27" �[33m->�[0m�[0m "1.28"
        �[90m# (15 unchanged attributes hidden)�[0m�[0m

        �[90m# (4 unchanged blocks hidden)�[0m�[0m
    }

�[1m  # module.eks.module.eks_managed_node_group["two"].aws_eks_node_group.this[0]�[0m will be updated in-place
�[0m  �[33m~�[0m�[0m resource "aws_eks_node_group" "this" {
        id                     = "education-eks-243246:node-group-2-20231023200651814800000019"
        tags                   = {
            "Name" = "node-group-2"
        }
      �[33m~�[0m�[0m version                = "1.27" �[33m->�[0m�[0m "1.28"
        �[90m# (15 unchanged attributes hidden)�[0m�[0m

        �[90m# (4 unchanged blocks hidden)�[0m�[0m
    }

�[1mPlan:�[0m 1 to add, 5 to change, 1 to destroy.
�[0m�[90m
─────────────────────────────────────────────────────────────────────────────�[0m

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.


See also[edit]

Advertising: